Changed branch from develop to master

Merge remote-tracking branch 'origin/develop'
Bumped version
2021-02-25 16:54:23 -08:00 · 2021-02-25 16:53:50 -08:00 · 2021-02-25 16:53:37 -08:00 · 2021-02-25 16:44:55 -08:00 · 2021-02-25 16:43:38 -08:00 · 2021-02-25 13:35:05 -08:00
3527 changed files with 126184 additions and 190237 deletions
--- a/.all-contributorsrc
+++ b/.all-contributorsrc
--- a/.dockerignore
+++ b/.dockerignore
@@ -1,5 +1,13 @@
 .git
+.github
+.gitattributes
+.gitignore
 .dockerignore
 app/storage/logs/*
 app/storage/views/*
 vendor/*
+storage/framework/cache/*
+node_modules
+.vagrant
+.idea
+
--- a/.env.example
+++ b/.env.example
@@ -7,7 +7,13 @@ APP_KEY=ChangeMe
 APP_URL=null
 APP_TIMEZONE='UTC'
 APP_LOCALE=en
-BACKUP_ENV=false
+MAX_RESULTS=500
+
+# --------------------------------------------
+# REQUIRED: UPLOADED FILE STORAGE SETTINGS
+# --------------------------------------------
+PRIVATE_FILESYSTEM_DISK=local
+PUBLIC_FILESYSTEM_DISK=local_public

 # --------------------------------------------
 # REQUIRED: DATABASE SETTINGS
@@ -26,6 +32,7 @@ DB_COLLATION=utf8mb4_unicode_ci
 # OPTIONAL: SSL DATABASE SETTINGS
 # --------------------------------------------
 DB_SSL=false
+DB_SSL_IS_PAAS=false
 DB_SSL_KEY_PATH=null
 DB_SSL_CERT_PATH=null
 DB_SSL_CA_PATH=null
@@ -44,6 +51,7 @@ MAIL_FROM_ADDR=you@example.com
 MAIL_FROM_NAME='Snipe-IT'
 MAIL_REPLYTO_ADDR=you@example.com
 MAIL_REPLYTO_NAME='Snipe-IT'
+MAIL_AUTO_EMBED_METHOD='attachment'

 # --------------------------------------------
 # REQUIRED: IMAGE LIBRARY
@@ -51,6 +59,15 @@ MAIL_REPLYTO_NAME='Snipe-IT'
 # --------------------------------------------
 IMAGE_LIB=gd

+
+# --------------------------------------------
+# OPTIONAL: BACKUP SETTINGS
+# --------------------------------------------
+MAIL_BACKUP_NOTIFICATION_DRIVER=null
+MAIL_BACKUP_NOTIFICATION_ADDRESS=null
+BACKUP_ENV=true
+
+
 # --------------------------------------------
 # OPTIONAL: SESSION SETTINGS
 # --------------------------------------------
@@ -60,12 +77,17 @@ ENCRYPT=false
 COOKIE_NAME=snipeit_session
 COOKIE_DOMAIN=null
 SECURE_COOKIES=false
+API_TOKEN_EXPIRATION_YEARS=40

 # --------------------------------------------
 # OPTIONAL: SECURITY HEADER SETTINGS
 # --------------------------------------------
+APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1
+ALLOW_IFRAMING=false
 REFERRER_POLICY=same-origin
 ENABLE_CSP=false
+CORS_ALLOWED_ORIGINS=null
+ENABLE_HSTS=false

 # --------------------------------------------
 # OPTIONAL: CACHE SETTINGS
@@ -73,27 +95,47 @@ ENABLE_CSP=false
 CACHE_DRIVER=file
 SESSION_DRIVER=file
 QUEUE_DRIVER=sync
+CACHE_PREFIX=snipeit

 # --------------------------------------------
 # OPTIONAL: REDIS SETTINGS
 # --------------------------------------------
 REDIS_HOST=null
 REDIS_PASSWORD=null
-REDIS_PORT-null
+REDIS_PORT=null

