Merge branch 'develop'

# Conflicts:
#	config/version.php

.all-contributorsrc

@@ -0,0 +1,898 @@
+{
+  "projectName": "snipe-it",
+  "projectOwner": "snipe",
+  "files": [
+    "README.md"
+  ],
+  "imageSize": 110,
+  "commit": true,
+  "contributors": [
+    {
+      "login": "snipe",
+      "name": "snipe",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/197404?v=3",
+      "profile": "http://www.snipe.net",
+      "contributions": [
+        "code",
+        "infra",
+        "doc",
+        "test",
+        "bug",
+        "design",
+        "review"
+      ]
+    },
+    {
+      "login": "uberbrady",
+      "name": "Brady Wetherington",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/36335?v=3",
+      "profile": "http://www.uberbrady.com",
+      "contributions": [
+        "code",
+        "doc",
+        "infra",
+        "review"
+      ]
+    },
+    {
+      "login": "dmeltzer",
+      "name": "Daniel Meltzer",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/3803132?v=3",
+      "profile": "https://github.com/dmeltzer",
+      "contributions": [
+        "code",
+        "test",
+        "doc"
+      ]
+    },
+    {
+      "login": "mtucker6784",
+      "name": "Michael T",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/1609106?v=3",
+      "profile": "http://www.tuckertechonline.com",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "madd15",
+      "name": "madd15",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/3274937?v=3",
+      "profile": "https://github.com/madd15",
+      "contributions": [
+        "doc",
+        "question"
+      ]
+    },
+    {
+      "login": "vsposato",
+      "name": "Vincent Sposato",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/894126?v=3",
+      "profile": "https://github.com/vsposato",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "vjandrea",
+      "name": "Andrea Bergamasco",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/1639757?v=3",
+      "profile": "https://github.com/vjandrea",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "kpawelski",
+      "name": "Karol",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/10640152?v=3",
+      "profile": "https://github.com/kpawelski",
+      "contributions": [
+        "translation",
+        "code"
+      ]
+    },
+    {
+      "login": "morph027",
+      "name": "morph027",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/600106?v=3",
+      "profile": "http://blog.morph027.de/",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "fvleminckx",
+      "name": "fvleminckx",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/22935755?v=3",
+      "profile": "https://github.com/fvleminckx",
+      "contributions": [
+        "infra"
+      ]
+    },
+    {
+      "login": "itsupportcmsukorg",
+      "name": "itsupportcmsukorg",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/15633547?v=3",
+      "profile": "https://github.com/itsupportcmsukorg",
+      "contributions": [
+        "code",
+        "bug"
+      ]
+    },
+    {
+      "login": "base-zero",
+      "name": "Frank",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/12373799?v=3",
+      "profile": "https://override.io",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "ghost",
+      "name": "Deleted user",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/10137?v=3",
+      "profile": "https://github.com/ghost",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "tiagom62",
+      "name": "tiagom62",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/10802313?v=3",
+      "profile": "https://github.com/tiagom62",
+      "contributions": [
+        "code",
+        "infra"
+      ]
+    },
+    {
+      "login": "rystaf",
+      "name": "Ryan Stafford",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/2389047?v=3",
+      "profile": "https://github.com/rystaf",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "ehanlon",
+      "name": "Eammon Hanlon",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/10345935?v=3",
+      "profile": "https://github.com/ehanlon",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "zjean",
+      "name": "zjean",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/441924?v=3",
+      "profile": "https://github.com/zjean",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "FREImedia",
+      "name": "Matthias Frei",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/12660103?v=3",
+      "profile": "http://www.frei.media",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "opsydev",
+      "name": "opsydev",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/3767518?v=3",
+      "profile": "https://github.com/opsydev",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "ddreier",
+      "name": "Daniel Dreier",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/82290?v=3",
+      "profile": "http://www.ddreier.com",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "rassie",
+      "name": "Nikolai Prokoschenko",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/23448?v=3",
+      "profile": "http://rassie.org",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "YetAnotherCodeMonkey",
+      "name": "Drew",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/13452757?v=3",
+      "profile": "https://github.com/YetAnotherCodeMonkey",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "merid14",
+      "name": "Walter",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/1342320?v=3",
+      "profile": "https://github.com/merid14",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "balous",
+      "name": "Petr Baloun",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/11254614?v=3",
+      "profile": "https://github.com/balous",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "reidblomquist",
+      "name": "reidblomquist",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/6117660?v=3",
+      "profile": "https://github.com/reidblomquist",
+      "contributions": [
+        "doc"
+      ]
+    },
+    {
+      "login": "mathieuk",
+      "name": "Mathieu Kooiman",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/539914?v=3",
+      "profile": "https://github.com/mathieuk",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "csayre",
+      "name": "csayre",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/6606421?v=3",
+      "profile": "https://github.com/csayre",
+      "contributions": [
+        "doc"
+      ]
+    },
+    {
+      "login": "adamdunson",
+      "name": "Adam Dunson",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/768488?v=3",
+      "profile": "https://github.com/adamdunson",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "thehereward",
+      "name": "Hereward",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/5547470?v=3",
+      "profile": "https://github.com/thehereward",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "swoopdk",
+      "name": "swoopdk",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/5802977?v=3",
+      "profile": "https://github.com/swoopdk",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "Ahimta",
+      "name": "Abdullah Alansari",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/3470403?v=3",
+      "profile": "https://linkedin.com/in/ahimta",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "MicaelRodrigues",
+      "name": "Micael Rodrigues",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/796443?v=3",
+      "profile": "https://github.com/MicaelRodrigues",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "patgmac",
+      "name": "Patrick Gallagher",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/614564?v=3",
+      "profile": "http://macadmincorner.com",
+      "contributions": [
+        "doc"
+      ]
+    },
+    {
+      "login": "Miliamber",
+      "name": "Miliamber",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/7165922?v=3",
+      "profile": "https://github.com/Miliamber",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "hawk554",
+      "name": "hawk554",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/861766?v=3",
+      "profile": "https://github.com/hawk554",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "jbirdkerr",
+      "name": "Justin Kerr",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/1695622?v=3",
+      "profile": "http://jbirdkerr.net",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "irasnyd",
+      "name": "Ira W. Snyder",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/11426176?v=3",
+      "profile": "http://www.irasnyder.com/devel/",
+      "contributions": [
+        "doc"
+      ]
+    },
+    {
+      "login": "aalaily",
+      "name": "Aladin Alaily",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/2475759?v=3",
+      "profile": "https://github.com/aalaily",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "kobie-chasehansen",
+      "name": "Chase Hansen",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/10247644?v=3",
+      "profile": "https://github.com/kobie-chasehansen",
+      "contributions": [
+        "code",
+        "question",
+        "bug"
+      ]
+    },
+    {
+      "login": "IDM-Helpdesk",
+      "name": "IDM Helpdesk",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/13545400?v=3",
+      "profile": "https://github.com/IDM-Helpdesk",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "balticer",
+      "name": "Kai",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/614439?v=3",
+      "profile": "http://balticer.de",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "mdaniels5757",
+      "name": "Michael Daniels",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/8762511?v=3",
+      "profile": "http://www.michaeldaniels.me",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "tomcastleman",
+      "name": "Tom Castleman",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/1532660?v=3",
+      "profile": "http://tomcastleman.me",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "DanielNemanic",
+      "name": "Daniel Nemanic",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/10723243?v=3",
+      "profile": "https://github.com/DanielNemanic",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "southwolf",
+      "name": "SouthWolf",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/150648?v=3",
+      "profile": "https://github.com/southwolf",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "ivarne",
+      "name": "Ivar Nesje",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/131616?v=3",
+      "profile": "https://github.com/ivarne",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "j0k3r",
+      "name": "Jérémy Benoist",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/62333?v=3",
+      "profile": "http://www.j0k3r.net",
+      "contributions": [
+        "doc"
+      ]
+    },
+    {
+      "login": "cleathley",
+      "name": "Chris Leathley",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/724344?v=3",
+      "profile": "https://github.com/cleathley",
+      "contributions": [
+        "infra"
+      ]
+    },
+    {
+      "login": "splaer",
+      "name": "splaer",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/972498?v=3",
+      "profile": "https://github.com/splaer",
+      "contributions": [
+        "bug",
+        "code"
+      ]
+    },
+    {
+      "login": "svpernova09",
+      "name": "Joe Ferguson",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/967362?v=3",
+      "profile": "http://www.joeferguson.me",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "diwanicki",
+      "name": "diwanicki",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/6108682?v=3",
+      "profile": "https://github.com/diwanicki",
+      "contributions": [
+        "code",
+        "doc"
+      ]
+    },
+    {
+      "login": "pakkua80",
+      "name": "Lee Thoong Ching",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/2527115?v=3",
+      "profile": "https://github.com/pakkua80",
+      "contributions": [
+        "doc",
+        "code"
+      ]
+    },
+    {
+      "login": "mrshu",
+      "name": "Marek Šuppa",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/461491?v=3",
+      "profile": "http://shu.io",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "mizar1616",
+      "name": "Juan J. Martinez",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/8693762?v=3",
+      "profile": "https://github.com/mizar1616",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "rrdial",
+      "name": "R Ryan Dial",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/1458388?v=3",
+      "profile": "https://github.com/rrdial",
+      "contributions": [
+        "translation"
+      ]
+    },
+    {
+      "login": "burlito",
+      "name": "Andrej Manduch",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/2871745?v=3",
+      "profile": "https://github.com/burlito",
+      "contributions": [
+        "doc"
+      ]
+    },
+    {
+      "login": "technogenus",
+      "name": "Jay Richards",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/8341172?v=3",
+      "profile": "http://www.cordeos.com",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "leostat",
+      "name": "Alexander Innes",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/7295127?v=3",
+      "profile": "https://necurity.co.uk",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "buzzedword",
+      "name": "Danny Garcia",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/334485?v=3",
+      "profile": "https://buzzedword.codes",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "archpoint",
+      "name": "archpoint",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/366855?v=3",
+      "profile": "https://github.com/archpoint",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "jakemcgraw",
+      "name": "Jake McGraw",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/67991?v=3",
+      "profile": "http://www.jakemcgraw.com",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "FleischKarussel",
+      "name": "FleischKarussel",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/1714374?v=3",
+      "profile": "https://github.com/FleischKarussel",
+      "contributions": [
+        "doc"
+      ]
+    },
+    {
+      "login": "feeva",
+      "name": "Dylan Yi",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/319644?v=3",
+      "profile": "https://github.com/feeva",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "flashingcursor",
+      "name": "Gil Rutkowski",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/857740?v=3",
+      "profile": "http://FlashingCursor.com",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "desmondmorris",
+      "name": "Desmond Morris",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/129360?v=3",
+      "profile": "http://www.desmondmorris.com",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "peelman",
+      "name": "Nick Peelman",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/52936?v=3",
+      "profile": "http://peelman.us",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "abrahamvegh",
+      "name": "Abraham Vegh",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/53161?v=3",
+      "profile": "https://abrahamvegh.com",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "rashivkp",
+      "name": "Mohamed Rashid",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/2818680?v=3",
+      "profile": "https://github.com/rashivkp",
+      "contributions": [
+        "doc"
+      ]
+    },
+    {
+      "login": "HinchK",
+      "name": "Kasey",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/1509456?v=3",
+      "profile": "http://hinchk.github.io",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "BrettFagerlund",
+      "name": "Brett",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/10522541?v=3",
+      "profile": "https://github.com/BrettFagerlund",
+      "contributions": [
+        "test"
+      ]
+    },
+    {
+      "login": "jasonspriggs",
+      "name": "Jason Spriggs",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/16108587?v=3",
+      "profile": "http://jasonspriggs.com",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "n8felton",
+      "name": "Nate Felton",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/1134568?v=3",
+      "profile": "http://n8felton.wordpress.com",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "manassesferreira",
+      "name": "Manasses Ferreira",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/14036694?v=3",
+      "profile": "http://homepages.dcc.ufmg.br/~manassesferreira",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "steveelwood",
+      "name": "Steve",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/15913949?v=3",
+      "profile": "https://github.com/steveelwood",
+      "contributions": [
+        "test"
+      ]
+    },
+    {
+      "login": "matc",
+      "name": "matc",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/3361683?v=3",
+      "profile": "http://twitter.com/matc",
+      "contributions": [
+        "test"
+      ]
+    },
+    {
+      "login": "VanillaNinjaD",
+      "name": "Cole R. Davis",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/7405702?v=3",
+      "profile": "http://www.davisracingteam.com",
+      "contributions": [
+        "test"
+      ]
+    },
+    {
+      "login": "gibsonjoshua55",
+      "name": "gibsonjoshua55",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/10167681?v=3",
+      "profile": "https://github.com/gibsonjoshua55",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "zwerch",
+      "name": "Robin Temme",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/2809241?v=4",
+      "profile": "https://github.com/zwerch",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "imanghafoori1",
+      "name": "Iman",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/6961695?v=4",
+      "profile": "https://github.com/imanghafoori1",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "richardhofman6",
+      "name": "Richard Hofman",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/6551003?v=4",
+      "profile": "https://github.com/richardhofman6",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "gizzmojr",
+      "name": "gizzmojr",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/3697569?v=4",
+      "profile": "https://github.com/gizzmojr",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "imjennyli",
+      "name": "Jenny Li",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/404729?v=4",
+      "profile": "https://github.com/imjennyli",
+      "contributions": [
+        "doc"
+      ]
+    },
+    {
+      "login": "GeoffYoung",
+      "name": "Geoff Young",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/869227?v=4",
+      "profile": "https://github.com/GeoffYoung",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "BlueHatbRit",
+      "name": "Elliot Blackburn",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/1068477?v=4",
+      "profile": "http://www.elliotblackburn.com",
+      "contributions": [
+        "doc"
+      ]
+    },
+    {
+      "login": "TonisOrmisson",
+      "name": "Tõnis Ormisson",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/6357451?v=4",
+      "profile": "http://andmemasin.eu",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "thakilla",
+      "name": "Nicolai Essig",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/449411?v=4",
+      "profile": "http://www.nicolai-essig.de",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "techincolor",
+      "name": "Danielle",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/14809698?v=4",
+      "profile": "https://github.com/techincolor",
+      "contributions": [
+        "doc"
+      ]
+    },
+    {
+      "login": "TheVakman",
+      "name": "Lawrence",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/18545156?v=4",
+      "profile": "https://github.com/TheVakman",
+      "contributions": [
+        "test",
+        "bug"
+      ]
+    },
+    {
+      "login": "uknzaeinozpas",
+      "name": "uknzaeinozpas",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/22473767?v=4",
+      "profile": "https://github.com/uknzaeinozpas",
+      "contributions": [
+        "test",
+        "code"
+      ]
+    },
+    {
+      "login": "Gelob",
+      "name": "Ryan",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/422752?v=4",
+      "profile": "https://github.com/Gelob",
+      "contributions": [
+        "doc"
+      ]
+    },
+    {
+      "login": "vcordes79",
+      "name": "vcordes79",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/10672546?v=4",
+      "profile": "https://github.com/vcordes79",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "fordster78",
+      "name": "fordster78",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/27958330?v=4",
+      "profile": "https://github.com/fordster78",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "CronKz",
+      "name": "CronKz",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/34064225?v=4",
+      "profile": "https://github.com/CronKz",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "tdb",
+      "name": "Tim Bishop",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/585486?v=4",
+      "profile": "https://github.com/tdb",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "seanmcilvenna",
+      "name": "Sean McIlvenna",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/5384694?v=4",
+      "profile": "https://www.seanmcilvenna.com",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "cepacs",
+      "name": "cepacs",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/36515590?v=4",
+      "profile": "https://github.com/cepacs",
+      "contributions": [
+        "bug",
+        "doc"
+      ]
+    }
+  ]
+}

.env.example

@@ -8,17 +8,18 @@ APP_URL=null
 APP_TIMEZONE='UTC'
 APP_LOCALE=en
 
-
 # --------------------------------------------
 # REQUIRED: DATABASE SETTINGS
 # --------------------------------------------
 DB_CONNECTION=mysql
-DB_HOST=localhost
+DB_HOST=127.0.0.1
 DB_DATABASE=null
 DB_USERNAME=null
 DB_PASSWORD=null
 DB_PREFIX=null
 DB_DUMP_PATH='/usr/bin'
+DB_CHARSET=utf8mb4
+DB_COLLATION=utf8mb4_unicode_ci
 
 # --------------------------------------------
 # OPTIONAL: SSL DATABASE SETTINGS
@@ -29,7 +30,6 @@ DB_SSL_CERT_PATH=null
 DB_SSL_CA_PATH=null
 DB_SSL_CIPHER=null
 
-
 # --------------------------------------------
 # REQUIRED: OUTGOING MAIL SERVER SETTINGS
 # --------------------------------------------
@@ -44,14 +44,12 @@ MAIL_FROM_NAME='Snipe-IT'
 MAIL_REPLYTO_ADDR=you@example.com
 MAIL_REPLYTO_NAME='Snipe-IT'
 
-
 # --------------------------------------------
 # REQUIRED: IMAGE LIBRARY
 # This should be gd or imagick
 # --------------------------------------------
 IMAGE_LIB=gd
 
-
 # --------------------------------------------
 # OPTIONAL: SESSION SETTINGS
 # --------------------------------------------
@@ -62,6 +60,11 @@ COOKIE_NAME=snipeit_session
 COOKIE_DOMAIN=null
 SECURE_COOKIES=false
 
+# --------------------------------------------
+# OPTIONAL: SECURITY HEADER SETTINGS
+# --------------------------------------------
+REFERRER_POLICY=same-origin
+ENABLE_CSP=false
 
 # --------------------------------------------
 # OPTIONAL: CACHE SETTINGS
@@ -70,6 +73,12 @@ CACHE_DRIVER=file
 SESSION_DRIVER=file
 QUEUE_DRIVER=sync
 
+# --------------------------------------------
+# OPTIONAL: REDIS SETTINGS
+# --------------------------------------------
+REDIS_HOST=null
+REDIS_PASSWORD=null
+REDIS_PORT-null
 
 # --------------------------------------------
 # OPTIONAL: AWS S3 SETTINGS
@@ -89,7 +98,11 @@ LOGIN_LOCKOUT_DURATION=60
 # OPTIONAL: MISC
 # --------------------------------------------
 APP_LOG=single
+APP_LOG_MAX_FILES=10
 APP_LOCKED=false
 FILESYSTEM_DISK=local
 APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1
 ALLOW_IFRAMING=false
+APP_CIPHER=AES-256-CBC
+GOOGLE_MAPS_API=
+BACKUP_ENV=true

.env.testing

@@ -3,7 +3,7 @@
 # --------------------------------------------
 APP_ENV=testing
 APP_DEBUG=true
-APP_KEY=ChangeMe
+APP_KEY=base64:glJpcM7BYwWiBggp3SQ/+NlRkqsBQMaGEOjemXqJzOU=
 APP_URL=http://localhost:8000
 APP_TIMEZONE='US/Pacific'
 APP_LOCALE=en
@@ -21,7 +21,7 @@ DB_PASSWORD=null
 # --------------------------------------------
 # REQUIRED: OUTGOING MAIL SERVER SETTINGS
 # --------------------------------------------
-MAIL_DRIVER=smtp
+MAIL_DRIVER=log
 MAIL_HOST=email-smtp.us-west-2.amazonaws.com
 MAIL_PORT=587
 MAIL_USERNAME=YOURUSERNAME
@@ -69,3 +69,4 @@ SECURE_COOKIES=false
 # OPTIONAL: APP LOG FORMAT
 # --------------------------------------------
 APP_LOG=single
+APP_LOG_LEVEL=debug

.env.testing-ci

@@ -15,13 +15,13 @@ FILESYSTEM_DISK=local
 DB_CONNECTION=mysql
 DB_HOST=localhost
 DB_DATABASE=snipeit_unit
-DB_USERNAME=travis
+DB_USERNAME=root
 DB_PASSWORD=null
 
 # --------------------------------------------
 # REQUIRED: OUTGOING MAIL SERVER SETTINGS
 # --------------------------------------------
-MAIL_DRIVER=smtp
+MAIL_DRIVER=log
 MAIL_HOST=email-smtp.us-west-2.amazonaws.com
 MAIL_PORT=587
 MAIL_USERNAME=YOURUSERNAME

.env.tests

@@ -1,9 +1,22 @@
-APP_ENV=local
+APP_ENV=testing
 APP_DEBUG=true
 APP_URL=http://snipe-it.localapp
 DB_CONNECTION=mysql
+DB_DEFAULT=mysql
 DB_HOST=localhost
 DB_DATABASE=snipeittests
 DB_USERNAME=snipeit
 DB_PASSWORD=snipe
 APP_KEY=base64:tu9NRh/a6+dCXBDGvg0Gv/0TcABnFsbT4AKxrr8mwQo=
+
+
+# --------------------------------------------
+# OPTIONAL: LOGIN THROTTLING
+# (LOGIN_LOCKOUT_DURATIONin minutes)
+# --------------------------------------------
+LOGIN_MAX_ATTEMPTS=1000000
+LOGIN_LOCKOUT_DURATION=100000000
+
+MAIL_DRIVER=log
+MAIL_FROM_ADDR=you@example.com
+MAIL_FROM_NAME=Snipe-IT

.env.unit-tests

@@ -0,0 +1,19 @@
+APP_ENV=testing
+APP_DEBUG=true
+APP_URL=http://snipe-it.localapp
+DB_CONNECTION=sqlite_testing
+DB_DEFAULT=sqlite_testing
+DB_HOST=localhost
+APP_KEY=base64:tu9NRh/a6+dCXBDGvg0Gv/0TcABnFsbT4AKxrr8mwQo=
+
+
+# --------------------------------------------
+# OPTIONAL: LOGIN THROTTLING
+# (LOGIN_LOCKOUT_DURATIONin minutes)
+# --------------------------------------------
+LOGIN_MAX_ATTEMPTS=1000000
+LOGIN_LOCKOUT_DURATION=100000000
+
+MAIL_DRIVER=log
+MAIL_FROM_ADDR=you@example.com
+MAIL_FROM_NAME=Snipe-IT

.github/CODEOWNERS

@@ -0,0 +1,22 @@
+# Code ownership for pull request reviews, per
+# the feature detailed here:
+
+# https://github.com/blog/2392-introducing-code-owners
+# https://help.github.com/articles/about-codeowners/
+
+# These owners will be the default owners for everything in the repo.
+* @snipe
+
+# Order is important. The last matching pattern has the most precedence.
+# So if a pull request only touches javascript files, only these owners
+# will be requested to review.
+
+# For example:
+#  *.js    @octocat @github/js
+
+
+app/Importer/*  @dmeltzer
+app/Http/Controllers/CustomFields* @uberbrady
+app/Http/Controllers/Api/CustomFields* @uberbrady
+resources/views/custom_fields/* @uberbrady
+docker/* @uberbrady

.github/ISSUE_TEMPLATE.md

@@ -12,20 +12,27 @@
 
 #### Please confirm you have done the following before posting your bug report:
 
-- [ ] I have enabled debug mode
+- [ ] I have enabled debug mode 
 - [ ] I have read [checked the Common Issues page](https://snipe-it.readme.io/docs/common-issues)
 
 -----
-#### Please provide answers to these questions before posting your bug report:
+#### Provide answers to these questions:
 
+- Is this a fresh install or an upgrade? 
 - Version of Snipe-IT you're running
+- Version of PHP you're running
+- Version of MySQL/MariaDB you're running
 - What OS and web server you're running Snipe-IT on
 - What method you used to install Snipe-IT (install.sh, manual installation, docker, etc)
 - WITH DEBUG TURNED ON, if you're getting an error in your browser, include that error
 - What specific Snipe-IT page you're on, and what specific element you're interacting with to trigger the error
 - If a stacktrace is provided in the error, include that too.
 - Any errors that appear in your browser's error console.
-- Confirm whether the error is [reproduceable on the demo](https://snipeitapp.com/demo).
-- Include any additional information you can find in `app/storage/logs` and your webserver's logs.
+- Confirm whether the error is reproducible on the demo: https://snipeitapp.com/demo.
+- Include any additional information you can find in `storage/logs` and your webserver's logs.
 - Include what you've done so far in the installation, and if you got any error messages along the way.
 - Indicate whether or not you've manually edited any data directly in the database
+
+Please do not post an issue without answering the related questions above. If you have opened a different issue and already answered these questions, answer them again, once for every ticket. It will be next to impossible for us to help you.
+
+https://snipe-it.readme.io/docs/getting-help

.github/stale.yml

@@ -0,0 +1,20 @@
+# Number of days of inactivity before an issue becomes stale
+daysUntilStale: 60
+# Number of days of inactivity before a stale issue is closed
+daysUntilClose: 7
+# Issues with these labels will never be considered stale
+exemptLabels:
+  - pinned
+  - security
+  - :woman_technologist: ready for dev
+  - :moneybag: bounty
+  - :hand: bug
+# Label to use when marking an issue as stale
+staleLabel: stale
+# Comment to post when marking an issue as stale. Set to `false` to disable
+markComment: >
+  This issue has been automatically marked as stale because it has not had
+  recent activity. It will be closed if no further activity occurs. Thank you
+  for your contributions!
+# Comment to post when closing a stale issue. Set to `false` to disable
+closeComment: false

.github/travis-memory.ini

@@ -0,0 +1 @@
+memory_limit= 2048M

.gitignore

@@ -27,8 +27,16 @@ public/uploads/logo.png
 public/uploads/logo.svg
 public/uploads/models/*
 public/uploads/suppliers/*
+public/uploads/accessories/*
+public/uploads/locations/*
+public/uploads/manufacturers/*
+public/uploads/components/*
+public/uploads/consumables/*
+public/uploads/companies/*
+public/uploads/categories/*
 public/uploads/users/*
 storage/app/private_uploads/users/*
+public/uploads/departments/*
 storage/debugbar/
 storage/dumps/*
 storage/laravel-backups
@@ -40,3 +48,5 @@ tests/_support/_generated/*
 /npm-debug.log
 /storage/oauth-private.key
 /storage/oauth-public.key
+
+*.cache

.travis.yml

@@ -1,4 +1,7 @@
 addons:
+    code_climate:
+      repo_token:
+        secure: "C/bUAEpwfZB82dkzI2Nxx3PW5w/BzbKkSyCkp6YjT046jD2/QKvz6ngCFlt3tAWV11TXWFI6D8DzkMmdWOrQl3SGlPZXRD8QOvCiz0HiGMDvlxjAaPaQecGaQZdx/H4m6xTUXRNUVaYmxlMgkkFCWhAp+HZDs0iyOEVamp0Jszg="
     hosts:
         - localhost
 sudo: false
@@ -6,26 +9,36 @@ sudo: false
 # see http://about.travis-ci.org/docs/user/languages/php/ for more hints
 language: php
 
+services:
+  - mysql
+
 # list any PHP version you want to test against
 php:
   - 5.6
   - 7.0
+  # - 7.2 DISABLE Temporarily until we fix the count(null) bugs
+  - 7.1.4
 
 # execute any number of scripts before the test run, custom env's are available as variables
 before_script:
+  - phpenv config-add .github/travis-memory.ini
   - phantomjs --webdriver=4444  &
-  - sleep 10
-  - mysql -e "create database IF NOT EXISTS snipeit_unit;" -utravis
+  - sleep 4
+  - mysql -e 'CREATE DATABASE snipeit_unit;'
+  - mysql -e 'CREATE USER "travis'@'localhost";'
+  - mysql -e 'GRANT ALL PRIVILEGES ON * . * TO "travis'@'localhost";'
+  - mysql -e 'FLUSH PRIVILEGES;'
   - composer self-update
   - composer install -n --prefer-source
-  - cp .env.testing-ci .env
   - chmod -R 777 storage
-  - php artisan migrate --database=mysql --force
+  - php artisan migrate --env=testing-ci --database=mysql --force
   - ./vendor/bin/codecept build
-  - php artisan key:generate
-  - php artisan db:seed --database=mysql --force
-  - php artisan snipeit:create-admin --first_name=Alison --last_name=Foobar --email=me@example.com --username=snipe --password=password
-  - php artisan serve --port=8000 --host=localhost &
+  - php artisan --env=testing-ci key:generate 
+  - php artisan --env=testing-ci snipeit:travisci-install
+  - php artisan --env=testing-ci db:seed --database=mysql --force
+  - php artisan --env=testing-ci snipeit:create-admin --first_name=Alison --last_name=Foobar --email=me@example.com --username=snipe --password=password
+  - php artisan --env=testing-ci passport:install
+  - php artisan serve --env=testing-ci --port=8000 --host=localhost &
   - sleep 5
   - pip install --user codecov
   - sleep 5
@@ -34,16 +47,24 @@ before_script:
 
 # omitting "script:" will default to phpunit
 # use the $DB env variable to determine the phpunit.xml to use
-# script: ./vendor/bin/codecept run --env testing-ci - broken :(
-script: ./vendor/bin/codecept run unit --env testing-ci
-#script: ./vendor/bin/codecept run
+# script: ./vendor/bin/codecept run --env testing-ci
+script:
+  - ./vendor/bin/codecept run unit
+#  - ./vendor/bin/codecept run acceptance --env=testing-ci
+  - ./vendor/bin/codecept run functional --env=functional-travis -g func1
+  - ./vendor/bin/codecept run functional --env=functional-travis -g func2
+  - ./vendor/bin/codecept run api --env=functional-travis
+
+after_script:
+  - vendor/bin/test-reporter
 
 after_success:
   - codecov
 
 after_failure:
-  - cat tests/_output/AccessoriesCept.fail.html
+  - cat tests/_output/*.fail.html
   - curl http://localhost:8000/login
+  - cat storage/logs/laravel.log
 
 # configure notifications (email, IRC, campfire etc)
 notifications:

CODE_OF_CONDUCT.md

@@ -55,7 +55,7 @@ further defined and clarified by project maintainers.
 ## Enforcement
 
 Instances of abusive, harassing, or otherwise unacceptable behavior may be
-reported by contacting the project team at [INSERT EMAIL ADDRESS]. All
+reported by contacting the project team at abuse@snipeitapp.com. All
 complaints will be reviewed and investigated and will result in a response that
 is deemed necessary and appropriate to the circumstances. The project team is
 obligated to maintain confidentiality with regard to the reporter of an incident.

CONTRIBUTING.md

@@ -0,0 +1,6 @@
+### Contributing
+
+Please see the documentation on [contributing and developing for Snipe-IT](https://snipe-it.readme.io/docs/contributing-overview).
+
+
+Please note that this project is released with a [Contributor Code of Conduct](CODE_OF_CONDUCT.md). By participating in this project you agree to abide by its terms.

Dockerfile

@@ -1,27 +1,35 @@
-FROM ubuntu:trusty
+FROM ubuntu:xenial
 MAINTAINER Brady Wetherington <uberbrady@gmail.com>
 
 RUN apt-get update && apt-get install -y \
+apache2 \
 apache2-bin \
-libapache2-mod-php5 \
-php5-curl \
-php5-ldap \
-php5-mysql \
-php5-mcrypt \
-php5-gd \
+libapache2-mod-php7.0 \
+php7.0-curl \
+php7.0-ldap \
+php7.0-mysql \
+php7.0-mcrypt \
+php7.0-gd \
+php7.0-xml \
+php7.0-mbstring \
+php7.0-zip \
+php7.0-bcmath \
 patch \
 curl \
 vim \
 git \
-mysql-client
+mysql-client \
+&& apt-get clean \
+&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
 
-RUN php5enmod mcrypt
-RUN php5enmod gd
+RUN phpenmod mcrypt
+RUN phpenmod gd
+RUN phpenmod bcmath
 
-RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php5/apache2/php.ini
-RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php5/cli/php.ini
+RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php/7.0/apache2/php.ini
+RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php/7.0/cli/php.ini
 
-RUN useradd --uid 1000 --gid 50 docker
+RUN useradd -m --uid 1000 --gid 50 docker
 
 RUN echo export APACHE_RUN_USER=docker >> /etc/apache2/envvars
 RUN echo export APACHE_RUN_GROUP=staff >> /etc/apache2/envvars
@@ -55,7 +63,6 @@ RUN chown -R docker /var/www/html
 
 RUN \
 	rm -r "/var/www/html/storage/private_uploads" && ln -fs "/var/lib/snipeit/data/private_uploads" "/var/www/html/storage/private_uploads" \
-      && mkdir -p "/var/lib/snipeit/data/uploads/{assets,avatars,barcodes,models,suppliers}" \
       && rm -rf "/var/www/html/public/uploads" && ln -fs "/var/lib/snipeit/data/uploads" "/var/www/html/public/uploads" \
       && rm -r "/var/www/html/storage/app/backups" && ln -fs "/var/lib/snipeit/dumps" "/var/www/html/storage/app/backups"
 
@@ -65,7 +72,9 @@ RUN \
 RUN cd /tmp;curl -sS https://getcomposer.org/installer | php;mv /tmp/composer.phar /usr/local/bin/composer
 
 # Get dependencies
-RUN cd /var/www/html;composer install
+USER docker
+RUN cd /var/www/html;composer install && rm -rf /home/docker/.composer/cache
+USER root
 
 ############### APPLICATION INSTALL/INIT #################
 
@@ -85,7 +94,13 @@ VOLUME ["/var/lib/snipeit"]
 COPY docker/entrypoint.sh /entrypoint.sh
 RUN chmod +x /entrypoint.sh
 
-ENTRYPOINT ["/entrypoint.sh"]
+# Add Tini
+ENV TINI_VERSION v0.14.0
+ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /tini
+RUN chmod +x /tini
+ENTRYPOINT ["/tini", "--"]
+
+CMD ["/entrypoint.sh"]
 
 EXPOSE 80
 EXPOSE 443

README.md

@@ -1,11 +1,12 @@
-[![Build Status](https://travis-ci.org/snipe/snipe-it.svg?branch=develop)](https://travis-ci.org/snipe/snipe-it) [![Stories in Ready](https://badge.waffle.io/snipe/snipe-it.png?label=ready+for+dev&title=Ready+for+development)](http://waffle.io/snipe/snipe-it) [![Maintenance](https://img.shields.io/maintenance/yes/2016.svg)]() [![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.png)](https://crowdin.com/project/snipe-it) [![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/snipe/snipe-it?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeyhead.svg?style=social)](https://twitter.com/snipeyhead) [![Zenhub](https://raw.githubusercontent.com/ZenHubIO/support/master/zenhub-badge.png)](https://zenhub.io) [![Codacy Badge](https://api.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://www.codacy.com/app/snipe/snipe-it?utm_source=github.com&utm_medium=referral&utm_content=snipe/snipe-it&utm_campaign=Badge_Grade)
+[![Build Status](https://travis-ci.org/snipe/snipe-it.svg?branch=master)](https://travis-ci.org/snipe/snipe-it) [![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.svg)](https://crowdin.com/project/snipe-it) [![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/snipe/snipe-it?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeyhead.svg?style=social)](https://twitter.com/snipeyhead)  [![Codacy Badge](https://api.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://www.codacy.com/app/snipe/snipe-it?utm_source=github.com&utm_medium=referral&utm_content=snipe/snipe-it&utm_campaign=Badge_Grade)
+[![All Contributors](https://img.shields.io/badge/all_contributors-96-orange.svg?style=flat-square)](#contributors) [![Open Source Helpers](https://www.codetriage.com/snipe/snipe-it/badges/users.svg)](https://www.codetriage.com/snipe/snipe-it)
 
 
 ## Snipe-IT - Open Source Asset Management System
 
 This is a FOSS project for asset management in IT Operations. Knowing who has which laptop, when it was purchased in order to depreciate it correctly, handling software licenses, etc.
 
-It is built on [Laravel 5.2](http://laravel.com).
+It is built on [Laravel 5.4](http://laravel.com).
 
 Snipe-IT is actively developed and we're [releasing quite frequently](https://github.com/snipe/snipe-it/releases). ([Check out the live demo here](https://snipeitapp.com/demo/).)
 
@@ -21,12 +22,14 @@ If you're having trouble with the installation, please check the [Common Issues]
 
 -----
 ### User's Manual
-For help using Snipe-IT, check out the [user's manual](https://snipe-it-manual.readme.io/docs).
+For help using Snipe-IT, check out the [user's manual](https://snipe-it.readme.io/docs/overview).
 
 -----
 ### Bug Reports & Feature Requests
 
-Feel free to check out the [GitHub Issues for this project](https://github.com/snipe/snipe-it/issues) to open a bug report or see what open issues you can help with. Please search through existing issues (open and closed) to see if your question hasn't already been answered before opening a new issue.
+Feel free to check out the [GitHub Issues for this project](https://github.com/snipe/snipe-it/issues) to open a bug report or see what open issues you can help with. Please search through existing issues (open *and* closed) to see if your question has already been answered before opening a new issue.
+
+**PLEASE see the [Getting Help Guidelines](https://snipe-it.readme.io/docs/getting-help) and [Common Issues](https://snipe-it.readme.io/docs/common-issues) before opening a ticket, and be sure to complete all of the questions in the Github Issue template to help us to help you as quickly as possible.**
 
 -----
 
@@ -47,13 +50,53 @@ Please see the [translations documentation](https://snipe-it.readme.io/docs/tran
 
 -----
 
+### Libraries, Modules & Related Projects
+
+Since the release of the JSON REST API, several third-party developers have been developing modules and libraries to work with Snipe-IT.  
+
+- [Python Module](https://github.com/jbloomer/SnipeIT-PythonAPI) by [@jbloomer](https://github.com/jbloomer)
+- [SnipeSharp - .NET module in C#](https://github.com/barrycarey/SnipeSharp) by [@barrycarey](https://github.com/barrycarey)
+- [InQRy](https://github.com/Microsoft/InQRy) by [@Microsoft](https://github.com/Microsoft)
+
+As these were created by third-parties, Snipe-IT cannot provide support for these project, and you should contact the developers directly if you need assistance. Additionally, Snipe-IT makes no guarantees as to the reliability, accuracy or maintainability of these libraries. Use at your own risk. :) 
+
+-----
+
+### Contributors
+
+Thanks goes to all of these wonderful people ([emoji key](https://github.com/kentcdodds/all-contributors#emoji-key)) who have helped Snipe-IT get this far:
+
+<!-- ALL-CONTRIBUTORS-LIST:START - Do not remove or modify this section -->
+| [<img src="https://avatars3.githubusercontent.com/u/197404?v=3" width="110px;"/><br /><sub>snipe</sub>](http://www.snipe.net)<br />[💻](https://github.com/snipe/snipe-it/commits?author=snipe "Code") [🚇](#infra-snipe "Infrastructure (Hosting, Build-Tools, etc)") [📖](https://github.com/snipe/snipe-it/commits?author=snipe "Documentation") [⚠️](https://github.com/snipe/snipe-it/commits?author=snipe "Tests") [🐛](https://github.com/snipe/snipe-it/issues?q=author%3Asnipe "Bug reports") [🎨](#design-snipe "Design") [👀](#review-snipe "Reviewed Pull Requests") | [<img src="https://avatars0.githubusercontent.com/u/36335?v=3" width="110px;"/><br /><sub>Brady Wetherington</sub>](http://www.uberbrady.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=uberbrady "Code") [📖](https://github.com/snipe/snipe-it/commits?author=uberbrady "Documentation") [🚇](#infra-uberbrady "Infrastructure (Hosting, Build-Tools, etc)") [👀](#review-uberbrady "Reviewed Pull Requests") | [<img src="https://avatars0.githubusercontent.com/u/3803132?v=3" width="110px;"/><br /><sub>Daniel Meltzer</sub>](https://github.com/dmeltzer)<br />[💻](https://github.com/snipe/snipe-it/commits?author=dmeltzer "Code") [⚠️](https://github.com/snipe/snipe-it/commits?author=dmeltzer "Tests") [📖](https://github.com/snipe/snipe-it/commits?author=dmeltzer "Documentation") | [<img src="https://avatars0.githubusercontent.com/u/1609106?v=3" width="110px;"/><br /><sub>Michael T</sub>](http://www.tuckertechonline.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mtucker6784 "Code") | [<img src="https://avatars2.githubusercontent.com/u/3274937?v=3" width="110px;"/><br /><sub>madd15</sub>](https://github.com/madd15)<br />[📖](https://github.com/snipe/snipe-it/commits?author=madd15 "Documentation") [💬](#question-madd15 "Answering Questions") | [<img src="https://avatars2.githubusercontent.com/u/894126?v=3" width="110px;"/><br /><sub>Vincent Sposato</sub>](https://github.com/vsposato)<br />[💻](https://github.com/snipe/snipe-it/commits?author=vsposato "Code") | [<img src="https://avatars0.githubusercontent.com/u/1639757?v=3" width="110px;"/><br /><sub>Andrea Bergamasco</sub>](https://github.com/vjandrea)<br />[💻](https://github.com/snipe/snipe-it/commits?author=vjandrea "Code") |
+| :---: | :---: | :---: | :---: | :---: | :---: | :---: |
+| [<img src="https://avatars0.githubusercontent.com/u/10640152?v=3" width="110px;"/><br /><sub>Karol</sub>](https://github.com/kpawelski)<br />[🌍](#translation-kpawelski "Translation") [💻](https://github.com/snipe/snipe-it/commits?author=kpawelski "Code") | [<img src="https://avatars3.githubusercontent.com/u/600106?v=3" width="110px;"/><br /><sub>morph027</sub>](http://blog.morph027.de/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=morph027 "Code") | [<img src="https://avatars3.githubusercontent.com/u/22935755?v=3" width="110px;"/><br /><sub>fvleminckx</sub>](https://github.com/fvleminckx)<br />[🚇](#infra-fvleminckx "Infrastructure (Hosting, Build-Tools, etc)") | [<img src="https://avatars2.githubusercontent.com/u/15633547?v=3" width="110px;"/><br /><sub>itsupportcmsukorg</sub>](https://github.com/itsupportcmsukorg)<br />[💻](https://github.com/snipe/snipe-it/commits?author=itsupportcmsukorg "Code") [🐛](https://github.com/snipe/snipe-it/issues?q=author%3Aitsupportcmsukorg "Bug reports") | [<img src="https://avatars3.githubusercontent.com/u/12373799?v=3" width="110px;"/><br /><sub>Frank</sub>](https://override.io)<br />[💻](https://github.com/snipe/snipe-it/commits?author=base-zero "Code") | [<img src="https://avatars0.githubusercontent.com/u/10137?v=3" width="110px;"/><br /><sub>Deleted user</sub>](https://github.com/ghost)<br />[🌍](#translation-ghost "Translation") | [<img src="https://avatars1.githubusercontent.com/u/10802313?v=3" width="110px;"/><br /><sub>tiagom62</sub>](https://github.com/tiagom62)<br />[💻](https://github.com/snipe/snipe-it/commits?author=tiagom62 "Code") [🚇](#infra-tiagom62 "Infrastructure (Hosting, Build-Tools, etc)") |
+| [<img src="https://avatars3.githubusercontent.com/u/2389047?v=3" width="110px;"/><br /><sub>Ryan Stafford</sub>](https://github.com/rystaf)<br />[💻](https://github.com/snipe/snipe-it/commits?author=rystaf "Code") | [<img src="https://avatars2.githubusercontent.com/u/10345935?v=3" width="110px;"/><br /><sub>Eammon Hanlon</sub>](https://github.com/ehanlon)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ehanlon "Code") | [<img src="https://avatars0.githubusercontent.com/u/441924?v=3" width="110px;"/><br /><sub>zjean</sub>](https://github.com/zjean)<br />[💻](https://github.com/snipe/snipe-it/commits?author=zjean "Code") | [<img src="https://avatars0.githubusercontent.com/u/12660103?v=3" width="110px;"/><br /><sub>Matthias Frei</sub>](http://www.frei.media)<br />[💻](https://github.com/snipe/snipe-it/commits?author=FREImedia "Code") | [<img src="https://avatars0.githubusercontent.com/u/3767518?v=3" width="110px;"/><br /><sub>opsydev</sub>](https://github.com/opsydev)<br />[💻](https://github.com/snipe/snipe-it/commits?author=opsydev "Code") | [<img src="https://avatars1.githubusercontent.com/u/82290?v=3" width="110px;"/><br /><sub>Daniel Dreier</sub>](http://www.ddreier.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ddreier "Code") | [<img src="https://avatars0.githubusercontent.com/u/23448?v=3" width="110px;"/><br /><sub>Nikolai Prokoschenko</sub>](http://rassie.org)<br />[💻](https://github.com/snipe/snipe-it/commits?author=rassie "Code") |
+| [<img src="https://avatars0.githubusercontent.com/u/13452757?v=3" width="110px;"/><br /><sub>Drew</sub>](https://github.com/YetAnotherCodeMonkey)<br />[💻](https://github.com/snipe/snipe-it/commits?author=YetAnotherCodeMonkey "Code") | [<img src="https://avatars0.githubusercontent.com/u/1342320?v=3" width="110px;"/><br /><sub>Walter</sub>](https://github.com/merid14)<br />[💻](https://github.com/snipe/snipe-it/commits?author=merid14 "Code") | [<img src="https://avatars3.githubusercontent.com/u/11254614?v=3" width="110px;"/><br /><sub>Petr Baloun</sub>](https://github.com/balous)<br />[💻](https://github.com/snipe/snipe-it/commits?author=balous "Code") | [<img src="https://avatars0.githubusercontent.com/u/6117660?v=3" width="110px;"/><br /><sub>reidblomquist</sub>](https://github.com/reidblomquist)<br />[📖](https://github.com/snipe/snipe-it/commits?author=reidblomquist "Documentation") | [<img src="https://avatars0.githubusercontent.com/u/539914?v=3" width="110px;"/><br /><sub>Mathieu Kooiman</sub>](https://github.com/mathieuk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mathieuk "Code") | [<img src="https://avatars3.githubusercontent.com/u/6606421?v=3" width="110px;"/><br /><sub>csayre</sub>](https://github.com/csayre)<br />[📖](https://github.com/snipe/snipe-it/commits?author=csayre "Documentation") | [<img src="https://avatars1.githubusercontent.com/u/768488?v=3" width="110px;"/><br /><sub>Adam Dunson</sub>](https://github.com/adamdunson)<br />[💻](https://github.com/snipe/snipe-it/commits?author=adamdunson "Code") |
+| [<img src="https://avatars0.githubusercontent.com/u/5547470?v=3" width="110px;"/><br /><sub>Hereward</sub>](https://github.com/thehereward)<br />[💻](https://github.com/snipe/snipe-it/commits?author=thehereward "Code") | [<img src="https://avatars0.githubusercontent.com/u/5802977?v=3" width="110px;"/><br /><sub>swoopdk</sub>](https://github.com/swoopdk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=swoopdk "Code") | [<img src="https://avatars1.githubusercontent.com/u/3470403?v=3" width="110px;"/><br /><sub>Abdullah Alansari</sub>](https://linkedin.com/in/ahimta)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Ahimta "Code") | [<img src="https://avatars0.githubusercontent.com/u/796443?v=3" width="110px;"/><br /><sub>Micael Rodrigues</sub>](https://github.com/MicaelRodrigues)<br />[💻](https://github.com/snipe/snipe-it/commits?author=MicaelRodrigues "Code") | [<img src="https://avatars0.githubusercontent.com/u/614564?v=3" width="110px;"/><br /><sub>Patrick Gallagher</sub>](http://macadmincorner.com)<br />[📖](https://github.com/snipe/snipe-it/commits?author=patgmac "Documentation") | [<img src="https://avatars3.githubusercontent.com/u/7165922?v=3" width="110px;"/><br /><sub>Miliamber</sub>](https://github.com/Miliamber)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Miliamber "Code") | [<img src="https://avatars3.githubusercontent.com/u/861766?v=3" width="110px;"/><br /><sub>hawk554</sub>](https://github.com/hawk554)<br />[💻](https://github.com/snipe/snipe-it/commits?author=hawk554 "Code") |
+| [<img src="https://avatars1.githubusercontent.com/u/1695622?v=3" width="110px;"/><br /><sub>Justin Kerr</sub>](http://jbirdkerr.net)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jbirdkerr "Code") | [<img src="https://avatars3.githubusercontent.com/u/11426176?v=3" width="110px;"/><br /><sub>Ira W. Snyder</sub>](http://www.irasnyder.com/devel/)<br />[📖](https://github.com/snipe/snipe-it/commits?author=irasnyd "Documentation") | [<img src="https://avatars2.githubusercontent.com/u/2475759?v=3" width="110px;"/><br /><sub>Aladin Alaily</sub>](https://github.com/aalaily)<br />[💻](https://github.com/snipe/snipe-it/commits?author=aalaily "Code") | [<img src="https://avatars0.githubusercontent.com/u/10247644?v=3" width="110px;"/><br /><sub>Chase Hansen</sub>](https://github.com/kobie-chasehansen)<br />[💻](https://github.com/snipe/snipe-it/commits?author=kobie-chasehansen "Code") [💬](#question-kobie-chasehansen "Answering Questions") [🐛](https://github.com/snipe/snipe-it/issues?q=author%3Akobie-chasehansen "Bug reports") | [<img src="https://avatars2.githubusercontent.com/u/13545400?v=3" width="110px;"/><br /><sub>IDM Helpdesk</sub>](https://github.com/IDM-Helpdesk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=IDM-Helpdesk "Code") | [<img src="https://avatars2.githubusercontent.com/u/614439?v=3" width="110px;"/><br /><sub>Kai</sub>](http://balticer.de)<br />[💻](https://github.com/snipe/snipe-it/commits?author=balticer "Code") | [<img src="https://avatars1.githubusercontent.com/u/8762511?v=3" width="110px;"/><br /><sub>Michael Daniels</sub>](http://www.michaeldaniels.me)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mdaniels5757 "Code") |
+| [<img src="https://avatars3.githubusercontent.com/u/1532660?v=3" width="110px;"/><br /><sub>Tom Castleman</sub>](http://tomcastleman.me)<br />[💻](https://github.com/snipe/snipe-it/commits?author=tomcastleman "Code") | [<img src="https://avatars3.githubusercontent.com/u/10723243?v=3" width="110px;"/><br /><sub>Daniel Nemanic</sub>](https://github.com/DanielNemanic)<br />[💻](https://github.com/snipe/snipe-it/commits?author=DanielNemanic "Code") | [<img src="https://avatars0.githubusercontent.com/u/150648?v=3" width="110px;"/><br /><sub>SouthWolf</sub>](https://github.com/southwolf)<br />[💻](https://github.com/snipe/snipe-it/commits?author=southwolf "Code") | [<img src="https://avatars2.githubusercontent.com/u/131616?v=3" width="110px;"/><br /><sub>Ivar Nesje</sub>](https://github.com/ivarne)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ivarne "Code") | [<img src="https://avatars1.githubusercontent.com/u/62333?v=3" width="110px;"/><br /><sub>Jérémy Benoist</sub>](http://www.j0k3r.net)<br />[📖](https://github.com/snipe/snipe-it/commits?author=j0k3r "Documentation") | [<img src="https://avatars2.githubusercontent.com/u/724344?v=3" width="110px;"/><br /><sub>Chris Leathley</sub>](https://github.com/cleathley)<br />[🚇](#infra-cleathley "Infrastructure (Hosting, Build-Tools, etc)") | [<img src="https://avatars0.githubusercontent.com/u/972498?v=3" width="110px;"/><br /><sub>splaer</sub>](https://github.com/splaer)<br />[🐛](https://github.com/snipe/snipe-it/issues?q=author%3Asplaer "Bug reports") [💻](https://github.com/snipe/snipe-it/commits?author=splaer "Code") |
+| [<img src="https://avatars1.githubusercontent.com/u/967362?v=3" width="110px;"/><br /><sub>Joe Ferguson</sub>](http://www.joeferguson.me)<br />[💻](https://github.com/snipe/snipe-it/commits?author=svpernova09 "Code") | [<img src="https://avatars3.githubusercontent.com/u/6108682?v=3" width="110px;"/><br /><sub>diwanicki</sub>](https://github.com/diwanicki)<br />[💻](https://github.com/snipe/snipe-it/commits?author=diwanicki "Code") [📖](https://github.com/snipe/snipe-it/commits?author=diwanicki "Documentation") | [<img src="https://avatars3.githubusercontent.com/u/2527115?v=3" width="110px;"/><br /><sub>Lee Thoong Ching</sub>](https://github.com/pakkua80)<br />[📖](https://github.com/snipe/snipe-it/commits?author=pakkua80 "Documentation") [💻](https://github.com/snipe/snipe-it/commits?author=pakkua80 "Code") | [<img src="https://avatars1.githubusercontent.com/u/461491?v=3" width="110px;"/><br /><sub>Marek Šuppa</sub>](http://shu.io)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mrshu "Code") | [<img src="https://avatars1.githubusercontent.com/u/8693762?v=3" width="110px;"/><br /><sub>Juan J. Martinez</sub>](https://github.com/mizar1616)<br />[🌍](#translation-mizar1616 "Translation") | [<img src="https://avatars1.githubusercontent.com/u/1458388?v=3" width="110px;"/><br /><sub>R Ryan Dial</sub>](https://github.com/rrdial)<br />[🌍](#translation-rrdial "Translation") | [<img src="https://avatars2.githubusercontent.com/u/2871745?v=3" width="110px;"/><br /><sub>Andrej Manduch</sub>](https://github.com/burlito)<br />[📖](https://github.com/snipe/snipe-it/commits?author=burlito "Documentation") |
+| [<img src="https://avatars0.githubusercontent.com/u/8341172?v=3" width="110px;"/><br /><sub>Jay Richards</sub>](http://www.cordeos.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=technogenus "Code") | [<img src="https://avatars2.githubusercontent.com/u/7295127?v=3" width="110px;"/><br /><sub>Alexander Innes</sub>](https://necurity.co.uk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=leostat "Code") | [<img src="https://avatars2.githubusercontent.com/u/334485?v=3" width="110px;"/><br /><sub>Danny Garcia</sub>](https://buzzedword.codes)<br />[💻](https://github.com/snipe/snipe-it/commits?author=buzzedword "Code") | [<img src="https://avatars2.githubusercontent.com/u/366855?v=3" width="110px;"/><br /><sub>archpoint</sub>](https://github.com/archpoint)<br />[💻](https://github.com/snipe/snipe-it/commits?author=archpoint "Code") | [<img src="https://avatars1.githubusercontent.com/u/67991?v=3" width="110px;"/><br /><sub>Jake McGraw</sub>](http://www.jakemcgraw.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jakemcgraw "Code") | [<img src="https://avatars1.githubusercontent.com/u/1714374?v=3" width="110px;"/><br /><sub>FleischKarussel</sub>](https://github.com/FleischKarussel)<br />[📖](https://github.com/snipe/snipe-it/commits?author=FleischKarussel "Documentation") | [<img src="https://avatars3.githubusercontent.com/u/319644?v=3" width="110px;"/><br /><sub>Dylan Yi</sub>](https://github.com/feeva)<br />[💻](https://github.com/snipe/snipe-it/commits?author=feeva "Code") |
+| [<img src="https://avatars2.githubusercontent.com/u/857740?v=3" width="110px;"/><br /><sub>Gil Rutkowski</sub>](http://FlashingCursor.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=flashingcursor "Code") | [<img src="https://avatars3.githubusercontent.com/u/129360?v=3" width="110px;"/><br /><sub>Desmond Morris</sub>](http://www.desmondmorris.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=desmondmorris "Code") | [<img src="https://avatars2.githubusercontent.com/u/52936?v=3" width="110px;"/><br /><sub>Nick Peelman</sub>](http://peelman.us)<br />[💻](https://github.com/snipe/snipe-it/commits?author=peelman "Code") | [<img src="https://avatars0.githubusercontent.com/u/53161?v=3" width="110px;"/><br /><sub>Abraham Vegh</sub>](https://abrahamvegh.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=abrahamvegh "Code") | [<img src="https://avatars0.githubusercontent.com/u/2818680?v=3" width="110px;"/><br /><sub>Mohamed Rashid</sub>](https://github.com/rashivkp)<br />[📖](https://github.com/snipe/snipe-it/commits?author=rashivkp "Documentation") | [<img src="https://avatars3.githubusercontent.com/u/1509456?v=3" width="110px;"/><br /><sub>Kasey</sub>](http://hinchk.github.io)<br />[💻](https://github.com/snipe/snipe-it/commits?author=HinchK "Code") | [<img src="https://avatars2.githubusercontent.com/u/10522541?v=3" width="110px;"/><br /><sub>Brett</sub>](https://github.com/BrettFagerlund)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=BrettFagerlund "Tests") |
+| [<img src="https://avatars2.githubusercontent.com/u/16108587?v=3" width="110px;"/><br /><sub>Jason Spriggs</sub>](http://jasonspriggs.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jasonspriggs "Code") | [<img src="https://avatars2.githubusercontent.com/u/1134568?v=3" width="110px;"/><br /><sub>Nate Felton</sub>](http://n8felton.wordpress.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=n8felton "Code") | [<img src="https://avatars2.githubusercontent.com/u/14036694?v=3" width="110px;"/><br /><sub>Manasses Ferreira</sub>](http://homepages.dcc.ufmg.br/~manassesferreira)<br />[💻](https://github.com/snipe/snipe-it/commits?author=manassesferreira "Code") | [<img src="https://avatars0.githubusercontent.com/u/15913949?v=3" width="110px;"/><br /><sub>Steve</sub>](https://github.com/steveelwood)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=steveelwood "Tests") | [<img src="https://avatars1.githubusercontent.com/u/3361683?v=3" width="110px;"/><br /><sub>matc</sub>](http://twitter.com/matc)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=matc "Tests") | [<img src="https://avatars3.githubusercontent.com/u/7405702?v=3" width="110px;"/><br /><sub>Cole R. Davis</sub>](http://www.davisracingteam.com)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=VanillaNinjaD "Tests") | [<img src="https://avatars2.githubusercontent.com/u/10167681?v=3" width="110px;"/><br /><sub>gibsonjoshua55</sub>](https://github.com/gibsonjoshua55)<br />[💻](https://github.com/snipe/snipe-it/commits?author=gibsonjoshua55 "Code") |
+| [<img src="https://avatars2.githubusercontent.com/u/2809241?v=4" width="110px;"/><br /><sub>Robin Temme</sub>](https://github.com/zwerch)<br />[💻](https://github.com/snipe/snipe-it/commits?author=zwerch "Code") | [<img src="https://avatars0.githubusercontent.com/u/6961695?v=4" width="110px;"/><br /><sub>Iman</sub>](https://github.com/imanghafoori1)<br />[💻](https://github.com/snipe/snipe-it/commits?author=imanghafoori1 "Code") | [<img src="https://avatars1.githubusercontent.com/u/6551003?v=4" width="110px;"/><br /><sub>Richard Hofman</sub>](https://github.com/richardhofman6)<br />[💻](https://github.com/snipe/snipe-it/commits?author=richardhofman6 "Code") | [<img src="https://avatars0.githubusercontent.com/u/3697569?v=4" width="110px;"/><br /><sub>gizzmojr</sub>](https://github.com/gizzmojr)<br />[💻](https://github.com/snipe/snipe-it/commits?author=gizzmojr "Code") | [<img src="https://avatars3.githubusercontent.com/u/404729?v=4" width="110px;"/><br /><sub>Jenny Li</sub>](https://github.com/imjennyli)<br />[📖](https://github.com/snipe/snipe-it/commits?author=imjennyli "Documentation") | [<img src="https://avatars0.githubusercontent.com/u/869227?v=4" width="110px;"/><br /><sub>Geoff Young</sub>](https://github.com/GeoffYoung)<br />[💻](https://github.com/snipe/snipe-it/commits?author=GeoffYoung "Code") | [<img src="https://avatars3.githubusercontent.com/u/1068477?v=4" width="110px;"/><br /><sub>Elliot Blackburn</sub>](http://www.elliotblackburn.com)<br />[📖](https://github.com/snipe/snipe-it/commits?author=BlueHatbRit "Documentation") |
+| [<img src="https://avatars1.githubusercontent.com/u/6357451?v=4" width="110px;"/><br /><sub>Tõnis Ormisson</sub>](http://andmemasin.eu)<br />[💻](https://github.com/snipe/snipe-it/commits?author=TonisOrmisson "Code") | [<img src="https://avatars0.githubusercontent.com/u/449411?v=4" width="110px;"/><br /><sub>Nicolai Essig</sub>](http://www.nicolai-essig.de)<br />[💻](https://github.com/snipe/snipe-it/commits?author=thakilla "Code") | [<img src="https://avatars1.githubusercontent.com/u/14809698?v=4" width="110px;"/><br /><sub>Danielle</sub>](https://github.com/techincolor)<br />[📖](https://github.com/snipe/snipe-it/commits?author=techincolor "Documentation") | [<img src="https://avatars1.githubusercontent.com/u/18545156?v=4" width="110px;"/><br /><sub>Lawrence</sub>](https://github.com/TheVakman)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=TheVakman "Tests") [🐛](https://github.com/snipe/snipe-it/issues?q=author%3ATheVakman "Bug reports") | [<img src="https://avatars1.githubusercontent.com/u/22473767?v=4" width="110px;"/><br /><sub>uknzaeinozpas</sub>](https://github.com/uknzaeinozpas)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=uknzaeinozpas "Tests") [💻](https://github.com/snipe/snipe-it/commits?author=uknzaeinozpas "Code") | [<img src="https://avatars3.githubusercontent.com/u/422752?v=4" width="110px;"/><br /><sub>Ryan</sub>](https://github.com/Gelob)<br />[📖](https://github.com/snipe/snipe-it/commits?author=Gelob "Documentation") | [<img src="https://avatars1.githubusercontent.com/u/10672546?v=4" width="110px;"/><br /><sub>vcordes79</sub>](https://github.com/vcordes79)<br />[💻](https://github.com/snipe/snipe-it/commits?author=vcordes79 "Code") |
+| [<img src="https://avatars3.githubusercontent.com/u/27958330?v=4" width="110px;"/><br /><sub>fordster78</sub>](https://github.com/fordster78)<br />[💻](https://github.com/snipe/snipe-it/commits?author=fordster78 "Code") | [<img src="https://avatars0.githubusercontent.com/u/34064225?v=4" width="110px;"/><br /><sub>CronKz</sub>](https://github.com/CronKz)<br />[💻](https://github.com/snipe/snipe-it/commits?author=CronKz "Code") | [<img src="https://avatars1.githubusercontent.com/u/585486?v=4" width="110px;"/><br /><sub>Tim Bishop</sub>](https://github.com/tdb)<br />[💻](https://github.com/snipe/snipe-it/commits?author=tdb "Code") | [<img src="https://avatars2.githubusercontent.com/u/5384694?v=4" width="110px;"/><br /><sub>Sean McIlvenna</sub>](https://www.seanmcilvenna.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=seanmcilvenna "Code") | [<img src="https://avatars3.githubusercontent.com/u/36515590?v=4" width="110px;"/><br /><sub>cepacs</sub>](https://github.com/cepacs)<br />[🐛](https://github.com/snipe/snipe-it/issues?q=author%3Acepacs "Bug reports") [📖](https://github.com/snipe/snipe-it/commits?author=cepacs "Documentation") |
+<!-- ALL-CONTRIBUTORS-LIST:END -->
+
+This project follows the [all-contributors](https://github.com/kentcdodds/all-contributors) specification. Contributions of any kind welcome!
+
+-----
+
 ### Contributing
 
-Please see the documentation on [contributing and developing for Snipe-IT](https://snipe-it.readme.io/docs/contributing).
+Please see the documentation on [contributing and developing for Snipe-IT](https://snipe-it.readme.io/docs/contributing-overview).
 
 
 Please note that this project is released with a [Contributor Code of Conduct](CODE_OF_CONDUCT.md). By participating in this project you agree to abide by its terms.
 
