Merge branch 'develop'

Re: https://stackoverflow.com/a/45029309/200021
via @robertpearce

.all-contributorsrc

@@ -755,6 +755,51 @@
       "contributions": [
         "code"
       ]
+    },
+    {
+      "login": "imjennyli",
+      "name": "Jenny Li",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/404729?v=4",
+      "profile": "https://github.com/imjennyli",
+      "contributions": [
+        "doc"
+      ]
+    },
+    {
+      "login": "GeoffYoung",
+      "name": "Geoff Young",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/869227?v=4",
+      "profile": "https://github.com/GeoffYoung",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "BlueHatbRit",
+      "name": "Elliot Blackburn",
+      "avatar_url": "https://avatars3.githubusercontent.com/u/1068477?v=4",
+      "profile": "http://www.elliotblackburn.com",
+      "contributions": [
+        "doc"
+      ]
+    },
+    {
+      "login": "TonisOrmisson",
+      "name": "Tõnis Ormisson",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/6357451?v=4",
+      "profile": "http://andmemasin.eu",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "thakilla",
+      "name": "Nicolai Essig",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/449411?v=4",
+      "profile": "http://www.nicolai-essig.de",
+      "contributions": [
+        "code"
+      ]
     }
   ]
 }

.env.example

@@ -8,7 +8,6 @@ APP_URL=null
 APP_TIMEZONE='UTC'
 APP_LOCALE=en
 
-
 # --------------------------------------------
 # REQUIRED: DATABASE SETTINGS
 # --------------------------------------------
@@ -31,7 +30,6 @@ DB_SSL_CERT_PATH=null
 DB_SSL_CA_PATH=null
 DB_SSL_CIPHER=null
 
-
 # --------------------------------------------
 # REQUIRED: OUTGOING MAIL SERVER SETTINGS
 # --------------------------------------------
@@ -46,14 +44,12 @@ MAIL_FROM_NAME='Snipe-IT'
 MAIL_REPLYTO_ADDR=you@example.com
 MAIL_REPLYTO_NAME='Snipe-IT'
 
-
 # --------------------------------------------
 # REQUIRED: IMAGE LIBRARY
 # This should be gd or imagick
 # --------------------------------------------
 IMAGE_LIB=gd
 
-
 # --------------------------------------------
 # OPTIONAL: SESSION SETTINGS
 # --------------------------------------------
@@ -63,8 +59,12 @@ ENCRYPT=false
 COOKIE_NAME=snipeit_session
 COOKIE_DOMAIN=null
 SECURE_COOKIES=false
-REFERRER_POLICY=strict-origin
 
+# --------------------------------------------
+# OPTIONAL: SECURITY HEADER SETTINGS
+# --------------------------------------------
+REFERRER_POLICY=same-origin
+ENABLE_CSP=false
 
 # --------------------------------------------
 # OPTIONAL: CACHE SETTINGS
@@ -73,6 +73,12 @@ CACHE_DRIVER=file
 SESSION_DRIVER=file
 QUEUE_DRIVER=sync
 
+# --------------------------------------------
+# OPTIONAL: REDIS SETTINGS
+# --------------------------------------------
+REDIS_HOST=null
+REDIS_PASSWORD=null
+REDIS_PORT-null
 
 # --------------------------------------------
 # OPTIONAL: AWS S3 SETTINGS
@@ -91,7 +97,8 @@ LOGIN_LOCKOUT_DURATION=60
 # --------------------------------------------
 # OPTIONAL: MISC
 # --------------------------------------------
-APP_LOG=single
+APP_LOG=daily
+APP_LOG_MAX_FILES=10
 APP_LOCKED=false
 FILESYSTEM_DISK=local
 APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1

.github/ISSUE_TEMPLATE.md

@@ -12,20 +12,27 @@
 
 #### Please confirm you have done the following before posting your bug report:
 
-- [ ] I have enabled debug mode
+- [ ] I have enabled debug mode 
 - [ ] I have read [checked the Common Issues page](https://snipe-it.readme.io/docs/common-issues)
 
 -----
-#### Please provide answers to these questions before posting your bug report:
+#### Provide answers to these questions:
 
+- Is this a fresh install or an upgrade? 
 - Version of Snipe-IT you're running
+- Version of PHP you're running
+- Version of MySQL/MariaDB you're running
 - What OS and web server you're running Snipe-IT on
 - What method you used to install Snipe-IT (install.sh, manual installation, docker, etc)
 - WITH DEBUG TURNED ON, if you're getting an error in your browser, include that error
 - What specific Snipe-IT page you're on, and what specific element you're interacting with to trigger the error
 - If a stacktrace is provided in the error, include that too.
 - Any errors that appear in your browser's error console.
-- Confirm whether the error is [reproduceable on the demo](https://snipeitapp.com/demo).
+- Confirm whether the error is reproduceable on the demo: https://snipeitapp.com/demo.
 - Include any additional information you can find in `app/storage/logs` and your webserver's logs.
 - Include what you've done so far in the installation, and if you got any error messages along the way.
 - Indicate whether or not you've manually edited any data directly in the database
+
+Please do not post an issue without answering the related questions above. If you have opened a different issue and already answered these questions, answer them again, once for every ticket. It will be next to impossible for us to help you.
+
+https://snipe-it.readme.io/docs/getting-help

.gitignore

@@ -27,6 +27,7 @@ public/uploads/logo.png
 public/uploads/logo.svg
 public/uploads/models/*
 public/uploads/suppliers/*
+public/uploads/accessories/*
 public/uploads/users/*
 storage/app/private_uploads/users/*
 storage/debugbar/

.travis.yml

@@ -43,7 +43,7 @@ before_script:
 # use the $DB env variable to determine the phpunit.xml to use
 # script: ./vendor/bin/codecept run --env testing-ci
 script:
-  - ./vendor/bin/codecept run unit --env testing-ci
+  - ./vendor/bin/codecept run unit
 #  - ./vendor/bin/codecept run acceptance --env=testing-ci
   - ./vendor/bin/codecept run functional --env=functional-travis
 #script: ./vendor/bin/codecept run

CODE_OF_CONDUCT.md

@@ -55,7 +55,7 @@ further defined and clarified by project maintainers.
 ## Enforcement
 
 Instances of abusive, harassing, or otherwise unacceptable behavior may be
-reported by contacting the project team at [INSERT EMAIL ADDRESS]. All
+reported by contacting the project team at abuse@snipeitapp.com. All
 complaints will be reviewed and investigated and will result in a response that
 is deemed necessary and appropriate to the circumstances. The project team is
 obligated to maintain confidentiality with regard to the reporter of an incident.

CONTRIBUTING.md

@@ -1,6 +1,6 @@
 ### Contributing
 
-Please see the documentation on [contributing and developing for Snipe-IT](https://snipe-it.readme.io/docs/contributing).
+Please see the documentation on [contributing and developing for Snipe-IT](https://snipe-it.readme.io/docs/contributing-overview).
 
 
 Please note that this project is released with a [Contributor Code of Conduct](CODE_OF_CONDUCT.md). By participating in this project you agree to abide by its terms.

README.md

@@ -1,5 +1,5 @@
-[![Build Status](https://travis-ci.org/snipe/snipe-it.svg?branch=develop)](https://travis-ci.org/snipe/snipe-it) [![Stories in Ready](https://badge.waffle.io/snipe/snipe-it.png?label=ready+for+dev&title=Ready+for+development)](http://waffle.io/snipe/snipe-it) [![Maintenance](https://img.shields.io/maintenance/yes/2017.svg)]() [![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.png)](https://crowdin.com/project/snipe-it) [![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/snipe/snipe-it?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeyhead.svg?style=social)](https://twitter.com/snipeyhead) [![Zenhub](https://raw.githubusercontent.com/ZenHubIO/support/master/zenhub-badge.png)](https://zenhub.io) [![Codacy Badge](https://api.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://www.codacy.com/app/snipe/snipe-it?utm_source=github.com&utm_medium=referral&utm_content=snipe/snipe-it&utm_campaign=Badge_Grade)
-[![All Contributors](https://img.shields.io/badge/all_contributors-81-orange.svg?style=flat-square)](#contributors)
+[![Build Status](https://travis-ci.org/snipe/snipe-it.svg?branch=develop)](https://travis-ci.org/snipe/snipe-it) [![Stories in Ready](https://badge.waffle.io/snipe/snipe-it.png?label=ready+for+dev&title=Ready+for+development)](http://waffle.io/snipe/snipe-it) [![Maintenance](https://img.shields.io/maintenance/yes/2017.svg)]() [![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.svg)](https://crowdin.com/project/snipe-it) [![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/snipe/snipe-it?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeyhead.svg?style=social)](https://twitter.com/snipeyhead) [![Zenhub](https://img.shields.io/badge/Shipping_faster_with-ZenHub-5e60ba.svg)](https://zenhub.io) [![Codacy Badge](https://api.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://www.codacy.com/app/snipe/snipe-it?utm_source=github.com&utm_medium=referral&utm_content=snipe/snipe-it&utm_campaign=Badge_Grade)
+[![All Contributors](https://img.shields.io/badge/all_contributors-86-orange.svg?style=flat-square)](#contributors)
 
 
 ## Snipe-IT - Open Source Asset Management System
@@ -67,7 +67,8 @@ Thanks goes to all of these wonderful people ([emoji key](https://github.com/ken
 | [<img src="https://avatars0.githubusercontent.com/u/8341172?v=3" width="110px;"/><br /><sub>Jay Richards</sub>](http://www.cordeos.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=technogenus "Code") | [<img src="https://avatars2.githubusercontent.com/u/7295127?v=3" width="110px;"/><br /><sub>Alexander Innes</sub>](https://necurity.co.uk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=leostat "Code") | [<img src="https://avatars2.githubusercontent.com/u/334485?v=3" width="110px;"/><br /><sub>Danny Garcia</sub>](https://buzzedword.codes)<br />[💻](https://github.com/snipe/snipe-it/commits?author=buzzedword "Code") | [<img src="https://avatars2.githubusercontent.com/u/366855?v=3" width="110px;"/><br /><sub>archpoint</sub>](https://github.com/archpoint)<br />[💻](https://github.com/snipe/snipe-it/commits?author=archpoint "Code") | [<img src="https://avatars1.githubusercontent.com/u/67991?v=3" width="110px;"/><br /><sub>Jake McGraw</sub>](http://www.jakemcgraw.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jakemcgraw "Code") | [<img src="https://avatars1.githubusercontent.com/u/1714374?v=3" width="110px;"/><br /><sub>FleischKarussel</sub>](https://github.com/FleischKarussel)<br />[📖](https://github.com/snipe/snipe-it/commits?author=FleischKarussel "Documentation") | [<img src="https://avatars3.githubusercontent.com/u/319644?v=3" width="110px;"/><br /><sub>Dylan Yi</sub>](https://github.com/feeva)<br />[💻](https://github.com/snipe/snipe-it/commits?author=feeva "Code") |
 | [<img src="https://avatars2.githubusercontent.com/u/857740?v=3" width="110px;"/><br /><sub>Gil Rutkowski</sub>](http://FlashingCursor.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=flashingcursor "Code") | [<img src="https://avatars3.githubusercontent.com/u/129360?v=3" width="110px;"/><br /><sub>Desmond Morris</sub>](http://www.desmondmorris.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=desmondmorris "Code") | [<img src="https://avatars2.githubusercontent.com/u/52936?v=3" width="110px;"/><br /><sub>Nick Peelman</sub>](http://peelman.us)<br />[💻](https://github.com/snipe/snipe-it/commits?author=peelman "Code") | [<img src="https://avatars0.githubusercontent.com/u/53161?v=3" width="110px;"/><br /><sub>Abraham Vegh</sub>](https://abrahamvegh.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=abrahamvegh "Code") | [<img src="https://avatars0.githubusercontent.com/u/2818680?v=3" width="110px;"/><br /><sub>Mohamed Rashid</sub>](https://github.com/rashivkp)<br />[📖](https://github.com/snipe/snipe-it/commits?author=rashivkp "Documentation") | [<img src="https://avatars3.githubusercontent.com/u/1509456?v=3" width="110px;"/><br /><sub>Kasey</sub>](http://hinchk.github.io)<br />[💻](https://github.com/snipe/snipe-it/commits?author=HinchK "Code") | [<img src="https://avatars2.githubusercontent.com/u/10522541?v=3" width="110px;"/><br /><sub>Brett</sub>](https://github.com/BrettFagerlund)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=BrettFagerlund "Tests") |
 | [<img src="https://avatars2.githubusercontent.com/u/16108587?v=3" width="110px;"/><br /><sub>Jason Spriggs</sub>](http://jasonspriggs.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jasonspriggs "Code") | [<img src="https://avatars2.githubusercontent.com/u/1134568?v=3" width="110px;"/><br /><sub>Nate Felton</sub>](http://n8felton.wordpress.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=n8felton "Code") | [<img src="https://avatars2.githubusercontent.com/u/14036694?v=3" width="110px;"/><br /><sub>Manasses Ferreira</sub>](http://homepages.dcc.ufmg.br/~manassesferreira)<br />[💻](https://github.com/snipe/snipe-it/commits?author=manassesferreira "Code") | [<img src="https://avatars0.githubusercontent.com/u/15913949?v=3" width="110px;"/><br /><sub>Steve</sub>](https://github.com/steveelwood)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=steveelwood "Tests") | [<img src="https://avatars1.githubusercontent.com/u/3361683?v=3" width="110px;"/><br /><sub>matc</sub>](http://twitter.com/matc)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=matc "Tests") | [<img src="https://avatars3.githubusercontent.com/u/7405702?v=3" width="110px;"/><br /><sub>Cole R. Davis</sub>](http://www.davisracingteam.com)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=VanillaNinjaD "Tests") | [<img src="https://avatars2.githubusercontent.com/u/10167681?v=3" width="110px;"/><br /><sub>gibsonjoshua55</sub>](https://github.com/gibsonjoshua55)<br />[💻](https://github.com/snipe/snipe-it/commits?author=gibsonjoshua55 "Code") |
-| [<img src="https://avatars2.githubusercontent.com/u/2809241?v=4" width="110px;"/><br /><sub>Robin Temme</sub>](https://github.com/zwerch)<br />[💻](https://github.com/snipe/snipe-it/commits?author=zwerch "Code") | [<img src="https://avatars0.githubusercontent.com/u/6961695?v=4" width="110px;"/><br /><sub>Iman</sub>](https://github.com/imanghafoori1)<br />[💻](https://github.com/snipe/snipe-it/commits?author=imanghafoori1 "Code") | [<img src="https://avatars1.githubusercontent.com/u/6551003?v=4" width="110px;"/><br /><sub>Richard Hofman</sub>](https://github.com/richardhofman6)<br />[💻](https://github.com/snipe/snipe-it/commits?author=richardhofman6 "Code") | [<img src="https://avatars0.githubusercontent.com/u/3697569?v=4" width="110px;"/><br /><sub>gizzmojr</sub>](https://github.com/gizzmojr)<br />[💻](https://github.com/snipe/snipe-it/commits?author=gizzmojr "Code") |
+| [<img src="https://avatars2.githubusercontent.com/u/2809241?v=4" width="110px;"/><br /><sub>Robin Temme</sub>](https://github.com/zwerch)<br />[💻](https://github.com/snipe/snipe-it/commits?author=zwerch "Code") | [<img src="https://avatars0.githubusercontent.com/u/6961695?v=4" width="110px;"/><br /><sub>Iman</sub>](https://github.com/imanghafoori1)<br />[💻](https://github.com/snipe/snipe-it/commits?author=imanghafoori1 "Code") | [<img src="https://avatars1.githubusercontent.com/u/6551003?v=4" width="110px;"/><br /><sub>Richard Hofman</sub>](https://github.com/richardhofman6)<br />[💻](https://github.com/snipe/snipe-it/commits?author=richardhofman6 "Code") | [<img src="https://avatars0.githubusercontent.com/u/3697569?v=4" width="110px;"/><br /><sub>gizzmojr</sub>](https://github.com/gizzmojr)<br />[💻](https://github.com/snipe/snipe-it/commits?author=gizzmojr "Code") | [<img src="https://avatars3.githubusercontent.com/u/404729?v=4" width="110px;"/><br /><sub>Jenny Li</sub>](https://github.com/imjennyli)<br />[📖](https://github.com/snipe/snipe-it/commits?author=imjennyli "Documentation") | [<img src="https://avatars0.githubusercontent.com/u/869227?v=4" width="110px;"/><br /><sub>Geoff Young</sub>](https://github.com/GeoffYoung)<br />[💻](https://github.com/snipe/snipe-it/commits?author=GeoffYoung "Code") | [<img src="https://avatars3.githubusercontent.com/u/1068477?v=4" width="110px;"/><br /><sub>Elliot Blackburn</sub>](http://www.elliotblackburn.com)<br />[📖](https://github.com/snipe/snipe-it/commits?author=BlueHatbRit "Documentation") |
+| [<img src="https://avatars1.githubusercontent.com/u/6357451?v=4" width="110px;"/><br /><sub>Tõnis Ormisson</sub>](http://andmemasin.eu)<br />[💻](https://github.com/snipe/snipe-it/commits?author=TonisOrmisson "Code") | [<img src="https://avatars0.githubusercontent.com/u/449411?v=4" width="110px;"/><br /><sub>Nicolai Essig</sub>](http://www.nicolai-essig.de)<br />[💻](https://github.com/snipe/snipe-it/commits?author=thakilla "Code") |
 <!-- ALL-CONTRIBUTORS-LIST:END -->
 
 This project follows the [all-contributors](https://github.com/kentcdodds/all-contributors) specification. Contributions of any kind welcome!

app/Console/Commands/LdapSync.php

@@ -16,7 +16,7 @@ class LdapSync extends Command
      *
      * @var string
      */
-    protected $signature = 'snipeit:ldap-sync {--location=} {--location_id=} {--summary}';
+    protected $signature = 'snipeit:ldap-sync {--location=} {--location_id=} {--summary} {--json_summary}';
 
     /**
      * The console command description.
@@ -55,27 +55,35 @@ class LdapSync extends Command
 
         try {
             $ldapconn = Ldap::connectToLdap();
-        } catch (\Exception $e) {
-            LOG::error($e);
-        }
-
-        try {
             Ldap::bindAdminToLdap($ldapconn);
         } catch (\Exception $e) {
+            if ($this->option('json_summary')) {
+                $json_summary = [ "error" => true, "error_message" => $e->getMessage(), "summary" => [] ];
+                $this->info(json_encode($json_summary));
+            }
             LOG::error($e);
+            return [];
         }
 
         $summary = array();
 
         $results = Ldap::findLdapUsers();
 
-        $ldap_ou_locations = Location::whereNotNull('ldap_ou')->get();
-
+        // Retrieve locations with a mapped OU, and sort them from the shallowest to deepest OU (see #3993)
+        $ldap_ou_locations = Location::where('ldap_ou', '!=', '')->get()->toArray();
+        $ldap_ou_lengths = array();
+        
+        foreach ($ldap_ou_locations as $location) {
+            $ldap_ou_lengths[] = strlen($location["ldap_ou"]);
+        }
+        
+        array_multisort($ldap_ou_lengths, SORT_ASC, $ldap_ou_locations);
+        
         if (sizeof($ldap_ou_locations) > 0) {
             LOG::debug('Some locations have special OUs set. Locations will be automatically set for users in those OUs.');
         }
 
-        $results = Ldap::findLdapUsers();
+        // Inject location information fields
         for ($i = 0; $i < $results["count"]; $i++) {
             $results[$i]["ldap_location_override"] = false;
             $results[$i]["location_id"] = 0;
@@ -90,8 +98,8 @@ class LdapSync extends Command
             LOG::debug('Location ID '.$this->option('location_id').' passed');
             LOG::debug('Importing to '.$location->name.' ('.$location->id.')');
         } else {
-	    $location = NULL;
-	}
+	        $location = NULL;
+	    }
 
         if (!isset($location)) {
             LOG::debug('That location is invalid or a location was not provided, so no location will be assigned by default.');
@@ -99,11 +107,11 @@ class LdapSync extends Command
 
         // Grab subsets based on location-specific DNs, and overwrite location for these users.
         foreach ($ldap_ou_locations as $ldap_loc) {
-            $location_users = Ldap::findLdapUsers($ldap_loc->ldap_ou);
+            $location_users = Ldap::findLdapUsers($ldap_loc["ldap_ou"]);
             $usernames = array();
             for ($i = 0; $i < $location_users["count"]; $i++) {
                 $location_users[$i]["ldap_location_override"] = true;
-                $location_users[$i]["location_id"] = $ldap_loc->id;
+                $location_users[$i]["location_id"] = $ldap_loc["id"];
                 $usernames[] = $location_users[$i][$ldap_result_username][0];
             }
 
@@ -135,6 +143,14 @@ class LdapSync extends Command
                 $item["ldap_location_override"] = isset($results[$i]["ldap_location_override"]) ? $results[$i]["ldap_location_override"]:"";
                 $item["location_id"] = isset($results[$i]["location_id"]) ? $results[$i]["location_id"]:"";
 
+                if ( array_key_exists('useraccountcontrol', $results[$i]) ) {
+                    $enabled_accounts = [
+                        '512', '544', '66048', '66080', '262656', '262688', '328192', '328224'
+                    ];
+                    $item['activated'] = ( in_array($results[$i]['useraccountcontrol'][0], $enabled_accounts) ) ? 1 : 0;
+                } else {
+                    $item['activated'] = 0;
+                }
 
                 // User exists
                 $item["createorupdate"] = 'updated';
@@ -145,14 +161,12 @@ class LdapSync extends Command
                 }
 
                 // Create the user if they don't exist.
-
-
                 $user->first_name = e($item["firstname"]);
                 $user->last_name = e($item["lastname"]);
                 $user->username = e($item["username"]);
                 $user->email = e($item["email"]);
                 $user->employee_num = e($item["employee_number"]);
-                $user->activated = 1;
+                $user->activated = $item['activated'];
 
                 if ($item['ldap_location_override'] == true) {
                     $user->location_id = $item['location_id'];
@@ -188,13 +202,12 @@ class LdapSync extends Command
                 } else {
                     $this->info('User '.$summary[$x]['firstname'].' '.$summary[$x]['lastname'].' (username:  '.$summary[$x]['username'].' was '.strtoupper($summary[$x]['createorupdate']).'.');
                 }
-
             }
+        } else if ($this->option('json_summary')) {
+            $json_summary = [ "error" => false, "error_message" => "", "summary" => $summary ];
+            $this->info(json_encode($json_summary));
         } else {
             return $summary;
         }
-
-
-
     }
 }

app/Console/Commands/ObjectImportCommand.php

@@ -78,12 +78,7 @@ class ObjectImportCommand extends Command
 
         $logFile = $this->option('logfile');
         \Log::useFiles($logFile);
-        if ($this->option('testrun')) {
-            $this->comment('====== TEST ONLY Item Import for '.$filename.' ====');
-            $this->comment('============== NO DATA WILL BE WRITTEN ==============');
-        } else {
-            $this->comment('======= Importing Items from '.$filename.' =========');
-        }
+        $this->comment('======= Importing Items from '.$filename.' =========');
         $importer->import();
 
         $this->bar = null;

app/Console/Commands/RecryptFromMcrypt.php

@@ -16,7 +16,8 @@ class RecryptFromMcrypt extends Command
      *
      * @var string
      */
-    protected $signature = 'snipeit:legacy-recrypt';
+    protected $signature = 'snipeit:legacy-recrypt 
+                {--force : Force a re-crypt of encrypted data from MCRYPT.}';
 