 # --------------------------------------------
-# OPTIONAL: AWS S3 SETTINGS
+# OPTIONAL: MEMCACHED SETTINGS
 # --------------------------------------------
-AWS_SECRET=null
-AWS_KEY=null
-AWS_REGION=null
-AWS_BUCKET=null
+MEMCACHED_HOST=null
+MEMCACHED_PORT=null
+
+# --------------------------------------------
+# OPTIONAL: PUBLIC S3 Settings
+# --------------------------------------------
+PUBLIC_AWS_SECRET_ACCESS_KEY=null
+PUBLIC_AWS_ACCESS_KEY_ID=null
+PUBLIC_AWS_DEFAULT_REGION=null
+PUBLIC_AWS_BUCKET=null
+PUBLIC_AWS_URL=null
+PUBLIC_AWS_BUCKET_ROOT=null
+
+# --------------------------------------------
+# OPTIONAL: PRIVATE S3 Settings
+# --------------------------------------------
+PRIVATE_AWS_ACCESS_KEY_ID=null
+PRIVATE_AWS_SECRET_ACCESS_KEY=null
+PRIVATE_AWS_DEFAULT_REGION=null
+PRIVATE_AWS_BUCKET=null
+PRIVATE_AWS_URL=null
+PRIVATE_AWS_BUCKET_ROOT=null

 # --------------------------------------------
 # OPTIONAL: LOGIN THROTTLING
 # --------------------------------------------
 LOGIN_MAX_ATTEMPTS=5
 LOGIN_LOCKOUT_DURATION=60
+RESET_PASSWORD_LINK_EXPIRES=900

 # --------------------------------------------
 # OPTIONAL: MISC
@@ -101,9 +143,7 @@ LOGIN_LOCKOUT_DURATION=60
 APP_LOG=single
 APP_LOG_MAX_FILES=10
 APP_LOCKED=false
-FILESYSTEM_DISK=local
-APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1
-ALLOW_IFRAMING=false
 APP_CIPHER=AES-256-CBC
 GOOGLE_MAPS_API=
-BACKUP_ENV=true
+LDAP_MEM_LIM=500M
+LDAP_TIME_LIM=600
--- a/.env.testing
+++ b/.env.testing
@@ -40,10 +40,12 @@ IMAGE_LIB=gd
 # --------------------------------------------
 # OPTIONAL: AWS S3 SETTINGS
 # --------------------------------------------
-AWS_SECRET=null
-AWS_KEY=null
-AWS_REGION=null
+AWS_SECRET_ACCESS_KEY=null
+AWS_ACCESS_KEY_ID=null
+AWS_DEFAULT_REGION=null
 AWS_BUCKET=null
+AWS_BUCKET_ROOT=null
+AWS_URL=null


 # --------------------------------------------
--- a/.env.testing-ci
+++ b/.env.testing-ci
@@ -2,7 +2,7 @@
 # REQUIRED: BASIC APP SETTINGS
 # --------------------------------------------
 APP_ENV=testing-ci
-APP_DEBUG=true
+APP_DEBUG=false
 APP_KEY=ChangeMe
 APP_URL=http://localhost:8000
 APP_TIMEZONE='US/Pacific'
@@ -40,10 +40,12 @@ IMAGE_LIB=gd
 # --------------------------------------------
 # OPTIONAL: AWS S3 SETTINGS
 # --------------------------------------------
-AWS_SECRET=null
-AWS_KEY=null
-AWS_REGION=null
+AWS_SECRET_ACCESS_KEY=null
+AWS_ACCESS_KEY_ID=null
+AWS_DEFAULT_REGION=null
 AWS_BUCKET=null
+AWS_BUCKET_ROOT=null
+AWS_URL=null