+-----
+
 ### Security
 
 To report a security vulnerability, please email security@snipeitapp.com instead of using the issue tracker. 

app/Console/Commands/AssetImportCommand.php

@@ -1,463 +0,0 @@
-<?php
-namespace App\Console\Commands;
-
-use App\Models\User;
-use App\Models\Location;
-use App\Models\Category;
-use App\Models\AssetModel;
-use App\Models\Company;
-use App\Models\Asset;
-use App\Models\Manufacturer;
-use Symfony\Component\Console\Input\InputOption;
-use Symfony\Component\Console\Input\InputArgument;
-
-use Illuminate\Console\Command;
-use League\Csv\Reader;
-
-class AssetImportCommand extends Command
-{
-
-    /**
-     * The console command name.
-     *
-     * @var string
-     */
-    protected $name = 'snipeit:asset-import';
-
-    /**
-     * The console command description.
-     *
-     * @var string
-     */
-    protected $description = 'Import Assets from CSV';
-
-    /**
-     * Create a new command instance.
-     *
-     * @return void
-     */
-    public function __construct()
-    {
-        parent::__construct();
-    }
-
-    /**
-     * Execute the console command.
-     *
-     * @return mixed
-     */
-    public function fire()
-    {
-        $filename = $this->argument('filename');
-
-
-        if (!$this->option('testrun')=='true') {
-            $this->comment('======= Importing Assets from '.$filename.' =========');
-        } else {
-            $this->comment('====== TEST ONLY Asset Import for '.$filename.' ====');
-            $this->comment('============== NO DATA WILL BE WRITTEN ==============');
-        }
-
-        if (! ini_get("auto_detect_line_endings")) {
-            ini_set("auto_detect_line_endings", '1');
-        }
-
-        $csv = Reader::createFromPath($this->argument('filename'));
-        $csv->setNewline("\r\n");
-        $csv->setOffset(1);
-        $duplicates = '';
-
-        // Loop through the records
-        $nbInsert = $csv->each(function ($row) use ($duplicates) {
-            $status_id = 1;
-
-            // Let's just map some of these entries to more user friendly words
-
-            // User's name
-            if (array_key_exists('0', $row)) {
-                $user_name = trim($row[0]);
-            } else {
-                $user_name = '';
-            }
-
-            // User's email
-            if (array_key_exists('1', $row)) {
-                $user_email = trim($row[1]);
-            } else {
-                $user_email = '';
-            }
-
-            // User's email
-            if (array_key_exists('2', $row)) {
-                $user_username = trim($row[2]);
-            } else {
-                $user_username = '';
-            }
-
-            // Asset Name
-            if (array_key_exists('3', $row)) {
-                $user_asset_asset_name = trim($row[3]);
-            } else {
-                $user_asset_asset_name = '';
-            }
-
-            // Asset Category
-            if (array_key_exists('4', $row)) {
-                $user_asset_category = trim($row[4]);
-            } else {
-                $user_asset_category = '';
-            }
-
-            // Asset Name
-            if (array_key_exists('5', $row)) {
-                $user_asset_name = trim($row[5]);
-            } else {
-                $user_asset_name = '';
-            }
-
-            // Asset Manufacturer
-            if (array_key_exists('6', $row)) {
-                $user_asset_mfgr = trim($row[6]);
-            } else {
-                $user_asset_mfgr = '';
-            }
-
-            // Asset model number
-            if (array_key_exists('7', $row)) {
-                $user_asset_modelno = trim($row[7]);
-            } else {
-                $user_asset_modelno = '';
-            }
-
-            // Asset serial number
-            if (array_key_exists('8', $row)) {
-                $user_asset_serial = trim($row[8]);
-            } else {
-                $user_asset_serial = '';
-            }
-
-            // Asset tag
-            if (array_key_exists('9', $row)) {
-                $user_asset_tag = trim($row[9]);
-            } else {
-                $user_asset_tag = '';
-            }
-
-            // Asset location
-            if (array_key_exists('10', $row)) {
-                $user_asset_location = trim($row[10]);
-            } else {
-                $user_asset_location = '';
-            }
-
-            // Asset notes
-            if (array_key_exists('11', $row)) {
-                $user_asset_notes = trim($row[11]);
-            } else {
-                $user_asset_notes = '';
-            }
-
-            // Asset purchase date
-            if (array_key_exists('12', $row)) {
-                if ($row[12]!='') {
-                    $user_asset_purchase_date = date("Y-m-d 00:00:01", strtotime($row[12]));
-                } else {
-                    $user_asset_purchase_date = '';
-                }
-            } else {
-                $user_asset_purchase_date = '';
-            }
-
-            // Asset purchase cost
-            if (array_key_exists('13', $row)) {
-                if ($row[13]!='') {
-                    $user_asset_purchase_cost = trim($row[13]);
-                } else {
-                    $user_asset_purchase_cost = '';
-                }
-            } else {
-                $user_asset_purchase_cost = '';
-            }
-
-       // Asset Company Name
-            if (array_key_exists('14', $row)) {
-                if ($row[14]!='') {
-                    $user_asset_company_name = trim($row[14]);
-                } else {
-                        $user_asset_company_name= '';
-                }
-            } else {
-                   $user_asset_company_name = '';
-            }
-
-
-        // A number was given instead of a name
-            if (is_numeric($user_name)) {
-                $this->comment('User '.$user_name.' is not a name - assume this user already exists');
-                $user_username = '';
-                $first_name = '';
-                $last_name = '';
-
-            // No name was given
-            } elseif ($user_name=='') {
-                $this->comment('No user data provided - skipping user creation, just adding asset');
-                $first_name = '';
-                $last_name = '';
-                //$user_username = '';
-
-            } else {
-                $user_email_array = User::generateFormattedNameFromFullName($this->option('email_format'), $user_name);
-                $first_name = $user_email_array['first_name'];
-                $last_name = $user_email_array['last_name'];
-
-                if ($user_email=='') {
-                    $user_email = $user_email_array['username'].'@'.config('app.domain');
-                }
-
-                if ($user_username=='') {
-                    if ($this->option('username_format')=='email') {
-                        $user_username = $user_email;
-                    } else {
-                        $user_name_array = User::generateFormattedNameFromFullName($this->option('username_format'), $user_name);
-                        $user_username = $user_name_array['username'];
-                    }
-
-                }
-
-            }
-
-            $this->comment('Full Name: '.$user_name);
-            $this->comment('First Name: '.$first_name);
-            $this->comment('Last Name: '.$last_name);
-            $this->comment('Username: '.$user_username);
-            $this->comment('Email: '.$user_email);
-            $this->comment('Category Name: '.$user_asset_category);
-            $this->comment('Item: '.$user_asset_name);
-            $this->comment('Manufacturer ID: '.$user_asset_mfgr);
-            $this->comment('Model No: '.$user_asset_modelno);
-            $this->comment('Serial No: '.$user_asset_serial);
-            $this->comment('Asset Tag: '.$user_asset_tag);
-            $this->comment('Location: '.$user_asset_location);
-            $this->comment('Purchase Date: '.$user_asset_purchase_date);
-            $this->comment('Purchase Cost: '.$user_asset_purchase_cost);
-            $this->comment('Notes: '.$user_asset_notes);
-            $this->comment('Company Name: '.$user_asset_company_name);
-
-            $this->comment('------------- Action Summary ----------------');
-
-            if ($user_username!='') {
-                if ($user = User::MatchEmailOrUsername($user_username, $user_email)
-                ->whereNotNull('username')->first()) {
-                    $this->comment('User '.$user_username.' already exists');
-                } else {
-                    $user = new \App\Models\User;
-                    $password  = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
-
-                    $user->first_name = $first_name;
-                    $user->last_name = $last_name;
-                    $user->username = $user_username;
-                    $user->email = $user_email;
-                    $user->permissions = '{user":1}';
-                    $user->password = bcrypt($password);
-                    $user->activated = 1;
-                    if ($user->save()) {
-                        $this->comment('User '.$first_name.' created');
-                    } else {
-                        $this->error('ERROR CREATING User '.$first_name.' '.$last_name);
-                        $this->error($user->getErrors());
-                    }
-
-                }
-            } else {
-                $user = new User;
-            }
-
-        // Check for the location match and create it if it doesn't exist
-            if ($location = Location::where('name', e($user_asset_location))->first()) {
-                $this->comment('Location '.$user_asset_location.' already exists');
-            } else {
-
-                $location = new Location();
-
-                if ($user_asset_location!='') {
-                    $location->name = e($user_asset_location);
-                    $location->address = '';
-                    $location->city = '';
-                    $location->state = '';
-                    $location->country = '';
-                    $location->user_id = 1;
-
-                    if (!$this->option('testrun')=='true') {
-
-                        if ($location->save()) {
-                            $this->comment('Location '.$user_asset_location.' was created');
-                        } else {
-                            $this->error('Something went wrong! Location '.$user_asset_location.' was NOT created');
-                            $this->error($location->getErrors());
-                        }
-
-                    } else {
-                        $this->comment('Location '.$user_asset_location.' was (not) created - test run only');
-                    }
-                } else {
-                    $this->comment('No location given, so none created.');
-                }
-
-            }
-
-            if (e($user_asset_category)=='') {
-                $category_name = 'Unnamed Category';
-            } else {
-                $category_name = e($user_asset_category);
-            }
-
-        // Check for the category match and create it if it doesn't exist
-            if ($category = Category::where('name', e($category_name))->where('category_type', 'asset')->first()) {
-                $this->comment('Category '.$category_name.' already exists');
-
-            } else {
-                $category = new Category();
-                $category->name = e($category_name);
-                $category->category_type = 'asset';
-                $category->user_id = 1;
-
-                if ($category->save()) {
-                    $this->comment('Category '.$user_asset_category.' was created');
-                } else {
-                    $this->error('Something went wrong! Category '.$user_asset_category.' was NOT created');
-                    $this->error($category->getErrors());
-                }
-
-            }
-
-        // Check for the manufacturer match and create it if it doesn't exist
-            if ($manufacturer = Manufacturer::where('name', e($user_asset_mfgr))->first()) {
-                $this->comment('Manufacturer '.$user_asset_mfgr.' already exists');
-            } else {
-                $manufacturer = new Manufacturer();
-                $manufacturer->name = e($user_asset_mfgr);
-                $manufacturer->user_id = 1;
-
-                if ($manufacturer->save()) {
-                    $this->comment('Manufacturer '.$user_asset_mfgr.' was created');
-                } else {
-                    $this->error('Something went wrong! Manufacturer '.$user_asset_mfgr.' was NOT created: '. $manufacturer->getErrors()->first());
-                }
-
-            }
-
-        // Check for the asset model match and create it if it doesn't exist
-            if ($asset_model = AssetModel::where('name', e($user_asset_name))->where('modelno', e($user_asset_modelno))->where('category_id', $category->id)->where('manufacturer_id', $manufacturer->id)->first()) {
-                $this->comment('The Asset Model '.$user_asset_name.' with model number '.$user_asset_modelno.' already exists');
-            } else {
-                $asset_model = new AssetModel();
-                $asset_model->name = e($user_asset_name);
-                $asset_model->manufacturer_id = $manufacturer->id;
-                $asset_model->modelno = e($user_asset_modelno);
-                $asset_model->category_id = $category->id;
-                $asset_model->user_id = 1;
-
-                if ($asset_model->save()) {
-                    $this->comment('Asset Model '.$user_asset_name.' with model number '.$user_asset_modelno.' was created');
-                } else {
-                    $this->error('Something went wrong! Asset Model '.$user_asset_name.' was NOT created: '.$asset_model->getErrors()->first());
-                }
-
-            }
-
-        // Check for the asset company match and create it if it doesn't exist
-            if ($user_asset_company_name!='') {
-                if ($company = Company::where('name', e($user_asset_company_name))->first()) {
-                    $this->comment('Company '.$user_asset_company_name.' already exists');
-                } else {
-                    $company = new Company();
-                    $company->name = e($user_asset_company_name);
-
-                    if ($company->save()) {
-                        $this->comment('Company '.$user_asset_company_name.' was created');
-                    } else {
-                        $this->error('Something went wrong! Company '.$user_asset_company_name.' was NOT created: '.$company->getErrors()->first());
-                    }
-                }
-
-            } else {
-                $company = new Company();
-            }
-
-            // Check for the asset match and create it if it doesn't exist
-            if ($asset = Asset::where('asset_tag', e($user_asset_tag))->first()) {
-                $this->comment('The Asset with asset tag '.$user_asset_tag.' already exists');
-            } else {
-                $asset = new Asset();
-                $asset->name = e($user_asset_asset_name);
-                if ($user_asset_purchase_date!='') {
-                    $asset->purchase_date = $user_asset_purchase_date;
-                } else {
-                    $asset->purchase_date = null;
-                }
-                if ($user_asset_purchase_cost!='') {
-                    $asset->purchase_cost = ParseFloat(e($user_asset_purchase_cost));
-                } else {
-                    $asset->purchase_cost = 0.00;
-                }
-                    $asset->serial = e($user_asset_serial);
-                    $asset->asset_tag = e($user_asset_tag);
-                    $asset->model_id = $asset_model->id;
-                    $asset->assigned_to = $user->id;
-                    $asset->rtd_location_id = $location->id;
-                    $asset->user_id = 1;
-                    $asset->status_id = $status_id;
-                    $asset->company_id = $company->id;
-                if ($user_asset_purchase_date!='') {
-                    $asset->purchase_date = $user_asset_purchase_date;
-                } else {
-                    $asset->purchase_date = null;
-                }
-                    $asset->notes = e($user_asset_notes);
-
-                if ($asset->save()) {
-                    $this->comment('Asset '.$user_asset_name.' with serial number '.$user_asset_serial.' was created');
-                } else {
-                    $this->error('Something went wrong! Asset '.$user_asset_name.' was NOT created: '.$asset->getErrors()->first());
-                }
-
-            }
-
-
-
-            $this->comment('=====================================');
-
-            return true;
-
-        });
-
-
-    }
-
-    /**
-     * Get the console command arguments.
-     *
-     * @return array
-     */
-    protected function getArguments()
-    {
-        return array(
-            array('filename', InputArgument::REQUIRED, 'File for the CSV import.'),
-        );
-    }
-
-
-    /**
-     * Get the console command options.
-     *
-     * @return array
-     */
-    protected function getOptions()
-    {
-        return array(
-        array('email_format', null, InputOption::VALUE_REQUIRED, 'The format of the email addresses that should be generated. Options are firstname.lastname, firstname, filastname', null),
-        array('username_format', null, InputOption::VALUE_REQUIRED, 'The format of the username that should be generated. Options are firstname.lastname, firstname, filastname, email', null),
-        array('testrun', null, InputOption::VALUE_REQUIRED, 'Test the output without writing to the database or not.', null),
-        );
-    }
-}

app/Console/Commands/FixDoubleEscape.php

@@ -0,0 +1,85 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+
+class FixDoubleEscape extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:unescape';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This should be run to fix some double-escaping issues from earlier versions of Snipe-IT.';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+        $tables = [
+            '\App\Models\Asset' => ['name'],
+            '\App\Models\License' => ['name'],
+            '\App\Models\Consumable' => ['name'],
+            '\App\Models\Accessory' => ['name'],
+            '\App\Models\Component' => ['name'],
+            '\App\Models\Company' => ['name'],
+            '\App\Models\Manufacturer' => ['name'],
+            '\App\Models\Supplier' => ['name'],
+            '\App\Models\Statuslabel' => ['name'],
+            '\App\Models\Depreciation' => ['name'],
+            '\App\Models\AssetModel' => ['name'],
+            '\App\Models\Group' => ['name'],
+            '\App\Models\Department' => ['name'],
+            '\App\Models\Location' => ['name'],
+            '\App\Models\User' => ['first_name', 'last_name'],
+        ];
+
+        $count = array();
+
+
+
+            foreach ($tables as $classname => $fields) {
+                $count[$classname] = array();
+                $count[$classname]['classname'] = 0;
+
+                foreach($fields as $field) {
+
+                    $count[$classname]['classname']++;
+                    $count[$classname][$field] = 0;
+
+                    foreach($classname::where("$field",'LIKE','%&%')->get() as $row) {
+                        $this->info('Updating '.$field.' for '.$classname);
+                        $row->{$field} = html_entity_decode($row->{$field});
+                        $row->save();
+                        $count[$classname][$field]++;
+
+                    }
+                }
+            }
+
+        $this->info('Update complete');
+
+    }
+}

app/Console/Commands/LdapSync.php

@@ -16,7 +16,7 @@ class LdapSync extends Command
      *
      * @var string
      */
-    protected $signature = 'snipeit:ldap-sync {--location=} {--location_id=} {--summary}';
+    protected $signature = 'snipeit:ldap-sync {--location=} {--location_id=} {--base_dn=} {--summary} {--json_summary}';
 
     /**
      * The console command description.
@@ -55,41 +55,101 @@ class LdapSync extends Command
 
         try {
             $ldapconn = Ldap::connectToLdap();
-        } catch (\Exception $e) {
-            LOG::error($e);
-        }
-
-        try {
             Ldap::bindAdminToLdap($ldapconn);
         } catch (\Exception $e) {
+            if ($this->option('json_summary')) {
+                $json_summary = [ "error" => true, "error_message" => $e->getMessage(), "summary" => [] ];
+                $this->info(json_encode($json_summary));
+            }
             LOG::error($e);
+            return [];
         }
 
         $summary = array();
 
-        $results = Ldap::findLdapUsers();
+        try {    
+            if ($this->option('base_dn') != '') {
+                $search_base = $this->option('base_dn');
+                LOG::debug('Importing users from specified base DN: \"'.$search_base.'\".');                
+            } else {
+                $search_base = null;
+            }
+            $results = Ldap::findLdapUsers($search_base);
+        } catch (\Exception $e) {
+            if ($this->option('json_summary')) {
+                $json_summary = [ "error" => true, "error_message" => $e->getMessage(), "summary" => [] ];
+                $this->info(json_encode($json_summary));
+            }
+            LOG::error($e);
+            return [];
+        }
+
+        /* Determine which location to assign users to by default. */
+        $location = NULL;
 
         if ($this->option('location')!='') {
-            $location = Location::where('name','=',$this->option('location'))->first();
+            $location = Location::where('name', '=', $this->option('location'))->first();
             LOG::debug('Location name '.$this->option('location').' passed');
             LOG::debug('Importing to '.$location->name.' ('.$location->id.')');
         } elseif ($this->option('location_id')!='') {
-            $location = Location::where('id','=',$this->option('location_id'))->first();
+            $location = Location::where('id', '=', $this->option('location_id'))->first();
             LOG::debug('Location ID '.$this->option('location_id').' passed');
             LOG::debug('Importing to '.$location->name.' ('.$location->id.')');
-        } else {
-            $location = new Location;
         }
 
         if (!isset($location)) {
-            LOG::debug('That location is invalid, so no location will be assigned.');
+            LOG::debug('That location is invalid or a location was not provided, so no location will be assigned by default.');
         }
 
+        /* Process locations with explicitly defined OUs, if doing a full import. */
+        if ($this->option('base_dn')=='') {
+            // Retrieve locations with a mapped OU, and sort them from the shallowest to deepest OU (see #3993)
+            $ldap_ou_locations = Location::where('ldap_ou', '!=', '')->get()->toArray();
+            $ldap_ou_lengths = array();
+            
+            foreach ($ldap_ou_locations as $location) {
+                $ldap_ou_lengths[] = strlen($location["ldap_ou"]);
+            }
 
+            array_multisort($ldap_ou_lengths, SORT_ASC, $ldap_ou_locations);
+
+            if (sizeof($ldap_ou_locations) > 0) {
+                LOG::debug('Some locations have special OUs set. Locations will be automatically set for users in those OUs.');
+            }
+
+            // Inject location information fields
+            for ($i = 0; $i < $results["count"]; $i++) {
+                $results[$i]["ldap_location_override"] = false;
+                $results[$i]["location_id"] = 0;
+            }
+
+            // Grab subsets based on location-specific DNs, and overwrite location for these users.
+            foreach ($ldap_ou_locations as $ldap_loc) {
+                $location_users = Ldap::findLdapUsers($ldap_loc["ldap_ou"]);
+                $usernames = array();
+                for ($i = 0; $i < $location_users["count"]; $i++) {
+                    $location_users[$i]["ldap_location_override"] = true;
+                    $location_users[$i]["location_id"] = $ldap_loc["id"];
+                    $usernames[] = $location_users[$i][$ldap_result_username][0];
+                }
+
+                // Delete located users from the general group.
+                foreach ($results as $key => $generic_entry) {
+                    if (in_array($generic_entry[$ldap_result_username][0], $usernames)) {
+                        unset($results[$key]);
+                    }
+                }
+
+                $global_count = $results['count'];
+                $results = array_merge($location_users, $results);
+                $results['count'] = $global_count;
+            }
+        }
+
+        /* Create user account entries in Snipe-IT */
         $tmp_pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
         $pass = bcrypt($tmp_pass);
 
-
         for ($i = 0; $i < $results["count"]; $i++) {
             if (empty($ldap_result_active_flag) || $results[$i][$ldap_result_active_flag][0] == "TRUE") {
 
@@ -99,6 +159,17 @@ class LdapSync extends Command
                 $item["lastname"] = isset($results[$i][$ldap_result_last_name][0]) ? $results[$i][$ldap_result_last_name][0] : "";
                 $item["firstname"] = isset($results[$i][$ldap_result_first_name][0]) ? $results[$i][$ldap_result_first_name][0] : "";
                 $item["email"] = isset($results[$i][$ldap_result_email][0]) ? $results[$i][$ldap_result_email][0] : "" ;
+                $item["ldap_location_override"] = isset($results[$i]["ldap_location_override"]) ? $results[$i]["ldap_location_override"]:"";
+                $item["location_id"] = isset($results[$i]["location_id"]) ? $results[$i]["location_id"]:"";
+
+                if ( array_key_exists('useraccountcontrol', $results[$i]) ) {
+                    $enabled_accounts = [
+                        '512', '544', '66048', '66080', '262656', '262688', '328192', '328224'
+                    ];
+                    $item['activated'] = ( in_array($results[$i]['useraccountcontrol'][0], $enabled_accounts) ) ? 1 : 0;
+                } else {
+                    $item['activated'] = 0;
+                }
 
                 // User exists
                 $item["createorupdate"] = 'updated';
@@ -109,17 +180,23 @@ class LdapSync extends Command
                 }
 
                 // Create the user if they don't exist.
-
-
                 $user->first_name = e($item["firstname"]);
                 $user->last_name = e($item["lastname"]);
                 $user->username = e($item["username"]);
                 $user->email = e($item["email"]);
                 $user->employee_num = e($item["employee_number"]);
-                $user->activated = 1;
+                $user->activated = $item['activated'];
+
+                if ($item['ldap_location_override'] == true) {
+                    $user->location_id = $item['location_id'];
+                } elseif ((isset($location)) && (!empty($location))) {
+
+                    if ((is_array($location)) && (array_key_exists('id', $location))) {
+                        $user->location_id = $location['id'];
+                    } elseif (is_object($location)) {
+                        $user->location_id = $location->id;
+                    }
 
-                if ($location) {
-                    $user->location_id = e($location->id);
                 }
 
                 $user->notes = 'Imported from LDAP';
@@ -146,19 +223,16 @@ class LdapSync extends Command
         if ($this->option('summary')) {
             for ($x = 0; $x < count($summary); $x++) {
                 if ($summary[$x]['status']=='error') {
-                    $this->error('ERROR: '.$summary[$x]['firstname'].' '.$summary[$x]['lastname'].' (username:  '.$summary[$x]['username'].' was not imported: '.$summary[$x]['note'] );
+                    $this->error('ERROR: '.$summary[$x]['firstname'].' '.$summary[$x]['lastname'].' (username:  '.$summary[$x]['username'].') was not imported: '.$summary[$x]['note']);
                 } else {
-                    $this->info('User '.$summary[$x]['firstname'].' '.$summary[$x]['lastname'].' (username:  '.$summary[$x]['username'].' was '.strtoupper($summary[$x]['createorupdate']).'.');
+                    $this->info('User '.$summary[$x]['firstname'].' '.$summary[$x]['lastname'].' (username:  '.$summary[$x]['username'].') was '.strtoupper($summary[$x]['createorupdate']).'.');
                 }
-
             }
+        } else if ($this->option('json_summary')) {
+            $json_summary = [ "error" => false, "error_message" => "", "summary" => $summary ];
+            $this->info(json_encode($json_summary));
         } else {
             return $summary;
         }
-
-
-
     }
-
-
 }

app/Console/Commands/LicenseImportCommand.php

@@ -1,383 +0,0 @@
-<?php
-namespace App\Console\Commands;
-
-use Illuminate\Console\Command;
-use Symfony\Component\Console\Input\InputOption;
-use Symfony\Component\Console\Input\InputArgument;
-use League\Csv\Reader;
-use App\Models\User;
-use App\Models\Supplier;
-use App\Models\License;
-use App\Models\LicenseSeat;
-
-class LicenseImportCommand extends Command
-{
-
-    /**
-     * The console command name.
-     *
-     * @var string
-     */
-    protected $name = 'snipeit:license-import';
-
-    /**
-     * The console command description.
-     *
-     * @var string
-     */
-    protected $description = 'Import Licenses from CSV';
-
-    /**
-     * Create a new command instance.
-     *
-     * @return void
-     */
-    public function __construct()
-    {
-        parent::__construct();
-    }
-
-    /**
-     * Execute the console command.
-     *
-     * @return mixed
-     */
-    public function fire()
-    {
-        $filename = $this->argument('filename');
-
-
-        if (!$this->option('testrun')=='true') {
-            $this->comment('======= Importing Licenses from '.$filename.' =========');
-        } else {
-            $this->comment('====== TEST ONLY License Import for '.$filename.' ====');
-            $this->comment('============== NO DATA WILL BE WRITTEN ==============');
-        }
-
-        if (! ini_get("auto_detect_line_endings")) {
-            ini_set("auto_detect_line_endings", '1');
-        }
-
-        $csv = Reader::createFromPath($this->argument('filename'));
-        $csv->setNewline("\r\n");
-        $csv->setOffset(1);
-        $duplicates = '';
-
-        // Loop through the records
-        $nbInsert = $csv->each(function ($row) use ($duplicates) {
-            $status_id = 1;
-
-            // Let's just map some of these entries to more user friendly words
-
-            if (array_key_exists('0', $row)) {
-                $user_name = trim($row[0]);
-            } else {
-                $user_name = '';
-            }
-
-            if (array_key_exists('1', $row)) {
-                $user_email = trim($row[1]);
-            } else {
-                $user_email = '';
-            }
-
-            if (array_key_exists('2', $row)) {
-                $user_username = trim($row[2]);
-            } else {
-                $user_username = '';
-            }
-
-            if (array_key_exists('3', $row)) {
-                $user_license_name = trim($row[3]);
-            } else {
-                $user_license_name = '';
-            }
-
-            if (array_key_exists('4', $row)) {
-                $user_license_serial = trim($row[4]);
-            } else {
-                $user_license_serial = '';
-            }
-
-            if (array_key_exists('5', $row)) {
-                $user_licensed_to_name = trim($row[5]);
-            } else {
-                $user_licensed_to_name = '';
-            }
-
-            if (array_key_exists('6', $row)) {
-                $user_licensed_to_email = trim($row[6]);
-            } else {
-                $user_licensed_to_email = '';
-            }
-
-            if (array_key_exists('7', $row)) {
-                $user_license_seats = trim($row[7]);
-            } else {
-                $user_license_seats = '';
-            }
-
-            if (array_key_exists('8', $row)) {
-                $user_license_reassignable = trim($row[8]);
-                if ($user_license_reassignable!='') {
-                    if ((strtolower($user_license_reassignable)=='yes') || (strtolower($user_license_reassignable)=='true') || ($user_license_reassignable=='1')) {
-                        $user_license_reassignable = 1;
-                    }
-                } else {
-                    $user_license_reassignable = 0;
-                }
-            } else {
-                $user_license_reassignable = 0;
-            }
-
-            if (array_key_exists('9', $row)) {
-                $user_license_supplier = trim($row[9]);
-            } else {
-                $user_license_supplier = '';
-            }
-
-            if (array_key_exists('10', $row)) {
-                $user_license_maintained = trim($row[10]);
-
-                if ($user_license_maintained!='') {
-                    if ((strtolower($user_license_maintained)=='yes') || (strtolower($user_license_maintained)=='true') || ($user_license_maintained=='1')) {
-                        $user_license_maintained = 1;
-                    }
-                } else {
-                    $user_license_maintained = 0;
-                }
-
-
-            } else {
-                $user_license_maintained = '';
-            }
-
-            if (array_key_exists('11', $row)) {
-                $user_license_notes = trim($row[11]);
-            } else {
-                $user_license_notes = '';
-            }
-
-            if (array_key_exists('12', $row)) {
-                if ($row[12]!='') {
-                    $user_license_purchase_date = date("Y-m-d 00:00:01", strtotime($row[12]));
-                } else {
-                    $user_license_purchase_date = '';
-                }
-            } else {
-                $user_license_purchase_date = 0;
-            }
-
-            // A number was given instead of a name
-            if (is_numeric($user_name)) {
-                $this->comment('User '.$user_name.' is not a name - assume this user already exists');
-                $user_username = '';
-            // No name was given
-
-            } elseif ($user_name=='') {
-                $this->comment('No user data provided - skipping user creation, just adding license');
-                $first_name = '';
-                $last_name = '';
-                $user_username = '';
-
-            } else {
-
-                    $name = explode(" ", $user_name);
-                    $first_name = $name[0];
-                    $email_last_name = '';
-                    $email_prefix = $first_name;
-
-                if (!array_key_exists(1, $name)) {
-                    $last_name='';
-                    $email_last_name = $last_name;
-                    $email_prefix = $first_name;
-                } else {
-                    $last_name = str_replace($first_name, '', $user_name);
-
-                    if ($this->option('email_format')=='filastname') {
-                        $email_last_name.=str_replace(' ', '', $last_name);
-                        $email_prefix = $first_name[0].$email_last_name;
-
-                    } elseif ($this->option('email_format')=='firstname.lastname') {
-                        $email_last_name.=str_replace(' ', '', $last_name);
-                        $email_prefix = $first_name.'.'.$email_last_name;
-
-                    } elseif ($this->option('email_format')=='firstname') {
-                        $email_last_name.=str_replace(' ', '', $last_name);
-                        $email_prefix = $first_name;
-                    }
-
-
-                }
-
-
-                    $user_username = $email_prefix;
-
-                    // Generate an email based on their name if no email address is given
-                if ($user_email=='') {
-                    if ($first_name=='Unknown') {
-                        $status_id = 7;
-                    }
-                    $email = strtolower($email_prefix).'@'.$this->option('domain');
-                    $user_email = str_replace("'", '', $email);
-                }
-            }
-
-            $this->comment('Full Name: '.$user_name);
-            $this->comment('First Name: '.$first_name);
-            $this->comment('Last Name: '.$last_name);
-            $this->comment('Username: '.$user_username);
-            $this->comment('Email: '.$user_email);
-            $this->comment('License Name: '.$user_license_name);
-            $this->comment('Serial No: '.$user_license_serial);
-            $this->comment('Licensed To Name: '.$user_licensed_to_name);
-            $this->comment('Licensed To Email: '.$user_licensed_to_email);
-            $this->comment('Seats: '.$user_license_seats);
-            $this->comment('Reassignable: '.$user_license_reassignable);
-            $this->comment('Supplier: '.$user_license_supplier);
-            $this->comment('Maintained: '.$user_license_maintained);
-            $this->comment('Notes: '.$user_license_notes);
-            $this->comment('Purchase Date: '.$user_license_purchase_date);
-
-            $this->comment('------------- Action Summary ----------------');
-
-            if ($user_username!='') {
-                if ($user = User::where('username', $user_username)->whereNotNull('username')->first()) {
-                    $this->comment('User '.$user_username.' already exists');
-                } else {
-
-                    $user = new \App\Models\User;
-                    $password  = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
-
-                    $user->first_name = $first_name;
-                    $user->last_name = $last_name;
-                    $user->username = $user_username;
-                    $user->email = $user_email;
-                    $user->permissions = '{user":1}';
-                    $user->password = bcrypt($password);
-                    $user->activated = 1;
-                    if ($user->save()) {
-                        $this->comment('User '.$first_name.' created');
-                    } else {
-                        $this->error('ERROR CREATING User '.$first_name.' '.$last_name);
-                        $this->error($user->getErrors());
-                    }
-
-                    $this->comment('User '.$first_name.' created');
-                }
-            } else {
-                $user = new User;
-                $user->user_id = null;
-            }
-
-
-            // Check for the supplier match and create it if it doesn't exist
-            if ($supplier = Supplier::where('name', $user_license_supplier)->first()) {
-                $this->comment('Supplier '.$user_license_supplier.' already exists');
-            } else {
-                $supplier = new Supplier();
-                $supplier->name = e($user_license_supplier);
-                $supplier->user_id = 1;
-
-                if ($supplier->save()) {
-                    $this->comment('Supplier '.$user_license_supplier.' was created');
-                } else {
-                    $this->comment('Something went wrong! Supplier '.$user_license_supplier.' was NOT created');
-                }
-
-            }
-
-
-            // Add the license
-            $license = new License();
-            $license->name = e($user_license_name);
-            if ($user_license_purchase_date!='') {
-                $license->purchase_date = $user_license_purchase_date;
-            } else {
-                $license->purchase_date = null;
-            }
-            $license->serial = e($user_license_serial);
-            $license->seats = e($user_license_seats);
-            $license->supplier_id = $supplier->id;
-            $license->user_id = 1;
-            if ($user_license_purchase_date!='') {
-                $license->purchase_date = $user_license_purchase_date;
-            } else {
-                $license->purchase_date = null;
-            }
-            $license->license_name = $user_licensed_to_name;
-            $license->license_email = $user_licensed_to_email;
-            $license->notes = e($user_license_notes);
-
-            if ($license->save()) {
-                $this->comment('License '.$user_license_name.' with serial number '.$user_license_serial.' was created');
-
-
-                $license_seat_created = 0;
-
-                for ($x = 0; $x < $user_license_seats; $x++) {
-                    // Create the license seat entries
-                    $license_seat = new LicenseSeat();
-                    $license_seat->license_id = $license->id;
-
-                    // Only assign the first seat to the user
-                    if ($x==0) {
-                        $license_seat->assigned_to = $user->id;
-                    } else {
-                        $license_seat->assigned_to = null;
-                    }
-
-                    if ($license_seat->save()) {
-                        $license_seat_created++;
-                    }
-                }
-
-                if ($license_seat_created > 0) {
-                    $this->comment($license_seat_created.' seats were created');
-                } else {
-                    $this->comment('Something went wrong! NO seats for '.$user_license_name.' were created');
-                }
-
-
-
-            } else {
-                $this->comment('Something went wrong! License '.$user_license_name.' was NOT created');
-            }
-
-
-            $this->comment('=====================================');
-
-            return true;
-
-        });
-
-
-    }
-
-    /**
-     * Get the console command arguments.
-     *
-     * @return array
-     */
-    protected function getArguments()
-    {
-        return array(
-            array('filename', InputArgument::REQUIRED, 'File for the CSV import.'),
-        );
-    }
-
-
-    /**
-     * Get the console command options.
-     *
-     * @return array
-     */
-    protected function getOptions()
-    {
-        return array(
-            array('domain', null, InputOption::VALUE_REQUIRED, 'Email domain for generated email addresses.', null),
-            array('email_format', null, InputOption::VALUE_REQUIRED, 'The format of the email addresses that should be generated. Options are firstname.lastname, firstname, filastname', null),
-            array('testrun', null, InputOption::VALUE_REQUIRED, 'Test the output without writing to the database or not.', null),
-        );
-    }
-}

app/Console/Commands/PaveIt.php

@@ -2,9 +2,6 @@
 
 namespace App\Console\Commands;
 
-use Illuminate\Console\Command;
-use DB;
-
 use App\Models\Accessory;
 use App\Models\Asset;
 use App\Models\AssetModel;
@@ -12,14 +9,18 @@ use App\Models\Category;
 use App\Models\Company;
 use App\Models\Component;
 use App\Models\Consumable;
+use App\Models\Department;
 use App\Models\Depreciation;
 use App\Models\Group;
+use App\Models\Import;
 use App\Models\License;
 use App\Models\LicenseSeat;
 use App\Models\Location;
 use App\Models\Manufacturer;
 use App\Models\Statuslabel;
 use App\Models\Supplier;
+use DB;
+use Illuminate\Console\Command;
 
 class PaveIt extends Command
 {
@@ -63,6 +64,7 @@ class PaveIt extends Command
                 Company::getQuery()->delete();
                 Component::getQuery()->delete();
                 Consumable::getQuery()->delete();
+                Department::getQuery()->delete();
                 Depreciation::getQuery()->delete();
                 License::getQuery()->delete();
                 LicenseSeat::getQuery()->delete();
@@ -72,6 +74,7 @@ class PaveIt extends Command
                 Statuslabel::getQuery()->delete();
                 Supplier::getQuery()->delete();
                 Group::getQuery()->delete();
+                Import::getQuery()->delete();
 
                 DB::statement('delete from accessories_users');
                 DB::statement('delete from asset_logs');
@@ -107,6 +110,7 @@ class PaveIt extends Command
                 \DB::statement('drop table IF EXISTS custom_fields');
                 \DB::statement('drop table IF EXISTS custom_fieldsets');
                 \DB::statement('drop table IF EXISTS depreciations');
+                \DB::statement('drop table IF EXISTS departments');
                 \DB::statement('drop table IF EXISTS groups');
                 \DB::statement('drop table IF EXISTS history');
                 \DB::statement('drop table IF EXISTS components');
@@ -117,6 +121,11 @@ class PaveIt extends Command
                 \DB::statement('drop table IF EXISTS manufacturers');
                 \DB::statement('drop table IF EXISTS models');
                 \DB::statement('drop table IF EXISTS migrations');
+                \DB::statement('drop table IF EXISTS oauth_access_tokens');
+                \DB::statement('drop table IF EXISTS oauth_auth_codes');
+                \DB::statement('drop table IF EXISTS oauth_clients');
+                \DB::statement('drop table IF EXISTS oauth_personal_access_clients');
+                \DB::statement('drop table IF EXISTS oauth_refresh_tokens');
                 \DB::statement('drop table IF EXISTS password_resets');
                 \DB::statement('drop table IF EXISTS requested_assets');
                 \DB::statement('drop table IF EXISTS requests');
@@ -126,6 +135,7 @@ class PaveIt extends Command
                 \DB::statement('drop table IF EXISTS throttle');
                 \DB::statement('drop table IF EXISTS users_groups');
                 \DB::statement('drop table IF EXISTS users');
+                \DB::statement('drop table IF EXISTS imports');
             }
         }
     }

app/Console/Commands/Purge.php

@@ -65,7 +65,7 @@ class Purge extends Command
             $asset_maintenances = 0;
 
             foreach ($assets as $asset) {
-                $this->info('- Asset "'.$asset->showAssetName().'" deleted.');
+                $this->info('- Asset "'.$asset->present()->name().'" deleted.');
                 $asset_assoc += $asset->assetlog()->count();
                 $asset->assetlog()->forceDelete();
                 $asset_maintenances += $asset->assetmaintenances()->count();

app/Console/Commands/RecryptFromMcrypt.php

@@ -0,0 +1,167 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\CustomField;
+use Illuminate\Console\Command;
+use App\LegacyEncrypter\McryptEncrypter;
+use App\Models\Setting;
+use App\Models\Asset;
+use Illuminate\Support\Facades\Storage;
+
+class RecryptFromMcrypt extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:legacy-recrypt 
+                {--force : Force a re-crypt of encrypted data from MCRYPT.}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This command allows upgrading users to de-encrypt their deprecated mcrypt encrypted fields and re-encrypt them using the current OpenSSL encryption.';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+
+        // Check and see if they have a legacy app key listed in their .env
+        // If not, we can try to use the current APP_KEY if looks like it's old
+        $legacy_key = env('LEGACY_APP_KEY');
+        $key_parts = explode(':', $legacy_key);
+        $legacy_cipher = env('LEGACY_CIPHER', 'rijndael-256');
+        $errors = array();
+
+        if (!$legacy_key) {
+            $this->error('ERROR: You do not have a LEGACY_APP_KEY set in your .env file. Please locate your old APP_KEY and ADD a line to your .env file like: LEGACY_APP_KEY=YOUR_OLD_APP_KEY');
+            return false;
+        }
+
+
+        // Do some basic legacy app key length checks
+        if (strlen($legacy_key) == 32) {
+            $legacy_length_check = true;
+        } elseif (array_key_exists('1', $key_parts) && (strlen($key_parts[1])==44)) {
+            $legacy_key = base64_decode($key_parts[1],true);
+            $legacy_length_check = true;
+        } else {
+            $legacy_length_check = false;
+        }
+   
+
+
+        // Check that the app key is 32 characters
+        if ($legacy_length_check === true) {
+            $this->comment('INFO: Your LEGACY_APP_KEY looks correct. Okay to continue.');
+        } else {
+            $this->error('ERROR: Your LEGACY_APP_KEY is not the correct length (32 characters or base64 followed by 44 characters for later versions). Please locate your old APP_KEY and use that as your LEGACY_APP_KEY in your .env file to continue.');
+            return false;
+        }
+
+        $this->error('================================!!!! WARNING !!!!================================');
+        $this->error('================================!!!! WARNING !!!!================================');
+        $this->comment("This tool will attempt to decrypt your old Snipe-IT (mcrypt, now deprecated) encrypted data and re-encrypt it using OpenSSL. \n\nYou should only continue if you have backed up any and all old APP_KEYs and have backed up your data.");
+
+        $force = ($this->option('force')) ? true : false;
+
+        if ($force || ($this->confirm("Are you SURE you wish to continue?"))) {
+
+            $backup_file = 'backups/env-backups/'.'app_key-'.date('Y-m-d-gis');
+
+            try {
+                Storage::disk('local')->put($backup_file, 'APP_KEY: '.config('app.key'));
+                Storage::disk('local')->append($backup_file, 'LEGACY_APP_KEY: '.$legacy_key);
+            } catch (\Exception $e) {
+                $this->info('WARNING: Could not backup app keys');
+            }
+
+
+            if ($legacy_cipher){
+                $mcrypter = new McryptEncrypter($legacy_key,$legacy_cipher);
+            }else{
+                $mcrypter = new McryptEncrypter($legacy_key);
+            }
+            $settings = Setting::getSettings();
+
+            if ($settings->ldap_pword=='') {
+                $this->comment('INFO: No LDAP password found. Skipping... ');
+            } else {
+                $decrypted_ldap_pword = $mcrypter->decrypt($settings->ldap_pword);
+                $settings->ldap_pword = \Crypt::encrypt($decrypted_ldap_pword);
+                $settings->save();
+            }
+            /** @var CustomField[] $custom_fields */
+            $custom_fields = CustomField::where('field_encrypted','=', 1)->get();
+            $this->comment('INFO: Retrieving encrypted custom fields...');
+
+            $query = Asset::withTrashed();
+
+            foreach ($custom_fields as $custom_field) {
+                $this->comment('FIELD TO RECRYPT:  '.$custom_field->name .' ('.$custom_field->db_column.')');
+                $query->orWhereNotNull($custom_field->db_column);
+            }
+
+
+            // Get all assets with a value in any of the fields that were encrypted
+            /** @var Asset[] $assets */
+            $assets = $query->get();
+
+            $bar = $this->output->createProgressBar(count($assets));
+
+
+            foreach ($assets as $asset) {
+                foreach ($custom_fields as $encrypted_field) {
+                    $columnName = $encrypted_field->db_column;
+
+                    // Make sure the value isn't null
+                    if ($asset->{$columnName}!='') {
+                        // Try to decrypt the payload using the legacy app key
+                        try {
+                            $decrypted_field = $mcrypter->decrypt($asset->{$columnName});
+                            $asset->{$columnName} = \Crypt::encrypt($decrypted_field);
+                            $this->comment($decrypted_field);
+                        } catch (\Exception $e) {
+                            $errors[] = ' - ERROR: Could not decrypt field ['.$encrypted_field->name.']: '.$e->getMessage();
+                        }
+                    }
+
+                }
+                $asset->save();
+                $bar->advance();
+            }
+
+
+
+            $bar->finish();
+
+            if (count($errors) > 0) {
+                $this->comment("\n\n");
+                $this->error("The decrypter encountered some errors: \n");
+                foreach ($errors as $error) {
+                    $this->error($error);
+                }
+            }
+        }
+
+    }
+}

app/Console/Commands/RegenerateAssetTags.php

@@ -0,0 +1,105 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+use App\Models\Asset;
+use App\Models\Setting;
+use DB;
+use Artisan;
+
+class RegenerateAssetTags extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:regenerate-tags {--start=} {--output= : info|warn|error|all} ';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This utility will regenerate all asset tags. THIS IS DATA-DESTRUCTIVE AND SHOULD BE USED WITH CAUTION. ';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+        if ($this->confirm('This will regenerate all of the asset tags within your system. This action is data-destructive and should be used with caution. Do you wish to continue?'))
+        {
+
+            $output['info'] = [];
+            $output['warn'] = [];
+            $output['error'] = [];
+            $settings = Setting::getSettings();
+
+            $start_tag = ($this->option('start')) ? $this->option('start') : (($settings->next_auto_tag_base) ? Setting::getSettings()->next_auto_tag_base : 1) ;
+
+            $this->info('Starting at '.$start_tag);
+
+            $total_assets = Asset::orderBy('id','asc')->get();
+            $bar = $this->output->createProgressBar(count($total_assets));
+
+            try  {
+                Artisan::call('backup:run');
+            } catch (\Exception $e) {
+                $output['error'][] = $e;
+            }
+
+            foreach ($total_assets as $asset) {
+                
+                $start_tag++;
+                $output['info'][] = 'Asset tag:'.$asset->asset_tag;
+                $asset->asset_tag = $settings->auto_increment_prefix.$settings->auto_increment_prefix.$start_tag;
+
+                if ($settings->zerofill_count > 0) {
+                    $asset->asset_tag = $settings->auto_increment_prefix.Asset::zerofill($start_tag, $settings->zerofill_count);
+                }
+
+                $output['info'][] = 'New Asset tag:'.$asset->asset_tag;
+
+                // Use forceSave here to override model level validation
+                $asset->forceSave();
+            }
+
+            $bar->finish();
+            $this->info("\n");
+
+
+            if (($this->option('output')=='all') || ($this->option('output')=='info')) {
+                foreach ($output['info'] as $key => $output_text) {
+                    $this->info($output_text);
+                }
+            }
+            if (($this->option('output')=='all') || ($this->option('output')=='warn')) {
+                foreach ($output['warn'] as $key => $output_text) {
+                    $this->warn($output_text);
+                }
+            }
+            if (($this->option('output')=='all') || ($this->option('output')=='error')) {
+                foreach ($output['error'] as $key => $output_text) {
+                    $this->error($output_text);
+                }
+            }
+        }
+
+
+    }
+}

app/Console/Commands/ResetDemoSettings.php

@@ -0,0 +1,75 @@
+<?php
+
+namespace App\Console\Commands;
+
+
+use Illuminate\Console\Command;
+use App\Models\Setting;
+use App\Models\User;
+
+class ResetDemoSettings extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:demo-settings';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This will reset the Snipe-IT demo settings back to default. ';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+        $this->info('Resetting the demo settings.');
+        $settings = Setting::first();
+        $settings->per_page = 20;
+        $settings->site_name = 'Snipe-IT Asset Management Demo';
+        $settings->auto_increment_assets = 1;
+        $settings->logo = 'snipe-logo.png';
+        $settings->alert_email = 'service@snipe-it.io';
+        $settings->header_color = null;
+        $settings->barcode_type = 'QRCODE';
+        $settings->default_currency = 'USD';
+        $settings->brand = 3;
+        $settings->ldap_enabled = 0;
+        $settings->full_multiple_companies_support = 1;
+        $settings->alt_barcode = 'C128';
+        $settings->email_domain = 'snipeitapp.com';
+        $settings->email_format = 'filastname';
+        $settings->username_format = 'filastname';
+        $settings->date_display_format = 'D M d, Y';
+        $settings->time_display_format = 'g:iA';
+        $settings->thumbnail_max_h = '30';
+        $settings->locale = 'en';
+        $settings->save();
+
+        if ($user = User::where('username', '=', 'admin')->first()) {
+            $user->locale = 'en';
+            $user->save();
+        }
+
+        
+    }
+
+}

app/Console/Commands/SendExpectedCheckinAlerts.php

@@ -0,0 +1,64 @@
+<?php
+
+namespace App\Console\Commands;
+
+
+use App\Models\Asset;
+use Illuminate\Console\Command;
+use App\Notifications\ExpectedCheckinNotification;
+use Carbon\Carbon;
+
+class SendExpectedCheckinAlerts extends Command
+{
+
+    /**
+     * The console command name.
+     *
+     * @var string
+     */
+    protected $name = 'snipeit:expected-checkin';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Check for overdue or upcoming expected checkins.';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function fire()
+    {
+
+        $whenNotify = Carbon::now()->addDays(7);
+        $assets = Asset::with('assignedTo')->whereNotNull('expected_checkin')->where('expected_checkin', '<=', $whenNotify)->get();
+
+        $this->info($whenNotify.' is deadline');
+        $this->info($assets->count().' assets');
+
+        foreach ($assets as $asset) {
+            if ($asset->assignedTo  && $asset->checkoutOutToUser()) {
+                $asset->assignedTo->notify((new ExpectedCheckinNotification($asset)));
+                //$this->info($asset);
+            }
+        }
+
+
+
+
+
+    }
+}

app/Console/Commands/SendExpirationAlerts.php

@@ -55,7 +55,7 @@ class SendExpirationAlerts extends Command
 
         foreach ($expiring_assets as $asset) {
 
-            $expires = $asset->warrantee_expires();
+            $expires = $asset->present()->warrantee_expires();
             $difference =  round(abs(strtotime($expires) - strtotime($now))/86400);
 
             if ($difference > 30) {
@@ -64,11 +64,11 @@ class SendExpirationAlerts extends Command
                 $asset_data['email_content'] .= '<tr style="background-color:#d9534f;">';
             }
             $asset_data['email_content'] .= '<td><a href="'.config('app.url').'/hardware/'.e($asset->id).'/view">';
-            $asset_data['email_content'] .= $asset->showAssetName().'</a></td><td>'.e($asset->asset_tag).'</td>';
-            $asset_data['email_content'] .= '<td>'.e($asset->warrantee_expires()).'</td>';
+            $asset_data['email_content'] .= $asset->present()->name().'</a></td><td>'.e($asset->asset_tag).'</td>';
+            $asset_data['email_content'] .= '<td>'.e($asset->present()->warrantee_expires()).'</td>';
             $asset_data['email_content'] .= '<td>'.$difference.' '.trans('mail.days').'</td>';
             $asset_data['email_content'] .= '<td>'.($asset->supplier ? e($asset->supplier->name) : '').'</td>';
-            $asset_data['email_content'] .= '<td>'.($asset->assigneduser ? e($asset->assigneduser->fullName()) : '').'</td>';
+            $asset_data['email_content'] .= '<td>'.($asset->assignedTo ? e($asset->assignedTo->present()->name()) : '').'</td>';
             $asset_data['email_content'] .= '</tr>';
         }
 
@@ -89,7 +89,7 @@ class SendExpirationAlerts extends Command
             } else {
                 $license_data['email_content'] .= '<tr style="background-color:#d9534f;">';
             }
-                $license_data['email_content'] .= '<td><a href="'.config('app.url').'/admin/licenses/'.$license->id.'/view">';
+                $license_data['email_content'] .= '<td><a href="'.route('licenses.show', $license->id).'">';
                 $license_data['email_content'] .= $license->name.'</a></td>';
                 $license_data['email_content'] .= '<td>'.$license->expiration_date.'</td>';
                 $license_data['email_content'] .= '<td>'.$difference.' days</td>';

app/Console/Commands/SyncAssetLocations.php

@@ -0,0 +1,148 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\CustomField;
+use Illuminate\Console\Command;
+use App\Models\Asset;
+use Illuminate\Support\Facades\Storage;
+
+class SyncAssetLocations extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:sync-asset-locations {--output= : info|warn|error|all} ';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This utility will sync the location_id of assets based on current state. It should not normally be needed, but is a safeguard in case we missed something in the Great Migration when flattening the assets to location relationship.';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+        $output['info'] = [];
+        $output['warn'] = [];
+        $output['error'] = [];
+
+        $total_assets = Asset::whereNull('deleted_at')->get();
+        $bar = $this->output->createProgressBar(count($total_assets));
+
+        // Unassigned
+        $rtd_assets = Asset::whereNull('assigned_to')->whereNull('deleted_at')->with('defaultLoc')->get();
+        $output['info'][] = 'There are '.$rtd_assets->count().' unassigned assets.';
+
+        foreach ($rtd_assets as $rtd_asset) {
+             $output['info'][] = 'Setting Unassigned Asset ' . $rtd_asset->id . ' ('.$rtd_asset->asset_tag.') to  location: ' . $rtd_asset->rtd_location_id . " because their default location is: " . $rtd_asset->rtd_location_id;
+            $rtd_asset->location_id=$rtd_asset->rtd_location_id;
+            $rtd_asset->unsetEventDispatcher();
+            $rtd_asset->save();
+            $bar->advance();
+        }
+
+        $assigned_user_assets = Asset::where('assigned_type','App\Models\User')->whereNotNull('assigned_to')->whereNull('deleted_at')->get();
+        $output['info'][] = 'There are '.$assigned_user_assets->count().' assets checked out to users.';
+        foreach ($assigned_user_assets as $assigned_user_asset) {
+            if (($assigned_user_asset->assignedTo) && ($assigned_user_asset->assignedTo->userLoc)) {
+                $new_location=$assigned_user_asset->assignedTo->userloc->id;
+                $output['info'][] ='Setting User Asset ' . $assigned_user_asset->id . ' ('.$assigned_user_asset->asset_tag.') to  ' . $assigned_user_asset->assignedTo->userLoc->name . ' which is id: ' . $new_location;
+            } else {
+                $output['warn'][] ='Asset ' . $assigned_user_asset->id . ' ('.$assigned_user_asset->asset_tag.') still has no location! ';
+                $new_location = $assigned_user_asset->rtd_location_id;
+            }
+            $assigned_user_asset->location_id=$new_location;
+            $assigned_user_asset->unsetEventDispatcher();
+            $assigned_user_asset->save();
+            $bar->advance();
+
+        }
+
+        $assigned_location_assets = Asset::where('assigned_type','App\Models\Location')
+            ->whereNotNull('assigned_to')->whereNull('deleted_at')->get();
+        $output['info'][] = 'There are '.$assigned_location_assets->count().' assets checked out to locations.';
+
+        foreach ($assigned_location_assets as $assigned_location_asset) {
+            if ($assigned_location_asset->assignedTo) {
+                $assigned_location_asset->location_id = $assigned_location_asset->assignedTo->id;
+                $output['info'][] ='Setting Location Assigned  asset ' . $assigned_location_asset->id . ' ('.$assigned_location_asset->asset_tag.') that is checked out to '.$assigned_location_asset->assignedTo->name.' (#'.$assigned_location_asset->assignedTo->id.') to location: ' . $assigned_location_asset->assetLoc()->id;
+                $assigned_location_asset->unsetEventDispatcher();
+                $assigned_location_asset->save();
+            } else {
+                $output['warn'][] ='Asset ' . $assigned_location_asset->id . ' ('.$assigned_location_asset->asset_tag.') did not return a valid associated location - perhaps it was deleted?';
+            }
+            $bar->advance();
+
+        }
+
+
+        // Assigned to assets
+        $assigned_asset_assets = Asset::where('assigned_type','App\Models\Asset')
+            ->whereNotNull('assigned_to')->whereNull('deleted_at')->get();
+            $output['info'][] ='Asset-assigned assets: '.$assigned_asset_assets->count();
+
+            foreach ($assigned_asset_assets as $assigned_asset_asset) {
+
+                // Check to make sure there aren't any invalid relationships
+                if ($assigned_asset_asset->assetLoc()) {
+                    $assigned_asset_asset->location_id = $assigned_asset_asset->assetLoc()->id;
+                    $output['info'][] ='Setting Asset Assigned asset ' . $assigned_asset_asset->assetLoc()->id. ' ('.$assigned_asset_asset->asset_tag.') location to: ' . $assigned_asset_asset->assetLoc()->id;
+                    $assigned_asset_asset->unsetEventDispatcher();
+                    $assigned_asset_asset->save();
+                } else {
+                    $output['warn'][] ='Asset Assigned asset ' . $assigned_asset_asset->id. ' ('.$assigned_asset_asset->asset_tag.') does not seem to have a valid location';
+                }
+
+                $bar->advance();
+
+            }
+
+        $unlocated_assets = Asset::whereNull("location_id")->whereNull('deleted_at')->get();
+        $output['info'][] ='Assets still without a location: '.$unlocated_assets->count();
+        foreach($unlocated_assets as $unlocated_asset) {
+            $output['warn'][] ='Asset: '.$unlocated_asset->id.' still has no location. ';
+            $bar->advance();
+        }
+
+        $bar->finish();
+        $this->info("\n");
+
+
+        if (($this->option('output')=='all') || ($this->option('output')=='info')) {
+            foreach ($output['info'] as $key => $output_text) {
+                $this->info($output_text);
+            }
+        }
+        if (($this->option('output')=='all') || ($this->option('output')=='warn')) {
+            foreach ($output['warn'] as $key => $output_text) {
+                $this->warn($output_text);
+            }
+        }
+        if (($this->option('output')=='all') || ($this->option('output')=='error')) {
+            foreach ($output['error'] as $key => $output_text) {
+                $this->error($output_text);
+            }
+        }
+
+
+    }
+}

app/Console/Commands/Version.php

@@ -0,0 +1,135 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+
+class Version extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'version:update {--branch=master} {--type=patch}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Command description';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+        $use_branch = $this->option('branch');
+        $use_type = $this->option('type');
+        $git_branch = trim(shell_exec('git rev-parse --abbrev-ref HEAD'));
+        $build_version = trim(shell_exec('git rev-list --count '.$use_branch));
+        $versionFile = 'config/version.php';
+        $full_hash_version = str_replace("\n", '', shell_exec('git describe master --tags'));
+
+        $version = explode('-', $full_hash_version);
+        $app_version = $current_app_version = $version[0];
+        $hash_version = (array_key_exists('2', $version)) ? $version[2] : '';
+        $prerelease_version = '';
+
+        $this->line('Branch is: '.$use_branch);
+        $this->line('Type is: '.$use_type);
+        $this->line('Current version is: '.$full_hash_version);
+
+        if (count($version)==3) {
+            $this->line('This does not look like an alpha/beta release.');
+        } else {
+            if (array_key_exists('3',$version)) {
+                $this->line('The current version looks like a beta release.');
+                $prerelease_version = $version[1];
+                $hash_version = $version[3];
+            }
+        }
+
+
+        $app_version_raw = explode('.', $app_version);
+
+        $maj = str_replace('v', '', $app_version_raw[0]);
+        $min = $app_version_raw[1];
+        $patch = '';
+
+
+
+        // This is a major release that might not have a third .0
+        if (array_key_exists(2, $app_version_raw)) {
+            $patch = $app_version_raw[2];
+        }
+
+        if ($use_type=='major') {
+            $app_version = "v".($maj + 1).".$min.$patch";
+        } elseif ($use_type=='minor') {
+            $app_version = "v"."$maj.".($min + 1).".$patch";
+        } elseif ($use_type=='pre') {
+            $pre_raw = str_replace('beta','', $prerelease_version);
+            $pre_raw = str_replace('alpha','', $pre_raw);
+            $pre_raw = str_ireplace('rc','', $pre_raw);
+            $pre_raw = $pre_raw++;
+            $this->line('Setting the pre-release to '. $prerelease_version.'-'.$pre_raw);
+            $app_version = "v"."$maj.".($min + 1).".$patch";
+        } elseif ($use_type=='patch') {
+            $app_version = "v" . "$maj.$min." . ($patch + 1);
+        // If nothing is passed, leave the version as it is, just increment the build
+        } else {
+            $app_version = "v" . "$maj.$min." . $patch;
+        }
+
+        // Determine if this tag already exists, or if this prior to a release
+        $this->line('Running: git rev-parse master '.$current_app_version);
+        // $pre_release = trim(shell_exec('git rev-parse '.$use_branch.' '.$current_app_version.' 2>&1 1> /dev/null'));
+
+        if ($use_branch=='develop') {
+            $app_version = $app_version.'-pre';
+        }
+
+        $full_app_version = $app_version.' - build '.$build_version.'-'.$hash_version;
+
+
+        $array = var_export(
+            array(
+                'app_version' => $app_version,
+                'full_app_version' => $full_app_version,
+                'build_version' => $build_version,
+                'prerelease_version' => $prerelease_version,
+                'hash_version' => $hash_version,
+                'full_hash' => $full_hash_version,
+                'branch' => $git_branch),
+            true
+        );
+        
+
+
+        // Construct our file content
+        $content = <<<CON
+<?php
+return $array;
+CON;
+
+        // And finally write the file and output the current version
+        \File::put($versionFile, $content);
+        $this->info('Setting NEW version: '. $full_app_version.' ('.$git_branch.')');
+    }
+
+}

app/Console/Commands/Versioning.php

@@ -1,90 +0,0 @@
-<?php
-
-namespace App\Console\Commands;
-
-use Symfony\Component\Console\Input\InputArgument;
-
-use Illuminate\Console\Command;
-
-class Versioning extends Command
-{
-
-    /**
-     * The console command name.
-     *
-     * @var string
-     */
-    protected $name = 'versioning:update';
-
-    /**
-     * The console command description.
-     *
-     * @var string
-     */
-    protected $description = 'Generate and update app\'s version via git.';
-
-    /**
-     * Create a new command instance.
-     *
-     * @return void
-     */
-    public function __construct()
-    {
-        parent::__construct();
-    }
-
-    /**
-     * Execute the console command.
-     *
-     * @return void
-     */
-    public function fire()
-    {
-
-        $versionFile = 'config/version.php';
-        $hash_version = str_replace("\n",'',shell_exec('git describe --tags'));
-
-        $version = explode('-', $hash_version);
-
-        $array = var_export(
-            array(
-            'app_version' => $version[0],
-            'build_version' => $version[1],
-            'hash_version' => $version[2],
-            'full_hash' => $hash_version),
-        true);
-
-
-        // Construct our file content
-        $content = <<<CON
-<?php
-return $array;
-CON;
-
-        // And finally write the file and output the current version
-        \File::put($versionFile, $content);
-        $this->line('Setting version: '. config('version.app_version').' build '.config('version.build_version').' ('.config('version.hash_version').')');
-    }
-
-    /**
-     * Get the console command arguments.
-     *
-     * @return array
-     */
-    protected function getArguments()
-    {
-        return array(
-        );
-    }
-
-    /**
-     * Get the console command options.
-     *
-     * @return array
-     */
-    protected function getOptions()
-    {
-        return array(
-        );
-    }
-}

app/Console/Kernel.php

@@ -17,13 +17,18 @@ class Kernel extends ConsoleKernel
         Commands\CreateAdmin::class,
         Commands\SendExpirationAlerts::class,
         Commands\SendInventoryAlerts::class,
-        Commands\LicenseImportCommand::class,
+        Commands\SendExpectedCheckinAlerts::class,
         Commands\ObjectImportCommand::class,
-        Commands\Versioning::class,
+        Commands\Version::class,
         Commands\SystemBackup::class,
         Commands\DisableLDAP::class,
         Commands\Purge::class,
         Commands\LdapSync::class,
+        Commands\FixDoubleEscape::class,
+        Commands\RecryptFromMcrypt::class,
+        Commands\ResetDemoSettings::class,
+        Commands\SyncAssetLocations::class,
+        Commands\RegenerateAssetTags::class,
     ];
 
     /**
@@ -37,7 +42,13 @@ class Kernel extends ConsoleKernel
 
         $schedule->command('snipeit:inventory-alerts')->daily();
         $schedule->command('snipeit:expiring-alerts')->daily();
+        $schedule->command('snipeit:expected-checkin')->daily();
         $schedule->command('snipeit:backup')->weekly();
         $schedule->command('backup:clean')->daily();
     }
+
+    protected function commands()
+    {
+        require base_path('routes/console.php');
+    }
 }

app/Exceptions/CheckoutNotAllowed.php

@@ -0,0 +1,12 @@
+<?php
+
+namespace App\Exceptions;
+
+use Exception;
+class CheckoutNotAllowed extends Exception
+{
+    public function __toString()
+    {
+       return "A checkout is not allowed under these circumstances";
+    }
+}

app/Exceptions/Handler.php

@@ -3,11 +3,11 @@
 namespace App\Exceptions;
 
 use Exception;
-use Illuminate\Validation\ValidationException;
-use Illuminate\Auth\Access\AuthorizationException;
-use Illuminate\Database\Eloquent\ModelNotFoundException;
-use Symfony\Component\HttpKernel\Exception\HttpException;
+use Illuminate\Auth\AuthenticationException;
 use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
+use App\Helpers\Helper;
+use Illuminate\Validation\ValidationException;
+use Log;
 
 class Handler extends ExceptionHandler
 {
@@ -17,10 +17,12 @@ class Handler extends ExceptionHandler
      * @var array
      */
     protected $dontReport = [
-        AuthorizationException::class,
-        HttpException::class,
-        ModelNotFoundException::class,
-        ValidationException::class,
+        \Illuminate\Auth\AuthenticationException::class,
+        \Illuminate\Auth\Access\AuthorizationException::class,
+        \Symfony\Component\HttpKernel\Exception\HttpException::class,
+        \Illuminate\Database\Eloquent\ModelNotFoundException::class,
+        \Illuminate\Session\TokenMismatchException::class,
+        \Illuminate\Validation\ValidationException::class,
     ];
 
     /**
@@ -28,12 +30,15 @@ class Handler extends ExceptionHandler
      *
      * This is a great spot to send exceptions to Sentry, Bugsnag, etc.
      *
-     * @param  \Exception  $e
+     * @param  \Exception  $exception
      * @return void
      */
-    public function report(Exception $e)
+    public function report(Exception $exception)
     {
-        parent::report($e);
+        if ($this->shouldReport($exception)) {
+            Log::error($exception);
+            return parent::report($exception);
+        }
     }
 
     /**
@@ -45,23 +50,71 @@ class Handler extends ExceptionHandler
      */
     public function render($request, Exception $e)
     {
+
+
+        // CSRF token mismatch error
         if ($e instanceof \Illuminate\Session\TokenMismatchException) {
-          return redirect()->back()->with('error', trans('general.token_expired'));
+            return redirect()->back()->with('error', trans('general.token_expired'));
         }
 
-        if ($this->isHttpException($e)) {
 
-        $statusCode = $e->getStatusCode();
+        // Handle Ajax requests that fail because the model doesn't exist
+        if ($request->ajax() || $request->wantsJson()) {
 
-        switch ($statusCode) {
+            if ($e instanceof \Illuminate\Database\Eloquent\ModelNotFoundException) {
+                $className = last(explode('\\', $e->getModel()));
+                return response()->json(Helper::formatStandardApiResponse('error', null, $className . ' not found'), 200);
+            }
 
-            case '404':
-              return response()->view('layouts/basic', [
-                  'content' => view('errors/404')
-              ]);
-          }
+            if ($e instanceof \Illuminate\Validation\ValidationException) {
+                return response()->json(Helper::formatStandardApiResponse('error', null, $e->response['messages'], 400));
+            }
+
+            if ($this->isHttpException($e)) {
+
+                $statusCode = $e->getStatusCode();
+
+                switch ($e->getStatusCode()) {
+                    case '404':
+                       return response()->json(Helper::formatStandardApiResponse('error', null, $statusCode . ' endpoint not found'), 404);
+                    case '405':
+                        return response()->json(Helper::formatStandardApiResponse('error', null, 'Method not allowed'), 405);
+                    default:
+                        return response()->json(Helper::formatStandardApiResponse('error', null, $statusCode), 405);
+
+                }
+            }
+            // Try to parse 500 Errors in a bit nicer way when debug is enabled.
+            if (config('app.debug')) {
+                return response()->json(Helper::formatStandardApiResponse('error', null, "An Error has occured! " . $e->getMessage()), 500);
+            }
+
+        }
+
+
+        if ($this->isHttpException($e) && (isset($statusCode)) && ($statusCode == '404' )) {
+            return response()->view('layouts/basic', [
+                'content' => view('errors/404')
+            ],$statusCode);
         }
 
         return parent::render($request, $e);
+
+    }
+
+    /**
+     * Convert an authentication exception into an unauthenticated response.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Illuminate\Auth\AuthenticationException  $exception
+     * @return \Illuminate\Http\Response
+     */
+    protected function unauthenticated($request, AuthenticationException $exception)
+    {
+        if ($request->expectsJson()) {
+            return response()->json(['error' => 'Unauthorized.'], 401);
+        }
+
+        return redirect()->guest('login');
     }
 }

app/Helpers/Helper.php

@@ -4,6 +4,7 @@ namespace App\Helpers;
 use DB;
 use App\Models\Statuslabel;
 use App\Models\Location;
+use App\Models\Department;
 use App\Models\AssetModel;
 use App\Models\Company;
 use App\Models\User;
@@ -17,6 +18,7 @@ use App\Models\Component;
 use App\Models\Accessory;
 use App\Models\Consumable;
 use App\Models\Asset;
+use App\Models\Setting;
 use Crypt;
 use Illuminate\Contracts\Encryption\DecryptException;
 
@@ -31,7 +33,8 @@ class Helper
      * @since [v2.0]
      * @return String
      */
-    public static function parseEscapedMarkedown($str) {
+    public static function parseEscapedMarkedown($str)
+    {
         $Parsedown = new \Parsedown();
 
         if ($str) {
@@ -123,6 +126,14 @@ class Helper
         $LocaleInfo = localeconv();
         $floatString = str_replace(",", "", $floatString);
         $floatString = str_replace($LocaleInfo["decimal_point"], ".", $floatString);
+        // Strip Currency symbol
+        // If no currency symbol is set, default to $ because Murica
+        $currencySymbol = $LocaleInfo['currency_symbol'];
+        if (empty($currencySymbol)) {
+            $currencySymbol = '$';
+        }
+
+        $floatString = str_replace($currencySymbol, '', $floatString);
         return floatval($floatString);
     }
 
@@ -139,7 +150,7 @@ class Helper
         $models = AssetModel::with('manufacturer')->get();
         $model_array[''] = trans('general.select_model');
         foreach ($models as $model) {
-            $model_array[$model->id] = $model->displayModelName();
+            $model_array[$model->id] = $model->present()->modelName();
         }
         return $model_array;
     }
@@ -153,9 +164,10 @@ class Helper
      */
     public static function companyList()
     {
-        $company_list = array('0' => trans('general.select_company')) + DB::table('companies')
+        $company_list = array('' => trans('general.select_company')) + DB::table('companies')
                 ->orderBy('name', 'asc')
-                ->pluck('name', 'id');
+                ->pluck('name', 'id')
+                ->toArray();
         return $company_list;
     }
 
@@ -172,12 +184,32 @@ class Helper
         $categories = Category::orderBy('name', 'asc')
                 ->whereNull('deleted_at')
                 ->orderBy('name', 'asc');
-        if(!empty($category_type))
+        if (!empty($category_type)) {
             $categories = $categories->where('category_type', '=', $category_type);
+        }
         $category_list = array('' => trans('general.select_category')) + $categories->pluck('name', 'id')->toArray();
         return $category_list;
     }
 
+
+    /**
+     * Get the list of categories in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
+    public static function departmentList()
+    {
+        $departments = Department::orderBy('name', 'asc')
+            ->whereNull('deleted_at')
+            ->orderBy('name', 'asc');
+
+        return array('' => trans('general.select_department')) + $departments->pluck('name', 'id')->toArray();
+
+    }
+    
+
     /**
      * Get the list of suppliers in an array to make a dropdown menu
      *
@@ -203,7 +235,7 @@ class Helper
      */
     public static function statusLabelList()
     {
-        $statuslabel_list = array('' => trans('general.select_statuslabel')) + Statuslabel::orderBy('name', 'asc')
+        $statuslabel_list = array('' => trans('general.select_statuslabel')) + Statuslabel::orderBy('default_label', 'desc')->orderBy('name','asc')->orderBy('deployable','desc')
                 ->pluck('name', 'id')->toArray();
         return $statuslabel_list;
     }
@@ -248,7 +280,12 @@ class Helper
      */
     public static function statusTypeList()
     {
-        $statuslabel_types = array('' => trans('admin/hardware/form.select_statustype')) + array('undeployable' => trans('admin/hardware/general.undeployable')) + array('pending' => trans('admin/hardware/general.pending')) + array('archived' => trans('admin/hardware/general.archived')) + array('deployable' => trans('admin/hardware/general.deployable'));
+        $statuslabel_types =
+              array('' => trans('admin/hardware/form.select_statustype'))
+            + array('deployable' => trans('admin/hardware/general.deployable'))
+            + array('pending' => trans('admin/hardware/general.pending'))
+            + array('undeployable' => trans('admin/hardware/general.undeployable'))
+            + array('archived' => trans('admin/hardware/general.archived'));
         return $statuslabel_types;
     }
 
@@ -265,7 +302,7 @@ class Helper
                         User::where('deleted_at', '=', null)
                         ->orderBy('last_name', 'asc')
                         ->orderBy('first_name', 'asc')->get()
-                        ->lists('complete_name', 'id')->toArray();
+                        ->pluck('complete_name', 'id')->toArray();
 
         return $manager_list;
     }
@@ -308,10 +345,10 @@ class Helper
     {
         $users_list =   array( '' => trans('general.select_user')) +
                         Company::scopeCompanyables(User::where('deleted_at', '=', null))
-                        ->where('show_in_list','=',1)
+                        ->where('show_in_list', '=', 1)
                         ->orderBy('last_name', 'asc')
                         ->orderBy('first_name', 'asc')->get()
-                        ->lists('complete_name', 'id')->toArray();
+                        ->pluck('complete_name', 'id')->toArray();
 
         return $users_list;
     }
@@ -336,11 +373,11 @@ class Helper
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v2.5]
-     * @return Array
+     * @return array
      */
     public static function detailedAssetList()
     {
-        $assets = array('' => trans('general.select_asset')) + Company::scopeCompanyables(Asset::with('assignedUser', 'model'), 'assets.company_id')->get()->lists('detailed_name', 'id')->toArray();
+        $assets = array('' => trans('general.select_asset')) + Company::scopeCompanyables(Asset::with('assignedTo', 'model'), 'assets.company_id')->get()->pluck('detailed_name', 'id')->toArray();
         return $assets;
     }
 
@@ -367,8 +404,8 @@ class Helper
      */
     public static function predefined_formats()
     {
-        $keys=array_keys(CustomField::$PredefinedFormats);
-        $stuff=array_combine($keys, $keys);
+        $keys = array_keys(CustomField::$PredefinedFormats);
+        $stuff = array_combine($keys, $keys);
         return $stuff+["" => trans('admin/custom_fields/general.custom_format')];
     }
 
@@ -423,19 +460,19 @@ class Helper
      */
     public static function checkLowInventory()
     {
-        $consumables = Consumable::with('users')->whereNotNull('min_amt')->get();
-        $accessories = Accessory::with('users')->whereNotNull('min_amt')->get();
-        $components = Component::with('assets')->whereNotNull('min_amt')->get();
+        $consumables = Consumable::withCount('consumableAssignments')->whereNotNull('min_amt')->get();
+        $accessories = Accessory::withCount('users')->whereNotNull('min_amt')->get();
+        $components = Component::withCount('assets')->whereNotNull('min_amt')->get();
 
         $avail_consumables = 0;
         $items_array = array();
         $all_count = 0;
 
         foreach ($consumables as $consumable) {
-            $avail = $consumable->numRemaining();
+            $avail = $consumable->qty - $consumable->consumable_assignment_count;  //$consumable->numRemaining();
             if ($avail < ($consumable->min_amt) + \App\Models\Setting::getSettings()->alert_threshold) {
                 if ($consumable->qty > 0) {
-                    $percent = number_format((($consumable->numRemaining() / $consumable->qty) * 100), 0);
+                    $percent = number_format((($avail / $consumable->qty) * 100), 0);
                 } else {
                     $percent = 100;
                 }
@@ -444,7 +481,7 @@ class Helper
                 $items_array[$all_count]['name'] = $consumable->name;
                 $items_array[$all_count]['type'] = 'consumables';
                 $items_array[$all_count]['percent'] = $percent;
-                $items_array[$all_count]['remaining']=$consumable->numRemaining();
+                $items_array[$all_count]['remaining'] = $avail;
                 $items_array[$all_count]['min_amt']=$consumable->min_amt;
                 $all_count++;
             }
@@ -453,11 +490,11 @@ class Helper
         }
 
         foreach ($accessories as $accessory) {
-            $avail = $accessory->numRemaining();
+            $avail = $accessory->qty - $accessory->users_count;
             if ($avail < ($accessory->min_amt) + \App\Models\Setting::getSettings()->alert_threshold) {
 
                 if ($accessory->qty > 0) {
-                    $percent = number_format((($accessory->numRemaining() / $accessory->qty) * 100), 0);
+                    $percent = number_format((($avail / $accessory->qty) * 100), 0);
                 } else {
                     $percent = 100;
                 }
@@ -466,7 +503,7 @@ class Helper
                 $items_array[$all_count]['name'] = $accessory->name;
                 $items_array[$all_count]['type'] = 'accessories';
                 $items_array[$all_count]['percent'] = $percent;
-                $items_array[$all_count]['remaining']=$accessory->numRemaining();
+                $items_array[$all_count]['remaining'] = $avail;
                 $items_array[$all_count]['min_amt']=$accessory->min_amt;
                 $all_count++;
             }
@@ -474,10 +511,10 @@ class Helper
         }
 
         foreach ($components as $component) {
-            $avail = $component->numRemaining();
+            $avail = $component->qty - $component->assets_count;
             if ($avail < ($component->min_amt) + \App\Models\Setting::getSettings()->alert_threshold) {
                 if ($component->qty > 0) {
-                    $percent = number_format((($component->numRemaining() / $component->qty) * 100), 0);
+                    $percent = number_format((($avail / $component->qty) * 100), 0);
                 } else {
                     $percent = 100;
                 }
@@ -486,7 +523,7 @@ class Helper
                 $items_array[$all_count]['name'] = $component->name;
                 $items_array[$all_count]['type'] = 'components';
                 $items_array[$all_count]['percent'] = $percent;
-                $items_array[$all_count]['remaining']=$component->numRemaining();
+                $items_array[$all_count]['remaining'] = $avail;
                 $items_array[$all_count]['min_amt']=$component->min_amt;
                 $all_count++;
             }
@@ -553,7 +590,7 @@ class Helper
                 if ($permission[$x]['display'] === true) {
 
                     if ($selected_arr) {
-                        if (array_key_exists($permission_name,$selected_arr)) {
+                        if (array_key_exists($permission_name, $selected_arr)) {
                             $permissions_arr[$permission_name] = $selected_arr[$permission_name];
                         } else {
                             $permissions_arr[$permission_name] = '0';
@@ -584,7 +621,8 @@ class Helper
      * @since [v3.0]
      * @return boolean
      */
-    public static function checkIfRequired($class, $field) {
+    public static function checkIfRequired($class, $field)
+    {
         $rules = $class::rules();
         foreach ($rules as $rule_name => $rule) {
             if ($rule_name == $field) {
@@ -611,28 +649,10 @@ class Helper
      */
     public static function array_smart_fetch(array $array, $key, $default = '')
     {
-       array_change_key_case($array, CASE_LOWER);
+        array_change_key_case($array, CASE_LOWER);
         return array_key_exists(strtolower($key), array_change_key_case($array)) ? e(trim($array[ $key ])) : $default;
     }
 
-    /**
-     * Check to see if the given key exists in the array, and trim excess white space before returning it
-     *
-     * @author A. Gianotto
-     * @since 3.2
-     * @param $array array
-     * @return string
-     */
-    public static function getLastDateFromHistoryArray(array $array)
-    {
-        foreach ($array as $key => $value) {
-//            echo '<pre>';
-//            echo 'last:'.$key;
-//            print_r($array);
-//            echo '</pre>';
-        }
-    }
-
 
     /**
      * Gracefully handle decrypting the legacy data (encrypted via mcrypt) and use the new
@@ -646,7 +666,8 @@ class Helper
      * @param String $string
      * @return string
      */
-    public static function gracefulDecrypt(CustomField $field, $string) {
+    public static function gracefulDecrypt(CustomField $field, $string)
+    {
 
         if ($field->isFieldDecryptable($string)) {
 
@@ -663,26 +684,109 @@ class Helper
 
     }
 
-    /**
-     * Strip HTML out of returned JSON. This is pretty gross, and I'd like to find a better way
-     * to handle this, but the REST API will solve some of these problems anyway.
-     *
-     * This is not currently used, but will be.
-     *
-     * @author A. Gianotto
-     * @since 3.4
-     * @param $array array
-     * @return Array
-     */
-    public static function stripTagsFromJSON(Array $array) {
 