     /**
      * The console command description.
@@ -48,6 +49,7 @@ class RecryptFromMcrypt extends Command
         // If not, we can try to use the current APP_KEY if looks like it's old
         $legacy_key = env('LEGACY_APP_KEY');
         $key_parts = explode(':', $legacy_key);
+        $legacy_cipher = env('LEGACY_CIPHER');
         $errors = array();
 
         if (!$legacy_key) {
@@ -60,6 +62,7 @@ class RecryptFromMcrypt extends Command
         if (strlen($legacy_key) == 32) {
             $legacy_length_check = true;
         } elseif (array_key_exists('1', $key_parts) && (strlen($key_parts[1])==44)) {
+            $legacy_key = base64_decode($key_parts[1],true);
             $legacy_length_check = true;
         } else {
             $legacy_length_check = false;
@@ -79,7 +82,9 @@ class RecryptFromMcrypt extends Command
         $this->error('================================!!!! WARNING !!!!================================');
         $this->comment("This tool will attempt to decrypt your old Snipe-IT (mcrypt, now deprecated) encrypted data and re-encrypt it using OpenSSL. \n\nYou should only continue if you have backed up any and all old APP_KEYs and have backed up your data.");
 
-        if ($this->confirm("Are you SURE you wish to continue?")) {
+        $force = ($this->option('force')) ? true : false;
+
+        if ($force || ($this->confirm("Are you SURE you wish to continue?"))) {
 
             $backup_file = 'backups/env-backups/'.'app_key-'.date('Y-m-d-gis');
 
@@ -91,13 +96,21 @@ class RecryptFromMcrypt extends Command
             }
 
 
-            $mcrypter = new McryptEncrypter($legacy_key);
+            if ($legacy_cipher){
+                $mcrypter = new McryptEncrypter($legacy_key,$legacy_cipher);
+            }else{
+                $mcrypter = new McryptEncrypter($legacy_key);
+            }
             $settings = Setting::getSettings();
 
-            if ($settings->ldap_password=='') {
+            if ($settings->ldap_pword=='') {
                 $this->comment('INFO: No LDAP password found. Skipping... ');
+            } else {
+                $decrypted_ldap_pword = $mcrypter->decrypt($settings->ldap_pword);
+                $settings->ldap_pword = \Crypt::encrypt($decrypted_ldap_pword);
+                $settings->save();
             }
-
+            /** @var CustomField[] $custom_fields */
             $custom_fields = CustomField::where('field_encrypted','=', 1)->get();
             $this->comment('INFO: Retrieving encrypted custom fields...');
 
@@ -110,32 +123,22 @@ class RecryptFromMcrypt extends Command
 
 
             // Get all assets with a value in any of the fields that were encrypted
+            /** @var Asset[] $assets */
             $assets = $query->get();
 
             $bar = $this->output->createProgressBar(count($assets));
 
-            foreach ($custom_fields as $encrypted_field) {
-
-                // Try to decrypt the payload using the legacy app key
-                try {
-                    $decrypted_field = $mcrypter->decrypt($encrypted_field);
-                    $this->comment($decrypted_field);
-                } catch (\Exception $e) {
-                    $errors[] = ' - ERROR: Could not decrypt field ['.$encrypted_field->name.']: '.$e->getMessage();
-                }
-                $bar->advance();
-            }
-
 
             foreach ($assets as $asset) {
                 foreach ($custom_fields as $encrypted_field) {
+                    $columnName = $encrypted_field->db_column;
 
                     // Make sure the value isn't null
-                    if ($asset->{$encrypted_field}!='') {
+                    if ($asset->{$columnName}!='') {
                         // Try to decrypt the payload using the legacy app key
                         try {
-                            $decrypted_field = $mcrypter->decrypt($asset->{$encrypted_field});
-                            $asset->{$encrypted_field} = \Crypt::encrypt($decrypted_field);
+                            $decrypted_field = $mcrypter->decrypt($asset->{$columnName});
+                            $asset->{$columnName} = \Crypt::encrypt($decrypted_field);
                             $this->comment($decrypted_field);
                         } catch (\Exception $e) {
                             $errors[] = ' - ERROR: Could not decrypt field ['.$encrypted_field->name.']: '.$e->getMessage();

app/Console/Commands/ResetDemoSettings.php

@@ -0,0 +1,75 @@
+<?php
+
+namespace App\Console\Commands;
+
+
+use Illuminate\Console\Command;
+use App\Models\Setting;
+use App\Models\User;
+
+class ResetDemoSettings extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:demo-settings';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This will reset the Snipe-IT demo settings back to default. ';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+        $this->info('Resetting the demo settings.');
+        $settings = Setting::first();
+        $settings->per_page = 20;
+        $settings->site_name = 'Snipe-IT Asset Management Demo';
+        $settings->auto_increment_assets = 1;
+        $settings->logo = 'snipe-logo.png';
+        $settings->alert_email = 'service@snipe-it.io';
+        $settings->header_color = null;
+        $settings->barcode_type = 'QRCODE';
+        $settings->default_currency = 'USD';
+        $settings->brand = 3;
+        $settings->ldap_enabled = 0;
+        $settings->full_multiple_companies_support = 1;
+        $settings->alt_barcode = 'C128';
+        $settings->email_domain = 'snipeitapp.com';
+        $settings->email_format = 'filastname';
+        $settings->username_format = 'filastname';
+        $settings->date_display_format = 'D M d, Y';
+        $settings->time_display_format = 'g:iA';
+        $settings->thumbnail_max_h = '30';
+        $settings->locale = 'en';
+        $settings->save();
+
+        if ($user = User::where('username', '=', 'admin')->first()) {
+            $user->locale = 'en';
+            $user->save();
+        }
+
+        
+    }
+
+}

app/Console/Kernel.php

@@ -25,7 +25,8 @@ class Kernel extends ConsoleKernel
         Commands\Purge::class,
         Commands\LdapSync::class,
         Commands\FixDoubleEscape::class,
-        Commands\RecryptFromMcrypt::class
+        Commands\RecryptFromMcrypt::class,
+        Commands\ResetDemoSettings::class
     ];
 
     /**
@@ -39,7 +40,7 @@ class Kernel extends ConsoleKernel
 
         $schedule->command('snipeit:inventory-alerts')->daily();
         $schedule->command('snipeit:expiring-alerts')->daily();
-        $schedule->command('snipeit:expected-checkins')->daily();
+        $schedule->command('snipeit:expected-checkin')->daily();
         $schedule->command('snipeit:backup')->weekly();
         $schedule->command('backup:clean')->daily();
     }

app/Exceptions/CheckoutNotAllowed.php

@@ -7,6 +7,6 @@ class CheckoutNotAllowed extends Exception
 {
     public function __toString()
     {
-        "A checkout is not allowed under these circumstances";
+       return "A checkout is not allowed under these circumstances";
     }
 }

app/Exceptions/Handler.php

@@ -7,6 +7,7 @@ use Illuminate\Auth\AuthenticationException;
 use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
 use App\Helpers\Helper;
 use Illuminate\Validation\ValidationException;
+use Log;
 
 class Handler extends ExceptionHandler
 {
@@ -34,7 +35,10 @@ class Handler extends ExceptionHandler
      */
     public function report(Exception $exception)
     {
-        parent::report($exception);
+        if ($this->shouldReport($exception)) {
+            Log::error($exception);
+            return parent::report($exception);
+        }
     }
 
     /**

app/Http/Controllers/AccessoriesController.php

@@ -18,6 +18,8 @@ use Illuminate\Http\Request;
 use Slack;
 use Str;
 use View;
+use Image;
+use App\Http\Requests\ImageUploadRequest;
 
 /** This controller handles all actions related to Accessories for
  * the Snipe-IT Asset Management application.
@@ -57,6 +59,7 @@ class AccessoriesController extends Controller
           ->with('item', new Accessory)
           ->with('category_list', Helper::categoryList('accessory'))
           ->with('company_list', Helper::companyList())
+          ->with('supplier_list', Helper::suppliersList())
           ->with('location_list', Helper::locationsList())
           ->with('manufacturer_list', Helper::manufacturerList());
     }
@@ -68,7 +71,7 @@ class AccessoriesController extends Controller
    * @author [A. Gianotto] [<snipe@snipe.net>]
    * @return Redirect
    */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
     {
         $this->authorize(Accessory::class);
         // create a new model instance
@@ -87,6 +90,28 @@ class AccessoriesController extends Controller
         $accessory->purchase_cost           = Helper::ParseFloat(request('purchase_cost'));
         $accessory->qty                     = request('qty');
         $accessory->user_id                 = Auth::user()->id;
+        $accessory->supplier_id             = request('supplier_id');
+
+        if ($request->hasFile('image')) {
+
+            if (!config('app.lock_passwords')) {
+                $image = $request->file('image');
+                $ext = $image->getClientOriginalExtension();
+                $file_name = "accessory-".str_random(18).'.'.$ext;
+                $path = public_path('/uploads/accessories');
+                if ($image->getClientOriginalExtension()!='svg') {
+                    Image::make($image->getRealPath())->resize(null, 250, function ($constraint) {
+                        $constraint->aspectRatio();
+                        $constraint->upsize();
+                    })->save($path.'/'.$file_name);
+                } else {
+                    $image->move($path, $file_name);
+                }
+                $accessory->image = $file_name;
+            }
+        }
+
+
 
         // Was the accessory created?
         if ($accessory->save()) {
@@ -116,6 +141,7 @@ class AccessoriesController extends Controller
           ->with('category_list', Helper::categoryList('accessory'))
           ->with('company_list', Helper::companyList())
           ->with('location_list', Helper::locationsList())
+          ->with('supplier_list', Helper::suppliersList())
           ->with('manufacturer_list', Helper::manufacturerList());
     }
 
@@ -127,7 +153,7 @@ class AccessoriesController extends Controller
    * @param  int  $accessoryId
    * @return Redirect
    */
-    public function update(Request $request, $accessoryId = null)
+    public function update(ImageUploadRequest $request, $accessoryId = null)
     {
         if (is_null($accessory = Accessory::find($accessoryId))) {
             return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist'));
@@ -144,11 +170,38 @@ class AccessoriesController extends Controller
         $accessory->manufacturer_id         = request('manufacturer_id');
         $accessory->order_number            = request('order_number');
         $accessory->model_number            = request('model_number');
-        $accessory->purchase_date       = request('purchase_date');
-        $accessory->purchase_cost       = request('purchase_cost');
+        $accessory->purchase_date           = request('purchase_date');
+        $accessory->purchase_cost           = request('purchase_cost');
         $accessory->qty                     = request('qty');
+        $accessory->supplier_id             = request('supplier_id');
 
-      // Was the accessory updated?
+        if ($request->hasFile('image')) {
+            
+            if (!config('app.lock_passwords')) {
+                
+                
+                $image = $request->file('image');
+                $ext = $image->getClientOriginalExtension();
+                $file_name = "accessory-".str_random(18).'.'.$ext;
+                $path = public_path('/uploads/accessories');
+                if ($image->getClientOriginalExtension()!='svg') {
+                    Image::make($image->getRealPath())->resize(null, 250, function ($constraint) {
+                        $constraint->aspectRatio();
+                        $constraint->upsize();
+                    })->save($path.'/'.$file_name);
+                } else {
+                    $image->move($path, $file_name);
+                }
+                if (($accessory->image) && (file_exists($path.'/'.$accessory->image))) {
+                    unlink($path.'/'.$accessory->image);
+                }
+
+                $accessory->image = $file_name;
+            }
+        }
+
+
+        // Was the accessory updated?
         if ($accessory->save()) {
             return redirect()->route('accessories.index')->with('success', trans('admin/accessories/message.update.success'));
         }
@@ -197,11 +250,7 @@ class AccessoriesController extends Controller
         if (isset($accessory->id)) {
             return view('accessories/view', compact('accessory'));
         }
-        // Prepare the error message
-        $error = trans('admin/accessories/message.does_not_exist', compact('id'));
-
-        // Redirect to the user management page
-        return redirect()->route('accessories')->with('error', $error);
+        return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist', compact('id')));
     }
 
   /**
@@ -369,143 +418,5 @@ class AccessoriesController extends Controller
         return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.checkin.error'));
     }
 
-    /**
-     * Generates the JSON response for accessories listing view.
-     *
-     * Example:
-     * {
-     *  "actions": "(links to available actions)",
-     *  "category": "(link to category)",
-     *  "company": "My Company",
-     *  "location":  "My Location",
-     *  "min_amt": 2,
-     *  "name":  "(link to accessory),
-     *  "numRemaining": 6,
-     *  "order_number": null,
-     *  "purchase_cost": "0.00",
-     *  "purchase_date": null,
-     *  "qty": 7
-     *  },
-     *
-     * The names of the fields in the returns JSON correspond directly to the the
-     * names of the fields in the bootstrap-tables in the view.
-     *
-     * For debugging, see at /api/accessories/list
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @param Request $request
-     * @return string JSON containing accessories and their associated atrributes.
-     * @internal param int $accessoryId
-     */
-    public function getDatatable(Request $request)
-    {
-        $this->authorize('index', Accessory::class);
-        $accessories = Company::scopeCompanyables(
-            Accessory::select('accessories.*')
-            ->whereNull('accessories.deleted_at')
-            ->with('category', 'company', 'manufacturer', 'users', 'location')
-        );
-        if (Input::has('search')) {
-            $accessories = $accessories->TextSearch(e(Input::get('search')));
-        }
-        $offset = request('offset', 0);
-        $limit = request('limit', 50);
 
-        $allowed_columns = ['name','min_amt','order_number','purchase_date','purchase_cost','company','category','model_number', 'manufacturer', 'location'];
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? e(Input::get('sort')) : 'created_at';
-
-        switch ($sort) {
-            case 'category':
-                $accessories = $accessories->OrderCategory($order);
-                break;
-            case 'company':
-                $accessories = $accessories->OrderCompany($order);
-                break;
-            case 'location':
-                $accessories = $accessories->OrderLocation($order);
-                break;
-            case 'manufacturer':
-                $accessories = $accessories->OrderManufacturer($order);
-                break;
-            default:
-                $accessories = $accessories->orderBy($sort, $order);
-                break;
-        }
-
-        $accessCount = $accessories->count();
-        $accessories = $accessories->skip($offset)->take($limit)->get();
-
-        $rows = array();
-
-        foreach ($accessories as $accessory) {
-            $rows[] = $accessory->present()->forDataTable();
-        }
-
-        $data = array('total'=>$accessCount, 'rows'=>$rows);
-
-        return $data;
-    }
-
-
-  /**
-  * Generates the JSON response for accessory detail view.
-  *
-  * Example:
-  * <code>
-  * {
-  * "rows": [
-  * {
-  * "actions": "(link to available actions)",
-  * "name": "(link to user)"
-  * }
-  * ],
-  * "total": 1
-  * }
-  * </code>
-  *
-  * The names of the fields in the returns JSON correspond directly to the the
-  * names of the fields in the bootstrap-tables in the view.
-  *
-  * For debugging, see at /api/accessories/$accessoryID/view
-  *
-  * @author [A. Gianotto] [<snipe@snipe.net>]
-  * @param  int  $accessoryId
-  * @return string JSON containing accessories and their associated atrributes.
-  **/
-    public function getDataView(Request $request, $accessoryID)
-    {
-        $accessory = Accessory::find($accessoryID);
-
-        if (!Company::isCurrentUserHasAccess($accessory)) {
-            return ['total' => 0, 'rows' => []];
-        }
-
-        $accessory_users = $accessory->users;
-        $count = $accessory_users->count();
-
-        $rows = array();
-
-        foreach ($accessory_users as $user) {
-            $actions = '';
-            if (Gate::allows('checkin', $accessory)) {
-                $actions .= Helper::generateDatatableButton('checkin', route('checkin/accessory', $user->pivot->id));
-            }
-
-            if (Gate::allows('view', $user)) {
-                $name = (string) link_to_route('users.show', e($user->present()->fullName()), [$user->id]);
-            } else {
-                $name = e($user->present()->fullName());
-            }
-
-            $rows[] = array(
-              'name'          => $name,
-              'actions'       => $actions
-              );
-        }
-
-        $data = array('total'=>$count, 'rows'=>$rows);
-
-        return $data;
-    }
 }

app/Http/Controllers/Api/AccessoriesController.php

@@ -7,6 +7,7 @@ use App\Http\Controllers\Controller;
 use App\Helpers\Helper;
 use App\Models\Accessory;
 use App\Http\Transformers\AccessoriesTransformer;
+use App\Models\Company;
 
 
 class AccessoriesController extends Controller
@@ -37,6 +38,10 @@ class AccessoriesController extends Controller
             $accessories->where('manufacturer_id','=',$request->input('manufacturer_id'));
         }
 
+        if ($request->has('supplier_id')) {
+            $accessories->where('supplier_id','=',$request->input('supplier_id'));
+        }
+
         $offset = $request->input('offset', 0);
         $limit = $request->input('limit', 50);
         $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
@@ -128,9 +133,15 @@ class AccessoriesController extends Controller
     public function checkedout($id)
     {
         $this->authorize('view', Accessory::class);
-        $accessory = Accessory::findOrFail($id)->with('users')->first();
-        $total = $accessory->users->count();
-        return (new AccessoriesTransformer)->transformCheckedoutAccessory($accessory, $total);
+
+        $accessory = Accessory::findOrFail($id);
+        if (!Company::isCurrentUserHasAccess($accessory)) {
+            return ['total' => 0, 'rows' => []];
+        }
+        $accessory_users = $accessory->users;
+        $total = $accessory_users->count();
+
+        return (new AccessoriesTransformer)->transformCheckedoutAccessory($accessory_users, $total);
     }
 
 

app/Http/Controllers/Api/AssetModelsController.php

@@ -31,7 +31,7 @@ class AssetModelsController extends Controller
         $this->authorize('view', AssetModel::class);
         $allowed_columns = ['id','image','name','model_number','eol','notes','created_at','manufacturer'];
 
-        $assetmodels = AssetModel::select(['models.id','models.image','models.name','model_number','eol','models.notes','models.created_at','category_id','manufacturer_id','depreciation_id','fieldset_id'])
+        $assetmodels = AssetModel::select(['models.id','models.image','models.name','model_number','eol','models.notes','models.created_at','category_id','manufacturer_id','depreciation_id','fieldset_id', 'models.deleted_at'])
             ->with('category','depreciation', 'manufacturer','fieldset')
             ->withCount('assets');
 
@@ -39,6 +39,10 @@ class AssetModelsController extends Controller
             $assetmodels->TextSearch($request->input('search'));
         }
 
+        if ($request->has('status')) {
+            $assetmodels->onlyTrashed();
+        }
+
 
         $offset = $request->input('offset', 0);
         $limit = $request->input('limit', 50);

app/Http/Controllers/Api/AssetsController.php

@@ -86,19 +86,19 @@ class AssetsController extends Controller
         $assets = Company::scopeCompanyables(Asset::select('assets.*'))->with(
             'assetloc', 'assetstatus', 'defaultLoc', 'assetlog', 'company',
             'model.category', 'model.manufacturer', 'model.fieldset','supplier');
-        // If we should search on everything
-        if (($request->has('search')) && (count($filter) == 0)) {
+
+
+        if (count($filter) > 0) {
+            $assets->ByFilter($filter);
+        } elseif ($request->has('search')) {
             $assets->TextSearch($request->input('search'));
-        // otherwise loop through the filters and search strictly on them
-        } else {
-            if (count($filter) > 0) {
-                $assets->ByFilter($filter);
-            }
         }
 
+
+
         // These are used by the API to query against specific ID numbers
         if ($request->has('status_id')) {
-            $assets->where('status_id', '=', $request->input('status_id'));
+            $assets->where('assets.status_id', '=', $request->input('status_id'));
         }
 
         if ($request->has('model_id')) {
@@ -125,7 +125,11 @@ class AssetsController extends Controller
             $assets->ByManufacturer($request->input('manufacturer_id'));
         }
 
-        $request->has('order_number') ? $assets = $assets->where('order_number', '=', e($request->get('order_number'))) : '';
+        if ($request->has('depreciation_id')) {
+            $assets->ByDepreciationId($request->input('depreciation_id'));
+        }
+
+        $request->has('order_number') ? $assets = $assets->where('assets.order_number', '=', e($request->get('order_number'))) : '';
 
         $offset = request('offset', 0);
         $limit = $request->input('limit', 50);
@@ -133,36 +137,76 @@ class AssetsController extends Controller
 
 
         // This is used by the sidenav, mostly
+
+        // We switched from using query scopes here because of a Laravel bug
+        // related to fulltext searches on complex queries.
+        // I am sad. :(
         switch ($request->input('status')) {
             case 'Deleted':
                 $assets->withTrashed()->Deleted();
                 break;
             case 'Pending':
-                $assets->Pending();
+                $assets->join('status_labels AS status_alias',function ($join) {
+                    $join->on('status_alias.id', "=", "assets.status_id")
+                        ->where('status_alias.deployable','=',0)
+                        ->where('status_alias.pending','=',1)
+                        ->where('status_alias.archived', '=', 0);
+                });
                 break;
             case 'RTD':
-                $assets->RTD();
+                $assets->whereNull('assets.assigned_to')
+                ->join('status_labels AS status_alias',function ($join) {
+                    $join->on('status_alias.id', "=", "assets.status_id")
+                        ->where('status_alias.deployable','=',1)
+                        ->where('status_alias.pending','=',0)
+                        ->where('status_alias.archived', '=', 0);
+                });
                 break;
             case 'Undeployable':
                 $assets->Undeployable();
                 break;
             case 'Archived':
-                $assets->Archived();
+                $assets->join('status_labels AS status_alias',function ($join) {
+                    $join->on('status_alias.id', "=", "assets.status_id")
+                        ->where('status_alias.deployable','=',0)
+                        ->where('status_alias.pending','=',0)
+                        ->where('status_alias.archived', '=', 1);
+                });
                 break;
             case 'Requestable':
-                $assets->RequestableAssets();
+                $assets->where('assets.requestable', '=', 1)
+                    ->join('status_labels AS status_alias',function ($join) {
+                    $join->on('status_alias.id', "=", "assets.status_id")
+                        ->where('status_alias.deployable','=',1)
+                        ->where('status_alias.pending','=',0)
+                        ->where('status_alias.archived', '=', 0);
+                });
+
                 break;
             case 'Deployed':
-                $assets->Deployed();
+                // more sad, horrible workarounds for laravel bugs when doing full text searches
+                $assets->where('assets.assigned_to', '>', '0');
                 break;
+            default:
+                // terrible workaround for complex-query Laravel bug in fulltext
+                $assets->join('status_labels AS status_alias',function ($join) {
+                    $join->on('status_alias.id', "=", "assets.status_id")
+                        ->where('status_alias.archived', '=', 0);
+                });
         }
 
 
+        // This is kinda gross, but we need to do this because the Bootstrap Tables
+        // API passes custom field ordering as custom_fields.fieldname, and we have to strip
+        // that out to let the default sorter below order them correctly on the assets table.
+        $sort_override = str_replace('custom_fields.','', $request->input('sort')) ;
 
-        // This handles all of the pivot sorting (versus the assets.* fields in the allowed_columns array)
-        $column_sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'assets.created_at';
-
-        switch ($request->input('sort')) {
+        // This handles all of the pivot sorting (versus the assets.* fields
+        // in the allowed_columns array)
+        $column_sort = in_array($sort_override, $allowed_columns) ? $sort_override : 'assets.created_at';
+        
+        
+        switch ($sort_override) {
             case 'model':
                 $assets->OrderModels($order);
                 break;
@@ -413,16 +457,28 @@ class AssetsController extends Controller
 
         $this->authorize('checkout', $asset);
 