 # --------------------------------------------
--- a/.gitattributes
+++ b/.gitattributes
@@ -1 +1,3 @@
-* text=auto
+* text=auto
+public/js/** binary
+public/css/** binary
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
@@ -0,0 +1,5 @@
+# You can add one username per supported platform and one custom link
+# patreon: # Replace with your Patreon username
+# open_collective: # Replace with your Open Collective username
+# ko_fi: # Replace with your Ko-fi username
+custom: https://snipeitapp.com/donate
--- a/.github/ISSUE_TEMPLATE/Bug_report.md
+++ b/.github/ISSUE_TEMPLATE/Bug_report.md
@@ -48,6 +48,7 @@ If applicable, add screenshots to help explain your problem.
 - Any errors that appear in your browser's error console.
 - Confirm whether the error is reproducible on the demo: https://snipeitapp.com/demo.
 - Include any additional information you can find in `storage/logs` and your webserver's logs.
+- Include the output from `php -m` (this should display what modules you have enabled.)

 **Additional context**
 - Is this a fresh install or an upgrade? 
--- a/.github/autolabeler.yml
+++ b/.github/autolabeler.yml
@@ -0,0 +1,4 @@
+frontend: ["*.js", "*.css", "*.vue", "*.scss", "*.less", "*.blade.*"]
+backend: ["/app", "*.php"]
+legal: ["LICENSE*", "NOTICES*"]
+config: .github
--- a/.github/config.yml
+++ b/.github/config.yml
@@ -0,0 +1,33 @@
+# Configuration for new-issue-welcome - https://github.com/behaviorbot/new-issue-welcome
+
+# Comment to be posted to on first time issues
+newIssueWelcomeComment: |
+  👋 Thanks for opening your first issue here! If you're reporting a 🐞 bug, please make sure you include steps to reproduce it. We get a lot of issues on this repo, so please be patient and we will get back to you as soon as we can.
+
+# Configuration for new-pr-welcome - https://github.com/behaviorbot/new-pr-welcome
+
+# Comment to be posted to on PRs from first time contributors in your repository
+newPRWelcomeComment: |
+  💖 Thanks for this pull request! 💖
+
+  We use [semantic commit messages](https://snipe-it.readme.io/docs/contributing-overview#section-pull-request-guidelines) to streamline the release process and easily generate changelogs between versions. Before your pull request can be merged, you should **update your pull request title** to start with a semantic prefix if it doesn't have one already.
+
+  Examples of commit messages with semantic prefixes:
+
+  - `Fixed #<issue number>: don't overwrite prevent_default if default wasn't prevented`
+  - `Added #<issue number>: add checkout functionality to assets`
+  - `Improved Asset Checkout: use new notification method for checkout`
+
+  Things that will help get your PR across the finish line:
+
+  - Document any user-facing changes you've made.
+  - Include tests when adding/changing behavior.
+  - Include screenshots and animated GIFs whenever possible.
+
+  We get a lot of pull requests on this repo, so please be patient and we will get back to you as soon as we can.
+
+# Configuration for first-pr-merge - https://github.com/behaviorbot/first-pr-merge
+
+# Comment to be posted to on pull requests merged by a first time user
+firstPRMergeComment: >
+  Congrats on merging your first pull request! 🎉🎉🎉
--- a/.github/pull_request_template.md
+++ b/.github/pull_request_template.md
@@ -0,0 +1,40 @@
+# Description
+