-        foreach ($array as $key => $value) {
-            $clean_value = strip_tags($value);
-            $clean_array[$key] = $clean_value;
+
+    public static function formatStandardApiResponse($status, $payload = null, $messages = null) {
+
+        $array['status'] = $status;
+        $array['messages'] = $messages;
+        if (($messages) &&  (is_array($messages)) && (count($messages) > 0)) {
+            $array['messages'] = $messages;
         }
-        return $clean_array;
+        ($payload) ? $array['payload'] = $payload : $array['payload'] = null;
+        return $array;
+    }
+
+
+    /*
+    Possible solution for unicode fieldnames
+    */
+    public static function make_slug($string) {
+        return preg_replace('/\s+/u', '_', trim($string));
+    }
+
+
+    public static function getFormattedDateObject($date, $type = 'datetime', $array = true) {
+
+        if ($date=='') {
+            return null;
+        }
+
+        $settings = Setting::getSettings();
+        $tmp_date = new \Carbon($date);
+
+        if ($type == 'datetime') {
+            $dt['datetime'] = $tmp_date->format('Y-m-d H:i:s');
+            $dt['formatted'] = $tmp_date->format($settings->date_display_format .' '. $settings->time_display_format);
+        } else {
+            $dt['date'] = $tmp_date->format('Y-m-d');
+            $dt['formatted'] = $tmp_date->format($settings->date_display_format);
+        }
+
+        if ($array == 'true') {
+            return $dt;
+        }
+        return $dt['formatted'];
 
     }
 
 
+    // Nicked from Drupal :)
+    // Returns a file size limit in bytes based on the PHP upload_max_filesize
+    // and post_max_size
+    public static function file_upload_max_size() {
+        static $max_size = -1;
+
+        if ($max_size < 0) {
+            // Start with post_max_size.
+            $post_max_size = Helper::parse_size(ini_get('post_max_size'));
+            if ($post_max_size > 0) {
+                $max_size = $post_max_size;
+            }
+
+            // If upload_max_size is less, then reduce. Except if upload_max_size is
+            // zero, which indicates no limit.
+            $upload_max = Helper::parse_size(ini_get('upload_max_filesize'));
+            if ($upload_max > 0 && $upload_max < $max_size) {
+                $max_size = $upload_max;
+            }
+        }
+        return $max_size;
+    }
+
+    public static function file_upload_max_size_readable() {
+        static $max_size = -1;
+
+        if ($max_size < 0) {
+            // Start with post_max_size.
+            $post_max_size = Helper::parse_size(ini_get('post_max_size'));
+            if ($post_max_size > 0) {
+                $max_size = ini_get('post_max_size');
+            }
+
+            // If upload_max_size is less, then reduce. Except if upload_max_size is
+            // zero, which indicates no limit.
+            $upload_max = Helper::parse_size(ini_get('upload_max_filesize'));
+            if ($upload_max > 0 && $upload_max < $max_size) {
+                $max_size = ini_get('upload_max_filesize');
+            }
+        }
+        return $max_size;
+    }
+
+    public static function parse_size($size) {
+        $unit = preg_replace('/[^bkmgtpezy]/i', '', $size); // Remove the non-unit characters from the size.
+        $size = preg_replace('/[^0-9\.]/', '', $size); // Remove the non-numeric characters from the size.
+        if ($unit) {
+            // Find the position of the unit in the ordered string which is the power of magnitude to multiply a kilobyte by.
+            return round($size * pow(1024, stripos('bkmgtpezy', $unit[0])));
+        }
+        else {
+            return round($size);
+        }
+    }
+
+
+
+
 }

app/Http/Controllers/AccessoriesController.php

@@ -3,9 +3,7 @@ namespace App\Http\Controllers;
 
 use App\Helpers\Helper;
 use App\Models\Accessory;
-use App\Models\Actionlog;
 use App\Models\Company;
-use App\Models\Setting;
 use App\Models\User;
 use Auth;
 use Carbon\Carbon;
@@ -16,10 +14,12 @@ use Input;
 use Lang;
 use Mail;
 use Redirect;
-use Request;
+use Illuminate\Http\Request;
 use Slack;
 use Str;
 use View;
+use Image;
+use App\Http\Requests\ImageUploadRequest;
 
 /** This controller handles all actions related to Accessories for
  * the Snipe-IT Asset Management application.
@@ -38,9 +38,10 @@ class AccessoriesController extends Controller
     * @since [v1.0]
     * @return View
     */
-    public function getIndex(Request $request)
+    public function index(Request $request)
     {
-        return View::make('accessories/index');
+        $this->authorize('index', Accessory::class);
+        return view('accessories/index');
     }
 
 
@@ -50,15 +51,12 @@ class AccessoriesController extends Controller
    * @author [A. Gianotto] [<snipe@snipe.net>]
    * @return View
    */
-    public function getCreate(Request $request)
+    public function create(Request $request)
     {
-        // Show the page
-        return View::make('accessories/edit')
-          ->with('item', new Accessory)
-          ->with('category_list', Helper::categoryList('accessory'))
-          ->with('company_list', Helper::companyList())
-          ->with('location_list', Helper::locationsList())
-          ->with('manufacturer_list', Helper::manufacturerList());
+        $this->authorize('create', Accessory::class);
+        $category_type = 'accessory';
+        return view('accessories/edit')->with('category_type', $category_type)
+          ->with('item', new Accessory);
     }
 
 
@@ -68,45 +66,53 @@ class AccessoriesController extends Controller
    * @author [A. Gianotto] [<snipe@snipe.net>]
    * @return Redirect
    */
-    public function postCreate(Request $request)
+    public function store(ImageUploadRequest $request)
     {
-
+        $this->authorize(Accessory::class);
         // create a new model instance
         $accessory = new Accessory();
 
         // Update the accessory data
-        $accessory->name                    = e(Input::get('name'));
-        $accessory->category_id             = e(Input::get('category_id'));
-        $accessory->location_id             = e(Input::get('location_id'));
-        $accessory->min_amt                 = e(Input::get('min_amt'));
-        $accessory->company_id              = Company::getIdForCurrentUser(Input::get('company_id'));
-        $accessory->order_number            = e(Input::get('order_number'));
-        $accessory->manufacturer_id         = e(Input::get('manufacturer_id'));
-        $accessory->model_number            = e(Input::get('model_number'));
-
-        if (e(Input::get('purchase_date')) == '') {
-            $accessory->purchase_date       =  null;
-        } else {
-            $accessory->purchase_date       = e(Input::get('purchase_date'));
-        }
-
-        if (e(Input::get('purchase_cost')) == '0.00') {
-            $accessory->purchase_cost       =  null;
-        } else {
-            $accessory->purchase_cost       = Helper::ParseFloat(e(Input::get('purchase_cost')));
-        }
-
-        $accessory->qty                     = e(Input::get('qty'));
+        $accessory->name                    = request('name');
+        $accessory->category_id             = request('category_id');
+        $accessory->location_id             = request('location_id');
+        $accessory->min_amt                 = request('min_amt');
+        $accessory->company_id              = Company::getIdForCurrentUser(request('company_id'));
+        $accessory->order_number            = request('order_number');
+        $accessory->manufacturer_id         = request('manufacturer_id');
+        $accessory->model_number            = request('model_number');
+        $accessory->purchase_date           = request('purchase_date');
+        $accessory->purchase_cost           = Helper::ParseFloat(request('purchase_cost'));
+        $accessory->qty                     = request('qty');
         $accessory->user_id                 = Auth::user()->id;
+        $accessory->supplier_id             = request('supplier_id');
+
+        if ($request->hasFile('image')) {
+
+            if (!config('app.lock_passwords')) {
+                $image = $request->file('image');
+                $ext = $image->getClientOriginalExtension();
+                $file_name = "accessory-".str_random(18).'.'.$ext;
+                $path = public_path('/uploads/accessories');
+                if ($image->getClientOriginalExtension()!='svg') {
+                    Image::make($image->getRealPath())->resize(null, 250, function ($constraint) {
+                        $constraint->aspectRatio();
+                        $constraint->upsize();
+                    })->save($path.'/'.$file_name);
+                } else {
+                    $image->move($path, $file_name);
+                }
+                $accessory->image = $file_name;
+            }
+        }
+
+
 
         // Was the accessory created?
         if ($accessory->save()) {
-            $accessory->logCreate();
             // Redirect to the new accessory  page
-            return redirect()->to("admin/accessories")->with('success', trans('admin/accessories/message.create.success'));
+            return redirect()->route('accessories.index')->with('success', trans('admin/accessories/message.create.success'));
         }
-
-
         return redirect()->back()->withInput()->withErrors($accessory->getErrors());
     }
 
@@ -117,21 +123,17 @@ class AccessoriesController extends Controller
    * @param  int  $accessoryId
    * @return View
    */
-    public function getEdit(Request $request, $accessoryId = null)
+    public function edit(Request $request, $accessoryId = null)
     {
-        // Check if the accessory exists
-        if (is_null($item = Accessory::find($accessoryId))) {
-            // Redirect to the blogs management page
-            return redirect()->to('admin/accessories')->with('error', trans('admin/accessories/message.does_not_exist'));
-        } elseif (!Company::isCurrentUserHasAccess($item)) {
-            return redirect()->to('admin/accessories')->with('error', trans('general.insufficient_permissions'));
+
+        if ($item = Accessory::find($accessoryId)) {
+            $this->authorize($item);
+            $category_type = 'accessory';
+            return view('accessories/edit', compact('item'))->with('category_type', $category_type);
         }
 
-        return View::make('accessories/edit', compact('item'))
-          ->with('category_list', Helper::categoryList('accessory'))
-          ->with('company_list', Helper::companyList())
-          ->with('location_list', Helper::locationsList())
-          ->with('manufacturer_list', Helper::manufacturerList());
+        return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist'));
+
     }
 
 
@@ -142,54 +144,59 @@ class AccessoriesController extends Controller
    * @param  int  $accessoryId
    * @return Redirect
    */
-    public function postEdit(Request $request, $accessoryId = null)
+    public function update(ImageUploadRequest $request, $accessoryId = null)
     {
-      // Check if the accessory exists
         if (is_null($accessory = Accessory::find($accessoryId))) {
-            // Redirect to the accessory index page
-            return redirect()->to('admin/accessories')->with('error', trans('admin/accessories/message.does_not_exist'));
-        } elseif (!Company::isCurrentUserHasAccess($accessory)) {
-            return redirect()->to('admin/accessories')->with('error', trans('general.insufficient_permissions'));
+            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist'));
         }
 
-      // Update the accessory data
-        $accessory->name                    = e(Input::get('name'));
+        $this->authorize($accessory);
 
-        if (e(Input::get('location_id')) == '') {
-            $accessory->location_id = null;
-        } else {
-            $accessory->location_id         = e(Input::get('location_id'));
-        }
-        $accessory->min_amt                 = e(Input::get('min_amt'));
-        $accessory->category_id             = e(Input::get('category_id'));
-        $accessory->company_id              = Company::getIdForCurrentUser(Input::get('company_id'));
-        $accessory->manufacturer_id         = e(Input::get('manufacturer_id'));
-        $accessory->order_number            = e(Input::get('order_number'));
-        $accessory->model_number            = e(Input::get('model_number'));
+        // Update the accessory data
+        $accessory->name                    = request('name');
+        $accessory->location_id             = request('location_id');
+        $accessory->min_amt                 = request('min_amt');
+        $accessory->category_id             = request('category_id');
+        $accessory->company_id              = Company::getIdForCurrentUser(request('company_id'));
+        $accessory->manufacturer_id         = request('manufacturer_id');
+        $accessory->order_number            = request('order_number');
+        $accessory->model_number            = request('model_number');
+        $accessory->purchase_date           = request('purchase_date');
+        $accessory->purchase_cost           = request('purchase_cost');
+        $accessory->qty                     = request('qty');
+        $accessory->supplier_id             = request('supplier_id');
 
-        if (e(Input::get('purchase_date')) == '') {
-            $accessory->purchase_date       =  null;
-        } else {
-            $accessory->purchase_date       = e(Input::get('purchase_date'));
+        if ($request->hasFile('image')) {
+            
+            if (!config('app.lock_passwords')) {
+                
+                
+                $image = $request->file('image');
+                $ext = $image->getClientOriginalExtension();
+                $file_name = "accessory-".str_random(18).'.'.$ext;
+                $path = public_path('/uploads/accessories');
+                if ($image->getClientOriginalExtension()!='svg') {
+                    Image::make($image->getRealPath())->resize(null, 250, function ($constraint) {
+                        $constraint->aspectRatio();
+                        $constraint->upsize();
+                    })->save($path.'/'.$file_name);
+                } else {
+                    $image->move($path, $file_name);
+                }
+                if (($accessory->image) && (file_exists($path.'/'.$accessory->image))) {
+                    unlink($path.'/'.$accessory->image);
+                }
+
+                $accessory->image = $file_name;
+            }
         }
 
-        if (e(Input::get('purchase_cost')) == '0.00') {
-            $accessory->purchase_cost       =  null;
-        } else {
-            $accessory->purchase_cost       = e(Input::get('purchase_cost'));
-        }
 
-        $accessory->qty                     = e(Input::get('qty'));
-
-      // Was the accessory updated?
+        // Was the accessory updated?
         if ($accessory->save()) {
-            // Redirect to the updated accessory page
-            return redirect()->to("admin/accessories")->with('success', trans('admin/accessories/message.update.success'));
+            return redirect()->route('accessories.index')->with('success', trans('admin/accessories/message.update.success'));
         }
-
-
         return redirect()->back()->withInput()->withErrors($accessory->getErrors());
-
     }
 
   /**
@@ -199,26 +206,20 @@ class AccessoriesController extends Controller
    * @param  int  $accessoryId
    * @return Redirect
    */
-    public function getDelete(Request $request, $accessoryId)
+    public function destroy(Request $request, $accessoryId)
     {
-        // Check if the blog post exists
         if (is_null($accessory = Accessory::find($accessoryId))) {
-            // Redirect to the blogs management page
-            return redirect()->to('admin/accessories')->with('error', trans('admin/accessories/message.not_found'));
-        } elseif (!Company::isCurrentUserHasAccess($accessory)) {
-            return redirect()->to('admin/accessories')->with('error', trans('general.insufficient_permissions'));
+            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.not_found'));
         }
 
+        $this->authorize($accessory);
+
 
         if ($accessory->hasUsers() > 0) {
-             return redirect()->to('admin/accessories')->with('error', trans('admin/accessories/message.assoc_users', array('count'=> $accessory->hasUsers())));
-        } else {
-            $accessory->delete();
-
-            // Redirect to the locations management page
-            return redirect()->to('admin/accessories')->with('success', trans('admin/accessories/message.delete.success'));
-
+             return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.assoc_users', array('count'=> $accessory->hasUsers())));
         }
+        $accessory->delete();
+        return redirect()->route('accessories.index')->with('success', trans('admin/accessories/message.delete.success'));
     }
 
 
@@ -228,31 +229,19 @@ class AccessoriesController extends Controller
   * the content for the accessory detail view, which is generated in getDataView.
   *
   * @author [A. Gianotto] [<snipe@snipe.net>]
-  * @param  int  $accessoryId
+  * @param  int  $accessoryID
   * @see AccessoriesController::getDataView() method that generates the JSON response
   * @since [v1.0]
   * @return View
   */
-    public function getView(Request $request, $accessoryID = null)
+    public function show(Request $request, $accessoryID = null)
     {
         $accessory = Accessory::find($accessoryID);
-
+        $this->authorize('view', $accessory);
         if (isset($accessory->id)) {
-
-            if (!Company::isCurrentUserHasAccess($accessory)) {
-                return redirect()->to('admin/accessories')->with('error', trans('general.insufficient_permissions'));
-            } else {
-                return View::make('accessories/view', compact('accessory'));
-            }
-        } else {
-            // Prepare the error message
-            $error = trans('admin/accessories/message.does_not_exist', compact('id'));
-
-            // Redirect to the user management page
-            return redirect()->route('accessories')->with('error', $error);
+            return view('accessories/view', compact('accessory'));
         }
-
-
+        return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist', compact('id')));
     }
 
   /**
@@ -267,15 +256,13 @@ class AccessoriesController extends Controller
         // Check if the accessory exists
         if (is_null($accessory = Accessory::find($accessoryId))) {
             // Redirect to the accessory management page with error
-            return redirect()->to('accessories')->with('error', trans('admin/accessories/message.not_found'));
-        } elseif (!Company::isCurrentUserHasAccess($accessory)) {
-            return redirect()->to('admin/accessories')->with('error', trans('general.insufficient_permissions'));
+            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.not_found'));
         }
 
-        // Get the dropdown of users and then pass it to the checkout view
-        $users_list = Helper::usersList();
+        $this->authorize('checkout', $accessory);
 
-        return View::make('accessories/checkout', compact('accessory'))->with('users_list', $users_list);
+        // Get the dropdown of users and then pass it to the checkout view
+        return view('accessories/checkout', compact('accessory'));
 
     }
 
@@ -294,64 +281,28 @@ class AccessoriesController extends Controller
       // Check if the accessory exists
         if (is_null($accessory = Accessory::find($accessoryId))) {
             // Redirect to the accessory management page with error
-            return redirect()->to('accessories')->with('error', trans('admin/accessories/message.user_not_found'));
-        } elseif (!Company::isCurrentUserHasAccess($accessory)) {
-            return redirect()->to('admin/accessories')->with('error', trans('general.insufficient_permissions'));
+            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.user_not_found'));
         }
 
+        $this->authorize('checkout', $accessory);
+
         if (!$user = User::find(Input::get('assigned_to'))) {
-            return redirect()->to('admin/accessories')->with('error', trans('admin/accessories/message.not_found'));
+            return redirect()->route('checkout/accessory', $accessory->id)->with('error', trans('admin/accessories/message.checkout.user_does_not_exist'));
         }
 
       // Update the accessory data
-        $accessory->assigned_to                 = e(Input::get('assigned_to'));
+        $accessory->assigned_to = e(Input::get('assigned_to'));
 
-        $accessory->users()->attach($accessory->id, array(
-        'accessory_id' => $accessory->id,
-        'created_at' => Carbon::now(),
-        'user_id' => Auth::user()->id,
-        'assigned_to' => e(Input::get('assigned_to'))));
+        $accessory->users()->attach($accessory->id, [
+            'accessory_id' => $accessory->id,
+            'created_at' => Carbon::now(),
+            'user_id' => Auth::id(),
+            'assigned_to' => $request->get('assigned_to')
+        ]);
 
-        $logaction = $accessory->logCheckout(e(Input::get('note')));
+        $logaction = $accessory->logCheckout(e(Input::get('note')), $user);
 
-
-
-        $admin_user = Auth::user();
-        $settings = Setting::getSettings();
-
-        if ($settings->slack_endpoint) {
-
-
-            $slack_settings = [
-              'username' => $settings->botname,
-              'channel' => $settings->slack_channel,
-              'link_names' => true
-            ];
-
-            $client = new \Maknz\Slack\Client($settings->slack_endpoint, $slack_settings);
-
-            try {
-                $client->attach([
-                'color' => 'good',
-                'fields' => [
-                  [
-                  'title' => 'Checked Out:',
-                  'value' => 'Accessory <'.config('app.url').'/admin/accessories/'.$accessory->id.'/view'.'|'.$accessory->name.'> checked out to <'.config('app.url').'/admin/users/'.$user->id.'/view|'.$user->fullName().'> by <'.config('app.url').'/admin/users/'.$admin_user->id.'/view'.'|'.$admin_user->fullName().'>.'
-                  ],
-                  [
-                      'title' => 'Note:',
-                      'value' => e(Input::get('note'))
-                  ],
-                ]
-                ])->send('Accessory Checked Out');
-            } catch (Exception $e) {
-
-            }
-
-        }
-
-
-        $accessory_user = DB::table('accessories_users')->where('assigned_to', '=', $accessory->assigned_to)->where('accessory_id', '=', $accessory->id)->first();
+        DB::table('accessories_users')->where('assigned_to', '=', $accessory->assigned_to)->where('accessory_id', '=', $accessory->id)->first();
 
         $data['log_id'] = $logaction->id;
         $data['eula'] = $accessory->getEula();
@@ -362,9 +313,9 @@ class AccessoriesController extends Controller
         $data['expected_checkin'] = '';
         $data['note'] = $logaction->note;
         $data['require_acceptance'] = $accessory->requireAcceptance();
+        // TODO: Port this to new mail notifications
 
-
-        if (($accessory->requireAcceptance()=='1')  || ($accessory->getEula())) {
+        if ((($accessory->requireAcceptance()=='1')  || ($accessory->getEula())) && ($user->email!='')) {
 
             Mail::send('emails.accept-accessory', $data, function ($m) use ($user) {
                 $m->to($user->email, $user->first_name . ' ' . $user->last_name);
@@ -374,116 +325,75 @@ class AccessoriesController extends Controller
         }
 
       // Redirect to the new accessory page
-        return redirect()->to("admin/accessories")->with('success', trans('admin/accessories/message.checkout.success'));
-
-
-
+        return redirect()->route('accessories.index')->with('success', trans('admin/accessories/message.checkout.success'));
     }
 
 
-  /**
-  * Check the accessory back into inventory
-  *
-  * @author [A. Gianotto] [<snipe@snipe.net>]
-  * @param  int  $accessoryId
-  * @return View
-  **/
+    /**
+     * Check the accessory back into inventory
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param Request $request
+     * @param integer $accessoryUserId
+     * @param string $backto
+     * @return View
+     * @internal param int $accessoryId
+     */
     public function getCheckin(Request $request, $accessoryUserId = null, $backto = null)
     {
         // Check if the accessory exists
         if (is_null($accessory_user = DB::table('accessories_users')->find($accessoryUserId))) {
             // Redirect to the accessory management page with error
-            return redirect()->to('admin/accessories')->with('error', trans('admin/accessories/message.not_found'));
+            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.not_found'));
         }
 
         $accessory = Accessory::find($accessory_user->accessory_id);
-
-        if (!Company::isCurrentUserHasAccess($accessory)) {
-            return redirect()->to('admin/accessories')->with('error', trans('general.insufficient_permissions'));
-        } else {
-            return View::make('accessories/checkin', compact('accessory'))->with('backto', $backto);
-        }
+        $this->authorize('checkin', $accessory);
+        return view('accessories/checkin', compact('accessory'))->with('backto', $backto);
     }
 
 
-  /**
-  * Check in the item so that it can be checked out again to someone else
-  *
-  * @uses Accessory::checkin_email() to determine if an email can and should be sent
-  * @author [A. Gianotto] [<snipe@snipe.net>]
-  * @param  int  $accessoryId
-  * @return Redirect
-  **/
+    /**
+     * Check in the item so that it can be checked out again to someone else
+     *
+     * @uses Accessory::checkin_email() to determine if an email can and should be sent
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param Request $request
+     * @param integer $accessoryUserId
+     * @param string $backto
+     * @return Redirect
+     * @internal param int $accessoryId
+     */
     public function postCheckin(Request $request, $accessoryUserId = null, $backto = null)
     {
       // Check if the accessory exists
         if (is_null($accessory_user = DB::table('accessories_users')->find($accessoryUserId))) {
             // Redirect to the accessory management page with error
-            return redirect()->to('admin/accessories')->with('error', trans('admin/accessories/message.not_found'));
+            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist'));
         }
 
-
         $accessory = Accessory::find($accessory_user->accessory_id);
 
-        if (!Company::isCurrentUserHasAccess($accessory)) {
-            return redirect()->to('admin/accessories')->with('error', trans('general.insufficient_permissions'));
-        }
+        $this->authorize('checkin', $accessory);
 
         $return_to = e($accessory_user->assigned_to);
         $logaction = $accessory->logCheckin(User::find($return_to), e(Input::get('note')));
-        $admin_user = Auth::user();
 
-
-      // Was the accessory updated?
+        // Was the accessory updated?
         if (DB::table('accessories_users')->where('id', '=', $accessory_user->id)->delete()) {
-
-            $settings = Setting::getSettings();
-
-            if ($settings->slack_endpoint) {
-
-
-                $slack_settings = [
-                'username' => e($settings->botname),
-                'channel' => e($settings->slack_channel),
-                'link_names' => true
-                ];
-
-                $client = new \Maknz\Slack\Client($settings->slack_endpoint, $slack_settings);
-
-                try {
-                    $client->attach([
-                        'color' => 'good',
-                        'fields' => [
-                            [
-                                'title' => 'Checked In:',
-                                'value' => class_basename(strtoupper($logaction->item_type)).' <'.config('app.url').'/admin/accessories/'.e($accessory->id).'/view'.'|'.e($accessory->name).'> checked in by <'.config('app.url').'/admin/users/'.e($admin_user->id).'/view'.'|'.e($admin_user->fullName()).'>.'
-                            ],
-                            [
-                                'title' => 'Note:',
-                                'value' => e($logaction->note)
-                            ],
-
-                        ]
-                    ])->send('Accessory Checked In');
-
-                } catch (Exception $e) {
-
-                }
-
-            }
-
             if (!is_null($accessory_user->assigned_to)) {
                 $user = User::find($accessory_user->assigned_to);
             }
 
             $data['log_id'] = $logaction->id;
             $data['first_name'] = e($user->first_name);
+            $data['last_name'] = e($user->last_name);
             $data['item_name'] = e($accessory->name);
             $data['checkin_date'] = e($logaction->created_at);
             $data['item_tag'] = '';
             $data['note'] = e($logaction->note);
 
-            if (($accessory->checkin_email()=='1')) {
+            if ((($accessory->checkin_email()=='1')) && ($user->email!='')) {
 
                 Mail::send('emails.checkin-asset', $data, function ($m) use ($user) {
                     $m->to($user->email, $user->first_name . ' ' . $user->last_name);
@@ -493,189 +403,13 @@ class AccessoriesController extends Controller
             }
 
             if ($backto=='user') {
-                return redirect()->to("admin/users/".$return_to.'/view')->with('success', trans('admin/accessories/message.checkin.success'));
-            } else {
-                return redirect()->to("admin/accessories/".$accessory->id."/view")->with('success', trans('admin/accessories/message.checkin.success'));
+                return redirect()->route("users.show", $return_to)->with('success', trans('admin/accessories/message.checkin.success'));
             }
+            return redirect()->route("accessories.show", $accessory->id)->with('success', trans('admin/accessories/message.checkin.success'));
         }
-
         // Redirect to the accessory management page with error
-        return redirect()->to("admin/accessories")->with('error', trans('admin/accessories/message.checkin.error'));
-    }
-
-    /**
-    * Generates the JSON response for accessories listing view.
-    *
-    * Example:
-    * {
-    *  "actions": "(links to available actions)",
-    *  "category": "(link to category)",
-    *  "companyName": "My Company",
-    *  "location":  "My Location",
-    *  "min_amt": 2,
-    *  "name":  "(link to accessory),
-    *  "numRemaining": 6,
-    *  "order_number": null,
-    *  "purchase_cost": "0.00",
-    *  "purchase_date": null,
-    *  "qty": 7
-    *  },
-    *
-    * The names of the fields in the returns JSON correspond directly to the the
-    * names of the fields in the bootstrap-tables in the view.
-    *
-    * For debugging, see at /api/accessories/list
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @param  int  $accessoryId
-    * @return string JSON containing accessories and their associated atrributes.
-    **/
-    public function getDatatable(Request $request)
-    {
-        $accessories = Company::scopeCompanyables(
-            Accessory::select('accessories.*')
-            ->whereNull('accessories.deleted_at')
-            ->with('category', 'company', 'manufacturer', 'users', 'location')
-        );
-        if (Input::has('search')) {
-            $accessories = $accessories->TextSearch(e(Input::get('search')));
-        }
-
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
-        }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-
-        $allowed_columns = ['name','min_amt','order_number','purchase_date','purchase_cost','companyName','category','model_number'];
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? e(Input::get('sort')) : 'created_at';
-
-        switch ($sort) {
-            case 'category':
-                $accessories = $accessories->OrderCategory($order);
-                break;
-            case 'companyName':
-                $accessories = $accessories->OrderCompany($order);
-                break;
-            default:
-                $accessories = $accessories->orderBy($sort, $order);
-                break;
-        }
-
-        $accessCount = $accessories->count();
-        $accessories = $accessories->skip($offset)->take($limit)->get();
-
-        $rows = array();
-
-        foreach ($accessories as $accessory) {
-
-            $actions = '<nobr>';
-            if (Gate::allows('accessories.checkout')) {
-                $actions .= '<a href="' . route('checkout/accessory',
-                        $accessory->id) . '" style="margin-right:5px;" class="btn btn-info btn-sm" ' . (($accessory->numRemaining() > 0) ? '' : ' disabled') . '>' . trans('general.checkout') . '</a>';
-            }
-            if (Gate::allows('accessories.edit')) {
-                $actions .= '<a href="' . route('update/accessory',
-                        $accessory->id) . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
-            }
-            if (Gate::allows('accessories.delete')) {
-                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/accessory',
-                        $accessory->id) . '" data-content="' . trans('admin/accessories/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($accessory->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
-            }
-            $actions .= '</nobr>';
-            $company = $accessory->company;
-
-            $rows[] = array(
-            'name'          => '<a href="'.url('admin/accessories/'.$accessory->id).'/view">'. $accessory->name.'</a>',
-            'category'      => ($accessory->category) ? (string)link_to('admin/settings/categories/'.$accessory->category->id.'/view', $accessory->category->name) : '',
-            'model_number'      =>  e($accessory->model_number),
-            'qty'           => e($accessory->qty),
-            'order_number'  => e($accessory->order_number),
-            'min_amt'  => e($accessory->min_amt),
-            'location'      => ($accessory->location) ? e($accessory->location->name): '',
-            'purchase_date' => e($accessory->purchase_date),
-            'purchase_cost' => Helper::formatCurrencyOutput($accessory->purchase_cost),
-            'numRemaining'  => $accessory->numRemaining(),
-            'actions'       => $actions,
-            'companyName'   => is_null($company) ? '' : e($company->name),
-            'manufacturer'      => $accessory->manufacturer ? (string) link_to('/admin/settings/manufacturers/'.$accessory->manufacturer_id.'/view', $accessory->manufacturer->name) : ''
-
-            );
-        }
-
-        $data = array('total'=>$accessCount, 'rows'=>$rows);
-
-        return $data;
+        return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.checkin.error'));
     }
 
 
-  /**
-  * Generates the JSON response for accessory detail view.
-  *
-  * Example:
-  * <code>
-  * {
-  * "rows": [
-  * {
-  * "actions": "(link to available actions)",
-  * "name": "(link to user)"
-  * }
-  * ],
-  * "total": 1
-  * }
-  * </code>
-  *
-  * The names of the fields in the returns JSON correspond directly to the the
-  * names of the fields in the bootstrap-tables in the view.
-  *
-  * For debugging, see at /api/accessories/$accessoryID/view
-  *
-  * @author [A. Gianotto] [<snipe@snipe.net>]
-  * @param  int  $accessoryId
-  * @return string JSON containing accessories and their associated atrributes.
-  **/
-    public function getDataView(Request $request, $accessoryID)
-    {
-        $accessory = Accessory::find($accessoryID);
-
-        if (!Company::isCurrentUserHasAccess($accessory)) {
-            return ['total' => 0, 'rows' => []];
-        }
-
-        $accessory_users = $accessory->users;
-        $count = $accessory_users->count();
-
-        $rows = array();
-
-        foreach ($accessory_users as $user) {
-            $actions = '';
-            if (Gate::allows('accessories.checkin')) {
-                $actions .= '<a href="' . route('checkin/accessory',
-                        $user->pivot->id) . '" class="btn btn-info btn-sm">Checkin</a>';
-            }
-
-            if (Gate::allows('users.view')) {
-                $name = (string) link_to('/admin/users/'.$user->id.'/view', e($user->fullName()));
-            } else {
-                $name = e($user->fullName());
-            }
-
-            $rows[] = array(
-              'name'          => $name,
-              'actions'       => $actions
-              );
-        }
-
-        $data = array('total'=>$count, 'rows'=>$rows);
-
-        return $data;
-    }
 }

app/Http/Controllers/ActionlogController.php

@@ -9,7 +9,7 @@ class ActionlogController extends Controller
 {
     public function displaySig($filename)
     {
-
+        $this->authorize('view', \App\Models\Asset::class);
         $file = config('app.private_uploads') . '/signatures/' . $filename;
         $filetype = Helper::checkUploadIsImage($file);
         $contents = file_get_contents($file);

app/Http/Controllers/Api/AccessoriesController.php

@@ -0,0 +1,194 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Helpers\Helper;
+use App\Models\Accessory;
+use App\Http\Transformers\AccessoriesTransformer;
+use App\Models\Company;
+
+
+class AccessoriesController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('view', Accessory::class);
+        $allowed_columns = ['id','name','model_number','eol','notes','created_at','min_amt','company_id'];
+
+        $accessories = Accessory::whereNull('accessories.deleted_at')->with('category', 'company', 'manufacturer', 'users', 'location');
+
+        if ($request->has('search')) {
+            $accessories = $accessories->TextSearch($request->input('search'));
+        }
+
+        if ($request->has('company_id')) {
+            $accessories->where('company_id','=',$request->input('company_id'));
+        }
+
+        if ($request->has('category_id')) {
+            $accessories->where('category_id','=',$request->input('category_id'));
+        }
+
+        if ($request->has('manufacturer_id')) {
+            $accessories->where('manufacturer_id','=',$request->input('manufacturer_id'));
+        }
+
+        if ($request->has('supplier_id')) {
+            $accessories->where('supplier_id','=',$request->input('supplier_id'));
+        }
+
+        $offset = $request->input('offset', 0);
+        $limit = $request->input('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+
+        switch ($sort) {
+            case 'category':
+                $accessories = $accessories->OrderCategory($order);
+                break;
+            case 'company':
+                $accessories = $accessories->OrderCompany($order);
+                break;
+            default:
+                $accessories = $accessories->orderBy($sort, $order);
+                break;
+        }
+
+        $accessories->orderBy($sort, $order);
+
+        $total = $accessories->count();
+        $accessories = $accessories->skip($offset)->take($limit)->get();
+        return (new AccessoriesTransformer)->transformAccessories($accessories, $total);
+    }
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', Accessory::class);
+        $accessory = new Accessory;
+        $accessory->fill($request->all());
+
+        if ($accessory->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $accessory, trans('admin/accessories/message.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $accessory->getErrors()));
+
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $this->authorize('view', Accessory::class);
+        $accessory = Accessory::findOrFail($id);
+        return (new AccessoriesTransformer)->transformAccessory($accessory);
+    }
+
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function accessory_detail($id)
+    {
+        $this->authorize('view', Accessory::class);
+        $accessory = Accessory::findOrFail($id);
+        return (new AccessoriesTransformer)->transformAccessory($accessory);
+    }
+
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function checkedout($id)
+    {
+        $this->authorize('view', Accessory::class);
+
+        $accessory = Accessory::findOrFail($id);
+        if (!Company::isCurrentUserHasAccess($accessory)) {
+            return ['total' => 0, 'rows' => []];
+        }
+        $accessory_users = $accessory->users;
+        $total = $accessory_users->count();
+
+        return (new AccessoriesTransformer)->transformCheckedoutAccessory($accessory_users, $total);
+    }
+
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('edit', Accessory::class);
+        $accessory = Accessory::findOrFail($id);
+        $accessory->fill($request->all());
+
+        if ($accessory->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $accessory, trans('admin/accessories/message.update.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $accessory->getErrors()));
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($id)
+    {
+        $this->authorize('delete', Accessory::class);
+        $accessory = Accessory::findOrFail($id);
+        $this->authorize($accessory);
+
+        if ($accessory->hasUsers() > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/accessories/message.assoc_users', array('count'=> $accessory->hasUsers()))));
+        }
+
+        $accessory->delete();
+        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/accessories/message.delete.success')));
+
+    }
+}

app/Http/Controllers/Api/AssetMaintenancesController.php

@@ -0,0 +1,247 @@
+<?php
+namespace App\Http\Controllers\Api;
+
+use App\Helpers\Helper;
+use App\Http\Controllers\Controller;
+use App\Http\Transformers\AssetMaintenancesTransformer;
+use App\Models\Asset;
+use App\Models\AssetMaintenance;
+use App\Models\Company;
+use Auth;
+use Carbon\Carbon;
+use Gate;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Input;
+
+/**
+ * This controller handles all actions related to Asset Maintenance for
+ * the Snipe-IT Asset Management application.
+ *
+ * @version    v2.0
+ */
+class AssetMaintenancesController extends Controller
+{
+
+
+    /**
+     *  Generates the JSON response for asset maintenances listing view.
+     *
+     * @see AssetMaintenancesController::getIndex() method that generates view
+     * @author  Vincent Sposato <vincent.sposato@gmail.com>
+     * @version v1.0
+     * @since [v1.8]
+     * @return String JSON
+     */
+    public function index(Request $request)
+    {
+        $maintenances = AssetMaintenance::with('asset', 'supplier', 'asset.company', 'admin');
+
+        if (Input::has('search')) {
+            $maintenances = $maintenances->TextSearch(e($request->input('search')));
+        }
+
+        if ($request->has('asset_id')) {
+            $maintenances->where('asset_id', '=', $request->input('asset_id'));
+        }
+
+        $offset = request('offset', 0);
+        $limit = request('limit', 50);
+
+        $allowed_columns = [
+                                'id',
+                                'title',
+                                'asset_maintenance_time',
+                                'asset_maintenance_type',
+                                'cost',
+                                'start_date',
+                                'completion_date',
+                                'notes',
+                                'asset_tag',
+                                'asset_name',
+                                'user_id'
+                            ];
+        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array(Input::get('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
+
+        switch ($sort) {
+            case 'user_id':
+                $maintenances = $maintenances->OrderAdmin($order);
+                break;
+            case 'asset_tag':
+                $maintenances = $maintenances->OrderByTag($order);
+                break;
+            case 'asset_name':
+                $maintenances = $maintenances->OrderByAssetName($order);
+                break;
+            default:
+                $maintenances = $maintenances->orderBy($sort, $order);
+                break;
+        }
+
+        $total = $maintenances->count();
+        $maintenances = $maintenances->skip($offset)->take($limit)->get();
+        return (new AssetMaintenancesTransformer())->transformAssetMaintenances($maintenances, $total);
+
+
+    }
+
+
+    /**
+     *  Validates and stores the new asset maintenance
+     *
+     * @see AssetMaintenancesController::getCreate() method for the form
+     * @author  Vincent Sposato <vincent.sposato@gmail.com>
+     * @version v1.0
+     * @since [v1.8]
+     * @return String JSON
+     */
+    public function store(Request $request)
+    {
+        // create a new model instance
+        $assetMaintenance = new AssetMaintenance();
+        $assetMaintenance->supplier_id = $request->input('supplier_id');
+        $assetMaintenance->is_warranty = $request->input('is_warranty');
+        $assetMaintenance->cost =  e($request->input('cost'));
+        $assetMaintenance->notes = e($request->input('notes'));
+        $asset = Asset::find(e($request->input('asset_id')));
+
+        if (!Company::isCurrentUserHasAccess($asset)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot add a maintenance for that asset'));
+        }
+
+        // Save the asset maintenance data
+        $assetMaintenance->asset_id               = $request->input('asset_id');
+        $assetMaintenance->asset_maintenance_type = $request->input('asset_maintenance_type');
+        $assetMaintenance->title                  = $request->input('title');
+        $assetMaintenance->start_date             = $request->input('start_date');
+        $assetMaintenance->completion_date        = $request->input('completion_date');
+        $assetMaintenance->user_id                = Auth::id();
+
+        if (( $assetMaintenance->completion_date !== null )
+            && ( $assetMaintenance->start_date !== "" )
+            && ( $assetMaintenance->start_date !== "0000-00-00" )
+        ) {
+            $startDate                                = Carbon::parse($assetMaintenance->start_date);
+            $completionDate                           = Carbon::parse($assetMaintenance->completion_date);
+            $assetMaintenance->asset_maintenance_time = $completionDate->diffInDays($startDate);
+        }
+
+        // Was the asset maintenance created?
+        if ($assetMaintenance->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $assetMaintenance, trans('admin/asset_maintenances/message.create.success')));
+
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $assetMaintenance->getErrors()));
+
+    }
+
+
+    /**
+     *  Validates and stores an update to an asset maintenance
+     *
+     * @author  A. Gianotto <snipe@snipe.net>
+     * @param int $assetMaintenanceId
+     * @param int $request
+     * @version v1.0
+     * @since [v4.0]
+     * @return String JSON
+     */
+    public function update(Request $request, $assetMaintenanceId = null)
+    {
+        // Check if the asset maintenance exists
+        $assetMaintenance = AssetMaintenance::findOrFail($assetMaintenanceId);
+
+        if (!Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot edit a maintenance for that asset'));
+        }
+
+        $assetMaintenance->supplier_id = e($request->input('supplier_id'));
+        $assetMaintenance->is_warranty = e($request->input('is_warranty'));
+        $assetMaintenance->cost =  Helper::ParseFloat(e($request->input('cost')));
+        $assetMaintenance->notes = e($request->input('notes'));
+
+        $asset = Asset::find(request('asset_id'));
+
+        if (!Company::isCurrentUserHasAccess($asset)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot edit a maintenance for that asset'));
+        }
+
+        // Save the asset maintenance data
+        $assetMaintenance->asset_id               = $request->input('asset_id');
+        $assetMaintenance->asset_maintenance_type = $request->input('asset_maintenance_type');
+        $assetMaintenance->title                  = $request->input('title');
+        $assetMaintenance->start_date             = $request->input('start_date');
+        $assetMaintenance->completion_date        = $request->input('completion_date');
+
+        if (( $assetMaintenance->completion_date == null )
+        ) {
+            if (( $assetMaintenance->asset_maintenance_time !== 0 )
+                || ( !is_null($assetMaintenance->asset_maintenance_time) )
+            ) {
+                $assetMaintenance->asset_maintenance_time = null;
+            }
+        }
+
+        if (( $assetMaintenance->completion_date !== null )
+            && ( $assetMaintenance->start_date !== "" )
+            && ( $assetMaintenance->start_date !== "0000-00-00" )
+        ) {
+            $startDate                                = Carbon::parse($assetMaintenance->start_date);
+            $completionDate                           = Carbon::parse($assetMaintenance->completion_date);
+            $assetMaintenance->asset_maintenance_time = $completionDate->diffInDays($startDate);
+        }
+
+        // Was the asset maintenance created?
+        if ($assetMaintenance->save()) {
+
+            return response()->json(Helper::formatStandardApiResponse('success', $assetMaintenance, trans('admin/asset_maintenances/message.edit.success')));
+
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $assetMaintenance->getErrors()));
+    }
+
+    /**
+     *  Delete an asset maintenance
+     *
+     * @author  A. Gianotto <snipe@snipe.net>
+     * @param int $assetMaintenanceId
+     * @version v1.0
+     * @since [v4.0]
+     * @return String JSON
+     */
+    public function destroy($assetMaintenanceId)
+    {
+        // Check if the asset maintenance exists
+        $assetMaintenance = AssetMaintenance::findOrFail($assetMaintenanceId);
+
+        if (!Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot delete a maintenance for that asset'));
+        }
+
+        $assetMaintenance->delete();
+
+        return response()->json(Helper::formatStandardApiResponse('success', $assetMaintenance, trans('admin/asset_maintenances/message.delete.success')));
+
+
+    }
+
+    /**
+     *  View an asset maintenance
+     *
+     * @author  A. Gianotto <snipe@snipe.net>
+     * @param int $assetMaintenanceId
+     * @version v1.0
+     * @since [v4.0]
+     * @return String JSON
+     */
+    public function show($assetMaintenanceId)
+    {
+        $assetMaintenance = AssetMaintenance::findOrFail($assetMaintenanceId);
+        if (!Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot view a maintenance for that asset'));
+        }
+        return (new AssetMaintenancesTransformer())->transformAssetMaintenance($assetMaintenance);
+
+    }
+}

app/Http/Controllers/Api/AssetModelsController.php

@@ -0,0 +1,243 @@
+<?php
+namespace App\Http\Controllers\Api;
+
+use App\Models\AssetModel;
+use App\Models\Asset;
+use App\Http\Controllers\Controller;
+use App\Helpers\Helper;
+use Illuminate\Http\Request;
+use App\Http\Transformers\AssetModelsTransformer;
+use App\Http\Transformers\AssetsTransformer;
+use App\Http\Transformers\SelectlistTransformer;
+
+
+/**
+ * This class controls all actions related to asset models for
+ * the Snipe-IT Asset Management application.
+ *
+ * @version    v4.0
+ * @author [A. Gianotto] [<snipe@snipe.net>]
+ */
+class AssetModelsController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('view', AssetModel::class);
+        $allowed_columns = ['id','image','name','model_number','eol','notes','created_at','manufacturer','assets_count'];
+
+        $assetmodels = AssetModel::select([
+            'models.id',
+            'models.image',
+            'models.name',
+            'model_number',
+            'eol',
+            'models.notes',
+            'models.created_at',
+            'category_id',
+            'manufacturer_id',
+            'depreciation_id',
+            'fieldset_id',
+            'models.deleted_at',
+            'models.updated_at',
+         ])
+            ->with('category','depreciation', 'manufacturer','fieldset')
+            ->withCount('assets');
+
+
+
+        if ($request->has('status')) {
+            $assetmodels->onlyTrashed();
+        }
+
+        if ($request->has('search')) {
+            $assetmodels->TextSearch($request->input('search'));
+        }
+
+        $offset = $request->input('offset', 0);
+        $limit = $request->input('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'models.created_at';
+
+        switch ($sort) {
+            case 'manufacturer':
+                $assetmodels->OrderManufacturer($order);
+                break;
+            default:
+                $assetmodels->orderBy($sort, $order);
+                break;
+        }
+
+
+
+        $total = $assetmodels->count();
+        $assetmodels = $assetmodels->skip($offset)->take($limit)->get();
+        return (new AssetModelsTransformer)->transformAssetModels($assetmodels, $total);
+    }
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', AssetModel::class);
+        $assetmodel = new AssetModel;
+        $assetmodel->fill($request->all());
+
+        if ($assetmodel->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $assetmodel, trans('admin/models/message.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $assetmodel->getErrors()));
+
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $this->authorize('view', AssetModel::class);
+        $assetmodel = AssetModel::withCount('assets')->findOrFail($id);
+        return (new AssetModelsTransformer)->transformAssetModel($assetmodel);
+    }
+
+    /**
+     * Display the specified resource's assets
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function assets($id)
+    {
+        $this->authorize('view', AssetModel::class);
+        $assets = Asset::where('model_id','=',$id)->get();
+        return (new AssetsTransformer)->transformAssets($assets, $assets->count());
+    }
+
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('edit', AssetModel::class);
+        $assetmodel = AssetModel::findOrFail($id);
+        $assetmodel->fill($request->all());
+        $assetmodel->fieldset_id = $request->get("custom_fieldset_id");
+
+        if ($assetmodel->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $assetmodel, trans('admin/models/message.update.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $assetmodel->getErrors()));
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($id)
+    {
+        $this->authorize('delete', AssetModel::class);
+        $assetmodel = AssetModel::findOrFail($id);
+        $this->authorize('delete', $assetmodel);
+
+        if ($assetmodel->assets()->count() > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/models/message.assoc_users')));
+        }
+
+        if ($assetmodel->image) {
+            try  {
+                unlink(public_path().'/uploads/models/'.$assetmodel->image);
+            } catch (\Exception $e) {
+                \Log::error($e);
+            }
+        }
+
+        $assetmodel->delete();
+        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/models/message.delete.success')));
+
+    }
+
+    /**
+     * Gets a paginated collection for the select2 menus
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0.16]
+     * @see \App\Http\Transformers\SelectlistTransformer
+     *
+     */
+    public function selectlist(Request $request)
+    {
+
+        $assetmodels = AssetModel::select([
+            'models.id',
+            'models.name',
+            'models.image',
+            'models.model_number',
+            'models.manufacturer_id',
+            'models.category_id',
+        ])->with('manufacturer','category');
+
+        $settings = \App\Models\Setting::getSettings();
+
+        if ($request->has('search')) {
+            $assetmodels = $assetmodels->SearchByManufacturerOrCat($request->input('search'));
+        }
+
+        $assetmodels = $assetmodels->OrderCategory('ASC')->OrderManufacturer('ASC')->orderby('models.name', 'asc')->orderby('models.model_number', 'asc')->paginate(50);
+
+        foreach ($assetmodels as $assetmodel) {
+
+            $assetmodel->use_text = '';
+
+            if ($settings->modellistCheckedValue('category')) {
+                $assetmodel->use_text .= (($assetmodel->category) ? e($assetmodel->category->name).' - ' : '');
+            }
+
+            if ($settings->modellistCheckedValue('manufacturer')) {
+                $assetmodel->use_text .= (($assetmodel->manufacturer) ? e($assetmodel->manufacturer->name).' ' : '');
+            }
+
+            $assetmodel->use_text .=  e($assetmodel->name);
+
+            if (($settings->modellistCheckedValue('model_number')) && ($assetmodel->model_number!='')) {
+                $assetmodel->use_text .=  ' (#'.e($assetmodel->model_number).')';
+            }
+
+            $assetmodel->use_image = ($settings->modellistCheckedValue('image') && ($assetmodel->image)) ? url('/').'/uploads/models/'.$assetmodel->image : null;
+        }
+
+        return (new SelectlistTransformer)->transformSelectlist($assetmodels);
+    }
+
+}

app/Http/Controllers/Api/AssetsController.php

@@ -0,0 +1,722 @@
+<?php
+namespace App\Http\Controllers\Api;
+
+use App\Helpers\Helper;
+use App\Http\Controllers\Controller;
+use App\Http\Requests\AssetRequest;
+use App\Http\Requests\AssetCheckoutRequest;
+use App\Http\Transformers\AssetsTransformer;
+use App\Models\Asset;
+use App\Models\AssetModel;
+use App\Models\Company;
+use App\Models\CustomField;
+use App\Models\Location;
+use App\Models\Setting;
+use App\Models\User;
+use Artisan;
+use Auth;
+use Carbon\Carbon;
+use Config;
+use DB;
+use Gate;
+use Illuminate\Http\Request;
+use Input;
+use Lang;
+use Log;
+use Mail;
+use Paginator;
+use Response;
+use Slack;
+use Str;
+use TCPDF;
+use Validator;
+use View;
+use App\Http\Transformers\SelectlistTransformer;
+
+
+/**
+ * This class controls all actions related to assets for
+ * the Snipe-IT Asset Management application.
+ *
+ * @version    v1.0
+ * @author [A. Gianotto] [<snipe@snipe.net>]
+ */
+class AssetsController extends Controller
+{
+
+    /**
+     * Returns JSON listing of all assets
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $assetId
+     * @since [v4.0]
+     * @return JsonResponse
+     */
+    public function index(Request $request)
+    {
+
+        $this->authorize('index', Asset::class);
+        $settings = Setting::getSettings();
+
+        $allowed_columns = [
+            'id',
+            'name',
+            'asset_tag',
+            'serial',
+            'model_number',
+            'last_checkout',
+            'notes',
+            'expected_checkin',
+            'order_number',
+            'image',
+            'assigned_to',
+            'created_at',
+            'updated_at',
+            'purchase_date',
+            'purchase_cost',
+            'last_audit_date',
+            'next_audit_date',
+            'warranty_months',
+        ];
+
+        $filter = array();
+
+        if ($request->has('filter')) {
+            $filter = json_decode($request->input('filter'));
+        }
+
+        $all_custom_fields = CustomField::all(); //used as a 'cache' of custom fields throughout this page load
+        foreach ($all_custom_fields as $field) {
+            $allowed_columns[]=$field->db_column_name();
+        }
+
+        $assets = Company::scopeCompanyables(Asset::select('assets.*'),"company_id","assets")
+            ->with('location', 'assetstatus', 'assetlog', 'company', 'defaultLoc','assignedTo',
+            'model.category', 'model.manufacturer', 'model.fieldset','supplier');
+
+
+
+
+
+
+        // These are used by the API to query against specific ID numbers.
+        // They are also used by the individual searches on detail pages like
+        // locations, etc.
+        if ($request->has('status_id')) {
+            $assets->where('assets.status_id', '=', $request->input('status_id'));
+        }
+
+        if ($request->has('model_id')) {
+            $assets->InModelList([$request->input('model_id')]);
+        }
+
+        if ($request->has('category_id')) {
+            $assets->InCategory($request->input('category_id'));
+        }
+
+        if ($request->has('location_id')) {
+            $assets->where('assets.location_id', '=', $request->input('location_id'));
+           // dd($assets->toSql());
+        }
+
+        if ($request->has('supplier_id')) {
+            $assets->where('assets.supplier_id', '=', $request->input('supplier_id'));
+        }
+
+        if (($request->has('assigned_to')) && ($request->has('assigned_type'))) {
+            $assets->where('assets.assigned_to', '=', $request->input('assigned_to'))
+                    ->where('assets.assigned_type', '=', $request->input('assigned_type'));
+        }
+
+        if ($request->has('company_id')) {
+            $assets->where('assets.company_id', '=', $request->input('company_id'));
+        }
+
+        if ($request->has('manufacturer_id')) {
+            $assets->ByManufacturer($request->input('manufacturer_id'));
+        }
+
+        if ($request->has('depreciation_id')) {
+            $assets->ByDepreciationId($request->input('depreciation_id'));
+        }
+
+        $request->has('order_number') ? $assets = $assets->where('assets.order_number', '=', e($request->get('order_number'))) : '';
+
+        $offset = request('offset', 0);
+        $limit = $request->input('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+
+        // This is used by the sidenav, mostly
+
+        // We switched from using query scopes here because of a Laravel bug
+        // related to fulltext searches on complex queries.
+        // I am sad. :(
+        switch ($request->input('status')) {
+            case 'Deleted':
+                $assets->withTrashed()->Deleted();
+                break;
+            case 'Pending':
+                $assets->join('status_labels AS status_alias',function ($join) {
+                    $join->on('status_alias.id', "=", "assets.status_id")
+                        ->where('status_alias.deployable','=',0)
+                        ->where('status_alias.pending','=',1)
+                        ->where('status_alias.archived', '=', 0);
+                });
+                break;
+            case 'RTD':
+                $assets->whereNull('assets.assigned_to')
+                ->join('status_labels AS status_alias',function ($join) {
+                    $join->on('status_alias.id', "=", "assets.status_id")
+                        ->where('status_alias.deployable','=',1)
+                        ->where('status_alias.pending','=',0)
+                        ->where('status_alias.archived', '=', 0);
+                });
+                break;
+            case 'Undeployable':
+                $assets->Undeployable();
+                break;
+            case 'Archived':
+                $assets->join('status_labels AS status_alias',function ($join) {
+                    $join->on('status_alias.id', "=", "assets.status_id")
+                        ->where('status_alias.deployable','=',0)
+                        ->where('status_alias.pending','=',0)
+                        ->where('status_alias.archived', '=', 1);
+                });
+                break;
+            case 'Requestable':
+                $assets->where('assets.requestable', '=', 1)
+                    ->join('status_labels AS status_alias',function ($join) {
+                    $join->on('status_alias.id', "=", "assets.status_id")
+                        ->where('status_alias.deployable','=',1)
+                        ->where('status_alias.pending','=',0)
+                        ->where('status_alias.archived', '=', 0);
+                });
+
+                break;
+            case 'Deployed':
+                // more sad, horrible workarounds for laravel bugs when doing full text searches
+                $assets->where('assets.assigned_to', '>', '0');
+                break;
+            default:
+
+                if ((!$request->has('status_id')) && ($settings->show_archived_in_list!='1')) {
+                    // terrible workaround for complex-query Laravel bug in fulltext
+                    $assets->join('status_labels AS status_alias',function ($join) {
+                        $join->on('status_alias.id', "=", "assets.status_id")
+                            ->where('status_alias.archived', '=', 0);
+                    });
+                    
+                // If there is a status ID, don't take show_archived_in_list into consideration
+                } else {
+                    $assets->join('status_labels AS status_alias',function ($join) {
+                        $join->on('status_alias.id', "=", "assets.status_id");
+                    });
+                }
+
+        }
+
+        if (count($filter) > 0) {
+            $assets->ByFilter($filter);
+        } elseif ($request->has('search')) {
+            $assets->TextSearch($request->input('search'));
+        }
+
+
+        // This is kinda gross, but we need to do this because the Bootstrap Tables
+        // API passes custom field ordering as custom_fields.fieldname, and we have to strip
+        // that out to let the default sorter below order them correctly on the assets table.
+        $sort_override = str_replace('custom_fields.','', $request->input('sort')) ;
+
+        // This handles all of the pivot sorting (versus the assets.* fields
+        // in the allowed_columns array)
+        $column_sort = in_array($sort_override, $allowed_columns) ? $sort_override : 'assets.created_at';
+        
+        
+        switch ($sort_override) {
+            case 'model':
+                $assets->OrderModels($order);
+                break;
+            case 'model_number':
+                $assets->OrderModelNumber($order);
+                break;
+            case 'category':
+                $assets->OrderCategory($order);
+                break;
+            case 'manufacturer':
+                $assets->OrderManufacturer($order);
+                break;
+            case 'company':
+                $assets->OrderCompany($order);
+                break;
+            case 'location':
+                $assets->OrderLocation($order);
+            case 'rtd_location':
+                $assets->OrderRtdLocation($order);
+                break;
+            case 'status_label':
+                $assets->OrderStatus($order);
+                break;
+            case 'supplier':
+                $assets->OrderSupplier($order);
+                break;
+            case 'assigned_to':
+                $assets->OrderAssigned($order);
+                break;
+            default:
+                $assets->orderBy($column_sort, $order);
+                break;
+        }
+
+
+        $total = $assets->count();
+        $assets = $assets->skip($offset)->take($limit)->get();
+        return (new AssetsTransformer)->transformAssets($assets, $total);
+    }
+
+
+     /**
+     * Returns JSON with information about an asset for detail view.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $assetId
+     * @since [v4.0]
+     * @return JsonResponse
+     */
+    public function show($id)
+    {
+        if ($asset = Asset::with('assetstatus')->with('assignedTo')->withTrashed()->findOrFail($id)) {
+            $this->authorize('view', $asset);
+            return (new AssetsTransformer)->transformAsset($asset);
+        }
+
+    }
+
+
+    /**
+     * Gets a paginated collection for the select2 menus
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0.16]
+     * @see \App\Http\Transformers\SelectlistTransformer
+     *
+     */
+    public function selectlist(Request $request)
+    {
+
+        $assets = Company::scopeCompanyables(Asset::select([
+            'assets.id',
+            'assets.name',
+            'assets.asset_tag',
+            'assets.model_id',
+            'assets.assigned_to',
+            'assets.assigned_type',
+            'assets.status_id'
+            ])->with('model', 'assetstatus', 'assignedTo')->NotArchived());
+
+
+        if ($request->has('search')) {
+            $assets = $assets->AssignedSearch($request->input('search'));
+        }
+
+
+        $assets = $assets->paginate(50);
+
+        // Loop through and set some custom properties for the transformer to use.
+        // This lets us have more flexibility in special cases like assets, where
+        // they may not have a ->name value but we want to display something anyway
+        foreach ($assets as $asset) {
+
+
+            $asset->use_text = $asset->present()->fullName;
+
+            if (($asset->checkedOutToUser()) && ($asset->assigned)) {
+                $asset->use_text .= ' → '.$asset->assigned->getFullNameAttribute();
+            }
+
+            
+            if ($asset->assetstatus->getStatuslabelType()=='pending') {
+                $asset->use_text .=  '('.$asset->assetstatus->getStatuslabelType().')';
+            }
+
+            $asset->use_image = ($asset->getImageUrl()) ? $asset->getImageUrl() : null;
+        }
+
+        return (new SelectlistTransformer)->transformSelectlist($assets);
+
+    }
+
+
+    /**
+     * Accepts a POST request to create a new asset
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param Request $request
+     * @since [v4.0]
+     * @return JsonResponse
+     */
+    public function store(AssetRequest $request)
+    {
+
+        $this->authorize('create', Asset::class);
+
+        $asset = new Asset();
+        $asset->model()->associate(AssetModel::find((int) $request->get('model_id')));
+
+        $asset->name                    = $request->get('name');
+        $asset->serial                  = $request->get('serial');
+        $asset->company_id              = Company::getIdForCurrentUser($request->get('company_id'));
+        $asset->model_id                = $request->get('model_id');
+        $asset->order_number            = $request->get('order_number');
+        $asset->notes                   = $request->get('notes');
+        $asset->asset_tag               = $request->get('asset_tag', Asset::autoincrement_asset());
+        $asset->user_id                 = Auth::id();
+        $asset->archived                = '0';
+        $asset->physical                = '1';
+        $asset->depreciate              = '0';
+        $asset->status_id               = $request->get('status_id', 0);
+        $asset->warranty_months         = $request->get('warranty_months', null);
+        $asset->purchase_cost           = Helper::ParseFloat($request->get('purchase_cost'));
+        $asset->purchase_date           = $request->get('purchase_date', null);
+        $asset->assigned_to             = $request->get('assigned_to', null);
+        $asset->supplier_id             = $request->get('supplier_id', 0);
+        $asset->requestable             = $request->get('requestable', 0);
+        $asset->rtd_location_id         = $request->get('rtd_location_id', null);
+
+        // Update custom fields in the database.
+        // Validation for these fields is handled through the AssetRequest form request
+        $model = AssetModel::find($request->get('model_id'));
+        if ($model->fieldset) {
+            foreach ($model->fieldset->fields as $field) {
+                $asset->{$field->convertUnicodeDbSlug()} = e($request->input($field->convertUnicodeDbSlug(), null));
+            }
+        }
+
+        if ($asset->save()) {
+
+            if ($request->get('assigned_user')) {
+                $target = User::find(request('assigned_user'));
+            } elseif ($request->get('assigned_asset')) {
+                $target = Asset::find(request('assigned_asset'));
+            } elseif ($request->get('assigned_location')) {
+                $target = Location::find(request('assigned_location'));
+            }
+            if (isset($target)) {
+                $asset->checkOut($target, Auth::user(), date('Y-m-d H:i:s'), '', 'Checked out on asset creation', e($request->get('name')));
+            }
+            return response()->json(Helper::formatStandardApiResponse('success', $asset, trans('admin/hardware/message.create.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $asset->getErrors()), 200);
+    }
+
+
+    /**
+     * Accepts a POST request to update an asset
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param Request $request
+     * @since [v4.0]
+     * @return JsonResponse
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('edit', Asset::class);
+
+        if ($asset = Asset::find($id)) {
+            ($request->has('model_id')) ?
+                $asset->model()->associate(AssetModel::find($request->get('model_id'))) : '';
+            ($request->has('name')) ?
+                $asset->name = $request->get('name') : '';
+            ($request->has('serial')) ?
+                $asset->serial = $request->get('serial') : '';
+            ($request->has('model_id')) ?
+                $asset->model_id = $request->get('model_id') : '';
+            ($request->has('order_number')) ?
+                $asset->order_number = $request->get('order_number') : '';
+            ($request->has('notes')) ?
+                $asset->notes = $request->get('notes') : '';
+            ($request->has('asset_tag')) ?
+                $asset->asset_tag = $request->get('asset_tag') : '';
+            ($request->has('archived')) ?
+                $asset->archived = $request->get('archived') : '';
+            ($request->has('status_id')) ?
+                $asset->status_id = $request->get('status_id') : '';
+            ($request->has('warranty_months')) ?
+                $asset->warranty_months = $request->get('warranty_months') : '';
+            ($request->has('purchase_cost')) ?
+                $asset->purchase_cost = Helper::ParseFloat($request->get('purchase_cost')) : '';
+            ($request->has('purchase_date')) ?
+                $asset->purchase_date = $request->get('purchase_date') : '';
+            ($request->has('assigned_to')) ?
+                $asset->assigned_to = $request->get('assigned_to') : '';
+            ($request->has('supplier_id')) ?
+                $asset->supplier_id = $request->get('supplier_id') : '';
+            ($request->has('requestable')) ?
+                $asset->requestable = $request->get('requestable') : '';
+            ($request->has('rtd_location_id')) ?
+                $asset->rtd_location_id = $request->get('rtd_location_id') : '';
+            ($request->has('rtd_location_id')) ?
+                $asset->location_id = $request->get('rtd_location_id') : '';
+            ($request->has('company_id')) ?
+                $asset->company_id = Company::getIdForCurrentUser($request->get('company_id')) : '';
+
+
+            // Update custom fields
+            if (($model = AssetModel::find($asset->model_id)) && (isset($model->fieldset))) {
+                foreach ($model->fieldset->fields as $field) {
+                    if ($request->has($field->convertUnicodeDbSlug())) {
+                        $asset->{$field->convertUnicodeDbSlug()} = e($request->input($field->convertUnicodeDbSlug()));
+                    }
+                }
+            }
+
+
+            if ($asset->save()) {
+
+                if (($request->has('assigned_user')) && ($target = User::find($request->get('assigned_user')))) {
+                        $location = $target->location_id;
+                } elseif (($request->has('assigned_asset')) && ($target = Asset::find($request->get('assigned_asset')))) {
+                            $location = $target->location_id;
+                } elseif (($request->has('assigned_location')) && ($target = Location::find($request->get('assigned_location')))) {
+                    $location = $target->id;
+                }
+
+                if (isset($target)) {
+                    $asset->checkOut($target, Auth::user(), date('Y-m-d H:i:s'), '', 'Checked out on asset update', e($request->get('name')), $location);
+                }
+
+                return response()->json(Helper::formatStandardApiResponse('success', $asset, trans('admin/hardware/message.update.success')));
+            }
+            return response()->json(Helper::formatStandardApiResponse('error', null, $asset->getErrors()), 200);
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 200);
+    }
+
+
+    /**
+     * Delete a given asset (mark as deleted).
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $assetId
+     * @since [v4.0]
+     * @return JsonResponse
+     */
+    public function destroy($id)
+    {
+        $this->authorize('delete', Asset::class);
+
+        if ($asset = Asset::find($id)) {
+
+            $this->authorize('delete', $asset);
+
+            DB::table('assets')
+                ->where('id', $asset->id)
+                ->update(array('assigned_to' => null));
+
+            $asset->delete();
+
+            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/hardware/message.delete.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 200);
+    }
+
+
+
+    /**
+     * Checkout an asset
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $assetId
+     * @since [v4.0]
+     * @return JsonResponse
+     */
+    public function checkout(AssetCheckoutRequest $request, $asset_id)
+    {
+        $this->authorize('checkout', Asset::class);
+        $asset = Asset::findOrFail($asset_id);
+
+        if (!$asset->availableForCheckout()) {
+            return response()->json(Helper::formatStandardApiResponse('error', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkout.not_available')));
+        }
+
+        $this->authorize('checkout', $asset);
+
+        $error_payload = [];
+        $error_payload['asset'] = [
+            'id' => $asset->id,
+            'asset_tag' => $asset->asset_tag,
+        ];
+
+
+        // This item is checked out to a location
+        if (request('checkout_to_type')=='location') {
+            $target = Location::find(request('assigned_location'));
+            $asset->location_id = ($target) ? $target->id : '';
+            $error_payload['target_id'] = $request->input('assigned_location');
+            $error_payload['target_type'] = 'location';
+
+        } elseif (request('checkout_to_type')=='asset') {
+            $target = Asset::where('id','!=',$asset_id)->find(request('assigned_asset'));
+            $asset->location_id = $target->rtd_location_id;
+            // Override with the asset's location_id if it has one
+            if ($target->location_id!='') {
+                $asset->location_id = ($target) ? $target->location_id : '';
+            }
+            $error_payload['target_id'] = $request->input('assigned_asset');
+            $error_payload['target_type'] = 'asset';
+
+        } elseif (request('checkout_to_type')=='user') {
+            // Fetch the target and set the asset's new location_id
+            $target = User::find(request('assigned_user'));
+            $asset->location_id = ($target) ? $target->location_id : '';
+            $error_payload['target_id'] = $request->input('assigned_user');
+            $error_payload['target_type'] = 'user';
+        }
+
+
+
+        if (!isset($target)) {
+            return response()->json(Helper::formatStandardApiResponse('error', $error_payload, 'Checkout target for asset '.e($asset->asset_tag).' is invalid - '.$error_payload['target_type'].' does not exist.'));
+        }
+
+
+
+        $checkout_at = request('checkout_at', date("Y-m-d H:i:s"));
+        $expected_checkin = request('expected_checkin', null);
+        $note = request('note', null);
+        $asset_name = request('name', null);
+        
+        // Set the location ID to the RTD location id if there is one
+        if ($asset->rtd_location_id!='') {
+            $asset->location_id = $target->rtd_location_id;
+        }
+
+
+
+        
+
+        if ($asset->checkOut($target, Auth::user(), $checkout_at, $expected_checkin, $note, $asset_name, $asset->location_id)) {
+            return response()->json(Helper::formatStandardApiResponse('success', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkout.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkout.error')))->withErrors($asset->getErrors());
+    }
+
+
+    /**
+     * Checkin an asset
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $assetId
+     * @since [v4.0]
+     * @return JsonResponse
+     */
+    public function checkin(Request $request, $asset_id)
+    {
+        $this->authorize('checkin', Asset::class);
+        $asset = Asset::findOrFail($asset_id);
+        $this->authorize('checkin', $asset);
+
+
+        $user = $asset->assignedUser;
+        if (is_null($target = $asset->assignedTo)) {
+            return response()->json(Helper::formatStandardApiResponse('error', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkin.already_checked_in')));
+        }
+
+        $asset->expected_checkin = null;
+        $asset->last_checkout = null;
+        $asset->assigned_to = null;
+        $asset->assignedTo()->disassociate($asset);
+        $asset->accepted = null;
+        $asset->name = e(Input::get('name'));
+        $asset->location_id =  $asset->rtd_location_id;
+
+        if ($request->has('location_id')) {
+            $asset->location_id =  $request->input('location_id');
+        }
+
+        if (Input::has('status_id')) {
+            $asset->status_id =  e(Input::get('status_id'));
+        }
+
+        // Was the asset updated?
+        if ($asset->save()) {
+            $logaction = $asset->logCheckin($target, e(request('note')));
+
+            $data['log_id'] = $logaction->id;
+            $data['first_name'] = get_class($target) == User::class ? $target->first_name : '';
+            $data['item_name'] = $asset->present()->name();
+            $data['checkin_date'] = $logaction->created_at;
+            $data['item_tag'] = $asset->asset_tag;
+            $data['item_serial'] = $asset->serial;
+            $data['note'] = $logaction->note;
+            $data['manufacturer_name'] = $asset->model->manufacturer->name;
+            $data['model_name'] = $asset->model->name;
+            $data['model_number'] = $asset->model->model_number;
+
+            if ((($asset->checkin_email()=='1')) && (isset($user)) && (!config('app.lock_passwords'))) {
+                Mail::send('emails.checkin-asset', $data, function ($m) use ($user) {
+                    $m->to($user->email, $user->first_name . ' ' . $user->last_name);
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.Confirm_Asset_Checkin'));
+                });
+            }
+
+            return response()->json(Helper::formatStandardApiResponse('success', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkin.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('success', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkin.error')));
+    }
+
+
+    /**
+     * Mark an asset as audited
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $id
+     * @since [v4.0]
+     * @return JsonResponse
+     */
+    public function audit(Request $request) {
+
+
+        $this->authorize('audit', Asset::class);
+        $rules = array(
+            'asset_tag' => 'required',
+            'location_id' => 'exists:locations,id|nullable|numeric',
+            'next_audit_date' => 'date|nullable'
+        );
+
+        $validator = Validator::make($request->all(), $rules);
+        if ($validator->fails()) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, $validator->errors()->all()));
+        }
+
+        $asset = Asset::where('asset_tag','=', $request->input('asset_tag'))->first();
+
+
+        if ($asset) {
+            // We don't want to log this as a normal update, so let's bypass that
+            $asset->unsetEventDispatcher();
+            $asset->next_audit_date = $request->input('next_audit_date');
+            $asset->last_audit_date = date('Y-m-d h:i:s');
+
+            if ($asset->save()) {
+                $log = $asset->logAudit(request('note'),request('location_id'));
+                return response()->json(Helper::formatStandardApiResponse('success', [
+                    'asset_tag'=> e($asset->asset_tag),
+                    'note'=> e($request->input('note')),
+                    'next_audit_date' => Helper::getFormattedDateObject($log->calcNextAuditDate())
+                ], trans('admin/hardware/message.audit.success')));
+            }
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', ['asset_tag'=> e($request->input('asset_tag'))], 'Asset with tag '.$request->input('asset_tag').' not found'));
+
+
+
+
+
+    }
+}