+        $error_payload = [];
+        $error_payload['asset'] = [
+            'id' => $asset->id,
+            'asset_tag' => $asset->asset_tag,
+        ];
         if ($request->has('user_id')) {
             $target = User::find($request->input('user_id'));
+            $error_payload['target_id'] = $request->input('user_id');
+            $error_payload['target_type'] = User::class;
+        // Don't let the user check an asset out to itself
         } elseif ($request->has('asset_id')) {
-            $target = Asset::find($request->input('asset_id'));
+            $target = Asset::where('id','!=',$asset_id)->find($request->input('asset_id'));
+            $error_payload['target_id'] = $request->input('asset_id');
+            $error_payload['target_type'] = Asset::class;
         } elseif ($request->has('location_id')) {
             $target = Location::find($request->input('location_id'));
+            $error_payload['target_id'] = $request->input('location_id');
+            $error_payload['target_type'] = Location::class;
         }
 
         if (!isset($target)) {
-            return response()->json(Helper::formatStandardApiResponse('error', ['asset'=> e($asset->asset_tag)], 'No valid checkout target specified for asset '.e($asset->asset_tag).'.'));
+            return response()->json(Helper::formatStandardApiResponse('error', $error_payload, 'No valid checkout target specified for asset '.e($asset->asset_tag).'.'));
         }
 
         $checkout_at = request('checkout_at', date("Y-m-d H:i:s"));
@@ -481,6 +537,9 @@ class AssetsController extends Controller
             $data['item_tag'] = $asset->asset_tag;
             $data['item_serial'] = $asset->serial;
             $data['note'] = $logaction->note;
+            $data['manufacturer_name'] = $asset->model->manufacturer->name;
+            $data['model_name'] = $asset->model->name;
+            $data['model_number'] = $asset->model->model_number;
 
             if ((($asset->checkin_email()=='1')) && (isset($user)) && (!config('app.lock_passwords'))) {
                 Mail::send('emails.checkin-asset', $data, function ($m) use ($user) {

app/Http/Controllers/Api/CategoriesController.php

@@ -20,9 +20,9 @@ class CategoriesController extends Controller
     public function index(Request $request)
     {
         $this->authorize('view', Category::class);
-        $allowed_columns = ['id', 'name','category_type','use_default_eula','require_acceptance','checkin_email'];
+        $allowed_columns = ['id', 'name','category_type','use_default_eula','eula_text', 'require_acceptance','checkin_email', 'assets_count', 'accessories_count', 'consumables_count', 'components_count'];
 
-        $categories = Category::select(['id', 'created_at', 'updated_at', 'name','category_type','use_default_eula','require_acceptance','checkin_email'])
+        $categories = Category::select(['id', 'created_at', 'updated_at', 'name','category_type','use_default_eula','eula_text', 'require_acceptance','checkin_email'])
             ->withCount('assets', 'accessories', 'consumables', 'components');
 
         if ($request->has('search')) {
@@ -32,7 +32,7 @@ class CategoriesController extends Controller
         $offset = $request->input('offset', 0);
         $limit = $request->input('limit', 50);
         $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'assets_count';
         $categories->orderBy($sort, $order);
 
         $total = $categories->count();

app/Http/Controllers/Api/ComponentsController.php

@@ -158,6 +158,6 @@ class ComponentsController extends Controller
         $limit = $request->input('limit', 50);
         $total = $assets->count();
         $assets = $assets->skip($offset)->take($limit)->get();
-        return (new ComponentsAssetsTransformer)->transformAssets($assets, $total);
+        return (new ComponentsTransformer)->transformCheckedoutComponents($assets, $total);
     }
 }

app/Http/Controllers/Api/LocationsController.php

@@ -23,7 +23,7 @@ class LocationsController extends Controller
         $allowed_columns = ['id','name','address','address2','city','state','country','zip','created_at',
         'updated_at','parent_id', 'manager_id'];
 
-        $locations = Location::select([
+        $locations = Location::with('parent', 'manager', 'childLocations')->select([
             'locations.id',
             'locations.name',
             'locations.address',
@@ -37,7 +37,10 @@ class LocationsController extends Controller
             'locations.created_at',
             'locations.updated_at',
             'locations.currency'
-        ])->withCount('assets')->withCount('users');
+        ])->withCount('locationAssets')
+        ->withCount('assignedAssets')
+        ->withCount('assets')
+        ->withCount('users');
 
         if ($request->has('search')) {
             $locations = $locations->TextSearch($request->input('search'));
@@ -52,7 +55,6 @@ class LocationsController extends Controller
         $total = $locations->count();
         $locations = $locations->skip($offset)->take($limit)->get();
         return (new LocationsTransformer)->transformLocations($locations, $total);
-
     }
 
 
@@ -74,7 +76,6 @@ class LocationsController extends Controller
             return response()->json(Helper::formatStandardApiResponse('success', (new LocationsTransformer)->transformLocation($location), trans('admin/locations/message.create.success')));
         }
         return response()->json(Helper::formatStandardApiResponse('error', null, $location->getErrors()));
-
     }
 
     /**
@@ -109,7 +110,13 @@ class LocationsController extends Controller
         $location->fill($request->all());
 
         if ($location->save()) {
-            return response()->json(Helper::formatStandardApiResponse('success',  (new LocationsTransformer)->transformLocation($location), trans('admin/locations/message.update.success')));
+            return response()->json(
+                Helper::formatStandardApiResponse(
+                    'success',
+                    (new LocationsTransformer)->transformLocation($location),
+                    trans('admin/locations/message.update.success')
+                )
+            );
         }
 
         return response()->json(Helper::formatStandardApiResponse('error', null, $location->getErrors()));
@@ -129,7 +136,6 @@ class LocationsController extends Controller
         $location = Location::findOrFail($id);
         $this->authorize('delete', $location);
         $location->delete();
-        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/locations/message.delete.success')));
-
+        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/locations/message.delete.success')));
     }
 }

app/Http/Controllers/Api/SettingsController.php

@@ -5,6 +5,9 @@ namespace App\Http\Controllers\Api;
 use Illuminate\Http\Request;
 use App\Http\Controllers\Controller;
 use App\Models\Ldap;
+use Validator;
+use App\Models\Setting;
+use Mail;
 
 class SettingsController extends Controller
 {
@@ -75,8 +78,14 @@ class SettingsController extends Controller
         //
     }
 
-    public function getLdapTest()
+    public function ldaptest()
     {
+
+        if (Setting::getSettings()->ldap_enabled!='1') {
+            \Log::debug('LDAP is not enabled cannot test.');
+            return response()->json(['message' => 'LDAP is not enabled, cannot test.'], 400);
+        }
+
         \Log::debug('Preparing to test LDAP connection');
 
         try {
@@ -98,4 +107,85 @@ class SettingsController extends Controller
 
     }
 
+    public function ldaptestlogin(Request $request)
+    {
+
+        if (Setting::getSettings()->ldap_enabled!='1') {
+            \Log::debug('LDAP is not enabled. Cannot test.');
+            return response()->json(['message' => 'LDAP is not enabled, cannot test.'], 400);
+        }
+
+
+        $rules = array(
+            'ldaptest_user' => 'required',
+            'ldaptest_password' => 'required'
+        );
+
+        $validator = Validator::make($request->all(), $rules);
+        if ($validator->fails()) {
+            \Log::debug('LDAP Validation test failed.');
+            $validation_errors = implode(' ',$validator->errors()->all());
+            return response()->json(['message' => $validator->errors()->all()], 400);
+        }
+        
+
+        \Log::debug('Preparing to test LDAP login');
+        try {
+            $connection = Ldap::connectToLdap();
+            try {
+                Ldap::bindAdminToLdap($connection);
+                \Log::debug('Attempting to bind to LDAP for LDAP test');
+                try {
+                    $ldap_user = Ldap::findAndBindUserLdap($request->input('ldaptest_user'), $request->input('ldaptest_password'));
+                    if ($ldap_user) {
+                        \Log::debug('It worked! '. $request->input('ldaptest_user').' successfully binded to LDAP.');
+                        return response()->json(['message' => 'It worked! '. $request->input('ldaptest_user').' successfully binded to LDAP.'], 200);
+                    }
+                    return response()->json(['message' => 'Login Failed. '. $request->input('ldaptest_user').' did not successfully bind to LDAP.'], 400);
+
+                } catch (\Exception $e) {
+                    \Log::debug('LDAP login failed');
+                    return response()->json(['message' => $e->getMessage()], 400);
+                }
+
+            } catch (\Exception $e) {
+                \Log::debug('Bind failed');
+                return response()->json(['message' => $e->getMessage()], 400);
+                //return response()->json(['message' => $e->getMessage()], 500);
+            }
+        } catch (\Exception $e) {
+            \Log::debug('Connection failed');
+            return response()->json(['message' => $e->getMessage()], 500);
+        }
+
+
+    }
+
+    /**
+     * Test the email configuration
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return Redirect
+     */
+    public function ajaxTestEmail()
+    {
+        if (!config('app.lock_passwords')) {
+            try {
+                Mail::send('emails.test', [], function ($m) {
+                    $m->to(config('mail.from.address'), config('mail.from.name'));
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.test_email'));
+                });
+                return response()->json(['message' => 'Mail sent to '.config('mail.from.address')], 200);
+            } catch (Exception $e) {
+                return response()->json(['message' => $e->getMessage()], 500);
+            }
+        }
+        return response()->json(['message' => 'Mail would have been sent, but this application is in demo mode! '], 200);
+
+    }
+
+
+
 }

app/Http/Controllers/Api/StatuslabelsController.php

@@ -22,7 +22,7 @@ class StatuslabelsController extends Controller
     public function index(Request $request)
     {
         $this->authorize('view', Statuslabel::class);
-        $allowed_columns = ['id','name','created_at'];
+        $allowed_columns = ['id','name','created_at', 'assets_count'];
 
         $statuslabels = Statuslabel::withCount('assets');
 
@@ -137,8 +137,14 @@ class StatuslabelsController extends Controller
         $this->authorize('delete', Statuslabel::class);
         $statuslabel = Statuslabel::findOrFail($id);
         $this->authorize('delete', $statuslabel);
-        $statuslabel->delete();
-        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/statuslabels/message.delete.success')));
+
+        // Check that there are no assets associated
+        if ($statuslabel->assets()->count() == 0) {
+            $statuslabel->delete();
+            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/statuslabels/message.delete.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/statuslabels/message.assoc_assets')));
 
     }
 
@@ -155,7 +161,7 @@ class StatuslabelsController extends Controller
     public function getAssetCountByStatuslabel()
     {
 
-        $statusLabels = Statuslabel::with('assets')->get();
+        $statusLabels = Statuslabel::get();
         $labels=[];
         $points=[];
         $colors=[];
@@ -168,9 +174,7 @@ class StatuslabelsController extends Controller
                 }
             }
         }
-        $labels[]='Deployed';
-        $points[]=Asset::whereNotNull('assigned_to')->count();
-
+        
         $colors_array = array_merge($colors, Helper::chartColors());
 
         $result= [

app/Http/Controllers/Api/SuppliersController.php

@@ -20,11 +20,11 @@ class SuppliersController extends Controller
     public function index(Request $request)
     {
         $this->authorize('view', Supplier::class);
-        $allowed_columns = ['id','name','address','phone','contact','fax','email'];
+        $allowed_columns = ['id','name','address','phone','contact','fax','email','image','assets_count','licenses_count', 'accessories_count'];
         
         $suppliers = Supplier::select(
                 array('id','name','address','address2','city','state','country','fax', 'phone','email','contact','created_at','updated_at','deleted_at')
-            )->withCount('assets')->withCount('licenses')->whereNull('deleted_at');
+            )->withCount('assets')->withCount('licenses')->withCount('accessories')->whereNull('deleted_at');
 
 
         if ($request->has('search')) {
@@ -113,8 +113,22 @@ class SuppliersController extends Controller
     public function destroy($id)
     {
         $this->authorize('delete', Supplier::class);
-        $supplier = Supplier::findOrFail($id);
+        $supplier = Supplier::with('asset_maintenances', 'assets', 'licenses')->withCount('asset_maintenances','assets', 'licenses')->findOrFail($id);
         $this->authorize('delete', $supplier);
+
+
+        if ($supplier->assets_count > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/suppliers/message.delete.assoc_assets', ['asset_count' => (int) $supplier->assets_count])));
+        }
+
+        if ($supplier->asset_maintenances_count > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/suppliers/message.delete.assoc_maintenances', ['asset_maintenances_count' => $supplier->asset_maintenances_count])));
+        }
+
+        if ($supplier->licenses_count > 0) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/suppliers/message.delete.assoc_licenses', ['licenses_count' => (int) $supplier->licenses_count])));
+        }
+
         $supplier->delete();
         return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/suppliers/message.delete.success')));
 

app/Http/Controllers/Api/UsersController.php

@@ -31,6 +31,7 @@ class UsersController extends Controller
             'users.two_factor_enrolled',
             'users.jobtitle',
             'users.email',
+            'users.phone',
             'users.username',
             'users.location_id',
             'users.manager_id',
@@ -57,7 +58,6 @@ class UsersController extends Controller
             $users = $users->GetDeleted();
         }
 
-
         if ($request->has('company_id')) {
             $users = $users->where('company_id', '=', $request->input('company_id'));
         }
@@ -65,6 +65,10 @@ class UsersController extends Controller
         if ($request->has('location_id')) {
             $users = $users->where('location_id', '=', $request->input('location_id'));
         }
+        
+        if ($request->has('group_id')) {
+            $users = $users->ByGroup($request->has('group_id'));
+        }
 
         if ($request->has('department_id')) {
             $users = $users->where('department_id','=',$request->input('department_id'));
@@ -89,7 +93,8 @@ class UsersController extends Controller
                     [
                         'last_name','first_name','email','jobtitle','username','employee_num',
                         'assets','accessories', 'consumables','licenses','groups','activated','created_at',
-                        'two_factor_enrolled','two_factor_optin','last_login'
+                        'two_factor_enrolled','two_factor_optin','last_login', 'assets_count', 'licenses_count',
+                        'consumables_count', 'accessories_count', 'phone'
                     ];
 
                 $sort = in_array($request->get('sort'), $allowed_columns) ? $request->get('sort') : 'first_name';

app/Http/Controllers/AssetModelsController.php

@@ -17,6 +17,7 @@ use App\Models\Company;
 use Config;
 use App\Helpers\Helper;
 use Illuminate\Http\Request;
+use App\Http\Requests\ImageUploadRequest;
 
 use Symfony\Component\HttpFoundation\JsonResponse;
 
@@ -68,7 +69,7 @@ class AssetModelsController extends Controller
     * @since [v1.0]
     * @return Redirect
     */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
     {
 
         // Create a new asset model
@@ -90,14 +91,21 @@ class AssetModelsController extends Controller
         }
 
         if (Input::file('image')) {
+
             $image = Input::file('image');
-            $file_name = str_random(25).".".$image->getClientOriginalExtension();
-            $path = public_path('uploads/models/'.$file_name);
-            Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
-                $constraint->aspectRatio();
-                $constraint->upsize();
-            })->save($path);
+            $file_name = str_random(25) . "." . $image->getClientOriginalExtension();
+            $path = public_path('uploads/models/');
+
+            if ($image->getClientOriginalExtension()!='svg') {
+                Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
+                    $constraint->aspectRatio();
+                    $constraint->upsize();
+                })->save($path.'/'.$file_name);
+            } else {
+                $image->move($path, $file_name);
+            }
             $model->image = $file_name;
+
         }
 
             // Was it created?
@@ -180,7 +188,7 @@ class AssetModelsController extends Controller
     * @param int $modelId
     * @return Redirect
     */
-    public function update(Request $request, $modelId = null)
+    public function update(ImageUploadRequest $request, $modelId = null)
     {
         // Check if the model exists
         if (is_null($model = AssetModel::find($modelId))) {
@@ -206,13 +214,19 @@ class AssetModelsController extends Controller
 
         if (Input::file('image')) {
             $image = Input::file('image');
-            $file_name = str_random(25).".".$image->getClientOriginalExtension();
-            $path = public_path('uploads/models/'.$file_name);
-            Image::make($image->getRealPath())->resize(300, null, function ($constraint) {
-                $constraint->aspectRatio();
-                $constraint->upsize();
-            })->save($path);
+            $file_name = str_random(25) . "." . $image->getClientOriginalExtension();
+            $path = public_path('uploads/models/');
+
+            if ($image->getClientOriginalExtension()!='svg') {
+                Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
+                    $constraint->aspectRatio();
+                    $constraint->upsize();
+                })->save($path.'/'.$file_name);
+            } else {
+                $image->move($path, $file_name);
+            }
             $model->image = $file_name;
+
         }
 
         if ($request->input('image_delete') == 1 && Input::file('image') == "") {
@@ -352,49 +366,6 @@ class AssetModelsController extends Controller
 
 
 
-    /**
-     * Get the asset information to present to the model view detail page
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v2.0]
-     * @param Request $request
-     * @param $modelID
-     * @return String JSON
-     * @internal param int $modelId
-     */
-    public function getDataView(Request $request, $modelID)
-    {
-        $assets = Asset::where('model_id', '=', $modelID)->with('company', 'assetstatus');
-
-        if (Input::has('search')) {
-            $assets = $assets->TextSearch(e($request->input('search')));
-        }
-        $offset = request('offset', 0);
-        $limit = request('limit', 50);
-
-
-        $allowed_columns = ['name', 'serial','asset_tag'];
-        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
-
-        $assets = $assets->orderBy($sort, $order);
-
-        $assetsCount = $assets->count();
-        $assets = $assets->skip($offset)->take($limit)->get();
-
-        $rows = array();
-
-        $all_custom_fields = CustomField::all();
-        foreach ($assets as $asset) {
-
-            $rows[] = $asset->present()->forDataTable($all_custom_fields);
-        }
-
-        $data = array('total' => $assetsCount, 'rows' => $rows);
-
-        return $data;
-    }
-
 
     /**
      * Returns a view that allows the user to bulk edit model attrbutes
@@ -405,13 +376,16 @@ class AssetModelsController extends Controller
      */
     public function postBulkEdit(Request $request)
     {
+        
         $models_raw_array = Input::get('ids');
-        $models = AssetModel::whereIn('id', $models_raw_array)->get();
-        $nochange = ['NC' => 'No Change'];
-        $fieldset_list = $nochange + Helper::customFieldsetList();
-        $depreciation_list = $nochange + Helper::depreciationList();
-        $category_list = $nochange + Helper::categoryList('asset');
-        $manufacturer_list = $nochange + Helper::manufacturerList();
+
+        if (is_array($models_raw_array)) {
+            $models = AssetModel::whereIn('id', $models_raw_array)->get();
+            $nochange = ['NC' => 'No Change'];
+            $fieldset_list = $nochange + Helper::customFieldsetList();
+            $depreciation_list = $nochange + Helper::depreciationList();
+            $category_list = $nochange + Helper::categoryList('asset');
+            $manufacturer_list = $nochange + Helper::manufacturerList();
 
         
              return view('models/bulk-edit', compact('models'))
@@ -419,6 +393,10 @@ class AssetModelsController extends Controller
                 ->with('category_list', $category_list)
                 ->with('fieldset_list', $fieldset_list)
                 ->with('depreciation_list', $depreciation_list);
+        }
+
+        return redirect()->route('models.index')
+            ->with('error', 'You must select at least one model to edit.');
 
     }
 

app/Http/Controllers/AssetsController.php

@@ -75,7 +75,7 @@ class AssetsController extends Controller
         } else {
             $company = null;
         }
-        return view('hardware/index')->with('company',$company);
+        return view('hardware/index')->with('company', $company);
     }
 
     /**
@@ -94,7 +94,6 @@ class AssetsController extends Controller
         }
         $this->authorize('view', $asset);
         return redirect()->route('hardware.show', $asset->id)->with('topsearch', $topsearch);
-
     }
 
     /**
@@ -126,9 +125,7 @@ class AssetsController extends Controller
         if ($request->has('model_id')) {
             $selected_model = AssetModel::find($request->input('model_id'));
             $view->with('selected_model', $selected_model);
-        } else {
         }
-
         return $view;
     }
 
@@ -168,7 +165,6 @@ class AssetsController extends Controller
 
         // Create the image (if one was chosen.)
         if (Input::has('image')) {
-
             $image = Input::get('image');
 
             // After modification, the image is prefixed by mime info like the following:
@@ -201,7 +197,6 @@ class AssetsController extends Controller
                     ->put('default', $messageBag));
                 return response()->json(['image' => $e->getMessage()], 422);
             }
-
         }
 
 
@@ -211,31 +206,26 @@ class AssetsController extends Controller
         // Need to investigate and fix. Using static method for now.
         $model = AssetModel::find($request->get('model_id'));
 
-
-
         if ($model->fieldset) {
             foreach ($model->fieldset->fields as $field) {
-
                 if ($field->field_encrypted=='1') {
                     if (Gate::allows('admin')) {
                         $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt($request->input($field->convertUnicodeDbSlug()));
                     }
-
                 } else {
                     $asset->{$field->convertUnicodeDbSlug()} = $request->input($field->convertUnicodeDbSlug());
                 }
-
             }
         }
 
             // Was the asset created?
         if ($asset->save()) {
             $asset->logCreate();
-            if(request('assigned_user')) {
+            if (request('assigned_user')) {
                 $target = User::find(request('assigned_user'));
-            } elseif(request('assigned_asset')) {
+            } elseif (request('assigned_asset')) {
                 $target = Asset::find(request('assigned_asset'));
-            } elseif(request('assigned_location')) {
+            } elseif (request('assigned_location')) {
                 $target = Location::find(request('assigned_location'));
             }
             if (isset($target)) {
@@ -268,15 +258,15 @@ class AssetsController extends Controller
         $this->authorize($item);
 
         return view('hardware/edit', compact('item'))
-        ->with('model_list', Helper::modelList())
-        ->with('supplier_list', Helper::suppliersList())
-        ->with('company_list', Helper::companyList())
-        ->with('locations_list', Helper::locationsList())
-        ->with('statuslabel_list', Helper::statusLabelList())
-        ->with('assigned_to', Helper::usersList())
-        ->with('manufacturer', Helper::manufacturerList())
-        ->with('statuslabel_types', Helper::statusTypeList())
-        ->with('category', Helper::categoryList('asset'));
+            ->with('model_list', Helper::modelList())
+            ->with('supplier_list', Helper::suppliersList())
+            ->with('company_list', Helper::companyList())
+            ->with('locations_list', Helper::locationsList())
+            ->with('statuslabel_list', Helper::statusLabelList())
+            ->with('assigned_to', Helper::usersList())
+            ->with('manufacturer', Helper::manufacturerList())
+            ->with('statuslabel_types', Helper::statusTypeList())
+            ->with('category', Helper::categoryList('asset'));
     }
 
 
@@ -291,7 +281,6 @@ class AssetsController extends Controller
 
     public function update(AssetRequest $request, $assetId = null)
     {
-
         // Check if the asset exists
         if (!$asset = Asset::find($assetId)) {
             // Redirect to the asset management page with error
@@ -369,7 +358,6 @@ class AssetsController extends Controller
                     if (Gate::allows('admin')) {
                         $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt(e($request->input($field->convertUnicodeDbSlug())));
                     }
-
                 } else {
                     $asset->{$field->convertUnicodeDbSlug()} = $request->input($field->convertUnicodeDbSlug());
                 }
@@ -385,7 +373,6 @@ class AssetsController extends Controller
         \Input::flash();
         \Session::flash('errors', $asset->getErrors());
         return response()->json(['errors' => $asset->getErrors()], 500);
-
     }
 
     /**
@@ -407,8 +394,8 @@ class AssetsController extends Controller
         $this->authorize('delete', $asset);
 
         DB::table('assets')
-        ->where('id', $asset->id)
-        ->update(array('assigned_to' => null));
+            ->where('id', $asset->id)
+            ->update(array('assigned_to' => null));
 
         $asset->delete();
 