+Please include a summary of the change and which issue is fixed. Please also include relevant motivation and context, providing screenshots where practical. List any dependencies that are required for this change.
+
+Fixes # (issue)
+
+## Type of change
+
+Please delete options that are not relevant.
+
+- [ ] Bug fix (non-breaking change which fixes an issue)
+- [ ] New feature (non-breaking change which adds functionality)
+- [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
+- [ ] This change requires a documentation update
+
+# How Has This Been Tested?
+
+Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration
+
+- [ ] Test A
+- [ ] Test B
+
+**Test Configuration**:
+* PHP version:
+* MySQL version
+* Webserver version
+* OS version
+
+
+# Checklist:
+
+- [ ] I have read the Contributing documentation available here: https://snipe-it.readme.io/docs/contributing-overview
+- [ ] I have formatted this PR according to the project guidelines: https://snipe-it.readme.io/docs/contributing-overview#pull-request-guidelines
+- [ ] My code follows the style guidelines of this project
+- [ ] I have performed a self-review of my own code
+- [ ] I have commented my code, particularly in hard-to-understand areas
+- [ ] I have made corresponding changes to the documentation
+- [ ] My changes generate no new warnings
+- [ ] I have added tests that prove my fix is effective or that my feature works
+- [ ] New and existing unit tests pass locally with my changes
--- a/.github/stale.yml
+++ b/.github/stale.yml
@@ -9,12 +9,35 @@ exemptLabels:
  - :woman_technologist: ready for dev
  - :moneybag: bounty
  - :hand: bug
+  - "🔐 security"
+  - "👩‍💻 ready for dev"
+  - "💰 bounty"
+  - "✋ bug"
+
+exemptMilestones: true
+
 # Label to use when marking an issue as stale
 staleLabel: stale
+
+only: issues
+
+# Comment to post when removing the stale label.
+unmarkComment: >
+  Okay, it looks like this issue or feature request might still be important. We'll re-open
+  it for now. Thank you for letting us know!
+
 # Comment to post when marking an issue as stale. Set to `false` to disable
 markComment: >
+  Is this still relevant? We haven't heard from anyone in a bit. If so,
+  please comment with any updates or additional detail.
+
  This issue has been automatically marked as stale because it has not had
-  recent activity. It will be closed if no further activity occurs. Thank you
+  recent activity. It will be closed if no further activity occurs. Don't
+  take it personally, we just need to keep a handle on things. Thank you
  for your contributions!
 # Comment to post when closing a stale issue. Set to `false` to disable
-closeComment: false
+closeComment: >
+  This issue has been automatically closed because it has not had
+  recent activity. If you believe this is still an issue, please confirm that
+  this issue is still happening in the most recent version of Snipe-IT and reply
+  to this thread to re-open it.
--- a/.github/weekly-digest.yml
+++ b/.github/weekly-digest.yml
@@ -0,0 +1,7 @@
+# Configuration for weekly-digest - https://github.com/apps/weekly-digest
+publishDay: sun
+canPublishIssues: true
+canPublishPullRequests: true
+canPublishContributors: true
+canPublishStargazers: true
+canPublishCommits: true
--- a/.gitignore
+++ b/.gitignore
@@ -50,3 +50,14 @@ tests/_support/_generated/*
 /storage/oauth-public.key