app/Http/Controllers/Api/CategoriesController.php

@@ -0,0 +1,168 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Helpers\Helper;
+use App\Models\Category;
+use App\Http\Transformers\CategoriesTransformer;
+use App\Http\Transformers\SelectlistTransformer;
+
+class CategoriesController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('view', Category::class);
+        $allowed_columns = ['id', 'name','category_type', 'category_type','use_default_eula','eula_text', 'require_acceptance','checkin_email', 'assets_count', 'accessories_count', 'consumables_count', 'components_count', 'image'];
+
+        $categories = Category::select(['id', 'created_at', 'updated_at', 'name','category_type','use_default_eula','eula_text', 'require_acceptance','checkin_email','image'])
+            ->withCount('assets', 'accessories', 'consumables', 'components');
+
+        if ($request->has('search')) {
+            $categories = $categories->TextSearch($request->input('search'));
+        }
+
+        $offset = $request->input('offset', 0);
+        $limit = $request->input('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'assets_count';
+        $categories->orderBy($sort, $order);
+
+        $total = $categories->count();
+        $categories = $categories->skip($offset)->take($limit)->get();
+        return (new CategoriesTransformer)->transformCategories($categories, $total);
+
+    }
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', Category::class);
+        $category = new Category;
+        $category->fill($request->all());
+
+        if ($category->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $category, trans('admin/categories/message.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $category->getErrors()));
+
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $this->authorize('view', Category::class);
+        $category = Category::findOrFail($id);
+        return (new CategoriesTransformer)->transformCategory($category);
+
+    }
+
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('edit', Category::class);
+        $category = Category::findOrFail($id);
+        $category->fill($request->all());
+
+        if ($category->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $category, trans('admin/categories/message.update.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $category->getErrors()));
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($id)
+    {
+        $this->authorize('delete', Category::class);
+        $category = Category::findOrFail($id);
+
+        if ($category->has_models() > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/categories/message.assoc_items', ['asset_type'=>'model'])));
+        } elseif ($category->accessories()->count() > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/categories/message.assoc_items', ['asset_type'=>'accessory'])));
+        } elseif ($category->consumables()->count() > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/categories/message.assoc_items', ['asset_type'=>'consumable'])));
+        } elseif ($category->components()->count() > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/categories/message.assoc_items', ['asset_type'=>'component'])));
+        }
+        $category->delete();
+        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/categories/message.delete.success')));
+
+    }
+
+
+    /**
+     * Gets a paginated collection for the select2 menus
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0.16]
+     * @see \App\Http\Transformers\SelectlistTransformer
+     *
+     */
+    public function selectlist(Request $request, $category_type = 'asset')
+    {
+
+        $categories = Category::select([
+            'id',
+            'name',
+            'image',
+        ]);
+
+        if ($request->has('search')) {
+            $categories = $categories->where('name', 'LIKE', '%'.$request->get('search').'%');
+        }
+
+        $categories = $categories->where('category_type', $category_type)->orderBy('name', 'ASC')->paginate(50);
+
+        // Loop through and set some custom properties for the transformer to use.
+        // This lets us have more flexibility in special cases like assets, where
+        // they may not have a ->name value but we want to display something anyway
+        foreach ($categories as $category) {
+            $category->use_image = ($category->image) ? url('/').'/uploads/categories/'.$category->image : null;
+        }
+
+        return (new SelectlistTransformer)->transformSelectlist($categories);
+
+    }
+
+}

app/Http/Controllers/Api/CompaniesController.php

@@ -0,0 +1,186 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use App\Http\Transformers\CompaniesTransformer;
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Helpers\Helper;
+use App\Models\Company;
+use App\Http\Transformers\SelectlistTransformer;
+
+class CompaniesController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('view', Company::class);
+
+        $allowed_columns = [
+            'id',
+            'name',
+            'created_at',
+            'updated_at',
+            'users_count',
+            'assets_count',
+            'licenses_count',
+            'accessories_count',
+            'consumables_count',
+            'components_count',
+        ];
+
+        $companies = Company::withCount('assets','licenses','accessories','consumables','components','users');
+
+        if ($request->has('search')) {
+            $companies->TextSearch($request->input('search'));
+        }
+
+        $offset = $request->input('offset', 0);
+        $limit = $request->input('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+        $companies->orderBy($sort, $order);
+
+        $total = $companies->count();
+        $companies = $companies->skip($offset)->take($limit)->get();
+        return (new CompaniesTransformer)->transformCompanies($companies, $total);
+
+    }
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', Company::class);
+        $company = new Company;
+        $company->fill($request->all());
+
+        if ($company->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', (new CompaniesTransformer)->transformCompany($company), trans('admin/companies/message.create.success')));
+        }
+        return response()
+            ->json(Helper::formatStandardApiResponse('error', null, $company->getErrors()));
+
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $this->authorize('view', Company::class);
+        $company = Company::findOrFail($id);
+        return (new CompaniesTransformer)->transformCompany($company);
+
+    }
+
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('edit', Company::class);
+        $company = Company::findOrFail($id);
+        $company->fill($request->all());
+
+        if ($company->save()) {
+            return response()
+                ->json(Helper::formatStandardApiResponse('success', (new CompaniesTransformer)->transformCompany($company), trans('admin/companies/message.update.success')));
+        }
+
+        return response()
+            ->json(Helper::formatStandardApiResponse('error', null, $company->getErrors()));
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($id)
+    {
+       $this->authorize('delete', Company::class);
+       $company = Company::findOrFail($id);
+            $this->authorize('delete', $company);
+
+        try {
+            $company->delete();
+            return response()
+                ->json(Helper::formatStandardApiResponse('success', null,  trans('admin/companies/message.delete.success')));
+        } catch (\Illuminate\Database\QueryException $exception) {
+            /*
+                 * NOTE: This happens when there's a foreign key constraint violation
+                 * For example when rows in other tables are referencing this company
+                 */
+            if ($exception->getCode() == 23000) {
+                return response()
+                    ->json(Helper::formatStandardApiResponse('error', null,  trans('admin/companies/message.assoc_users')));
+
+            } else {
+                throw $exception;
+            }
+        }
+
+    }
+
+    /**
+     * Gets a paginated collection for the select2 menus
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0.16]
+     * @see \App\Http\Transformers\SelectlistTransformer
+     *
+     */
+    public function selectlist(Request $request)
+    {
+
+        $companies = Company::select([
+            'companies.id',
+            'companies.name',
+            'companies.image',
+        ]);
+
+        if ($request->has('search')) {
+            $companies = $companies->where('companies.name', 'LIKE', '%'.$request->get('search').'%');
+        }
+
+        $companies = $companies->orderBy('name', 'ASC')->paginate(50);
+
+        // Loop through and set some custom properties for the transformer to use.
+        // This lets us have more flexibility in special cases like assets, where
+        // they may not have a ->name value but we want to display something anyway
+        foreach ($companies as $company) {
+            $company->use_image = ($company->image) ? url('/').'/uploads/companies/'.$company->image : null;
+        }
+
+        return (new SelectlistTransformer)->transformSelectlist($companies);
+    }
+}

app/Http/Controllers/Api/ComponentsController.php

@@ -0,0 +1,165 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Http\Transformers\AssetsTransformer;
+use App\Http\Transformers\ComponentsTransformer;
+use App\Http\Transformers\ComponentsAssetsTransformer;
+use App\Models\Component;
+use App\Models\Company;
+use App\Helpers\Helper;
+
+class ComponentsController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     *
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('view', Component::class);
+        $components = Company::scopeCompanyables(Component::select('components.*')->whereNull('components.deleted_at')
+            ->with('company', 'location', 'category'));
+
+        if ($request->has('search')) {
+            $components = $components->TextSearch($request->input('search'));
+        }
+
+        if ($request->has('company_id')) {
+            $components->where('company_id','=',$request->input('company_id'));
+        }
+
+        $offset = request('offset', 0);
+        $limit = request('limit', 50);
+
+        $allowed_columns = ['id','name','min_amt','order_number','serial','purchase_date','purchase_cost','company','category','qty','location','image'];
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+
+        switch ($sort) {
+            case 'category':
+                $components = $components->OrderCategory($order);
+                break;
+            case 'location':
+                $components = $components->OrderLocation($order);
+                break;
+            case 'company':
+                $components = $components->OrderCompany($order);
+                break;
+            default:
+                $components = $components->orderBy($sort, $order);
+                break;
+        }
+
+        $total = $components->count();
+        $components = $components->skip($offset)->take($limit)->get();
+        return (new ComponentsTransformer)->transformComponents($components, $total);
+    }
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', Component::class);
+        $component = new Component;
+        $component->fill($request->all());
+
+        if ($component->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $component, trans('admin/components/message.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $component->getErrors()));
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $this->authorize('view', Component::class);
+        $component = Component::findOrFail($id);
+
+        if ($component) {
+            return (new ComponentsTransformer)->transformComponent($component);
+        }
+    }
+
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('edit', Component::class);
+        $component = Component::findOrFail($id);
+        $component->fill($request->all());
+
+        if ($component->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $component, trans('admin/components/message.update.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $component->getErrors()));
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($id)
+    {
+        $this->authorize('delete', Component::class);
+        $component = Component::findOrFail($id);
+        $this->authorize('delete', $component);
+        $component->delete();
+        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/components/message.delete.success')));
+    }
+
+    /**
+     * Display all assets attached to a component
+     *
+     * @author [A. Bergamasco] [@vjandrea]
+     * @since [v4.0]
+     * @param Request $request
+     * @param int $id
+     * @return \Illuminate\Http\Response
+    */
+    public function getAssets(Request $request, $id)
+    {
+        $this->authorize('view', \App\Models\Asset::class);
+        
+        $component = Component::findOrFail($id);
+        $assets = $component->assets();
+
+        $offset = request('offset', 0);
+        $limit = $request->input('limit', 50);
+        $total = $assets->count();
+        $assets = $assets->skip($offset)->take($limit)->get();
+        return (new ComponentsTransformer)->transformCheckedoutComponents($assets, $total);
+    }
+}

app/Http/Controllers/Api/ConsumablesController.php

@@ -0,0 +1,191 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Models\Company;
+use App\Models\Consumable;
+use App\Http\Transformers\ConsumablesTransformer;
+use App\Helpers\Helper;
+
+class ConsumablesController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     *
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('index', Consumable::class);
+        $consumables = Company::scopeCompanyables(
+            Consumable::select('consumables.*')
+                ->whereNull('consumables.deleted_at')
+                ->with('company', 'location', 'category', 'users', 'manufacturer')
+        );
+
+        if ($request->has('search')) {
+            $consumables = $consumables->TextSearch(e($request->input('search')));
+        }
+
+        if ($request->has('company_id')) {
+            $consumables->where('company_id','=',$request->input('company_id'));
+        }
+
+        if ($request->has('manufacturer_id')) {
+            $consumables->where('manufacturer_id','=',$request->input('manufacturer_id'));
+        }
+
+
+        $offset = request('offset', 0);
+        $limit = request('limit', 50);
+        $allowed_columns = ['id','name','order_number','min_amt','purchase_date','purchase_cost','company','category','model_number', 'item_no', 'manufacturer','location','qty','image'];
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+
+
+        switch ($sort) {
+            case 'category':
+                $consumables = $consumables->OrderCategory($order);
+                break;
+            case 'location':
+                $consumables = $consumables->OrderLocation($order);
+                break;
+            case 'manufacturer':
+                $consumables = $consumables->OrderManufacturer($order);
+                break;
+            case 'company':
+                $consumables = $consumables->OrderCompany($order);
+                break;
+            default:
+                $consumables = $consumables->orderBy($sort, $order);
+                break;
+        }
+
+
+
+        $total = $consumables->count();
+        $consumables = $consumables->skip($offset)->take($limit)->get();
+        return (new ConsumablesTransformer)->transformConsumables($consumables, $total);
+
+    }
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', Consumable::class);
+        $consumable = new Consumable;
+        $consumable->fill($request->all());
+
+        if ($consumable->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $consumable, trans('admin/consumables/message.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $consumable->getErrors()));
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param  int $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $this->authorize('view', Consumable::class);
+        $consumable = Consumable::findOrFail($id);
+        return (new ConsumablesTransformer)->transformConsumable($consumable);
+    }
+
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request $request
+     * @param  int $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('edit', Consumable::class);
+        $consumable = Consumable::findOrFail($id);
+        $consumable->fill($request->all());
+
+        if ($consumable->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $consumable, trans('admin/consumables/message.update.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $consumable->getErrors()));
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int $id
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($id)
+    {
+        $this->authorize('delete', Consumable::class);
+        $consumable = Consumable::findOrFail($id);
+        $this->authorize('delete', $consumable);
+        $consumable->delete();
+        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/consumables/message.delete.success')));
+    }
+
+        /**
+    * Returns a JSON response containing details on the users associated with this consumable.
+    *
+    * @author [A. Gianotto] [<snipe@snipe.net>]
+    * @see ConsumablesController::getView() method that returns the form.
+    * @since [v1.0]
+    * @param int $consumableId
+    * @return array
+     */
+    public function getDataView($consumableId)
+    {
+        $consumable = Consumable::with(array('consumableAssignments'=>
+        function ($query) {
+            $query->orderBy('created_at', 'DESC');
+        },
+        'consumableAssignments.admin'=> function ($query) {
+        },
+        'consumableAssignments.user'=> function ($query) {
+        },
+        ))->find($consumableId);
+
+        if (!Company::isCurrentUserHasAccess($consumable)) {
+            return ['total' => 0, 'rows' => []];
+        }
+        $this->authorize('view', Consumable::class);
+        $rows = array();
+
+        foreach ($consumable->consumableAssignments as $consumable_assignment) {
+            $rows[] = [
+                'name' => ($consumable_assignment->user) ? $consumable_assignment->user->present()->nameUrl() : 'Deleted User',
+                'created_at' => ($consumable_assignment->created_at->format('Y-m-d H:i:s')=='-0001-11-30 00:00:00') ? '' : $consumable_assignment->created_at->format('Y-m-d H:i:s'),
+                'admin' => ($consumable_assignment->admin) ? $consumable_assignment->admin->present()->nameUrl() : '',
+            ];
+        }
+
+        $consumableCount = $consumable->users->count();
+        $data = array('total' => $consumableCount, 'rows' => $rows);
+        return $data;
+    }
+}

app/Http/Controllers/Api/CustomFieldsController.php

@@ -0,0 +1,181 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use App\Helpers\Helper;
+use App\Http\Controllers\Controller;
+use App\Http\Transformers\CustomFieldsTransformer;
+use App\Models\CustomField;
+use App\Models\CustomFieldset;
+use Illuminate\Http\Request;
+use Validator;
+use Illuminate\Validation\Rule;
+
+class CustomFieldsController extends Controller
+{
+    /**
+     * Reorder the custom fields within a fieldset
+     *
+     * @author [Brady Wetherington] [<uberbrady@gmail.com>]
+     * @param  int  $id
+     * @since [v3.0]
+     * @return Array
+     */
+
+    public function index()
+    {
+        $this->authorize('index', CustomFields::class);
+        $fields = CustomField::get();
+
+        $total = count($fields);
+        return (new CustomFieldsTransformer)->transformCustomFields($fields, $total);
+    }
+
+    /**
+    * Shows the given field
+    * @author [V. Cordes] [<volker@fdatek.de>]
+    * @param int $id
+    * @since [v4.1.10]
+    * @return View
+    */
+    public function show($id)
+    {
+      $this->authorize('show', CustomField::class);
+        if ($field = CustomField::find($id)) {
+            return (new CustomFieldsTransformer)->transformCustomField($field);
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/custom_fields/message.field.invalid')), 200);
+    }
+
+     /**
+     * Update the specified field
+     *
+     * @author [V. Cordes] [<volker@fdatek.de>]
+     * @since [v4.1.10]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('edit', CustomField::class);
+        $field = CustomField::findOrFail($id);
+        $data = $request->all();
+
+        $validator = Validator::make($data, $field->validationRules());
+        if ($validator->fails()) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, $validator->errors()));
+        }
+
+        $field->fill($data);
+
+        if ($field->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $field, trans('admin/custom_fields/message.field.update.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $field->getErrors()));
+    }
+
+
+    /**
+     * Store a newly created field.
+     *
+     * @author [V. Cordes] [<volker@fdatek.de>]
+     * @since [v4.1.10]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', CustomField::class);
+        $field = new CustomField;
+
+        $data = $request->all();
+        $validator = Validator::make($data, $field->validationRules());
+        if ($validator->fails()) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, $validator->errors()));
+        }
+        $field->fill($data);
+
+        if ($field->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $field, trans('admin/custom_fields/message.field.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $field->getErrors()));
+
+    }
+
+    public function postReorder(Request $request, $id)
+    {
+        $fieldset = CustomFieldset::find($id);
+        $fields = array();
+        $order_array = array();
+
+        $items = $request->input('item');
+
+        foreach ($items as $order => $field_id) {
+            $order_array[$field_id] = $order;
+        }
+
+        foreach ($fieldset->fields as $field) {
+            $fields[$field->id] = ['required' => $field->pivot->required, 'order' => $order_array[$field->id]];
+        }
+
+        return $fieldset->fields()->sync($fields);
+
+    }
+
+    public function associate(Request $request, $field_id)
+    {
+        $this->authorize('edit', CustomFieldset::class);
+        $field = CustomField::findOrFail($field_id);
+
+        $fieldset_id = $request->input('fieldset_id');
+        foreach ($field->fieldset as $fieldset) {
+            if ($fieldset->id == $fieldset_id) {
+                return response()->json(Helper::formatStandardApiResponse('success', $fieldset, trans('admin/custom_fields/message.fieldset.update.success')));
+            }
+        }
+
+        $fieldset = CustomFieldset::findOrFail($fieldset_id);
+        $fieldset->fields()->attach($field->id, ["required" => ($request->input('required') == "on"), "order" => $request->input('order', $fieldset->fields->count())]);
+        return response()->json(Helper::formatStandardApiResponse('success', $fieldset, trans('admin/custom_fields/message.fieldset.update.success')));
+    }
+
+    public function disassociate(Request $request, $field_id)
+    {
+        $this->authorize('edit', CustomFieldset::class);
+        $field = CustomField::findOrFail($field_id);
+
+        $fieldset_id = $request->input('fieldset_id');
+        foreach ($field->fieldset as $fieldset) {
+            if ($fieldset->id == $fieldset_id) {
+                $fieldset->fields()->detach($field->id);
+                return response()->json(Helper::formatStandardApiResponse('success', $fieldset, trans('admin/custom_fields/message.fieldset.update.success')));
+            }
+        }
+        $fieldset = CustomFieldset::findOrFail($fieldset_id);
+        return response()->json(Helper::formatStandardApiResponse('success', $fieldset, trans('admin/custom_fields/message.fieldset.update.success')));
+    }
+
+    /**
+     * Delete a custom field.
+     *
+     * @author [Brady Wetherington] [<uberbrady@gmail.com>]
+     * @since [v1.8]
+     * @return Redirect
+     */
+    public function destroy($field_id)
+    {
+        $field = CustomField::findOrFail($field_id);
+
+        if ($field->fieldset->count() >0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'Field is in use.'));
+        }
+
+        $field->delete();
+        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/custom_fields/message.field.delete.success')));
+
+    }
+
+}

app/Http/Controllers/Api/CustomFieldsetsController.php

@@ -0,0 +1,163 @@
+<?php
+namespace App\Http\Controllers\Api;
+
+use View;
+use App\Models\CustomFieldset;
+use App\Models\CustomField;
+use Input;
+use Validator;
+use Redirect;
+use App\Models\AssetModel;
+use Lang;
+use Auth;
+use Illuminate\Http\Request;
+use Log;
+use App\Http\Controllers\Controller;
+use App\Helpers\Helper;
+use App\Http\Transformers\CustomFieldsTransformer;
+use App\Http\Transformers\CustomFieldsetsTransformer;
+use App\Http\Requests\AssetRequest;
+
+/**
+ * This controller handles all actions related to Custom Asset Fieldsets for
+ * the Snipe-IT Asset Management application.
+ *
+ * @todo Improve documentation here.
+ * @todo Check for raw DB queries and try to convert them to query builder statements
+ * @version    v2.0
+ * @author [Brady Wetherington] [<uberbrady@gmail.com>]
+ * @author [Josh Gibson]
+ */
+
+class CustomFieldsetsController extends Controller
+{
+
+    /**
+    * Shows the given fieldset and its fields
+    * @author [A. Gianotto] [<snipe@snipe.net>]
+    * @author [Josh Gibson]
+    * @param int $id
+    * @since [v1.8]
+    * @return View
+    */
+    public function index()
+    {
+        $this->authorize('index', CustomFieldset::class);
+        $fieldsets = CustomFieldset::withCount(['fields', 'models'])->get();
+
+        $total = count($fieldsets);
+        return (new CustomFieldsetsTransformer)->transformCustomFieldsets($fieldsets, $total);
+
+    }
+
+    /**
+    * Shows the given fieldset and its fields
+    * @author [A. Gianotto] [<snipe@snipe.net>]
+    * @author [Josh Gibson]
+    * @param int $id
+    * @since [v1.8]
+    * @return View
+    */
+    public function show($id)
+    {
+      $this->authorize('show', CustomFieldset::class);
+        if ($fieldset = CustomFieldset::find($id)) {
+            return (new CustomFieldsetsTransformer)->transformCustomFieldset($fieldset);
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/custom_fields/message.fieldset.does_not_exist')), 200);
+
+    }
+
+
+     /**
+     * Update the specified resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('edit', CustomFieldset::class);
+        $fieldset = CustomFieldset::findOrFail($id);
+        $fieldset->fill($request->all());
+
+        if ($fieldset->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $fieldset, trans('admin/custom_fields/message.fieldset.update.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $fieldset->getErrors()));
+    }
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', CustomFieldset::class);
+        $fieldset = new CustomFieldset;
+        $fieldset->fill($request->all());
+
+        if ($fieldset->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $fieldset, trans('admin/custom_fields/message.fieldset.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $fieldset->getErrors()));
+
+    }
+
+
+    /**
+     * Delete a custom fieldset.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return Redirect
+     */
+    public function destroy($id)
+    {
+        $this->authorize('delete', CustomFieldset::class);
+        $fieldset = CustomFieldset::findOrFail($id);
+
+        $modelsCount = $fieldset->models->count();
+        $fieldsCount = $fieldset->fields->count();
+
+        if (($modelsCount > 0) || ($fieldsCount > 0) ){
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'Fieldset is in use.'));
+        }
+
+         if ($fieldset->delete()) {
+             return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/custom_fields/message.fieldset.delete.success')));
+         }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, 'Unspecified error'));
+
+
+
+    }
+
+    /**
+     * Return JSON containing a list of fields belonging to a fieldset.
+     *
+     * @author [V. Cordes] [<volker@fdatek.de>]
+     * @since [v4.1.10]
+     * @param $fieldsetId
+     * @return string JSON
+     */
+    public function fields($id)
+    {
+        $this->authorize('view', CustomFieldset::class);
+        $set = CustomFieldset::findOrFail($id);
+        $fields = $set->fields->get();
+        return (new CustomFieldsTransformer)->transformCustomFields($fields, $fields->count());
+    }
+
+}

app/Http/Controllers/Api/DepartmentsController.php

@@ -0,0 +1,160 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Models\Department;
+use App\Http\Transformers\DepartmentsTransformer;
+use App\Helpers\Helper;
+use Auth;
+use App\Http\Transformers\SelectlistTransformer;
+
+class DepartmentsController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('view', Department::class);
+        $allowed_columns = ['id','name','image','users_count'];
+
+        $departments = Department::select([
+            'departments.id',
+            'departments.name',
+            'departments.location_id',
+            'departments.company_id',
+            'departments.manager_id',
+            'departments.created_at',
+            'departments.updated_at',
+            'departments.image'
+        ])->with('users')->with('location')->with('manager')->with('company')->withCount('users');
+
+        if ($request->has('search')) {
+            $departments = $departments->TextSearch($request->input('search'));
+        }
+
+        $offset = $request->input('offset', 0);
+        $limit = $request->input('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+
+        switch ($request->input('sort')) {
+            case 'location':
+                $departments->OrderLocation($order);
+                break;
+            case 'manager':
+                $departments->OrderManager($order);
+                break;
+            default:
+                $departments->orderBy($sort, $order);
+                break;
+        }
+
+        $total = $departments->count();
+        $departments = $departments->skip($offset)->take($limit)->get();
+        return (new DepartmentsTransformer)->transformDepartments($departments, $total);
+
+    }
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', Department::class);
+        $department = new Department;
+        $department->fill($request->all());
+        $department->user_id = Auth::user()->id;
+        $department->manager_id = ($request->has('manager_id' ) ? $request->input('manager_id') : null);
+
+        if ($department->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $department, trans('admin/departments/message.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $department->getErrors()));
+
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $this->authorize('view', Department::class);
+        $department = Department::findOrFail($id);
+        return (new DepartmentsTransformer)->transformDepartment($department);
+    }
+
+
+
+    /**
+     * Validates and deletes selected location.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $locationId
+     * @since [v1.0]
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function destroy($id)
+    {
+        $department = Department::findOrFail($id);
+
+        if ($department->users->count() > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/departments/message.assoc_users')));
+        }
+
+        $department->delete();
+        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/departments/message.delete.success')));
+
+    }
+
+    /**
+     * Gets a paginated collection for the select2 menus
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0.16]
+     * @see \App\Http\Transformers\SelectlistTransformer
+     *
+     */
+    public function selectlist(Request $request)
+    {
+
+        $departments = Department::select([
+            'id',
+            'name',
+            'image',
+        ]);
+
+        if ($request->has('search')) {
+            $departments = $departments->where('name', 'LIKE', '%'.$request->get('search').'%');
+        }
+
+        $departments = $departments->orderBy('name', 'ASC')->paginate(50);
+
+        // Loop through and set some custom properties for the transformer to use.
+        // This lets us have more flexibility in special cases like assets, where
+        // they may not have a ->name value but we want to display something anyway
+        foreach ($departments as $department) {
+            $department->use_image = ($department->image) ? url('/').'/uploads/departments/'.$department->image : null;
+        }
+
+        return (new SelectlistTransformer)->transformSelectlist($departments);
+
+    }
+
+}

app/Http/Controllers/Api/DepreciationsController.php

@@ -0,0 +1,127 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Helpers\Helper;
+use App\Models\Depreciation;
+use App\Http\Transformers\DepreciationsTransformer;
+
+class DepreciationsController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('view', Depreciation::class);
+        $allowed_columns = ['id','name','created_at'];
+
+        $depreciations = Depreciation::select('id','name','months','user_id','created_at','updated_at');
+
+        if ($request->has('search')) {
+            $depreciations = $depreciations->TextSearch($request->input('search'));
+        }
+
+        $offset = $request->input('offset', 0);
+        $limit = $request->input('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+        $depreciations->orderBy($sort, $order);
+
+        $total = $depreciations->count();
+        $depreciations = $depreciations->skip($offset)->take($limit)->get();
+        return (new DepreciationsTransformer)->transformDepreciations($depreciations, $total);
+    }
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', Depreciation::class);
+        $depreciation = new Depreciation;
+        $depreciation->fill($request->all());
+
+        if ($depreciation->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $depreciation, trans('admin/depreciations/message.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $depreciation->getErrors()));
+
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $this->authorize('view', Depreciation::class);
+        $depreciation = Depreciation::findOrFail($id);
+        return (new DepreciationsTransformer)->transformDepreciation($depreciation);
+    }
+
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('edit', Depreciation::class);
+        $depreciation = Depreciation::findOrFail($id);
+        $depreciation->fill($request->all());
+
+        if ($depreciation->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $depreciation, trans('admin/depreciations/message.update.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $depreciation->getErrors()));
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($id)
+    {
+        $this->authorize('delete', Depreciation::class);
+        $depreciation = Depreciation::findOrFail($id);
+        $this->authorize('delete', $depreciation);
+
+        if ($depreciation->has_models() > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', trans('admin/depreciations/message.assoc_users')));
+        }
+
+        $depreciation->delete();
+        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/depreciations/message.delete.success')));
+
+    }
+
+
+
+}

app/Http/Controllers/Api/GroupsController.php

@@ -0,0 +1,121 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Helpers\Helper;
+use App\Models\Group;
+use App\Http\Transformers\GroupsTransformer;
+
+class GroupsController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('view', Group::class);
+        $allowed_columns = ['id','name','created_at', 'users_count'];
+
+        $groups = Group::select('id','name','permissions','created_at','updated_at')->withCount('users');
+
+        if ($request->has('search')) {
+            $groups = $groups->TextSearch($request->input('search'));
+        }
+
+        $offset = $request->input('offset', 0);
+        $limit = $request->input('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+        $groups->orderBy($sort, $order);
+
+        $total = $groups->count();
+        $groups = $groups->skip($offset)->take($limit)->get();
+        return (new GroupsTransformer)->transformGroups($groups, $total);
+    }
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', Group::class);
+        $group = new Group;
+        $group->fill($request->all());
+
+        if ($group->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $group, trans('admin/groups/message.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $group->getErrors()));
+
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $this->authorize('view', Group::class);
+        $group = Group::findOrFail($id);
+        return (new GroupsTransformer)->transformGroup($group);
+    }
+
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('edit', Group::class);
+        $group = Group::findOrFail($id);
+        $group->fill($request->all());
+
+        if ($group->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $group, trans('admin/groups/message.update.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $group->getErrors()));
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($id)
+    {
+        $this->authorize('delete', Group::class);
+        $group = Group::findOrFail($id);
+        $this->authorize('delete', $group);
+        $group->delete();
+        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/groups/message.delete.success')));
+
+    }
+
+
+}

app/Http/Controllers/Api/ImportController.php

@@ -0,0 +1,175 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use App\Helpers\Helper;
+use App\Http\Controllers\Controller;
+use App\Http\Requests\ItemImportRequest;
+use App\Http\Transformers\ImportsTransformer;
+use App\Models\Company;
+use App\Models\Import;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Input;
+use Illuminate\Support\Facades\Session;
+use League\Csv\Reader;
+use Symfony\Component\HttpFoundation\File\Exception\FileException;
+use Artisan;
+use App\Models\Asset;
+
+class ImportController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @return \Illuminate\Http\Response
+     */
+    public function index()
+    {
+        //
+        $imports = Import::latest()->get();
+        return (new ImportsTransformer)->transformImports($imports);
+
+    }
+
+    /**
+     * Process and store a CSV upload file.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store()
+    {
+        //
+        if (!Company::isCurrentUserAuthorized()) {
+            return redirect()->route('hardware.index')->with('error', trans('general.insufficient_permissions'));
+        } elseif (!config('app.lock_passwords')) {
+            $files = Input::file('files');
+            $path = config('app.private_uploads').'/imports';
+            $results = [];
+            $import = new Import;
+            foreach ($files as $file) {
+                if (!in_array($file->getMimeType(), array(
+                    'application/vnd.ms-excel',
+                    'text/csv',
+                    'text/plain',
+                    'text/comma-separated-values',
+                    'text/tsv'))) {
+                    $results['error']='File type must be CSV';
+                    return response()->json(Helper::formatStandardApiResponse('error', null, $results['error']), 500);
+                }
+
+                //TODO: is there a lighter way to do this?
+                if (! ini_get("auto_detect_line_endings")) {
+                    ini_set("auto_detect_line_endings", '1');
+                }
+                $reader = Reader::createFromFileObject($file->openFile('r')); //file pointer leak?
+                $import->header_row = $reader->fetchOne(0);
+
+                //duplicate headers check
+                $duplicate_headers = [];
+
+                for($i = 0; $i<count($import->header_row); $i++) {
+                    $header = $import->header_row[$i];
+                    if(in_array($header, $import->header_row)) {
+                        $found_at = array_search($header, $import->header_row);
+                        if($i > $found_at) {
+                            //avoid reporting duplicates twice, e.g. "1 is same as 17! 17 is same as 1!!!"
+                            //as well as "1 is same as 1!!!" (which is always true)
+                            //has to be > because otherwise the first result of array_search will always be $i itself(!)
+                            array_push($duplicate_headers,"Duplicate header '$header' detected, first at column: ".($found_at+1).", repeats at column: ".($i+1));
+                        }
+                    }
+                }
+                if(count($duplicate_headers) > 0) {
+                    return response()->json(Helper::formatStandardApiResponse('error',null, implode("; ",$duplicate_headers)), 500); //should this be '4xx'?
+                }
+
+                // Grab the first row to display via ajax as the user picks fields
+                $import->first_row = $reader->fetchOne(1);
+
+                $date = date('Y-m-d-his');
+                $fixed_filename = str_slug($file->getClientOriginalName());
+                try {
+                    $file->move($path, $date.'-'.$fixed_filename);
+                } catch (FileException $exception) {
+                    $results['error']=trans('admin/hardware/message.upload.error');
+                    if (config('app.debug')) {
+                        $results['error'].= ' ' . $exception->getMessage();
+                    }
+                    return response()->json(Helper::formatStandardApiResponse('error', null, $results['error']), 500);
+                }
+                $file_name = date('Y-m-d-his').'-'.$fixed_filename;
+                $import->file_path = $file_name;
+                $import->filesize = filesize($path.'/'.$file_name);
+                $import->save();
+                $results[] = $import;
+            }
+            $results = (new ImportsTransformer)->transformImports($results);
+            return [
+                'files' => $results,
+            ];
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.feature_disabled')), 500);
+    }
+    /**
+     * Processes the specified Import.
+     *
+     * @param  \App\Import  $import
+     * @return \Illuminate\Http\Response
+     */
+    public function process(ItemImportRequest $request, $import_id)
+    {
+        $this->authorize('create', Asset::class);
+        // Run a backup immediately before processing
+        Artisan::call('backup:run');
+        $errors = $request->import(Import::find($import_id));
+        $redirectTo = "hardware.index";
+        switch ($request->get('import-type')) {
+            case "asset":
+                $redirectTo = "hardware.index";
+                break;
+            case "accessory":
+                $redirectTo = "accessories.index";
+                break;
+            case "consumable":
+                $redirectTo = "consumables.index";
+                break;
+            case "component":
+                $redirectTo = "components.index";
+                break;
+            case "license":
+                $redirectTo = "licenses.index";
+                break;
+            case "user":
+                $redirectTo = "users.index";
+                break;
+        }
+
+        if ($errors) { //Failure
+            return response()->json(Helper::formatStandardApiResponse('import-errors', null, $errors), 500);
+        }
+        //Flash message before the redirect
+        Session::flash('success', trans('admin/hardware/message.import.success'));
+        return response()->json(Helper::formatStandardApiResponse('success', null, ['redirect_url' => route($redirectTo)]));
+
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @param  \App\Import  $import
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($import_id)
+    {
+        $this->authorize('create', Asset::class);
+        $import = Import::find($import_id);
+        try {
+            unlink(config('app.private_uploads').'/imports/'.$import->file_path);
+            $import->delete();
+            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/hardware/message.import.file_delete_success')));
+        } catch (\Exception $e) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.import.file_delete_error')), 500);
+        }
+    }
+}

app/Http/Controllers/Api/LicensesController.php

@@ -0,0 +1,239 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use App\Helpers\Helper;
+use App\Http\Controllers\Controller;
+use App\Http\Transformers\LicenseSeatsTransformer;
+use App\Http\Transformers\LicensesTransformer;
+use App\Models\Company;
+use App\Models\License;
+use App\Models\LicenseSeat;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\DB;
+
+class LicensesController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     *
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('view', License::class);
+        $licenses = Company::scopeCompanyables(License::with('company', 'manufacturer', 'freeSeats', 'supplier')->withCount('freeSeats'));
+
+
+        if ($request->has('company_id')) {
+            $licenses->where('company_id','=',$request->input('company_id'));
+        }
+
+        if ($request->has('name')) {
+            $licenses->where('licenses.name','=',$request->input('name'));
+        }
+
+        if ($request->has('product_key')) {
+            $licenses->where('licenses.serial','=',$request->input('product_key'));
+        }
+
+        if ($request->has('order_number')) {
+            $licenses->where('order_number','=',$request->input('order_number'));
+        }
+
+        if ($request->has('purchase_order')) {
+            $licenses->where('purchase_order','=',$request->input('purchase_order'));
+        }
+
+        if ($request->has('license_name')) {
+            $licenses->where('license_name','=',$request->input('license_name'));
+        }
+
+        if ($request->has('license_email')) {
+            $licenses->where('license_email','=',$request->input('license_email'));
+        }
+
+        if ($request->has('manufacturer_id')) {
+            $licenses->where('manufacturer_id','=',$request->input('manufacturer_id'));
+        }
+
+        if ($request->has('supplier_id')) {
+            $licenses->where('supplier_id','=',$request->input('supplier_id'));
+        }
+
+        if ($request->has('depreciation_id')) {
+            $licenses->where('depreciation_id','=',$request->input('depreciation_id'));
+        }
+
+        if ($request->has('supplier_id')) {
+            $licenses->where('supplier_id','=',$request->input('supplier_id'));
+        }
+
+
+        if ($request->has('search')) {
+            $licenses = $licenses->TextSearch($request->input('search'));
+        }
+
+
+        $offset = request('offset', 0);
+        $limit = request('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+
+
+        switch ($request->input('sort')) {
+                case 'manufacturer':
+                    $licenses = $licenses->leftJoin('manufacturers', 'licenses.manufacturer_id', '=', 'manufacturers.id')->orderBy('manufacturers.name', $order);
+                break;
+            case 'supplier':
+                $licenses = $licenses->leftJoin('suppliers', 'licenses.supplier_id', '=', 'suppliers.id')->orderBy('suppliers.name', $order);
+                break;
+            case 'company':
+                $licenses = $licenses->leftJoin('companies', 'licenses.company_id', '=', 'companies.id')->orderBy('companies.name', $order);
+                break;
+            default:
+                $allowed_columns = ['id','name','purchase_cost','expiration_date','purchase_order','order_number','notes','purchase_date','serial','company','license_name','license_email','free_seats_count','seats'];
+                $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
+                $licenses = $licenses->orderBy($sort, $order);
+                break;
+        }
+
+
+
+        $total = $licenses->count();
+
+        $licenses = $licenses->skip($offset)->take($limit)->get();
+        return (new LicensesTransformer)->transformLicenses($licenses, $total);
+
+    }
+
+
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        //
+        $this->authorize('create', License::class);
+        $license = new License;
+        $license->fill($request->all());
+
+        if($license->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $license, trans('admin/licenses/message.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $license->getErrors()));
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $this->authorize('view', License::class);
+        $license = License::findOrFail($id);
+        $license = $license->load('assignedusers', 'licenseSeats.user', 'licenseSeats.asset');
+        return (new LicensesTransformer)->transformLicense($license);
+    }
+
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        //
+        $this->authorize('edit', License::class);
+
+        $license = License::findOrFail($id);
+        $license->fill($request->all());
+
+        if ($license->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $license, trans('admin/licenses/message.update.success')));
+        }
+
+        return Helper::formatStandardApiResponse('error', null, $license->getErrors());
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($id)
+    {
+        //
+        $license = License::findOrFail($id);
+        $this->authorize('delete', $license);
+
+        if($license->assigned_seats_count == 0) {
+            // Delete the license and the associated license seats
+            DB::table('license_seats')
+                ->where('id', $license->id)
+                ->update(array('assigned_to' => null,'asset_id' => null));
+
+            $licenseSeats = $license->licenseseats();
+            $licenseSeats->delete();
+            $license->delete();
+
+            // Redirect to the licenses management page
+            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/licenses/message.delete.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/licenses/message.assoc_users')));
+    }
+
+    /**
+     * Get license seat listing
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @param int $licenseId
+     * @return \Illuminate\Contracts\View\View
+     */
+    public function seats(Request $request, $licenseId)
+    {
+
+        if ($license = License::find($licenseId)) {
+
+            $seats = LicenseSeat::where('license_id', $licenseId)->with('license', 'user', 'asset');
+
+            $offset = request('offset', 0);
+            $limit = request('limit', 50);
+            $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+
+            $total = $seats->count();
+            $seats = $seats->skip($offset)->take($limit)->get();
+
+            if ($seats) {
+                return (new LicenseSeatsTransformer)->transformLicenseSeats($seats, $total);
+            }
+
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/licenses/message.does_not_exist')), 200);
+
+    }
+
+
+}

app/Http/Controllers/Api/LocationsController.php

@@ -0,0 +1,194 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Helpers\Helper;
+use App\Models\Location;
+use App\Http\Transformers\LocationsTransformer;
+use App\Http\Transformers\SelectlistTransformer;
+
+class LocationsController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('view', Location::class);
+        $allowed_columns = [
+                'id','name','address','address2','city','state','country','zip','created_at',
+                'updated_at','manager_id','image',
+                'assigned_assets_count','users_count','assets_count','currency'];
+
+        $locations = Location::with('parent', 'manager', 'childLocations')->select([
+            'locations.id',
+            'locations.name',
+            'locations.address',
+            'locations.address2',
+            'locations.city',
+            'locations.state',
+            'locations.zip',
+            'locations.country',
+            'locations.parent_id',
+            'locations.manager_id',
+            'locations.created_at',
+            'locations.updated_at',
+            'locations.image',
+            'locations.currency'
+        ])->withCount('assignedAssets')
+        ->withCount('assets')
+        ->withCount('users');
+
+        if ($request->has('search')) {
+            $locations = $locations->TextSearch($request->input('search'));
+        }
+
+
+
+        $offset = $request->input('offset', 0);
+        $limit = $request->input('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+
+        switch ($request->input('sort')) {
+            case 'parent':
+                $locations->OrderParent($order);
+                break;
+            case 'manager':
+                $locations->OrderManager($order);
+                break;
+            default:
+                $locations->orderBy($sort, $order);
+                break;
+        }
+
+
+        $total = $locations->count();
+        $locations = $locations->skip($offset)->take($limit)->get();
+        return (new LocationsTransformer)->transformLocations($locations, $total);
+    }
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', Location::class);
+        $location = new Location;
+        $location->fill($request->all());
+
+        if ($location->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', (new LocationsTransformer)->transformLocation($location), trans('admin/locations/message.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $location->getErrors()));
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $this->authorize('view', Location::class);
+        $location = Location::findOrFail($id);
+        return (new LocationsTransformer)->transformLocation($location);
+    }
+
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('edit', Location::class);
+        $location = Location::findOrFail($id);
+        $location->fill($request->all());
+
+        if ($location->save()) {
+            return response()->json(
+                Helper::formatStandardApiResponse(
+                    'success',
+                    (new LocationsTransformer)->transformLocation($location),
+                    trans('admin/locations/message.update.success')
+                )
+            );
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $location->getErrors()));
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($id)
+    {
+        $this->authorize('delete', Location::class);
+        $location = Location::findOrFail($id);
+        $this->authorize('delete', $location);
+        $location->delete();
+        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/locations/message.delete.success')));
+    }
+
+    /**
+     * Gets a paginated collection for the select2 menus
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0.16]
+     * @see \App\Http\Transformers\SelectlistTransformer
+     *
+     */
+    public function selectlist(Request $request)
+    {
+
+        $locations = Location::select([
+            'locations.id',
+            'locations.name',
+            'locations.image',
+        ]);
+
+        if ($request->has('search')) {
+            $locations = $locations->where('locations.name', 'LIKE', '%'.$request->get('search').'%');
+        }
+
+        $locations = $locations->orderBy('name', 'ASC')->paginate(50);
+
+        // Loop through and set some custom properties for the transformer to use.
+        // This lets us have more flexibility in special cases like assets, where
+        // they may not have a ->name value but we want to display something anyway
+        foreach ($locations as $location) {
+            $location->use_text = $location->name;
+            $location->use_image = ($location->image) ? url('/').'/uploads/locations/'.$location->image : null;
+        }
+
+        return (new SelectlistTransformer)->transformSelectlist($locations);
+
+    }
+
+}

app/Http/Controllers/Api/ManufacturersController.php

@@ -0,0 +1,165 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Helpers\Helper;
+use App\Models\Manufacturer;
+use App\Http\Transformers\DatatablesTransformer;
+use App\Http\Transformers\ManufacturersTransformer;
+use App\Http\Transformers\SelectlistTransformer;
+
+class ManufacturersController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('view', Manufacturer::class);
+        $allowed_columns = ['id','name','url','support_url','support_email','support_phone','created_at','updated_at','image', 'assets_count', 'consumables_count', 'components_count', 'licenses_count'];
+
+        $manufacturers = Manufacturer::select(
+            array('id','name','url','support_url','support_email','support_phone','created_at','updated_at','image', 'deleted_at')
+        )->withCount('assets')->withCount('licenses')->withCount('consumables')->withCount('accessories');
+
+        if ($request->input('deleted')=='true') {
+            $manufacturers->onlyTrashed();
+        }
+
+        if ($request->has('search')) {
+            $manufacturers = $manufacturers->TextSearch($request->input('search'));
+        }
+
+
+
+
+        $offset = request('offset', 0);
+        $limit = $request->input('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+        $manufacturers->orderBy($sort, $order);
+
+        $total = $manufacturers->count();
+        $manufacturers = $manufacturers->skip($offset)->take($limit)->get();
+        return (new ManufacturersTransformer)->transformManufacturers($manufacturers, $total);
+    }
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', Manufacturer::class);
+        $manufacturer = new Manufacturer;
+        $manufacturer->fill($request->all());
+
+        if ($manufacturer->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $manufacturer, trans('admin/manufacturers/message.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $manufacturer->getErrors()));
+
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $this->authorize('view', Manufacturer::class);
+        $manufacturer = Manufacturer::findOrFail($id);
+        return (new ManufacturersTransformer)->transformManufacturer($manufacturer);
+    }
+
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('edit', Manufacturer::class);
+        $manufacturer = Manufacturer::findOrFail($id);
+        $manufacturer->fill($request->all());
+
+        if ($manufacturer->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $manufacturer, trans('admin/manufacturers/message.update.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $manufacturer->getErrors()));
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($id)
+    {
+        $this->authorize('delete', Manufacturer::class);
+        $manufacturer = Manufacturer::findOrFail($id);
+        $this->authorize('delete', $manufacturer);
+        $manufacturer->delete();
+        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/manufacturers/message.delete.success')));
+
+    }
+
+    /**
+     * Gets a paginated collection for the select2 menus
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0.16]
+     * @see \App\Http\Transformers\SelectlistTransformer
+     *
+     */
+    public function selectlist(Request $request)
+    {
+
+        $manufacturers = Manufacturer::select([
+            'id',
+            'name',
+            'image',
+        ]);
+
+        if ($request->has('search')) {
+            $manufacturers = $manufacturers->where('name', 'LIKE', '%'.$request->get('search').'%');
+        }
+
+        $manufacturers = $manufacturers->orderBy('name', 'ASC')->paginate(50);
+
+        // Loop through and set some custom properties for the transformer to use.
+        // This lets us have more flexibility in special cases like assets, where
+        // they may not have a ->name value but we want to display something anyway
+        foreach ($manufacturers as $manufacturer) {
+            $manufacturer->use_text = $manufacturer->name;
+            $manufacturer->use_image = ($manufacturer->image) ? url('/').'/uploads/manufacturers/'.$manufacturer->image : null;
+        }
+
+        return (new SelectlistTransformer)->transformSelectlist($manufacturers);
+
+    }
+}

app/Http/Controllers/Api/ReportsController.php

@@ -0,0 +1,62 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Models\Actionlog;
+use App\Http\Transformers\ActionlogsTransformer;
+
+class ReportsController extends Controller
+{
+    /**
+     * Returns Activity Report JSON.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return View
+     */
+    public function index(Request $request)
+    {
+
+        $actionlogs = Actionlog::with('item', 'user', 'target','location');
+
+        if ($request->has('search')) {
+            $actionlogs = $actionlogs->TextSearch(e($request->input('search')));
+        }
+
+        if (($request->has('target_type'))  && ($request->has('target_id'))) {
+            $actionlogs = $actionlogs->where('target_id','=',$request->input('target_id'))
+                ->where('target_type','=',"App\\Models\\".ucwords($request->input('target_type')));
+
+        }
+
+        if (($request->has('item_type'))  && ($request->has('item_id'))) {
+            $actionlogs = $actionlogs->where('item_id','=',$request->input('item_id'))
+                ->where('item_type','=',"App\\Models\\".ucwords($request->input('item_type')));
+        }
+
+        if ($request->has('action_type')) {
+            $actionlogs = $actionlogs->where('action_type','=',$request->input('action_type'))->orderBy('created_at', 'desc');
+        }
+
+        $allowed_columns = [
+            'id',
+            'created_at',
+            'target_id',
+            'user_id',
+            'action_type',
+            'note'
+        ];
+        
+        $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
+        $order = ($request->input('order') == 'asc') ? 'asc' : 'desc';
+        $offset = request('offset', 0);
+        $limit = request('limit', 50);
+        $total = $actionlogs->count();
+        $actionlogs = $actionlogs->orderBy($sort, $order)->skip($offset)->take($limit)->get();
+
+        return response()->json((new ActionlogsTransformer)->transformActionlogs($actionlogs, $total), 200, ['Content-Type' => 'application/json;charset=utf8'], JSON_UNESCAPED_UNICODE);
+
+    }
+}

app/Http/Controllers/Api/SettingsController.php

@@ -0,0 +1,154 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Models\Ldap;
+use Validator;
+use App\Models\Setting;
+use Mail;
+use App\Notifications\SlackTest;
+use Notification;
+use App\Notifications\MailTest;
+
+class SettingsController extends Controller
+{
+
+
+    public function ldaptest()
+    {
+
+        if (Setting::getSettings()->ldap_enabled!='1') {
+            \Log::debug('LDAP is not enabled cannot test.');
+            return response()->json(['message' => 'LDAP is not enabled, cannot test.'], 400);
+        }
+
+        \Log::debug('Preparing to test LDAP connection');
+
+        try {
+            $connection = Ldap::connectToLdap();
+            try {
+                \Log::debug('attempting to bind to LDAP for LDAP test');
+                Ldap::bindAdminToLdap($connection);
+                return response()->json(['message' => 'It worked!'], 200);
+            } catch (\Exception $e) {
+                \Log::debug('Bind failed');
+                return response()->json(['message' => $e->getMessage()], 400);
+                //return response()->json(['message' => $e->getMessage()], 500);
+            }
+        } catch (\Exception $e) {
+            \Log::debug('Connection failed');
+            return response()->json(['message' => $e->getMessage()], 600);
+        }
+
+
+    }
+
+    public function ldaptestlogin(Request $request)
+    {
+
+        if (Setting::getSettings()->ldap_enabled!='1') {
+            \Log::debug('LDAP is not enabled. Cannot test.');
+            return response()->json(['message' => 'LDAP is not enabled, cannot test.'], 400);
+        }
+
+
+        $rules = array(
+            'ldaptest_user' => 'required',
+            'ldaptest_password' => 'required'
+        );
+
+        $validator = Validator::make($request->all(), $rules);
+        if ($validator->fails()) {
+            \Log::debug('LDAP Validation test failed.');
+            $validation_errors = implode(' ',$validator->errors()->all());
+            return response()->json(['message' => $validator->errors()->all()], 400);
+        }
+        
+
+        \Log::debug('Preparing to test LDAP login');
+        try {
+            $connection = Ldap::connectToLdap();
+            try {
+                Ldap::bindAdminToLdap($connection);
+                \Log::debug('Attempting to bind to LDAP for LDAP test');
+                try {
+                    $ldap_user = Ldap::findAndBindUserLdap($request->input('ldaptest_user'), $request->input('ldaptest_password'));
+                    if ($ldap_user) {
+                        \Log::debug('It worked! '. $request->input('ldaptest_user').' successfully binded to LDAP.');
+                        return response()->json(['message' => 'It worked! '. $request->input('ldaptest_user').' successfully binded to LDAP.'], 200);
+                    }
+                    return response()->json(['message' => 'Login Failed. '. $request->input('ldaptest_user').' did not successfully bind to LDAP.'], 400);
+
+                } catch (\Exception $e) {
+                    \Log::debug('LDAP login failed');
+                    return response()->json(['message' => $e->getMessage()], 400);
+                }
+
+            } catch (\Exception $e) {
+                \Log::debug('Bind failed');
+                return response()->json(['message' => $e->getMessage()], 400);
+                //return response()->json(['message' => $e->getMessage()], 500);
+            }
+        } catch (\Exception $e) {
+            \Log::debug('Connection failed');
+            return response()->json(['message' => $e->getMessage()], 500);
+        }
+
+
+    }
+
+
+    public function slacktest()
+    {
+
+        if ($settings = Setting::getSettings()->slack_channel=='') {
+            \Log::debug('Slack is not enabled. Cannot test.');
+            return response()->json(['message' => 'Slack is not enabled, cannot test.'], 400);
+        }
+
+        \Log::debug('Preparing to test slack connection');
+
+        try {
+            Notification::send($settings = Setting::getSettings(), new SlackTest());
+            return response()->json(['message' => 'Success'], 200);
+        } catch (\Exception $e) {
+            \Log::debug('Slack connection failed');
+            return response()->json(['message' => $e->getMessage()], 400);
+        }
+
+
+    }
+
+
+    /**
+     * Test the email configuration
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return Redirect
+     */
+    public function ajaxTestEmail()
+    {
+        if (!config('app.lock_passwords')) {
+            try {
+                Notification::send(Setting::first(), new MailTest());
+                
+                /*Mail::send('emails.test', [], function ($m) {
+                    $m->to(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.test_email'));
+                });*/
+                return response()->json(['message' => 'Mail sent to '.config('mail.reply_to.address')], 200);
+            } catch (Exception $e) {
+                return response()->json(['message' => $e->getMessage()], 500);
+            }
+        }
+        return response()->json(['message' => 'Mail would have been sent, but this application is in demo mode! '], 200);
+
+    }
+
+
+
+}

app/Http/Controllers/Api/StatuslabelsController.php

@@ -0,0 +1,246 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Helpers\Helper;
+use App\Models\Statuslabel;
+use App\Models\Asset;
+use App\Http\Transformers\StatuslabelsTransformer;
+use App\Http\Transformers\AssetsTransformer;
+
+class StatuslabelsController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('view', Statuslabel::class);
+        $allowed_columns = ['id','name','created_at', 'assets_count','color','default_label'];
+
+        $statuslabels = Statuslabel::withCount('assets');
+
+        if ($request->has('search')) {
+            $statuslabels = $statuslabels->TextSearch($request->input('search'));
+        }
+
+        $offset = $request->input('offset', 0);
+        $limit = $request->input('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+        $statuslabels->orderBy($sort, $order);
+
+        $total = $statuslabels->count();
+        $statuslabels = $statuslabels->skip($offset)->take($limit)->get();
+        return (new StatuslabelsTransformer)->transformStatuslabels($statuslabels, $total);
+    }
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', Statuslabel::class);
+        $request->except('deployable', 'pending','archived');
+
+        if (!$request->has('type')) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, ["type" => ["Status label type is required."]]),500);
+        }
+
+        $statuslabel = new Statuslabel;
+        $statuslabel->fill($request->all());
+
+        $statusType = Statuslabel::getStatuslabelTypesForDB($request->input('type'));
+        $statuslabel->deployable        =  $statusType['deployable'];
+        $statuslabel->pending           =  $statusType['pending'];
+        $statuslabel->archived          =  $statusType['archived'];
+
+        if ($statuslabel->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $statuslabel, trans('admin/statuslabels/message.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $statuslabel->getErrors()));
+
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $this->authorize('view', Statuslabel::class);
+        $statuslabel = Statuslabel::findOrFail($id);
+        return (new StatuslabelsTransformer)->transformStatuslabel($statuslabel);
+    }
+
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('edit', Statuslabel::class);
+        $statuslabel = Statuslabel::findOrFail($id);
+        
+        $request->except('deployable', 'pending','archived');
+
+        if (!$request->has('type')) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'Status label type is required.'));
+        }
+
+        $statuslabel->fill($request->all());
+
+        $statusType = Statuslabel::getStatuslabelTypesForDB($request->input('type'));
+        $statuslabel->deployable        =  $statusType['deployable'];
+        $statuslabel->pending           =  $statusType['pending'];
+        $statuslabel->archived          =  $statusType['archived'];
+
+        if ($statuslabel->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $statuslabel, trans('admin/statuslabels/message.update.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $statuslabel->getErrors()));
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($id)
+    {
+        $this->authorize('delete', Statuslabel::class);
+        $statuslabel = Statuslabel::findOrFail($id);
+        $this->authorize('delete', $statuslabel);
+
+        // Check that there are no assets associated
+        if ($statuslabel->assets()->count() == 0) {
+            $statuslabel->delete();
+            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/statuslabels/message.delete.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/statuslabels/message.assoc_assets')));
+
+    }
+
+
+
+     /**
+     * Show a count of assets by status label for pie chart
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return \Illuminate\Http\Response
+     */
+
+    public function getAssetCountByStatuslabel()
+    {
+
+        $statuslabels = Statuslabel::with('assets')->groupBy('id')->withCount('assets')->get();
+
+        $labels=[];
+        $points=[];
+        $colors=[];
+        foreach ($statuslabels as $statuslabel) {
+            if ($statuslabel->assets_count > 0) {
+
+                $labels[]=$statuslabel->name. ' ('.number_format($statuslabel->assets_count).')';
+                $points[]=$statuslabel->assets_count;
+                if ($statuslabel->color!='') {
+                    $colors[]=$statuslabel->color;
+                }
+            }
+        }
+
+        
+        $colors_array = array_merge($colors, Helper::chartColors());
+
+        $result= [
+            "labels" => $labels,
+            "datasets" => [ [
+                "data" => $points,
+                "backgroundColor" => $colors_array,
+                "hoverBackgroundColor" =>  $colors_array
+            ]]
+        ];
+        return $result;
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function assets(Request $request, $id)
+    {
+        $this->authorize('view', Statuslabel::class);
+        $this->authorize('index', Asset::class);
+        $assets = Asset::where('status_id','=',$id);
+
+        $allowed_columns = [
+            'id',
+            'name'
+        ];
+
+        $offset = request('offset', 0);
+        $limit = $request->input('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+        $assets->orderBy($sort, $order);
+
+        $total = $assets->count();
+        $assets = $assets->skip($offset)->take($limit)->get();
+
+
+        return (new AssetsTransformer)->transformAssets($assets, $total);
+    }
+
+
+    /**
+     * Returns a boolean response based on whether the status label
+     * is one that is deployable.
+     *
+     * This is used by the hardware create/edit view to determine whether
+     * we should provide a dropdown of users for them to check the asset out to.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return Bool
+     */
+    public function checkIfDeployable($id) {
+        $statuslabel = Statuslabel::findOrFail($id);
+        if ($statuslabel->getStatuslabelType()=='deployable') {
+            return '1';
+        }
+
+        return '0';
+    }
+}

app/Http/Controllers/Api/SuppliersController.php

@@ -0,0 +1,174 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Helpers\Helper;
+use App\Models\Supplier;
+use App\Http\Transformers\SuppliersTransformer;
+use App\Http\Transformers\SelectlistTransformer;
+
+
+class SuppliersController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('view', Supplier::class);
+        $allowed_columns = ['id','name','address','phone','contact','fax','email','image','assets_count','licenses_count', 'accessories_count'];
+        
+        $suppliers = Supplier::select(
+                array('id','name','address','address2','city','state','country','fax', 'phone','email','contact','created_at','updated_at','deleted_at','image')
+            )->withCount('assets')->withCount('licenses')->withCount('accessories')->whereNull('deleted_at');
+
+
+        if ($request->has('search')) {
+            $suppliers = $suppliers->TextSearch($request->input('search'));
+        }
+
+        $offset = request('offset', 0);
+        $limit = $request->input('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+        $suppliers->orderBy($sort, $order);
+
+        $total = $suppliers->count();
+        $suppliers = $suppliers->skip($offset)->take($limit)->get();
+        return (new SuppliersTransformer)->transformSuppliers($suppliers, $total);
+    }
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', Supplier::class);
+        $supplier = new Supplier;
+        $supplier->fill($request->all());
+
+        if ($supplier->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $supplier, trans('admin/suppliers/message.create.success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $supplier->getErrors()));
+
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $this->authorize('view', Supplier::class);
+        $supplier = Supplier::findOrFail($id);
+        return (new SuppliersTransformer)->transformSupplier($supplier);
+    }
+
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('edit', Supplier::class);
+        $supplier = Supplier::findOrFail($id);
+        $supplier->fill($request->all());
+
+        if ($supplier->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $supplier, trans('admin/suppliers/message.update.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $supplier->getErrors()));
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($id)
+    {
+        $this->authorize('delete', Supplier::class);
+        $supplier = Supplier::with('asset_maintenances', 'assets', 'licenses')->withCount('asset_maintenances','assets', 'licenses')->findOrFail($id);
+        $this->authorize('delete', $supplier);
+
+
+        if ($supplier->assets_count > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/suppliers/message.delete.assoc_assets', ['asset_count' => (int) $supplier->assets_count])));
+        }
+
+        if ($supplier->asset_maintenances_count > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/suppliers/message.delete.assoc_maintenances', ['asset_maintenances_count' => $supplier->asset_maintenances_count])));
+        }
+
+        if ($supplier->licenses_count > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/suppliers/message.delete.assoc_licenses', ['licenses_count' => (int) $supplier->licenses_count])));
+        }
+
+        $supplier->delete();
+        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/suppliers/message.delete.success')));
+
+    }
+
+    /**
+     * Gets a paginated collection for the select2 menus
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0.16]
+     * @see \App\Http\Transformers\SelectlistTransformer
+     *
+     */
+    public function selectlist(Request $request)
+    {
+
+        $suppliers = Supplier::select([
+            'id',
+            'name',
+            'image',
+        ]);
+
+        if ($request->has('search')) {
+            $suppliers = $suppliers->where('suppliers.name', 'LIKE', '%'.$request->get('search').'%');
+        }
+
+        $suppliers = $suppliers->orderBy('name', 'ASC')->paginate(50);
+
+        // Loop through and set some custom properties for the transformer to use.
+        // This lets us have more flexibility in special cases like assets, where
+        // they may not have a ->name value but we want to display something anyway
+        foreach ($suppliers as $supplier) {
+            $supplier->use_text = $supplier->name;
+            $supplier->use_image = ($supplier->image) ? url('/').'/uploads/suppliers/'.$supplier->image : null;
+        }
+
+        return (new SelectlistTransformer)->transformSelectlist($suppliers);
+
+    }
+
+}

app/Http/Controllers/Api/UsersController.php

@@ -0,0 +1,321 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Http\Transformers\UsersTransformer;
+use App\Models\Company;
+use App\Models\User;
+use App\Helpers\Helper;
+use App\Http\Requests\SaveUserRequest;
+use App\Models\Asset;
+use App\Http\Transformers\AssetsTransformer;
+use App\Http\Transformers\SelectlistTransformer;
+
+class UsersController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     *
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('view', User::class);
+
+        $users = User::select([
+            'users.activated',
+            'users.address',
+            'users.avatar',
+            'users.city',
+            'users.company_id',
+            'users.country',
+            'users.created_at',
+            'users.deleted_at',
+            'users.department_id',
+            'users.email',
+            'users.employee_num',
+            'users.first_name',
+            'users.id',
+            'users.jobtitle',
+            'users.last_login',
+            'users.last_name',
+            'users.location_id',
+            'users.manager_id',
+            'users.notes',
+            'users.permissions',
+            'users.phone',
+            'users.state',
+            'users.two_factor_enrolled',
+            'users.updated_at',
+            'users.username',
+            'users.zip',
+
+        ])->with('manager', 'groups', 'userloc', 'company', 'department','assets','licenses','accessories','consumables')
+            ->withCount('assets','licenses','accessories','consumables');
+        $users = Company::scopeCompanyables($users);
+
+
+        if (($request->has('deleted')) && ($request->input('deleted')=='true')) {
+            $users = $users->GetDeleted();
+        }
+
+        if ($request->has('company_id')) {
+            $users = $users->where('users.company_id', '=', $request->input('company_id'));
+        }
+
+        if ($request->has('location_id')) {
+            $users = $users->where('users.location_id', '=', $request->input('location_id'));
+        }
+
+        if ($request->has('group_id')) {
+            $users = $users->ByGroup($request->get('group_id'));
+        }
+
+        if ($request->has('department_id')) {
+            $users = $users->where('users.department_id','=',$request->input('department_id'));
+        }
+
+        if ($request->has('search')) {
+            $users = $users->TextSearch($request->input('search'));
+        }
+
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $offset = request('offset', 0);
+        $limit = request('limit',  20);
+
+        switch ($request->input('sort')) {
+            case 'manager':
+                $users = $users->OrderManager($order);
+                break;
+            case 'location':
+                $users = $users->OrderLocation($order);
+                break;
+            case 'department':
+                $users = $users->OrderDepartment($order);
+                break;
+            default:
+                $allowed_columns =
+                    [
+                        'last_name','first_name','email','jobtitle','username','employee_num',
+                        'assets','accessories', 'consumables','licenses','groups','activated','created_at',
+                        'two_factor_enrolled','two_factor_optin','last_login', 'assets_count', 'licenses_count',
+                        'consumables_count', 'accessories_count', 'phone', 'address', 'city', 'state',
+                        'country', 'zip'
+                    ];
+
+                $sort = in_array($request->get('sort'), $allowed_columns) ? $request->get('sort') : 'first_name';
+                $users = $users->orderBy($sort, $order);
+                break;
+        }
+
+
+        $total = $users->count();
+        $users = $users->skip($offset)->take($limit)->get();
+        return (new UsersTransformer)->transformUsers($users, $total);
+    }
+
+
+    /**
+     * Gets a paginated collection for the select2 menus
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0.16]
+     * @see \App\Http\Transformers\SelectlistTransformer
+     *
+     */
+    public function selectlist(Request $request)
+    {
+
+        $users = User::select(
+            [
+                'users.id',
+                'users.username',
+                'users.employee_num',
+                'users.first_name',
+                'users.last_name',
+                'users.gravatar',
+                'users.avatar',
+                'users.email',
+            ]
+            );
+
+        $users = Company::scopeCompanyables($users);
+
+        if ($request->has('search')) {
+            $users = $users->where('first_name', 'LIKE', '%'.$request->get('search').'%')
+                ->orWhere('last_name', 'LIKE', '%'.$request->get('search').'%')
+                ->orWhere('username', 'LIKE', '%'.$request->get('search').'%')
+                ->orWhere('employee_num', 'LIKE', '%'.$request->get('search').'%');
+        }
+
+        $users = $users->orderBy('last_name', 'asc')->orderBy('first_name', 'asc');
+        $users = $users->paginate(50);
+
+        foreach ($users as $user) {
+            $name_str = '';
+            if ($user->last_name!='') {
+                $name_str .= e($user->last_name).', ';
+            }
+            $name_str .= e($user->first_name);
+
+            if ($user->username!='') {
+                $name_str .= ' ('.e($user->username).')';
+            }
+
+            if ($user->employee_num!='') {
+                $name_str .= ' - #'.e($user->employee_num);
+            }
+
+            $user->use_text = $name_str;
+            $user->use_image = ($user->present()->gravatar) ? $user->present()->gravatar : null;
+        }
+
+        return (new SelectlistTransformer)->transformSelectlist($users);
+
+    }
+
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(SaveUserRequest $request)
+    {
+        $this->authorize('view', User::class);
+        $user = new User;
+        $user->fill($request->all());
+        $user->password = bcrypt($request->input('password'));
+
+        if ($user->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', (new UsersTransformer)->transformUser($user), trans('admin/users/message.success.create')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $user->getErrors()));
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $this->authorize('view', User::class);
+        $user = User::findOrFail($id);
+        return (new UsersTransformer)->transformUser($user);
+    }
+
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(SaveUserRequest $request, $id)
+    {
+        $this->authorize('edit', User::class);
+        $user = User::findOrFail($id);
+        $user->fill($request->all());
+
+        if ($user->id == $request->input('manager_id')) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot be your own manager'));
+        }
+
+        if ($request->has('password')) {
+            $user->password = bcrypt($request->input('password'));
+        }
+
+        // Update the location of any assets checked out to this user
+        Asset::where('assigned_type', User::class)
+            ->where('assigned_to', $user->id)->update(['location_id' => $request->input('location_id', null)]);
+
+        if ($user->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', (new UsersTransformer)->transformUser($user), trans('admin/users/message.success.update')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $user->getErrors()));
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($id)
+    {
+        $this->authorize('delete', User::class);
+        $user = User::findOrFail($id);
+        $this->authorize('delete', $user);
+
+
+        if ($user->assets()->count() > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/users/message.error.delete_has_assets')));
+        }
+
+        if ($user->delete()) {
+            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/users/message.success.delete')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/users/message.error.delete')));
+    }
+
+    /**
+     * Return JSON containing a list of assets assigned to a user.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @param $userId
+     * @return string JSON
+     */
+    public function assets($id)
+    {
+        $this->authorize('view', User::class);
+        $assets = Asset::where('assigned_to', '=', $id)->with('model')->get();
+        return (new AssetsTransformer)->transformAssets($assets, $assets->count());
+    }
+
+    /**
+     * Reset the user's two-factor status
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @param $userId
+     * @return string JSON
+     */
+    public function postTwoFactorReset(Request $request)
+    {
+
+        $this->authorize('edit', User::class);
+
+        if ($request->has('id')) {
+            try {
+                $user = User::find($request->get('id'));
+                $user->two_factor_secret = null;
+                $user->two_factor_enrolled = 0;
+                $user->save();
+                return response()->json(['message' => trans('admin/settings/general.two_factor_reset_success')], 200);
+            } catch (\Exception $e) {
+                return response()->json(['message' => trans('admin/settings/general.two_factor_reset_error')], 500);
+            }
+        }
+        return response()->json(['message' => 'No ID provided'], 500);
+
+    }
+}

app/Http/Controllers/AssetMaintenancesController.php

@@ -9,11 +9,9 @@ use Input;
 use Lang;
 use Log;
 use Mail;
-use Redirect;
 use Response;
 use Slack;
 use Str;
-use App\Models\Supplier;
 use TCPDF;
 use Validator;
 use View;
@@ -22,6 +20,7 @@ use App\Models\Asset;
 use App\Helpers\Helper;
 use Auth;
 use Gate;
+use Illuminate\Http\Request;
 
 /**
  * This controller handles all actions related to Asset Maintenance for
@@ -43,7 +42,7 @@ class AssetMaintenancesController extends Controller
     */
     private static function getInsufficientPermissionsRedirect()
     {
-        return redirect()->route('asset_maintenances')
+        return redirect()->route('maintenances.index')
           ->with('error', trans('general.insufficient_permissions'));
     }
 
@@ -58,129 +57,39 @@ class AssetMaintenancesController extends Controller
     * @since [v1.8]
     * @return View
     */
-    public function getIndex()
+    public function index()
     {
-
-        return View::make('asset_maintenances/index');
+        return view('asset_maintenances/index');
     }
 