@@ -445,9 +432,8 @@ class AssetsController extends Controller
         // Get the dropdown of users and then pass it to the checkout view
         return view('hardware/checkout', compact('asset'))
             ->with('users_list', Helper::usersList())
-            ->with('assets_list', Helper::assetsList())
+            ->with('assets_list', Helper::detailedAssetList())
             ->with('locations_list', Helper::locationsList());
-
     }
 
     /**
@@ -469,11 +455,11 @@ class AssetsController extends Controller
         }
         $this->authorize('checkout', $asset);
 
-        if(request('assigned_user')) {
+        if (request('assigned_user')) {
             $target = User::find(request('assigned_user'));
-        } elseif(request('assigned_asset')) {
-            $target = Asset::find(request('assigned_asset'));
-        } elseif(request('assigned_location')) {
+        } elseif (request('assigned_asset')) {
+            $target = Asset::where('id','!=',$assetId)->find(request('assigned_asset'));
+        } elseif (request('assigned_location')) {
             $target = Location::find(request('assigned_location'));
         }
         // $user = User::find(Input::get('assigned_to'));
@@ -519,7 +505,6 @@ class AssetsController extends Controller
 
         $this->authorize('checkin', $asset);
         return view('hardware/checkin', compact('asset'))->with('statusLabel_list', Helper::statusLabelList())->with('backto', $backto);
-
     }
 
 
@@ -544,7 +529,7 @@ class AssetsController extends Controller
         $this->authorize('checkin', $asset);
 
         $admin = Auth::user();
-        if($asset->assignedType() == Asset::USER) {
+        if ($asset->assignedType() == Asset::USER) {
             $user = $asset->assignedTo;
         }
         if (is_null($target = $asset->assignedTo)) {
@@ -573,6 +558,9 @@ class AssetsController extends Controller
             $data['item_tag'] = $asset->asset_tag;
             $data['item_serial'] = $asset->serial;
             $data['note'] = $logaction->note;
+            $data['manufacturer_name'] = $asset->model->manufacturer->name;
+            $data['model_name'] = $asset->model->name;
+            $data['model_number'] = $asset->model->model_number;
 
             if ((($asset->checkin_email()=='1')) && (isset($user)) && (!empty($user->email)) && (!config('app.lock_passwords'))) {
                 Mail::send('emails.checkin-asset', $data, function ($m) use ($user) {
@@ -583,7 +571,7 @@ class AssetsController extends Controller
             }
 
             if ($backto=='user') {
-                return redirect()->to("admin/users/".$user->id.'/view')->with('success', trans('admin/hardware/message.checkin.success'));
+                return redirect()->route("users.show", $user->id)->with('success', trans('admin/hardware/message.checkin.success'));
             }
             return redirect()->route("hardware.index")->with('success', trans('admin/hardware/message.checkin.success'));
         }
@@ -607,15 +595,16 @@ class AssetsController extends Controller
         $asset = Asset::withTrashed()->find($assetId);
         $this->authorize('view', $asset);
         $settings = Setting::getSettings();
-        $audit_log = Actionlog::where('action_type','=','audit')->where('item_id','=',$assetId)->where('item_type','=',Asset::class)->orderBy('created_at','DESC')->first();
+        $audit_log = Actionlog::where('action_type', '=', 'audit')
+            ->where('item_id', '=', $assetId)
+            ->where('item_type', '=', Asset::class)
+            ->orderBy('created_at', 'DESC')->first();
 
 
         if (isset($asset)) {
-
             if (!is_null($asset->assetloc)) {
                 $use_currency = $asset->assetloc->currency;
             } else {
-
                 if ($settings->default_currency!='') {
                     $use_currency = $settings->default_currency;
                 } else {
@@ -629,7 +618,7 @@ class AssetsController extends Controller
             );
 
             return view('hardware/view', compact('asset', 'qr_code', 'settings'))
-                ->with('use_currency', $use_currency)->with('audit_log',$audit_log);
+                ->with('use_currency', $use_currency)->with('audit_log', $audit_log);
         }
 
         return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist', compact('id')));
@@ -648,12 +637,11 @@ class AssetsController extends Controller
         $settings = Setting::getSettings();
 
         if ($settings->qr_code == '1') {
-            $asset = Asset::find($assetId);
+            $asset = Asset::withTrashed()->find($assetId);
             $size = Helper::barcodeDimensions($settings->barcode_type);
             $qr_file = public_path().'/uploads/barcodes/qr-'.str_slug($asset->asset_tag).'-'.str_slug($asset->id).'.png';
 
-            if (isset($asset->id,$asset->asset_tag)) {
-
+            if (isset($asset->id, $asset->asset_tag)) {
                 if (file_exists($qr_file)) {
                     $header = ['Content-type' => 'image/png'];
                     return response()->file($qr_file, $header);
@@ -665,7 +653,6 @@ class AssetsController extends Controller
                 }
             }
         }
-
     }
 
 
@@ -683,19 +670,21 @@ class AssetsController extends Controller
         $asset = Asset::find($assetId);
         $barcode_file = public_path().'/uploads/barcodes/'.str_slug($settings->alt_barcode).'-'.str_slug($asset->asset_tag).'.png';
 
-        if (isset($asset->id,$asset->asset_tag)) {
-
+        if (isset($asset->id, $asset->asset_tag)) {
             if (file_exists($barcode_file)) {
                 $header = ['Content-type' => 'image/png'];
                 return response()->file($barcode_file, $header);
             } else {
+                // Calculate barcode width in pixel based on label width (inch)
+                $barcode_width = ($settings->labels_width - $settings->labels_display_sgutter) * 96.000000000001;
+
                 $barcode = new \Com\Tecnick\Barcode\Barcode();
-                $barcode_obj = $barcode->getBarcodeObj($settings->alt_barcode, $asset->asset_tag, 250, 20);
+                $barcode_obj = $barcode->getBarcodeObj($settings->alt_barcode,$asset->asset_tag,($barcode_width < 300 ? $barcode_width : 300),50);
+
                 file_put_contents($barcode_file, $barcode_obj->getPngData());
                 return response($barcode_obj->getPngData())->header('Content-type', 'image/png');
             }
         }
-
     }
 
     /**
@@ -762,7 +751,6 @@ class AssetsController extends Controller
      */
     public function postImportHistory(Request $request)
     {
-
         if (!ini_get("auto_detect_line_endings")) {
             ini_set("auto_detect_line_endings", '1');
         }
@@ -780,9 +768,7 @@ class AssetsController extends Controller
 
 
         foreach ($results as $row) {
-
             if (is_array($row)) {
-
                 $row = array_change_key_case($row, CASE_LOWER);
                 $asset_tag = Helper::array_smart_fetch($row, "asset tag");
                 if (!array_key_exists($asset_tag, $item)) {
@@ -797,7 +783,6 @@ class AssetsController extends Controller
                 $item[$asset_tag][$batch_counter]['email'] = Helper::array_smart_fetch($row, "email");
 
                 if ($asset = Asset::where('asset_tag', '=', $asset_tag)->first()) {
-
                     $item[$asset_tag][$batch_counter]['asset_id'] = $asset->id;
 
                     $base_username = User::generateFormattedNameFromFullName(Setting::getSettings()->username_format, $item[$asset_tag][$batch_counter]['name']);
@@ -854,12 +839,10 @@ class AssetsController extends Controller
                         } else {
                             $status['error'][]['asset'][$asset_tag]['msg'] = 'Asset and user was matched but could not be saved.';
                         }
-
                     } else {
                         $item[$asset_tag][$batch_counter]['checkedout_to'] = null;
                         $status['error'][]['user'][Helper::array_smart_fetch($row, "name")]['msg'] = 'User does not exist so no checkin log was created.';
                     }
-
                 } else {
                     $item[$asset_tag][$batch_counter]['asset_id'] = null;
                     $status['error'][]['asset'][$asset_tag]['msg'] = 'Asset does not exist so no match was attempted.';
@@ -875,7 +858,6 @@ class AssetsController extends Controller
 
                 // Only do this if a matching user was found
                 if ((array_key_exists('checkedout_to', $asset_batch[$x])) && ($asset_batch[$x]['checkedout_to']!='')) {
-
                     if (($total_in_batch > 1) && ($x < $total_in_batch) && (array_key_exists($next, $asset_batch))) {
                         $checkin_date = Carbon::parse($asset_batch[$next]['checkout_date'])->subDay(1)->format('Y-m-d H:i:s');
                         $asset_batch[$x]['real_checkin'] = $checkin_date;
@@ -982,7 +964,6 @@ class AssetsController extends Controller
             }
             $log->delete();
             return redirect()->back()->with('success', trans('admin/hardware/message.deletefile.success'));
-
         }
         // Prepare the error message
         $error = trans('admin/hardware/message.does_not_exist', compact('id'));
@@ -1049,25 +1030,19 @@ class AssetsController extends Controller
 
 
         if ($request->has('bulk_actions')) {
-
             if ($request->input('bulk_actions')=='labels') {
-
                 $count = 0;
                 return view('hardware/labels')
                     ->with('assets', Asset::find($asset_ids))
                     ->with('settings', Setting::getSettings())
                     ->with('count', $count)
-                    ->with('settings',
-                    Setting::getSettings()
-                );
-
+                    ->with('settings', Setting::getSettings());
             } elseif ($request->input('bulk_actions')=='delete') {
                 $assets = Asset::with('assignedTo', 'assetloc')->find($asset_ids);
-                $assets->each(function($asset) {
-                    $this->authorize('delete',$asset);
+                $assets->each(function ($asset) {
+                    $this->authorize('delete', $asset);
                 });
                 return view('hardware/bulk-delete')->with('assets', $assets);
-
              // Bulk edit
             } elseif ($request->input('bulk_actions')=='edit') {
                 return view('hardware/bulk')
@@ -1148,9 +1123,8 @@ class AssetsController extends Controller
                     }
 
                     DB::table('assets')
-                    ->where('id', $key)
-                    ->update($update_array);
-
+                        ->where('id', $key)
+                        ->update($update_array);
                 } // endforeach
                 return redirect()->to("hardware")->with('success', trans('admin/hardware/message.update.success'));
             // no values given, nothing to update
@@ -1171,8 +1145,7 @@ class AssetsController extends Controller
     public function postBulkDelete()
     {
         $this->authorize('delete', Asset::class);
-        
-        
+
         if (Input::has('ids')) {
             $assets = Asset::find(Input::get('ids'));
             foreach ($assets as $asset) {
@@ -1180,9 +1153,8 @@ class AssetsController extends Controller
                 $update_array['assigned_to'] = null;
 
                 DB::table('assets')
-                ->where('id', $asset->id)
-                ->update($update_array);
-
+                    ->where('id', $asset->id)
+                    ->update($update_array);
             } // endforeach
             return redirect()->to("hardware")->with('success', trans('admin/hardware/message.delete.success'));
             // no values given, nothing to update
@@ -1210,6 +1182,9 @@ class AssetsController extends Controller
         $user = User::find(e(Input::get('assigned_to')));
         $admin = Auth::user();
 
+        if (!is_array(Input::get('selected_assets'))) {
+            return redirect()->route('hardware/bulkcheckout')->withInput()->with('error', trans('admin/hardware/message.checkout.no_assets_selected'));
+        }
         $asset_ids = array_filter(Input::get('selected_assets'));
 
         if ((Input::has('checkout_at')) && (Input::get('checkout_at')!= date("Y-m-d"))) {
@@ -1230,7 +1205,7 @@ class AssetsController extends Controller
             foreach ($asset_ids as $asset_id) {
                 $asset = Asset::find($asset_id);
                 $this->authorize('checkout', $asset);
-                $error = $asset->checkOutToUser($user, $admin, $checkout_at, $expected_checkin, e(Input::get('note')), null);
+                $error = $asset->checkOut($user, $admin, $checkout_at, $expected_checkin, e(Input::get('note')), null);
 
                 if ($error) {
                     array_merge_recursive($errors, $asset->getErrors()->toArray());
@@ -1282,10 +1257,8 @@ class AssetsController extends Controller
         $asset->next_audit_date = $request->input('next_audit_date');
 
         if ($asset->save()) {
-            $asset->logAudit(request('note'),request('location_id'));
+            $asset->logAudit(request('note'), request('location_id'));
             return redirect()->to("hardware")->with('success', trans('admin/hardware/message.audit.success'));
         }
     }
-
-
 }

app/Http/Controllers/Auth/LoginController.php

@@ -47,6 +47,7 @@ class LoginController extends Controller
     public function __construct()
     {
         $this->middleware('guest', ['except' => ['logout','postTwoFactorAuth','getTwoFactorAuth','getTwoFactorEnroll']]);
+        \Session::put('backUrl', \URL::previous());
     }
 
 
@@ -320,4 +321,9 @@ class LoginController extends Controller
         return redirect()->route('login');
     }
 
+    public function redirectTo()
+    {
+        return Session::get('backUrl') ? Session::get('backUrl') :   $this->redirectTo;
+    }
+
 }

app/Http/Controllers/CategoriesController.php

@@ -98,10 +98,8 @@ class CategoriesController extends Controller
      */
     public function edit($categoryId = null)
     {
-        // Check if the category exists
         if (is_null($item = Category::find($categoryId))) {
-            // Redirect to the blogs management page
-            return redirect()->to('admin/settings/categories')->with('error', trans('admin/categories/message.does_not_exist'));
+            return redirect()->route('categories.index')->with('error', trans('admin/categories/message.does_not_exist'));
         }
         $category_types= Helper::categoryTypeList();
 
@@ -158,22 +156,22 @@ class CategoriesController extends Controller
     {
         // Check if the category exists
         if (is_null($category = Category::find($categoryId))) {
-            return redirect()->to('admin/settings/categories')->with('error', trans('admin/categories/message.not_found'));
+            return redirect()->route('categories.index')->with('error', trans('admin/categories/message.not_found'));
         }
 
         if ($category->has_models() > 0) {
-            return redirect()->to('admin/settings/categories')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'model']));
+            return redirect()->route('categories.index')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'model']));
         } elseif ($category->accessories()->count() > 0) {
-                return redirect()->to('admin/settings/categories')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'accessory']));
+                return redirect()->route('categories.index')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'accessory']));
         } elseif ($category->consumables()->count() > 0) {
-                return redirect()->to('admin/settings/categories')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'consumable']));
+                return redirect()->route('categories.index')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'consumable']));
         } elseif ($category->components()->count() > 0) {
-                return redirect()->to('admin/settings/categories')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'component']));
+                return redirect()->route('categories.index')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=>'component']));
         }
 
         $category->delete();
         // Redirect to the locations management page
-        return redirect()->to(route('categories.index'))->with('success', trans('admin/categories/message.delete.success'));
+        return redirect()->route('categories.index')->with('success', trans('admin/categories/message.delete.success'));
     }
 
 

app/Http/Controllers/ComponentsController.php

@@ -288,35 +288,4 @@ class ComponentsController extends Controller
     }
 
 
-    /**
-    * Return JSON data to populate the components view,
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see ComponentsController::getView() method that returns the view.
-    * @since [v3.0]
-    * @param int $componentId
-    * @return string JSON
-    */
-    public function getDataView($componentId)
-    {
-        if (is_null($component = Component::with('assets')->find($componentId))) {
-            // Redirect to the component management page with error
-            return redirect()->route('components.index')->with('error', trans('admin/components/message.not_found'));
-        }
-
-        if (!Company::isCurrentUserHasAccess($component)) {
-            return ['total' => 0, 'rows' => []];
-        }
-        $this->authorize('view', $component);
-
-        $rows = array();
-        $all_custom_fields = CustomField::all(); // Cached for table;
-        foreach ($component->assets as $component_assignment) {
-            $rows[] = $component_assignment->present()->forDataTable($all_custom_fields);
-        }
-
-        $componentCount = $component->assets->count();
-        $data = array('total' => $componentCount, 'rows' => $rows);
-        return $data;
-    }
 }

app/Http/Controllers/ConsumablesController.php

@@ -194,7 +194,7 @@ class ConsumablesController extends Controller
         if (isset($consumable->id)) {
             return view('consumables/view', compact('consumable'));
         }
-        return redirect()->route('consumables')->with('error', trans('admin/consumables/message.does_not_exist', compact('id')));
+        return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.does_not_exist', compact('id')));
     }
 
     /**
@@ -209,7 +209,7 @@ class ConsumablesController extends Controller
     public function getCheckout($consumableId)
     {
         if (is_null($consumable = Consumable::find($consumableId))) {
-            return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.not_found'));
+            return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.does_not_exist'));
         }
         $this->authorize('checkout', $consumable);
         return view('consumables/checkout', compact('consumable'))->with('users_list', Helper::usersList());

app/Http/Controllers/DashboardController.php

@@ -39,8 +39,8 @@ class DashboardController extends Controller
             $counts['grand_total'] =  $counts['asset'] +  $counts['accessory'] +  $counts['license'] +  $counts['consumable'];
 
             if ((!file_exists(storage_path().'/oauth-private.key')) || (!file_exists(storage_path().'/oauth-public.key'))) {
-                \Artisan::call('passport:install');
                 \Artisan::call('migrate', ['--force' => true]);
+                \Artisan::call('passport:install');
             }
 
             return view('dashboard')->with('asset_stats', $asset_stats)->with('counts', $counts);

app/Http/Controllers/DepartmentsController.php

@@ -27,13 +27,11 @@ class DepartmentsController extends Controller
     public function index(Request $request)
     {
         $this->authorize('index', Department::class);
+        $company = null;
         if ($request->has('company_id')) {
             $company = Company::find($request->input('company_id'));
-        } else {
-            $company = null;
         }
-        return view('departments/index')->with('company',$company);
-
+        return view('departments/index')->with('company', $company);
     }
 
 
@@ -53,12 +51,10 @@ class DepartmentsController extends Controller
         $department->user_id = Auth::user()->id;
         $department->manager_id = ($request->has('manager_id' ) ? $request->input('manager_id') : null);
 
-
         if ($department->save()) {
             return redirect()->route("departments.index")->with('success', trans('admin/departments/message.create.success'));
         }
         return redirect()->back()->withInput()->withErrors($department->getErrors());
-
     }
 
     /**
@@ -140,25 +136,20 @@ class DepartmentsController extends Controller
             ->with('location_list', Helper::locationsList())
             ->with('company_list', Helper::companyList());
     }
-    
-    
+
     public function update(Request $request, $id) {
 
         $this->authorize('create', Department::class);
         if (is_null($department = Department::find($id))) {
-            return redirect()->to('admin/settings/departments')->with('error', trans('admin/departments/message.does_not_exist'));
+            return redirect()->route('departments.index')->with('error', trans('admin/departments/message.does_not_exist'));
         }
 
-
         $department->fill($request->all());
         $department->manager_id = ($request->has('manager_id' ) ? $request->input('manager_id') : null);
 
         if ($department->save()) {
             return redirect()->route("departments.index")->with('success', trans('admin/departments/message.update.success'));
         }
-        
         return redirect()->back()->withInput()->withErrors($department->getErrors());
     }
-    
-
 }

app/Http/Controllers/DepreciationsController.php

@@ -155,5 +155,24 @@ class DepreciationsController extends Controller
         return redirect()->route('depreciations.index')->with('success', trans('admin/depreciations/message.delete.success'));
     }
 
+    /**
+     * Returns a view that displays a form to display depreciation listing
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net]
+     * @see DepreciationsController::postEdit()
+     * @param int $depreciationId
+     * @since [v1.0]
+     * @return \Illuminate\Contracts\View\View
+     */
+    public function show($id)
+    {
+        if (is_null($depreciation = Depreciation::find($id))) {
+            // Redirect to the blogs management page
+            return redirect()->route('depreciations.index')->with('error', trans('admin/depreciations/message.does_not_exist'));
+        }
+
+        return view('depreciations/view', compact('depreciation'));
+    }
+
 
 }

app/Http/Controllers/GroupsController.php

@@ -87,10 +87,15 @@ class GroupsController extends Controller
     public function edit($id = null)
     {
         $group = Group::find($id);
-        $permissions = config('permissions');
-        $groupPermissions = $group->decodePermissions();
-        $selected_array = Helper::selectedPermissionsArray($permissions, $groupPermissions);
-        return view('groups.edit', compact('group', 'permissions', 'selected_array', 'groupPermissions'));
+
+        if ($group) {
+            $permissions = config('permissions');
+            $groupPermissions = $group->decodePermissions();
+            $selected_array = Helper::selectedPermissionsArray($permissions, $groupPermissions);
+            return view('groups.edit', compact('group', 'permissions', 'selected_array', 'groupPermissions'));
+        }
+
+        return redirect()->route('groups.index')->with('error', trans('admin/groups/message.group_not_found', compact('id')));
     }
 
     /**
@@ -142,4 +147,24 @@ class GroupsController extends Controller
         return redirect()->route('groups.index')->with('error', trans('general.feature_disabled'));
     }
 
+    /**
+     * Returns a view that invokes the ajax tables which actually contains
+     * the content for the group detail page.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $locationId
+     * @since [v4.0.11]
+     * @return \Illuminate\Contracts\View\View
+     */
+    public function show($id)
+    {
+        $group = Group::find($id);
+
+        if ($group) {
+            return view('groups/view', compact('group'));
+        }
+
+        return redirect()->route('groups.index')->with('error', trans('admin/groups/message.group_not_found', compact('id')));
+    }
+
 }

app/Http/Controllers/LicensesController.php

@@ -187,6 +187,7 @@ class LicensesController extends Controller
         $license->termination_date  = $request->input('termination_date');
         $license->seats             = e($request->input('seats'));
         $license->manufacturer_id   =  $request->input('manufacturer_id');
+        $license->supplier_id       = $request->input('supplier_id');
 
         if ($license->save()) {
             return redirect()->route('licenses.show', ['license' => $licenseId])->with('success', trans('admin/licenses/message.update.success'));
@@ -279,7 +280,7 @@ class LicensesController extends Controller
 
         // Declare the rules for the form validation
         $rules = [
-            'note'   => 'string',
+            'note'   => 'string|nullable',
             'asset_id'  => 'required_without:assigned_to',
         ];
 
@@ -334,15 +335,14 @@ class LicensesController extends Controller
         if ($licenseSeat->save()) {
             $licenseSeat->logCheckout($request->input('note'), $target);
 
-            $data['license_id'] =$licenseSeat->license_id;
+            $data['license_id'] = $licenseSeat->license_id;
             $data['note'] = $request->input('note');
 
             // Redirect to the new asset page
             return redirect()->route("licenses.index")->with('success', trans('admin/licenses/message.checkout.success'));
         }
-
-        // Redirect to the asset management page with error
-        return redirect()->to("admin/licenses/{$asset_id}/checkout")->with('error', trans('admin/licenses/message.create.error'))->with('license', new License);
+        
+        return redirect()->route("licenses.index")->with('error', trans('admin/licenses/message.checkout.error'));
     }
 
 
@@ -358,12 +358,12 @@ class LicensesController extends Controller
     public function getCheckin($seatId = null, $backTo = null)
     {
         // Check if the asset exists
-        if (is_null($licenseseat = LicenseSeat::find($seatId))) {
+        if (is_null($licenseSeat = LicenseSeat::find($seatId))) {
             // Redirect to the asset management page with error
             return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.not_found'));
         }
-        $this->authorize('checkin', $licenseseat);
-        return view('licenses/checkin', compact('licenseseat'))->with('backto', $backTo);
+        $this->authorize('checkin', $licenseSeat);
+        return view('licenses/checkin', compact('licenseSeat'))->with('backto', $backTo);
     }
 
 
@@ -441,17 +441,15 @@ class LicensesController extends Controller
     public function show($licenseId = null)
     {
 
-        $license = License::find($licenseId);
-        $license = $license->load('assignedusers', 'licenseSeats.user', 'licenseSeats.asset');
+        $license = License::with('assignedusers', 'licenseSeats.user', 'licenseSeats.asset')->find($licenseId);
 
-        if (isset($license->id)) {
-            $license = $license->load('assignedusers', 'licenseSeats.user', 'licenseSeats.asset');
+        if ($license) {
             $this->authorize('view', $license);
             return view('licenses/view', compact('license'));
         }
-        $error = trans('admin/licenses/message.does_not_exist', compact('id'));
-        return redirect()->route('licenses.index')->with('error', $error);
+        return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.does_not_exist', compact('id')));
     }
+    
 
     public function getClone($licenseId = null)
     {
@@ -491,7 +489,7 @@ class LicensesController extends Controller
     * @param int $licenseId
     * @return \Illuminate\Http\RedirectResponse
      */
-    public function postUpload($licenseId = null)
+    public function postUpload(Request $request, $licenseId = null)
     {
         $license = License::find($licenseId);
         // the license is valid
@@ -520,13 +518,16 @@ class LicensesController extends Controller
                     //Log the upload to the log
                     $license->logUpload($filename, e($request->input('notes')));
                 }
-
+                // This being called from a modal seems to confuse redirect()->back()
+                // It thinks we should go to the dashboard.  As this is only used
+                // from the modal at present, hardcode the redirect.  Longterm
+                // maybe we evaluate something else.
                 if ($upload_success) {
-                    return redirect()->back()->with('success', trans('admin/licenses/message.upload.success'));
+                    return redirect()->route('licenses.show', $license->id)->with('success', trans('admin/licenses/message.upload.success'));
                 }
-                return redirect()->back()->with('error', trans('admin/licenses/message.upload.error'));
+                return redirect()->route('licenses.show', $license->id)->with('error', trans('admin/licenses/message.upload.error'));
             }
-            return redirect()->back()->with('error', trans('admin/licenses/message.upload.nofiles'));
+            return redirect()->route('licenses.show', $license->id)->with('error', trans('admin/licenses/message.upload.nofiles'));
         }
         // Prepare the error message
         $error = trans('admin/licenses/message.does_not_exist', compact('id'));
@@ -589,61 +590,10 @@ class LicensesController extends Controller
             $file = $log->get_src('licenses');
             return Response::download($file);
         }
-        // Prepare the error message
-        $error = trans('admin/licenses/message.does_not_exist', compact('id'));
-        // Redirect to the licence management page
-        return redirect()->route('licenses.index')->with('error', $error);
+        return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.does_not_exist', compact('id')));
     }
 
 
-    /**
-    * Generates a JSON response to populate the licence index datatables.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see LicensesController::getIndex() method that provides the view
-    * @since [v1.0]
-    * @return String JSON
-    */
-    public function getDatatable(Request $request)
-    {
-        $this->authorize('view', License::class);
-        $licenses = Company::scopeCompanyables(License::with('company', 'licenseSeatsRelation', 'manufacturer'));
-
-        if (Input::has('search')) {
-            $licenses = $licenses->TextSearch($request->input('search'));
-        }
-        $offset = request('offset', 0);
-        $limit = request('limit', 50);
-
-        $allowed_columns = ['id','name','purchase_cost','expiration_date','purchase_order','order_number','notes','purchase_date','serial','manufacturer','company'];
-        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
-
-        switch ($sort) {
-            case 'manufacturer':
-                $licenses = $licenses->OrderManufacturer($order);
-                break;
-            case 'company':
-                $licenses = $licenses->OrderCompany($order);
-                break;
-            default:
-                $licenses = $licenses->orderBy($sort, $order);
-                break;
-        }
-
-        $licenseCount = $licenses->count();
-        $licenses = $licenses->skip($offset)->take($limit)->get();
-
-        $rows = array();
-
-        foreach ($licenses as $license) {
-            $rows[] = $license->present()->forDataTable();
-        }
-
-        $data = array('total' => $licenseCount, 'rows' => $rows);
-
-        return $data;
-    }
 
     /**
     * Generates the next free seat ID for checkout.

app/Http/Controllers/LocationsController.php

@@ -89,6 +89,7 @@ class LocationsController extends Controller
         $location->state            = Input::get('state');
         $location->country          = Input::get('country');
         $location->zip              = Input::get('zip');
+        $location->ldap_ou          = Input::get('ldap_ou');
         $location->manager_id       = Input::get('manager_id');
         $location->user_id          = Auth::id();
 
@@ -147,7 +148,7 @@ class LocationsController extends Controller
     {
         // Check if the location exists
         if (is_null($item = Location::find($locationId))) {
-            return redirect()->to('admin/settings/locations')->with('error', trans('admin/locations/message.does_not_exist'));
+            return redirect()->route('locations.index')->with('error', trans('admin/locations/message.does_not_exist'));
         }
 
         // Show the page
@@ -156,7 +157,6 @@ class LocationsController extends Controller
         $location_options = Location::flattenLocationsArray($location_options_array);
         $location_options = array('' => 'Top Level') + $location_options;
 
-
         return view('locations/edit', compact('item'))
             ->with('location_options', $location_options)
             ->with('manager_list', Helper::managerList());
@@ -176,7 +176,7 @@ class LocationsController extends Controller
     {
         // Check if the location exists
         if (is_null($location = Location::find($locationId))) {
-            return redirect()->to('admin/settings/locations')->with('error', trans('admin/locations/message.does_not_exist'));
+            return redirect()->route('locations.index')->with('error', trans('admin/locations/message.does_not_exist'));
         }
 
         // Update the location data
@@ -217,7 +217,6 @@ class LocationsController extends Controller
             return redirect()->to(route('locations.index'))->with('error', trans('admin/locations/message.not_found'));
         }
 
-
         if ($location->users->count() > 0) {
             return redirect()->to(route('locations.index'))->with('error', trans('admin/locations/message.assoc_users'));
         } elseif ($location->childLocations->count() > 0) {

app/Http/Controllers/ManufacturersController.php

@@ -212,116 +212,5 @@ class ManufacturersController extends Controller
 
     }
 
-    protected function getDataAssetsView(Manufacturer $manufacturer, Request $request)
-    {
-        $manufacturer = $manufacturer->load('assets.model', 'assets.assignedTo', 'assets.assetstatus', 'assets.company');
-        $manufacturer_assets = $manufacturer->assets();
 
-        if ($request->has('search')) {
-            $manufacturer_assets = $manufacturer_assets->TextSearch(e($request->input('search')));
-        }
-
-        $offset = request('offset', 0);
-        $limit = request('limit', 50);
-
-        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
-
-        $allowed_columns = ['id','name','serial','asset_tag'];
-        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
-        $count = $manufacturer_assets->count();
-        $manufacturer_assets = $manufacturer_assets->skip($offset)->take($limit)->get();
-        $rows = array();
-        $all_custom_fields = CustomField::all(); // cached;
-        foreach ($manufacturer_assets as $asset) {
-            $rows[] = $asset->present()->forDataTable($all_custom_fields);
-        }
-
-        $data = array('total' => $count, 'rows' => $rows);
-        return $data;
-    }
-
-    protected function getDataLicensesView(Manufacturer $manufacturer, Request $request)
-    {
-        $manufacturer = $manufacturer->load('licenses.company', 'licenses.manufacturer', 'licenses.licenseSeatsRelation');
-        $licenses = $manufacturer->licenses;
-
-        if ($request->has('search')) {
-            $licenses = $licenses->TextSearch($request->input('search'));
-        }
-
-        $licenseCount = $licenses->count();
-
-        $rows = array();
-
-        foreach ($licenses as $license) {
-            $rows[] = $license->present()->forDataTable();
-        }
-
-        $data = array('total' => $licenseCount, 'rows' => $rows);
-
-        return $data;
-    }
-
-    public function getDataAccessoriesView(Manufacturer $manufacturer, Request $request)
-    {
-        $manufacturer = $manufacturer->load(
-            'accessories.location',
-            'accessories.company',
-            'accessories.category',
-            'accessories.manufacturer',
-            'accessories.users'
-        );
-        $accessories = $manufacturer->accessories();
-
-        if ($request->has('search')) {
-            $accessories = $accessories->TextSearch(e($request->input('search')));
-        }
-
-        $offset = request('offset', 0);
-        $limit = request('limit', 50);
-
-        $accessCount = $accessories->count();
-        $accessories = $accessories->skip($offset)->take($limit)->get();
-        $rows = array();
-
-        foreach ($accessories as $accessory) {
-            $rows[] = $accessory->present()->forDataTable();
-        }
-
-        $data = array('total'=>$accessCount, 'rows'=>$rows);
-
-        return $data;
-    }
-
-    public function getDataConsumablesView($manufacturer, Request $request)
-    {
-        $manufacturer = $manufacturer->load(
-            'consumables.location',
-            'consumables.company',
-            'consumables.category',
-            'consumables.manufacturer',
-            'consumables.users'
-        );
-        $consumables = $manufacturer->consumables();
-
-        if ($request->has('search')) {
-            $consumables = $consumables->TextSearch(e($request->input('search')));
-        }
-
-        $offset = request('offset', 0);
-        $limit = request('limit', 50);
-
-
-        $consumCount = $consumables->count();
-        $consumables = $consumables->skip($offset)->take($limit)->get();
-        $rows = array();
-
-        foreach ($consumables as $consumable) {
-            $rows[] = $consumable->present()->forDataTable();
-        }
-
-        $data = array('total' => $consumCount, 'rows' => $rows);
-
-        return $data;
-    }
 }

app/Http/Controllers/ReportsController.php

@@ -15,6 +15,7 @@ use Illuminate\Support\Facades\View;
 use Input;
 use League\Csv\Reader;
 use Symfony\Component\HttpFoundation\StreamedResponse;
+use Illuminate\Http\Request;
 
 /**
  * This controller handles all actions related to Reports for
@@ -102,18 +103,45 @@ class ReportsController extends Controller
     * @since [v1.0]
     * @return \Illuminate\Http\Response
     */
-    public function exportAssetReport()
+    public function exportAssetReport(Request $request)
     {
 
          \Debugbar::disable();
 
         $customfields = CustomField::get();
 
-        $response = new StreamedResponse(function () use ($customfields) {
+        $response = new StreamedResponse(function () use ($customfields, $request) {
             // Open output stream
             $handle = fopen('php://output', 'w');
 
-            Asset::with('assignedTo', 'assetLoc','defaultLoc','assignedTo','model','supplier','assetstatus','model.manufacturer')->orderBy('created_at', 'DESC')->chunk(500, function($assets) use($handle, $customfields) {
+            $assets = Asset::with('assignedTo', 'assetLoc','defaultLoc','assignedTo','model','supplier','assetstatus','model.manufacturer');
+
+                // This is used by the sidenav, mostly
+            switch ($request->input('status')) {
+                case 'Deleted':
+                    $assets->withTrashed()->Deleted();
+                    break;
+                case 'Pending':
+                    $assets->Pending();
+                    break;
+                case 'RTD':
+                    $assets->RTD();
+                    break;
+                case 'Undeployable':
+                    $assets->Undeployable();
+                    break;
+                case 'Archived':
+                    $assets->Archived();
+                    break;
+                case 'Requestable':
+                    $assets->RequestableAssets();
+                    break;
+                case 'Deployed':
+                    $assets->Deployed();
+                    break;
+            }
+
+            $assets->orderBy('created_at', 'DESC')->chunk(500, function($assets) use($handle, $customfields) {
                 $headers=[
                     trans('general.company'),
                     trans('admin/hardware/table.asset_tag'),
@@ -126,7 +154,7 @@ class ReportsController extends Controller
                     trans('admin/hardware/table.purchase_date'),
                     trans('admin/hardware/table.purchase_cost'),
                     trans('admin/hardware/form.order'),
-                    trans('admin/hardware/form.supplier'),
+                    trans('general.supplier'),
                     trans('admin/hardware/table.checkoutto'),
                     trans('admin/hardware/table.checkout_date'),
                     trans('admin/hardware/table.location'),
@@ -154,7 +182,7 @@ class ReportsController extends Controller
                         ($asset->supplier) ? e($asset->supplier->name) : '',
                         ($asset->assignedTo) ? e($asset->assignedTo->present()->name()) : '',
                         ($asset->last_checkout!='') ? e($asset->last_checkout) : '',
-                        e($asset->assetLoc->present()->name()),
+                        ($asset->assetLoc) ? e($asset->assetLoc->present()->name()) : '',
                         ($asset->notes) ? e($asset->notes) : '',
                     ];
                     foreach ($customfields as $field) {
@@ -168,7 +196,8 @@ class ReportsController extends Controller
             fclose($handle);
         }, 200, [
             'Content-Type' => 'text/csv',
-            'Content-Disposition' => 'attachment; filename="assets-'.date('Y-m-d-his').'.csv"',
+            'Content-Disposition'
+                => 'attachment; filename="'.(($request->has('status')) ? trim($request->input('status')) : 'all').'-assets-'.date('Y-m-d-his').'.csv"',
         ]);
 
         return $response;
@@ -543,8 +572,8 @@ class ReportsController extends Controller
 
 
             if (e(Input::get('assigned_to')) == '1') {
-                if ($asset->assignedTo) {
-                    $row[] = '"' .e($asset->assignedTo->present()->name()). '"';
+                if ($asset->assignedto) {
+                    $row[] = '"' .e($asset->assignedto->present()->name()). '"';
                 } else {
                     $row[] = ''; // Empty string if unassigned
                 }
@@ -553,7 +582,7 @@ class ReportsController extends Controller
             if (e(Input::get('username')) == '1') {
                 // Only works if we're checked out to a user, not anything else.
                 if ($asset->checkedOutToUser()) {
-                    $row[] = '"' .e($asset->assignedTo->username). '"';
+                    $row[] = '"' .e($asset->assignedto->username). '"';
                 } else {
                     $row[] = ''; // Empty string if unassigned
                 }
@@ -562,7 +591,7 @@ class ReportsController extends Controller
             if (e(Input::get('employee_num')) == '1') {
                 // Only works if we're checked out to a user, not anything else.
                 if ($asset->checkedOutToUser()) {
-                    $row[] = '"' .e($asset->assignedTo->employee_num). '"';
+                    $row[] = '"' .e($asset->assignedto->employee_num). '"';
                 } else {
                     $row[] = ''; // Empty string if unassigned
                 }

app/Http/Controllers/SettingsController.php

@@ -21,6 +21,7 @@ use App\Models\User;
 use App\Http\Requests\SetupUserRequest;
 use App\Http\Requests\ImageUploadRequest;
 use App\Http\Requests\SettingsLdapRequest;
+use App\Helpers\Helper;
 
 /**
  * This controller handles all actions related to Settings for
@@ -136,28 +137,6 @@ class SettingsController extends Controller
         ->with('section', 'Pre-Flight Check');
     }
 
-    /**
-    * Test the email configuration
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @since [v3.0]
-    * @return Redirect
-    */
-    public function ajaxTestEmail()
-    {
-
-        try {
-            Mail::send('emails.test', [], function ($m) {
-                $m->to(config('mail.from.address'), config('mail.from.name'));
-                $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
-                $m->subject(trans('mail.test_email'));
-            });
-            return 'success';
-        } catch (Exception $e) {
-            return 'error';
-        }
-
-    }
 
     /**
     * Save the first admin user from Setup.
@@ -263,8 +242,8 @@ class SettingsController extends Controller
         $output = Artisan::output();
 
         if ((!file_exists(storage_path().'/oauth-private.key')) || (!file_exists(storage_path().'/oauth-public.key'))) {
-            Artisan::call('passport:install');
             Artisan::call('migrate', ['--force' => true]);
+            Artisan::call('passport:install');
         }
 
 
@@ -391,6 +370,7 @@ class SettingsController extends Controller
 
         $setting->brand = $request->input('brand', '1');
         $setting->header_color = $request->input('header_color');
+        $setting->show_url_in_emails = $request->input('show_url_in_emails', '0');
 
 
         // Only allow the site name and CSS to be changed if lock_passwords is false
@@ -414,7 +394,7 @@ class SettingsController extends Controller
                 $file_name = "logo.".$image->getClientOriginalExtension();
                 $path = public_path('uploads');
                 if ($image->getClientOriginalExtension()!='svg') {
-                    Image::make($image->getRealPath())->resize(null, 40, function ($constraint) {
+                    Image::make($image->getRealPath())->resize(null, 150, function ($constraint) {
                         $constraint->aspectRatio();
                         $constraint->upsize();
                     })->save($path.'/'.$file_name);
@@ -846,6 +826,7 @@ class SettingsController extends Controller
         $setting->is_ad = $request->input('is_ad', '0');
         $setting->ldap_tls = $request->input('ldap_tls', '0');
         $setting->ldap_pw_sync = $request->input('ldap_pw_sync', '0');
+        $setting->custom_forgot_pass_url = $request->input('custom_forgot_pass_url');
 
         if ($setting->save()) {
             return redirect()->route('settings.index')
@@ -1023,4 +1004,28 @@ class SettingsController extends Controller
     public function api() {
         return view('settings.api');
     }
+
+
+
+    /**
+     * Test the email configuration
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return Redirect
+     */
+    public function ajaxTestEmail()
+    {
+        try {
+            Mail::send('emails.test', [], function ($m) {
+                $m->to(config('mail.from.address'), config('mail.from.name'));
+                $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                $m->subject(trans('mail.test_email'));
+            });
+            return response()->json(Helper::formatStandardApiResponse('success', null, 'Maiol sent!'));
+        } catch (Exception $e) {
+            return response()->json(Helper::formatStandardApiResponse('success', null, $e->getMessage()));
+        }
+
+    }
 }

app/Http/Controllers/StatuslabelsController.php

@@ -200,17 +200,15 @@ class StatuslabelsController extends Controller
     {
         // Check if the Statuslabel exists
         if (is_null($statuslabel = Statuslabel::find($statuslabelId))) {
-            // Redirect to the blogs management page
             return redirect()->route('statuslabels.index')->with('error', trans('admin/statuslabels/message.not_found'));
         }
 
-
-        if ($statuslabel->has_assets() == 0) {
+        // Check that there are no assets associated
+        if ($statuslabel->assets()->count() == 0) {
             $statuslabel->delete();
-            // Redirect to the statuslabels management page
             return redirect()->route('statuslabels.index')->with('success', trans('admin/statuslabels/message.delete.success'));
         }
-        // Redirect to the asset management page
+
         return redirect()->route('statuslabels.index')->with('error', trans('admin/statuslabels/message.assoc_assets'));
     }
 

app/Http/Controllers/SuppliersController.php

@@ -13,6 +13,7 @@ use Str;
 use View;
 use Auth;
 use Illuminate\Http\Request;
+use App\Http\Requests\ImageUploadRequest;
 
 use Symfony\Component\HttpFoundation\JsonResponse;
 
@@ -56,7 +57,7 @@ class SuppliersController extends Controller
      * @param Request $request
      * @return \Illuminate\Http\RedirectResponse
      */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
     {
         // Create a new supplier
         $supplier = new Supplier;
@@ -87,9 +88,8 @@ class SuppliersController extends Controller
                 $supplier->image = $file_name;
         }
 
-            // Was it created?
         if ($supplier->save()) {
-          // Redirect to the new supplier  page
+          // Redirect to the nw supplier  page
             return redirect()->route('suppliers.index')->with('success', trans('admin/suppliers/message.create.success'));
         }
         return redirect()->back()->withInput()->withErrors($supplier->getErrors());
@@ -136,7 +136,7 @@ class SuppliersController extends Controller
      * @param  int  $supplierId
      * @return \Illuminate\Http\RedirectResponse
      */
-    public function update($supplierId = null, Request $request)
+    public function update($supplierId = null, ImageUploadRequest $request)
     {
         // Check if the supplier exists
         if (is_null($supplier = Supplier::find($supplierId))) {
@@ -159,18 +159,17 @@ class SuppliersController extends Controller
         $supplier->url                  = $supplier->addhttp(request('url'));
         $supplier->notes                = request('notes');
 
+
         if (Input::file('image')) {
             $image = $request->file('image');
-            $file_name = str_random(25).".".$image->getClientOriginalExtension();
+            $file_name = 'suppliers-'.str_random(25).".".$image->getClientOriginalExtension();
             $path = public_path('uploads/suppliers/'.$file_name);
             Image::make($image->getRealPath())->resize(300, null, function ($constraint) {
                 $constraint->aspectRatio();
                 $constraint->upsize();
             })->save($path);
             $supplier->image = $file_name;
-        }
-
-        if (request('image_delete') == 1 && $request->file('image') == "") {
+        } elseif (request('image_delete') == 1) {
             $supplier->image = null;
         }
 
@@ -190,23 +189,29 @@ class SuppliersController extends Controller
      */
     public function destroy($supplierId)
     {
-        // Check if the supplier exists
-        if (is_null($supplier = Supplier::find($supplierId))) {
-            // Redirect to the suppliers page
+        if (is_null($supplier = Supplier::with('asset_maintenances', 'assets', 'licenses')->withCount('asset_maintenances','assets','licenses')->find($supplierId))) {
             return redirect()->route('suppliers.index')->with('error', trans('admin/suppliers/message.not_found'));
         }
 
-        if ($supplier->num_assets() == 0) {
-            // Delete the supplier
-            $supplier->delete();
-            // Redirect to the suppliers management page
-            return redirect()->route('suppliers.index')->with(
-                'success',
-                trans('admin/suppliers/message.delete.success')
-            );
+
+        if ($supplier->assets_count > 0) {
+            return redirect()->route('suppliers.index')->with('error', trans('admin/suppliers/message.delete.assoc_assets', ['asset_count' => (int) $supplier->assets_count]));
         }
-        // Redirect to the asset management page
-        return redirect()->route('suppliers.index')->with('error', trans('admin/suppliers/message.assoc_users'));
+
+        if ($supplier->asset_maintenances_count > 0) {
+            return redirect()->route('suppliers.index')->with('error', trans('admin/suppliers/message.delete.assoc_maintenances', ['asset_maintenances_count' => $supplier->asset_maintenances_count]));
+        }
+
+        if ($supplier->licenses_count > 0) {
+            return redirect()->route('suppliers.index')->with('error', trans('admin/suppliers/message.delete.assoc_licenses', ['licenses_count' => (int) $supplier->licenses_count]));
+        }
+
+        $supplier->delete();
+        return redirect()->route('suppliers.index')->with('success',
+            trans('admin/suppliers/message.delete.success')
+        );
+
+
     }
 
 

app/Http/Controllers/UsersController.php

@@ -33,6 +33,7 @@ use URL;
 use View;
 use Illuminate\Http\Request;
 use Gate;
+use Artisan;
 
 /**
  * This controller handles all actions related to Users for
@@ -1029,128 +1030,20 @@ class UsersController extends Controller
      */
     public function postLDAP(Request $request)
     {
-        $this->authorize('update', User::class);
-        ini_set('max_execution_time', 600); //600 seconds = 10 minutes
-        ini_set('memory_limit', '500M');
+        // Call Artisan LDAP import command.
+        $location_id = $request->input('location_id');
+        Artisan::call('snipeit:ldap-sync', ['--location_id' => $location_id, '--json_summary' => true]);
 
-        $ldap_result_username = Setting::getSettings()->ldap_username_field;
-        $ldap_result_last_name = Setting::getSettings()->ldap_lname_field;
-        $ldap_result_first_name = Setting::getSettings()->ldap_fname_field;
+        // Collect and parse JSON summary.
+        $ldap_results_json = Artisan::output();
+        $ldap_results = json_decode($ldap_results_json, true);
 