 
-    /**
-    *  Generates the JSON response for asset maintenances listing view.
-    *
-    * @see AssetMaintenancesController::getIndex() method that generates view
-    * @author  Vincent Sposato <vincent.sposato@gmail.com>
-    * @version v1.0
-    * @since [v1.8]
-    * @return String JSON
-    */
-    public function getDatatable()
-    {
-        $maintenances = AssetMaintenance::with('asset', 'supplier', 'asset.company','admin');
-
-        if (Input::has('search')) {
-            $maintenances = $maintenances->TextSearch(e(Input::get('search')));
-        }
-
-
-
-
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
-        }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-
-
-        $allowed_columns = ['id','title','asset_maintenance_time','asset_maintenance_type','cost','start_date','completion_date','notes','user_id'];
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? e(Input::get('sort')) : 'created_at';
-
-        switch ($sort) {
-            case 'user_id':
-                $maintenances = $maintenances->OrderAdmin($order);
-                break;
-            default:
-                $maintenances = $maintenances->orderBy($sort, $order);
-                break;
-        }
-
-        $maintenancesCount = $maintenances->count();
-        $maintenances = $maintenances->skip($offset)->take($limit)->get();
-
-        $rows = array();
-        $settings = Setting::getSettings();
-
-        foreach ($maintenances as $maintenance) {
-            $actions = '';
-            if (Gate::allows('assets.edit')) {
-                $actions .= '<nobr><a href="' . route('update/asset_maintenance',
-                        $maintenance->id) . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/asset_maintenance',
-                        $maintenance->id) . '" data-content="' . trans('admin/asset_maintenances/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($maintenance->title) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></nobr>';
-            }
-
-            if (($maintenance->cost) && (isset($maintenance->asset)) && ($maintenance->asset->assetloc) &&  ($maintenance->asset->assetloc->currency!='')) {
-                $maintenance_cost = $maintenance->asset->assetloc->currency.$maintenance->cost;
-            } else {
-                $maintenance_cost = $settings->default_currency.$maintenance->cost;
-            }
-            
-            $rows[] = array(
-                'id'            => $maintenance->id,
-                'asset_name'    =>  ($maintenance->asset) ? (string)link_to('/hardware/'.$maintenance->asset->id.'/view', $maintenance->asset->showAssetName()) : 'Deleted Asset' ,
-                'title'         => $maintenance->title,
-                'notes'         => $maintenance->notes,
-                'supplier'      => ($maintenance->supplier) ? (string)link_to('/admin/settings/suppliers/'.$maintenance->supplier->id.'/view', $maintenance->supplier->name) : 'Deleted Supplier',
-                'cost'          => $maintenance_cost,
-                'asset_maintenance_type'          => e($maintenance->asset_maintenance_type),
-                'start_date'         => $maintenance->start_date,
-                'asset_maintenance_time'          => $maintenance->asset_maintenance_time,
-                'completion_date'     => $maintenance->completion_date,
-                'user_id'       => ($maintenance->admin) ? (string)link_to('/admin/users/'.$maintenance->admin->id.'/view', $maintenance->admin->fullName()) : '',
-                'actions'       => $actions,
-                'companyName'   => ($maintenance->asset->company) ? $maintenance->asset->company->name : ''
-            );
-        }
-
-        $data = array('total' => $maintenancesCount, 'rows' => $rows);
-        return $data;
-
-    }
 
     /**
-    *  Returns a form view to create a new asset maintenance.
-    *
-    * @see AssetMaintenancesController::postCreate() method that stores the data
-    * @author  Vincent Sposato <vincent.sposato@gmail.com>
-    * @version v1.0
-    * @since [v1.8]
-    * @return mixed
-    */
-    public function getCreate($assetId = null)
+     *  Returns a form view to create a new asset maintenance.
+     *
+     * @see AssetMaintenancesController::postCreate() method that stores the data
+     * @author  Vincent Sposato <vincent.sposato@gmail.com>
+     * @version v1.0
+     * @since [v1.8]
+     * @return mixed
+     */
+    public function create()
     {
+        $asset = null;
+
+        if ($asset = Asset::find(request('asset_id'))) {
+            // We have to set this so that the correct property is set in the select2 ajax dropdown
+            $asset->asset_id = $asset->id;
+        }
+
         // Prepare Asset Maintenance Type List
         $assetMaintenanceType = [
                                     '' => 'Select an asset maintenance type',
                                 ] + AssetMaintenance::getImprovementOptions();
         // Mark the selected asset, if it came in
-        $selectedAsset = $assetId;
 
-        $assets = Helper::detailedAssetList();
-
-        $supplier_list = Helper::suppliersList();
-
-        // Render the view
-        return View::make('asset_maintenances/edit')
-                   ->with('asset_list', $assets)
-                   ->with('selectedAsset', $selectedAsset)
-                   ->with('supplier_list', $supplier_list)
+        return view('asset_maintenances/edit')
+                   ->with('asset', $asset)
                    ->with('assetMaintenanceType', $assetMaintenanceType)
                    ->with('item', new AssetMaintenance);
     }
@@ -194,62 +103,29 @@ class AssetMaintenancesController extends Controller
     * @since [v1.8]
     * @return mixed
     */
-    public function postCreate()
+    public function store(Request $request)
     {
-
-        // get the POST data
-        $new = Input::all();
-
         // create a new model instance
         $assetMaintenance = new AssetMaintenance();
-
-
-        if (e(Input::get('supplier_id')) == '') {
-            $assetMaintenance->supplier_id = null;
-        } else {
-            $assetMaintenance->supplier_id = e(Input::get('supplier_id'));
-        }
-
-        if (e(Input::get('is_warranty')) == '') {
-            $assetMaintenance->is_warranty = 0;
-        } else {
-            $assetMaintenance->is_warranty = e(Input::get('is_warranty'));
-        }
-
-        if (e(Input::get('cost')) == '') {
-            $assetMaintenance->cost = '';
-        } else {
-            $assetMaintenance->cost =  Helper::ParseFloat(e(Input::get('cost')));
-        }
-
-        if (e(Input::get('notes')) == '') {
-            $assetMaintenance->notes = null;
-        } else {
-            $assetMaintenance->notes = e(Input::get('notes'));
-        }
-
-        $asset = Asset::find(e(Input::get('asset_id')));
+        $assetMaintenance->supplier_id = $request->input('supplier_id');
+        $assetMaintenance->is_warranty = $request->input('is_warranty');
+        $assetMaintenance->cost =  e($request->input('cost'));
+        $assetMaintenance->notes = e($request->input('notes'));
+        $asset = Asset::find(e($request->input('asset_id')));
 
         if (!Company::isCurrentUserHasAccess($asset)) {
             return static::getInsufficientPermissionsRedirect();
         }
 
         // Save the asset maintenance data
-        $assetMaintenance->asset_id               = e(Input::get('asset_id'));
-        $assetMaintenance->asset_maintenance_type = e(Input::get('asset_maintenance_type'));
-        $assetMaintenance->title                  = e(Input::get('title'));
-        $assetMaintenance->start_date             = e(Input::get('start_date'));
-        $assetMaintenance->completion_date        = e(Input::get('completion_date'));
-        $assetMaintenance->user_id                = Auth::user()->id;
+        $assetMaintenance->asset_id               = $request->input('asset_id');
+        $assetMaintenance->asset_maintenance_type = $request->input('asset_maintenance_type');
+        $assetMaintenance->title                  = $request->input('title');
+        $assetMaintenance->start_date             = $request->input('start_date');
+        $assetMaintenance->completion_date        = $request->input('completion_date');
+        $assetMaintenance->user_id                = Auth::id();
 
-        if (( $assetMaintenance->completion_date == "" )
-            || ( $assetMaintenance->completion_date == "0000-00-00" )
-        ) {
-            $assetMaintenance->completion_date = null;
-        }
-
-        if (( $assetMaintenance->completion_date !== "" )
-            && ( $assetMaintenance->completion_date !== "0000-00-00" )
+        if (( $assetMaintenance->completion_date !== null )
             && ( $assetMaintenance->start_date !== "" )
             && ( $assetMaintenance->start_date !== "0000-00-00" )
         ) {
@@ -260,17 +136,13 @@ class AssetMaintenancesController extends Controller
 
         // Was the asset maintenance created?
         if ($assetMaintenance->save()) {
-
             // Redirect to the new asset maintenance page
-            return redirect()->to("admin/asset_maintenances")
+            return redirect()->route('maintenances.index')
                            ->with('success', trans('admin/asset_maintenances/message.create.success'));
         }
 
         return redirect()->back()->withInput()->withErrors($assetMaintenance->getErrors());
 
-
-
-
     }
 
     /**
@@ -283,12 +155,12 @@ class AssetMaintenancesController extends Controller
     * @since [v1.8]
     * @return mixed
     */
-    public function getEdit($assetMaintenanceId = null)
+    public function edit($assetMaintenanceId = null)
     {
         // Check if the asset maintenance exists
         if (is_null($assetMaintenance = AssetMaintenance::find($assetMaintenanceId))) {
             // Redirect to the improvement management page
-            return redirect()->to('admin/asset_maintenances')
+            return redirect()->route('maintenances.index')
                            ->with('error', trans('admin/asset_maintenances/message.not_found'));
         } elseif (!Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
             return static::getInsufficientPermissionsRedirect();
@@ -311,88 +183,57 @@ class AssetMaintenancesController extends Controller
                                     '' => 'Select an improvement type',
                                 ] + AssetMaintenance::getImprovementOptions();
 
-        $assets = Company::scopeCompanyables(Asset::with('model','assignedUser')->get(), 'assets.company_id')->lists('detailed_name', 'id');
         // Get Supplier List
-        $supplier_list = Helper::suppliersList();
-
         // Render the view
-        return View::make('asset_maintenances/edit')
-                   ->with('asset_list', $assets)
+        return view('asset_maintenances/edit')
                    ->with('selectedAsset', null)
-                   ->with('supplier_list', $supplier_list)
                    ->with('assetMaintenanceType', $assetMaintenanceType)
                    ->with('item', $assetMaintenance);
 
     }
 
     /**
-    *  Validates and stores an update to an asset maintenance
-    *
-    * @see AssetMaintenancesController::postEdit() method that stores the data
-    * @author  Vincent Sposato <vincent.sposato@gmail.com>
-    * @param int $assetMaintenanceId
-    * @version v1.0
-    * @since [v1.8]
-    * @return mixed
-    */
-    public function postEdit($assetMaintenanceId = null)
+     *  Validates and stores an update to an asset maintenance
+     *
+     * @see AssetMaintenancesController::postEdit() method that stores the data
+     * @author  Vincent Sposato <vincent.sposato@gmail.com>
+     * @param Request $request
+     * @param int $assetMaintenanceId
+     * @return mixed
+     * @version v1.0
+     * @since [v1.8]
+     */
+    public function update(Request $request, $assetMaintenanceId = null)
     {
-
-        // get the POST data
-        $new = Input::all();
-
         // Check if the asset maintenance exists
         if (is_null($assetMaintenance = AssetMaintenance::find($assetMaintenanceId))) {
             // Redirect to the asset maintenance management page
-            return redirect()->to('admin/asset_maintenances')
+            return redirect()->route('maintenances.index')
                            ->with('error', trans('admin/asset_maintenances/message.not_found'));
         } elseif (!Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
             return static::getInsufficientPermissionsRedirect();
         }
 
+        $assetMaintenance->supplier_id = e($request->input('supplier_id'));
+        $assetMaintenance->is_warranty = e($request->input('is_warranty'));
+        $assetMaintenance->cost =  Helper::ParseFloat(e($request->input('cost')));
+        $assetMaintenance->notes = e($request->input('notes'));
 
-
-        if (e(Input::get('supplier_id')) == '') {
-            $assetMaintenance->supplier_id = null;
-        } else {
-            $assetMaintenance->supplier_id = e(Input::get('supplier_id'));
-        }
-
-        if (e(Input::get('is_warranty')) == '') {
-            $assetMaintenance->is_warranty = 0;
-        } else {
-            $assetMaintenance->is_warranty = e(Input::get('is_warranty'));
-        }
-
-        if (e(Input::get('cost')) == '') {
-            $assetMaintenance->cost = '';
-        } else {
-            $assetMaintenance->cost =  Helper::ParseFloat(e(Input::get('cost')));
-        }
-
-        if (e(Input::get('notes')) == '') {
-            $assetMaintenance->notes = null;
-        } else {
-            $assetMaintenance->notes = e(Input::get('notes'));
-        }
-
-        $asset = Asset::find(e(Input::get('asset_id')));
+        $asset = Asset::find(request('asset_id'));
 
         if (!Company::isCurrentUserHasAccess($asset)) {
             return static::getInsufficientPermissionsRedirect();
         }
 
         // Save the asset maintenance data
-        $assetMaintenance->asset_id               = e(Input::get('asset_id'));
-        $assetMaintenance->asset_maintenance_type = e(Input::get('asset_maintenance_type'));
-        $assetMaintenance->title                  = e(Input::get('title'));
-        $assetMaintenance->start_date             = e(Input::get('start_date'));
-        $assetMaintenance->completion_date        = e(Input::get('completion_date'));
+        $assetMaintenance->asset_id               = $request->input('asset_id');
+        $assetMaintenance->asset_maintenance_type = $request->input('asset_maintenance_type');
+        $assetMaintenance->title                  = $request->input('title');
+        $assetMaintenance->start_date             = $request->input('start_date');
+        $assetMaintenance->completion_date        = $request->input('completion_date');
 
-        if (( $assetMaintenance->completion_date == "" )
-          || ( $assetMaintenance->completion_date == "0000-00-00" )
+        if (( $assetMaintenance->completion_date == null )
         ) {
-            $assetMaintenance->completion_date = null;
             if (( $assetMaintenance->asset_maintenance_time !== 0 )
               || ( !is_null($assetMaintenance->asset_maintenance_time) )
             ) {
@@ -400,8 +241,7 @@ class AssetMaintenancesController extends Controller
             }
         }
 
-        if (( $assetMaintenance->completion_date !== "" )
-          && ( $assetMaintenance->completion_date !== "0000-00-00" )
+        if (( $assetMaintenance->completion_date !== null )
           && ( $assetMaintenance->start_date !== "" )
           && ( $assetMaintenance->start_date !== "0000-00-00" )
         ) {
@@ -414,12 +254,10 @@ class AssetMaintenancesController extends Controller
         if ($assetMaintenance->save()) {
 
             // Redirect to the new asset maintenance page
-            return redirect()->to("admin/asset_maintenances")
-                         ->with('success', trans('admin/asset_maintenances/message.create.success'));
+            return redirect()->route('maintenances.index')
+                         ->with('success', trans('admin/asset_maintenances/message.edit.success'));
         }
-        return redirect()->back() ->withInput()->withErrors($assetMaintenance->getErrors());
-
-
+        return redirect()->back()->withInput()->withErrors($assetMaintenance->getErrors());
     }
 
     /**
@@ -431,12 +269,12 @@ class AssetMaintenancesController extends Controller
     * @since [v1.8]
     * @return mixed
     */
-    public function getDelete($assetMaintenanceId)
+    public function destroy($assetMaintenanceId)
     {
         // Check if the asset maintenance exists
         if (is_null($assetMaintenance = AssetMaintenance::find($assetMaintenanceId))) {
             // Redirect to the asset maintenance management page
-            return redirect()->to('admin/asset_maintenances')
+            return redirect()->route('maintenances.index')
                            ->with('error', trans('admin/asset_maintenances/message.not_found'));
         } elseif (!Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
             return static::getInsufficientPermissionsRedirect();
@@ -446,7 +284,7 @@ class AssetMaintenancesController extends Controller
         $assetMaintenance->delete();
 
         // Redirect to the asset_maintenance management page
-        return redirect()->to('admin/asset_maintenances')
+        return redirect()->route('maintenances.index')
                        ->with('success', trans('admin/asset_maintenances/message.delete.success'));
     }
 
@@ -459,17 +297,17 @@ class AssetMaintenancesController extends Controller
     * @since [v1.8]
     * @return View
     */
-    public function getView($assetMaintenanceId)
+    public function show($assetMaintenanceId)
     {
         // Check if the asset maintenance exists
         if (is_null($assetMaintenance = AssetMaintenance::find($assetMaintenanceId))) {
             // Redirect to the asset maintenance management page
-            return redirect()->to('admin/asset_maintenances')
+            return redirect()->route('maintenances.index')
                            ->with('error', trans('admin/asset_maintenances/message.not_found'));
         } elseif (!Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
             return static::getInsufficientPermissionsRedirect();
         }
 
-        return View::make('asset_maintenances/view')->with('assetMaintenance', $assetMaintenance);
+        return view('asset_maintenances/view')->with('assetMaintenance', $assetMaintenance);
     }
 }

app/Http/Controllers/AssetModelsController.php

@@ -1,6 +1,7 @@
 <?php
 namespace App\Http\Controllers;
 
+use App\Models\CustomField;
 use Image;
 use Input;
 use Lang;
@@ -15,6 +16,8 @@ use App\Models\Asset;
 use App\Models\Company;
 use Config;
 use App\Helpers\Helper;
+use Illuminate\Http\Request;
+use App\Http\Requests\ImageUploadRequest;
 
 use Symfony\Component\HttpFoundation\JsonResponse;
 
@@ -32,14 +35,13 @@ class AssetModelsController extends Controller
     * the content for the accessories listing, which is generated in getDatatable.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see AssetModelsController::getDatatable() method that generates the JSON response
     * @since [v1.0]
     * @return View
     */
-    public function getIndex()
+    public function index()
     {
-        // Show the page
-        return View::make('models/index');
+        $this->authorize('index', AssetModel::class);
+        return view('models/index');
     }
 
     /**
@@ -49,16 +51,12 @@ class AssetModelsController extends Controller
     * @since [v1.0]
     * @return View
     */
-    public function getCreate()
+    public function create()
     {
-        // Show the page
-        $depreciation_list = Helper::depreciationList();
-        $manufacturer_list = Helper::manufacturerList();
-        $category_list = Helper::categoryList('asset');
-        return View::make('models/edit')
-        ->with('category_list', $category_list)
-        ->with('depreciation_list', $depreciation_list)
-        ->with('manufacturer_list', $manufacturer_list)
+        $this->authorize('create', AssetModel::class);
+        $category_type = 'asset';
+        return view('models/edit')->with('category_type',$category_type)
+        ->with('depreciation_list', Helper::depreciationList())
         ->with('item', new AssetModel);
     }
 
@@ -70,88 +68,84 @@ class AssetModelsController extends Controller
     * @since [v1.0]
     * @return Redirect
     */
-    public function postCreate()
+    public function store(ImageUploadRequest $request)
     {
 
+        $this->authorize('create', AssetModel::class);
         // Create a new asset model
         $model = new AssetModel;
 
-
-        if (e(Input::get('depreciation_id')) == '') {
-            $model->depreciation_id =  0;
-        } else {
-            $model->depreciation_id = e(Input::get('depreciation_id'));
-        }
-
-        if (e(Input::get('eol')) == '') {
-            $model->eol =  0;
-        } else {
-            $model->eol = e(Input::get('eol'));
-        }
-
         // Save the model data
-        $model->name                = e(Input::get('name'));
-        $model->model_number             = e(Input::get('model_number'));
-        $model->manufacturer_id     = e(Input::get('manufacturer_id'));
-        $model->category_id         = e(Input::get('category_id'));
-        $model->notes               = e(Input::get('notes'));
-        $model->user_id             = Auth::user()->id;
+        $model->eol = $request->input('eol');
+        $model->depreciation_id = $request->input('depreciation_id');
+        $model->name                = $request->input('name');
+        $model->model_number        = $request->input('model_number');
+        $model->manufacturer_id     = $request->input('manufacturer_id');
+        $model->category_id         = $request->input('category_id');
+        $model->notes               = $request->input('notes');
+        $model->user_id             = Auth::id();
         $model->requestable         = Input::has('requestable');
 
-        if (Input::get('custom_fieldset')!='') {
-            $model->fieldset_id = e(Input::get('custom_fieldset'));
+        if ($request->input('custom_fieldset')!='') {
+            $model->fieldset_id = e($request->input('custom_fieldset'));
         }
 
-
         if (Input::file('image')) {
+
             $image = Input::file('image');
-            $file_name = str_random(25).".".$image->getClientOriginalExtension();
-            $path = public_path('uploads/models/'.$file_name);
-            Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
-                $constraint->aspectRatio();
-                $constraint->upsize();
-            })->save($path);
+            $file_name = str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
+            $path = app('models_upload_path');
+
+            if ($image->getClientOriginalExtension()!='svg') {
+                Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
+                    $constraint->aspectRatio();
+                    $constraint->upsize();
+                })->save($path.'/'.$file_name);
+            } else {
+                $image->move($path, $file_name);
+            }
             $model->image = $file_name;
+
         }
 
             // Was it created?
         if ($model->save()) {
             // Redirect to the new model  page
-            return redirect()->to("hardware/models")->with('success', trans('admin/models/message.create.success'));
+            return redirect()->route("models.index")->with('success', trans('admin/models/message.create.success'));
         }
-
-            return redirect()->back()->withInput()->withErrors($model->getErrors());
-
+        return redirect()->back()->withInput()->withErrors($model->getErrors());
     }
 
     /**
-    * Validates and stores new Asset Model data created from the
-    * modal form on the Asset Creation view.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @since [v2.0]
-    * @return String JSON
-    */
-    public function store()
+     * Validates and stores new Asset Model data created from the
+     * modal form on the Asset Creation view.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.0]
+     * @param Request $request
+     * @return String JSON
+     */
+    public function apiStore(Request $request)
     {
-      //COPYPASTA!!!! FIXME
+        //COPYPASTA!!!! FIXME
+        $this->authorize('create', AssetModel::class);
         $model = new AssetModel;
 
         $settings=Input::all();
         $settings['eol']= null;
 
-        $model->name=e(Input::get('name'));
-        $model->manufacturer_id = e(Input::get('manufacturer_id'));
-        $model->category_id = e(Input::get('category_id'));
-        $model->model_number = e(Input::get('model_number'));
-        $model->user_id = Auth::user()->id;
-        $model->notes            = e(Input::get('notes'));
+        $model->name=$request->input('name');
+        $model->manufacturer_id = $request->input('manufacturer_id');
+        $model->category_id = $request->input('category_id');
+        $model->model_number = $request->input('model_number');
+        $model->user_id = Auth::id();
+        $model->notes            = $request->input('notes');
         $model->eol= null;
 
-        if (Input::get('fieldset_id')=='') {
+        if ($request->input('fieldset_id')=='') {
             $model->fieldset_id = null;
         } else {
-            $model->fieldset_id = e(Input::get('fieldset_id'));
+            $model->fieldset_id = e($request->input('fieldset_id'));
         }
 
         if ($model->save()) {
@@ -170,23 +164,18 @@ class AssetModelsController extends Controller
     * @param int $modelId
     * @return View
     */
-    public function getEdit($modelId = null)
+    public function edit($modelId = null)
     {
-        // Check if the model exists
-        if (is_null($item = AssetModel::find($modelId))) {
-            // Redirect to the model management page
-            return redirect()->to('assets/models')->with('error', trans('admin/models/message.does_not_exist'));
+        $this->authorize('update', AssetModel::class);
+        if ($item = AssetModel::find($modelId)) {
+            $category_type = 'asset';
+            $view = View::make('models/edit', compact('item','category_type'));
+            $view->with('depreciation_list', Helper::depreciationList());
+            return $view;
         }
 
-        $depreciation_list = Helper::depreciationList();
-        $manufacturer_list = Helper::manufacturerList();
-        $category_list = Helper::categoryList('asset');
+        return redirect()->route('models.index')->with('error', trans('admin/models/message.does_not_exist'));
 
-        $view = View::make('models/edit', compact('item'));
-        $view->with('category_list', $category_list);
-        $view->with('depreciation_list', $depreciation_list);
-        $view->with('manufacturer_list', $manufacturer_list);
-        return $view;
     }
 
 
@@ -199,68 +188,66 @@ class AssetModelsController extends Controller
     * @param int $modelId
     * @return Redirect
     */
-    public function postEdit($modelId = null)
+    public function update(ImageUploadRequest $request, $modelId = null)
     {
+        $this->authorize('update', AssetModel::class);
         // Check if the model exists
         if (is_null($model = AssetModel::find($modelId))) {
             // Redirect to the models management page
-            return redirect()->to('admin/models')->with('error', trans('admin/models/message.does_not_exist'));
+            return redirect()->route('models.index')->with('error', trans('admin/models/message.does_not_exist'));
         }
 
+        $model->depreciation_id     = $request->input('depreciation_id');
+        $model->eol                 = $request->input('eol');
+        $model->name                = $request->input('name');
+        $model->model_number        = $request->input('model_number');
+        $model->manufacturer_id     = $request->input('manufacturer_id');
+        $model->category_id         = $request->input('category_id');
+        $model->notes               = $request->input('notes');
+        $model->requestable         = $request->input('requestable', '0');
 
-        if (e(Input::get('depreciation_id')) == '') {
-            $model->depreciation_id =  0;
-        } else {
-            $model->depreciation_id = e(Input::get('depreciation_id'));
-        }
-
-        if (e(Input::get('eol')) == '') {
-            $model->eol =  null;
-        } else {
-            $model->eol = e(Input::get('eol'));
-        }
-        // Update the model data
-        $model->name                = e(Input::get('name'));
-        $model->model_number        = e(Input::get('model_number'));
-        $model->manufacturer_id     = e(Input::get('manufacturer_id'));
-        $model->category_id         = e(Input::get('category_id'));
-        $model->notes               = e(Input::get('notes'));
-
-        $model->requestable = Input::has('requestable');
-
-        if (Input::get('custom_fieldset')=='') {
+        if ($request->input('custom_fieldset')=='') {
             $model->fieldset_id = null;
         } else {
-            $model->fieldset_id = e(Input::get('custom_fieldset'));
+            $model->fieldset_id = $request->input('custom_fieldset');
         }
 
-        if (Input::file('image')) {
-            $image = Input::file('image');
-            $file_name = str_random(25).".".$image->getClientOriginalExtension();
-            $path = public_path('uploads/models/'.$file_name);
-            Image::make($image->getRealPath())->resize(300, null, function ($constraint) {
-                $constraint->aspectRatio();
-                $constraint->upsize();
-            })->save($path);
-            $model->image = $file_name;
-        }
+        $old_image = $model->image;
 
-        if (Input::get('image_delete') == 1 && Input::file('image') == "") {
+        // Set the model's image property to null if the image is being deleted
+        if ($request->input('image_delete') == 1) {
             $model->image = null;
         }
 
-        // Was it created?
-        if ($model->save()) {
-            // Redirect to the new model  page
-            return redirect()->to("hardware/models")->with('success', trans('admin/models/message.update.success'));
-        } else {
-            return redirect()->back()->withInput()->withErrors($model->getErrors());
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = $model->id.'-'.str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
+
+            if ($image->getClientOriginalExtension()!='svg') {
+                Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
+                    $constraint->aspectRatio();
+                    $constraint->upsize();
+                })->save(app('models_upload_path').$file_name);
+            } else {
+                $image->move(app('models_upload_path'), $file_name);
+            }
+            $model->image = $file_name;
+
+        }
+
+        if ((($request->file('image')) && (isset($old_image)) && ($old_image!='')) || ($request->input('image_delete') == 1)) {
+            try  {
+                unlink(app('models_upload_path').$old_image);
+            } catch (\Exception $e) {
+                \Log::error($e);
+            }
         }
 
 
-        // Redirect to the model create page
-        return redirect()->to("hardware/models/$modelId/edit")->with('error', trans('admin/models/message.update.error'));
-
+        if ($model->save()) {
+            return redirect()->route("models.index")->with('success', trans('admin/models/message.update.success'));
+        }
+        return redirect()->back()->withInput()->withErrors($model->getErrors());
     }
 
     /**
@@ -272,25 +259,32 @@ class AssetModelsController extends Controller
     * @param int $modelId
     * @return Redirect
     */
-    public function getDelete($modelId)
+    public function destroy($modelId)
     {
+        $this->authorize('delete', AssetModel::class);
         // Check if the model exists
         if (is_null($model = AssetModel::find($modelId))) {
-            // Redirect to the blogs management page
-            return redirect()->to('hardware/models')->with('error', trans('admin/models/message.not_found'));
+            return redirect()->route('models.index')->with('error', trans('admin/models/message.not_found'));
         }
 
-        if ($model->assets->count() > 0) {
+        if ($model->assets()->count() > 0) {
             // Throw an error that this model is associated with assets
-            return redirect()->to('hardware/models')->with('error', trans('admin/models/message.assoc_users'));
-
-        } else {
-            // Delete the model
-            $model->delete();
-
-            // Redirect to the models management page
-            return redirect()->to('hardware/models')->with('success', trans('admin/models/message.delete.success'));
+            return redirect()->route('models.index')->with('error', trans('admin/models/message.assoc_users'));
         }
+
+        if ($model->image) {
+            try  {
+                unlink(public_path().'/uploads/models/'.$model->image);
+            } catch (\Exception $e) {
+                \Log::error($e);
+            }
+        }
+
+        // Delete the model
+        $model->delete();
+
+        // Redirect to the models management page
+        return redirect()->route('models.index')->with('success', trans('admin/models/message.delete.success'));
     }
 
 
@@ -304,7 +298,7 @@ class AssetModelsController extends Controller
     */
     public function getRestore($modelId = null)
     {
-
+        $this->authorize('create', AssetModel::class);
         // Get user information
         $model = AssetModel::withTrashed()->find($modelId);
 
@@ -317,11 +311,10 @@ class AssetModelsController extends Controller
             $success = trans('admin/models/message.restore.success');
 
             // Redirect back
-            return redirect()->back()->with('success', $success);
+            return redirect()->route('models.index')->with('success', $success);
 
-        } else {
-            return redirect()->back()->with('error', trans('admin/models/message.not_found'));
         }
+        return redirect()->back()->with('error', trans('admin/models/message.not_found'));
 
     }
 
@@ -334,21 +327,19 @@ class AssetModelsController extends Controller
     * @param int $modelId
     * @return View
     */
-    public function getView($modelId = null)
+    public function show($modelId = null)
     {
+        $this->authorize('view', AssetModel::class);
         $model = AssetModel::withTrashed()->find($modelId);
 
         if (isset($model->id)) {
-                return View::make('models/view', compact('model'));
-        } else {
-            // Prepare the error message
-            $error = trans('admin/models/message.does_not_exist', compact('id'));
-
-            // Redirect to the user management page
-            return redirect()->route('models')->with('error', $error);
+            return view('models/view', compact('model'));
         }
+        // Prepare the error message
+        $error = trans('admin/models/message.does_not_exist', compact('id'));
 
-
+        // Redirect to the user management page
+        return redirect()->route('models.index')->with('error', $error);
     }
 
     /**
@@ -363,21 +354,17 @@ class AssetModelsController extends Controller
     {
         // Check if the model exists
         if (is_null($model_to_clone = AssetModel::find($modelId))) {
-            // Redirect to the model management page
-            return redirect()->to('assets/models')->with('error', trans('admin/models/message.does_not_exist'));
+            return redirect()->route('models.index')->with('error', trans('admin/models/message.does_not_exist'));
         }
 
         $model = clone $model_to_clone;
         $model->id = null;
 
         // Show the page
-        $depreciation_list = Helper::depreciationList();
-        $manufacturer_list = Helper::manufacturerList();
-        $category_list = Helper::categoryList('asset');
         $view = View::make('models/edit');
-        $view->with('category_list', $category_list);
-        $view->with('depreciation_list', $depreciation_list);
-        $view->with('manufacturer_list', $manufacturer_list);
+        $view->with('category_list', Helper::categoryList('asset'));
+        $view->with('depreciation_list', Helper::depreciationList());
+        $view->with('manufacturer_list', Helper::manufacturerList());
         $view->with('item', $model);
         $view->with('clone_model', $model_to_clone);
         return $view;
@@ -396,156 +383,152 @@ class AssetModelsController extends Controller
     public function getCustomFields($modelId)
     {
         $model = AssetModel::find($modelId);
-        return View::make("models.custom_fields_form")->with("model", $model);
+        return view("models.custom_fields_form")->with("model", $model);
     }
 
 
 
+
     /**
-    * Get the JSON response to populate the data tables on the
-    * Asset Model listing page.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @since [v2.0]
-    * @param string $status
-    * @return String JSON
-    */
-
-    public function getDatatable($status = null)
+     * Returns a view that allows the user to bulk edit model attrbutes
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.7]
+     * @return \Illuminate\Contracts\View\View
+     */
+    public function postBulkEdit(Request $request)
     {
-        $models = AssetModel::with('category', 'assets', 'depreciation', 'manufacturer');
+        
+        $models_raw_array = Input::get('ids');
 
-        switch ($status) {
-            case 'Deleted':
-                $models->withTrashed()->Deleted();
-                break;
-        }
+        // Make sure some IDs have been selected
+        if ((is_array($models_raw_array)) && (count($models_raw_array) > 0)) {
 
 
-        if (Input::has('search')) {
-            $models = $models->TextSearch(Input::get('search'));
-        }
+            $models = AssetModel::whereIn('id', $models_raw_array)->withCount('assets')->orderBy('assets_count', 'ASC')->get();
 
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
-        }
+            // If deleting....
+            if ($request->input('bulk_actions')=='delete') {
+                $valid_count = 0;
+                foreach ($models as $model) {
+                    if ($model->assets_count == 0) {
+                        $valid_count++;
+                    }
+                }
+                return view('models/bulk-delete', compact('models'))->with('valid_count', $valid_count);
 
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-
-        $allowed_columns = ['id','name','model_number'];
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? e(Input::get('sort')) : 'created_at';
-
-        $models = $models->orderBy($sort, $order);
-
-        $modelCount = $models->count();
-        $models = $models->skip($offset)->take($limit)->get();
-
-        $rows = array();
-
-        foreach ($models as $model) {
-            if ($model->deleted_at == '') {
-                $actions = '<div style=" white-space: nowrap;"><a href="'.route('clone/model', $model->id).'" class="btn btn-info btn-sm" title="Clone Model" data-toggle="tooltip"><i class="fa fa-clone"></i></a> <a href="'.route('update/model', $model->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/model', $model->id).'" data-content="'.trans('admin/models/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($model->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
+            // Otherwise display the bulk edit screen
             } else {
-                $actions = '<a href="'.route('restore/model', $model->id).'" class="btn btn-warning btn-sm"><i class="fa fa-recycle icon-white"></i></a>';
+
+                $nochange = ['NC' => 'No Change'];
+                $fieldset_list = $nochange + Helper::customFieldsetList();
+                $depreciation_list = $nochange + Helper::depreciationList();
+                $category_list = $nochange + Helper::categoryList('asset');
+                $manufacturer_list = $nochange + Helper::manufacturerList();
+
+
+                return view('models/bulk-edit', compact('models'))
+                    ->with('manufacturer_list', $manufacturer_list)
+                    ->with('category_list', $category_list)
+                    ->with('fieldset_list', $fieldset_list)
+                    ->with('depreciation_list', $depreciation_list);
             }
 
-            $rows[] = array(
-                'id'      => $model->id,
-                'manufacturer'      => (string)link_to('/admin/settings/manufacturers/'.$model->manufacturer->id.'/view', $model->manufacturer->name),
-                'name'              => (string)link_to('/hardware/models/'.$model->id.'/view', $model->name),
-                'image' => ($model->image!='') ? '<img src="'.config('app.url').'/uploads/models/'.$model->image.'" height=50 width=50>' : '',
-                'modelnumber'       => $model->model_number,
-                'numassets'         => $model->assets->count(),
-                'depreciation'      => (($model->depreciation) && ($model->depreciation->id > 0)) ? $model->depreciation->name.' ('.$model->depreciation->months.')' : trans('general.no_depreciation'),
-                'category'          => ($model->category) ? (string)link_to('admin/settings/categories/'.$model->category->id.'/view', $model->category->name) : '',
-                'eol'               => ($model->eol) ? $model->eol.' '.trans('general.months') : '',
-                'note'              => $model->getNote(),
-                'fieldset'          => ($model->fieldset) ? (string)link_to('admin/custom_fields/'.$model->fieldset->id, $model->fieldset->name) : '',
-                'actions'           => $actions
-                );
         }
 
-        $data = array('total' => $modelCount, 'rows' => $rows);
+        return redirect()->route('models.index')
+            ->with('error', 'You must select at least one model to edit.');
 
-        return $data;
     }
 
 
+
     /**
-    * Get the asset information to present to the model view detail page
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @since [v2.0]
-    * @param int $modelId
-    * @return String JSON
-    */
-    public function getDataView($modelID)
+     * Returns a view that allows the user to bulk edit model attrbutes
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.7]
+     * @return \Illuminate\Contracts\View\View
+     */
+    public function postBulkEditSave(Request $request)
     {
-        $assets = Asset::where('model_id', '=', $modelID)->with('company', 'assetstatus');
 
-        if (Input::has('search')) {
-            $assets = $assets->TextSearch(e(Input::get('search')));
+        $models_raw_array = Input::get('ids');
+        $update_array = array();
+
+
+        if (($request->has('manufacturer_id') && ($request->input('manufacturer_id')!='NC'))) {
+            $update_array['manufacturer_id'] = $request->input('manufacturer_id');
         }
-
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
+        if (($request->has('category_id') && ($request->input('category_id')!='NC'))) {
+            $update_array['category_id'] = $request->input('category_id');
         }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
+        if ($request->input('fieldset_id')!='NC') {
+            $update_array['fieldset_id'] = $request->input('fieldset_id');
+        }
+        if ($request->input('depreciation_id')!='NC') {
+            $update_array['depreciation_id'] = $request->input('depreciation_id');
         }
 
 
-        $allowed_columns = ['name', 'serial','asset_tag'];
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? e(Input::get('sort')) : 'created_at';
+        
+        if (count($update_array) > 0) {
+            AssetModel::whereIn('id', $models_raw_array)->update($update_array);
+            return redirect()->route('models.index')
+                ->with('success', trans('admin/models/message.bulkedit.success'));
+        }
 
-        $assets = $assets->orderBy($sort, $order);
+        return redirect()->route('models.index')
+            ->with('warning', trans('admin/models/message.bulkedit.error'));
 
-        $assetsCount = $assets->count();
-        $assets = $assets->skip($offset)->take($limit)->get();
+    }
 
-        $rows = array();
+    /**
+     * Validate and delete the given Asset Models. An Asset Model
+     * cannot be deleted if there are associated assets.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @param int $modelId
+     * @return Redirect
+     */
+    public function postBulkDelete(Request $request)
+    {
+        $models_raw_array = Input::get('ids');
 
+        if ((is_array($models_raw_array)) && (count($models_raw_array) > 0)) {
 
-        foreach ($assets as $asset) {
-            $actions = '';
+            $models = AssetModel::whereIn('id', $models_raw_array)->withCount('assets')->get();
 
-            if ($asset->assetstatus) {
-                if ($asset->assetstatus->deployable != 0) {
-                    if (($asset->assigned_to !='') && ($asset->assigned_to > 0)) {
-                        $actions = '<a href="'.route('checkin/hardware', $asset->id).'" class="btn btn-primary btn-sm">'.trans('general.checkin').'</a>';
-                    } else {
-                        $actions = '<a href="'.route('checkout/hardware', $asset->id).'" class="btn btn-info btn-sm">'.trans('general.checkout').'</a>';
-                    }
+            $del_error_count = 0;
+            $del_count = 0;
+
+            foreach ($models as $model) {
+                \Log::debug($model->id);
+
+                if ($model->assets_count > 0) {
+                    $del_error_count++;
+                } else {
+                    $model->delete();
+                    $del_count++;
                 }
             }
 
-            $rows[] = array(
-                'id'            => $asset->id,
-                'name'          => (string)link_to('/hardware/'.$asset->id.'/view', $asset->showAssetName()),
-                'asset_tag'     => (string)link_to('hardware/'.$asset->id.'/view', $asset->asset_tag),
-                'serial'        => $asset->serial,
-                'assigned_to'   => ($asset->assigned_to) ? (string)link_to('/admin/users/'.$asset->assigned_to.'/view', $asset->assigneduser->fullName()) : '',
-                'actions'       => $actions,
-                'companyName'   => Company::getName($asset)
-            );
+            \Log::debug($del_count);
+            \Log::debug($del_error_count);
+
+            if ($del_error_count == 0) {
+                return redirect()->route('models.index')
+                    ->with('success', trans('admin/models/message.bulkdelete.success',['success_count'=> $del_count] ));
+            }
+
+            return redirect()->route('models.index')
+                ->with('warning', trans('admin/models/message.bulkdelete.success_partial', ['fail_count'=>$del_error_count, 'success_count'=> $del_count]));
         }
 
-        $data = array('total' => $assetsCount, 'rows' => $rows);
+        return redirect()->route('models.index')
+            ->with('error', trans('admin/models/message.bulkdelete.error'));
 
-        return $data;
     }
+
 }

app/Http/Controllers/Auth/ForgotPasswordController.php

@@ -0,0 +1,72 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use Illuminate\Foundation\Auth\SendsPasswordResetEmails;
+use Illuminate\Http\Request;
+
+class ForgotPasswordController extends Controller
+{
+    /*
+    |--------------------------------------------------------------------------
+    | Password Reset Controller
+    |--------------------------------------------------------------------------
+    |
+    | This controller is responsible for handling password reset emails and
+    | includes a trait which assists in sending these notifications from
+    | your application to your users. Feel free to explore this trait.
+    |
+    */
+
+    use SendsPasswordResetEmails;
+
+    /**
+     * Create a new controller instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        $this->middleware('guest');
+    }
+
+    /**
+     * Get the e-mail subject line to be used for the reset link email.
+     * Overriding method "getEmailSubject()" from trait "use ResetsPasswords"
+     * @return string
+     */
+    public function getEmailSubject()
+    {
+        return property_exists($this, 'subject') ? $this->subject : \Lang::get('mail.reset_link');
+    }
+
+    /**
+     * Send a reset link to the given user.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function sendResetLinkEmail(Request $request)
+    {
+        $this->validate($request, ['email' => 'required|email']);
+
+        // We will send the password reset link to this user. Once we have attempted
+        // to send the link, we will examine the response then see the message we
+        // need to show to the user. Finally, we'll send out a proper response.
+        $response = $this->broker()->sendResetLink(
+            $request->only('email')
+        );
+
+        if ($response === \Password::RESET_LINK_SENT) {
+            return redirect()->route('login')->with('status', trans($response));
+        }
+
+        // If an error was returned by the password broker, we will get this message
+        // translated so we can notify a user of the problem. We'll redirect back
+        // to where the users came from so they can attempt this process again.
+        return back()->withErrors(
+            ['email' => trans($response)]
+        );
+    }
+}

app/Http/Controllers/Auth/LoginController.php

@@ -5,7 +5,6 @@ namespace App\Http\Controllers\Auth;
 use Validator;
 use App\Http\Controllers\Controller;
 use Illuminate\Foundation\Auth\ThrottlesLogins;
-use Illuminate\Foundation\Auth\AuthenticatesAndRegistersUsers;
 use App\Models\Setting;
 use App\Models\Ldap;
 use App\Models\User;
@@ -18,20 +17,17 @@ use Log;
 use View;
 use PragmaRX\Google2FA\Google2FA;
 
-
-
 /**
  * This controller handles authentication for the user, including local
  * database users and LDAP users.
  *
- * @todo Move LDAP methods into user model for better separation of concerns.
  * @author [A. Gianotto] [<snipe@snipe.net>]
  * @version    v1.0
  */
-class AuthController extends Controller
+class LoginController extends Controller
 {
 
-    use AuthenticatesAndRegistersUsers, ThrottlesLogins;
+    use ThrottlesLogins;
 
     // This tells the auth controller to use username instead of email address
     protected $username = 'username';
@@ -51,23 +47,43 @@ class AuthController extends Controller
     public function __construct()
     {
         $this->middleware('guest', ['except' => ['logout','postTwoFactorAuth','getTwoFactorAuth','getTwoFactorEnroll']]);
+        \Session::put('backUrl', \URL::previous());
     }
 
-
-    function showLoginForm()
+    function showLoginForm(Request $request)
     {
+        $this->loginViaRemoteUser($request);
         if (Auth::check()) {
             return redirect()->intended('dashboard');
         }
-        return View::make('auth.login');
+
+        if (Setting::getSettings()->login_common_disabled == "1") {
+            return view('errors.403');
+        }
+
+        return view('auth.login');
     }
 
+    private function loginViaRemoteUser(Request $request)
+    {
+        $remote_user = $request->server('REMOTE_USER');
+        if (Setting::getSettings()->login_remote_user_enabled == "1" && isset($remote_user) && !empty($remote_user)) {
+            LOG::debug("Authenticatiing via REMOTE_USER.");
+            try {
+                $user = User::where('username', '=', $remote_user)->whereNull('deleted_at')->first();
+                LOG::debug("Remote user auth lookup complete");
+                if(!is_null($user)) Auth::login($user, true);
+            } catch(Exception $e) {
+                LOG::error("There was an error authenticating the Remote user: " . $e->getMessage());
+            }
+        }
+    }
 
-    private function login_via_ldap(Request $request)
+    private function loginViaLdap(Request $request)
     {
         LOG::debug("Binding user to LDAP.");
         $ldap_user = Ldap::findAndBindUserLdap($request->input('username'), $request->input('password'));
-        if(!$ldap_user) {
+        if (!$ldap_user) {
             LOG::debug("LDAP user ".$request->input('username')." not found in LDAP or could not bind");
             throw new \Exception("Could not find user in LDAP directory");
         } else {
@@ -75,7 +91,7 @@ class AuthController extends Controller
         }
 
         // Check if the user already exists in the database and was imported via LDAP
-        $user = User::where('username', '=', Input::get('username'))->whereNull('deleted_at')->where('ldap_import','=',1)->first();
+        $user = User::where('username', '=', Input::get('username'))->whereNull('deleted_at')->where('ldap_import', '=', 1)->first();
         LOG::debug("Local auth lookup complete");
 
         // The user does not exist in the database. Try to get them from LDAP.
@@ -117,22 +133,21 @@ class AuthController extends Controller
      */
     public function login(Request $request)
     {
+        if (Setting::getSettings()->login_common_disabled == "1") {
+            return view('errors.403');
+        }
+
         $validator = $this->validator(Input::all());
 
         if ($validator->fails()) {
             return redirect()->back()->withInput()->withErrors($validator);
         }
 
-        // If the class is using the ThrottlesLogins trait, we can automatically throttle
-        // the login attempts for this application. We'll key this by the username and
-        // the IP address of the client making these requests into this application.
-        $throttles = $this->isUsingThrottlesLoginsTrait();
         $this->maxLoginAttempts = config('auth.throttle.max_attempts');
         $this->lockoutTime = config('auth.throttle.lockout_duration');
 
-        if ($throttles && $lockedOut = $this->hasTooManyLoginAttempts($request)) {
+        if ($lockedOut = $this->hasTooManyLoginAttempts($request)) {
             $this->fireLockoutEvent($request);
-
             return $this->sendLockoutResponse($request);
         }
 
@@ -142,8 +157,8 @@ class AuthController extends Controller
         if (Setting::getSettings()->ldap_enabled=='1') {
             LOG::debug("LDAP is enabled.");
             try {
-              $user = $this->login_via_ldap($request);
-              Auth::login($user, true);
+                $user = $this->loginViaLdap($request);
+                Auth::login($user, true);
 
             // If the user was unable to login via LDAP, log the error and let them fall through to
             // local authentication.
@@ -153,32 +168,30 @@ class AuthController extends Controller
         }
 
         // If the user wasn't authenticated via LDAP, skip to local auth
-        if(!$user) {
-          LOG::debug("Authenticating user against database.");
+        if (!$user) {
+            LOG::debug("Authenticating user against database.");
           // Try to log the user in
-          if (!Auth::attempt(Input::only('username', 'password'), Input::get('remember-me', 0))) {
+            if (!Auth::attempt(Input::only('username', 'password'), Input::get('remember-me', 0))) {
 
-              if ($throttles && ! $lockedOut) {
-                  $this->incrementLoginAttempts($request);
-              }
+                if (!$lockedOut) {
+                    $this->incrementLoginAttempts($request);
+                }
+
+                LOG::debug("Local authentication failed.");
+                return redirect()->back()->withInput()->with('error', trans('auth/message.account_not_found'));
+            } else {
 
-              LOG::debug("Local authentication failed.");
-              return redirect()->back()->withInput()->with('error', trans('auth/message.account_not_found'));
-          } else {
-              if ($throttles) {
                   $this->clearLoginAttempts($request);
-              }
-          }
+            }
         }
 
-        // Get the page we were before
-        $redirect = \Session::get('loginRedirect', 'home');
-
-        // Unset the page we were before from the session
-        \Session::forget('loginRedirect');
-
+        if ($user = Auth::user()) {
+            $user->last_login = \Carbon::now();
+            \Log::debug('Last login:'.$user->last_login);
+            $user->save();
+        }
         // Redirect to the users page
-        return redirect()->to($redirect)->with('success', trans('auth/message.signin.success'));
+        return redirect()->intended()->with('success', trans('auth/message.signin.success'));
     }
 
 
@@ -209,7 +222,7 @@ class AuthController extends Controller
             $user->two_factor_secret
         );
 
-        return View::make('auth.two_factor_enroll')->with('google2fa_url',$google2fa_url);
+        return view('auth.two_factor_enroll')->with('google2fa_url', $google2fa_url);
 
     }
 
@@ -219,8 +232,9 @@ class AuthController extends Controller
      *
      * @return Redirect
      */
-    public function getTwoFactorAuth() {
-        return View::make('auth.two_factor');
+    public function getTwoFactorAuth()
+    {
+        return view('auth.two_factor');
     }
 
     /**
@@ -228,7 +242,8 @@ class AuthController extends Controller
      *
      * @return Redirect
      */
-    public function postTwoFactorAuth(Request $request) {
+    public function postTwoFactorAuth(Request $request)
+    {
 
         if (!Auth::check()) {
             return redirect()->route('login')->with('error', 'You must be logged in.');
@@ -260,7 +275,15 @@ class AuthController extends Controller
     public function logout(Request $request)
     {
         $request->session()->forget('2fa_authed');
+
         Auth::logout();
+
+        $settings = Setting::getSettings();
+        $customLogoutUrl = $settings->login_remote_user_custom_logout_url ;
+        if ($settings->login_remote_user_enabled == '1' && $customLogoutUrl != '') {
+            return redirect()->away($customLogoutUrl);
+        }
+
         return redirect()->route('login')->with('success', 'You have successfully logged out!');
     }
 
@@ -279,18 +302,59 @@ class AuthController extends Controller
         ]);
     }
 
-    /**
-     * Get the login lockout error message.
-     *
-     * @param  int  $seconds
-     * @return string
-     */
-    protected function getLockoutErrorMessage($seconds)
+
+    public function username()
     {
-        return \Lang::has('auth/message.throttle')
-            ? \Lang::get('auth/message.throttle', ['seconds' => $seconds])
-            : 'Too many login attempts. Please try again in '.$seconds.' seconds.';
+        return 'username';
+    }
+
+    /**
+    * Redirect the user after determining they are locked out.
+    *
+    * @param  \Illuminate\Http\Request  $request
+    * @return \Illuminate\Http\RedirectResponse
+    */
+    protected function sendLockoutResponse(Request $request)
+    {
+        $seconds = $this->limiter()->availableIn(
+            $this->throttleKey($request)
+        );
+
+        $minutes = round($seconds / 60);
+
+        $message = \Lang::get('auth/message.throttle', ['minutes' => $minutes]);
+
+            return redirect()->back()
+            ->withInput($request->only($this->username(), 'remember'))
+            ->withErrors([$this->username() => $message]);
     }
 
 
+    /**
+    * Override the lockout time and duration
+    *
+    * @param  \Illuminate\Http\Request  $request
+    * @return \Illuminate\Http\RedirectResponse
+    */
+    protected function hasTooManyLoginAttempts(Request $request)
+    {
+        $lockoutTime = config('auth.throttle.lockout_duration');
+        $maxLoginAttempts = config('auth.throttle.max_attempts');
+
+        return $this->limiter()->tooManyAttempts(
+            $this->throttleKey($request),
+            $maxLoginAttempts,
+            $lockoutTime
+        );
+    }
+
+    public function legacyAuthRedirect() {
+        return redirect()->route('login');
+    }
+
+    public function redirectTo()
+    {
+        return Session::get('backUrl') ? Session::get('backUrl') :   $this->redirectTo;
+    }
+
 }

app/Http/Controllers/Auth/PasswordController.php

@@ -1,60 +0,0 @@
-<?php
-
-namespace App\Http\Controllers\Auth;
-
-use App\Http\Controllers\Controller;
-use Illuminate\Foundation\Auth\ResetsPasswords;
-
-/**
- * This controller handles password resets for the user.
- * It uses the built-in Laravel magic of ResetsPasswords, so we
- * don't actually do much here.
- *
- * @author [A. Gianotto] [<snipe@snipe.net>]
- * @version    v1.0
- */
-class PasswordController extends Controller
-{
-    /*
-    |--------------------------------------------------------------------------
-    | Password Reset Controller
-    |--------------------------------------------------------------------------
-    |
-    | This controller is responsible for handling password reset requests
-    | and uses a simple trait to include this behavior. You're free to
-    | explore this trait and override any methods you wish to tweak.
-    |
-    */
-
-    use ResetsPasswords;
-
-    /**
-     * Create a new password controller instance.
-     *
-     * @return void
-     */
-    public function __construct()
-    {
-        $this->middleware('guest');
-    }
-
-    /**
-     * Get the e-mail subject line to be used for the reset link email.
-     * Overriding method "getEmailSubject()" from trait "use ResetsPasswords"
-     * @return string
-     */
-    public function getEmailSubject(){
-        return property_exists($this, 'subject') ? $this->subject : \Lang::get('mail.reset_link');
-    }
-
-    /**
-     * Get the response for after the reset link has been successfully sent.
-     *
-     * @param  string  $response
-     * @return \Symfony\Component\HttpFoundation\Response
-     */
-    protected function getSendResetLinkEmailSuccessResponse($response)
-    {
-        return redirect()->route('login')->with('status', trans($response));
-    }
-}

app/Http/Controllers/Auth/RegisterController.php

@@ -0,0 +1,23 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use Illuminate\Foundation\Auth\ResetsPasswords;
+
+class RegisterController extends Controller
+{
+
+    public function __construct()
+    {
+        $this->middleware('guest');
+    }
+
+    public function showRegistrationForm() {
+        abort(404,'Page not found');
+    }
+    
+    public function register() {
+        abort(404,'Page not found');
+    }
+}

app/Http/Controllers/Auth/ResetPasswordController.php

@@ -0,0 +1,39 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use Illuminate\Foundation\Auth\ResetsPasswords;
+
+class ResetPasswordController extends Controller
+{
+    /*
+    |--------------------------------------------------------------------------
+    | Password Reset Controller
+    |--------------------------------------------------------------------------
+    |
+    | This controller is responsible for handling password reset requests
+    | and uses a simple trait to include this behavior. You're free to
+    | explore this trait and override any methods you wish to tweak.
+    |
+    */
+
+    use ResetsPasswords;
+
+    /**
+     * Where to redirect users after resetting their password.
+     *
+     * @var string
+     */
+    protected $redirectTo = '/';
+
+    /**
+     * Create a new controller instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        $this->middleware('guest');
+    }
+}

app/Http/Controllers/CategoriesController.php

@@ -4,6 +4,7 @@ namespace App\Http\Controllers;
 use App\Helpers\Helper;
 use App\Models\Category as Category;
 use App\Models\Company;
+use App\Models\CustomField;
 use App\Models\Setting;
 use Auth;
 use DB;
@@ -14,6 +15,8 @@ use Lang;
 use Redirect;
 use Str;
 use View;
+use Image;
+use App\Http\Requests\ImageUploadRequest;
 
 /**
  * This class controls all actions related to Categories for
@@ -32,12 +35,13 @@ class CategoriesController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @see CategoriesController::getDatatable() method that generates the JSON response
     * @since [v1.0]
-    * @return View
-    */
-    public function getIndex()
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function index()
     {
         // Show the page
-        return View::make('categories/index');
+        $this->authorize('view', Category::class);
+        return view('categories/index');
     }
 
 
@@ -45,16 +49,17 @@ class CategoriesController extends Controller
     * Returns a form view to create a new category.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see CategoriesController::postCreate() method that stores the data
+    * @see CategoriesController::store() method that stores the data
     * @since [v1.0]
-    * @return View
-    */
-    public function getCreate()
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function create()
     {
         // Show the page
+        $this->authorize('create', Category::class);
          $category_types= Helper::categoryTypeList();
-        return View::make('categories/edit')->with('item', new Category)
-        ->with('category_types', $category_types);
+        return view('categories/edit')->with('item', new Category)
+            ->with('category_types', $category_types);
     }
 
 
@@ -62,39 +67,39 @@ class CategoriesController extends Controller
     * Validates and stores the new category data.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see CategoriesController::getCreate() method that makes the form.
+    * @see CategoriesController::create() method that makes the form.
     * @since [v1.0]
-    * @return Redirect
-    */
-    public function postCreate()
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function store(ImageUploadRequest $request)
     {
-
-        // create a new model instance
+        $this->authorize('create', Category::class);
         $category = new Category();
+        $category->name                 = $request->input('name');
+        $category->category_type        = $request->input('category_type');
+        $category->eula_text            = $request->input('eula_text');
+        $category->use_default_eula     = $request->input('use_default_eula', '0');
+        $category->require_acceptance   = $request->input('require_acceptance', '0');
+        $category->checkin_email        = $request->input('checkin_email', '0');
+        $category->user_id              = Auth::id();
 
-        // Update the category data
-        $category->name                 = e(Input::get('name'));
-        $category->category_type        = e(Input::get('category_type'));
-        $category->eula_text            = e(Input::get('eula_text'));
-        $category->use_default_eula     = e(Input::get('use_default_eula', '0'));
-        $category->require_acceptance   = e(Input::get('require_acceptance', '0'));
-        $category->checkin_email        = e(Input::get('checkin_email', '0'));
-        $category->user_id              = Auth::user()->id;
-
-        if ($category->save()) {
-        // Redirect to the new category  page
-            return redirect()->to("admin/settings/categories")->with('success', trans('admin/categories/message.create.success'));
-        } else {
-
-          // The given data did not pass validation
-            return redirect()->back()->withInput()->withErrors($category->getErrors());
-
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = str_random(25).".".$image->getClientOriginalExtension();
+            $path = public_path('uploads/categories/'.$file_name);
+            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+                $constraint->aspectRatio();
+                $constraint->upsize();
+            })->save($path);
+            $category->image = $file_name;
         }
 
-        // Redirect to the category create page
-        return redirect()->to('admin/settings/categories/create')->with('error', trans('admin/categories/message.create.error'));
 
+        if ($category->save()) {
+            return redirect()->route('categories.index')->with('success', trans('admin/categories/message.create.success'));
+        }
 
+        return redirect()->back()->withInput()->withErrors($category->getErrors());
     }
 
     /**
@@ -104,67 +109,87 @@ class CategoriesController extends Controller
     * @see CategoriesController::postEdit() method saves the data
     * @param int $categoryId
     * @since [v1.0]
-    * @return View
-    */
-    public function getEdit($categoryId = null)
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function edit($categoryId = null)
     {
-        // Check if the category exists
+        $this->authorize('edit', Category::class);
         if (is_null($item = Category::find($categoryId))) {
-            // Redirect to the blogs management page
-            return redirect()->to('admin/settings/categories')->with('error', trans('admin/categories/message.does_not_exist'));
+            return redirect()->route('categories.index')->with('error', trans('admin/categories/message.does_not_exist'));
         }
-
-        // Show the page
-        //$category_options = array('' => 'Top Level') + Category::lists('name', 'id');
-
-        $category_options = array('' => 'Top Level') + DB::table('categories')->where('id', '!=', $categoryId)->lists('name', 'id');
         $category_types= Helper::categoryTypeList();
 
-        return View::make('categories/edit', compact('item'))
-        ->with('category_options', $category_options)
+        return view('categories/edit', compact('item'))
         ->with('category_types', $category_types);
     }
 
 
     /**
-    * Validates and stores the updated category data.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see CategoriesController::getEdit() method that makes the form.
-    * @param int $categoryId
-    * @since [v1.0]
-    * @return Redirect
-    */
-    public function postEdit(Request $request, $categoryId = null)
+     * Validates and stores the updated category data.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @see CategoriesController::getEdit() method that makes the form.
+     * @param Request $request
+     * @param int $categoryId
+     * @return \Illuminate\Http\RedirectResponse
+     * @since [v1.0]
+     */
+    public function update(ImageUploadRequest $request, $categoryId = null)
     {
-        // Check if the blog post exists
+        $this->authorize('edit', Category::class);
         if (is_null($category = Category::find($categoryId))) {
-            // Redirect to the blogs management page
+            // Redirect to the categories management page
             return redirect()->to('admin/categories')->with('error', trans('admin/categories/message.does_not_exist'));
         }
 
         // Update the category data
-        $category->name            = e($request->input('name'));
+        $category->name                 = $request->input('name');
         // If the item count is > 0, we disable the category type in the edit. Disabled items
         // don't POST, so if the category_type is blank we just set it to the default.
-        $category->category_type        = e($request->input('category_type', $category->category_type));
-        $category->eula_text            = e($request->input('eula_text'));
-        $category->use_default_eula     = e($request->input('use_default_eula', '0'));
-        $category->require_acceptance   = e($request->input('require_acceptance', '0'));
-        $category->checkin_email        = e($request->input('checkin_email', '0'));
+        $category->category_type        = $request->input('category_type', $category->category_type);
+        $category->eula_text            = $request->input('eula_text');
+        $category->use_default_eula     = $request->input('use_default_eula', '0');
+        $category->require_acceptance   = $request->input('require_acceptance', '0');
+        $category->checkin_email        = $request->input('checkin_email', '0');
 
-        if ($category->save()) {
-        // Redirect to the new category page
-            return redirect()->to("admin/settings/categories")->with('success', trans('admin/categories/message.update.success'));
-        } // attempt validation
-        else {
-          // The given data did not pass validation
-            return redirect()->back()->withInput()->withErrors($category->getErrors());
+        $old_image = $category->image;
+
+        // Set the model's image property to null if the image is being deleted
+        if ($request->input('image_delete') == 1) {
+            $category->image = null;
         }
 
-        // Redirect to the category management page
-        return redirect()->back()->with('error', trans('admin/categories/message.update.error'));
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = $category->id.'-'.str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
 
+            if ($image->getClientOriginalExtension()!='svg') {
+                Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
+                    $constraint->aspectRatio();
+                    $constraint->upsize();
+                })->save(app('categories_upload_path').$file_name);
+            } else {
+                $image->move(app('categories_upload_path'), $file_name);
+            }
+            $category->image = $file_name;
+
+        }
+
+        if ((($request->file('image')) && (isset($old_image)) && ($old_image!='')) || ($request->input('image_delete') == 1)) {
+            try  {
+                unlink(app('categories_upload_path').$old_image);
+            } catch (\Exception $e) {
+                \Log::error($e);
+            }
+        }
+
+
+        if ($category->save()) {
+            // Redirect to the new category page
+            return redirect()->route('categories.index')->with('success', trans('admin/categories/message.update.success'));
+        }
+        // The given data did not pass validation
+        return redirect()->back()->withInput()->withErrors($category->getErrors());
     }
 
     /**
@@ -173,41 +198,32 @@ class CategoriesController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
     * @param int $categoryId
-    * @return Redirect
-    */
-    public function getDelete($categoryId)
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function destroy($categoryId)
     {
+        $this->authorize('delete', Category::class);
         // Check if the category exists
         if (is_null($category = Category::find($categoryId))) {
-            // Redirect to the blogs management page
-            return redirect()->to('admin/settings/categories')->with('error', trans('admin/categories/message.not_found'));
+            return redirect()->route('categories.index')->with('error', trans('admin/categories/message.not_found'));
         }
 
-
         if ($category->has_models() > 0) {
-            return redirect()->to('admin/settings/categories')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'model']));
-
+            return redirect()->route('categories.index')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'model']));
         } elseif ($category->accessories()->count() > 0) {
-                return redirect()->to('admin/settings/categories')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'accessory']));
-
+                return redirect()->route('categories.index')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'accessory']));
         } elseif ($category->consumables()->count() > 0) {
-                return redirect()->to('admin/settings/categories')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'consumable']));
-
+                return redirect()->route('categories.index')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'consumable']));
         } elseif ($category->components()->count() > 0) {
-                return redirect()->to('admin/settings/categories')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'component']));
-        } else {
-
-            $category->delete();
-
-            // Redirect to the locations management page
-            return redirect()->to('admin/settings/categories')->with('success', trans('admin/categories/message.delete.success'));
+                return redirect()->route('categories.index')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'component']));
         }
 
-
+        $category->delete();
+        // Redirect to the locations management page
+        return redirect()->route('categories.index')->with('success', trans('admin/categories/message.delete.success'));
     }
 
 
-
     /**
     * Returns a view that invokes the ajax tables which actually contains
     * the content for the categories detail view, which is generated in getDataView.
@@ -216,319 +232,33 @@ class CategoriesController extends Controller
     * @see CategoriesController::getDataView() method that generates the JSON response
     * @param int $categoryId
     * @since [v1.8]
-    * @return View
-    */
-    public function getView($categoryId = null)
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function show($id)
     {
-        $category = Category::find($categoryId);
+        $this->authorize('view', Category::class);
+        if ($category = Category::find($id)) {
 
-        if (isset($category->id)) {
-                return View::make('categories/view', compact('category'));
-        } else {
-            // Prepare the error message
-            $error = trans('admin/categories/message.does_not_exist', compact('id'));
-
-            // Redirect to the user management page
-            return redirect()->route('categories')->with('error', $error);
-        }
-
-
-    }
-
-    /**
-    * Returns a JSON response with the data to populate the bootstrap table on the
-    * cateory listing page.
-    *
-    * @todo Refactor this nastiness. Assets do not behave the same as accessories, etc.
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see CategoriesController::getIndex() method that generates the view
-    * @since [v1.8]
-    * @return String JSON
-    */
-    public function getDatatable()
-    {
-        // Grab all the categories
-        $categories = Category::with('assets', 'accessories', 'consumables', 'components');
-
-        if (Input::has('search')) {
-            $categories = $categories->TextSearch(e(Input::get('search')));
-        }
-
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
-        }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-
-        $allowed_columns = ['id','name','category_type'];
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? e(Input::get('sort')) : 'created_at';
-
-        $categories = $categories->orderBy($sort, $order);
-
-        $catCount = $categories->count();
-        $categories = $categories->skip($offset)->take($limit)->get();
-
-        $rows = array();
-
-        foreach ($categories as $category) {
-
-            $actions = '<a href="'.route('update/category', $category->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;">';
-            $actions .='<i class="fa fa-pencil icon-white"></i></a>';
-            $actions .='<a data-html="false" class="btn delete-asset btn-danger btn-sm';
-            if ($category->itemCount() > 0) {
-                $actions .=' disabled';
-            }
-            $actions .=' data-toggle="modal" href="'.route('delete/category', $category->id).'" data-content="'.trans('admin/categories/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($category->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
-            $rows[] = array(
-                'id'      => $category->id,
-                'name'  => (string)link_to('/admin/settings/categories/'.$category->id.'/view', $category->name) ,
-                'category_type' => ucwords($category->category_type),
-                'count'         => $category->itemCount(),
-                'acceptance'    => ($category->require_acceptance=='1') ? '<i class="fa fa-check"></i>' : '',
-                'eula'          => ($category->getEula()) ? '<i class="fa fa-check"></i>' : '',
-                'actions'       => $actions
-            );
-        }
-
-        $data = array('total' => $catCount, 'rows' => $rows);
-
-        return $data;
-    }
-
-    public function getDataViewAssets($categoryID)
-    {
-
-        $category = Category::find($categoryID);
-        $category = $category->load('assets.company', 'assets.model', 'assets.assetstatus', 'assets.assigneduser');
-        $category_assets = $category->assets();
-        if (Input::has('search')) {
-            $category_assets = $category_assets->TextSearch(e(Input::get('search')));
-        }
-
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
-        }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-
-        $allowed_columns = ['id','name','serial','asset_tag'];
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
-        $count = $category_assets->count();
-        $category_assets = $category_assets->skip($offset)->take($limit)->get();
-        $rows = array();
-        foreach ($category_assets as $asset) {
-
-            $actions = '';
-            $inout='';
-
-            if ($asset->deleted_at=='') {
-                $actions = '<div style=" white-space: nowrap;"><a href="'.route('clone/hardware', $asset->id).'" class="btn btn-info btn-sm" title="Clone asset"><i class="fa fa-files-o"></i></a> <a href="'.route('update/hardware', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> <a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/hardware', $asset->id).'" data-content="'.trans('admin/hardware/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($asset->asset_tag).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
-            } elseif ($asset->deleted_at!='') {
-                $actions = '<a href="'.route('restore/hardware', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-recycle icon-white"></i></a>';
-            }
-
-            if ($asset->availableForCheckout()) {
-                if (Gate::allows('assets.checkout')) {
-                    $inout = '<a href="'.route('checkout/hardware', $asset->id).'" class="btn btn-info btn-sm">'.trans('general.checkout').'</a>';
-                }
+            if ($category->category_type=='asset') {
+                $category_type = 'hardware';
+                $category_type_route = 'assets';
+            } elseif ($category->category_type=='accessory') {
+                $category_type = 'accessories';
+                $category_type_route = 'accessories';
             } else {
-                if (Gate::allows('assets.checkin')) {
-                    $inout = '<a href="'.route('checkin/hardware', $asset->id).'" class="btn btn-primary btn-sm">'.trans('general.checkin').'</a>';
-                }
+                $category_type = $category->category_type;
+                $category_type_route = $category->category_type.'s';
             }
-
-            $rows[] = array(
-                'id' => $asset->id,
-                'name' => (string)link_to('/hardware/'.$asset->id.'/view', $asset->showAssetName()),
-                'model' => ($asset->model) ? (string)link_to('hardware/models/'.$asset->model->id.'/view', $asset->model->name) : '',
-                'asset_tag' => $asset->asset_tag,
-                'serial' => $asset->serial,
-                'assigned_to' => ($asset->assigneduser) ? (string)link_to('/admin/users/'.$asset->assigneduser->id.'/view', $asset->assigneduser->fullName()): '',
-                'change' => $inout,
-                'actions' => $actions,
-                'companyName'   => is_null($asset->company) ? '' : e($asset->company->name)
-            );
+            return view('categories/view', compact('category'))
+                ->with('category_type',$category_type)
+                ->with('category_type_route',$category_type_route);
         }
 
-        $data = array('total' => $count, 'rows' => $rows);
-        return $data;
+        // Prepare the error message
+        $error = trans('admin/categories/message.does_not_exist', compact('id'));
+        // Redirect to the user management page
+        return redirect()->route('categories.index')->with('error', $error);
     }
 
 
-
-    public function getDataViewAccessories($categoryID)
-    {
-
-        $category = Category::with('accessories.company')->find($categoryID);
-        $category_assets = $category->accessories;
-
-        if (Input::has('search')) {
-            $category_assets = $category_assets->TextSearch(e(Input::get('search')));
-        }
-
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
-        }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-
-        $allowed_columns = ['id','name','serial','asset_tag'];
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
-        $count = $category_assets->count();
-
-        $rows = array();
-
-        foreach ($category_assets as $asset) {
-
-            $actions = '';
-            $inout='';
-
-            if ($asset->deleted_at=='') {
-                $actions = '<div style=" white-space: nowrap;"><a href="'.route('update/accessory', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> <a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/accessory', $asset->id).'" data-content="'.trans('admin/hardware/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($asset->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
-            }
-
-
-
-            $rows[] = array(
-                'id' => $asset->id,
-                'name' => (string)link_to_route('view/accessory', $asset->name, [$asset->id]),
-                'actions' => $actions,
-                'companyName' => Company::getName($asset),
-            );
-        }
-
-        $data = array('total' => $count, 'rows' => $rows);
-        return $data;
-    }
-
-
-    public function getDataViewConsumables($categoryID)
-    {
-
-        $category = Category::with('accessories.company')->find($categoryID);
-        $category_assets = $category->consumables;
-
-        if (Input::has('search')) {
-            $category_assets = $category_assets->TextSearch(e(Input::get('search')));
-        }
-
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
-        }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-
-        $allowed_columns = ['id','name','serial','asset_tag'];
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
-        $count = $category_assets->count();
-
-        $rows = array();
-
-        foreach ($category_assets as $asset) {
-
-            $actions = '';
-            $inout='';
-
-            if ($asset->deleted_at=='') {
-                $actions = '<div style=" white-space: nowrap;"><a href="'.route('update/consumable', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> <a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/consumable', $asset->id).'" data-content="'.trans('admin/hardware/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($asset->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
-            }
-
-
-
-            $rows[] = array(
-                'id' => $asset->id,
-                'name' => (string) link_to_route('view/consumable', $asset->name, [$asset->id]),
-                'actions' => $actions,
-                'companyName' => Company::getName($asset),
-            );
-        }
-
-        $data = array('total' => $count, 'rows' => $rows);
-        return $data;
-    }
-
-    public function getDataViewComponent($categoryID)
-    {
-
-        $category = Category::with('accessories.company')->find($categoryID);
-        $category_assets = $category->components;
-
-        if (Input::has('search')) {
-            $category_assets = $category_assets->TextSearch(e(Input::get('search')));
-        }
-
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
-        }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-
-        $allowed_columns = ['id','name','serial','asset_tag'];
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
-        $count = $category_assets->count();
-
-        $rows = array();
-
-        foreach ($category_assets as $asset) {
-
-            $actions = '';
-            $inout='';
-
-            if ($asset->deleted_at=='') {
-                $actions = '<div style=" white-space: nowrap;"><a href="'.route('update/component', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> <a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/component', $asset->id).'" data-content="'.trans('admin/hardware/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($asset->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
-            }
-
-
-
-            $rows[] = array(
-                'id' => $asset->id,
-                'name' => (string)link_to_route('view/accessory', $asset->name, [$asset->id]),
-                'actions' => $actions,
-                'companyName' => Company::getName($asset),
-            );
-        }
-
-        $data = array('total' => $count, 'rows' => $rows);
-        return $data;
-    }
 }

app/Http/Controllers/CompaniesController.php

@@ -6,6 +6,9 @@ use Input;
 use Lang;
 use Redirect;
 use View;
+use Illuminate\Http\Request;
+use Image;
+use App\Http\Requests\ImageUploadRequest;
 