-        $ldap_result_active_flag = Setting::getSettings()->ldap_active_flag_field;
-        $ldap_result_emp_num = Setting::getSettings()->ldap_emp_num;
-        $ldap_result_email = Setting::getSettings()->ldap_email;
-
-        try {
-            $ldapconn = Ldap::connectToLdap();
-        } catch (\Exception $e) {
-            return redirect()->back()->withInput()->with('error', $e->getMessage());
+        // Direct user to appropriate status page.
+        if ($ldap_results['error']) {
+            return redirect()->back()->withInput()->with('error', $ldap_results['error_message']);
+        } else {
+            return redirect()->route('ldap/user')->with('success', "LDAP Import successful.")->with('summary', $ldap_results['summary']);
         }
-
-        try {
-            Ldap::bindAdminToLdap($ldapconn);
-        } catch (\Exception $e) {
-            return redirect()->back()->withInput()->with('error', $e->getMessage());
-        }
-
-        $summary = array();
-
-        $ldap_ou_locations = Location::whereNotNull('ldap_ou')->get();
-
-        $results = Ldap::findLdapUsers();
-
-        // Inject location information fields
-        for ($i = 0; $i < $results["count"]; $i++) {
-            $results[$i]["ldap_location_override"] = false;
-            $results[$i]["location_id"] = 0;
-        }
-
-        // Grab subsets based on location-specific DNs, and overwrite location for these users.
-        foreach ($ldap_ou_locations as $ldap_loc) {
-            $location_users = Ldap::findLdapUsers($ldap_loc->ldap_ou);
-            $usernames = array();
-            for ($i = 0; $i < $location_users["count"]; $i++) {
-                $location_users[$i]["ldap_location_override"] = true;
-                $location_users[$i]["location_id"] = $ldap_loc->id;
-                $usernames[] = $location_users[$i][$ldap_result_username][0];
-            }
-
-            // Delete located users from the general group.
-            foreach ($results as $key => $generic_entry) {
-                if (in_array($generic_entry[$ldap_result_username][0], $location_users)) {
-                    unset($results[$key]);
-                }
-            }
-
-            $global_count = $results['count'];
-            $results = array_merge($location_users, $results);
-            $results['count'] = $global_count;
-        }
-
-        $tmp_pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
-        $pass = bcrypt($tmp_pass);
-
-        for ($i = 0; $i < $results["count"]; $i++) {
-            if (empty($ldap_result_active_flag) || $results[$i][$ldap_result_active_flag][0] == "TRUE") {
-
-                $item = array();
-                $item["username"] = isset($results[$i][$ldap_result_username][0]) ? $results[$i][$ldap_result_username][0] : "";
-                $item["employee_number"] = isset($results[$i][$ldap_result_emp_num][0]) ? $results[$i][$ldap_result_emp_num][0] : "";
-                $item["lastname"] = isset($results[$i][$ldap_result_last_name][0]) ? $results[$i][$ldap_result_last_name][0] : "";
-                $item["firstname"] = isset($results[$i][$ldap_result_first_name][0]) ? $results[$i][$ldap_result_first_name][0] : "";
-                $item["email"] = isset($results[$i][$ldap_result_email][0]) ? $results[$i][$ldap_result_email][0] : "" ;
-                $item["ldap_location_override"] = isset($results[$i]["ldap_location_override"]) ? $results[$i]["ldap_location_override"]:"";
-                $item["location_id"] = isset($results[$i]["location_id"]) ? $results[$i]["location_id"]:"";
-
-                if( array_key_exists('useraccountcontrol', $results[$i]) ) {
-                $enabled_accounts = [
-                        '512', '544', '66048', '66080', '262656', '262688', '328192', '328224'
-                    ];
-                    $item['activated'] = ( in_array($results[$i]['useraccountcontrol'][0], $enabled_accounts) ) ? 1 : 0;
-                } else {
-                    $item['activated'] = 0;
-                }
-
-                // User exists
-                $item["createorupdate"] = 'updated';
-                if (!$user = User::where('username', $item["username"])->first()) {
-                    $user = new User;
-                    $user->password = $pass;
-                    $item["createorupdate"] = 'created';
-                }
-
-                 // Create the user if they don't exist.
-                $user->first_name = $item["firstname"];
-                $user->last_name = $item["lastname"];
-                $user->username = $item["username"];
-                $user->email = $item["email"];
-                $user->employee_num = e($item["employee_number"]);
-                $user->activated = $item['activated'];
-                
-                if ($item['ldap_location_override'] == true) {
-                    $user->location_id = $item['location_id'];
-                } else if ($request->input('location_id')!='') {
-                    $user->location_id = e($request->input('location_id'));
-                }
-                $user->notes = 'Imported from LDAP';
-                $user->ldap_import = 1;
-
-                $errors = '';
-
-                if ($user->save()) {
-                    $item["note"] = $item["createorupdate"];
-                    $item["status"]='success';
-                } else {
-                    foreach ($user->getErrors()->getMessages() as $key => $err) {
-                        $errors .='<li>'.$err[0];
-                    }
-                    $item["note"] = $errors;
-                    $item["status"]='error';
-                }
-                array_push($summary, $item);
-            }
-        }
-        return redirect()->route('ldap/user')->with('success', "LDAP Import successful.")->with('summary', $summary);
     }
     
 

app/Http/Kernel.php

@@ -20,11 +20,12 @@ class Kernel extends HttpKernel
         \App\Http\Middleware\FrameGuard::class,
         \App\Http\Middleware\XssProtectHeader::class,
         \App\Http\Middleware\ReferrerPolicyHeader::class,
+        \App\Http\Middleware\ContentSecurityPolicyHeader::class,
         \App\Http\Middleware\NosniffGuard::class,
         \App\Http\Middleware\CheckForSetup::class,
         \Fideloper\Proxy\TrustProxies::class,
         \App\Http\Middleware\CheckForDebug::class,
-        \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
+       // \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
     ];
 
     /**

app/Http/Middleware/ContentSecurityPolicyHeader.php

@@ -0,0 +1,35 @@
+<?php
+namespace App\Http\Middleware;
+
+use Closure;
+
+class ContentSecurityPolicyHeader
+{
+    /**
+     * Handle the given request and get the response.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return \Illuminate\Http\Response
+     */
+    public function handle($request, Closure $next)
+    {
+        if ((config('app.debug')=='true')  || (config('app.enable_csp')!='true')) {
+            $response = $next($request);
+            return $response;
+        }
+
+        $policy[] = "default-src 'self'";
+        $policy[] = "style-src 'self' 'unsafe-inline' oss.maxcdn.com";
+        $policy[] = "script-src 'self' 'unsafe-inline' oss.mafxcdn.com cdnjs.cloudflare.com 'nonce-".csrf_token()."'";
+        $policy[] = "connect-src 'self'";
+        $policy[] = "object-src 'none'";
+        $policy[] = "font-src 'self' data:";
+        $policy[] = "img-src 'self' data: gravatar.com";
+        $policy = join(';', $policy);
+
+        $response = $next($request);
+        $response->headers->set('Content-Security-Policy', $policy);
+        return $response;
+    }
+}

app/Http/Requests/AssetCheckoutRequest.php

@@ -23,10 +23,13 @@ class AssetCheckoutRequest extends Request
      */
     public function rules()
     {
-        return [
+        $rules = [
             "assigned_user"   => 'required_without_all:assigned_asset,assigned_location',
-            "assigned_asset"   => 'required_without_all:assigned_user,assigned_location',
+            "assigned_asset"   => 'required_without_all:assigned_user,assigned_location|different:'.$this->id,
             "assigned_location"   => 'required_without_all:assigned_user,assigned_asset',
         ];
+
+
+        return $rules;
     }
 }

app/Http/Transformers/AccessoriesTransformer.php

@@ -25,6 +25,7 @@ class AccessoriesTransformer
             'name' => e($accessory->name),
             'company' => ($accessory->company) ? ['id' => $accessory->company->id,'name'=> e($accessory->company->name)] : null,
             'manufacturer' => ($accessory->manufacturer) ? ['id' => $accessory->manufacturer->id,'name'=> e($accessory->manufacturer->name)] : null,
+            'supplier' => ($accessory->supplier) ? ['id' => $accessory->supplier->id,'name'=> e($accessory->supplier->name)] : null,
             'model_number' => ($accessory->model_number) ? e($accessory->model_number) : null,
             'category' => ($accessory->category) ? ['id' => $accessory->category->id,'name'=> e($accessory->category->name)] : null,
             'location' => ($accessory->location) ? ['id' => $accessory->location->id,'name'=> e($accessory->location->name)] : null,
@@ -35,6 +36,7 @@ class AccessoriesTransformer
             'order_number' => ($accessory->order_number) ? e($accessory->order_number) : null,
             'min_qty' => ($accessory->min_amt) ? (int) $accessory->min_amt : null,
             'remaining_qty' => $accessory->numRemaining(),
+            'image' => ($accessory->image) ? url('/').'/uploads/accessories/'.e($accessory->image) : null,
             'created_at' => Helper::getFormattedDateObject($accessory->created_at, 'datetime'),
             'updated_at' => Helper::getFormattedDateObject($accessory->updated_at, 'datetime'),
 
@@ -59,14 +61,12 @@ class AccessoriesTransformer
     }
 
 
-    public function transformCheckedoutAccessory (Accessory $accessory, $total)
+    public function transformCheckedoutAccessory ($accessory_users, $total)
     {
 
 
-        
-
         $array = array();
-        foreach ($accessory->users as $user) {
+        foreach ($accessory_users as $user) {
             $array[] = [
                 'assigned_pivot_id' => $user->pivot->id,
                 'id' => (int) $user->id,
@@ -81,8 +81,6 @@ class AccessoriesTransformer
 
         }
 
-
-
         return (new DatatablesTransformer)->transformDatatables($array, $total);
     }
 

app/Http/Transformers/AssetModelsTransformer.php

@@ -47,13 +47,15 @@ class AssetModelsTransformer
             'notes' => e($assetmodel->notes),
             'created_at' => Helper::getFormattedDateObject($assetmodel->created_at, 'datetime'),
             'updated_at' => Helper::getFormattedDateObject($assetmodel->updated_at, 'datetime'),
+            'deleted_at' => Helper::getFormattedDateObject($assetmodel->deleted_at, 'datetime'),
 
         ];
 
         $permissions_array['available_actions'] = [
-            'update' => Gate::allows('update', AssetModel::class) ? true : false,
-            'delete' => Gate::allows('delete', AssetModel::class) ? true : false,
-            'clone' => Gate::allows('create', AssetModel::class) ? true : false,
+            'update' => (Gate::allows('update', AssetModel::class) && ($assetmodel->deleted_at==''))  ? true : false,
+            'delete' => (Gate::allows('delete', AssetModel::class) && ($assetmodel->deleted_at=='')) ? true : false,
+            'clone' => (Gate::allows('create', AssetModel::class) && ($assetmodel->deleted_at=='')) ,
+            'restore' => (Gate::allows('create', AssetModel::class) && ($assetmodel->deleted_at!='')) ? true : false,
         ];
 
         $array += $permissions_array;

app/Http/Transformers/AssetsTransformer.php

@@ -33,8 +33,8 @@ class AssetsTransformer
             'model_number' => ($asset->model) ? e($asset->model->model_number) : null,
             'status_label' => ($asset->assetstatus) ? [
                 'id' => (int) $asset->assetstatus->id,
-                'name'=> e($asset->assetstatus->name),
-                'status_type' =>  e($asset->assetstatus->getStatuslabelType()),
+                'name'=> e($asset->present()->statusText),
+                'status_meta' =>  e($asset->present()->statusMeta),
             ] : null,
             'category' => ($asset->model->category) ? [
                 'id' => (int) $asset->model->category->id,

app/Http/Transformers/CategoriesTransformer.php

@@ -26,7 +26,7 @@ class CategoriesTransformer
                 'id' => (int) $category->id,
                 'name' => e($category->name),
                 'type' => e($category->category_type),
-                'use_default_eula' => ($category->use_default_eula =='1') ? true : false,
+                'eula' => ($category->getEula()) ? true : false,
                 'checkin_email' => ($category->checkin_email =='1') ? true : false,
                 'require_acceptance' => ($category->require_acceptance =='1') ? true : false,
                 'assets_count' => $category->assets_count,
@@ -39,7 +39,7 @@ class CategoriesTransformer
 
             $permissions_array['available_actions'] = [
                 'update' => Gate::allows('update', Category::class) ? true : false,
-                'delete' => Gate::allows('delete', Category::class) ? true : false,
+                'delete' => (Gate::allows('delete', Category::class) && ($category->assets_count == 0) && ($category->accessories_count == 0) && ($category->consumables_count == 0) && ($category->components_count == 0)) ? true : false,
             ];
 
             $array += $permissions_array;

app/Http/Transformers/ComponentsTransformer.php

@@ -58,12 +58,22 @@ class ComponentsTransformer
     }
 
 
-    public function transformCheckedoutComponents(Collection $components_users, $total)
+    public function transformCheckedoutComponents(Collection $components_assets, $total)
     {
         $array = array();
-        foreach ($components_users as $user) {
-            $array[] = (new UsersTransformer)->transformUser($user);
+        foreach ($components_assets as $asset) {
+            $array[] = [
+                'assigned_pivot_id' => $asset->pivot->id,
+                'id' => (int) $asset->id,
+                'name' =>  e($asset->model->present()->name) .' '.e($asset->present()->name),
+                'qty' => $asset->pivot->assigned_qty,
+                'type' => 'asset',
+                'created_at' => Helper::getFormattedDateObject($asset->pivot->created_at, 'datetime'),
+                'available_actions' => ['checkin' => true]
+            ];
+
         }
+
         return (new DatatablesTransformer)->transformDatatables($array, $total);
     }
 }

app/Http/Transformers/ImportsTransformer.php

@@ -29,7 +29,6 @@ class ImportsTransformer
             'header_row' => $import->header_row,
             'first_row'  => $import->first_row,
             'field_map'  => $import->field_map,
-
         ];
 
         return $array;

app/Http/Transformers/LocationsTransformer.php

@@ -38,8 +38,8 @@ class LocationsTransformer
                 'state' => e($location->state),
                 'country' => e($location->country),
                 'zip' => e($location->zip),
-                'assets_checkedout' => $location->assets()->count(),
-                'assets_default'    => $location->assignedassets()->count(),
+                'assets_checkedout' => $location->location_assets_count,
+                'assets_default'    => $location->assigned_assets_count,
 
                 'created_at' => Helper::getFormattedDateObject($location->created_at, 'datetime'),
                 'updated_at' => Helper::getFormattedDateObject($location->updated_at, 'datetime'),

app/Http/Transformers/StatuslabelsTransformer.php

@@ -26,6 +26,7 @@ class StatuslabelsTransformer
             'type' => $statuslabel->getStatuslabelType(),
             'color' => ($statuslabel->color) ? e($statuslabel->color) : null,
             'show_in_nav' => ($statuslabel->show_in_nav=='1') ? true : false,
+            'assets_count' => (int) $statuslabel->assets_count,
             'notes' => e($statuslabel->notes),
             'created_at' => Helper::getFormattedDateObject($statuslabel->created_at, 'datetime'),
             'updated_at' => Helper::getFormattedDateObject($statuslabel->updated_at, 'datetime'),
@@ -33,7 +34,7 @@ class StatuslabelsTransformer
 
         $permissions_array['available_actions'] = [
             'update' => Gate::allows('update', Statuslabel::class) ? true : false,
-            'delete' => Gate::allows('delete', Statuslabel::class) ? true : false,
+            'delete' => (Gate::allows('delete', Statuslabel::class) && ($statuslabel->assets_count == 0)) ? true : false,
         ];
         $array += $permissions_array;
 

app/Http/Transformers/SuppliersTransformer.php

@@ -36,8 +36,9 @@ class SuppliersTransformer
                 'email' => ($supplier->email) ? e($supplier->email) : null,
                 'contact' => ($supplier->contact) ? e($supplier->contact) : null,
                 'assets_count' => (int) $supplier->assets_count,
+                'accessories_count' => (int) $supplier->accessories_count,
                 'licenses_count' => (int) $supplier->licenses_count,
-                'image' =>   ($supplier->image) ? e($supplier->image) : null,
+                'image' =>   ($supplier->image) ? url('/').'/uploads/suppliers/'.e($supplier->image) : null,
                 'notes' => ($supplier->notes) ? e($supplier->notes) : null,
                 'created_at' => Helper::getFormattedDateObject($supplier->created_at, 'datetime'),
                 'updated_at' => Helper::getFormattedDateObject($supplier->updated_at, 'datetime'),
@@ -46,7 +47,7 @@ class SuppliersTransformer
 
             $permissions_array['available_actions'] = [
                 'update' => Gate::allows('update', Supplier::class) ? true : false,
-                'delete' => Gate::allows('delete', Supplier::class) ? true : false,
+                'delete' => (Gate::allows('delete', Supplier::class) && ($supplier->assets_count == 0) && ($supplier->licenses_count == 0)  && ($supplier->accessories_count == 0)) ? true : false,
             ];
 
             $array += $permissions_array;

app/Http/Transformers/UsersTransformer.php

@@ -33,6 +33,7 @@ class UsersTransformer
                     'name'=> e($user->manager->username)
                 ]  : null,
                 'jobtitle' => ($user->jobtitle) ? e($user->jobtitle) : null,
+                'phone' => ($user->phone) ? e($user->phone) : null,
                 'email' => e($user->email),
                 'department' => ($user->department) ? [
                     'id' => (int) $user->department->id,
@@ -42,6 +43,7 @@ class UsersTransformer
                     'id' => (int) $user->userloc->id,
                     'name'=> e($user->userloc->name)
                 ]  : null,
+                'notes'=> e($user->notes),
                 'permissions' => $user->decodePermissions(),
                 'activated' => ($user->activated =='1') ? true : false,
                 'two_factor_activated' => ($user->two_factor_active()) ? true : false,
@@ -57,7 +59,7 @@ class UsersTransformer
 
         $permissions_array['available_actions'] = [
             'update' => (Gate::allows('update', User::class) && ($user->deleted_at==''))  ? true : false,
-            'delete' => (Gate::allows('delete', User::class) && ($user->deleted_at=='')) ? true : false,
+            'delete' => (Gate::allows('delete', User::class) && ($user->deleted_at=='') && ($user->assets_count == 0) && ($user->licenses_count == 0)  && ($user->accessories_count == 0)  && ($user->consumables_count == 0)) ? true : false,
             'clone' => (Gate::allows('create', User::class) && ($user->deleted_at=='')) ,
             'restore' => (Gate::allows('create', User::class) && ($user->deleted_at!='')) ? true : false,
         ];

app/Importer/AssetImporter.php

@@ -23,14 +23,18 @@ class AssetImporter extends ItemImporter
         // ItemImporter handles the general fetching.
         parent::handle($row);
 
-        foreach ($this->customFields as $customField) {
-            $customFieldValue = $this->array_smart_custom_field_fetch($row, $customField);
-            if ($customFieldValue) {
-                $this->item['custom_fields'][$customField->db_column_name()] = $customFieldValue;
-                $this->log('Custom Field '. $customField->name.': '.$customFieldValue);
+        if ($this->customFields) {
+
+            foreach ($this->customFields as $customField) {
+                $customFieldValue = $this->array_smart_custom_field_fetch($row, $customField);
+                if ($customFieldValue) {
+                    $this->item['custom_fields'][$customField->db_column_name()] = $customFieldValue;
+                    $this->log('Custom Field '. $customField->name.': '.$customFieldValue);
+                }
             }
         }
 
+
         $this->createAssetIfNotExists($row);
     }
 

app/Importer/LicenseImporter.php

@@ -33,10 +33,12 @@ class LicenseImporter extends ItemImporter
     public function createLicenseIfNotExists(array $row)
     {
         $editingLicense = false;
-        $license = License::where('name', $this->item['name'])->first();
+        $license = License::where('name', $this->item['name'])
+                    ->where('serial', $this->item['serial'])
+                    ->first();
         if ($license) {
             if (!$this->updating) {
-                $this->log('A matching License ' . $this->item['name'] . ' already exists');
+                $this->log('A matching License ' . $this->item['name'] . 'with serial ' . $this->item['serial'] . ' already exists');
                 return;
             }
 

app/Models/Accessory.php

@@ -17,7 +17,7 @@ class Accessory extends SnipeModel
     use Loggable, Presentable;
     use SoftDeletes;
 
-    protected $dates = ['deleted_at', 'purchase_date'];
+    protected $dates = ['deleted_at'];
     protected $table = 'accessories';
     protected $casts = [
         'requestable' => 'boolean'
@@ -61,10 +61,19 @@ class Accessory extends SnipeModel
         'purchase_date',
         'model_number',
         'manufacturer_id',
+        'supplier_id',
+        'image',
         'qty',
         'requestable'
     ];
 
+
+    public function supplier()
+    {
+        return $this->belongsTo('\App\Models\Supplier', 'supplier_id');
+    }
+    
+
     public function setRequestableAttribute($value)
     {
         if ($value == '') {

app/Models/Asset.php

@@ -179,13 +179,14 @@ class Asset extends Depreciable
 
     public function getDetailedNameAttribute()
     {
-        if ($this->assignedTo) {
-            $user_name = $this->assignedTo->present()->name();
+        if ($this->assignedto) {
+            $user_name = $this->assignedto->present()->name();
         } else {
             $user_name = "Unassigned";
         }
         return $this->asset_tag . ' - ' . $this->name . ' (' . $user_name . ') ' . $this->model->name;
     }
+
     public function validationRules($id = '0')
     {
         return $this->rules;
@@ -486,7 +487,7 @@ class Asset extends Depreciable
         } elseif ($this->model->category->use_default_eula == '1') {
             return $Parsedown->text(e(Setting::getSettings()->default_eula_text));
         } else {
-            return null;
+            return false;
         }
     }
 
@@ -725,7 +726,8 @@ class Asset extends Depreciable
 
 
     /**
-    * Query builder scope to search on text for complex Bootstrap Tables API
+    * Query builder scope to search on text for complex Bootstrap Tables API.
+    * This is really horrible, but I can't think of a less-awful way to do it.
     *
     * @param  \Illuminate\Database\Query\Builder  $query  Query builder instance
     * @param  text                              $search      Search term
@@ -736,7 +738,16 @@ class Asset extends Depreciable
     {
         $search = explode(' OR ', $search);
 
-        return $query->where(function ($query) use ($search) {
+        return $query->leftJoin('users',function ($leftJoin) {
+            $leftJoin->on("users.id", "=", "assets.assigned_to")
+                ->where("assets.assigned_type", "=", User::class);
+        })->leftJoin('locations',function ($leftJoin) {
+            $leftJoin->on("locations.id","=","assets.assigned_to")
+                ->where("assets.assigned_type","=",Location::class);
+        })->leftJoin('assets as assigned_assets',function ($leftJoin) {
+            $leftJoin->on('assigned_assets.id', '=', 'assets.assigned_to')
+                ->where('assets.assigned_type', '=', Asset::class);
+        })->where(function ($query) use ($search) {
             foreach ($search as $search) {
                 $query->whereHas('model', function ($query) use ($search) {
                     $query->whereHas('category', function ($query) use ($search) {
@@ -769,26 +780,12 @@ class Asset extends Depreciable
                     $query->whereHas('defaultLoc', function ($query) use ($search) {
                         $query->where('locations.name', 'LIKE', '%'.$search.'%');
                     });
-                    //FIXME: This needs attention to work with checkout to not-users.
-                // })->orWhere(function ($query) use ($search) {
-                    // $query->whereHas('assignedTo', function ($query) use ($search) {
-                    //     $query->where(function ($query) use ($search) {
-                    //         $query->where('assets.assigned_type', '=', User::class)
-                    //         ->join('users', 'users.id', '=', 'assets.assigned_to')
-                    //         ->where(function($query) use ($search) {
-                    //             $query->where('users.first_name', 'LIKE', '%'.$search.'%')
-                    //             ->orWhere('users.last_name', 'LIKE', '%'.$search.'%');
-                    //         });
-                    //     })->orWhere(function ($query) use ($search) {
-                    //         $query->where('assets.assigned_type', '=', Location::class)
-                    //         ->join('locations', 'locations.id', '=', 'assets.assigned_to')
-                    //         ->where('locations.name', 'LIKE', '%'.$search.'%');
-                    //     })->orWhere(function ($query) use ($search) {
-                    //         $query->where('assets.assigned_type', '=', Asset::class)
-                    //         ->join('assets as assigned_asset', 'assigned_assets.id', '=', 'assets.assigned_to')
-                    //         ->where('assigned_assets.name', 'LIKE', '%'.$search.'%');
-                    //     });
-                    // });
+                 })->orWhere(function ($query) use ($search) {
+                         $query->where('users.first_name', 'LIKE', '%'.$search.'%')
+                         ->orWhere('users.last_name', 'LIKE', '%'.$search.'%')
+                         ->orWhere('users.username', 'LIKE', '%'.$search.'%')
+                         ->orWhere('locations.name', 'LIKE', '%'.$search.'%')
+                         ->orWhere('assigned_assets.name', 'LIKE', '%'.$search.'%');
                 })->orWhere('assets.name', 'LIKE', '%'.$search.'%')
                     ->orWhere('assets.asset_tag', 'LIKE', '%'.$search.'%')
                     ->orWhere('assets.serial', 'LIKE', '%'.$search.'%')
@@ -796,9 +793,9 @@ class Asset extends Depreciable
                     ->orWhere('assets.notes', 'LIKE', '%'.$search.'%');
             }
             foreach (CustomField::all() as $field) {
-                $query->orWhere($field->db_column_name(), 'LIKE', "%$search%");
+                $query->orWhere('assets.'.$field->db_column_name(), 'LIKE', "%$search%");
             }
-        });
+        })->withTrashed()->whereNull("assets.deleted_at"); //workaround for laravel bug
     }
 