 /**
  * This controller handles all actions related to Companies for
@@ -22,11 +25,11 @@ final class CompaniesController extends Controller
     *
     * @author [Abdullah Alansari] [<ahimta@gmail.com>]
     * @since [v1.8]
-    * @return View
-    */
-    public function getIndex()
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function index()
     {
-        return View::make('companies/index')->with('companies', Company::all());
+        return view('companies/index')->with('companies', Company::all());
     }
 
     /**
@@ -34,33 +37,42 @@ final class CompaniesController extends Controller
     *
     * @author [Abdullah Alansari] [<ahimta@gmail.com>]
     * @since [v1.8]
-    * @return View
-    */
-    public function getCreate()
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function create()
     {
-        return View::make('companies/edit')->with('item', new Company);
+        return view('companies/edit')->with('item', new Company);
     }
 
     /**
-    * Save data from new company form.
-    *
-    * @author [Abdullah Alansari] [<ahimta@gmail.com>]
-    * @since [v1.8]
-    * @return Redirect
-    */
-    public function postCreate()
+     * Save data from new company form.
+     *
+     * @author [Abdullah Alansari] [<ahimta@gmail.com>]
+     * @since [v1.8]
+     * @param Request $request
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function store(ImageUploadRequest $request)
     {
         $company = new Company;
+        $company->name = $request->input('name');
 
-            $company->name = e(Input::get('name'));
-
-        if ($company->save()) {
-            return redirect()->to('admin/settings/companies')
-                ->with('success', trans('admin/companies/message.create.success'));
-        } else {
-            return redirect()->back()->withInput()->withErrors($company->getErrors());
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = str_random(25).".".$image->getClientOriginalExtension();
+            $path = public_path('uploads/companies/'.$file_name);
+            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+                $constraint->aspectRatio();
+                $constraint->upsize();
+            })->save($path);
+            $company->image = $file_name;
         }
 
+        if ($company->save()) {
+            return redirect()->route('companies.index')
+                ->with('success', trans('admin/companies/message.create.success'));
+        }
+        return redirect()->back()->withInput()->withErrors($company->getErrors());
     }
 
 
@@ -70,44 +82,72 @@ final class CompaniesController extends Controller
     * @author [Abdullah Alansari] [<ahimta@gmail.com>]
     * @since [v1.8]
     * @param int $companyId
-    * @return View
-    */
-    public function getEdit($companyId)
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function edit($companyId)
     {
         if (is_null($item = Company::find($companyId))) {
-            return redirect()->to('admin/settings/companies')
+            return redirect()->route('companies.index')
                 ->with('error', trans('admin/companies/message.does_not_exist'));
-        } else {
-            return View::make('companies/edit')->with('item', $item);
         }
+        return view('companies/edit')->with('item', $item);
     }
 
     /**
-    * Save data from edit company form.
-    *
-    * @author [Abdullah Alansari] [<ahimta@gmail.com>]
-    * @since [v1.8]
-    * @param int $companyId
-    * @return Redirect
-    */
-    public function postEdit($companyId)
+     * Save data from edit company form.
+     *
+     * @author [Abdullah Alansari] [<ahimta@gmail.com>]
+     * @since [v1.8]
+     * @param Request $request
+     * @param int $companyId
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function update(ImageUploadRequest $request, $companyId)
     {
         if (is_null($company = Company::find($companyId))) {
-            return redirect()->to('admin/settings/companies')->with('error', trans('admin/companies/message.does_not_exist'));
-        } else {
+            return redirect()->route('companies.index')->with('error', trans('admin/companies/message.does_not_exist'));
+        }
 
+        $company->name = $request->input('name');
 
-            $company->name = e(Input::get('name'));
+        $old_image = $company->image;
 
-            if ($company->save()) {
-                return redirect()->to('admin/settings/companies')
-                    ->with('success', trans('admin/companies/message.update.success'));
+        // Set the model's image property to null if the image is being deleted
+        if ($request->input('image_delete') == 1) {
+            $company->image = null;
+        }
+
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = $company->id.'-'.str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
+
+            if ($image->getClientOriginalExtension()!='svg') {
+                Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
+                    $constraint->aspectRatio();
+                    $constraint->upsize();
+                })->save(app('companies_upload_path').$file_name);
             } else {
-                return redirect()->to("admin/settings/companies/$companyId/edit")
-                    ->with('error', trans('admin/companies/message.update.error'));
+                $image->move(app('companies_upload_path'), $file_name);
             }
+            $company->image = $file_name;
 
         }
+
+        if ((($request->file('image')) && (isset($old_image)) && ($old_image!='')) || ($request->input('image_delete') == 1)) {
+            try  {
+                unlink(app('companies_upload_path').$old_image);
+            } catch (\Exception $e) {
+                \Log::error($e);
+            }
+        }
+
+
+        if ($company->save()) {
+            return redirect()->route('companies.index')
+                ->with('success', trans('admin/companies/message.update.success'));
+        }
+        return redirect()->route('companies.edit', ['company' => $companyId])
+            ->with('error', trans('admin/companies/message.update.error'));
     }
 
     /**
@@ -116,17 +156,17 @@ final class CompaniesController extends Controller
     * @author [Abdullah Alansari] [<ahimta@gmail.com>]
     * @since [v1.8]
     * @param int $companyId
-    * @return Redirect
-    */
-    public function postDelete($companyId)
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function destroy($companyId)
     {
         if (is_null($company = Company::find($companyId))) {
-            return redirect()->to('admin/settings/companies')
+            return redirect()->route('companies.index')
                 ->with('error', trans('admin/companies/message.not_found'));
         } else {
             try {
                 $company->delete();
-                return redirect()->to('admin/settings/companies')
+                return redirect()->route('companies.index')
                     ->with('success', trans('admin/companies/message.delete.success'));
             } catch (\Illuminate\Database\QueryException $exception) {
             /*
@@ -134,7 +174,7 @@ final class CompaniesController extends Controller
                  * For example when rows in other tables are referencing this company
                  */
                 if ($exception->getCode() == 23000) {
-                    return redirect()->to('admin/settings/companies')
+                    return redirect()->route('companies.index')
                         ->with('error', trans('admin/companies/message.assoc_users'));
                 } else {
                     throw $exception;
@@ -142,4 +182,16 @@ final class CompaniesController extends Controller
             }
         }
     }
+
+    public function show($id) {
+        $this->authorize('view', Company::class);
+
+        if (is_null($company = Company::find($id))) {
+            return redirect()->route('companies.index')
+                ->with('error', trans('admin/companies/message.not_found'));
+        } else {
+            return view('companies/view')->with('company',$company);
+        }
+
+    }
 }

app/Http/Controllers/ComponentsController.php

@@ -2,9 +2,11 @@
 namespace App\Http\Controllers;
 
 use App\Helpers\Helper;
+use App\Http\Requests\ImageUploadRequest;
 use App\Models\Actionlog;
 use App\Models\Company;
 use App\Models\Component;
+use App\Models\CustomField;
 use App\Models\Setting;
 use App\Models\User;
 use App\Models\Asset;
@@ -21,6 +23,7 @@ use View;
 use Validator;
 use Illuminate\Http\Request;
 use Gate;
+use Image;
 
 /**
  * This class controls all actions related to Components for
@@ -37,11 +40,12 @@ class ComponentsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @see ComponentsController::getDatatable() method that generates the JSON response
     * @since [v3.0]
-    * @return View
+     * @return \Illuminate\Contracts\View\View
     */
-    public function getIndex()
+    public function index()
     {
-        return View::make('components/index');
+        $this->authorize('view', Component::class);
+        return view('components/index');
     }
 
 
@@ -51,20 +55,14 @@ class ComponentsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @see ComponentsController::postCreate() method that stores the data
     * @since [v3.0]
-    * @return View
+    * @return \Illuminate\Contracts\View\View
     */
-    public function getCreate()
+    public function create()
     {
-        // Show the page
-        $category_list = Helper::categoryList('component');
-        $company_list = Helper::companyList();
-        $location_list = Helper::locationsList();
-
-        return View::make('components/edit')
-            ->with('item', new Component)
-            ->with('category_list', $category_list)
-            ->with('company_list', $company_list)
-            ->with('location_list', $location_list);
+        $this->authorize('create', Component::class);
+        $category_type = 'component';
+        return view('components/edit')->with('category_type',$category_type)
+            ->with('item', new Component);
     }
 
 
@@ -74,48 +72,40 @@ class ComponentsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @see ComponentsController::getCreate() method that generates the view
     * @since [v3.0]
-    * @return Redirect
-    */
-    public function postCreate()
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function store(ImageUploadRequest $request)
     {
-
-        // create a new model instance
+        $this->authorize('create', Component::class);
         $component = new Component();
+        $component->name                   = $request->input('name');
+        $component->category_id            = $request->input('category_id');
+        $component->location_id            = $request->input('location_id');
+        $component->company_id             = Company::getIdForCurrentUser($request->input('company_id'));
+        $component->order_number           = $request->input('order_number', null);
+        $component->min_amt                = $request->input('min_amt', null);
+        $component->serial                 = $request->input('serial', null);
+        $component->purchase_date          = $request->input('purchase_date', null);
+        $component->purchase_cost          = $request->input('purchase_cost', null);
+        $component->qty                    = $request->input('qty');
+        $component->user_id                = Auth::id();
 
-        // Update the component data
-        $component->name                   = e(Input::get('name'));
-        $component->category_id            = e(Input::get('category_id'));
-        $component->location_id            = e(Input::get('location_id'));
-        $component->company_id             = Company::getIdForCurrentUser(Input::get('company_id'));
-        $component->order_number           = e(Input::get('order_number'));
-        $component->min_amt                = e(Input::get('min_amt'));
-        $component->serial                 = e(Input::get('serial'));
 
-        if (e(Input::get('purchase_date')) == '') {
-            $component->purchase_date       =  null;
-        } else {
-            $component->purchase_date       = e(Input::get('purchase_date'));
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = str_random(25).".".$image->getClientOriginalExtension();
+            $path = public_path('uploads/components/'.$file_name);
+            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+                $constraint->aspectRatio();
+                $constraint->upsize();
+            })->save($path);
+            $component->image = $file_name;
         }
 
-        if (e(Input::get('purchase_cost')) == '0.00') {
-            $component->purchase_cost       =  null;
-        } else {
-            $component->purchase_cost       = Helper::ParseFloat(e(Input::get('purchase_cost')));
-        }
-
-        $component->qty                    = e(Input::get('qty'));
-        $component->user_id                = Auth::user()->id;
-
-        // Was the component created?
         if ($component->save()) {
-            $component->logCreate();
-            // Redirect to the new component  page
-            return redirect()->to("admin/components")->with('success', trans('admin/components/message.create.success'));
+            return redirect()->route('components.index')->with('success', trans('admin/components/message.create.success'));
         }
-
         return redirect()->back()->withInput()->withErrors($component->getErrors());
-
-
     }
 
     /**
@@ -125,26 +115,22 @@ class ComponentsController extends Controller
     * @see ComponentsController::postEdit() method that stores the data.
     * @since [v3.0]
     * @param int $componentId
-    * @return View
-    */
-    public function getEdit($componentId = null)
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function edit($componentId = null)
     {
-        // Check if the component exists
-        if (is_null($item = Component::find($componentId))) {
-            // Redirect to the blogs management page
-            return redirect()->to('admin/components')->with('error', trans('admin/components/message.does_not_exist'));
-        } elseif (!Company::isCurrentUserHasAccess($item)) {
-            return redirect()->to('admin/components')->with('error', trans('general.insufficient_permissions'));
+
+
+        if ($item = Component::find($componentId)) {
+            $this->authorize('update', $item);
+            $category_type = 'component';
+            return view('components/edit', compact('item'))->with('category_type', $category_type);
         }
+        return redirect()->route('components.index')->with('error', trans('admin/components/message.does_not_exist'));
+
+
 
-        $category_list =  Helper::categoryList('component');
-        $company_list = Helper::companyList();
-        $location_list = Helper::locationsList();
 
-        return View::make('components/edit', compact('item'))
-            ->with('category_list', $category_list)
-            ->with('company_list', $company_list)
-            ->with('location_list', $location_list);
     }
 
 
@@ -155,53 +141,46 @@ class ComponentsController extends Controller
     * @see ComponentsController::getEdit() method presents the form.
     * @param int $componentId
     * @since [v3.0]
-    * @return Redirect
-    */
-    public function postEdit($componentId = null)
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function update(ImageUploadRequest $request, $componentId = null)
     {
-        // Check if the blog post exists
         if (is_null($component = Component::find($componentId))) {
-            // Redirect to the blogs management page
-            return redirect()->to('admin/components')->with('error', trans('admin/components/message.does_not_exist'));
-        } elseif (!Company::isCurrentUserHasAccess($component)) {
-            return redirect()->to('admin/components')->with('error', trans('general.insufficient_permissions'));
+            return redirect()->route('components.index')->with('error', trans('admin/components/message.does_not_exist'));
         }
 
+        $this->authorize('update', $component);
+
 
         // Update the component data
-        $component->name                   = e(Input::get('name'));
-        $component->category_id            = e(Input::get('category_id'));
-        $component->location_id            = e(Input::get('location_id'));
+        $component->name                   = Input::get('name');
+        $component->category_id            = Input::get('category_id');
+        $component->location_id            = Input::get('location_id');
         $component->company_id             = Company::getIdForCurrentUser(Input::get('company_id'));
-        $component->order_number           = e(Input::get('order_number'));
-        $component->min_amt                = e(Input::get('min_amt'));
-        $component->serial                 = e(Input::get('serial'));
+        $component->order_number           = Input::get('order_number');
+        $component->min_amt                = Input::get('min_amt');
+        $component->serial                 = Input::get('serial');
+        $component->purchase_date          = Input::get('purchase_date');
+        $component->purchase_cost          = request('purchase_cost');
+        $component->qty                    = Input::get('qty');
 
-        if (e(Input::get('purchase_date')) == '') {
-            $component->purchase_date       =  null;
-        } else {
-            $component->purchase_date       = e(Input::get('purchase_date'));
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = str_random(25).".".$image->getClientOriginalExtension();
+            $path = public_path('uploads/components/'.$file_name);
+            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+                $constraint->aspectRatio();
+                $constraint->upsize();
+            })->save($path);
+            $component->image = $file_name;
+        } elseif ($request->input('image_delete')=='1') {
+            $component->image = null;
         }
 
-        if (e(Input::get('purchase_cost')) == '0.00') {
-            $component->purchase_cost       =  null;
-        } else {
-            $component->purchase_cost       = Helper::ParseFloat(e(Input::get('purchase_cost')));
-        }
-
-        $component->qty                    = e(Input::get('qty'));
-
-        // Was the component created?
         if ($component->save()) {
-            // Redirect to the new component page
-            return redirect()->to("admin/components")->with('success', trans('admin/components/message.update.success'));
+            return redirect()->route('components.index')->with('success', trans('admin/components/message.update.success'));
         }
-
         return redirect()->back()->withInput()->withErrors($component->getErrors());
-
-
-
-
     }
 
     /**
@@ -210,32 +189,28 @@ class ComponentsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v3.0]
     * @param int $componentId
-    * @return Redirect
-    */
-    public function getDelete($componentId)
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function destroy($componentId)
     {
-        // Check if the blog post exists
         if (is_null($component = Component::find($componentId))) {
-            // Redirect to the blogs management page
-            return redirect()->to('admin/components')->with('error', trans('admin/components/message.not_found'));
-        } elseif (!Company::isCurrentUserHasAccess($component)) {
-            return redirect()->to('admin/components')->with('error', trans('general.insufficient_permissions'));
+            return redirect()->route('components.index')->with('error', trans('admin/components/message.does_not_exist'));
         }
 
-            $component->delete();
-
-            // Redirect to the locations management page
-            return redirect()->to('admin/components')->with('success', trans('admin/components/message.delete.success'));
-
+        $this->authorize('delete', $component);
+        $component->delete();
+        return redirect()->route('components.index')->with('success', trans('admin/components/message.delete.success'));
     }
 
     public function postBulk($componentId = null)
     {
+        //$this->authorize('checkout', $component)
         echo 'Stubbed - not yet complete';
     }
 
     public function postBulkSave($componentId = null)
     {
+        //$this->authorize('edit', Component::class);
         echo 'Stubbed - not yet complete';
     }
 
@@ -247,29 +222,20 @@ class ComponentsController extends Controller
     * @see ComponentsController::getDataView() method that generates the JSON response
     * @since [v3.0]
     * @param int $componentId
-    * @return View
-    */
-    public function getView($componentId = null)
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function show($componentId = null)
     {
         $component = Component::find($componentId);
 
         if (isset($component->id)) {
-
-
-            if (!Company::isCurrentUserHasAccess($component)) {
-                return redirect()->to('admin/components')->with('error', trans('general.insufficient_permissions'));
-            } else {
-                return View::make('components/view', compact('component'));
-            }
-        } else {
-            // Prepare the error message
-            $error = trans('admin/components/message.does_not_exist', compact('id'));
-
-            // Redirect to the user management page
-            return redirect()->route('components')->with('error', $error);
+            $this->authorize('view', $component);
+            return view('components/view', compact('component'));
         }
-
-
+        // Prepare the error message
+        $error = trans('admin/components/message.does_not_exist', compact('id'));
+        // Redirect to the user management page
+        return redirect()->route('components.index')->with('error', $error);
     }
 
     /**
@@ -279,50 +245,41 @@ class ComponentsController extends Controller
     * @see ComponentsController::postCheckout() method that stores the data.
     * @since [v3.0]
     * @param int $componentId
-    * @return View
-    */
+    * @return \Illuminate\Contracts\View\View
+     */
     public function getCheckout($componentId)
     {
         // Check if the component exists
         if (is_null($component = Component::find($componentId))) {
             // Redirect to the component management page with error
-            return redirect()->to('components')->with('error', trans('admin/components/message.not_found'));
-        } elseif (!Company::isCurrentUserHasAccess($component)) {
-            return redirect()->to('admin/components')->with('error', trans('general.insufficient_permissions'));
+            return redirect()->route('components.index')->with('error', trans('admin/components/message.not_found'));
         }
-
-        // Get the dropdown of assets and then pass it to the checkout view
-        $assets_list = Helper::detailedAssetList();
-
-        return View::make('components/checkout', compact('component'))->with('assets_list', $assets_list);
-
+        $this->authorize('checkout', $component);
+        return view('components/checkout', compact('component'));
     }
 
     /**
-    * Validate and store checkout data.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see ComponentsController::getCheckout() method that returns the form.
-    * @since [v3.0]
-    * @param int $componentId
-    * @return Redirect
-    */
+     * Validate and store checkout data.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @see ComponentsController::getCheckout() method that returns the form.
+     * @since [v3.0]
+     * @param Request $request
+     * @param int $componentId
+     * @return \Illuminate\Http\RedirectResponse
+     */
     public function postCheckout(Request $request, $componentId)
     {
-
-
-
         // Check if the component exists
         if (is_null($component = Component::find($componentId))) {
             // Redirect to the component management page with error
-            return redirect()->to('components')->with('error', trans('admin/components/message.not_found'));
-        } elseif (!Company::isCurrentUserHasAccess($component)) {
-            return redirect()->to('admin/components')->with('error', trans('general.insufficient_permissions'));
+            return redirect()->route('components.index')->with('error', trans('admin/components/message.not_found'));
         }
 
+        $this->authorize('checkout', $component);
 
         $max_to_checkout = $component->numRemaining();
-        $validator = Validator::make($request->all(),[
+        $validator = Validator::make($request->all(), [
             "asset_id"          => "required",
             "assigned_qty"      => "required|numeric|between:1,$max_to_checkout"
         ]);
@@ -339,190 +296,115 @@ class ComponentsController extends Controller
       // Check if the user exists
         if (is_null($asset = Asset::find($asset_id))) {
             // Redirect to the component management page with error
-            return redirect()->to('admin/components')->with('error', trans('admin/components/message.asset_does_not_exist'));
+            return redirect()->route('components.index')->with('error', trans('admin/components/message.asset_does_not_exist'));
         }
-        
+
       // Update the component data
         $component->asset_id =   $asset_id;
 
-        $component->assets()->attach($component->id, array(
-        'component_id' => $component->id,
-        'user_id' => $admin_user->id,
-        'created_at' => date('Y-m-d H:i:s'),
-        'assigned_qty' => e(Input::get('assigned_qty')),
-        'asset_id' => $asset_id));
-
-        $logaction = $component->logCheckout(e(Input::get('note')), $asset_id);
-
-        $settings = Setting::getSettings();
-
-        if ($settings->slack_endpoint) {
-
-            $slack_settings = [
-                'username' => $settings->botname,
-                'channel' => $settings->slack_channel,
-                'link_names' => true
-            ];
-
-            $client = new \Maknz\Slack\Client($settings->slack_endpoint, $slack_settings);
-
-            try {
-                    $client->attach([
-                        'color' => 'good',
-                        'fields' => [
-                            [
-                                'title' => 'Checked Out:',
-                                'value' => class_basename(strtoupper($logaction->item_type)).' <'.config('app.url').'/admin/components/'.$component->id.'/view'.'|'.$component->name.'> checked out to <'.config('app.url').'/hardware/'.$asset->id.'/view|'.$asset->showAssetName().'> by <'.config('app.url').'/admin/users/'.$admin_user->id.'/view'.'|'.$admin_user->fullName().'>.'
-                            ],
-                            [
-                                'title' => 'Note:',
-                                'value' => e($logaction->note)
-                            ],
-                        ]
-                    ])->send('Component Checked Out');
-
-            } catch (Exception $e) {
-
-            }
-        }
-
-      // Redirect to the new component page
-        return redirect()->to("admin/components")->with('success', trans('admin/components/message.checkout.success'));
-
-
+        $component->assets()->attach($component->id, [
+            'component_id' => $component->id,
+            'user_id' => $admin_user->id,
+            'created_at' => date('Y-m-d H:i:s'),
+            'assigned_qty' => Input::get('assigned_qty'),
+            'asset_id' => $asset_id
+        ]);
 
+        $component->logCheckout(e(Input::get('note')), $asset);
+        return redirect()->route('components.index')->with('success', trans('admin/components/message.checkout.success'));
     }
 
-
     /**
-    * Generates the JSON response for accessories listing view.
-    *
-    * For debugging, see at /api/accessories/list
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @since [v3.0]
-    * @return string JSON
-    **/
-    public function getDatatable()
+     * Returns a view that allows the checkin of a component from an asset.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @see ComponentsController::postCheckout() method that stores the data.
+     * @since [v4.1.4]
+     * @param int $componentId
+     * @return \Illuminate\Contracts\View\View
+     */
+    public function getCheckin($component_asset_id)
     {
-        $components = Company::scopeCompanyables(Component::select('components.*')->whereNull('components.deleted_at')
-            ->with('company', 'location', 'category'));
 
-        if (Input::has('search')) {
-            $components = $components->TextSearch(Input::get('search'));
-        }
-
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
-        }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-        $allowed_columns = ['id','name','min_amt','order_number','serial','purchase_date','purchase_cost','companyName','category','total_qty'];
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
-
-        switch ($sort) {
-            case 'category':
-                $components = $components->OrderCategory($order);
-                break;
-            case 'location':
-                $components = $components->OrderLocation($order);
-                break;
-            case 'companyName':
-                $components = $components->OrderCompany($order);
-                break;
-            default:
-                $components = $components->orderBy($sort, $order);
-                break;
-        }
-
-        $consumCount = $components->count();
-        $components = $components->skip($offset)->take($limit)->get();
-
-        $rows = array();
-
-        foreach ($components as $component) {
-            $actions = '<nobr>';
-            if (Gate::allows('components.checkout')) {
-                $actions .= '<a href="' . route('checkout/component',
-                        $component->id) . '" style="margin-right:5px;" class="btn btn-info btn-sm ' . (($component->numRemaining() > 0) ? '' : ' disabled') . '" ' . (($component->numRemaining() > 0) ? '' : ' disabled') . '>' . trans('general.checkout') . '</a>';
+        // This could probably be done more cleanly but I am very tired. - @snipe
+        if ($component_assets = DB::table('components_assets')->find($component_asset_id)) {
+            if (is_null($component = Component::find($component_assets->component_id))) {
+                return redirect()->route('components.index')->with('error', trans('admin/components/messages.not_found'));
             }
-
-            if (Gate::allows('components.edit')) {
-                $actions .= '<a href="' . route('update/component',
-                        $component->id) . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
+            if (is_null($asset = Asset::find($component_assets->asset_id))) {
+                return redirect()->route('components.index')->with('error',
+                    trans('admin/components/message.not_found'));
             }
-
-            if (Gate::allows('components.delete')) {
-                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/component',
-                        $component->id) . '" data-content="' . trans('admin/components/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($component->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
-            }
-
-            $actions .='</nobr>';
-            $company = $component->company;
-
-            $rows[] = array(
-                'checkbox'      =>'<div class="text-center"><input type="checkbox" name="component['.$component->id.']" class="one_required"></div>',
-                'id'            => $component->id,
-                'name'          => (string)link_to('admin/components/'.$component->id.'/view', e($component->name)),
-                'serial_number'          => $component->serial,
-                'location'   => ($component->location) ? e($component->location->name) : '',
-                'qty'           => e($component->qty),
-                'min_amt'           => e($component->min_amt),
-                'category'           => ($component->category) ? e($component->category->name) : 'Missing category',
-                'order_number'  => e($component->order_number),
-                'purchase_date'  => e($component->purchase_date),
-                'purchase_cost'  => Helper::formatCurrencyOutput($component->purchase_cost),
-                'numRemaining'  => $component->numRemaining(),
-                'actions'       => $actions,
-                'companyName'   => is_null($company) ? '' : e($company->name),
-            );
+            $this->authorize('checkin', $component);
+            return view('components/checkin', compact('component_assets','component','asset'));
         }
 
-        $data = array('total' => $consumCount, 'rows' => $rows);
-
-        return $data;
+        return redirect()->route('components.index')->with('error', trans('admin/components/messages.not_found'));
 
     }
 
     /**
-    * Return JSON data to populate the components view,
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see ComponentsController::getView() method that returns the view.
-    * @since [v3.0]
-    * @param int $componentId
-    * @return string JSON
-    */
-    public function getDataView($componentId)
+     * Validate and store checkin data.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @see ComponentsController::getCheckout() method that returns the form.
+     * @since [v4.1.4]
+     * @param Request $request
+     * @param int $componentId
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function postCheckin(Request $request, $component_asset_id)
     {
-        //$component = Component::find($componentID);
-        $component = Component::with('assets')->find($componentId);
+        if ($component_assets = DB::table('components_assets')->find($component_asset_id)) {
+            if (is_null($component = Component::find($component_assets->component_id))) {
+                return redirect()->route('components.index')->with('error',
+                    trans('admin/components/message.not_found'));
+            }
 
 
-        if (!Company::isCurrentUserHasAccess($component)) {
-            return ['total' => 0, 'rows' => []];
+            $this->authorize('checkin', $component);
+
+            $max_to_checkin = $component_assets->assigned_qty;
+            $validator = Validator::make($request->all(), [
+                "checkin_qty" => "required|numeric|between:1,$max_to_checkin"
+            ]);
+
+            if ($validator->fails()) {
+                return redirect()->back()
+                    ->withErrors($validator)
+                    ->withInput();
+            }
+
+            // Validation passed, so let's figure out what we have to do here.
+            $qty_remaining_in_checkout = ($component_assets->assigned_qty - (int)$request->input('checkin_qty'));
+
+            // We have to modify the record to reflect the new qty that's
+            // actually checked out.
+            $component_assets->assigned_qty = $qty_remaining_in_checkout;
+            DB::table('components_assets')->where('id',
+                $component_asset_id)->update(['assigned_qty' => $qty_remaining_in_checkout]);
+
+            $log = new Actionlog();
+            $log->user_id = Auth::user()->id;
+            $log->action_type = 'checkin from';
+            $log->target_type = Asset::class;
+            $log->target_id = $component_assets->asset_id;
+            $log->item_id = $component_assets->component_id;
+            $log->item_type = Component::class;
+            $log->note = $request->input('note');
+            $log->save();
+
+            // If the checked-in qty is exactly the same as the assigned_qty,
+            // we can simply delete the associated components_assets record
+            if ($qty_remaining_in_checkout == 0) {
+                DB::table('components_assets')->where('id', '=', $component_asset_id)->delete();
+            }
+
+            return redirect()->route('components.index')->with('success',
+                trans('admin/components/message.checkout.success'));
         }
-
-        $rows = array();
-
-        foreach ($component->assets as $component_assignment) {
-            $rows[] = array(
-            'name' => (string)link_to('/hardware/'.$component_assignment->id.'/view', e($component_assignment->showAssetName())),
-            'qty' => e($component_assignment->pivot->assigned_qty),
-            'created_at' => ($component_assignment->created_at->format('Y-m-d H:i:s')=='-0001-11-30 00:00:00') ? '' : $component_assignment->created_at->format('Y-m-d H:i:s'),
-            );
-        }
-
-        $componentCount = $component->assets->count();
-        $data = array('total' => $componentCount, 'rows' => $rows);
-        return $data;
+        return redirect()->route('components.index')->with('error', trans('admin/components/message.not_found'));
     }
+
+
 }

app/Http/Controllers/ConsumablesController.php

@@ -3,11 +3,11 @@
 namespace App\Http\Controllers;
 
 use App\Helpers\Helper;
-use App\Models\Actionlog;
 use App\Models\Company;
 use App\Models\Consumable;
 use App\Models\Setting;
 use App\Models\User;
+use App\Notifications\CheckoutNotification;
 use Auth;
 use Config;
 use DB;
@@ -19,6 +19,8 @@ use Slack;
 use Str;
 use View;
 use Gate;
+use Image;
+use App\Http\Requests\ImageUploadRequest;
 
 /**
  * This controller handles all actions related to Consumables for
@@ -34,11 +36,12 @@ class ConsumablesController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @see ConsumablesController::getDatatable() method that generates the JSON response
     * @since [v1.0]
-    * @return View
-    */
-    public function getIndex()
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function index()
     {
-        return View::make('consumables/index');
+        $this->authorize('index', Consumable::class);
+        return view('consumables/index');
     }
 
 
@@ -48,22 +51,14 @@ class ConsumablesController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @see ConsumablesController::postCreate() method that stores the form data
     * @since [v1.0]
-    * @return View
-    */
-    public function getCreate()
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function create()
     {
-        // Show the page
-        $category_list = Helper::categoryList('consumable');
-        $company_list = Helper::companyList();
-        $location_list = Helper::locationsList();
-        $manufacturer_list = Helper::manufacturerList();
-
-        return View::make('consumables/edit')
-            ->with('item', new Consumable)
-            ->with('category_list', $category_list)
-            ->with('company_list', $company_list)
-            ->with('location_list', $location_list)
-            ->with('manufacturer_list', $manufacturer_list);
+        $this->authorize('create', Consumable::class);
+        $category_type = 'consumable';
+        return view('consumables/edit')->with('category_type', $category_type)
+            ->with('item', new Consumable);
     }
 
 
@@ -73,46 +68,44 @@ class ConsumablesController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @see ConsumablesController::getCreate() method that returns the form view
     * @since [v1.0]
-    * @return Redirect
-    */
-    public function postCreate()
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function store(ImageUploadRequest $request)
     {
+        $this->authorize('create', Consumable::class);
         $consumable = new Consumable();
-        $consumable->name                   = e(Input::get('name'));
-        $consumable->category_id            = e(Input::get('category_id'));
-        $consumable->location_id            = e(Input::get('location_id'));
-        $consumable->company_id             = Company::getIdForCurrentUser(Input::get('company_id'));
-        $consumable->order_number           = e(Input::get('order_number'));
-        $consumable->min_amt                = e(Input::get('min_amt'));
-        $consumable->manufacturer_id         = e(Input::get('manufacturer_id'));
-        $consumable->model_number               = e(Input::get('model_number'));
-        $consumable->item_no         = e(Input::get('item_no'));
+        $consumable->name                   = $request->input('name');
+        $consumable->category_id            = $request->input('category_id');
+        $consumable->location_id            = $request->input('location_id');
+        $consumable->company_id             = Company::getIdForCurrentUser($request->input('company_id'));
+        $consumable->order_number           = $request->input('order_number');
+        $consumable->min_amt                = $request->input('min_amt');
+        $consumable->manufacturer_id        = $request->input('manufacturer_id');
+        $consumable->model_number           = $request->input('model_number');
+        $consumable->item_no                = $request->input('item_no');
+        $consumable->purchase_date          = $request->input('purchase_date');
+        $consumable->purchase_cost          = Helper::ParseFloat($request->input('purchase_cost'));
+        $consumable->qty                    = $request->input('qty');
+        $consumable->user_id                = Auth::id();
 
-        if (e(Input::get('purchase_date')) == '') {
-            $consumable->purchase_date       =  null;
-        } else {
-            $consumable->purchase_date       = e(Input::get('purchase_date'));
+
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = str_random(25).".".$image->getClientOriginalExtension();
+            $path = public_path('uploads/consumables/'.$file_name);
+            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+                $constraint->aspectRatio();
+                $constraint->upsize();
+            })->save($path);
+            $consumable->image = $file_name;
         }
 
-        if (e(Input::get('purchase_cost')) == '0.00') {
-            $consumable->purchase_cost       =  null;
-        } else {
-            $consumable->purchase_cost       = Helper::ParseFloat(e(Input::get('purchase_cost')));
-        }
-
-        $consumable->qty                    = e(Input::get('qty'));
-        $consumable->user_id                = Auth::user()->id;
-
-        // Was the consumable created?
         if ($consumable->save()) {
-            $consumable->logCreate();
-            // Redirect to the new consumable  page
-            return redirect()->to("admin/consumables")->with('success', trans('admin/consumables/message.create.success'));
+            return redirect()->route('consumables.index')->with('success', trans('admin/consumables/message.create.success'));
         }
 
         return redirect()->back()->withInput()->withErrors($consumable->getErrors());
 
-
     }
 
     /**
@@ -122,28 +115,18 @@ class ConsumablesController extends Controller
     * @param  int $consumableId
     * @see ConsumablesController::postEdit() method that stores the form data.
     * @since [v1.0]
-    * @return View
-    */
-    public function getEdit($consumableId = null)
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function edit($consumableId = null)
     {
-        // Check if the consumable exists
-        if (is_null($item = Consumable::find($consumableId))) {
-            // Redirect to the blogs management page
-            return redirect()->to('admin/consumables')->with('error', trans('admin/consumables/message.does_not_exist'));
-        } elseif (!Company::isCurrentUserHasAccess($item)) {
-            return redirect()->to('admin/consumables')->with('error', trans('general.insufficient_permissions'));
+        if ($item = Consumable::find($consumableId)) {
+            $this->authorize($item);
+            $category_type = 'consumable';
+            return view('consumables/edit', compact('item'))->with('category_type', $category_type);
         }
 
-        $category_list =  Helper::categoryList('consumable');
-        $company_list = Helper::companyList();
-        $location_list = Helper::locationsList();
-        $manufacturer_list = Helper::manufacturerList();
+        return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.does_not_exist'));
 
-        return View::make('consumables/edit', compact('item'))
-            ->with('category_list', $category_list)
-            ->with('company_list', $company_list)
-            ->with('location_list', $location_list)
-            ->with('manufacturer_list', $manufacturer_list);
     }
 
 
@@ -154,46 +137,46 @@ class ConsumablesController extends Controller
     * @param  int $consumableId
     * @see ConsumablesController::getEdit() method that stores the form data.
     * @since [v1.0]
-    * @return Redirect
-    */
-    public function postEdit($consumableId = null)
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function update(ImageUploadRequest $request,  $consumableId = null)
     {
         if (is_null($consumable = Consumable::find($consumableId))) {
-            return redirect()->to('admin/consumables')->with('error', trans('admin/consumables/message.does_not_exist'));
-        } elseif (!Company::isCurrentUserHasAccess($consumable)) {
-            return redirect()->to('admin/consumables')->with('error', trans('general.insufficient_permissions'));
+            return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.does_not_exist'));
         }
 
-        $consumable->name                   = e(Input::get('name'));
-        $consumable->category_id            = e(Input::get('category_id'));
-        $consumable->location_id            = e(Input::get('location_id'));
-        $consumable->company_id             = Company::getIdForCurrentUser(Input::get('company_id'));
-        $consumable->order_number           = e(Input::get('order_number'));
-        $consumable->min_amt                   = e(Input::get('min_amt'));
-        $consumable->manufacturer_id         = e(Input::get('manufacturer_id'));
-        $consumable->model_number               = e(Input::get('model_number'));
-        $consumable->item_no         = e(Input::get('item_no'));
+        $this->authorize($consumable);
 
-        if (e(Input::get('purchase_date')) == '') {
-            $consumable->purchase_date       =  null;
-        } else {
-            $consumable->purchase_date       = e(Input::get('purchase_date'));
+        $consumable->name                   = $request->input('name');
+        $consumable->category_id            = $request->input('category_id');
+        $consumable->location_id            = $request->input('location_id');
+        $consumable->company_id             = Company::getIdForCurrentUser($request->input('company_id'));
+        $consumable->order_number           = $request->input('order_number');
+        $consumable->min_amt                = $request->input('min_amt');
+        $consumable->manufacturer_id        = $request->input('manufacturer_id');
+        $consumable->model_number           = $request->input('model_number');
+        $consumable->item_no                = $request->input('item_no');
+        $consumable->purchase_date          = $request->input('purchase_date');
+        $consumable->purchase_cost          = Helper::ParseFloat(Input::get('purchase_cost'));
+        $consumable->qty                    = Helper::ParseFloat(Input::get('qty'));
+
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = str_random(25).".".$image->getClientOriginalExtension();
+            $path = public_path('uploads/consumables/'.$file_name);
+            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+                $constraint->aspectRatio();
+                $constraint->upsize();
+            })->save($path);
+            $consumable->image = $file_name;
+        } elseif ($request->input('image_delete')=='1') {
+            $consumable->image = null;
         }
 
-        if (e(Input::get('purchase_cost')) == '0.00') {
-            $consumable->purchase_cost       =  null;
-        } else {
-            $consumable->purchase_cost       = Helper::ParseFloat(e(Input::get('purchase_cost')));
-        }
-
-        $consumable->qty                    = Helper::ParseFloat(e(Input::get('qty')));
-
         if ($consumable->save()) {
-            return redirect()->to("admin/consumables")->with('success', trans('admin/consumables/message.update.success'));
+            return redirect()->route('consumables.index')->with('success', trans('admin/consumables/message.update.success'));
         }
-
         return redirect()->back()->withInput()->withErrors($consumable->getErrors());
-
     }
 
     /**
@@ -202,27 +185,19 @@ class ConsumablesController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param  int $consumableId
     * @since [v1.0]
-    * @return Redirect
-    */
-    public function getDelete($consumableId)
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function destroy($consumableId)
     {
-        // Check if the blog post exists
         if (is_null($consumable = Consumable::find($consumableId))) {
-            // Redirect to the blogs management page
-            return redirect()->to('admin/consumables')->with('error', trans('admin/consumables/message.not_found'));
-        } elseif (!Company::isCurrentUserHasAccess($consumable)) {
-            return redirect()->to('admin/consumables')->with('error', trans('general.insufficient_permissions'));
+            return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.not_found'));
         }
-
-            $consumable->delete();
-
-            // Redirect to the locations management page
-            return redirect()->to('admin/consumables')->with('success', trans('admin/consumables/message.delete.success'));
-
+        $this->authorize($consumable);
+        $consumable->delete();
+        // Redirect to the locations management page
+        return redirect()->route('consumables.index')->with('success', trans('admin/consumables/message.delete.success'));
     }
 
-
-
     /**
     * Return a view to display component information.
     *
@@ -230,29 +205,16 @@ class ConsumablesController extends Controller
     * @see ConsumablesController::getDataView() method that generates the JSON response
     * @since [v1.0]
     * @param int $consumableId
-    * @return View
-    */
-    public function getView($consumableId = null)
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function show($consumableId = null)
     {
         $consumable = Consumable::find($consumableId);
-
+        $this->authorize($consumable);
         if (isset($consumable->id)) {
-
-
-            if (!Company::isCurrentUserHasAccess($consumable)) {
-                return redirect()->to('admin/consumables')->with('error', trans('general.insufficient_permissions'));
-            } else {
-                return View::make('consumables/view', compact('consumable'));
-            }
-        } else {
-            // Prepare the error message
-            $error = trans('admin/consumables/message.does_not_exist', compact('id'));
-
-            // Redirect to the user management page
-            return redirect()->route('consumables')->with('error', $error);
+            return view('consumables/view', compact('consumable'));
         }
-
-
+        return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.does_not_exist', compact('id')));
     }
 
     /**
@@ -262,23 +224,15 @@ class ConsumablesController extends Controller
     * @see ConsumablesController::postCheckout() method that stores the data.
     * @since [v1.0]
     * @param int $consumableId
-    * @return View
-    */
+    * @return \Illuminate\Contracts\View\View
+     */
     public function getCheckout($consumableId)
     {
-        // Check if the consumable exists
         if (is_null($consumable = Consumable::find($consumableId))) {
-            // Redirect to the consumable management page with error
-            return redirect()->to('consumables')->with('error', trans('admin/consumables/message.not_found'));
-        } elseif (!Company::isCurrentUserHasAccess($consumable)) {
-            return redirect()->to('admin/consumables')->with('error', trans('general.insufficient_permissions'));
+            return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.does_not_exist'));
         }
-
-        // Get the dropdown of users and then pass it to the checkout view
-        $users_list = Helper::usersList();
-
-        return View::make('consumables/checkout', compact('consumable'))->with('users_list', $users_list);
-
+        $this->authorize('checkout', $consumable);
+        return view('consumables/checkout', compact('consumable'));
     }
 
     /**
@@ -288,71 +242,35 @@ class ConsumablesController extends Controller
     * @see ConsumablesController::getCheckout() method that returns the form.
     * @since [v1.0]
     * @param int $consumableId
-    * @return Redirect
-    */
+    * @return \Illuminate\Http\RedirectResponse
+     */
     public function postCheckout($consumableId)
     {
-      // Check if the consumable exists
         if (is_null($consumable = Consumable::find($consumableId))) {
-            // Redirect to the consumable management page with error
-            return redirect()->to('consumables')->with('error', trans('admin/consumables/message.not_found'));
-        } elseif (!Company::isCurrentUserHasAccess($consumable)) {
-            return redirect()->to('admin/consumables')->with('error', trans('general.insufficient_permissions'));
+            return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.not_found'));
         }
 
+        $this->authorize('checkout', $consumable);
+
         $admin_user = Auth::user();
         $assigned_to = e(Input::get('assigned_to'));
 
-      // Check if the user exists
+        // Check if the user exists
         if (is_null($user = User::find($assigned_to))) {
             // Redirect to the consumable management page with error
-            return redirect()->to('admin/consumables')->with('error', trans('admin/consumables/message.user_does_not_exist'));
+            return redirect()->route('checkout/consumable', $consumable)->with('error', trans('admin/consumables/message.checkout.user_does_not_exist'));
         }
 
-      // Update the consumable data
+        // Update the consumable data
         $consumable->assigned_to = e(Input::get('assigned_to'));
 
-        $consumable->users()->attach($consumable->id, array(
-        'consumable_id' => $consumable->id,
-        'user_id' => $admin_user->id,
-        'assigned_to' => e(Input::get('assigned_to'))));
-
-        $logaction = $consumable->logCheckout(e(Input::get('note')));
-
-        $settings = Setting::getSettings();
-
-        if ($settings->slack_endpoint) {
-
-            $slack_settings = [
-                'username' => $settings->botname,
-                'channel' => $settings->slack_channel,
-                'link_names' => true
-            ];
-
-            $client = new \Maknz\Slack\Client($settings->slack_endpoint, $slack_settings);
-
-            try {
-                    $client->attach([
-                        'color' => 'good',
-                        'fields' => [
-                            [
-                                'title' => 'Checked Out:',
-                                'value' => 'Consumable <'.config('app.url').'/admin/consumables/'.$consumable->id.'/view'.'|'.$consumable->name.'> checked out to <'.config('app.url').'/admin/users/'.$user->id.'/view|'.$user->fullName().'> by <'.config('app.url').'/admin/users/'.$admin_user->id.'/view'.'|'.$admin_user->fullName().'>.'
-                            ],
-                            [
-                                'title' => 'Note:',
-                                'value' => e($logaction->note)
-                            ],
-                        ]
-                    ])->send('Consumable Checked Out');
-
-            } catch (Exception $e) {
-
-            }
-        }
-
-        $consumable_user = DB::table('consumables_users')->where('assigned_to', '=', $consumable->assigned_to)->where('consumable_id', '=', $consumable->id)->first();
+        $consumable->users()->attach($consumable->id, [
+            'consumable_id' => $consumable->id,
+            'user_id' => $admin_user->id,
+            'assigned_to' => e(Input::get('assigned_to'))
+        ]);
 
+        $logaction = $consumable->logCheckout(e(Input::get('note')), $user);
         $data['log_id'] = $logaction->id;
         $data['eula'] = $consumable->getEula();
         $data['first_name'] = $user->first_name;
@@ -361,8 +279,7 @@ class ConsumablesController extends Controller
         $data['note'] = $logaction->note;
         $data['require_acceptance'] = $consumable->requireAcceptance();
 
-
-        if (($consumable->requireAcceptance()=='1')  || ($consumable->getEula())) {
+        if ((($consumable->requireAcceptance()=='1')  || ($consumable->getEula())) && $user->email!='') {
 
             Mail::send('emails.accept-asset', $data, function ($m) use ($user) {
                 $m->to($user->email, $user->first_name . ' ' . $user->last_name);
@@ -372,158 +289,8 @@ class ConsumablesController extends Controller
         }
 
       // Redirect to the new consumable page
-        return redirect()->to("admin/consumables")->with('success', trans('admin/consumables/message.checkout.success'));
-
-
+        return redirect()->route('consumables.index')->with('success', trans('admin/consumables/message.checkout.success'));
 
     }
 
-
-    /**
-    * Returns the JSON response containing the the consumables data.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see ConsumablesController::getIndex() method that returns the view that consumes the JSON.
-    * @since [v1.0]
-    * @param int $consumableId
-    * @return View
-    */
-    public function getDatatable()
-    {
-        $consumables = Company::scopeCompanyables(
-            Consumable::select('consumables.*')
-            ->whereNull('consumables.deleted_at')
-            ->with('company', 'location', 'category', 'users', 'manufacturer')
-        );
-
-        if (Input::has('search')) {
-            $consumables = $consumables->TextSearch(e(Input::get('search')));
-        }
-
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
-        }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-        $allowed_columns = ['id','name','order_number','min_amt','purchase_date','purchase_cost','companyName','category','model_number', 'item_no', 'manufacturer'];
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
-
-        switch ($sort) {
-            case 'category':
-                $consumables = $consumables->OrderCategory($order);
-                break;
-            case 'location':
-                $consumables = $consumables->OrderLocation($order);
-                break;
-            case 'manufacturer':
-                $consumables = $consumables->OrderManufacturer($order);
-                break;
-            case 'companyName':
-                $consumables = $consumables->OrderCompany($order);
-                break;
-            default:
-                $consumables = $consumables->orderBy($sort, $order);
-                break;
-        }
-
-        $consumCount = $consumables->count();
-        $consumables = $consumables->skip($offset)->take($limit)->get();
-
-        $rows = array();
-
-        foreach ($consumables as $consumable) {
-            $actions = '<nobr>';
-            if (Gate::allows('consumables.checkout')) {
-                $actions .= '<a href="' . route('checkout/consumable',
-                        $consumable->id) . '" style="margin-right:5px;" class="btn btn-info btn-sm" ' . (($consumable->numRemaining() > 0) ? '' : ' disabled') . '>' . trans('general.checkout') . '</a>';
-            }
-
-            if (Gate::allows('consumables.edit')) {
-                $actions .= '<a href="' . route('update/consumable',
-                        $consumable->id) . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
-            }
-            if (Gate::allows('consumables.delete')) {
-                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/consumable',
-                        $consumable->id) . '" data-content="' . trans('admin/consumables/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($consumable->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
-            }
-
-            $actions .='</nobr>';
-
-            $company = $consumable->company;
-
-            $rows[] = array(
-                'id'            => $consumable->id,
-                'name'          => (string)link_to('admin/consumables/'.$consumable->id.'/view', e($consumable->name)),
-                'location'   => ($consumable->location) ? e($consumable->location->name) : '',
-                'min_amt'           => e($consumable->min_amt),
-                'qty'           => e($consumable->qty),
-                'manufacturer'  => ($consumable->manufacturer) ? (string) link_to('/admin/settings/manufacturers/'.$consumable->manufacturer_id.'/view', $consumable->manufacturer->name): '',
-                'model_number'      => e($consumable->model_number),
-                'item_no'       => e($consumable->item_no),
-                'category'      => ($consumable->category) ? (string) link_to('/admin/settings/categories/'.$consumable->category_id.'/view', $consumable->category->name) : 'Missing category',
-                'order_number'  => e($consumable->order_number),
-                'purchase_date'  => e($consumable->purchase_date),
-                'purchase_cost'  => Helper::formatCurrencyOutput($consumable->purchase_cost),
-                'numRemaining'  => $consumable->numRemaining(),
-                'actions'       => $actions,
-                'companyName'   => is_null($company) ? '' : e($company->name),
-            );
-        }
-
-        $data = array('total' => $consumCount, 'rows' => $rows);
-
-        return $data;
-
-    }
-
-    /**
-    * Returns a JSON response containing details on the users associated with this consumable.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see ConsumablesController::getView() method that returns the form.
-    * @since [v1.0]
-    * @param int $consumableId
-    * @return View
-    */
-    public function getDataView($consumableId)
-    {
-        //$consumable = Consumable::find($consumableID);
-        $consumable = Consumable::with(array('consumableAssigments'=>
-        function ($query) {
-            $query->orderBy('created_at', 'DESC');
-        },
-        'consumableAssigments.admin'=> function ($query) {
-        },
-        'consumableAssigments.user'=> function ($query) {
-        },
-        ))->find($consumableId);
-
-  //  $consumable->load('consumableAssigments.admin','consumableAssigments.user');
-
-        if (!Company::isCurrentUserHasAccess($consumable)) {
-            return ['total' => 0, 'rows' => []];
-        }
-
-        $rows = array();
-
-        foreach ($consumable->consumableAssigments as $consumable_assignment) {
-            $rows[] = array(
-            'name' => (string)link_to('/admin/users/'.$consumable_assignment->user->id.'/view', e($consumable_assignment->user->fullName())),
-            'created_at' => ($consumable_assignment->created_at->format('Y-m-d H:i:s')=='-0001-11-30 00:00:00') ? '' : $consumable_assignment->created_at->format('Y-m-d H:i:s'),
-            'admin' => ($consumable_assignment->admin) ? e($consumable_assignment->admin->fullName()) : '',
-            );
-        }
-
-        $consumableCount = $consumable->users->count();
-        $data = array('total' => $consumableCount, 'rows' => $rows);
-        return $data;
-    }
 }

app/Http/Controllers/CustomFieldsController.php

@@ -1,6 +1,7 @@
 <?php
 namespace App\Http\Controllers;
 
+use App\Http\Requests\CustomFieldRequest;
 use View;
 use App\Models\CustomFieldset;
 use App\Models\CustomField;
@@ -11,6 +12,7 @@ use App\Models\AssetModel;
 use Lang;
 use Auth;
 use Illuminate\Http\Request;
+use App\Helpers\Helper;
 use Log;
 
 /**
@@ -35,77 +37,15 @@ class CustomFieldsController extends Controller
     */
     public function index()
     {
-        //
-        $fieldsets=CustomFieldset::with("fields", "models")->get();
-        //$fieldsets=CustomFieldset::all();
-        $fields=CustomField::with("fieldset")->get();
-        //$fields=CustomField::all();
-        return View::make("custom_fields.index")->with("custom_fieldsets", $fieldsets)->with("custom_fields", $fields);
+
+        $fieldsets = CustomFieldset::with("fields", "models")->get();
+        $fields = CustomField::with("fieldset")->get();
+        return view("custom_fields.index")->with("custom_fieldsets", $fieldsets)->with("custom_fields", $fields);
     }
 
 
-    /**
-    * Returns a view with a form for creating a new custom fieldset.
-    *
-    * @author [Brady Wetherington] [<uberbrady@gmail.com>]
-    * @since [v1.8]
-    * @return View
-    */
-    public function create()
-    {
-        //
-        return View::make("custom_fields.create");
-    }
 
 
-    /**
-    * Validates and stores a new custom fieldset.
-    *
-    * @author [Brady Wetherington] [<uberbrady@gmail.com>]
-    * @since [v1.8]
-    * @return Redirect
-    */
-    public function store(Request $request)
-    {
-        //
-        $cfset = new CustomFieldset(
-            [
-                "name" => e($request->get("name")),
-                "user_id" => Auth::user()->id]
-            );
-
-        $validator=Validator::make(Input::all(), $cfset->rules);
-        if ($validator->passes()) {
-            $cfset->save();
-            return redirect()->route("admin.custom_fields.show", [$cfset->id])->with('success', trans('admin/custom_fields/message.fieldset.create.success'));
-        } else {
-            return redirect()->back()->withInput()->withErrors($validator);
-        }
-    }
-
-    /**
-    * Associate the custom field with a custom fieldset.
-    *
-    * @author [Brady Wetherington] [<uberbrady@gmail.com>]
-    * @since [v1.8]
-    * @return View
-    */
-    public function associate($id)
-    {
-
-        $set = CustomFieldset::find($id);
-
-        foreach ($set->fields as $field) {
-            if ($field->id == Input::get('field_id')) {
-                return redirect()->route("admin.custom_fields.show", [$id])->withInput()->withErrors(['field_id' => trans('admin/custom_fields/message.field.already_added')]);
-            }
-        }
-
-        $results=$set->fields()->attach(Input::get('field_id'), ["required" => (Input::get('required') == "on"),"order" => Input::get('order')]);
-
-        return redirect()->route("admin.custom_fields.show", [$id])->with("success", trans('admin/custom_fields/message.field.create.assoc_success'));
-    }
-
 
     /**
     * Returns a view with a form to create a new custom field.
@@ -115,9 +55,10 @@ class CustomFieldsController extends Controller
     * @since [v1.8]
     * @return View
     */
-    public function createField()
+    public function create()
     {
-        return View::make("custom_fields.create_field");
+
+        return view("custom_fields.fields.edit")->with('field', new CustomField());
     }
 
 
@@ -129,38 +70,31 @@ class CustomFieldsController extends Controller
     * @since [v1.8]
     * @return Redirect
     */
-    public function storeField(Request $request)
+    public function store(CustomFieldRequest $request)
     {
         $field = new CustomField([
-            "name" => e($request->get("name")),
-            "element" => e($request->get("element")),
-            "field_values" => e($request->get("field_values")),
-            "field_encrypted" => e($request->get("field_encrypted", 0)),
+            "name" => $request->get("name"),
+            "element" => $request->get("element"),
+            "help_text" => $request->get("help_text"),
+            "field_values" => $request->get("field_values"),
+            "field_encrypted" => $request->get("field_encrypted", 0),
             "user_id" => Auth::user()->id
         ]);
 
 
-
         if (!in_array(Input::get('format'), array_keys(CustomField::$PredefinedFormats))) {
             $field->format = e($request->get("custom_format"));
         } else {
             $field->format = e($request->get("format"));
         }
 
-
-
-        $validator=Validator::make(Input::all(), $field->rules);
-        if ($validator->passes()) {
-            $results = $field->save();
-            if ($results) {
-                return redirect()->route("admin.custom_fields.index")->with("success", trans('admin/custom_fields/message.field.create.success'));
-            } else {
-                dd($field);
-                return redirect()->back()->withInput()->with('error', trans('admin/custom_fields/message.field.create.error'));
-            }
+        if ($field->save()) {
+            return redirect()->route("fields.index")->with("success", trans('admin/custom_fields/message.field.create.success'));
         } else {
-            return redirect()->back()->withInput()->withErrors($validator);
+           // dd($field);
+            return redirect()->back()->withInput()->with('error', trans('admin/custom_fields/message.field.create.error'));
         }
+
     }
 
 
@@ -176,7 +110,7 @@ class CustomFieldsController extends Controller
         $field = CustomField::find($field_id);
 
         if ($field->fieldset()->detach($fieldset_id)) {
-            return redirect()->route("admin.custom_fields.index")->with("success", trans('admin/custom_fields/message.field.delete.success'));
+            return redirect()->route('fieldsets.show', ['fieldset' => $fieldset_id])->with("success", trans('admin/custom_fields/message.field.delete.success'));
         }
 
         return redirect()->back()->withErrors(['message' => "Field is in-use"]);
@@ -189,7 +123,7 @@ class CustomFieldsController extends Controller
     * @since [v1.8]
     * @return Redirect
     */
-    public function deleteField($field_id)
+    public function destroy($field_id)
     {
         $field = CustomField::find($field_id);
 
@@ -197,115 +131,62 @@ class CustomFieldsController extends Controller
             return redirect()->back()->withErrors(['message' => "Field is in-use"]);
         } else {
             $field->delete();
-            return redirect()->route("admin.custom_fields.index")->with("success", trans('admin/custom_fields/message.field.delete.success'));
+            return redirect()->route("fields.index")->with("success", trans('admin/custom_fields/message.field.delete.success'));
         }
     }
 
-    /**
-    * Validates and stores a new custom field.
-    *
-    * @author [Brady Wetherington] [<uberbrady@gmail.com>]
-    * @param int $id
-    * @since [v1.8]
-    * @return View
-    */
-    public function show($id)
-    {
-        $cfset = CustomFieldset::with('fields')->where('id','=',$id)->orderBy('id','ASC')->first();
-        $custom_fields_list = ["" => "Add New Field to Fieldset"] + CustomField::lists("name", "id")->toArray();
-
-        $maxid = 0;
-        foreach ($cfset->fields() as $field) {
-            if ($field->pivot->order > $maxid) {
-                $maxid=$field->pivot->order;
-            }
-            if (isset($custom_fields_list[$field->id])) {
-                unset($custom_fields_list[$field->id]);
-            }
-        }
-
-        return View::make("custom_fields.show")->with("custom_fieldset", $cfset)->with("maxid", $maxid+1)->with("custom_fields_list", $custom_fields_list);
-    }
 
 
     /**
-    * What the actual fuck, Brady?
+    * Return a view to edit a custom field
     *
-    * @todo Uhh, build this?
-    * @author [Brady Wetherington] [<uberbrady@gmail.com>]
+    * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param  int  $id
-    * @since [v1.8]
-    * @return Fuckall
+    * @since [v4.0]
+    * @return View
     */
     public function edit($id)
     {
-        //
+        $field = CustomField::find($id);
+        return view("custom_fields.fields.edit")->with('field', $field);
     }
 
 
     /**
-    * GET IN THE SEA BRADY.
+    * Store the updated field
     *
-    * @todo Uhh, build this too?
-    * @author [Brady Wetherington] [<uberbrady@gmail.com>]
-    * @param  int  $id
-    * @since [v1.8]
-    * @return Fuckall
-    */
-    public function update($id)
-    {
-        //
-    }
-
-
-    /**
-    * Validates a custom fieldset and then deletes if it has no models associated.
+    * @todo Allow encrypting/decrypting if encryption status changes
     *
-    * @author [Brady Wetherington] [<uberbrady@gmail.com>]
+    * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param  int  $id
-    * @since [v1.8]
-    * @return View
+    * @since [v4.0]
+    * @return Redirect
     */
-    public function destroy($id)
+    public function update(CustomFieldRequest $request, $id)
     {
-        //
-        $fieldset = CustomFieldset::find($id);
+        $field =  CustomField::find($id);
 
-        $models = AssetModel::where("fieldset_id", "=", $id);
-        if ($models->count() == 0) {
-            $fieldset->delete();
-            return redirect()->route("admin.custom_fields.index")->with("success", trans('admin/custom_fields/message.fieldset.delete.success'));
+        $field->name = e($request->get("name"));
+        $field->element = e($request->get("element"));
+        $field->field_values = e($request->get("field_values"));
+        $field->field_encrypted = e($request->get("field_encrypted", 0));
+        $field->user_id = Auth::user()->id;
+        $field->help_text = $request->get("help_text");
+
+        if (!in_array(Input::get('format'), array_keys(CustomField::$PredefinedFormats))) {
+            $field->format = e($request->get("custom_format"));
         } else {
-            return redirect()->route("admin.custom_fields.index")->with("error", trans('admin/custom_fields/message.fieldset.delete.in_use'));
+            $field->format = e($request->get("format"));
         }
+
+
+        if ($field->save()) {
+           return redirect()->route("fields.index")->with("success", trans('admin/custom_fields/message.field.update.success'));
+        }
+
+        return redirect()->back()->withInput()->with('error', trans('admin/custom_fields/message.field.update.error'));
     }
 
 
-    /**
-     * Reorder the custom fields within a fieldset
-     *
-     * @author [Brady Wetherington] [<uberbrady@gmail.com>]
-     * @param  int  $id
-     * @since [v3.0]
-     * @return Array
-     */
-    public function postReorder(Request $request, $id)
-    {
-        $fieldset = CustomFieldset::find($id);
-        $fields = array();
-        $order_array = array();
 
-        $items = $request->input('item');
-
-        foreach ($items as $order => $field_id) {
-            $order_array[$field_id] = $order;
-        }
-
-        foreach ($fieldset->fields as $field) {
-            $fields[$field->id] = ['required' => $field->pivot->required, 'order' => $order_array[$field->id]];
-        }
-
-        return $fieldset->fields()->sync($fields);
-
-    }
 }

app/Http/Controllers/CustomFieldsetsController.php

@@ -0,0 +1,182 @@
+<?php
+namespace App\Http\Controllers;
+
+use View;
+use App\Models\CustomFieldset;
+use App\Models\CustomField;
+use Input;
+use Validator;
+use Redirect;
+use App\Models\AssetModel;
+use Lang;
+use Auth;
+use Illuminate\Http\Request;
+use Log;
+
+/**
+ * This controller handles all actions related to Custom Asset Fields for
+ * the Snipe-IT Asset Management application.
+ *
+ * @todo Improve documentation here.
+ * @todo Check for raw DB queries and try to convert them to query builder statements
+ * @version    v2.0
+ * @author [Brady Wetherington] [<uberbrady@gmail.com>]
+ */
+
+class CustomFieldsetsController extends Controller
+{
+
+        /**
+        * Validates and stores a new custom field.
+        *
+        * @author [Brady Wetherington] [<uberbrady@gmail.com>]
+        * @param int $id
+        * @since [v1.8]
+        * @return View
+        */
+    public function show($id)
+    {
+        $cfset = CustomFieldset::with('fields')->where('id', '=', $id)->orderBy('id', 'ASC')->first();
+
+        if ($cfset) {
+            $custom_fields_list = ["" => "Add New Field to Fieldset"] + CustomField::pluck("name", "id")->toArray();
+
+            $maxid = 0;
+            foreach ($cfset->fields() as $field) {
+                if ($field->pivot->order > $maxid) {
+                    $maxid=$field->pivot->order;
+                }
+                if (isset($custom_fields_list[$field->id])) {
+                    unset($custom_fields_list[$field->id]);
+                }
+            }
+
+            return view("custom_fields.fieldsets.view")->with("custom_fieldset", $cfset)->with("maxid", $maxid+1)->with("custom_fields_list", $custom_fields_list);
+        }
+
+        return redirect()->route("fields.index")->with("error", trans('admin/custom_fields/message.fieldset.does_not_exist'));
+
+    }
+
+
+    /**
+    * Returns a view with a form for creating a new custom fieldset.
+    *
+    * @author [Brady Wetherington] [<uberbrady@gmail.com>]
+    * @since [v1.8]
+    * @return View
+    */
+    public function create()
+    {
+        return view("custom_fields.fieldsets.edit");
+    }
+
+
+    /**
+    * Validates and stores a new custom fieldset.
+    *
+    * @author [Brady Wetherington] [<uberbrady@gmail.com>]
+    * @since [v1.8]
+    * @return Redirect
+    */
+    public function store(Request $request)
+    {
+        $cfset = new CustomFieldset(
+            [
+                "name" => e($request->get("name")),
+                "user_id" => Auth::user()->id]
+        );
+
+        $validator = Validator::make(Input::all(), $cfset->rules);
+        if ($validator->passes()) {
+            $cfset->save();
+            return redirect()->route("fieldsets.show", [$cfset->id])->with('success', trans('admin/custom_fields/message.fieldset.create.success'));
+        } else {
+            return redirect()->back()->withInput()->withErrors($validator);
+        }
+    }
+
+
+
+
+    /**
+    * What the actual fuck, Brady?
+    *
+    * @todo Uhh, build this?
+    * @author [Brady Wetherington] [<uberbrady@gmail.com>]
+    * @param  int  $id
+    * @since [v1.8]
+    * @return Fuckall
+    */
+    public function edit($id)
+    {
+        //
+    }
+
+
+    /**
+    * GET IN THE SEA BRADY.
+    *
+    * @todo Uhh, build this too?
+    * @author [Brady Wetherington] [<uberbrady@gmail.com>]
+    * @param  int  $id
+    * @since [v1.8]
+    * @return Fuckall
+    */
+    public function update($id)
+    {
+        //
+    }
+
+
+    /**
+    * Validates a custom fieldset and then deletes if it has no models associated.
+    *
+    * @author [Brady Wetherington] [<uberbrady@gmail.com>]
+    * @param  int  $id
+    * @since [v1.8]
+    * @return View
+    */
+    public function destroy($id)
+    {
+        $fieldset = CustomFieldset::find($id);
+
+        if ($fieldset) {
+            $models = AssetModel::where("fieldset_id", "=", $id);
+            if ($models->count() == 0) {
+                $fieldset->delete();
+                return redirect()->route("fields.index")->with("success", trans('admin/custom_fields/message.fieldset.delete.success'));
+            } else {
+                return redirect()->route("fields.index")->with("error", trans('admin/custom_fields/message.fieldset.delete.in_use'));
+            }
+        }
+
+        return redirect()->route("fields.index")->with("error", trans('admin/custom_fields/message.fieldset.does_not_exist'));
+
+
+    }
+
+
+    /**
+    * Associate the custom field with a custom fieldset.
+    *
+    * @author [Brady Wetherington] [<uberbrady@gmail.com>]
+    * @since [v1.8]
+    * @return View
+    */
+    public function associate($id)
+    {
+
+        $set = CustomFieldset::find($id);
+
+        foreach ($set->fields as $field) {
+            if ($field->id == Input::get('field_id')) {
+                return redirect()->route("fieldsets.show", [$id])->withInput()->withErrors(['field_id' => trans('admin/custom_fields/message.field.already_added')]);
+            }
+        }
+
+        $results=$set->fields()->attach(Input::get('field_id'), ["required" => (Input::get('required') == "on"),"order" => Input::get('order')]);
+
+        return redirect()->route("fieldsets.show", [$id])->with("success", trans('admin/custom_fields/message.field.create.assoc_success'));
+    }
+}

app/Http/Controllers/DashboardController.php

@@ -30,53 +30,20 @@ class DashboardController extends Controller
         // Show the page
         if (Auth::user()->hasAccess('admin')) {
 
-            $asset_stats['total'] = Asset::Hardware()->count();
+            $asset_stats=null;
 
-            $asset_stats['rtd']['total'] = Asset::Hardware()->RTD()->count();
+            $counts['asset'] = \App\Models\Asset::count();
+            $counts['accessory'] = \App\Models\Accessory::count();
+            $counts['license'] = \App\Models\License::assetcount();
+            $counts['consumable'] = \App\Models\Consumable::count();
+            $counts['grand_total'] =  $counts['asset'] +  $counts['accessory'] +  $counts['license'] +  $counts['consumable'];
 
-            if ($asset_stats['rtd']['total'] > 0) {
-                $asset_stats['rtd']['percent'] = round(($asset_stats['rtd']['total']/$asset_stats['total']) * 100);
-            } else {
-                $asset_stats['rtd']['percent'] = 0;
+            if ((!file_exists(storage_path().'/oauth-private.key')) || (!file_exists(storage_path().'/oauth-public.key'))) {
+                \Artisan::call('migrate', ['--force' => true]);
+                \Artisan::call('passport:install');
             }
 