 
@@ -815,57 +812,60 @@ class Asset extends Depreciable
     {
         return $query->where(function ($query) use ($filter) {
             foreach ($filter as $key => $search_val) {
-                if ($key =='asset_tag') {
+
+                $fieldname = str_replace('custom_fields.','', $key) ;
+
+                if ($fieldname =='asset_tag') {
                     $query->where('assets.asset_tag', 'LIKE', '%'.$search_val.'%');
                 }
 
-                if ($key =='name') {
+                if ($fieldname =='name') {
                     $query->where('assets.name', 'LIKE', '%'.$search_val.'%');
                 }
 
-                if ($key =='product_key') {
+                if ($fieldname =='product_key') {
                     $query->where('assets.serial', 'LIKE', '%'.$search_val.'%');
                 }
 
-                if ($key =='purchase_date') {
+                if ($fieldname =='purchase_date') {
                     $query->where('assets.purchase_date', 'LIKE', '%'.$search_val.'%');
                 }
 
-                if ($key =='purchase_cost') {
+                if ($fieldname =='purchase_cost') {
                     $query->where('assets.purchase_cost', 'LIKE', '%'.$search_val.'%');
                 }
 
-                if ($key =='notes') {
+                if ($fieldname =='notes') {
                     $query->where('assets.notes', 'LIKE', '%'.$search_val.'%');
                 }
 
-                if ($key =='order_number') {
+                if ($fieldname =='order_number') {
                     $query->where('assets.order_number', 'LIKE', '%'.$search_val.'%');
                 }
 
-                if ($key =='status_label') {
+                if ($fieldname =='status_label') {
                     $query->whereHas('assetstatus', function ($query) use ($search_val) {
                         $query->where('status_labels.name', 'LIKE', '%' . $search_val . '%');
                     });
                 }
 
-                if ($key =='location') {
+                if ($fieldname =='location') {
                     $query->whereHas('defaultLoc', function ($query) use ($search_val) {
                         $query->where('locations.name', 'LIKE', '%' . $search_val . '%');
                     });
                 }
 
-                if ($key =='checkedout_to') {
-                    $query->whereHas('assigneduser', function ($query) use ($search) {
-                        $query->where(function ($query) use ($search) {
-                            $query->where('users.first_name', 'LIKE', '%' . $search . '%')
-                                ->orWhere('users.last_name', 'LIKE', '%' . $search . '%');
+                if ($fieldname =='checkedout_to') {
+                    $query->whereHas('assigneduser', function ($query) use ($search_val) {
+                        $query->where(function ($query) use ($search_val) {
+                            $query->where('users.first_name', 'LIKE', '%' . $search_val . '%')
+                                ->orWhere('users.last_name', 'LIKE', '%' . $search_val . '%');
                         });
                     });
                 }
 
 
-                if ($key =='manufacturer') {
+                if ($fieldname =='manufacturer') {
                     $query->whereHas('model', function ($query) use ($search_val) {
                         $query->whereHas('manufacturer', function ($query) use ($search_val) {
                             $query->where(function ($query) use ($search_val) {
@@ -875,9 +875,9 @@ class Asset extends Depreciable
                     });
                 }
 
-                if ($key =='category') {
-                    $query->whereHas('model', function ($query) use ($search) {
-                        $query->whereHas('category', function ($query) use ($search) {
+                if ($fieldname =='category') {
+                    $query->whereHas('model', function ($query) use ($search_val) {
+                        $query->whereHas('category', function ($query) use ($search_val) {
                             $query->where(function ($query) use ($search_val) {
                                 $query->where('categories.name', 'LIKE', '%' . $search_val . '%')
                                     ->orWhere('models.name', 'LIKE', '%' . $search_val . '%')
@@ -887,7 +887,7 @@ class Asset extends Depreciable
                     });
                 }
 
-                if ($key =='model') {
+                if ($fieldname =='model') {
                     $query->where(function ($query) use ($search_val) {
                         $query->whereHas('model', function ($query) use ($search_val) {
                             $query->where('models.name', 'LIKE', '%' . $search_val . '%');
@@ -895,7 +895,7 @@ class Asset extends Depreciable
                     });
                 }
 
-                if ($key =='model_number') {
+                if ($fieldname =='model_number') {
                     $query->where(function ($query) use ($search_val) {
                         $query->whereHas('model', function ($query) use ($search_val) {
                             $query->where('models.model_number', 'LIKE', '%' . $search_val . '%');
@@ -904,7 +904,7 @@ class Asset extends Depreciable
                 }
 
 
-                if ($key =='company') {
+                if ($fieldname =='company') {
                     $query->where(function ($query) use ($search_val) {
                         $query->whereHas('company', function ($query) use ($search_val) {
                             $query->where('companies.name', 'LIKE', '%' . $search_val . '%');
@@ -913,12 +913,12 @@ class Asset extends Depreciable
                 }
             }
 
-            foreach (CustomField::all() as $field) {
-                if (array_key_exists($field->db_column_name(), $filter)) {
-                    $query->orWhere($field->db_column_name(), 'LIKE', "%$search_val%");
-                }
-            }
+
+            $query->orWhere('assets.'.$fieldname, 'LIKE', '%' . $search_val . '%');
+
+
         });
+
     }
 
 
@@ -1060,7 +1060,7 @@ class Asset extends Depreciable
     */
     public function scopeOrderLocation($query, $order)
     {
-        return $query->join('locations', 'locations.id', '=', 'assets.rtd_location_id')->orderBy('locations.name', $order);
+        return $query->leftJoin('locations', 'locations.id', '=', 'assets.rtd_location_id')->orderBy('locations.name', $order);
     }
 
 
@@ -1103,4 +1103,20 @@ class Asset extends Depreciable
     }
 
 
+    /**
+     * Query builder scope to search on location ID
+     *
+     * @param  \Illuminate\Database\Query\Builder  $query  Query builder instance
+     * @param  text                              $search      Search term
+     *
+     * @return \Illuminate\Database\Query\Builder          Modified query builder
+     */
+    public function scopeByDepreciationId($query, $search)
+    {
+        return $query->join('models', 'assets.model_id', '=', 'models.id')
+            ->join('depreciations', 'models.depreciation_id', '=', 'depreciations.id')->where('models.depreciation_id', '=', $search);
+
+    }
+
+
 }

app/Models/AssetMaintenance.php

@@ -29,7 +29,7 @@ class AssetMaintenance extends Model implements ICompanyableChild
         'title'                  => 'required|max:100',
         'is_warranty'            => 'boolean',
         'start_date'             => 'required|date_format:"Y-m-d"',
-        'completion_date'        => 'date_format:"Y-m-d"',
+        'completion_date'        => 'nullable|date_format:"Y-m-d"',
         'notes'                  => 'string|nullable',
         'cost'                   => 'numeric|nullable'
     ];

app/Models/AssetModel.php

@@ -153,17 +153,17 @@ class AssetModel extends SnipeModel
             ->orWhere('model_number', 'LIKE', "%$search%")
             ->orWhere(function ($query) use ($search) {
                 $query->whereHas('depreciation', function ($query) use ($search) {
-                    $query->where('name', 'LIKE', '%'.$search.'%');
+                    $query->where('depreciations.name', 'LIKE', '%'.$search.'%');
                 });
             })
             ->orWhere(function ($query) use ($search) {
                 $query->whereHas('category', function ($query) use ($search) {
-                    $query->where('name', 'LIKE', '%'.$search.'%');
+                    $query->where('categories.name', 'LIKE', '%'.$search.'%');
                 });
             })
             ->orWhere(function ($query) use ($search) {
                 $query->whereHas('manufacturer', function ($query) use ($search) {
-                    $query->where('name', 'LIKE', '%'.$search.'%');
+                    $query->where('manufacturers.name', 'LIKE', '%'.$search.'%');
                 });
             });
 

app/Models/Component.php

@@ -64,7 +64,7 @@ class Component extends SnipeModel
 
     public function assets()
     {
-        return $this->belongsToMany('\App\Models\Asset', 'components_assets')->withPivot('assigned_qty', 'created_at', 'user_id');
+        return $this->belongsToMany('\App\Models\Asset', 'components_assets')->withPivot('id', 'assigned_qty', 'created_at', 'user_id');
     }
 
     public function admin()

app/Models/CustomField.php

@@ -62,9 +62,18 @@ class CustomField extends Model
                     return true;
                 }
 
-                return Schema::table(CustomField::$table_name, function ($table) use ($custom_field) {
+                $platform = Schema::getConnection()->getDoctrineSchemaManager()->getDatabasePlatform();
+                $platform->registerDoctrineTypeMapping('enum', 'string');
+                
+                Schema::table(CustomField::$table_name, function ($table) use ($custom_field) {
                     $table->renameColumn($custom_field->convertUnicodeDbSlug($custom_field->getOriginal("name")), $custom_field->convertUnicodeDbSlug());
                 });
+
+
+                $custom_field->db_column = $custom_field->convertUnicodeDbSlug();
+                $custom_field->save();
+
+                return true;
             }
             return true;
         });

app/Models/CustomFieldset.php

@@ -47,9 +47,7 @@ class CustomFieldset extends Model
 
             if (($field->field_encrypted!='1') ||
                   (($field->field_encrypted =='1')  && (Gate::allows('admin')) )) {
-                if ($field->pivot->required) {
-                    $rule[]="required";
-                }
+                    $rule[] = ($field->pivot->required=='1') ? "required" : "nullable";
             }
 
             array_push($rule, $field->attributes['format']);

app/Models/Group.php

@@ -36,4 +36,21 @@ class Group extends SnipeModel
     {
         return json_decode($this->permissions, true);
     }
+
+    /**
+     * Query builder scope to search on text
+     *
+     * @param  Illuminate\Database\Query\Builder  $query  Query builder instance
+     * @param  text                              $search      Search term
+     *
+     * @return Illuminate\Database\Query\Builder          Modified query builder
+     */
+    public function scopeTextSearch($query, $search)
+    {
+
+        return $query->where(function ($query) use ($search) {
+
+            $query->where('name', 'LIKE', '%'.$search.'%');
+        });
+    }
 }

app/Models/Ldap.php

@@ -77,25 +77,22 @@ class Ldap extends Model
         $connection = Ldap::connectToLdap();
         $ldap_username_field     = $settings->ldap_username_field;
         $baseDn      = $settings->ldap_basedn;
+        $userDn      = $ldap_username_field.'='.$username.','.$settings->ldap_basedn;
 
         if ($settings->is_ad =='1') {
-        // Check if they are using the userprincipalname for the username field.
+            // Check if they are using the userprincipalname for the username field.
             // If they are, we can skip building the UPN to authenticate against AD
             if ($ldap_username_field=='userprincipalname') {
                 $userDn = $username;
             } else {
                 // In case they haven't added an AD domain
-                if ($settings->ad_domain == '') {
-                    $userDn      = $username.'@'.$settings->email_domain;
-                } else {
-                    $userDn      = $username.'@'.$settings->ad_domain;
-                }
+                    $userDn  = ($settings->ad_domain != '') ?  $username.'@'.$settings->ad_domain : $username.'@'.$settings->email_domain;
             }
 
-        } else {
-            $userDn      = $ldap_username_field.'='.$username.','.$settings->ldap_basedn;
         }
 
+        \Log::debug('Attempting to login using distinguished name:'.$userDn);
+
 
         $filterQuery = $settings->ldap_auth_filter_query . $username;
 

app/Models/Location.php

@@ -54,7 +54,7 @@ class Location extends SnipeModel
 
     public function assets()
     {
-        return $this->hasManyThrough('\App\Models\Asset', '\App\Models\User', 'location_id', 'assigned_to', 'id');
+        return $this->hasManyThrough('\App\Models\Asset', '\App\Models\User', 'location_id', 'assigned_to', 'id')->where("assets.assigned_type",User::class);
     }
 
     public function locationAssets()
@@ -83,6 +83,11 @@ class Location extends SnipeModel
         // return $this->hasMany('\App\Models\Asset', 'assigned_to')->withTrashed();
     }
 
+    public function setLdapOuAttribute($ldap_ou)
+    {
+        return $this->attributes['ldap_ou'] = empty($ldap_ou) ? null : $ldap_ou;
+    }
+
     public static function getLocationHierarchy($locations, $parent_id = null)
     {
 

app/Models/Setting.php

@@ -38,6 +38,7 @@ class Setting extends Model
           "pwd_secure_min" => "numeric|required|min:5",
           "audit_warning_days" => "numeric|nullable",
           "audit_interval" => "numeric|nullable",
+          "custom_forgot_pass_url" => "url|nullable",
     ];
 
     protected $fillable = ['site_name','email_domain','email_format','username_format'];

app/Models/Statuslabel.php

@@ -21,7 +21,7 @@ class Statuslabel extends SnipeModel
 
     protected $rules = array(
         'name'  => 'required|string|unique_undeleted',
-        'notes'   => 'string',
+        'notes'   => 'string|nullable',
         'deployable' => 'required',
         'pending' => 'required',
         'archived' => 'required',
@@ -29,16 +29,6 @@ class Statuslabel extends SnipeModel
 
     protected $fillable = ['name', 'deployable', 'pending', 'archived'];
 
-    /**
-     * Show count of assets with status label
-     *
-     * @todo Remove this. It's dumb.
-     * @return \Illuminate\Support\Collection
-     */
-    public function has_assets()
-    {
-        return $this->hasMany('\App\Models\Asset', 'status_id')->count();
-    }
 
     /**
      * Get assets with associated status label
@@ -64,6 +54,27 @@ class Statuslabel extends SnipeModel
         }
     }
 
+    public function scopePending()
+    {
+        return $this->where('pending', '=', 1)
+                    ->where('archived', '=', 0)
+                    ->where('deployable', '=', 0);
+    }
+
+    public function scopeArchived()
+    {
+        return $this->where('pending', '=', 0)
+            ->where('archived', '=', 1)
+            ->where('deployable', '=', 0);
+    }
+
+    public function scopeDeployable()
+    {
+        return $this->where('pending', '=', 0)
+            ->where('archived', '=', 0)
+            ->where('deployable', '=', 1);
+    }
+
 
     public static function getStatuslabelTypesForDB($type)
     {

app/Models/Supplier.php

@@ -15,18 +15,18 @@ class Supplier extends SnipeModel
 
     protected $rules = array(
         'name'              => 'required|min:3|max:255|unique_undeleted',
-        'address'           => 'min:3|max:50',
-        'address2'          => 'min:2|max:50',
-        'city'              => 'min:3|max:255',
-        'state'             => 'min:0|max:32',
-        'country'           => 'min:0|max:2',
-        'fax'               => 'min:7|max:35',
-        'phone'             => 'min:7|max:35',
-        'contact'           => 'min:0|max:100',
-        'notes'             => 'min:0|max:255',
-        'email'             => 'email|min:5|max:150',
-        'zip'               => 'min:0|max:10',
-        'url'               => 'min:3|max:250',
+        'address'           => 'max:50|nullable',
+        'address2'          => 'max:50|nullable',
+        'city'              => 'max:255|nullable',
+        'state'             => 'max:32|nullable',
+        'country'           => 'max:3|nullable',
+        'fax'               => 'min:7|max:35|nullable',
+        'phone'             => 'min:7|max:35|nullable',
+        'contact'           => 'max:100|nullable',
+        'notes'             => 'max:255|nullable',
+        'email'             => 'email|max:150|nullable',
+        'zip'               => 'max:10|nullable',
+        'url'               => 'sometimes|nullable|string|max:250',
     );
 
     /**
@@ -68,6 +68,11 @@ class Supplier extends SnipeModel
         return $this->hasMany('\App\Models\Asset', 'supplier_id');
     }
 
+    public function accessories()
+    {
+        return $this->hasMany('\App\Models\Accessory', 'supplier_id');
+    }
+
     public function asset_maintenances()
     {
         return $this->hasMany('\App\Models\AssetMaintenance', 'supplier_id');

app/Models/User.php

@@ -378,6 +378,14 @@ class User extends SnipeModel implements AuthenticatableContract, CanResetPasswo
         return json_decode($this->permissions, true);
     }
 
+
+    public function scopeByGroup($query, $id) {
+        return $query->whereHas('groups', function ($query) use ($id) {
+            $query->where('id', '=', $id);
+        });
+    }
+
+
     /**
      * Query builder scope to search on text
      *
@@ -395,6 +403,7 @@ class User extends SnipeModel implements AuthenticatableContract, CanResetPasswo
                 ->orWhere('users.email', 'LIKE', "%$search%")
                 ->orWhere('users.username', 'LIKE', "%$search%")
                 ->orWhere('users.notes', 'LIKE', "%$search%")
+                ->orWhere('users.phone', 'LIKE', "%$search%")
                 ->orWhere('users.jobtitle', 'LIKE', "%$search%")
                 ->orWhere('users.employee_num', 'LIKE', "%$search%")
                 ->orWhere(function ($query) use ($search) {

app/Notifications/CheckinNotification.php

@@ -41,10 +41,12 @@ class CheckinNotification extends Notification
             $notifyBy[] = 'slack';
         }
         $item = $this->params['item'];
-        if ((method_exists($item, 'requireAcceptance') && ($item->requireAcceptance()=='1'))
-            || (method_exists($item, 'getEula') && ($item->getEula()))
-        ) {
-            $notifyBy[] = 'mail';
+        if (class_basename(get_class($this->params['item']))=='Asset') {
+            if ((method_exists($item, 'requireAcceptance') && ($item->requireAcceptance() == '1'))
+                || (method_exists($item, 'getEula') && ($item->getEula()))
+            ) {
+                $notifyBy[] = 'mail';
+            }
         }
         return $notifyBy;
     }

app/Notifications/CheckoutNotification.php

@@ -44,12 +44,13 @@ class CheckoutNotification extends Notification
         }
         $item = $this->params['item'];
 
-        $notifyBy[]='mail';
-        // if ((method_exists($item, 'requireAcceptance') && ($item->requireAcceptance()=='1'))
-        //     || (method_exists($item, 'getEula') && ($item->getEula()))
-        // ) {
-        //     $notifyBy[] = 'mail';
-        // }
+        if (class_basename(get_class($this->params['item']))=='Asset') {
+            if ((method_exists($item, 'requireAcceptance') && ($item->requireAcceptance() == '1'))
+                || (method_exists($item, 'getEula') && ($item->getEula()))
+            ) {
+                $notifyBy[] = 'mail';
+            }
+        }
         return $notifyBy;
     }
 
@@ -81,30 +82,40 @@ class CheckoutNotification extends Notification
      */
     public function toMail($notifiable)
     {
-        //TODO: Expand for non assets.
-        $item = $this->params['item'];
-        $admin_user = $this->params['admin'];
-        $target = $this->params['target'];
-        $data = [
-            'eula' => method_exists($item, 'getEula') ? $item->getEula() : '',
-            'first_name' => $target->present()->fullName(),
-            'item_name' => $item->present()->name(),
-            'checkout_date' => $item->last_checkout,
-            'expected_checkin' => $item->expected_checkin,
-            'item_tag' => $item->asset_tag,
-            'note' => $this->params['note'],
-            'item_serial' => $item->serial,
-            'require_acceptance' => method_exists($item, 'requireAcceptance') ? $item->requireAcceptance() : '',
-            'log_id' => $this->params['log_id'],
-        ];
-        return (new MailMessage)
+        if (class_basename(get_class($this->params['item']))=='Asset') {
+
+            //TODO: Expand for non assets.
+            $item = $this->params['item'];
+            $admin_user = $this->params['admin'];
+            $target = $this->params['target'];
+            $data = [
+                'eula' => method_exists($item, 'getEula') ? $item->getEula() : '',
+                'first_name' => $target->present()->fullName(),
+                'item_name' => $item->present()->name(),
+                'checkout_date' => $item->last_checkout,
+                'expected_checkin' => $item->expected_checkin,
+                'item_tag' => $item->asset_tag,
+                'note' => $this->params['note'],
+                'item_serial' => $item->serial,
+                'require_acceptance' => method_exists($item, 'requireAcceptance') ? $item->requireAcceptance() : '',
+                'log_id' => $this->params['log_id'],
+                'manufacturer_name' => $item->model->manufacturer->name,
+                'model_name' => $item->model->name,
+                'model_number' => $item->model->model_number,
+            ];
+
+            if ((method_exists($item, 'requireAcceptance') && ($item->requireAcceptance() == '1'))
+                || (method_exists($item, 'getEula') && ($item->getEula()))
+            ) {
+                return (new MailMessage)
                     ->view('emails.accept-asset', $data)
                     ->subject(trans('mail.Confirm_asset_delivery'));
-            // \Mail::send('emails.accept-asset', $data, function ($m) use ($target) {
-            //     $m->to($target->email, $target->first_name . ' ' . $target->last_name);
-            //     $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
-            //     $m->subject(trans('mail.Confirm_asset_delivery'));
-            // });
+            }
+        }
+
+
+
+
     }
 
     /**

app/Policies/CategoryPolicy.php

@@ -0,0 +1,99 @@
+<?php
+
+namespace App\Policies;
+
+use App\Models\Company;
+use App\Models\Category;
+use App\Models\User;
+use Illuminate\Auth\Access\HandlesAuthorization;
+
+class CategoryPolicy
+{
+    use HandlesAuthorization;
+
+
+    public function before(User $user, $category)
+    {
+        // Lets move all company related checks here.
+        if ($category instanceof \App\Models\Category && !Company::isCurrentUserHasAccess($category)) {
+            return false;
+        }
+        // If an admin, they can do all asset related tasks.
+        if ($user->hasAccess('admin')) {
+            return true;
+        }
+    }
+    /**
+     * Determine whether the user can view the category.
+     *
+     * @param  \App\Models\User  $user
+     * @param  \App\Category  $category
+     * @return mixed
+     */
+    public function view(User $user)
+    {
+        return $user->hasAccess('categories.view');
+    }
+
+    /**
+     * Determine whether the user can create categories.
+     *
+     * @param  \App\Models\User  $user
+     * @return mixed
+     */
+    public function create(User $user)
+    {
+        return $user->hasAccess('categories.create');
+    }
+
+    /**
+     * Determine whether the user can update the category.
+     *
+     * @param  \App\Models\User  $user
+     * @param  \App\Category  $category
+     * @return mixed
+     */
+    public function update(User $user)
+    {
+        //
+        return $user->hasAccess('categories.edit');
+    }
+
+    /**
+     * Determine whether the user can delete the category.
+     *
+     * @param  \App\Models\User  $user
+     * @param  \App\Category  $category
+     * @return mixed
+     */
+    public function delete(User $user)
+    {
+        //
+        return $user->hasAccess('categories.delete');
+    }
+
+    /**
+     * Determine whether the user can view the category index.
+     *
+     * @param  \App\Models\User  $user
+     * @param  \App\Models\Category  $category
+     * @return mixed
+     */
+
+    public function index(User $user)
+    {
+        return $user->hasAccess('categories.view');
+    }
+
+    /**
+     * Determine whether the user can manage the category.
+     *
+     * @param  \App\Models\User  $user
+     * @param  \App\Models\Category  $category
+     * @return mixed
+     */
+    public function manage(User $user)
+    {
+        return  $user->hasAccess('categories.edit');
+    }
+}

app/Policies/LocationPolicy.php

@@ -0,0 +1,99 @@
+<?php
+
+namespace App\Policies;
+
+use App\Models\Company;
+use App\Models\Location;
+use App\Models\User;
+use Illuminate\Auth\Access\HandlesAuthorization;
+
+class LocationPolicy
+{
+    use HandlesAuthorization;
+
+
+    public function before(User $user, $location)
+    {
+        // Lets move all company related checks here.
+        if ($location instanceof \App\Models\Location && !Company::isCurrentUserHasAccess($location)) {
+            return false;
+        }
+        // If an admin, they can do all asset related tasks.
+        if ($user->hasAccess('admin')) {
+            return true;
+        }
+    }
+    /**
+     * Determine whether the user can view the location.
+     *
+     * @param  \App\Models\User  $user
+     * @param  \App\Models\Location  $location
+     * @return mixed
+     */
+    public function view(User $user)
+    {
+        return $user->hasAccess('locations.view');
+    }
+
+    /**
+     * Determine whether the user can create locations.
+     *
+     * @param  \App\Models\\User  $user
+     * @return mixed
+     */
+    public function create(User $user)
+    {
+        return $user->hasAccess('locations.create');
+    }
+
+    /**
+     * Determine whether the user can update the location.
+     *
+     * @param  \App\Models\User  $user
+     * @param  \App\Models\Location  $location
+     * @return mixed
+     */
+    public function update(User $user)
+    {
+        //
+        return $user->hasAccess('locations.edit');
+    }
+
+    /**
+     * Determine whether the user can delete the location.
+     *
+     * @param  \App\Models\User  $user
+     * @param  \App\Models\Location  $location
+     * @return mixed
+     */
+    public function delete(User $user)
+    {
+        //
+        return $user->hasAccess('locations.delete');
+    }
+
+    /**
+     * Determine whether the user can view the location index.
+     *
+     * @param  \App\Models\User  $user
+     * @param  \App\Models\Accessory  $location
+     * @return mixed
+     */
+
+    public function index(User $user)
+    {
+        return $user->hasAccess('locations.view');
+    }
+
+    /**
+     * Determine whether the user can manage the location.
+     *
+     * @param  \App\Models\User  $user
+     * @param  \App\Models\Location  $location
+     * @return mixed
+     */
+    public function manage(User $user)
+    {
+        return $user->hasAccess('locations.edit');
+    }
+}

app/Presenters/AccessoryPresenter.php

@@ -31,6 +31,14 @@ class AccessoryPresenter extends Presenter
                 "switchable" => true,
                 "title" => trans('general.id'),
                 "visible" => false
+            ],[
+                "field" => "image",
+                "searchable" => false,
+                "sortable" => true,
+                "switchable" => true,
+                "title" => trans('admin/hardware/table.image'),
+                "visible" => true,
+                "formatter" => "imageFormatter"
             ], [
                 "field" => "company",
                 "searchable" => true,
@@ -63,6 +71,14 @@ class AccessoryPresenter extends Presenter
                 "sortable" => true,
                 "title" => trans('general.manufacturer'),
                 "formatter" => "manufacturersLinkObjFormatter",
+            ], [
+                "field" => "supplier",
+                "searchable" => true,
+                "sortable" => true,
+                "switchable" => true,
+                "title" => trans('general.supplier'),
+                "visible" => false,
+                "formatter" => "suppliersLinkObjFormatter"
             ], [
                 "field" => "location",
                 "searchable" => true,
@@ -96,6 +112,7 @@ class AccessoryPresenter extends Presenter
                 "searchable" => true,
                 "sortable" => true,
                 "title" => trans('general.purchase_cost'),
+                "footerFormatter" => 'sumFormatter',
             ], [
                 "field" => "order_number",
                 "searchable" => true,
@@ -122,55 +139,6 @@ class AccessoryPresenter extends Presenter
         return json_encode($layout);
     }
 
-    /**
-     * JSON representation of Accessory for datatable.
-     * @return array
-     */
-    public function forDataTable()
-    {
-
-        $actions = '<nobr>';
-        if (Gate::allows('checkout', $this->model)) {
-            $actions .= Helper::generateDatatableButton(
-                'checkout',
-                route('checkout/accessory', $this->id),
-                $this->numRemaining() > 0
-            );
-        }
-        if (Gate::allows('update', $this->model)) {
-            $actions .= Helper::generateDatatableButton('edit', route('accessories.edit', $this->id));
-        }
-        if (Gate::allows('delete', $this->model)) {
-            $actions .= Helper::generateDatatableButton(
-                'delete',
-                route('accessories.destroy', $this->id),
-                true, /*enabled*/
-                trans('admin/accessories/message.delete.confirm'),
-                $this->name
-            );
-        }
-        $actions .= '</nobr>';
-
-        $results = [];
-        $results['name'] = $this->nameUrl();
-        $results['category'] = '';
-        if ($this->model->category) {
-            $results['category'] = $this->model->category->present()->nameUrl();
-        }
-        $results['model_number'] = $this->model_number;
-        $results['qty'] = $this->qty;
-        $results['order_number'] = $this->order_number;
-        $results['min_amt'] = $this->min_amt;
-        $results['location'] = $this->model->location ? $this->model->location->present()->nameUrl() : '';
-        $results['purchase_date'] = $this->purchase_date;
-        $results['purchase_cost'] = Helper::formatCurrencyOutput($this->purchase_cost);
-        $results['numRemaining'] = $this->numRemaining();
-        $results['companyName'] = $this->model->company ? $this->model->company->present()->nameUrl() : '';
-        $results['manufacturer'] = $this->model->manufacturer ? $this->model->manufacturer->present()->nameUrl() : '';
-        $results['actions']       = $actions;
-
-        return $results;
-    }
 
     /**
      * Pregenerated link to this accessories view page.

app/Presenters/AssetPresenter.php

@@ -112,7 +112,7 @@ class AssetPresenter extends Presenter
                 "sortable" => true,
                 "title" => trans('admin/hardware/table.location'),
                 "visible" => true,
-                "formatter" => "locationsLinkObjFormatter"
+                "formatter" => "deployedLocationFormatter"
             ],  [
                 "field" => "manufacturer",
                 "searchable" => true,
@@ -139,6 +139,7 @@ class AssetPresenter extends Presenter
                 "searchable" => true,
                 "sortable" => true,
                 "title" => trans('general.purchase_cost'),
+                "footerFormatter" => 'sumFormatter',
             ], [
                 "field" => "order_number",
                 "searchable" => true,
@@ -325,6 +326,24 @@ class AssetPresenter extends Presenter
         return $interval;
     }
 
+    /**
+     * @return string
+     * This handles the status label "meta" status of "deployed" if
+     * it's assigned. Should maybe deprecate.
+     */
+    public function statusMeta()
+    {
+        if ($this->model->assignedTo) {
+            return strtolower(trans('general.deployed'));
+        }
+        return $this->model->assetstatus->getStatuslabelType();
+    }
+
+    /**
+     * @return string
+     * This handles the status label "meta" status of "deployed" if
+     * it's assigned. Should maybe deprecate.
+     */
     public function statusText()
     {
         if ($this->model->assignedTo) {
@@ -332,6 +351,7 @@ class AssetPresenter extends Presenter
         }
         return $this->model->assetstatus->name;
     }
+
     /**
      * Date the warantee expires.
      * @return false|string

app/Presenters/CategoryPresenter.php

@@ -41,42 +41,43 @@ class CategoryPresenter extends Presenter
             ], [
                 "field" => "assets_count",
                 "searchable" => false,
-                "sortable" => false,
+                "sortable" => true,
                 "title" => trans('general.assets'),
                 "visible" => true
             ], [
                 "field" => "accessories_count",
                 "searchable" => false,
-                "sortable" => false,
+                "sortable" => true,
                 "title" => trans('general.accessories'),
                 "visible" => true
             ], [
                 "field" => "consumables_count",
                 "searchable" => false,
-                "sortable" => false,
+                "sortable" => true,
                 "title" => trans('general.consumables'),
                 "visible" => true
             ], [
                 "field" => "components_count",
                 "searchable" => false,
-                "sortable" => false,
+                "sortable" => true,
                 "title" => trans('general.components'),
                 "visible" => true
             ], [
-                "field" => "use_default_eula",
+                "field" => "eula",
                 "searchable" => false,
                 "sortable" => false,
                 "title" => trans('admin/categories/table.eula_text'),
                 "visible" => false,
                 "formatter" => 'trueFalseFormatter',
-            ], [
+            ],  [
                 "field" => "require_acceptance",
                 "searchable" => false,
-                "sortable" => false,
+                "sortable" => true,
                 "title" => trans('admin/categories/table.require_acceptance'),
                 "visible" => true,
                 "formatter" => 'trueFalseFormatter',
-            ], [
+            ],
+           [
                 "field" => "actions",
                 "searchable" => false,
                 "sortable" => false,

app/Presenters/ComponentPresenter.php

@@ -85,6 +85,7 @@ class ComponentPresenter extends Presenter
                 "sortable" => true,
                 "title" => trans('general.purchase_cost'),
                 "visible" => true,
+                "footerFormatter" => 'sumFormatter',
             ],
         ];
 
@@ -120,5 +121,14 @@ class ComponentPresenter extends Presenter
         return (string) link_to_route('consumables.show', e($this->name), $this->id);
     }
 
+    /**
+     * Url to view this item.
+     * @return string
+     */
+    public function viewUrl()
+    {
+        return route('accessories.show', $this->id);
+    }
+
 
 }

app/Presenters/ConsumablePresenter.php

@@ -89,6 +89,7 @@ class ConsumablePresenter extends Presenter
                 "sortable" => true,
                 "title" => trans('general.purchase_cost'),
                 "visible" => true,
+                "footerFormatter" => 'sumFormatter',
             ],[
                 "field" => "change",
                 "searchable" => false,

app/Presenters/LicensePresenter.php

@@ -98,6 +98,7 @@ class LicensePresenter extends Presenter
                 "sortable" => true,
                 "visible" => false,
                 "title" => trans('general.purchase_cost'),
+                "footerFormatter" => 'sumFormatter',
             ], [
                 "field" => "purchase_order",
                 "searchable" => true,
@@ -110,6 +111,12 @@ class LicensePresenter extends Presenter
                 "sortable" => true,
                 "visible" => false,
                 "title" => trans('general.order_number'),
+            ], [
+                "field" => "notes",
+                "searchable" => true,
+                "sortable" => true,
+                "visible" => false,
+                "title" => trans('general.notes'),
             ]
         ];
 
@@ -152,7 +159,7 @@ class LicensePresenter extends Presenter
      */
     public function fullName()
     {
-        return 'poop';
+        return $this->name;
     }
 
 

app/Presenters/UserPresenter.php

@@ -69,6 +69,14 @@ class UserPresenter extends Presenter
                 "visible" => true,
                 "formatter" => "emailFormatter"
             ],
+            [
+                "field" => "phone",
+                "searchable" => true,
+                "sortable" => true,
+                "switchable" => true,
+                "title" => trans('admin/users/table.phone'),
+                "visible" => true,
+            ],
             [
                 "field" => "username",
                 "searchable" => true,
@@ -115,7 +123,7 @@ class UserPresenter extends Presenter
             [
                 "field" => "assets_count",
                 "searchable" => false,
-                "sortable" => false,
+                "sortable" => true,
                 "switchable" => true,
                 "title" => ' <span class="hidden-md hidden-lg">Assets</span>'
                             .'<span class="hidden-xs"><i class="fa fa-barcode fa-lg"></i></span>',
@@ -124,7 +132,7 @@ class UserPresenter extends Presenter
             [
                 "field" => "licenses_count",
                 "searchable" => false,
-                "sortable" => false,
+                "sortable" => true,
                 "switchable" => true,
                 "title" => ' <span class="hidden-md hidden-lg">Licenses</span>'
                     .'<span class="hidden-xs"><i class="fa fa-floppy-o fa-lg"></i></span>',
@@ -133,7 +141,7 @@ class UserPresenter extends Presenter
             [
                 "field" => "consumables_count",
                 "searchable" => false,
-                "sortable" => false,
+                "sortable" => true,
                 "switchable" => true,
                 "title" => ' <span class="hidden-md hidden-lg">Consumables</span>'
                     .'<span class="hidden-xs"><i class="fa fa-tint fa-lg"></i></span>',
@@ -142,7 +150,7 @@ class UserPresenter extends Presenter
             [
                 "field" => "accessories_count",
                 "searchable" => false,
-                "sortable" => false,
+                "sortable" => true,
                 "switchable" => true,
                 "title" => ' <span class="hidden-md hidden-lg">Accessories</span>'
                     .'<span class="hidden-xs"><i class="fa fa-keyboard-o fa-lg"></i></span>',

app/Providers/AppServiceProvider.php

@@ -98,13 +98,17 @@ class AppServiceProvider extends ServiceProvider
         if (config('app.debug')) {
             $log_level = 'debug';
         } else {
-            if (config('log-level')) {
-                $log_level = config('log-level');
+            if (config('app.log_level')) {
+                $log_level = config('app.log_level');
             } else {
                 $log_level = 'error';
             }
         }
 
+        if (($this->app->environment('production'))  && (config('services.rollbar.access_token'))){
+            $this->app->register(\Jenssegers\Rollbar\RollbarServiceProvider::class);
+        }
+
         foreach ($monolog->getHandlers() as $handler) {
             $handler->setLevel($log_level);
         }

app/Providers/AuthServiceProvider.php

@@ -5,7 +5,9 @@ namespace App\Providers;
 use App\Models\Accessory;
 use Carbon\Carbon;
 use App\Models\Asset;
+use App\Models\Location;
 use App\Models\Component;
+use App\Models\Category;
 use App\Models\Consumable;
 use App\Models\License;
 use App\Models\User;
@@ -14,6 +16,8 @@ use App\Policies\AssetPolicy;
 use App\Policies\ComponentPolicy;
 use App\Policies\ConsumablePolicy;
 use App\Policies\LicensePolicy;
+use App\Policies\LocationPolicy;
+use App\Policies\CategoryPolicy;
 use App\Policies\UserPolicy;
 use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
 use Illuminate\Support\Facades\Gate;
@@ -33,6 +37,8 @@ class AuthServiceProvider extends ServiceProvider
         Consumable::class => ConsumablePolicy::class,
         License::class => LicensePolicy::class,
         User::class => UserPolicy::class,
+        Location::class => LocationPolicy::class,
+        Category::class => CategoryPolicy::class,
     ];
 
     /**

build/css/AdminLTE.css.map

@@ -1 +1 @@
-{"version":3,"file":"css/AdminLTE.css","sources":[],"mappings":";;;;;;A","sourceRoot":""}
+{"version":3,"file":"css/AdminLTE.css","sources":[],"mappings":";;;;;;","sourceRoot":""}

build/css/app.css.map

@@ -1 +1 @@
-{"version":3,"file":"css/app.css","sources":[],"mappings":";;;;;;;;A","sourceRoot":""}
+{"version":3,"file":"css/app.css","sources":[],"mappings":";;;;;;;;","sourceRoot":""}

build/mix-manifest.json

@@ -1,12 +1,23 @@
 {
-    "/vue.js": "/vue.js",
-    "/css/AdminLTE.css": "/css/AdminLTE.css",
-    "/css/app.css": "/css/app.css",
-    "/css/overrides.css": "/css/overrides.css",
-    "/vue.js.map": "/vue.js.map",
-    "/css/AdminLTE.css.map": "/css/AdminLTE.css.map",
-    "/css/app.css.map": "/css/app.css.map",
-    "/css/overrides.css.map": "/css/overrides.css.map",
-    "/public/css/dist/all.css": "/public/css/dist/all.css",
-    "/public/js/dist/all.js": "/public/js/dist/all.js"
+  "/build/vue.js": "/build/vue.js",
+  "/mix.js": "/mix.js",
+  "/build/app.css": "/build/app.535d8af1016a2377e449920c617f0197.css",
+  "/build/AdminLTE.css": "/build/AdminLTE.3d8a2b2e33baa060b1b324363ad5e1c2.css",
+  "/build/overrides.css": "/build/overrides.617623c6a96be3e0cbd11c5d4039ec10.css",
+  "/css/all.css": "/css/all.css",
+  "/js/all.js": "/js/all.js",
+  "/css/app.css": "/css/app.css",
+  "/css/dist/all.css": "/css/dist/all.css",
+  "/js/dist/all.js": "/js/dist/all.js",
+  "/css/AdminLTE.css": "/css/AdminLTE.css",
+  "/css/overrides.css": "/css/overrides.css",
+  "/css/skin-blue.css": "/css/skin-blue.css",
+  "/vue.js": "/vue.js",
+  "/vue.js.map": "/vue.js.map",
+  "/mix.js.map": "/mix.js.map",
+  "/css/AdminLTE.css.map": "/css/AdminLTE.css.map",
+  "/css/app.css.map": "/css/app.css.map",
+  "/css/overrides.css.map": "/css/overrides.css.map",
+  "public/css/dist/all.css": "public/css/dist/all.css",
+  "public/js/dist/all.js": "public/js/dist/all.js"
 }

composer.json

@@ -10,34 +10,39 @@
     "barryvdh/laravel-debugbar": "^2.4",
     "doctrine/cache": "^1.6",
     "doctrine/common": "^2.7",
-    "doctrine/dbal": "v2.4.2",
+    "doctrine/dbal": "v2.5.13",
+    "doctrine/inflector": "1.1.*",
+    "doctrine/instantiator": "1.0.*",
     "erusev/parsedown": "^1.6",
     "fideloper/proxy": "^3.1",
     "intervention/image": "^2.3",
     "javiereguiluz/easyslugger": "^1.0",
-    "laravel/framework": "5.4.20",
-    "laravel/passport": "^1.0",
+    "jenssegers/rollbar": "^1.5",
+    "laravel/framework": "5.4.29",
+    "laravel/passport": "^3.0",
     "laravel/tinker": "^1.0",
     "laravelcollective/html": "^5.3",
     "league/csv": "^8.1",
     "maknz/slack": "^1.7",
     "neitanod/forceutf8": "^2.0",
     "patchwork/utf8": "~1.2",
+    "phpdocumentor/reflection-docblock": "3.2.2",
+    "phpspec/prophecy": "1.6.2",
     "pragmarx/google2fa": "^1.0",
+    "predis/predis": "^1.1",
     "schuppo/password-strength": "~1.5",
     "spatie/laravel-backup": "^3.0.0",
     "tecnickcom/tc-lib-barcode": "^1.15",
+    "tightenco/ziggy": "^0.4.1",
     "unicodeveloper/laravel-password": "^1.0",
-    "watson/validating": "^3.0",
-    "doctrine/instantiator": "1.0.5",
-    "doctrine/inflector": "1.0.*"
+    "watson/validating": "^3.0"
   },
     "require-dev": {
         "fzaninotto/faker": "~1.4",
         "phpunit/phpunit": "~5.7",
         "symfony/css-selector": "3.1.*",
         "symfony/dom-crawler": "3.1.*",
-        "codeception/codeception": "2.2.9",
+        "codeception/codeception": "2.3.6",
         "squizlabs/php_codesniffer": "*",
         "phpunit/php-token-stream": "1.4.11"
 
@@ -67,6 +72,10 @@
     "config": {
         "preferred-install": "dist",
         "sort-packages": true,
-        "optimize-autoloader": true
+        "optimize-autoloader": true,
+        "platform": {
+          "php": "5.6.4"
+        }
     }
+
 }

config/app.php

@@ -121,8 +121,41 @@ return [
     |
     */
 
-    'log' => env('APP_LOG', 'single'),
-    'log-level' => env('APP_LOG_LEVEL', 'error'),
+    'log' => env('APP_LOG', 'daily'),
+
+    /*
+    |--------------------------------------------------------------------------
+    | Logging Max Files
+    |--------------------------------------------------------------------------
+    |
+    | When using the daily log mode, Laravel will only retain 5
+    | days of log files by default.
+    |
+    | To change this, set the APP_LOG_MAX_FILES option in your .env.
+    |
+    */
+
+    'log_max_files' => env('APP_LOG_MAX_FILES', 5),
+
+    /*
+    |--------------------------------------------------------------------------
+    | Logging Detail
+    |--------------------------------------------------------------------------
+    |
+    | By default, Laravel writes all log levels to storage. However, in your 
+    | production environment, you may wish to configure the minimum severity that 
+    | should be logged by editing your APP_LOG_LEVEL env config.
+    |
+    | Laravel will log all levels greater than or equal to the specified severity.
+    | For example, a default log_level of error will log error, critical, alert,
+    | and emergency messages.
+    |
+    | APP_LOG_LEVEL options are:
+    | "debug", "info", "notice", "warning", "error", "critical", "alert", "emergency"
+    |
+    */
+    
+    'log_level' => env('APP_LOG_LEVEL', 'error'),
 
 
     /*
@@ -167,7 +200,25 @@ return [
     |
     */
 
-    'referrer_policy' => env('REFERRER_POLICY', 'strict-origin'),
+    'referrer_policy' => env('REFERRER_POLICY', 'same-origin'),
+
+    /*
+    |--------------------------------------------------------------------------
+    | CSP
+    |--------------------------------------------------------------------------
+    |
+    | Disable the content security policy that restricts what scripts, images
+    | and styles can load. (This should be left as false if you don't know
+    | what this means.)
+    |
+    | Read more: https://www.w3.org/TR/CSP/
+    | Read more: https://content-security-policy.com
+    |
+    */
+
+    'enable_csp' => env('ENABLE_CSP', false),
+
+
 
 
     /*
@@ -237,7 +288,7 @@ return [
         Laravel\Tinker\TinkerServiceProvider::class,
         Unicodeveloper\DumbPassword\DumbPasswordServiceProvider::class,
         Schuppo\PasswordStrength\PasswordStrengthServiceProvider::class,
-
+        Tightenco\Ziggy\ZiggyServiceProvider::class, // Laravel routes in vue
 
         /*
         * Application Service Providers...

config/mail.php

@@ -132,12 +132,9 @@ return [
 
     'sendmail' => '/usr/sbin/sendmail -bs',
 
-    
-    
-    
+
     'markdown' => [
         'theme' => 'default',
-
         'paths' => [
             resource_path('views/vendor/mail'),
         ],

config/services.php

@@ -41,5 +41,10 @@ return [
         'stripe_id'    => env('STUNNING_STRIPE_ID'),
     ],
 
+    'rollbar' => [
+        'access_token' => env('ROLLBAR_TOKEN'),
+        'level' => env('ROLLBAR_LEVEL', 'error'),
+    ],
+
 
 ];

config/session.php

@@ -109,7 +109,7 @@ return [
     |
     */
 
-    'cookie' => env('COOKIE_NAME', 'sl53_session'),
+    'cookie' => env('COOKIE_NAME', 'snipeitv4_session'),
 
     /*
     |--------------------------------------------------------------------------