-
-            $asset_stats['pending']['total'] = Asset::Hardware()->Pending()->count();
-
-            if ($asset_stats['pending']['total'] > 0) {
-                $asset_stats['pending']['percent'] = round(($asset_stats['pending']['total']/$asset_stats['total']) * 100);
-            } else {
-                $asset_stats['pending']['percent'] = 0;
-            }
-
-
-            $asset_stats['deployed']['total'] = Asset::Hardware()->Deployed()->count();
-
-            if ($asset_stats['deployed']['total'] > 0) {
-                 $asset_stats['deployed']['percent'] = round(($asset_stats['deployed']['total']/$asset_stats['total']) * 100);
-            } else {
-                $asset_stats['deployed']['percent'] = 0;
-            }
-
-
-            $asset_stats['undeployable']['total'] = Asset::Hardware()->Undeployable()->count();
-
-            if ($asset_stats['undeployable']['total'] > 0) {
-                $asset_stats['undeployable']['percent'] = round(($asset_stats['undeployable']['total']/$asset_stats['total']) * 100);
-            } else {
-                $asset_stats['undeployable']['percent'] = 0;
-            }
-
-            $asset_stats['archived']['total'] = Asset::Hardware()->Archived()->count();
-
-            if ($asset_stats['archived']['total'] > 0) {
-                $asset_stats['archived']['percent'] = round(($asset_stats['archived']['total']/$asset_stats['total']) * 100);
-            } else {
-                $asset_stats['archived']['percent'] = 0;
-            }
-
-
-            return View::make('dashboard')->with('asset_stats', $asset_stats);
+            return view('dashboard')->with('asset_stats', $asset_stats)->with('counts', $counts);
         } else {
         // Redirect to the profile page
             return redirect()->intended('account/view-assets');

app/Http/Controllers/DepartmentsController.php

@@ -0,0 +1,193 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use Illuminate\Http\Request;
+use App\Models\Department;
+use App\Helpers\Helper;
+use Auth;
+use Image;
+use App\Http\Requests\ImageUploadRequest;
+
+class DepartmentsController extends Controller
+{
+    public function __construct()
+    {
+        $this->middleware('auth');
+        parent::__construct();
+    }
+
+    /**
+     * Returns a view that invokes the ajax tables which actually contains
+     * the content for the assets listing, which is generated in getDatatable.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @see AssetController::getDatatable() method that generates the JSON response
+     * @since [v4.0]
+     * @return View
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('index', Department::class);
+        $company = null;
+        if ($request->has('company_id')) {
+            $company = Company::find($request->input('company_id'));
+        }
+        return view('departments/index')->with('company', $company);
+    }
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(ImageUploadRequest $request)
+    {
+        $this->authorize('create', Department::class);
+        $department = new Department;
+        $department->fill($request->all());
+        $department->user_id = Auth::user()->id;
+        $department->manager_id = ($request->has('manager_id' ) ? $request->input('manager_id') : null);
+
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = str_random(25).".".$image->getClientOriginalExtension();
+            $path = public_path('uploads/departments/'.$file_name);
+            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+                $constraint->aspectRatio();
+                $constraint->upsize();
+            })->save($path);
+            $department->image = $file_name;
+        }
+
+        if ($department->save()) {
+            return redirect()->route("departments.index")->with('success', trans('admin/departments/message.create.success'));
+        }
+        return redirect()->back()->withInput()->withErrors($department->getErrors());
+    }
+
+    /**
+     * Returns a view that invokes the ajax tables which actually contains
+     * the content for the department detail page.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $id
+     * @since [v4.0]
+     * @return \Illuminate\Contracts\View\View
+     */
+    public function show($id)
+    {
+        $department = Department::find($id);
+
+        if (isset($department->id)) {
+            return view('departments/view', compact('department'));
+        }
+        return redirect()->route('departments.index')->with('error', trans('admin/departments/message.does_not_exist', compact('id')));
+    }
+
+
+    /**
+     * Returns a form view used to create a new department.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @see DepartmentsController::postCreate() method that validates and stores the data
+     * @since [v4.0]
+     * @return \Illuminate\Contracts\View\View
+     */
+    public function create()
+    {
+        return view('departments/edit')->with('item', new Department);
+    }
+
+
+    /**
+     * Validates and deletes selected department.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $locationId
+     * @since [v4.0]
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function destroy($id)
+    {
+        if (is_null($department = Department::find($id))) {
+            return redirect()->to(route('departments.index'))->with('error', trans('admin/departments/message.not_found'));
+        }
+
+        if ($department->users->count() > 0) {
+            return redirect()->to(route('departments.index'))->with('error', trans('admin/departments/message.assoc_users'));
+        }
+
+        $department->delete();
+        return redirect()->back()->with('success', trans('admin/departments/message.delete.success'));
+
+    }
+
+    /**
+     * Makes a form view to edit location information.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @see LocationsController::postCreate() method that validates and stores
+     * @param int $locationId
+     * @since [v1.0]
+     * @return \Illuminate\Contracts\View\View
+     */
+    public function edit($id = null)
+    {
+        if (is_null($item = Department::find($id))) {
+            return redirect()->back()->with('error', trans('admin/locations/message.does_not_exist'));
+        }
+        return view('departments/edit', compact('item'));
+    }
+
+    public function update(ImageUploadRequest $request, $id) {
+
+        $this->authorize('create', Department::class);
+        if (is_null($department = Department::find($id))) {
+            return redirect()->route('departments.index')->with('error', trans('admin/departments/message.does_not_exist'));
+        }
+
+        $department->fill($request->all());
+        $department->manager_id = ($request->has('manager_id' ) ? $request->input('manager_id') : null);
+
+        $old_image = $department->image;
+
+        // Set the model's image property to null if the image is being deleted
+        if ($request->input('image_delete') == 1) {
+            $department->image = null;
+        }
+
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = $department->id.'-'.str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
+
+            if ($image->getClientOriginalExtension()!='svg') {
+                Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
+                    $constraint->aspectRatio();
+                    $constraint->upsize();
+                })->save(app('departments_upload_path').$file_name);
+            } else {
+                $image->move(app('departments_upload_path'), $file_name);
+            }
+            $department->image = $file_name;
+
+        }
+
+        if ((($request->file('image')) && (isset($old_image)) && ($old_image!='')) || ($request->input('image_delete') == 1)) {
+            try  {
+                unlink(app('departments_upload_path').$old_image);
+            } catch (\Exception $e) {
+                \Log::error($e);
+            }
+        }
+
+        if ($department->save()) {
+            return redirect()->route("departments.index")->with('success', trans('admin/departments/message.update.success'));
+        }
+        return redirect()->back()->withInput()->withErrors($department->getErrors());
+    }
+}

app/Http/Controllers/DepreciationsController.php

@@ -1,7 +1,7 @@
 <?php
 namespace App\Http\Controllers;
 
-use Input;
+use App\Helpers\Helper;
 use Lang;
 use App\Models\Depreciation;
 use Redirect;
@@ -10,6 +10,7 @@ use DB;
 use Str;
 use View;
 use Auth;
+use Illuminate\Http\Request;
 
 /**
  * This controller handles all actions related to Depreciations for
@@ -26,12 +27,12 @@ class DepreciationsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net]
     * @see DepreciationsController::getDatatable() method that generates the JSON response
     * @since [v1.0]
-    * @return View
-    */
-    public function getIndex()
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function index()
     {
         // Show the page
-        return View::make('depreciations/index', compact('depreciations'));
+        return view('depreciations/index', compact('depreciations'));
     }
 
 
@@ -41,45 +42,39 @@ class DepreciationsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net]
     * @see DepreciationsController::postCreate()
     * @since [v1.0]
-    * @return View
-    */
-    public function getCreate()
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function create()
     {
         // Show the page
-        return View::make('depreciations/edit')->with('item', new Depreciation);
+        return view('depreciations/edit')->with('item', new Depreciation);
     }
 
 
     /**
-    * Validates and stores the new depreciation data.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net]
-    * @see DepreciationsController::postCreate()
-    * @since [v1.0]
-    * @return Redirect
-    */
-    public function postCreate()
+     * Validates and stores the new depreciation data.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net]
+     * @see DepreciationsController::postCreate()
+     * @since [v1.0]
+     * @param Request $request
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function store(Request $request)
     {
-
-      // get the POST data
-        $new = Input::all();
-
-      // create a new instance
+        // create a new instance
         $depreciation = new Depreciation();
+        // Depreciation data
+        $depreciation->name             = $request->input('name');
+        $depreciation->months           = $request->input('months');
+        $depreciation->user_id          = Auth::id();
 
-      // Depreciation data
-        $depreciation->name            = e(Input::get('name'));
-        $depreciation->months    = e(Input::get('months'));
-        $depreciation->user_id          = Auth::user()->id;
-
-      // Was the asset created?
+        // Was the asset created?
         if ($depreciation->save()) {
             // Redirect to the new depreciation  page
-            return redirect()->to("admin/settings/depreciations")->with('success', trans('admin/depreciations/message.create.success'));
+            return redirect()->route('depreciations.index')->with('success', trans('admin/depreciations/message.create.success'));
         }
-
         return redirect()->back()->withInput()->withErrors($depreciation->getErrors());
-
     }
 
     /**
@@ -89,138 +84,95 @@ class DepreciationsController extends Controller
     * @see DepreciationsController::postEdit()
     * @param int $depreciationId
     * @since [v1.0]
-    * @return View
-    */
-    public function getEdit($depreciationId = null)
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function edit($depreciationId = null)
     {
         // Check if the depreciation exists
         if (is_null($item = Depreciation::find($depreciationId))) {
             // Redirect to the blogs management page
-            return redirect()->to('admin/settings/depreciations')->with('error', trans('admin/depreciations/message.does_not_exist'));
+            return redirect()->route('depreciations.index')->with('error', trans('admin/depreciations/message.does_not_exist'));
         }
 
-        return View::make('depreciations/edit', compact('item'));
+        return view('depreciations/edit', compact('item'));
     }
 
 
     /**
-    * Validates and stores the updated depreciation data.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net]
-    * @see DepreciationsController::getEdit()
-    * @param int $depreciationId
-    * @since [v1.0]
-    * @return Redirect
-    */
-    public function postEdit($depreciationId = null)
+     * Validates and stores the updated depreciation data.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net]
+     * @see DepreciationsController::getEdit()
+     * @param Request $request
+     * @param int $depreciationId
+     * @return \Illuminate\Http\RedirectResponse
+     * @since [v1.0]
+     */
+    public function update(Request $request, $depreciationId = null)
     {
         // Check if the depreciation exists
         if (is_null($depreciation = Depreciation::find($depreciationId))) {
             // Redirect to the blogs management page
-            return redirect()->to('admin/settings/depreciations')->with('error', trans('admin/depreciations/message.does_not_exist'));
+            return redirect()->route('depreciations.index')->with('error', trans('admin/depreciations/message.does_not_exist'));
         }
 
         // Depreciation data
-        $depreciation->name      = e(Input::get('name'));
-        $depreciation->months    = e(Input::get('months'));
+        $depreciation->name      = $request->input('name');
+        $depreciation->months    = $request->input('months');
 
         // Was the asset created?
         if ($depreciation->save()) {
             // Redirect to the depreciation page
-            return redirect()->to("admin/settings/depreciations/")->with('success', trans('admin/depreciations/message.update.success'));
+            return redirect()->route("depreciations.index")->with('success', trans('admin/depreciations/message.update.success'));
         }
-
         return redirect()->back()->withInput()->withErrors($depreciation->getErrors());
-
-
     }
 
     /**
-    * Validates and deletes a selected depreciation.
-    *
-    * This is a hard-delete. We do not currently soft-delete depreciations.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net]
-    * @since [v1.0]
-    * @return Redirect
-    */
-    public function getDelete($depreciationId)
+     * Validates and deletes a selected depreciation.
+     *
+     * This is a hard-delete. We do not currently soft-delete depreciations.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net]
+     * @since [v1.0]
+     * @param integer $depreciationId
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function destroy($depreciationId)
     {
         // Check if the depreciation exists
         if (is_null($depreciation = Depreciation::find($depreciationId))) {
-            // Redirect to the blogs management page
-            return redirect()->to('admin/settings/depreciations')->with('error', trans('admin/depreciations/message.not_found'));
+            return redirect()->route('depreciations.index')->with('error', trans('admin/depreciations/message.not_found'));
         }
 
         if ($depreciation->has_models() > 0) {
-
             // Redirect to the asset management page
-            return redirect()->to('admin/settings/depreciations')->with('error', trans('admin/depreciations/message.assoc_users'));
-        } else {
-
-            $depreciation->delete();
-
-            // Redirect to the depreciations management page
-            return redirect()->to('admin/settings/depreciations')->with('success', trans('admin/depreciations/message.delete.success'));
+            return redirect()->route('depreciations.index')->with('error', trans('admin/depreciations/message.assoc_users'));
         }
 
+        $depreciation->delete();
+        // Redirect to the depreciations management page
+        return redirect()->route('depreciations.index')->with('success', trans('admin/depreciations/message.delete.success'));
     }
 
-
     /**
-    * Generates the JSON used to display the depreciation listing.
-    *
-    * @see DepreciationsController::getIndex()
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @param  string  $status
-    * @since [v1.2]
-    * @return String JSON
-    */
-    public function getDatatable()
+     * Returns a view that displays a form to display depreciation listing
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net]
+     * @see DepreciationsController::postEdit()
+     * @param int $depreciationId
+     * @since [v1.0]
+     * @return \Illuminate\Contracts\View\View
+     */
+    public function show($id)
     {
-        $depreciations = Depreciation::select(array('id','name','months'));
-
-        if (Input::has('search')) {
-            $depreciations = $depreciations->TextSearch(e(Input::get('search')));
+        if (is_null($depreciation = Depreciation::find($id))) {
+            // Redirect to the blogs management page
+            return redirect()->route('depreciations.index')->with('error', trans('admin/depreciations/message.does_not_exist'));
         }
 
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
-        }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-        $allowed_columns = ['id','name','months'];
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
-
-        $depreciations->orderBy($sort, $order);
-
-        $depreciationsCount = $depreciations->count();
-        $depreciations = $depreciations->skip($offset)->take($limit)->get();
-
-        $rows = array();
-
-        foreach ($depreciations as $depreciation) {
-            $actions = '<a href="'.route('update/depreciations', $depreciation->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/depreciations', $depreciation->id).'" data-content="'.trans('admin/depreciations/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($depreciation->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
-
-            $rows[] = array(
-                'id'            => $depreciation->id,
-                'name'          => e($depreciation->name),
-                'months'        => e($depreciation->months),
-                'actions'       => $actions
-            );
-        }
-
-        $data = array('total' => $depreciationsCount, 'rows' => $rows);
-
-        return $data;
-
+        return view('depreciations/view', compact('depreciation'));
     }
+
+
 }

app/Http/Controllers/GroupsController.php

@@ -26,12 +26,12 @@ class GroupsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net]
     * @see GroupsController::getDatatable() method that generates the JSON response
     * @since [v1.0]
-    * @return View
-    */
-    public function getIndex()
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function index()
     {
         // Show the page
-        return View::make('groups/index', compact('groups'));
+        return view('groups/index', compact('groups'));
     }
 
     /**
@@ -40,18 +40,18 @@ class GroupsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net]
     * @see GroupsController::postCreate()
     * @since [v1.0]
-    * @return View
-    */
-    public function getCreate()
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function create()
     {
         $group = new Group;
         // Get all the available permissions
         $permissions = config('permissions');
-        $groupPermissions = array();
+        $groupPermissions = Helper::selectedPermissionsArray($permissions, $permissions);
         $selectedPermissions = Input::old('permissions', $groupPermissions);
 
         // Show the page
-        return View::make('groups/edit', compact('permissions', 'selectedPermissions', 'groupPermissions'))->with('group', $group);
+        return view('groups/edit', compact('permissions', 'selectedPermissions', 'groupPermissions'))->with('group', $group);
     }
 
     /**
@@ -60,9 +60,9 @@ class GroupsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net]
     * @see GroupsController::getCreate()
     * @since [v1.0]
-    * @return Redirect
-    */
-    public function postCreate()
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function store()
     {
         // create a new group instance
         $group = new Group();
@@ -70,12 +70,9 @@ class GroupsController extends Controller
         $group->permissions = json_encode(Input::get('permission'));
 
         if ($group->save()) {
-            return redirect()->to("admin/groups")->with('success', trans('admin/groups/message.success.create'));
+            return redirect()->route("groups.index")->with('success', trans('admin/groups/message.success.create'));
         }
-
-        return redirect()->back()->withInput()->withErrors($group->getErrors());
-
-
+        return redirect(route('groups.create'))->withInput()->withErrors($group->getErrors());
     }
 
     /**
@@ -85,15 +82,20 @@ class GroupsController extends Controller
     * @see GroupsController::postEdit()
     * @param int $id
     * @since [v1.0]
-    * @return View
-    */
-    public function getEdit($id = null)
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function edit($id)
     {
         $group = Group::find($id);
-        $permissions = config('permissions');
-        $groupPermissions = $group->decodePermissions();
-        $selected_array = Helper::selectedPermissionsArray($permissions, $groupPermissions);
-        return View::make('groups/edit', compact('group', 'permissions', 'selected_array', 'groupPermissions'));
+
+        if ($group) {
+            $permissions = config('permissions');
+            $groupPermissions = $group->decodePermissions();
+            $selected_array = Helper::selectedPermissionsArray($permissions, $groupPermissions);
+            return view('groups.edit', compact('group', 'permissions', 'selected_array', 'groupPermissions'));
+        }
+
+        return redirect()->route('groups.index')->with('error', trans('admin/groups/message.group_not_found'));
     }
 
     /**
@@ -103,30 +105,24 @@ class GroupsController extends Controller
     * @see GroupsController::getEdit()
     * @param int $id
     * @since [v1.0]
-    * @return Redirect
-    */
-    public function postEdit($id = null)
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function update($id = null)
     {
         $permissions = config('permissions');
         if (!$group = Group::find($id)) {
             return redirect()->route('groups')->with('error', trans('admin/groups/message.group_not_found', compact('id')));
-
         }
         $group->name = e(Input::get('name'));
         $group->permissions = json_encode(Input::get('permission'));
 
-
         if (!config('app.lock_passwords')) {
-
             if ($group->save()) {
-                return redirect()->to("admin/groups")->with('success', trans('admin/groups/message.success.update'));
+                return redirect()->route('groups.index')->with('success', trans('admin/groups/message.success.update'));
             }
             return redirect()->back()->withInput()->withErrors($group->getErrors());
-
-        } else {
-            return redirect()->route('update/group', $id)->withInput()->with('error', 'Denied! Editing groups is not allowed in the demo.');
         }
-
+        return redirect()->route('groups.index')->with('error', trans('general.feature_disabled'));
     }
 
     /**
@@ -136,103 +132,39 @@ class GroupsController extends Controller
     * @see GroupsController::getEdit()
     * @param int $id
     * @since [v1.0]
-    * @return Redirect
-    */
-    public function getDelete($id = null)
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function destroy($id = null)
     {
         if (!config('app.lock_passwords')) {
-            try {
-                // Get group information
-                $group = Group::find($id);
-                $group->delete();
-
-                // Redirect to the group management page
-                return redirect()->route('groups')->with('success', trans('admin/groups/message.success.delete'));
-            } catch (GroupNotFoundException $e) {
-                // Redirect to the group management page
+            if (!$group = Group::find($id)) {
                 return redirect()->route('groups')->with('error', trans('admin/groups/message.group_not_found', compact('id')));
             }
-        } else {
-            return redirect()->route('groups')->with('error', trans('general.feature_disabled'));
+            $group->delete();
+            // Redirect to the group management page
+            return redirect()->route('groups.index')->with('success', trans('admin/groups/message.success.delete'));
         }
+        return redirect()->route('groups.index')->with('error', trans('general.feature_disabled'));
     }
 
-
     /**
-    * Generates the JSON used to display the User Group listing.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @since [v2.0]
-    * @return String JSON
-    */
-    public function getDatatable()
+     * Returns a view that invokes the ajax tables which actually contains
+     * the content for the group detail page.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $locationId
+     * @since [v4.0.11]
+     * @return \Illuminate\Contracts\View\View
+     */
+    public function show($id)
     {
+        $group = Group::find($id);
 
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
+        if ($group) {
+            return view('groups/view', compact('group'));
         }
 
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-        if (Input::get('sort')=='name') {
-            $sort = 'first_name';
-        } else {
-            $sort = e(Input::get('sort'));
-        }
-
-        // Grab all the groups
-        $groups = Group::with('users')->orderBy('name', 'ASC');
-        //$users = Company::scopeCompanyables($users);
-
-        if (Input::has('search')) {
-            $groups = $users->TextSearch(e(Input::get('search')));
-        }
-
-         $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-
-        $allowed_columns =
-         [
-           'name','created_at'
-         ];
-
-        $sort = in_array($sort, $allowed_columns) ? $sort : 'name';
-        $groups = $groups->orderBy($sort, $order);
-
-        $groupsCount = $groups->count();
-        $groups = $groups->skip($offset)->take($limit)->get();
-        $rows = array();
-
-        foreach ($groups as $group) {
-            $group_names = '';
-            $inout = '';
-            $actions = '<nobr>';
-
-            $actions .= '<a href="' . route('update/group', $group->id) . '" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> ';
-
-            if (!config('app.lock_passwords')) {
-                  $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/group', $group->id) . '" data-content="'.trans('admin/groups/message.delete.confirm').'" data-title="Delete ' . htmlspecialchars($group->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a> ';
-            } else {
-                $actions .= ' <span class="btn delete-asset btn-danger btn-sm disabled"><i class="fa fa-trash icon-white"></i></span>';
-            }
-
-            $actions .= '</nobr>';
-
-            $rows[] = array(
-                'id'         => $group->id,
-                'name'        => $group->name,
-                'users'         => $group->users->count(),
-                'created_at'        => $group->created_at->format('Y-m-d'),
-                'actions'       => ($actions) ? $actions : '',
-            );
-        }
-
-        $data = array('total'=>$groupsCount, 'rows'=>$rows);
-        return $data;
+        return redirect()->route('groups.index')->with('error', trans('admin/groups/message.group_not_found', compact('id')));
     }
+
 }

app/Http/Controllers/ImportsController.php

@@ -0,0 +1,20 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Http\Transformers\ImportsTransformer;
+use App\Models\Import;
+use Illuminate\Http\Request;
+use App\Models\Asset;
+
+
+class ImportsController extends Controller
+{
+    public function index()
+    {
+        $this->authorize('create', Asset::class);
+        $imports = Import::latest()->get();
+        $imports = (new ImportsTransformer)->transformImports($imports);
+        return view('importer/import')->with('imports', $imports);
+    }
+}

app/Http/Controllers/LocationsController.php

@@ -1,9 +1,11 @@
 <?php
 namespace App\Http\Controllers;
 
+use App\Helpers\Helper;
 use Input;
 use Lang;
 use App\Models\Location;
+use phpDocumentor\Reflection\Types\Array_;
 use Redirect;
 use App\Models\Setting;
 use App\Models\User;
@@ -14,6 +16,8 @@ use Validator;
 use View;
 use Auth;
 use Symfony\Component\HttpFoundation\JsonResponse;
+use Image;
+use App\Http\Requests\ImageUploadRequest;
 
 /**
  * This controller handles all actions related to Locations for
@@ -31,15 +35,16 @@ class LocationsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @see LocationsController::getDatatable() method that generates the JSON response
     * @since [v1.0]
-    * @return View
-    */
-    public function getIndex()
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function index()
     {
         // Grab all the locations
+        $this->authorize('view', Location::class);
         $locations = Location::orderBy('created_at', 'DESC')->with('parent', 'assets', 'assignedassets')->get();
 
         // Show the page
-        return View::make('locations/index', compact('locations'));
+        return view('locations/index', compact('locations'));
     }
 
 
@@ -49,19 +54,20 @@ class LocationsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @see LocationsController::postCreate() method that validates and stores the data
     * @since [v1.0]
-    * @return View
-    */
-    public function getCreate()
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function create()
     {
+        $this->authorize('create', Location::class);
         $locations = Location::orderBy('name', 'ASC')->get();
 
         $location_options_array = Location::getLocationHierarchy($locations);
         $location_options = Location::flattenLocationsArray($location_options_array);
         $location_options = array('' => 'Top Level') + $location_options;
 
-        return View::make('locations/edit')
-        ->with('location_options', $location_options)
-        ->with('item', new Location);
+        return view('locations/edit')
+            ->with('location_options', $location_options)
+            ->with('item', new Location);
     }
 
 
@@ -72,38 +78,40 @@ class LocationsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @see LocationsController::getCreate() method that makes the form
     * @since [v1.0]
-    * @return Redirect
-    */
-    public function postCreate()
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function store(ImageUploadRequest $request)
     {
-
-    // create a new location instance
+        $this->authorize('create', Location::class);
         $location = new Location();
+        $location->name             = $request->input('name');
+        $location->parent_id        = $request->input('parent_id', null);
+        $location->currency         = $request->input('currency', '$');
+        $location->address          = $request->input('address');
+        $location->address2         = $request->input('address2');
+        $location->city             = $request->input('city');
+        $location->state            = $request->input('state');
+        $location->country          = $request->input('country');
+        $location->zip              = $request->input('zip');
+        $location->ldap_ou          = $request->input('ldap_ou');
+        $location->manager_id       = $request->input('manager_id');
+        $location->user_id          = Auth::id();
 
-
-    // Save the location data
-        $location->name             = e(Input::get('name'));
-        if (Input::get('parent_id')=='') {
-            $location->parent_id        = null;
-        } else {
-            $location->parent_id        = e(Input::get('parent_id'));
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = str_random(25).".".$image->getClientOriginalExtension();
+            $path = public_path('uploads/locations/'.$file_name);
+            Image::make($image->getRealPath())->resize(600, null, function ($constraint) {
+                $constraint->aspectRatio();
+                $constraint->upsize();
+            })->save($path);
+            $location->image = $file_name;
         }
-        $location->currency             = e(Input::get('currency', '$'));
-        $location->address          = e(Input::get('address'));
-        $location->address2             = e(Input::get('address2'));
-        $location->city             = e(Input::get('city'));
-        $location->state            = e(Input::get('state'));
-        $location->country          = e(Input::get('country'));
-        $location->zip              = e(Input::get('zip'));
-        $location->user_id          = Auth::user()->id;
 
         if ($location->save()) {
-            // Redirect to the new location  page
-            return redirect()->to("admin/settings/locations")->with('success', trans('admin/locations/message.create.success'));
+            return redirect()->route("locations.index")->with('success', trans('admin/locations/message.create.success'));
         }
-
         return redirect()->back()->withInput()->withErrors($location->getErrors());
-
     }
 
     /**
@@ -115,35 +123,31 @@ class LocationsController extends Controller
     * @since [v1.0]
     * @return String JSON
     */
-    public function store()
+    public function apiStore(Request $request)
     {
-
+        $this->authorize('create', Location::class);
         $new['currency']=Setting::first()->default_currency;
 
         // create a new location instance
         $location = new Location();
 
         // Save the location data
-        $location->name               = e(Input::get('name'));
+        $location->name               = $request->input('name');
         $location->currency           =  Setting::first()->default_currency; //e(Input::get('currency'));
         $location->address            = ''; //e(Input::get('address'));
         // $location->address2			= e(Input::get('address2'));
-        $location->city               = e(Input::get('city'));
+        $location->city               = $request->input('city');
         $location->state          = '';//e(Input::get('state'));
-        $location->country            = e(Input::get('country'));
+        $location->country            = $request->input('country');
         // $location->zip    			= e(Input::get('zip'));
-        $location->user_id          = Auth::user()->id;
+        $location->user_id          = Auth::id();
 
         // Was the location created?
         if ($location->save()) {
             return JsonResponse::create($location);
-
         }
-
         // failure
-        $errors = $location->errors();
         return JsonResponse::create(["error" => "Failed validation: ".print_r($location->getErrors(), true)], 500);
-
     }
 
 
@@ -154,13 +158,14 @@ class LocationsController extends Controller
     * @see LocationsController::postCreate() method that validates and stores
     * @param int $locationId
     * @since [v1.0]
-    * @return View
-    */
-    public function getEdit($locationId = null)
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function edit($locationId = null)
     {
+        $this->authorize('edit', Location::class);
         // Check if the location exists
         if (is_null($item = Location::find($locationId))) {
-            return redirect()->to('admin/settings/locations')->with('error', trans('admin/locations/message.does_not_exist'));
+            return redirect()->route('locations.index')->with('error', trans('admin/locations/message.does_not_exist'));
         }
 
         // Show the page
@@ -169,7 +174,9 @@ class LocationsController extends Controller
         $location_options = Location::flattenLocationsArray($location_options_array);
         $location_options = array('' => 'Top Level') + $location_options;
 
-        return View::make('locations/edit', compact('item'))->with('location_options', $location_options);
+        return view('locations/edit', compact('item'))
+            ->with('location_options', $location_options)
+            ->with('manager_list', Helper::managerList());
     }
 
 
@@ -180,40 +187,65 @@ class LocationsController extends Controller
     * @see LocationsController::getEdit() method that makes the form view
     * @param int $locationId
     * @since [v1.0]
-    * @return Redirect
-    */
-    public function postEdit($locationId = null)
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function update(ImageUploadRequest $request, $locationId = null)
     {
+        $this->authorize('edit', Location::class);
         // Check if the location exists
         if (is_null($location = Location::find($locationId))) {
-            // Redirect to the blogs management page
-            return redirect()->to('admin/settings/locations')->with('error', trans('admin/locations/message.does_not_exist'));
+            return redirect()->route('locations.index')->with('error', trans('admin/locations/message.does_not_exist'));
         }
 
         // Update the location data
-        $location->name         = e(Input::get('name'));
-        if (Input::get('parent_id')=='') {
-            $location->parent_id        = null;
-        } else {
-            $location->parent_id        = e(Input::get('parent_id', ''));
-        }
-        $location->currency             = e(Input::get('currency', '$'));
-        $location->address          = e(Input::get('address'));
-        $location->address2             = e(Input::get('address2'));
-        $location->city             = e(Input::get('city'));
-        $location->state            = e(Input::get('state'));
-        $location->country      = e(Input::get('country'));
-        $location->zip            = e(Input::get('zip'));
+        $location->name         = $request->input('name');
+        $location->parent_id    = $request->input('parent_id', null);
+        $location->currency     = $request->input('currency', '$');
+        $location->address      = $request->input('address');
+        $location->address2     = $request->input('address2');
+        $location->city         = $request->input('city');
+        $location->state        = $request->input('state');
+        $location->country      = $request->input('country');
+        $location->zip          = $request->input('zip');
+        $location->ldap_ou      = $request->input('ldap_ou');
+        $location->manager_id   = $request->input('manager_id');
+
+        $old_image = $location->image;
+
+        // Set the model's image property to null if the image is being deleted
+        if ($request->input('image_delete') == 1) {
+            $location->image = null;
+        }
+
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = $location->id.'-'.str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
+
+            if ($image->getClientOriginalExtension()!='svg') {
+                Image::make($image->getRealPath())->resize(600, null, function ($constraint) {
+                    $constraint->aspectRatio();
+                    $constraint->upsize();
+                })->save(app('locations_upload_path').$file_name);
+            } else {
+                $image->move(app('locations_upload_path'), $file_name);
+            }
+            $location->image = $file_name;
+
+        }
+
+        if ((($request->file('image')) && (isset($old_image)) && ($old_image!='')) || ($request->input('image_delete') == 1)) {
+            try  {
+                unlink(app('locations_upload_path').$old_image);
+            } catch (\Exception $e) {
+                \Log::error($e);
+            }
+        }
+
 
-        // Was the asset created?
         if ($location->save()) {
-          // Redirect to the saved location page
-            return redirect()->to("admin/settings/locations/")->with('success', trans('admin/locations/message.update.success'));
+            return redirect()->route("locations.index")->with('success', trans('admin/locations/message.update.success'));
         }
-
-        // Redirect to the location management page
         return redirect()->back()->withInput()->withInput()->withErrors($location->getErrors());
-
     }
 
     /**
@@ -222,32 +254,31 @@ class LocationsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param int $locationId
     * @since [v1.0]
-    * @return Redirect
-    */
-    public function getDelete($locationId)
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function destroy($locationId)
     {
-        // Check if the location exists
+        $this->authorize('delete', Location::class);
         if (is_null($location = Location::find($locationId))) {
-            // Redirect to the blogs management page
-            return redirect()->to('admin/settings/locations')->with('error', trans('admin/locations/message.not_found'));
+            return redirect()->to(route('locations.index'))->with('error', trans('admin/locations/message.not_found'));
         }
 
-
         if ($location->users->count() > 0) {
-            return redirect()->to('admin/settings/locations')->with('error', trans('admin/locations/message.assoc_users'));
+            return redirect()->to(route('locations.index'))->with('error', trans('admin/locations/message.assoc_users'));
+
         } elseif ($location->childLocations->count() > 0) {
-            return redirect()->to('admin/settings/locations')->with('error', trans('admin/locations/message.assoc_child_loc'));
+            return redirect()->to(route('locations.index'))->with('error', trans('admin/locations/message.assoc_child_loc'));
+
         } elseif ($location->assets->count() > 0) {
-            return redirect()->to('admin/settings/locations')->with('error', trans('admin/locations/message.assoc_assets'));
+            return redirect()->to(route('locations.index'))->with('error', trans('admin/locations/message.assoc_assets'));
+
         } elseif ($location->assignedassets->count() > 0) {
-            return redirect()->to('admin/settings/locations')->with('error', trans('admin/locations/message.assoc_assets'));
+            return redirect()->to(route('locations.index'))->with('error', trans('admin/locations/message.assoc_assets'));
+
         } else {
             $location->delete();
-            return redirect()->to('admin/settings/locations')->with('success', trans('admin/locations/message.delete.success'));
+            return redirect()->to(route('locations.index'))->with('success', trans('admin/locations/message.delete.success'));
         }
-
-
-
     }
 
 
@@ -256,178 +287,19 @@ class LocationsController extends Controller
     * the content for the locations detail page.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see LocationsController::getDataViewUsers() method that returns JSON for location users
-    * @see LocationsController::getDataViewAssets() method that returns JSON for location assets
     * @param int $locationId
     * @since [v1.0]
-    * @return View
-    */
-    public function getView($locationId = null)
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function show($locationId = null)
     {
         $location = Location::find($locationId);
 
         if (isset($location->id)) {
-                return View::make('locations/view', compact('location'));
-        } else {
-            // Prepare the error message
-            $error = trans('admin/locations/message.does_not_exist', compact('id'));
-
-            // Redirect to the user management page
-            return redirect()->route('locations')->with('error', $error);
+            return view('locations/view', compact('location'));
         }
 
-
+        return redirect()->route('locations.index')->with('error', trans('admin/locations/message.does_not_exist', compact('id')));
     }
 
-
-    /**
-    * Returns the JSON response to populate the bootstrap tables on the locationa view.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see LocationsController::getIndex() method that returns JSON for location index
-    * @since [v1.0]
-    * @return View
-    */
-    public function getDatatable()
-    {
-        $locations = Location::select(array('locations.id','locations.name','locations.address','locations.address2','locations.city','locations.state','locations.zip','locations.country','locations.parent_id','locations.currency'))->with('assets');
-
-
-        if (Input::has('search')) {
-            $locations = $locations->TextSearch(e(Input::get('search')));
-        }
-
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
-        }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-
-
-
-        switch (Input::get('sort')) {
-            case 'parent':
-                $locations = $locations->OrderParent($order);
-                break;
-            default:
-                $allowed_columns = ['id','name','address','city','state','country','currency','zip'];
-
-                $sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
-                $locations = $locations->orderBy($sort, $order);
-                break;
-        }
-
-
-        $locationsCount = $locations->count();
-        $locations = $locations->skip($offset)->take($limit)->get();
-
-        $rows = array();
-
-        foreach ($locations as $location) {
-            $actions = '<nobr><a href="'.route('update/location', $location->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/location', $location->id).'" data-content="'.trans('admin/locations/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($location->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></nobr>';
-
-            $rows[] = array(
-                'id'            => $location->id,
-                'name'          => (string)link_to('admin/settings/locations/'.$location->id.'/view', e($location->name)),
-                'parent'        => ($location->parent) ? e($location->parent->name) : '',
-              //  'assets'        => ($location->assets->count() + $location->assignedassets->count()),
-                'assets_default' => $location->assignedassets->count(),
-                'assets_checkedout' => $location->assets->count(),
-                'address'       => ($location->address) ? e($location->address): '',
-                'city'          => e($location->city),
-                'state'         => e($location->state),
-                'zip'           => e($location->zip),
-                'country'       => e($location->country),
-                'currency'      => e($location->currency),
-                'actions'       => $actions
-            );
-        }
-
-        $data = array('total' => $locationsCount, 'rows' => $rows);
-
-        return $data;
-
-    }
-
-
-    /**
-    * Returns a JSON response that contains the users association with the
-    * selected location, to be used by the location detail view.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see LocationsController::getView() method that creates the display view
-    * @param int $locationId
-    * @since [v1.8]
-    * @return View
-    */
-    public function getDataViewUsers($locationID)
-    {
-        $location = Location::find($locationID);
-        $users = User::where('location_id', '=', $location->id);
-
-        if (Input::has('search')) {
-            $users = $users->TextSearch(e(Input::get('search')));
-        }
-
-        $users = $users->get();
-        $rows = array();
-
-        foreach ($users as $user) {
-            $rows[] = array(
-              'name' => (string)link_to('/admin/users/'.$user->id.'/view', e($user->fullName()))
-              );
-        }
-
-        $data = array('total' => $users->count(), 'rows' => $rows);
-
-        return $data;
-    }
-
-
-    /**
-    * Returns a JSON response that contains the assets association with the
-    * selected location, to be used by the location detail view.
-    *
-    * @todo This is broken for accessories and consumables.
-    * @todo This is a very naive implementation. Should clean this up with query scopes.
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see LocationsController::getView() method that creates the display view
-    * @param int $locationID
-    * @since [v1.8]
-    * @return View
-    */
-    public function getDataViewAssets($locationID)
-    {
-        $location = Location::find($locationID)->load('assignedassets.model');
-        $assets = Asset::AssetsByLocation($location);
-
-        if (Input::has('search')) {
-            $assets = $assets->TextSearch(e(Input::get('search')));
-        }
-
-        $assets = $assets->get();
-
-        $rows = array();
-
-        foreach ($assets as $asset) {
-            $rows[] = array(
-            'name' => (string)link_to(config('app.url').'/hardware/'.$asset->id.'/view', e($asset->showAssetName())),
-            'asset_tag' => e($asset->asset_tag),
-            'serial' => e($asset->serial),
-            'model' => e($asset->model->name),
-            );
-        }
-
-        $data = array('total' => $assets->count(), 'rows' => $rows);
-        return $data;
-
-    }
 }

app/Http/Controllers/ManufacturersController.php

@@ -1,16 +1,20 @@
 <?php
 namespace App\Http\Controllers;
 
-use App\Models\Company;
+use App\Helpers\Helper;
+use App\Http\Requests\ImageUploadRequest;
+use App\Models\CustomField;
 use App\Models\Manufacturer;
-use App\Models\Setting;
 use Auth;
+use Exception;
 use Gate;
 use Input;
 use Lang;
 use Redirect;
 use Str;
 use View;
+use Illuminate\Http\Request;
+use Image;
 
 /**
  * This controller handles all actions related to Manufacturers for
@@ -25,14 +29,14 @@ class ManufacturersController extends Controller
     * the content for the manufacturers listing, which is generated in getDatatable.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see ManufacturersController::getDatatable() method that generates the JSON response
+    * @see Api\ManufacturersController::index() method that generates the JSON response
     * @since [v1.0]
-    * @return View
-    */
-    public function getIndex()
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function index()
     {
-        // Show the page
-        return View::make('manufacturers/index', compact('manufacturers'));
+        $this->authorize('index', Manufacturer::class);
+        return view('manufacturers/index', compact('manufacturers'));
     }
 
 
@@ -40,89 +44,141 @@ class ManufacturersController extends Controller
     * Returns a view that displays a form to create a new manufacturer.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see ManufacturersController::postCreate()
+    * @see ManufacturersController::store()
     * @since [v1.0]
-    * @return View
-    */
-    public function getCreate()
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function create()
     {
-        return View::make('manufacturers/edit')->with('item', new Manufacturer);
+        $this->authorize('create', Manufacturer::class);
+        return view('manufacturers/edit')->with('item', new Manufacturer);
     }
 
 
     /**
-    * Validates and stores the data for a new manufacturer.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see ManufacturersController::postCreate()
-    * @since [v1.0]
-    * @return Redirect
-    */
-    public function postCreate()
+     * Validates and stores the data for a new manufacturer.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @see ManufacturersController::create()
+     * @since [v1.0]
+     * @param Request $request
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function store(ImageUploadRequest $request)
     {
-        $manufacturer = new Manufacturer;
-        $manufacturer->name            = e(Input::get('name'));
-        $manufacturer->user_id          = Auth::user()->id;
 
-        if ($manufacturer->save()) {
-            return redirect()->to("admin/settings/manufacturers")->with('success', trans('admin/manufacturers/message.create.success'));
+        $this->authorize('create', Manufacturer::class);
+        $manufacturer = new Manufacturer;
+        $manufacturer->name            = $request->input('name');
+        $manufacturer->user_id          = Auth::user()->id;
+        $manufacturer->url     = $request->input('url');
+        $manufacturer->support_url     = $request->input('support_url');
+        $manufacturer->support_phone    = $request->input('support_phone');
+        $manufacturer->support_email    = $request->input('support_email');
+
+
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = str_slug($image->getClientOriginalName()).".".$image->getClientOriginalExtension();
+            $path = public_path('uploads/manufacturers/'.$file_name);
+            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
+                $constraint->aspectRatio();
+                $constraint->upsize();
+            })->save($path);
+            $manufacturer->image = $file_name;
         }
 
-        return redirect()->back()->withInput()->withErrors($manufacturer->getErrors());
 
+
+        if ($manufacturer->save()) {
+            return redirect()->route('manufacturers.index')->with('success', trans('admin/manufacturers/message.create.success'));
+        }
+        return redirect()->back()->withInput()->withErrors($manufacturer->getErrors());
     }
 
     /**
     * Returns a view that displays a form to edit a manufacturer.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see ManufacturersController::postEdit()
+    * @see ManufacturersController::update()
     * @param int $manufacturerId
     * @since [v1.0]
-    * @return View
-    */
-    public function getEdit($manufacturerId = null)
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function edit($id = null)
     {
+        $this->authorize('edit', Manufacturer::class);
         // Check if the manufacturer exists
-        if (is_null($item = Manufacturer::find($manufacturerId))) {
-            // Redirect to the manufacturer  page
-            return redirect()->to('admin/settings/manufacturers')->with('error', trans('admin/manufacturers/message.does_not_exist'));
+        if (is_null($item = Manufacturer::find($id))) {
+            return redirect()->route('manufacturers.index')->with('error', trans('admin/manufacturers/message.does_not_exist'));
         }
-
         // Show the page
-        return View::make('manufacturers/edit', compact('item'));
+        return view('manufacturers/edit', compact('item'));
     }
 
 
     /**
-    * Validates and stores the updated manufacturer data.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see ManufacturersController::getEdit()
-    * @param int $manufacturerId
-    * @since [v1.0]
-    * @return View
-    */
-    public function postEdit($manufacturerId = null)
+     * Validates and stores the updated manufacturer data.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @see ManufacturersController::getEdit()
+     * @param Request $request
+     * @param int $manufacturerId
+     * @return \Illuminate\Http\RedirectResponse
+     * @since [v1.0]
+     */
+    public function update(ImageUploadRequest $request, $manufacturerId = null)
     {
+        $this->authorize('edit', Manufacturer::class);
         // Check if the manufacturer exists
         if (is_null($manufacturer = Manufacturer::find($manufacturerId))) {
             // Redirect to the manufacturer  page
-            return redirect()->to('admin/settings/manufacturers')->with('error', trans('admin/manufacturers/message.does_not_exist'));
+            return redirect()->route('manufacturers.index')->with('error', trans('admin/manufacturers/message.does_not_exist'));
         }
 
         // Save the  data
-        $manufacturer->name     = e(Input::get('name'));
+        $manufacturer->name     = $request->input('name');
+        $manufacturer->url     = $request->input('url');
+        $manufacturer->support_url     = $request->input('support_url');
+        $manufacturer->support_phone    = $request->input('support_phone');
+        $manufacturer->support_email    = $request->input('support_email');
 
-        // Was it created?
-        if ($manufacturer->save()) {
-            // Redirect to the new manufacturer page
-            return redirect()->to("admin/settings/manufacturers")->with('success', trans('admin/manufacturers/message.update.success'));
+        $old_image = $manufacturer->image;
+
+        // Set the model's image property to null if the image is being deleted
+        if ($request->input('image_delete') == 1) {
+            $manufacturer->image = null;
         }
 
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = $manufacturer->id.'-'.str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
+
+            if ($image->getClientOriginalExtension()!='svg') {
+                Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
+                    $constraint->aspectRatio();
+                    $constraint->upsize();
+                })->save(app('manufacturers_upload_path').$file_name);
+            } else {
+                $image->move(app('manufacturers_upload_path'), $file_name);
+            }
+            $manufacturer->image = $file_name;
+
+        }
+
+        if ((($request->file('image')) && (isset($old_image)) && ($old_image!='')) || ($request->input('image_delete') == 1)) {
+            try  {
+                unlink(app('manufacturers_upload_path').$old_image);
+            } catch (\Exception $e) {
+                \Log::error($e);
+            }
+        }
+
+
+        if ($manufacturer->save()) {
+            return redirect()->route('manufacturers.index')->with('success', trans('admin/manufacturers/message.update.success'));
+        }
         return redirect()->back()->withInput()->withErrors($manufacturer->getErrors());
-
-
     }
 
     /**
@@ -131,410 +187,88 @@ class ManufacturersController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param int $manufacturerId
     * @since [v1.0]
-    * @return View
-    */
-    public function getDelete($manufacturerId)
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function destroy($manufacturerId)
     {
+        $this->authorize('delete', Manufacturer::class);
         // Check if the manufacturer exists
         if (is_null($manufacturer = Manufacturer::find($manufacturerId))) {
             // Redirect to the manufacturers page
-            return redirect()->to('admin/settings/manufacturers')->with('error', trans('admin/manufacturers/message.not_found'));
+            return redirect()->route('manufacturers.index')->with('error', trans('admin/manufacturers/message.not_found'));
         }
 
         if ($manufacturer->has_models() > 0) {
-
             // Redirect to the asset management page
-            return redirect()->to('admin/settings/manufacturers')->with('error', trans('admin/manufacturers/message.assoc_users'));
-        } else {
-
-            // Delete the manufacturer
-            $manufacturer->delete();
-
-            // Redirect to the manufacturers management page
-            return redirect()->to('admin/settings/manufacturers')->with('success', trans('admin/manufacturers/message.delete.success'));
+            return redirect()->route('manufacturers.index')->with('error', trans('admin/manufacturers/message.assoc_users'));
         }
 
+        if ($manufacturer->image) {
+            try  {
+                unlink(public_path().'/uploads/manufacturers/'.$manufacturer->image);
+            } catch (\Exception $e) {
+                \Log::error($e);
+            }
+        }
+
+
+        // Delete the manufacturer
+        $manufacturer->delete();
+        // Redirect to the manufacturers management page
+        return redirect()->route('manufacturers.index')->with('success', trans('admin/manufacturers/message.delete.success'));
     }
 
-
-
     /**
     * Returns a view that invokes the ajax tables which actually contains
-    * the content for the manufacturers detail listing, which is generated in getDatatable.
+    * the content for the manufacturers detail listing, which is generated via API.
     * This data contains a listing of all assets that belong to that manufacturer.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see ManufacturersController::getDataView()
     * @param int $manufacturerId
     * @since [v1.0]
-    * @return View
-    */
-    public function getView($manufacturerId = null)
+    * @return \Illuminate\Contracts\View\View
+     */
+    public function show($manufacturerId = null)
     {
+        $this->authorize('view', Manufacturer::class);
         $manufacturer = Manufacturer::find($manufacturerId);
 
         if (isset($manufacturer->id)) {
-                return View::make('manufacturers/view', compact('manufacturer'));
-        } else {
-            // Prepare the error message
-            $error = trans('admin/manufacturers/message.does_not_exist', compact('id'));
-
-            // Redirect to the user management page
-            return redirect()->route('manufacturers')->with('error', $error);
+            return view('manufacturers/view', compact('manufacturer'));
         }
 
-
+        $error = trans('admin/manufacturers/message.does_not_exist');
+        // Redirect to the user management page
+        return redirect()->route('manufacturers.index')->with('error', $error);
     }
 
     /**
-    * Generates the JSON used to display the manufacturer listings.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see ManufacturersController::getIndex()
-    * @since [v1.0]
-    * @return String JSON
-    */
-    public function getDatatable()
+     * Restore a given Manufacturer (mark as un-deleted)
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.1.15]
+     * @param int $manufacturers_id
+     * @return Redirect
+     */
+    public function restore($manufacturers_id)
     {
-        $manufacturers = Manufacturer::select(array('id','name'))->with('assets')
-        ->whereNull('deleted_at');
+        $this->authorize('create', Manufacturer::class);
+        $manufacturer = Manufacturer::onlyTrashed()->where('id',$manufacturers_id)->first();
 
-        if (Input::has('search')) {
-            $manufacturers = $manufacturers->TextSearch(e(Input::get('search')));
+        if ($manufacturer) {
+
+            // Not sure why this is necessary - it shouldn't fail validation here, but it fails without this, so....
+            $manufacturer->setValidating(false);
+            if ($manufacturer->restore()) {
+                return redirect()->route('manufacturers.index')->with('success', trans('admin/manufacturers/message.restore.success'));
+            }
+            return redirect()->back()->with('error', 'Could not restore.');
         }
-
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
-        }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-        $allowed_columns = ['id','name'];
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
-
-        $manufacturers->orderBy($sort, $order);
-
-        $manufacturersCount = $manufacturers->count();
-        $manufacturers = $manufacturers->skip($offset)->take($limit)->get();
-
-        $rows = array();
-
-        foreach ($manufacturers as $manufacturer) {
-            $actions = '<a href="'.route('update/manufacturer', $manufacturer->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/manufacturer', $manufacturer->id).'" data-content="'.trans('admin/manufacturers/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($manufacturer->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
-
-            $rows[] = array(
-                'id'              => $manufacturer->id,
-                'name'          => (string)link_to('admin/settings/manufacturers/'.$manufacturer->id.'/view', e($manufacturer->name)),
-                'assets'              => $manufacturer->assets->count(),
-                'actions'       => $actions
-            );
-        }
-
-        $data = array('total' => $manufacturersCount, 'rows' => $rows);
-
-        return $data;
+        return redirect()->back()->with('error', trans('admin/manufacturers/message.does_not_exist'));
 
     }
 
+   
 
-    /**
-    * Generates the JSON used to display the manufacturer detail.
-    * This JSON returns data on all of the assets with the specified
-    * manufacturer ID number.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see ManufacturersController::getView()
-    * @param int $manufacturerId
-    * @since [v1.0]
-    * @return String JSON
-    */
-    public function getDataView($manufacturerId, $itemtype = null)
-    {
-        $manufacturer = Manufacturer::find($manufacturerId);
 
-        switch ($itemtype) {
-            case "assets":
-                return $this->getDataAssetsView($manufacturer);
-            case "licenses":
-                return $this->getDataLicensesView($manufacturer);
-            case "accessories":
-                return $this->getDataAccessoriesView($manufacturer);
-            case "consumables":
-                return $this->getDataConsumablesView($manufacturer);
-        }
-
-        throw new Exception("We shouldn't be here");
-
-    }
-
-    protected function getDataAssetsView(Manufacturer $manufacturer)
-    {
-        $manufacturer = $manufacturer->load('assets.model', 'assets.assigneduser', 'assets.assetstatus', 'assets.company');
-        $manufacturer_assets = $manufacturer->assets;
-
-        if (Input::has('search')) {
-            $manufacturer_assets = $manufacturer_assets->TextSearch(e(Input::get('search')));
-        }
-
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
-        }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-
-        $allowed_columns = ['id','name','serial','asset_tag'];
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
-        $count = $manufacturer_assets->count();
-
-        $rows = array();
-
-        foreach ($manufacturer_assets as $asset) {
-
-            $actions = '';
-            if ($asset->deleted_at=='') {
-                $actions = '<div style=" white-space: nowrap;"><a href="'.route('clone/hardware', $asset->id).'" class="btn btn-info btn-sm" title="Clone asset"><i class="fa fa-files-o"></i></a> <a href="'.route('update/hardware', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> <a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/hardware', $asset->id).'" data-content="'.trans('admin/hardware/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($asset->asset_tag).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
-            } elseif ($asset->deleted_at!='') {
-                $actions = '<a href="'.route('restore/hardware', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-recycle icon-white"></i></a>';
-            }
-
-            if ($asset->availableForCheckout()) {
-                if (Gate::allows('assets.checkout')) {
-                    $inout = '<a href="'.route('checkout/hardware', $asset->id).'" class="btn btn-info btn-sm">'.trans('general.checkout').'</a>';
-                }
-            } else {
-                if (Gate::allows('assets.checkin')) {
-                    $inout = '<a href="'.route('checkin/hardware', $asset->id).'" class="btn btn-primary btn-sm">'.trans('general.checkin').'</a>';
-                }
-            }
-
-            $rows[] = array(
-                'id' => $asset->id,
-                'name' => (string)link_to('/hardware/'.$asset->id.'/view', e($asset->showAssetName())),
-                'model' => e($asset->model->name),
-                'asset_tag' => e($asset->asset_tag),
-                'serial' => e($asset->serial),
-                'assigned_to' => ($asset->assigneduser) ? (string)link_to('/admin/users/'.$asset->assigneduser->id.'/view', e($asset->assigneduser->fullName())): '',
-                'actions' => $actions,
-                // 'companyName' => e(Company::getName($asset)),
-                'companyName' => is_null($asset->company) ? '' : $asset->company->name
-                );
-
-            if (isset($inout)) {
-                $row['change'] = $inout;
-            }
-        }
-
-        $data = array('total' => $count, 'rows' => $rows);
-        return $data;
-    }
-
-    protected function getDataLicensesView(Manufacturer $manufacturer)
-    {
-        $manufacturer = $manufacturer->load('licenses.company', 'licenses.manufacturer', 'licenses.licenseSeatsRelation');
-        $licenses = $manufacturer->licenses;
-
-        if (Input::has('search')) {
-            $licenses = $licenses->TextSearch(Input::get('search'));
-        }
-
-        $licenseCount = $licenses->count();
-
-        $rows = array();
-
-        foreach ($licenses as $license) {
-            $actions = '<span style="white-space: nowrap;">';
-
-            if (Gate::allows('licenses.checkout')) {
-                $actions .= '<a href="' . route('freecheckout/license', $license->id)
-                . '" class="btn btn-primary btn-sm' . (($license->remaincount() > 0) ? '' : ' disabled') . '" style="margin-right:5px;">' . trans('general.checkout') . '</a> ';
-            }
-
-            if (Gate::allows('licenses.create')) {
-                $actions .= '<a href="' . route('clone/license', $license->id)
-                . '" class="btn btn-info btn-sm" style="margin-right:5px;" title="Clone asset"><i class="fa fa-files-o"></i></a>';
-            }
-            if (Gate::allows('licenses.edit')) {
-                $actions .= '<a href="' . route('update/license', $license->id)
-                . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
-            }
-            if (Gate::allows('licenses.delete')) {
-                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'
-                 . route('delete/license', $license->id)
-                 . '" data-content="' . trans('admin/licenses/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($license->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
-            }
-            $actions .='</span>';
-
-            $rows[] = array(
-                'id'                => $license->id,
-                'name'              => (string) link_to('/admin/licenses/'.$license->id.'/view', $license->name),
-                'serial'            => (string) link_to('/admin/licenses/'.$license->id.'/view', mb_strimwidth($license->serial, 0, 50, "...")),
-                'totalSeats'        => $license->licenseSeatCount,
-                'remaining'         => $license->remaincount(),
-                'license_name'      => e($license->license_name),
-                'license_email'     => e($license->license_email),
-                'purchase_date'     => ($license->purchase_date) ? $license->purchase_date : '',
-                'expiration_date'   => ($license->expiration_date) ? $license->expiration_date : '',
-                'purchase_cost'     => ($license->purchase_cost) ? number_format($license->purchase_cost, 2) : '',
-                'purchase_order'    => ($license->purchase_order) ? e($license->purchase_order) : '',
-                'order_number'      => ($license->order_number) ? e($license->order_number) : '',
-                'notes'             => ($license->notes) ? e($license->notes) : '',
-                'actions'           => $actions,
-                'companyName'       => is_null($license->company) ? '' : e($license->company->name),
-                'manufacturer'      => $license->manufacturer ? (string) link_to('/admin/settings/manufacturers/'.$license->manufacturer_id.'/view', $license->manufacturer->name) : ''
-            );
-        }
-
-        $data = array('total' => $licenseCount, 'rows' => $rows);
-
-        return $data;
-    }
-
-    public function getDataAccessoriesView(Manufacturer $manufacturer)
-    {
-        $manufacturer = $manufacturer->load(
-            'accessories.location',
-            'accessories.company',
-            'accessories.category',
-            'accessories.manufacturer',
-            'accessories.users'
-            );
-        $accessories = $manufacturer->accessories;
-
-        if (Input::has('search')) {
-            $accessories = $accessories->TextSearch(e(Input::get('search')));
-        }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-        $accessCount = $accessories->count();
-
-        $rows = array();
-
-        foreach ($accessories as $accessory) {
-
-            $actions = '<nobr>';
-            if (Gate::allows('accessories.checkout')) {
-                $actions .= '<a href="' . route('checkout/accessory',
-                        $accessory->id) . '" style="margin-right:5px;" class="btn btn-info btn-sm" ' . (($accessory->numRemaining() > 0) ? '' : ' disabled') . '>' . trans('general.checkout') . '</a>';
-            }
-            if (Gate::allows('accessories.edit')) {
-                $actions .= '<a href="' . route('update/accessory',
-                        $accessory->id) . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
-            }
-            if (Gate::allows('accessories.delete')) {
-                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/accessory',
-                        $accessory->id) . '" data-content="' . trans('admin/accessories/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($accessory->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
-            }
-            $actions .= '</nobr>';
-            $company = $accessory->company;
-
-            $rows[] = array(
-            'name'          => '<a href="'.url('admin/accessories/'.$accessory->id).'/view">'. $accessory->name.'</a>',
-            'category'      => ($accessory->category) ? (string)link_to('admin/settings/categories/'.$accessory->category->id.'/view', $accessory->category->name) : '',
-            'qty'           => e($accessory->qty),
-            'order_number'  => e($accessory->order_number),
-            'min_amt'  => e($accessory->min_amt),
-            'location'      => ($accessory->location) ? e($accessory->location->name): '',
-            'purchase_date' => e($accessory->purchase_date),
-            'purchase_cost' => number_format($accessory->purchase_cost, 2),
-            'numRemaining'  => $accessory->numRemaining(),
-            'actions'       => $actions,
-            'companyName'   => is_null($company) ? '' : e($company->name),
-            'manufacturer'      => $accessory->manufacturer ? (string) link_to('/admin/settings/manufacturers/'.$accessory->manufacturer_id.'/view', $accessory->manufacturer->name) : ''
-
-            );
-        }
-
-        $data = array('total'=>$accessCount, 'rows'=>$rows);
-
-        return $data;
-    }
-
-    public function getDataConsumablesView($manufacturer)
-    {
-        $manufacturer = $manufacturer->load(
-            'consumables.location',
-            'consumables.company',
-            'consumables.category',
-            'consumables.manufacturer',
-            'consumables.users'
-        );
-        $consumables = $manufacturer->consumables;
-
-        if (Input::has('search')) {
-            $consumables = $consumables->TextSearch(e(Input::get('search')));
-        }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-        $consumCount = $consumables->count();
-
-        $rows = array();
-
-        foreach ($consumables as $consumable) {
-            $actions = '<nobr>';
-            if (Gate::allows('consumables.checkout')) {
-                $actions .= '<a href="' . route('checkout/consumable',
-                        $consumable->id) . '" style="margin-right:5px;" class="btn btn-info btn-sm" ' . (($consumable->numRemaining() > 0) ? '' : ' disabled') . '>' . trans('general.checkout') . '</a>';
-            }
-
-            if (Gate::allows('consumables.edit')) {
-                $actions .= '<a href="' . route('update/consumable',
-                        $consumable->id) . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
-            }
-            if (Gate::allows('consumables.delete')) {
-                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/consumable',
-                        $consumable->id) . '" data-content="' . trans('admin/consumables/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($consumable->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
-            }
-
-            $actions .='</nobr>';
-
-            $company = $consumable->company;
-
-            $rows[] = array(
-                'id'            => $consumable->id,
-                'name'          => (string)link_to('admin/consumables/'.$consumable->id.'/view', e($consumable->name)),
-                'location'      => ($consumable->location) ? e($consumable->location->name) : '',
-                'min_amt'       => e($consumable->min_amt),
-                'qty'           => e($consumable->qty),
-                'manufacturer'  => ($consumable->manufacturer) ? (string) link_to('/admin/settings/manufacturers/'.$consumable->manufacturer_id.'/view', $consumable->manufacturer->name): '',
-                'model_number'  => e($consumable->model_number),
-                'item_no'       => e($consumable->item_no),
-                'category'      => ($consumable->category) ? (string) link_to('/admin/settings/categories/'.$consumable->category_id.'/view', $consumable->category->name) : 'Missing category',
-                'order_number'  => e($consumable->order_number),
-                'purchase_date' => e($consumable->purchase_date),
-                'purchase_cost' => ($consumable->purchase_cost!='') ? number_format($consumable->purchase_cost, 2): '' ,
-                'numRemaining'  => $consumable->numRemaining(),
-                'actions'       => $actions,
-                'companyName'   => is_null($company) ? '' : e($company->name),
-            );
-        }
-
-        $data = array('total' => $consumCount, 'rows' => $rows);
-
-        return $data;
-    }
 }

app/Http/Controllers/ModalController.php

@@ -0,0 +1,41 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use Illuminate\Http\Request;
+
+use App\Helpers\Helper;
+
+class ModalController extends Controller
+{
+    function location() {
+        return view('modals.location');
+    }
+
+    function model() {
+        return view('modals.model')
+            ->with('manufacturer', Helper::manufacturerList())
+            ->with('category', Helper::categoryList('asset'));
+    }
+
+    function statuslabel() {
+        return view('modals.statuslabel')->with('statuslabel_types', Helper::statusTypeList());
+    }
+
+    function supplier() {
+        return view('modals.supplier');
+    }
+
+    function user() {
+        return view('modals.user');
+    }
+
+    function category() {
+        return view('modals.category');
+    }
+
+    function manufacturer() {
+        return view('modals.manufacturer');
+    }
+
+}

app/Http/Controllers/ProfileController.php

@@ -4,12 +4,14 @@ namespace App\Http\Controllers;
 use Image;
 use Input;
 use Redirect;
-use App\Models\Location;
 use View;
 use Auth;
 use App\Helpers\Helper;
 use App\Models\Setting;
 use Gate;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Hash;
+use App\Http\Requests\ImageUploadRequest;
 
 /**
  * This controller handles all actions related to User Profiles for
@@ -24,14 +26,12 @@ class ProfileController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
-    * @return View
-    */
+    * @return \Illuminate\Contracts\View\View
+     */
     public function getIndex()
     {
-        // Get the user information
         $user = Auth::user();
-        $location_list = Helper::locationsList();
-        return View::make('account/profile', compact('user'))->with('location_list', $location_list);
+        return view('account/profile', compact('user'));
     }
 
     /**
@@ -39,25 +39,21 @@ class ProfileController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
-    * @return Redirect
-    */
-    public function postIndex()
+    * @return \Illuminate\Http\RedirectResponse
+     */
+    public function postIndex(ImageUploadRequest $request)
     {
 
-      // Grab the user
         $user = Auth::user();
-
-      // Update the user information
-        $user->first_name = e(Input::get('first_name'));
-        $user->last_name  = e(Input::get('last_name'));
-        $user->website    = e(Input::get('website'));
-        $user->location_id    = e(Input::get('location_id'));
-        $user->gravatar   = e(Input::get('gravatar'));
-        $user->locale = e(Input::get('locale'));
-
+        $user->first_name = Input::get('first_name');
+        $user->last_name  = Input::get('last_name');
+        $user->website    = Input::get('website');
+        $user->location_id    = Input::get('location_id');
+        $user->gravatar   = Input::get('gravatar');
+        $user->locale = Input::get('locale');
 
         if ((Gate::allows('self.two_factor')) && ((Setting::getSettings()->two_factor_enabled=='1') && (!config('app.lock_passwords')))) {
-            $user->two_factor_optin = e(Input::get('two_factor_optin', '0'));
+            $user->two_factor_optin = Input::get('two_factor_optin', '0');
         }
         
         if (Input::file('avatar')) {
@@ -77,4 +73,95 @@ class ProfileController extends Controller
         }
         return redirect()->back()->withInput()->withErrors($user->getErrors());
     }
+
+
+    /**
+     * Returns a page with the API token generation interface.
+     *
+     * We created a controller method for this because closures aren't allowed
+     * in the routes file if you want to be able to cache the routes.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return View
+     */
+    public function api() {
+        return view('account/api');
+    }
+
+    /**
+     * User change email page.
+     *
+     * @return View
+     */
+    public function password()
+    {
+        $user = Auth::user();
+        return view('account/change-password', compact('user'));
+    }
+
+    /**
+     * Users change password form processing page.
+     *
+     * @return Redirect
+     */
+    public function passwordSave(Request $request)
+    {
+
+        if (config('app.lock_passwords')) {
+            return redirect()->route('account.password.index')->with('error', trans('admin/users/table.lock_passwords'));
+        }
+
+        $user = Auth::user();
+        if ($user->ldap_import=='1') {
+            return redirect()->route('account.password.index')->with('error', trans('admin/users/message.error.password_ldap'));
+        }
+
+        $rules = array(
+            'current_password'     => 'required',
+            'password'         => Setting::passwordComplexityRulesSaving('store'),
+            'password_confirm' => 'required|same:password',
+        );
+
+        $validator = \Validator::make($request->all(), $rules);
+        $validator->after(function($validator) use ($request, $user) {
+
+            if (!Hash::check($request->input('current_password'), $user->password)) {
+                $validator->errors()->add('current_password', trans('validation.hashed_pass'));
+            }
+            
+        });
+
+        if (!$validator->fails()) {
+            $user->password = Hash::make($request->input('password'));
+            $user->save();
+            return redirect()->route('account.password.index')->with('success', 'Password updated!');
+
+        }
+        return redirect()->back()->withInput()->withErrors($validator);
+
+
+    }
+
+    /**
+     * Save the menu state of open/closed when the user clicks on the hamburger
+     * menu.
+     *
+     * This URL is triggered via jquery in
+     * resources/views/layouts/default.blade.php
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return View
+     */
+
+    public function getMenuState(Request $request) {
+        if ($request->input('state')=='open') {
+            $request->session()->put('menu_state', 'open');
+        } else {
+            $request->session()->put('menu_state', 'closed');
+        }
+    }
+
+
 }

app/Http/Controllers/ReportsController.php

@@ -6,22 +6,17 @@ use App\Models\Accessory;
 use App\Models\Actionlog;
 use App\Models\Asset;
 use App\Models\AssetMaintenance;
-use App\Models\AssetModel;
-use App\Models\Company;
 use App\Models\CustomField;
+use App\Models\Depreciation;
 use App\Models\License;
-use App\Models\Location;
 use App\Models\Setting;
-use App\Models\User;
 use Carbon\Carbon;
-use Illuminate\Support\Facades\Lang;
-use Illuminate\Support\Facades\Log;
 use Illuminate\Support\Facades\Response;
 use Illuminate\Support\Facades\View;
 use Input;
 use League\Csv\Reader;
-use Redirect;
 use Symfony\Component\HttpFoundation\StreamedResponse;
+use Illuminate\Http\Request;
 
 /**
  * This controller handles all actions related to Reports for
@@ -42,8 +37,7 @@ class ReportsController extends Controller
     public function getAccessoryReport()
     {
         $accessories = Accessory::orderBy('created_at', 'DESC')->with('company')->get();
-
-        return View::make('reports/accessories', compact('accessories'));
+        return view('reports/accessories', compact('accessories'));
     }
 
     /**
@@ -98,7 +92,7 @@ class ReportsController extends Controller
     public function getAssetsReport()
     {
         $settings = \App\Models\Setting::first();
-        return View::make('reports/asset', compact('assets'))->with('settings', $settings);
+        return view('reports/asset', compact('assets'))->with('settings', $settings);
     }
 
 
@@ -110,63 +104,96 @@ class ReportsController extends Controller
     * @since [v1.0]
     * @return \Illuminate\Http\Response
     */
-    public function exportAssetReport()
+    public function exportAssetReport(Request $request)
     {
 
          \Debugbar::disable();
 
         $customfields = CustomField::get();
 
-        $response = new StreamedResponse(function() use ($customfields) {
+        $response = new StreamedResponse(function () use ($customfields, $request) {
             // Open output stream
             $handle = fopen('php://output', 'w');
 
-            Asset::with('assigneduser', 'assetloc','defaultLoc','assigneduser.userloc','model','supplier','assetstatus','model.manufacturer')->orderBy('created_at', 'DESC')->chunk(500, function($assets) use($handle, $customfields) {
-                $headers=[
-                    trans('general.company'),
-                    trans('admin/hardware/table.asset_tag'),
-                    trans('admin/hardware/form.manufacturer'),
-                    trans('admin/hardware/form.model'),
-                    trans('general.model_no'),
-                    trans('general.name'),
-                    trans('admin/hardware/table.serial'),
-                    trans('general.status'),
-                    trans('admin/hardware/table.purchase_date'),
-                    trans('admin/hardware/table.purchase_cost'),
-                    trans('admin/hardware/form.order'),
-                    trans('admin/hardware/form.supplier'),
-                    trans('admin/hardware/table.checkoutto'),
-                    trans('admin/hardware/table.checkout_date'),
-                    trans('admin/hardware/table.location'),
-                    trans('general.notes'),
-                ];
-                foreach($customfields as $field) {
-                    $headers[]=$field->name;
-                }
-                fputcsv($handle, $headers);
+            $assets = Asset::with('assignedTo', 'location','defaultLoc','assignedTo','model','supplier','assetstatus','model.manufacturer');
+
+                // This is used by the sidenav, mostly
+            switch ($request->input('status')) {
+                case 'Deleted':
+                    $assets->withTrashed()->Deleted();
+                    break;
+                case 'Pending':
+                    $assets->Pending();
+                    break;
+                case 'RTD':
+                    $assets->RTD();
+                    break;
+                case 'Undeployable':
+                    $assets->Undeployable();
+                    break;
+                case 'Archived':
+                    $assets->Archived();
+                    break;
+                case 'Requestable':
+                    $assets->RequestableAssets();
+                    break;
+                case 'Deployed':
+                    $assets->Deployed();
+                    break;
+            }
+
+            $headers=[
+                trans('general.company'),
+                trans('admin/hardware/table.asset_tag'),
+                trans('admin/hardware/form.manufacturer'),
+                trans('general.category'),
+                trans('admin/hardware/form.model'),
+                trans('general.model_no'),
+                trans('general.name'),
+                trans('admin/hardware/table.serial'),
+                trans('general.status'),
+                trans('admin/hardware/table.purchase_date'),
+                trans('admin/hardware/table.purchase_cost'),
+                trans('admin/hardware/form.order'),
+                trans('general.supplier'),
+                trans('admin/hardware/table.checkoutto'),
+                trans('general.type'),
+                trans('admin/hardware/table.checkout_date'),
+                trans('admin/hardware/table.location'),
+                trans('general.notes'),
+            ];
+            foreach ($customfields as $field) {
+                $headers[]=$field->name;
+            }
+            fputcsv($handle, $headers);
+
+            $assets->orderBy('created_at', 'DESC')->chunk(500, function($assets) use($handle, $customfields) {
+
 
                 foreach ($assets as $asset) {
+
                     // Add a new row with data
                     $values=[
                         ($asset->company) ? $asset->company->name : '',
                         $asset->asset_tag,
                         ($asset->model->manufacturer) ? $asset->model->manufacturer->name : '',
+                        ($asset->model->category) ? $asset->model->category->name : '',
                         ($asset->model) ? $asset->model->name : '',
                         ($asset->model->model_number) ? $asset->model->model_number : '',
                         ($asset->name) ? $asset->name : '',
                         ($asset->serial) ? $asset->serial : '',
-                        ($asset->assetstatus) ? e($asset->assetstatus->name) : '',
+                        ($asset->assetstatus) ? e($asset->present()->statusText) : '',
                         ($asset->purchase_date) ? e($asset->purchase_date) : '',
                         ($asset->purchase_cost > 0) ? Helper::formatCurrencyOutput($asset->purchase_cost) : '',
                         ($asset->order_number) ? e($asset->order_number) : '',
                         ($asset->supplier) ? e($asset->supplier->name) : '',
-                        ($asset->assigneduser) ? e($asset->assigneduser->fullName()) : '',
+                        ($asset->checkedOutToUser() && $asset->assigned) ? e($asset->assigned->getFullNameAttribute()) : ($asset->assigned ? e($asset->assigned->display_name) : ''),
+                        ($asset->checkedOutToUser() && $asset->assigned) ? 'user' : e($asset->assignedType()),
                         ($asset->last_checkout!='') ? e($asset->last_checkout) : '',
-                        ($asset->assigneduser && $asset->assigneduser->userloc!='') ?
-                            e($asset->assigneduser->userloc->name) : ( ($asset->defaultLoc!='') ? e($asset->defaultLoc->name) : ''),
+                        ($asset->location) ? e($asset->location->name) : '',
                         ($asset->notes) ? e($asset->notes) : '',
                     ];
-                    foreach($customfields as $field) {
+                    foreach ($customfields as $field) {
                         $values[]=$asset->{$field->db_column_name()};
                     }
                     fputcsv($handle, $values);
@@ -177,7 +204,8 @@ class ReportsController extends Controller
             fclose($handle);
         }, 200, [
             'Content-Type' => 'text/csv',
-            'Content-Disposition' => 'attachment; filename="assets-'.date('Y-m-d-his').'.csv"',
+            'Content-Disposition'
+                => 'attachment; filename="'.(($request->has('status')) ? trim($request->input('status')) : 'all').'-assets-'.date('Y-m-d-his').'.csv"',
         ]);
 
         return $response;
@@ -194,11 +222,12 @@ class ReportsController extends Controller
     public function getDeprecationReport()
     {
 
+        $depreciations = Depreciation::get();
         // Grab all the assets
-        $assets = Asset::with('model', 'assigneduser', 'assetstatus', 'defaultLoc', 'assetlog', 'company')
+        $assets = Asset::with( 'assignedTo', 'assetstatus', 'defaultLoc', 'location', 'assetlog', 'company', 'model.category', 'model.depreciation')
                        ->orderBy('created_at', 'DESC')->get();
 
-        return View::make('reports/depreciation', compact('assets'));
+        return view('reports/depreciation', compact('assets'))->with('depreciations',$depreciations);
     }
 
     /**
@@ -213,7 +242,7 @@ class ReportsController extends Controller
     {
 
         // Grab all the assets
-        $assets = Asset::with('model', 'assigneduser', 'assetstatus', 'defaultLoc', 'assetlog')
+        $assets = Asset::with('model', 'assignedTo', 'assetstatus', 'defaultLoc', 'assetlog')
                        ->orderBy('created_at', 'DESC')->get();
 
         $csv = \League\Csv\Writer::createFromFileObject(new \SplTempFileObject());
@@ -244,15 +273,13 @@ class ReportsController extends Controller
             $row[] = e($asset->name);
             $row[] = e($asset->serial);
 
-            if ($asset->assigned_to > 0) {
-                $user  = User::find($asset->assigned_to);
-                $row[] = e($user->fullName());
+            if ($target = $asset->assignedTo) {
+                $row[] = e($target->present()->name());
             } else {
                 $row[] = ''; // Empty string if unassigned
             }
 
-            if (( $asset->assigned_to > 0 ) && ( $asset->assigneduser->location_id > 0 )) {
-                $location = Location::find($asset->assigneduser->location_id);
+            if (( $asset->assigned_to > 0 ) && ( $location = $asset->location )) {
                 if ($location->city) {
                     $row[] = e($location->city) . ', ' . e($location->state);
                 } elseif ($location->name) {
@@ -264,8 +291,8 @@ class ReportsController extends Controller
                 $row[] = '';  // Empty string if location is not set
             }
 
-            if ($asset->assetloc) {
-                $currency = e($asset->assetloc->currency);
+            if ($asset->location) {
+                $currency = e($asset->location->currency);
             } else {
                 $currency = e(Setting::first()->default_currency);
             }
@@ -282,6 +309,20 @@ class ReportsController extends Controller
 
     }
 
+
+    /**
+     * Displays audit report.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return View
+     */
+    public function audit()
+    {
+        return view('reports/audit');
+    }
+
+
     /**
     * Displays activity report.
     *
@@ -291,131 +332,10 @@ class ReportsController extends Controller
     */
     public function getActivityReport()
     {
-        $log_actions = Actionlog::orderBy('created_at', 'DESC')
-                                ->with('item')
-                                ->orderBy('created_at', 'DESC')
-                                ->get();
 
-        return View::make('reports/activity', compact('log_actions'));
+        return view('reports/activity');
     }
 
-    /**
-     * Returns Activity Report JSON.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v1.0]
-     * @return View
-     */
-    public function getActivityReportDataTable()
-    {
-        $activitylogs = Company::scopeCompanyables(Actionlog::with('item', 'user', 'target'))->orderBy('created_at', 'DESC');
-
-        if (Input::has('search')) {
-            $activitylogs = $activitylogs->TextSearch(e(Input::get('search')));
-        }
-
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
-        }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-
-        $allowed_columns = ['created_at'];
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? e(Input::get('sort')) : 'created_at';
-
-
-        $activityCount = $activitylogs->count();
-        $activitylogs = $activitylogs->offset($offset)->limit($limit)->get();
-
-        $rows = array();
-        foreach ($activitylogs as $activity) {
-
-            if ($activity->itemType() == "asset") {
-                $activity_icons = '<i class="fa fa-barcode"></i>';
-            } elseif ($activity->itemType() == "accessory") {
-                $activity_icons = '<i class="fa fa-keyboard-o"></i>';
-            } elseif ($activity->itemType()=="consumable") {
-                $activity_icons = '<i class="fa fa-tint"></i>';
-            } elseif ($activity->itemType()=="license"){
-                $activity_icons = '<i class="fa fa-floppy-o"></i>';
-            } elseif ($activity->itemType()=="component") {
-                $activity_icons = '<i class="fa fa-hdd-o"></i>';
-            } else {
-                $activity_icons = '<i class="fa fa-paperclip"></i>';
-            }
-
-            if (($activity->item) && ($activity->itemType()=="asset")) {
-              $activity_item = '<a href="'.route('view/hardware', $activity->item_id).'">'.e($activity->item->asset_tag).' - '. e($activity->item->showAssetName()).'</a>';
-                $item_type = 'asset';
-            } elseif ($activity->item) {
-                $activity_item = '<a href="' . route('view/' . $activity->itemType(),
-                        $activity->item_id) . '">' . e($activity->item->name) . '</a>';
-                $item_type = $activity->itemType();
-
-            } else {
-                $activity_item = "unkonwn";
-                $item_type = "null";
-            }
-            
-
-            if (($activity->user) && ($activity->action_type=="uploaded") && ($activity->itemType()=="user")) {
-                $activity_target = '<a href="'.route('view/user', $activity->target_id).'">'.$activity->user->fullName().'</a>';
-            } elseif ($activity->target_type === "App\Models\Asset") {
-                if($activity->target) {
-                    $activity_target = '<a href="'.route('view/hardware', $activity->target_id).'">'.$activity->target->showAssetName().'</a>';
-                } else {
-                    $activity_target = "";
-                }
-            } elseif ( $activity->target_type === "App\Models\User") {
-                if($activity->target) {
-                   $activity_target = '<a href="'.route('view/user', $activity->target_id).'">'.$activity->target->fullName().'</a>';
-                } else {
-                    $activity_target = '';
-                }
-            } elseif (($activity->action_type=='accepted') || ($activity->action_type=='declined')) {
-                $activity_target = '<a href="' . route('view/user', $activity->item->assigneduser->id) . '">' . e($activity->item->assigneduser->fullName()) . '</a>';
-
-            } elseif ($activity->action_type=='requested') {
-                if ($activity->user) {
-                    $activity_target =  '<a href="'.route('view/user', $activity->user_id).'">'.$activity->user->fullName().'</a>';
-                } else {
-                    $activity_target = '';
-                }
-            } else {
-                if($activity->target) {
-                    $activity_target = $activity->target->id;
-                } else {
-                    $activity_target = "";
-                }
-            }
-
-            
-            $rows[] = array(
-                'icon'          => $activity_icons,
-                'created_at'    => date("M d, Y g:iA", strtotime($activity->created_at)),
-                'action_type'              => strtolower(trans('general.'.str_replace(' ','_',$activity->action_type))),
-                'admin'         =>  $activity->user ? (string) link_to('/admin/users/'.$activity->user_id.'/view', $activity->user->fullName()) : '',
-                'target'          => $activity_target,
-                'item'          => $activity_item,
-                'item_type'     => $item_type,
-                'note'     => e($activity->note),
-
-            );
-        }
-
-        $data = array('total'=>$activityCount, 'rows'=>$rows);
-
-        return $data;
-
-    }
 
     /**
      * Displays license report
@@ -431,7 +351,7 @@ class ReportsController extends Controller
                            ->with('company')
                            ->get();
 
-        return View::make('reports/licenses', compact('licenses'));
+        return view('reports/licenses', compact('licenses'));
     }
 
     /**
@@ -495,7 +415,7 @@ class ReportsController extends Controller
     public function getCustomReport()
     {
         $customfields = CustomField::get();
-        return View::make('reports/custom')->with('customfields', $customfields);
+        return view('reports/custom')->with('customfields', $customfields);
     }
 
     /**
@@ -506,249 +426,334 @@ class ReportsController extends Controller
      * @since [v1.0]
      * @return \Illuminate\Http\Response
      */
-    public function postCustom()
+    public function postCustom(Request $request)
     {
-        $assets = Asset::orderBy('created_at', 'DESC')->with('company','assigneduser', 'assetloc','defaultLoc','assigneduser.userloc','model','supplier','assetstatus','model.manufacturer')->get();
+
+        \Debugbar::disable();
         $customfields = CustomField::get();
+        $response = new StreamedResponse(function () use ($customfields, $request) {
 
-        $rows   = [ ];
-        $header = [ ];
-
-        if (e(Input::get('company')) == '1') {
-            $header[] = 'Company Name';
-        }
-
-        if (e(Input::get('asset_name')) == '1') {
-            $header[] = 'Asset Name';
-        }
-        if (e(Input::get('asset_tag')) == '1') {
-            $header[] = 'Asset Tag';
-        }
-        if (e(Input::get('manufacturer')) == '1') {
-            $header[] = 'Manufacturer';
-        }
-        if (e(Input::get('model')) == '1') {
-            $header[] = 'Model';
-            $header[] = 'Model Number';
-        }
-        if (e(Input::get('category')) == '1') {
-            $header[] = 'Category';
-        }
-        if (e(Input::get('serial')) == '1') {
-            $header[] = 'Serial';
-        }
-        if (e(Input::get('purchase_date')) == '1') {
-            $header[] = 'Purchase Date';
-        }
-        if (( e(Input::get('purchase_cost')) == '1' ) && ( e(Input::get('depreciation')) != '1' )) {
-            $header[] = 'Purchase Cost';
-        }
-        if (e(Input::get('eol')) == '1') {
-            $header[] = 'EOL';
-        }
-        if (e(Input::get('order')) == '1') {
-            $header[] = 'Order Number';
-        }
-        if (e(Input::get('supplier')) == '1') {
-            $header[] = 'Supplier';
-        }
-        if (e(Input::get('location')) == '1') {
-            $header[] = 'Location';
-        }
-        if (e(Input::get('assigned_to')) == '1') {
-            $header[] = 'Assigned To';
-        }
-        if (e(Input::get('username')) == '1') {
-            $header[] = 'Username';
-        }
-        if (e(Input::get('employee_num')) == '1') {
-            $header[] = 'Employee No.';
-        }
-        if (e(Input::get('status')) == '1') {
-            $header[] = 'Status';
-        }
-        if (e(Input::get('warranty')) == '1') {
-            $header[] = 'Warranty';
-            $header[] = 'Warranty Expires';
-        }
-        if (e(Input::get('depreciation')) == '1') {
-            $header[] = 'Purchase Cost';
-            $header[] = 'Value';
-            $header[] = 'Diff';
-        }
-        if (e(Input::get('expected_checkin')) == '1') {
-            $header[] = trans('admin/hardware/form.expected_checkin');
-        }
-
-
-        foreach ($customfields as $customfield) {
-            if (e(Input::get($customfield->db_column_name())) == '1') {
-                $header[] = $customfield->name;
-            }
-        }
-
-
-        $header = array_map('trim', $header);
-        $rows[] = implode($header, ',');
-
-        foreach ($assets as $asset) {
-            $row = [ ];
-
-            if (e(Input::get('company')) == '1') {
-                $row[] = is_null($asset->company) ? '' : '"'.$asset->company->name.'"';
+            // Open output stream
+            $handle = fopen('php://output', 'w');
+            
+            if ($request->has('use_bom')) {
+                fprintf($handle, chr(0xEF) . chr(0xBB) . chr(0xBF));
             }
 
-            if (e(Input::get('asset_name')) == '1') {
-                $row[] = '"' .e($asset->name) . '"';
-            }
-            if (e(Input::get('asset_tag')) == '1') {
-                $row[] = e($asset->asset_tag);
-            }
-            if (e(Input::get('manufacturer')) == '1') {
-                if ($asset->model->manufacturer) {
-                    $row[] = '"' .e($asset->model->manufacturer->name) . '"';
-                } else {
-                    $row[] = '';
-                }
-            }
-            if (e(Input::get('model')) == '1') {
-                $row[] = '"' . e($asset->model->name) . '"';
-                $row[] = '"' . e($asset->model->model_number) . '"';
-            }
-            if (e(Input::get('category')) == '1') {
-                $row[] = '"' .e($asset->model->category->name) . '"';
-            }
-
-            if (e(Input::get('serial')) == '1') {
-                $row[] = e($asset->serial);
-            }
-            if (e(Input::get('purchase_date')) == '1') {
-                $row[] = e($asset->purchase_date);
-            }
-            if (e(Input::get('purchase_cost')) == '1' && ( e(Input::get('depreciation')) != '1' )) {
-                $row[] = '"' . Helper::formatCurrencyOutput($asset->purchase_cost) . '"';
-            }
-            if (e(Input::get('eol')) == '1') {
-                $row[] = '"' .($asset->eol_date()) ? $asset->eol_date() : ''. '"';
-            }
-            if (e(Input::get('order')) == '1') {
-                if ($asset->order_number) {
-                    $row[] = e($asset->order_number);
-                } else {
-                    $row[] = '';
-                }
-            }
-            if (e(Input::get('supplier')) == '1') {
-                if ($asset->supplier) {
-                    $row[] = '"' .e($asset->supplier->name) . '"';
-                } else {
-                    $row[] = '';
-                }
-            }
-
-            if (e(Input::get('location')) == '1') {
-                $show_loc = '';
+            $header = [];
 
 
-                if (($asset->assigned_to > 0) && ($asset->assigneduser) && ($asset->assigneduser->location)) {
-                    $show_loc .= '"' .e($asset->assigneduser->location->name). '"';
-                } elseif ($asset->rtd_location_id!='') {
-                    $location = Location::find($asset->rtd_location_id);
-                    if ($location) {
-                        $show_loc .= '"' .e($location->name). '"';
-                    } else {
-                        $show_loc .= 'Default location '.$asset->rtd_location_id.' is invalid';
-                    }
-                }
-
-                $row[] = $show_loc;
-
+            if ($request->has('company')) {
+                $header[] = trans('general.company');
             }
 
-
-            if (e(Input::get('assigned_to')) == '1') {
-                if ($asset->assigneduser) {
-                    $row[] = '"' .e($asset->assigneduser->fullName()). '"';
-                } else {
-                    $row[] = ''; // Empty string if unassigned
-                }
+            if ($request->has('asset_name')) {
+                $header[] = trans('admin/hardware/form.name');
             }
 
-            if (e(Input::get('username')) == '1') {
-                if ($asset->assigneduser) {
-                    $row[] = '"' .e($asset->assigneduser->username). '"';
-                } else {
-                    $row[] = ''; // Empty string if unassigned
-                }
+            if ($request->has('asset_tag')) {
+                $header[] = trans('admin/hardware/table.asset_tag');
             }
 
-            if (e(Input::get('employee_num')) == '1') {
-                if ($asset->assigneduser) {
-                    $row[] = '"' .e($asset->assigneduser->employee_num). '"';
-                } else {
-                    $row[] = ''; // Empty string if unassigned
-                }
+            if ($request->has('model')) {
+                $header[] = trans('admin/hardware/form.model');
+                $header[] = trans('general.model_no');
             }
 
-            if (e(Input::get('status')) == '1') {
-                if (( $asset->status_id == '0' ) && ( $asset->assigned_to == '0' )) {
-                    $row[] = trans('general.ready_to_deploy');
-                } elseif (( $asset->status_id == '' ) && ( $asset->assigned_to == '0' )) {
-                    $row[] = trans('general.pending');
-                } elseif ($asset->assetstatus) {
-                    $row[] = '"' .e($asset->assetstatus->name). '"';
-                } else {
-                    $row[] = '';
-                }
+            if ($request->has('category')) {
+                $header[] = trans('general.category');
             }
-            if (e(Input::get('warranty')) == '1') {
-                if ($asset->warranty_months) {
-                    $row[] = $asset->warranty_months;
-                    $row[] = $asset->warrantee_expires();
-                } else {
-                    $row[] = '';
-                    $row[] = '';
-                }
+
+            if ($request->has('manufacturer')) {
+                $header[] = trans('admin/hardware/form.manufacturer');
             }
-            if (e(Input::get('depreciation')) == '1') {
-                $depreciation = $asset->getDepreciatedValue();
-                $row[]        = '"' . Helper::formatCurrencyOutput($asset->purchase_cost) . '"';
-                $row[]        = '"' . Helper::formatCurrencyOutput($depreciation) . '"';
-                $row[]        = '"' . Helper::formatCurrencyOutput($asset->purchase_cost) . '"';
+
+            if ($request->has('serial')) {
+                $header[] = trans('admin/hardware/table.serial');
             }
-            if (e(Input::get('expected_checkin')) == '1') {
-                if ($asset->expected_checkin) {
-                    $row[] = '"' .e($asset->expected_checkin). '"';
-                } else {
-                    $row[] = ''; // Empty string if blankd
-                }
+            if ($request->has('purchase_date')) {
+                $header[] = trans('admin/hardware/table.purchase_date');
             }
 
+            if (($request->has('purchase_cost'))  || ($request->has('depreciation'))) {
+                $header[] = trans('admin/hardware/table.purchase_cost');
+            }
+
+            if ($request->has('eol')) {
+                $header[] = trans('admin/hardware/table.eol');
+            }
+
+            if ($request->has('order')) {
+                $header[] = trans('admin/hardware/form.order');
+            }
+
+            if ($request->has('supplier')) {
+                $header[] = trans('general.supplier');
+            }
+
+            if ($request->has('location')) {
+                $header[] = trans('admin/hardware/table.location');
+            }
+
+            if ($request->has('assigned_to')) {
+                $header[] = trans('admin/hardware/table.checkoutto');
+                $header[] = trans('general.type');
+            }
+
+            if ($request->has('username')) {
+                $header[] = 'Username';
+            }
+
+            if ($request->has('employee_num')) {
+                $header[] = 'Employee No.';
+            }
+
+            if ($request->has('status')) {
+                $header[] = trans('general.status');
+            }
+
+            if ($request->has('warranty')) {
+                $header[] = 'Warranty';
+                $header[] = 'Warranty Expires';
+            }
+            if ($request->has('depreciation')) {
+                $header[] = 'Value';
+                $header[] = 'Diff';
+            }
+
+            if ($request->has('checkout_date')) {
+                $header[] = trans('admin/hardware/table.checkout_date');
+            }
+
+            if ($request->has('expected_checkin')) {
+                $header[] = trans('admin/hardware/form.expected_checkin');
+            }
+
+            if ($request->has('created_at')) {
+                $header[] = trans('general.created_at');
+            }
+
+            if ($request->has('updated_at')) {
+                $header[] = trans('general.updated_at');
+            }
+
+            if ($request->has('last_audit_date')) {
+                $header[] = trans('general.last_audit');
+            }
+
+            if ($request->has('next_audit_date')) {
+                $header[] = trans('general.next_audit_date');
+            }
+
+            if ($request->has('notes')) {
+                $header[] = trans('general.notes');
+            }
+
+
             foreach ($customfields as $customfield) {
-                $column_name = $customfield->db_column_name();
                 if (e(Input::get($customfield->db_column_name())) == '1') {
-                    $row[] = str_replace(",", "\,", $asset->$column_name);
+                    $header[] = $customfield->name;
                 }
             }
 
 
-            $rows[] = implode($row, ',');
-        }
+            fputcsv($handle, $header);
+
+            $assets = \App\Models\Company::scopeCompanyables(Asset::select('assets.*'))->with(
+                'location', 'assetstatus', 'assetlog', 'company', 'defaultLoc','assignedTo',
+                'model.category', 'model.manufacturer','supplier');
+            
+            if ($request->has('by_location_id')) {
+                $assets->where('assets.location_id', $request->input('by_location_id'));
+            }
+
+            if ($request->has('by_supplier_id')) {
+                $assets->where('assets.supplier_id', $request->input('by_supplier_id'));
+            }
+
+            if ($request->has('by_company_id')) {
+                $assets->where('assets.company_id', $request->input('by_company_id'));
+            }
+
+            if ($request->has('by_model_id')) {
+                $assets->where('assets.model_id', $request->input('by_model_id'));
+            }
+
+            if ($request->has('by_category_id')) {
+                $assets->InCategory($request->input('by_category_id'));
+            }
+
+            if ($request->has('by_manufacturer_id')) {
+                $assets->ByManufacturer($request->input('by_manufacturer_id'));
+            }
+
+            if ($request->has('by_order_number')) {
+                $assets->where('assets.order_number', $request->input('by_order_number'));
+            }
+
+            if ($request->has('by_status_id')) {
+                $assets->where('assets.status_id', $request->input('by_status_id'));
+            }
+
+            if (($request->has('purchase_start')) && ($request->has('purchase_end'))) {
+                $assets->whereBetween('assets.purchase_date', [$request->input('purchase_start'), $request->input('purchase_end')]);
+            }
+
+            if (($request->has('created_start')) && ($request->has('created_end'))) {
+                $assets->whereBetween('assets.created_at', [$request->input('created_start'), $request->input('created_end')]);
+            }
+            
+            $assets->orderBy('assets.created_at', 'ASC')->chunk(500, function($assets) use($handle, $customfields, $request) {
+
+                foreach ($assets as $asset) {
+                    $row = [];
+                    
+                    if ($request->has('company')) {
+                        $row[] = ($asset->company) ? $asset->company->name : '';
+                    }
+
+                    if ($request->has('asset_name')) {
+                        $row[] = ($asset->name) ? $asset->name : '';
+                    }
+
+                    if ($request->has('asset_tag')) {
+                        $row[] = ($asset->asset_tag) ? $asset->asset_tag : '';
+                    }
+
+                    if ($request->has('model')) {
+                        $row[] = ($asset->model) ? $asset->model->name : '';
+                        $row[] = ($asset->model) ? $asset->model->model_number : '';
+                    }
+
+                    if ($request->has('category')) {
+                        $row[] = (($asset->model) && ($asset->model->category)) ? $asset->model->category->name : '';
+                    }
+
+                    if ($request->has('manufacturer')) {
+                        $row[] = ($asset->model && $asset->model->manufacturer) ? $asset->model->manufacturer->name : '';
+                    }
+
+                    if ($request->has('serial')) {
+                        $row[] = ($asset->serial) ? $asset->serial : '';
+                    }
+
+                    if ($request->has('purchase_date')) {
+                        $row[] = ($asset->purchase_date) ? $asset->purchase_date : '';
+                    }
+
+                    if ($request->has('purchase_cost')) {
+                        $row[] = ($asset->purchase_cost) ? Helper::formatCurrencyOutput($asset->purchase_cost) : '';
+                    }
+
+                    if ($request->has('eol')) {
+                        $row[] = ($asset->purchase_date!='') ? $asset->present()->eol_date() : '';
+                    }
+
+                    if ($request->has('order')) {
+                        $row[] = ($asset->order_number) ? $asset->order_number : '';
+                    }
+
+                    if ($request->has('supplier')) {
+                        $row[] = ($asset->supplier) ? $asset->supplier->name : '';
+                    }
+                    
+
+                    if ($request->has('location')) {
+                        $row[] = ($asset->location) ? $asset->location->present()->name() : '';
+                    }
+
+                    if ($request->has('assigned_to')) {
+                        $row[] = ($asset->checkedOutToUser() && $asset->assigned) ? e($asset->assigned->getFullNameAttribute()) : ($asset->assigned ? e($asset->assigned->display_name) : '');
+                        $row[] = ($asset->checkedOutToUser() && $asset->assigned) ? 'user' : e($asset->assignedType());
+                    }
+
+                    if ($request->has('username')) {
+                        // Only works if we're checked out to a user, not anything else.
+                        if ($asset->checkedOutToUser()) {
+                            $row[] = ($asset->assignedto) ? $asset->assignedto->username : '';
+                        } else {
+                            $row[] = ''; // Empty string if unassigned
+                        }
+                    }
+
+                    if ($request->has('employee_num')) {
+                        // Only works if we're checked out to a user, not anything else.
+                        if ($asset->checkedOutToUser()) {
+                            $row[] = ($asset->assignedto) ? $asset->assignedto->employee_num : '';
+                        } else {
+                            $row[] = ''; // Empty string if unassigned
+                        }
+                    }
+
+                    if ($request->has('status')) {
+                        $row[] = ($asset->assetstatus) ? $asset->assetstatus->name.' ('.$asset->present()->statusMeta.')' : '';
+                    }
+
+
+                    if ($request->has('warranty')) {
+                        $row[] = ($asset->warranty_months) ? $asset->warranty_months : '';
+                        $row[] = $asset->present()->warrantee_expires();
+                    }
+
+
+                    if ($request->has('depreciation')) {
+                            $depreciation = $asset->getDepreciatedValue();
+                            $diff = ($asset->purchase_cost - $depreciation);
+                            $row[]        = Helper::formatCurrencyOutput($depreciation);
+                            $row[]        = Helper::formatCurrencyOutput($diff);
+                    }
+
+                    if ($request->has('checkout_date')) {
+                        $row[] = ($asset->last_checkout) ? $asset->last_checkout : '';
+                    }
+
+                    if ($request->has('expected_checkin')) {
+                        $row[] = ($asset->expected_checkin) ? $asset->expected_checkin : '';
+                    }
+
+                    if ($request->has('created_at')) {
+                        $row[] = ($asset->created_at) ? $asset->created_at : '';
+                    }
+
+                    if ($request->has('updated_at')) {
+                        $row[] = ($asset->updated_at) ? $asset->updated_at : '';
+                    }
+
+                    if ($request->has('last_audit_date')) {
+                        $row[] = ($asset->last_audit_date) ? $asset->last_audit_date : '';
+                    }
+
+                    if ($request->has('next_audit_date')) {
+                        $row[] = ($asset->next_audit_date) ? $asset->next_audit_date : '';
+                    }
+
+                    if ($request->has('notes')) {
+                        $row[] = ($asset->notes) ? $asset->notes : '';
+                    }
+
+                    foreach ($customfields as $customfield) {
+                        $column_name = $customfield->db_column_name();
+                        if ($request->has($customfield->db_column_name())) {
+                            $row[] = $asset->$column_name;
+                        }
+                    }
+                    fputcsv($handle, $row);
+                }
+            });
+
+            // Close the output stream
+            fclose($handle);
+        }, 200, [
+            'Content-Type' => 'text/csv',
+            'Content-Disposition'
+            => 'attachment; filename="custom-assets-report-'.date('Y-m-d-his').'.csv"',
+        ]);
+
+        return $response;
 
-        // spit out a csv
-        if (array_filter($rows)) {
-            $csv      = implode($rows, "\n");
-            $response = Response::make($csv, 200);
-            $response->header('Content-Type', 'text/csv');
-            $response->header('Content-disposition', 'attachment;filename='.date('Y-m-d-His').'-custom-asset-report.csv');
 
-            return $response;
-        } else {
-            return redirect()->to("reports/custom")
-                ->with('error', trans('admin/reports/message.error'));
-        }
     }
-    
+
 
     /**
      * getImprovementsReport
@@ -764,7 +769,7 @@ class ReportsController extends Controller
                                               ->orderBy('created_at', 'DESC')
                                               ->get();
 
-        return View::make('reports/asset_maintenances', compact('assetMaintenances'));
+        return view('reports/asset_maintenances', compact('assetMaintenances'));
 
     }
 
@@ -839,7 +844,7 @@ class ReportsController extends Controller
     {
         $assetsForReport = Asset::notYetAccepted()->with('company')->get();
 
-        return View::make('reports/unaccepted_assets', compact('assetsForReport'));
+        return view('reports/unaccepted_assets', compact('assetsForReport'));
     }
 
     /**
@@ -873,9 +878,9 @@ class ReportsController extends Controller
             $row    = [ ];
             $row[]  = str_replace(',', '', e($assetItem->assetlog->model->category->name));
             $row[]  = str_replace(',', '', e($assetItem->assetlog->model->name));
-            $row[]  = str_replace(',', '', e($assetItem->assetlog->showAssetName()));
+            $row[]  = str_replace(',', '', e($assetItem->assetlog->present()->name()));
             $row[]  = str_replace(',', '', e($assetItem->assetlog->asset_tag));
-            $row[]  = str_replace(',', '', e($assetItem->assetlog->assigneduser->fullName()));
+            $row[]  = str_replace(',', '', e($assetItem->assetlog->assignedTo->present()->name()));
             $rows[] = implode($row, ',');
         }
 

app/Http/Controllers/StatuslabelsController.php

@@ -27,123 +27,96 @@ class StatuslabelsController extends Controller
     /**
      * Show a list of all the statuslabels.
      *
-     * @return View
+     * @return \Illuminate\Contracts\View\View
      */
 
-    public function getIndex()
+    public function index()
     {
-        // Show the page
-        return View::make('statuslabels/index', compact('statuslabels'));
+        $this->authorize('view', Statuslabel::class);
+        return view('statuslabels.index', compact('statuslabels'));
     }
 
-
-    /**
-     * Show a count of assets by status label
-     *
-     * @return View
-     */
-
-    public function getAssetCountByStatuslabel()
+    public function show($id)
     {
-        $colors = [];
-
-        $statuslabels = Statuslabel::with('assets')->get();
-        $labels=[];
-        $points=[];
-        $colors=[];
-        foreach ($statuslabels as $statuslabel) {
-            if ($statuslabel->assets->count() > 0) {
-                $labels[]=$statuslabel->name;
-                $points[]=$statuslabel->assets()->whereNull('assigned_to')->count();
-                if ($statuslabel->color!='') {
-                    $colors[]=$statuslabel->color;
-                }
-            }
-
-
+        $this->authorize('view', Statuslabel::class);
+        if ($statuslabel = Statuslabel::find($id)) {
+            return view('statuslabels.view')->with('statuslabel', $statuslabel);
         }
-        $labels[]='Deployed';
-        $points[]=Asset::whereNotNull('assigned_to')->count();
 
-        $colors_array = array_merge($colors, Helper::chartColors());
-
-        $result= [
-            "labels" => $labels,
-            "datasets" => [ [
-                "data" => $points,
-                "backgroundColor" => $colors_array,
-                "hoverBackgroundColor" =>  $colors_array
-            ]]
-        ];
-        return $result;
+        return redirect()->route('statuslabels.index')->with('error', trans('admin/statuslabels/message.does_not_exist', compact('id')));
     }
 
 
+
     /**
      * Statuslabel create.
      *
-     * @return View
+     * @return \Illuminate\Contracts\View\View
      */
-    public function getCreate()
+    public function create()
     {
         // Show the page
+        $this->authorize('create', Statuslabel::class);
         $item = new Statuslabel;
         $use_statuslabel_type = $item->getStatuslabelType();
         $statuslabel_types = Helper::statusTypeList();
 
-        return View::make('statuslabels/edit', compact('statuslabel_types', 'item'))->with('use_statuslabel_type', $use_statuslabel_type);
+        return view('statuslabels/edit', compact('statuslabel_types', 'item'))->with('use_statuslabel_type', $use_statuslabel_type);
     }
 
 
     /**
      * Statuslabel create form processing.
      *
-     * @return Redirect
+     * @param Request $request
+     * @return \Illuminate\Http\RedirectResponse
      */
-    public function postCreate(Request $request)
+    public function store(Request $request)
     {
 
+        $this->authorize('create', Statuslabel::class);
         // create a new model instance
-        $statuslabel = new Statuslabel();
+        $statusLabel = new Statuslabel();
 
         if (!$request->has('statuslabel_types')) {
             return redirect()->back()->withInput()->withErrors(['statuslabel_types' => trans('validation.statuslabel_type')]);
         }
 
-        $statustype = Statuslabel::getStatuslabelTypesForDB($request->input('statuslabel_types'));
+        $statusType = Statuslabel::getStatuslabelTypesForDB($request->input('statuslabel_types'));
 
         // Save the Statuslabel data
-        $statuslabel->name              = e(Input::get('name'));
-        $statuslabel->user_id          = Auth::user()->id;
-        $statuslabel->notes          =  e(Input::get('notes'));
-        $statuslabel->deployable          =  $statustype['deployable'];
-        $statuslabel->pending          =  $statustype['pending'];
-        $statuslabel->archived          =  $statustype['archived'];
-        $statuslabel->color          =  e(Input::get('color'));
-        $statuslabel->show_in_nav          =  e(Input::get('show_in_nav'),0);
+        $statusLabel->name              = Input::get('name');
+        $statusLabel->user_id           = Auth::id();
+        $statusLabel->notes             =  Input::get('notes');
+        $statusLabel->deployable        =  $statusType['deployable'];
+        $statusLabel->pending           =  $statusType['pending'];
+        $statusLabel->archived          =  $statusType['archived'];
+        $statusLabel->color             =  Input::get('color');
+        $statusLabel->show_in_nav       =  Input::get('show_in_nav', 0);
+        $statusLabel->default_label       =  Input::get('default_label', 0);
 
 
-        // Was the asset created?
-        if ($statuslabel->save()) {
+        if ($statusLabel->save()) {
             // Redirect to the new Statuslabel  page
-            return redirect()->to("admin/settings/statuslabels")->with('success', trans('admin/statuslabels/message.create.success'));
+            return redirect()->route('statuslabels.index')->with('success', trans('admin/statuslabels/message.create.success'));
         }
-
-        return redirect()->back()->withInput()->withErrors($statuslabel->getErrors());
-
+        return redirect()->back()->withInput()->withErrors($statusLabel->getErrors());
     }
 
-    public function store(Request $request)
+    /**
+     * @param Request $request
+     * @return JsonResponse
+     */
+    public function apiStore(Request $request)
     {
-
+        $this->authorize('create', Statuslabel::class);
         $statuslabel = new Statuslabel();
         if (!$request->has('statuslabel_types')) {
             return JsonResponse::create(["error" => trans('validation.statuslabel_type')], 500);
         }
-
         $statustype = Statuslabel::getStatuslabelTypesForDB(Input::get('statuslabel_types'));
-        $statuslabel->name            = e(Input::get('name'));
-        $statuslabel->user_id         = Auth::user()->id;
+        $statuslabel->name            = Input::get('name');
+        $statuslabel->user_id         = Auth::id();
         $statuslabel->notes           =  '';
         $statuslabel->deployable      =  $statustype['deployable'];
         $statuslabel->pending         =  $statustype['pending'];
@@ -164,21 +137,22 @@ class StatuslabelsController extends Controller
      * Statuslabel update.
      *
      * @param  int  $statuslabelId
-     * @return View
+     * @return \Illuminate\Contracts\View\View
      */
-    public function getEdit($statuslabelId = null)
+    public function edit($statuslabelId = null)
     {
+        $this->authorize('update', Statuslabel::class);
         // Check if the Statuslabel exists
         if (is_null($item = Statuslabel::find($statuslabelId))) {
             // Redirect to the blogs management page
-            return redirect()->to('admin/settings/statuslabels')->with('error', trans('admin/statuslabels/message.does_not_exist'));
+            return redirect()->route('statuslabels.index')->with('error', trans('admin/statuslabels/message.does_not_exist'));
         }
 
         $use_statuslabel_type = $item->getStatuslabelType();
 
         $statuslabel_types = array('' => trans('admin/hardware/form.select_statustype')) + array('undeployable' => trans('admin/hardware/general.undeployable')) + array('pending' => trans('admin/hardware/general.pending')) + array('archived' => trans('admin/hardware/general.archived')) + array('deployable' => trans('admin/hardware/general.deployable'));
 
-        return View::make('statuslabels/edit', compact('item', 'statuslabel_types'))->with('use_statuslabel_type', $use_statuslabel_type);
+        return view('statuslabels/edit', compact('item', 'statuslabel_types'))->with('use_statuslabel_type', $use_statuslabel_type);
     }
 
 
@@ -186,14 +160,15 @@ class StatuslabelsController extends Controller
      * Statuslabel update form processing page.
      *
      * @param  int  $statuslabelId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
      */
-    public function postEdit(Request $request, $statuslabelId = null)
+    public function update(Request $request, $statuslabelId = null)
     {
+        $this->authorize('update', Statuslabel::class);
         // Check if the Statuslabel exists
         if (is_null($statuslabel = Statuslabel::find($statuslabelId))) {
             // Redirect to the blogs management page
-            return redirect()->to('admin/settings/statuslabels')->with('error', trans('admin/statuslabels/message.does_not_exist'));
+            return redirect()->route('statuslabels.index')->with('error', trans('admin/statuslabels/message.does_not_exist'));
         }
 
         if (!$request->has('statuslabel_types')) {
@@ -202,128 +177,46 @@ class StatuslabelsController extends Controller
 
 
         // Update the Statuslabel data
-        $statustype = Statuslabel::getStatuslabelTypesForDB(Input::get('statuslabel_types'));
-        $statuslabel->name              = e(Input::get('name'));
-        $statuslabel->notes          =  e(Input::get('notes'));
+        $statustype                 = Statuslabel::getStatuslabelTypesForDB(Input::get('statuslabel_types'));
+        $statuslabel->name              = Input::get('name');
+        $statuslabel->notes          =  Input::get('notes');
         $statuslabel->deployable          =  $statustype['deployable'];
         $statuslabel->pending          =  $statustype['pending'];
         $statuslabel->archived          =  $statustype['archived'];
-        $statuslabel->color          =  e(Input::get('color'));
-        $statuslabel->show_in_nav          =  e(Input::get('show_in_nav'),0);
+        $statuslabel->color          =  Input::get('color');
+        $statuslabel->show_in_nav          =  Input::get('show_in_nav', 0);
+        $statuslabel->default_label          =  Input::get('default_label', 0);
 
 
         // Was the asset created?
         if ($statuslabel->save()) {
             // Redirect to the saved Statuslabel page
-            return redirect()->to("admin/settings/statuslabels/")->with('success', trans('admin/statuslabels/message.update.success'));
-        } else {
-            return redirect()->back()->withInput()->withErrors($statuslabel->getErrors());
+            return redirect()->route("statuslabels.index")->with('success', trans('admin/statuslabels/message.update.success'));
         }
-
-
-        // Redirect to the Statuslabel management page
-        return redirect()->to("admin/settings/statuslabels/$statuslabelId/edit")->with('error', trans('admin/statuslabels/message.update.error'));
-
+        return redirect()->back()->withInput()->withErrors($statuslabel->getErrors());
     }
 
     /**
      * Delete the given Statuslabel.
      *
      * @param  int  $statuslabelId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
      */
-    public function getDelete($statuslabelId)
+    public function destroy($statuslabelId)
     {
+        $this->authorize('delete', Statuslabel::class);
         // Check if the Statuslabel exists
         if (is_null($statuslabel = Statuslabel::find($statuslabelId))) {
-            // Redirect to the blogs management page
-            return redirect()->to('admin/settings/statuslabels')->with('error', trans('admin/statuslabels/message.not_found'));
+            return redirect()->route('statuslabels.index')->with('error', trans('admin/statuslabels/message.not_found'));
         }
 
-
-        if ($statuslabel->has_assets() > 0) {
-
-            // Redirect to the asset management page
-            return redirect()->to('admin/settings/statuslabels')->with('error', trans('admin/statuslabels/message.assoc_assets'));
-        } else {
-
+        // Check that there are no assets associated
+        if ($statuslabel->assets()->count() == 0) {
             $statuslabel->delete();
-
-            // Redirect to the statuslabels management page
-            return redirect()->to('admin/settings/statuslabels')->with('success', trans('admin/statuslabels/message.delete.success'));
+            return redirect()->route('statuslabels.index')->with('success', trans('admin/statuslabels/message.delete.success'));
         }
 
-
-
+        return redirect()->route('statuslabels.index')->with('error', trans('admin/statuslabels/message.assoc_assets'));
     }
 
-
-    public function getDatatable()
-    {
-        $statuslabels = Statuslabel::select(array('id','name','deployable','pending','archived','color','show_in_nav'))
-        ->whereNull('deleted_at');
-
-        if (Input::has('search')) {
-            $statuslabels = $statuslabels->TextSearch(e(Input::get('search')));
-        }
-
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
-        }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-        $allowed_columns = ['id','name'];
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
-
-        $statuslabels->orderBy($sort, $order);
-
-        $statuslabelsCount = $statuslabels->count();
-        $statuslabels = $statuslabels->skip($offset)->take($limit)->get();
-
-        $rows = array();
-
-        foreach ($statuslabels as $statuslabel) {
-
-            if ($statuslabel->deployable == 1) {
-                $label_type = trans('admin/statuslabels/table.deployable');
-            } elseif ($statuslabel->pending == 1) {
-                $label_type = trans('admin/statuslabels/table.pending');
-            } elseif ($statuslabel->archived == 1) {
-                $label_type = trans('admin/statuslabels/table.archived');
-            } else {
-                $label_type = trans('admin/statuslabels/table.undeployable');
-            }
-
-            $actions = '<a href="'.route('update/statuslabel', $statuslabel->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/statuslabel', $statuslabel->id).'" data-content="'.trans('admin/statuslabels/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($statuslabel->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
-
-            if ($statuslabel->color!='') {
-                $color = '<div class="pull-left" style="margin-right: 5px; height: 20px; width: 20px; background-color: '.e($statuslabel->color).'"></div>'.e($statuslabel->color);
-            } else {
-                $color = '';
-            }
-
-
-            $rows[] = array(
-                'id'            => e($statuslabel->id),
-                'type'          => e($label_type),
-                'name'          => e($statuslabel->name),
-                'color'          => $color,
-                'show_in_nav' => ($statuslabel->show_in_nav=='1') ? trans('general.yes') : trans('general.no'),
-                'actions'       => $actions
-            );
-        }
-
-        $data = array('total' => $statuslabelsCount, 'rows' => $rows);
-
-        return $data;
-
-    }
 }

app/Http/Controllers/SuppliersController.php

@@ -1,6 +1,7 @@
 <?php
 namespace App\Http\Controllers;
 
+use App\Helpers\Helper;
 use Image;
 use App\Models\AssetMaintenance;
 use Input;
@@ -12,6 +13,7 @@ use Str;
 use View;
 use Auth;
 use Illuminate\Http\Request;
+use App\Http\Requests\ImageUploadRequest;
 
 use Symfony\Component\HttpFoundation\JsonResponse;
 
@@ -26,112 +28,109 @@ class SuppliersController extends Controller
     /**
      * Show a list of all suppliers
      *
-     * @return View
+     * @return \Illuminate\Contracts\View\View
      */
-    public function getIndex()
+    public function index()
     {
         // Grab all the suppliers
+        $this->authorize('view', Supplier::class);
         $suppliers = Supplier::orderBy('created_at', 'DESC')->get();
 
         // Show the page
-        return View::make('suppliers/index', compact('suppliers'));
+        return view('suppliers/index', compact('suppliers'));
     }
 
 
     /**
      * Supplier create.
      *
-     * @return View
+     * @return \Illuminate\Contracts\View\View
      */
-    public function getCreate()
+    public function create()
     {
-        return View::make('suppliers/edit')->with('item', new Supplier);
+        $this->authorize('create', Supplier::class);
+        return view('suppliers/edit')->with('item', new Supplier);
     }
 
 
     /**
      * Supplier create form processing.
      *
-     * @return Redirect
+     * @param Request $request
+     * @return \Illuminate\Http\RedirectResponse
      */
-    public function postCreate()
+    public function store(ImageUploadRequest $request)
     {
-
-        // get the POST data
-        $new = Input::all();
-
+        $this->authorize('create', Supplier::class);
         // Create a new supplier
         $supplier = new Supplier;
         // Save the location data
-        $supplier->name                 = e(Input::get('name'));
-        $supplier->address              = e(Input::get('address'));
-        $supplier->address2             = e(Input::get('address2'));
-        $supplier->city                 = e(Input::get('city'));
-        $supplier->state                = e(Input::get('state'));
-        $supplier->country              = e(Input::get('country'));
-        $supplier->zip                  = e(Input::get('zip'));
-        $supplier->contact              = e(Input::get('contact'));
-        $supplier->phone                = e(Input::get('phone'));
-        $supplier->fax                  = e(Input::get('fax'));
-        $supplier->email                = e(Input::get('email'));
-        $supplier->notes                = e(Input::get('notes'));
-        $supplier->url                  = $supplier->addhttp(e(Input::get('url')));
-        $supplier->user_id              = Auth::user()->id;
+        $supplier->name                 = request('name');
+        $supplier->address              = request('address');
+        $supplier->address2             = request('address2');
+        $supplier->city                 = request('city');
+        $supplier->state                = request('state');
+        $supplier->country              = request('country');
+        $supplier->zip                  = request('zip');
+        $supplier->contact              = request('contact');
+        $supplier->phone                = request('phone');
+        $supplier->fax                  = request('fax');
+        $supplier->email                = request('email');
+        $supplier->notes                = request('notes');
+        $supplier->url                  = $supplier->addhttp(request('url'));
+        $supplier->user_id              = Auth::id();
 
-
-
-
-        if (Input::file('image')) {
-            $image = Input::file('image');
+        if ($request->file('image')) {
+            $image = $request->file('image');
             $file_name = str_random(25).".".$image->getClientOriginalExtension();
             $path = public_path('uploads/suppliers/'.$file_name);
-            Image::make($image->getRealPath())->resize(300, null, function ($constraint) {
+            Image::make($image->getRealPath())->resize(200, null, function ($constraint) {
                 $constraint->aspectRatio();
                 $constraint->upsize();
             })->save($path);
-                $supplier->image = $file_name;
+            $supplier->image = $file_name;
         }
 
-            // Was it created?
         if ($supplier->save()) {
-          // Redirect to the new supplier  page
-            return redirect()->to("admin/settings/suppliers")->with('success', trans('admin/suppliers/message.create.success'));
+            return redirect()->route('suppliers.index')->with('success', trans('admin/suppliers/message.create.success'));
         }
-
-
         return redirect()->back()->withInput()->withErrors($supplier->getErrors());
-
     }
 
-    public function store(Request $request)
+    /**
+     * @param Request $request
+     * @return JsonResponse
+     */
+    public function apiStore(Request $request)
     {
+        $this->authorize('create', Supplier::class);
         $supplier = new Supplier;
-        $supplier->name =  e($request->input('name'));
-        $supplier->user_id              = Auth::user()->id;
+        $supplier->name =  $request->input('name');
+        $supplier->user_id              = Auth::id();
 
         if ($supplier->save()) {
             return JsonResponse::create($supplier);
         }
         return JsonResponse::create(["error" => "Failed validation: ".print_r($supplier->getErrors(), true)], 500);
-        return JsonResponse::create(["error" => "Couldn't save Supplier"]);
     }
 
     /**
      * Supplier update.
      *
      * @param  int  $supplierId
-     * @return View
+     * @return \Illuminate\Contracts\View\View
      */
-    public function getEdit($supplierId = null)
+    public function edit($supplierId = null)
     {
+        $this->authorize('edit', Supplier::class);
         // Check if the supplier exists
         if (is_null($item = Supplier::find($supplierId))) {
             // Redirect to the supplier  page
-            return redirect()->to('admin/settings/suppliers')->with('error', trans('admin/suppliers/message.does_not_exist'));
+            return redirect()->route('suppliers.index')->with('error', trans('admin/suppliers/message.does_not_exist'));
         }
 
         // Show the page
-        return View::make('suppliers/edit', compact('item'));
+        return view('suppliers/edit', compact('item'));
     }
 
 
@@ -139,48 +138,67 @@ class SuppliersController extends Controller
      * Supplier update form processing page.
      *
      * @param  int  $supplierId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
      */
-    public function postEdit($supplierId = null)
+    public function update($supplierId = null, ImageUploadRequest $request)
     {
+        $this->authorize('edit', Supplier::class);
         // Check if the supplier exists
         if (is_null($supplier = Supplier::find($supplierId))) {
             // Redirect to the supplier  page
-            return redirect()->to('admin/settings/suppliers')->with('error', trans('admin/suppliers/message.does_not_exist'));
+            return redirect()->route('suppliers.index')->with('error', trans('admin/suppliers/message.does_not_exist'));
         }
 
         // Save the  data
-        $supplier->name                 = e(Input::get('name'));
-        $supplier->address              = e(Input::get('address'));
-        $supplier->address2             = e(Input::get('address2'));
-        $supplier->city                 = e(Input::get('city'));
-        $supplier->state                = e(Input::get('state'));
-        $supplier->country              = e(Input::get('country'));
-        $supplier->zip                  = e(Input::get('zip'));
-        $supplier->contact              = e(Input::get('contact'));
-        $supplier->phone                = e(Input::get('phone'));
-        $supplier->fax                  = e(Input::get('fax'));
-        $supplier->email                = e(Input::get('email'));
-        $supplier->url                  = $supplier->addhttp(e(Input::get('url')));
-        $supplier->notes                = e(Input::get('notes'));
+        $supplier->name                 = request('name');
+        $supplier->address              = request('address');
+        $supplier->address2             = request('address2');
+        $supplier->city                 = request('city');
+        $supplier->state                = request('state');
+        $supplier->country              = request('country');
+        $supplier->zip                  = request('zip');
+        $supplier->contact              = request('contact');
+        $supplier->phone                = request('phone');
+        $supplier->fax                  = request('fax');
+        $supplier->email                = request('email');
+        $supplier->url                  = $supplier->addhttp(request('url'));
+        $supplier->notes                = request('notes');
 
-        if (Input::file('image')) {
-            $image = Input::file('image');
-            $file_name = str_random(25).".".$image->getClientOriginalExtension();
-            $path = public_path('uploads/suppliers/'.$file_name);
-            Image::make($image->getRealPath())->resize(300, null, function ($constraint) {
-                $constraint->aspectRatio();
-                $constraint->upsize();
-            })->save($path);
-            $supplier->image = $file_name;
-        }
 
-        if (Input::get('image_delete') == 1 && Input::file('image') == "") {
+        $old_image = $supplier->image;
+
+        // Set the model's image property to null if the image is being deleted
+        if ($request->input('image_delete') == 1) {
             $supplier->image = null;
         }
 
+        if ($request->file('image')) {
+            $image = $request->file('image');
+            $file_name = $supplier->id.'-'.str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
+
+            if ($image->getClientOriginalExtension()!='svg') {
+                Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
+                    $constraint->aspectRatio();
+                    $constraint->upsize();
+                })->save(app('suppliers_upload_path').$file_name);
+            } else {
+                $image->move(app('suppliers_upload_path'), $file_name);
+            }
+            $supplier->image = $file_name;
+
+        }
+
+        if ((($request->file('image')) && (isset($old_image)) && ($old_image!='')) || ($request->input('image_delete') == 1)) {
+            try  {
+                unlink(app('suppliers_upload_path').$old_image);
+            } catch (\Exception $e) {
+                \Log::error($e);
+            }
+        }
+
+
         if ($supplier->save()) {
-            return redirect()->to("admin/settings/suppliers")->with('success', trans('admin/suppliers/message.update.success'));
+            return redirect()->route('suppliers.index')->with('success', trans('admin/suppliers/message.update.success'));
         }
 
         return redirect()->back()->withInput()->withErrors($supplier->getErrors());
@@ -191,107 +209,56 @@ class SuppliersController extends Controller
      * Delete the given supplier.
      *
      * @param  int  $supplierId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
      */
-    public function getDelete($supplierId)
+    public function destroy($supplierId)
     {
-        // Check if the supplier exists
-        if (is_null($supplier = Supplier::find($supplierId))) {
-            // Redirect to the suppliers page
-            return redirect()->to('admin/settings/suppliers')->with('error', trans('admin/suppliers/message.not_found'));
+        $this->authorize('delete', Supplier::class);
+        if (is_null($supplier = Supplier::with('asset_maintenances', 'assets', 'licenses')->withCount('asset_maintenances','assets','licenses')->find($supplierId))) {
+            return redirect()->route('suppliers.index')->with('error', trans('admin/suppliers/message.not_found'));
         }
 
-        if ($supplier->num_assets() > 0) {
 
-            // Redirect to the asset management page
-            return redirect()->to('admin/settings/suppliers')->with('error', trans('admin/suppliers/message.assoc_users'));
-        } else {
-
-            // Delete the supplier
-            $supplier->delete();
-
-            // Redirect to the suppliers management page
-            return redirect()->to('admin/settings/suppliers')->with('success', trans('admin/suppliers/message.delete.success'));
+        if ($supplier->assets_count > 0) {
+            return redirect()->route('suppliers.index')->with('error', trans('admin/suppliers/message.delete.assoc_assets', ['asset_count' => (int) $supplier->assets_count]));
         }
 
+        if ($supplier->asset_maintenances_count > 0) {
+            return redirect()->route('suppliers.index')->with('error', trans('admin/suppliers/message.delete.assoc_maintenances', ['asset_maintenances_count' => $supplier->asset_maintenances_count]));
+        }
+
+        if ($supplier->licenses_count > 0) {
+            return redirect()->route('suppliers.index')->with('error', trans('admin/suppliers/message.delete.assoc_licenses', ['licenses_count' => (int) $supplier->licenses_count]));
+        }
+
+        $supplier->delete();
+        return redirect()->route('suppliers.index')->with('success',
+            trans('admin/suppliers/message.delete.success')
+        );
+
+
     }
 
 
     /**
-    *  Get the asset information to present to the supplier view page
-    *
-    * @param  int  $assetId
-    * @return View
-    **/
-    public function getView($supplierId = null)
+     *  Get the asset information to present to the supplier view page
+     *
+     * @param null $supplierId
+     * @return \Illuminate\Contracts\View\View
+     * @internal param int $assetId
+     */
+    public function show($supplierId = null)
     {
         $supplier = Supplier::find($supplierId);
 
         if (isset($supplier->id)) {
-                return View::make('suppliers/view', compact('supplier'));
-        } else {
-            // Prepare the error message
-            $error = trans('admin/suppliers/message.does_not_exist', compact('id'));
-
-            // Redirect to the user management page
-            return redirect()->route('suppliers')->with('error', $error);
+                return view('suppliers/view', compact('supplier'));
         }
+        // Prepare the error message
+        $error = trans('admin/suppliers/message.does_not_exist', compact('id'));
 
-
+        // Redirect to the user management page
+        return redirect()->route('suppliers.index')->with('error', $error);
     }
 
-    public function getDatatable()
-    {
-        $suppliers = Supplier::with('assets', 'licenses')->select(array('id','name','address','address2','city','state','country','fax', 'phone','email','contact'))
-        ->whereNull('deleted_at');
-
-        if (Input::has('search')) {
-            $suppliers = $suppliers->TextSearch(e(Input::get('search')));
-        }
-
-        if (Input::has('offset')) {
-            $offset = e(Input::get('offset'));
-        } else {
-            $offset = 0;
-        }
-
-        if (Input::has('limit')) {
-            $limit = e(Input::get('limit'));
-        } else {
-            $limit = 50;
-        }
-
-        $allowed_columns = ['id','name','address','phone','contact','fax','email'];
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
-
-        $suppliers->orderBy($sort, $order);
-
-        $suppliersCount = $suppliers->count();
-        $suppliers = $suppliers->skip($offset)->take($limit)->get();
-
-        $rows = array();
-
-        foreach ($suppliers as $supplier) {
-            $actions = '<a href="'.route('update/supplier', $supplier->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/supplier', $supplier->id).'" data-content="'.trans('admin/suppliers/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($supplier->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
-
-            $rows[] = array(
-                'id'                => $supplier->id,
-                'name'              => (string)link_to('admin/settings/suppliers/'.$supplier->id.'/view', e($supplier->name)),
-                'contact'           => e($supplier->contact),
-                'address'           => e($supplier->address).' '.e($supplier->address2).' '.e($supplier->city).' '.e($supplier->state).' '.e($supplier->country),
-                'phone'             => e($supplier->phone),
-                'fax'             => e($supplier->fax),
-                'email'             => ($supplier->email!='') ? '<a href="mailto:'.e($supplier->email).'">'.e($supplier->email).'</a>' : '',
-                'assets'            => $supplier->assets->count(),
-                'licenses'          => $supplier->licenses->count(),
-                'actions'           => $actions
-            );
-        }
-
-        $data = array('total' => $suppliersCount, 'rows' => $rows);
-
-        return $data;
-
-    }
 }

app/Http/Controllers/ViewAssetsController.php

@@ -41,7 +41,6 @@ class ViewAssetsController extends Controller
     {
 
         $user = User::with(
-            'assets',
             'assets.model',
             'consumables',
             'accessories',
@@ -54,7 +53,7 @@ class ViewAssetsController extends Controller
         $userlog = $user->userlog->load('item', 'user', 'target');
 
         if (isset($user->id)) {
-            return View::make('account/view-assets', compact('user', 'userlog'));
+            return view('account/view-assets', compact('user', 'userlog'));
         } else {
             // Prepare the error message
             $error = trans('admin/users/message.user_not_found', compact('id'));
@@ -69,17 +68,12 @@ class ViewAssetsController extends Controller
     public function getRequestableIndex()
     {
 
-        $assets = Asset::with('model', 'defaultLoc', 'assetloc', 'assigneduser')->Hardware()->RequestableAssets()->get();
-        $models = AssetModel::with('category')->RequestableModels()->get();
+        $assets = Asset::with('model', 'defaultLoc', 'location', 'assignedTo', 'requests')->Hardware()->RequestableAssets()->get();
+        $models = AssetModel::with('category', 'requests', 'assets')->RequestableModels()->get();
 
-        return View::make('account/requestable-assets', compact('user', 'assets', 'models'));
+        return view('account/requestable-assets', compact('user', 'assets', 'models'));
     }
 
-    public function getRequestedIndex()
-    {
-        $requestedItems = CheckoutRequest::with('user', 'requestedItem')->get();
-        return View::make('admin/requested-assets', compact('requestedItems'));
-    }
 
 
     public function getRequestItem($itemType, $itemId = null)
@@ -103,16 +97,16 @@ class ViewAssetsController extends Controller
         $logaction->target_id = $data['user_id'] = Auth::user()->id;
         $logaction->target_type = User::class;
 
-        $data['requested_by'] = $user->fullName();
+        $data['requested_by'] = $user->present()->fullName();
         $data['item_name'] = $item->name;
         $data['item_type'] = $itemType;
 
         if ($fullItemType == Asset::class) {
-            $data['item_url'] = route('view/hardware', $item->id);
-            $slackMessage = ' Asset <'.config('app.url').'/hardware/'.$item->id.'/view'.'|'.$item->showAssetName().'> requested by <'.config('app.url').'/users/'.$item->user_id.'/view'.'|'.$user->fullName().'>.';
+            $data['item_url'] = route('hardware.show', $item->id);
+            $slackMessage = ' Asset <'.url('/').'/hardware/'.$item->id.'/view'.'|'.$item->present()->name().'> requested by <'.url('/').'/users/'.$item->user_id.'/view'.'|'.$user->present()->fullName().'>.';
         } else {
             $data['item_url'] = route("view/${itemType}", $item->id);
-            $slackMessage = $quantity. ' ' . class_basename(strtoupper($logaction->item_type)).' <'.$data['item_url'].'|'.$item->name.'> requested by <'.config('app.url').'/user/'.$item->id.'/view'.'|'.$user->fullName().'>.';
+            $slackMessage = $quantity. ' ' . class_basename(strtoupper($logaction->item_type)).' <'.$data['item_url'].'|'.$item->name.'> requested by <'.url('/').'/user/'.$item->id.'/view'.'|'.$user->present()->fullName().'>.';
         }
 
         $settings = Setting::getSettings();
@@ -226,8 +220,8 @@ class ViewAssetsController extends Controller
             $logaction->target_type = User::class;
             $log = $logaction->logaction('requested');
 
-            $data['requested_by'] = $user->fullName();
-            $data['asset_name'] = $asset->showAssetName();
+            $data['requested_by'] = $user->present()->fullName();
+            $data['asset_name'] = $asset->present()->name();
 
             $settings = Setting::getSettings();
 
@@ -259,7 +253,7 @@ class ViewAssetsController extends Controller
                             'fields' => [
                                 [
                                     'title' => 'REQUESTED:',
-                                    'value' => class_basename(strtoupper($logaction->item_type)).' asset <'.config('app.url').'/hardware/'.$asset->id.'/view'.'|'.$asset->showAssetName().'> requested by <'.config('app.url').'/hardware/'.$asset->id.'/view'.'|'.Auth::user()->fullName().'>.'
+                                    'value' => class_basename(strtoupper($logaction->item_type)).' asset <'.url('/').'/hardware/'.$asset->id.'/view'.'|'.$asset->present()->name().'> requested by <'.url('/').'/hardware/'.$asset->id.'/view'.'|'.Auth::user()->present()->fullName().'>.'
                                 ]
 
                             ]
@@ -281,7 +275,7 @@ class ViewAssetsController extends Controller
     {
         $checkoutrequests = CheckoutRequest::all();
 
-        return View::make('account/requested-items', compact($checkoutrequests));
+        return view('account/requested-items', compact($checkoutrequests));
     }
 
 
@@ -290,9 +284,10 @@ class ViewAssetsController extends Controller
     public function getAcceptAsset($logID = null)
     {
 
-        if (!$findlog = Actionlog::where('id', $logID)->first()) {
-            echo 'no record';
-            //return redirect()->to('account')->with('error', trans('admin/hardware/message.does_not_exist'));
+        $findlog = Actionlog::where('id', $logID)->first();
+
+        if (!$findlog) {
+            return redirect()->to('account/view-assets')->with('error', 'No matching record.');
         }
 
         if ($findlog->accepted_id!='') {
@@ -315,7 +310,7 @@ class ViewAssetsController extends Controller
         } elseif (!Company::isCurrentUserHasAccess($item)) {
             return redirect()->route('requestable-assets')->with('error', trans('general.insufficient_permissions'));
         } else {
-            return View::make('account/accept-asset', compact('item'))->with('findlog', $findlog)->with('item',$item);
+            return view('account/accept-asset', compact('item'))->with('findlog', $findlog)->with('item', $item);
         }
     }
 

app/Http/Kernel.php

@@ -14,15 +14,18 @@ class Kernel extends HttpKernel
      * @var array
      */
     protected $middleware = [
-        \MisterPhilip\MaintenanceMode\Http\Middleware\CheckForMaintenanceMode::class,
+        \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
         \Illuminate\Session\Middleware\StartSession::class,
         \Illuminate\View\Middleware\ShareErrorsFromSession::class,
         \App\Http\Middleware\FrameGuard::class,
         \App\Http\Middleware\XssProtectHeader::class,
+        \App\Http\Middleware\ReferrerPolicyHeader::class,
+        \App\Http\Middleware\ContentSecurityPolicyHeader::class,
         \App\Http\Middleware\NosniffGuard::class,
         \App\Http\Middleware\CheckForSetup::class,
         \Fideloper\Proxy\TrustProxies::class,
         \App\Http\Middleware\CheckForDebug::class,
+       // \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
     ];
 
     /**
@@ -37,10 +40,12 @@ class Kernel extends HttpKernel
             \App\Http\Middleware\VerifyCsrfToken::class,
             \App\Http\Middleware\CheckLocale::class,
             \App\Http\Middleware\CheckForTwoFactor::class,
+            \Laravel\Passport\Http\Middleware\CreateFreshApiToken::class,
         ],
 
         'api' => [
             'throttle:60,1',
+            'auth:api',
         ],
     ];
 
@@ -52,9 +57,10 @@ class Kernel extends HttpKernel
      * @var array
      */
     protected $routeMiddleware = [
-        'auth' => \App\Http\Middleware\Authenticate::class,
+        'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
         'authorize' => \App\Http\Middleware\CheckPermissions::class,
         'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
+        'can' => \Illuminate\Auth\Middleware\Authorize::class,
         'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
         'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
     ];

app/Http/Middleware/CheckForDebug.php

@@ -19,7 +19,7 @@ class CheckForDebug
         view()->share('debug_in_production', false);
 
         if (((Auth::check() && (Auth::user()->isSuperUser()))) && (app()->environment()=='production') && (config('app.warn_debug')===true) && (config('app.debug')===true)) {
-          view()->share('debug_in_production', true);
+            view()->share('debug_in_production', true);
         }
 
         return $next($request);

app/Http/Middleware/CheckForSetup.php

@@ -22,14 +22,14 @@ class CheckForSetup
         if (Setting::setupCompleted()) {
 
             if ($request->is('setup*')) {
-                return redirect(config('app.url'));
+                return redirect(url('/'));
             } else {
                 return $next($request);
             }
 
         } else {
             if (!($request->is('setup*')) && !($request->is('.env'))) {
-                return redirect(config('app.url').'/setup')->with('Request', $request);
+                return redirect(url('/').'/setup');
             }
 
             return $next($request);

app/Http/Middleware/ContentSecurityPolicyHeader.php

@@ -0,0 +1,35 @@
+<?php
+namespace App\Http\Middleware;
+
+use Closure;
+
+class ContentSecurityPolicyHeader
+{
+    /**
+     * Handle the given request and get the response.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return \Illuminate\Http\Response
+     */
+    public function handle($request, Closure $next)
+    {
+        if ((config('app.debug')=='true')  || (config('app.enable_csp')!='true')) {
+            $response = $next($request);
+            return $response;
+        }
+
+        $policy[] = "default-src 'self'";
+        $policy[] = "style-src 'self' 'unsafe-inline' oss.maxcdn.com";
+        $policy[] = "script-src 'self' 'unsafe-inline' oss.mafxcdn.com cdnjs.cloudflare.com'";
+        $policy[] = "connect-src 'self'";
+        $policy[] = "object-src 'none'";
+        $policy[] = "font-src 'self' data:";
+        $policy[] = "img-src 'self' data: gravatar.com";
+        $policy = join(';', $policy);
+
+        $response = $next($request);
+        $response->headers->set('Content-Security-Policy', $policy);
+        return $response;
+    }
+}

app/Http/Middleware/ReferrerPolicyHeader.php

@@ -0,0 +1,21 @@
+<?php
+namespace App\Http\Middleware;
+
+use Closure;
+
+class ReferrerPolicyHeader
+{
+    /**
+     * Handle the given request and get the response.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return \Illuminate\Http\Response
+     */
+    public function handle($request, Closure $next)
+    {
+        $response = $next($request);
+        $response->headers->set('Referrer-Policy', config('app.referrer_policy'));
+        return $response;
+    }
+}

app/Http/Middleware/XssProtectHeader.php

@@ -14,8 +14,9 @@ class XssProtectHeader
      */
     public function handle($request, Closure $next)
     {
+        $mode = '1;mode=block';
         $response = $next($request);
-        $response->headers->set('X-XSS-Protection', '1');
+        $response->headers->set('X-XSS-Protection', $mode);
         return $response;
     }
 }

app/Http/Requests/AssetCheckoutRequest.php

@@ -23,8 +23,14 @@ class AssetCheckoutRequest extends Request
      */
     public function rules()
     {
-        return [
-            "assigned_to"   => 'required',
+        $rules = [
+            "assigned_user"         => 'required_without_all:assigned_asset,assigned_location',
+            "assigned_asset"        => 'required_without_all:assigned_user,assigned_location|different:'.$this->id,
+            "assigned_location"     => 'required_without_all:assigned_user,assigned_asset',
+            "checkout_to_type"      => 'required|in:asset,location,user'
         ];
+
+
+        return $rules;
     }
 }

app/Http/Requests/AssetRequest.php

@@ -26,21 +26,26 @@ class AssetRequest extends Request
     public function rules()
     {
         $rules = [
-          'name'            => 'min:2|max:255',
-          'model_id'        => 'required|integer',
-          'status_id'       => 'required|integer',
-          'company_id'      => 'integer',
-          'warranty_months' => 'integer|min:0|max:240',
-          'physical'        => 'integer',
-          'checkout_date'   => 'date',
-          'checkin_date'    => 'date',
-          'supplier_id'     => 'integer',
-          'status'          => 'integer',
-          'asset_tag'       => 'required',
-          'purchase_cost'   => 'numeric',
-    
+            'name'            => 'max:255|nullable',
+            'model_id'        => 'required|integer|exists:models,id',
+            'status_id'       => 'required|integer|exists:status_labels,id',
+            'company_id'      => 'integer|nullable',
+            'warranty_months' => 'numeric|nullable',
+            'physical'        => 'integer|nullable',
+            'checkout_date'   => 'date',
+            'checkin_date'    => 'date',
+            'supplier_id'     => 'integer|nullable',
+            'status'          => 'integer|nullable',
+            'purchase_cost'   => 'numeric|nullable',
+            "assigned_user"   => 'sometimes:required_without_all:assigned_asset,assigned_location',
+            "assigned_asset"   => 'sometimes:required_without_all:assigned_user,assigned_location',
+            "assigned_location"   => 'sometimes:required_without_all:assigned_user,assigned_asset',
         ];
 
+        $settings = \App\Models\Setting::getSettings();
+
+        $rules['asset_tag'] = ($settings->auto_increment_assets == '1') ? 'max:255' : 'required';
+
         $model = AssetModel::find($this->request->get('model_id'));
 
         if (($model) && ($model->fieldset)) {

app/Http/Requests/CustomFieldRequest.php

@@ -0,0 +1,59 @@
+<?php
+
+namespace App\Http\Requests;
+
+use Illuminate\Foundation\Http\FormRequest;
+use Illuminate\Http\Request;
+
+class CustomFieldRequest extends FormRequest
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     *
+     * @return bool
+     */
+    public function authorize()
+    {
+        return true;
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules(Request $request)
+    {
+
+        $rules = [];
+
+        switch($this->method())
+        {
+
+            // Brand new
+            case 'POST':
+            {
+                $rules['name'] = "required|unique:custom_fields";
+                break;
+            }
+
+            // Save all fields
+            case 'PUT':
+                $rules['name'] = "required";
+                break;
+
+            // Save only what's passed
+            case 'PATCH':
+            {
+                $rules['name'] = "required";
+                break;
+            }
+
+            default:break;
+        }
+
+        $rules['custom_format'] = 'valid_regex';
+
+        return  $rules;
+    }
+}

app/Http/Requests/ImageUploadRequest.php

@@ -4,7 +4,7 @@ namespace App\Http\Requests;
 
 use App\Http\Requests\Request;
 
-class UpdateUserRequest extends Request
+class ImageUploadRequest extends Request
 {
     /**
      * Determine if the user is authorized to make this request.
@@ -24,9 +24,13 @@ class UpdateUserRequest extends Request
     public function rules()
     {
         return [
-            'first_name'              => 'required|string|min:1',
-            'email'                   => 'email',
-            'password_confirm'        => 'sometimes|required_with:password',
+            'image' => 'mimes:png,gif,jpg,jpeg,svg|max:2000',
+            'avatar' => 'mimes:png,gif,jpg,jpeg,svg|max:2000',
         ];
     }
+
+    public function response(array $errors)
+    {
+        return $this->redirector->back()->withInput()->withErrors($errors, $this->errorBag);
+    }
 }

app/Http/Requests/ItemImportRequest.php

@@ -0,0 +1,77 @@
+<?php
+
+namespace App\Http\Requests;
+
+use App\Models\Import;
+use Illuminate\Foundation\Http\FormRequest;
+use Illuminate\Support\Facades\Auth;
+
+class ItemImportRequest extends FormRequest
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     *
+     * @return bool
+     */
+    public function authorize()
+    {
+        return true;
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'import-type' => 'required',
+        ];
+    }
+
+    public function import(Import $import)
+    {
+        ini_set('max_execution_time', 600); //600 seconds = 10 minutes
+        ini_set('memory_limit', '500M');
+        $filename = config('app.private_uploads') . '/imports/' . $import->file_path;
+        $import->import_type = $this->input('import-type');
+        $class = title_case($import->import_type);
+        $classString = "App\\Importer\\{$class}Importer";
+        $importer = new $classString($filename);
+        $import->field_map  = request('column-mappings');
+        $import->save();
+        $fieldMappings=[];
+        if ($import->field_map) {
+            // We submit as csv field: column, but the importer is happier if we flip it here.
+            $fieldMappings = array_change_key_case(array_flip($import->field_map), CASE_LOWER);
+                        // dd($fieldMappings);
+        }
+        $importer->setCallbacks([$this, 'log'], [$this, 'progress'], [$this, 'errorCallback'])
+                 ->setUserId(Auth::id())
+                 ->setUpdating($this->has('import-update'))
+                 ->setUsernameFormat('firstname.lastname')
+                 ->setFieldMappings($fieldMappings);
+        // $logFile = storage_path('logs/importer.log');
+        // \Log::useFiles($logFile);
+        $importer->import();
+        return $this->errors;
+    }
+
+    public function log($string)
+    {
+        // \Log::Info($string);
+    }
+
+    public function progress($count)
+    {
+        // Open for future
+        return;
+    }
+    public function errorCallback($item, $field, $errorString)
+    {
+        $this->errors[$item->name][$field] = $errorString;
+    }
+
+    private $errors;
+}