 *.cache
+
+.vagrant
+
+\.php_cs\.dist
+
+phpmd\.xml
+/public/storage
+_ide_helper.php
+.phpstorm.meta.php
+_ide_helper_models.php
+/.phplint-cache
--- a/.htaccess
+++ b/.htaccess
@@ -5,7 +5,15 @@

    # Make sure .env files not not browseable if in a sub-directory.
    <FilesMatch "\.env$">
-    Deny from all
+       # Apache 2.2
+       <IfModule !authz_core_module>
+          Deny from all
+       </IfModule>
+       
+       # Apache 2.4+
+       <IfModule authz_core_module>
+          Require all denied
+       </IfModule>
    </FilesMatch>
    
 </IfModule>
--- a/.nvmrc
+++ b/.nvmrc
@@ -0,0 +1 @@
+v10.15.1
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,79 +0,0 @@
-addons:
-    code_climate:
-      repo_token:
-        secure: "C/bUAEpwfZB82dkzI2Nxx3PW5w/BzbKkSyCkp6YjT046jD2/QKvz6ngCFlt3tAWV11TXWFI6D8DzkMmdWOrQl3SGlPZXRD8QOvCiz0HiGMDvlxjAaPaQecGaQZdx/H4m6xTUXRNUVaYmxlMgkkFCWhAp+HZDs0iyOEVamp0Jszg="
-    hosts:
-        - localhost
-sudo: false
-
-# see http://about.travis-ci.org/docs/user/languages/php/ for more hints
-language: php
-
-services:
-  - mysql
-
-# list any PHP version you want to test against
-php:
-  - 5.6
-  - 7.0
-  - 7.2 
-  - 7.1.4
-
-# execute any number of scripts before the test run, custom env's are available as variables
-before_script:
-  - phpenv config-add .github/travis-memory.ini
-  - phantomjs --webdriver=4444  &
-  - sleep 4
-  - mysql -e 'CREATE DATABASE snipeit_unit;'
-  - mysql -e 'CREATE USER "travis'@'localhost";'
-  - mysql -e 'GRANT ALL PRIVILEGES ON * . * TO "travis'@'localhost";'
-  - mysql -e 'FLUSH PRIVILEGES;'
-  - composer self-update
-  - composer install -n --prefer-source
-  - chmod -R 777 storage
-  - php artisan migrate --env=testing-ci --database=mysql --force
-  - ./vendor/bin/codecept build
-  - php artisan --env=testing-ci key:generate 
-  - php artisan --env=testing-ci snipeit:travisci-install
-  - php artisan --env=testing-ci db:seed --database=mysql --force
-  - php artisan --env=testing-ci snipeit:create-admin --first_name=Alison --last_name=Foobar --email=me@example.com --username=snipe --password=password
-  - php artisan --env=testing-ci passport:install
-  - php artisan serve --env=testing-ci --port=8000 --host=localhost &
-  - sleep 5
-  - pip install --user codecov
-  - sleep 5
-
-
-
-# omitting "script:" will default to phpunit
-# use the $DB env variable to determine the phpunit.xml to use
-# script: ./vendor/bin/codecept run --env testing-ci
-script:
-  - ./vendor/bin/codecept run unit
-#  - ./vendor/bin/codecept run acceptance --env=testing-ci
-  - ./vendor/bin/codecept run functional --env=functional-travis -g func1
-  - ./vendor/bin/codecept run functional --env=functional-travis -g func2
-  - ./vendor/bin/codecept run api --env=functional-travis
-
-after_script:
-  - vendor/bin/test-reporter
-
-after_success:
-  - codecov
-
-after_failure:
-  - cat tests/_output/*.fail.html
-  - curl http://localhost:8000/login
-  - cat storage/logs/laravel.log
-
-# configure notifications (email, IRC, campfire etc)
-notifications:
-  email: false
-  slack:
-    secure: vv9we1RxB9RsrMbomSdq6D7vz/okobw87pEkgIZjB+hj1QpQ2by90gsPsOa+NgsJEFaEP7e4KlT6SH8kK+zhbmuKaUd3d1//XdcancE22LZXi6tkiB5yuR/Jhhb1LLDqyGJTB4D92hMnnCPiUjpxNA3r437ttNeYRdYIEEP3drA=
-  webhooks:
-    urls:
-      - https://webhooks.gitter.im/e/5e136eb0c1965f3918d0
-    on_success: change  # options: [always|never|change] default: always
-    on_failure: change  # options: [always|never|change] default: always
-    on_start: false     # default: false
--- a/85
+++ b/85
@@ -1,33 +1,59 @@
-FROM ubuntu:xenial
-MAINTAINER Brady Wetherington <uberbrady@gmail.com>
+FROM ubuntu:bionic
+LABEL maintainer Brady Wetherington <uberbrady@gmail.com>

-RUN apt-get update && apt-get install -y \
+RUN export DEBIAN_FRONTEND=noninteractive; \
+    export DEBCONF_NONINTERACTIVE_SEEN=true; \
+    echo 'tzdata tzdata/Areas select Etc' | debconf-set-selections; \
+    echo 'tzdata tzdata/Zones/Etc select UTC' | debconf-set-selections; \
+    apt-get update -qqy \
+ && apt-get install -qqy --no-install-recommends \
+apt-utils \
 apache2 \
 apache2-bin \
-libapache2-mod-php7.0 \
-php7.0-curl \
-php7.0-ldap \
-php7.0-mysql \
-php7.0-mcrypt \
-php7.0-gd \
-php7.0-xml \
-php7.0-mbstring \
-php7.0-zip \
-php7.0-bcmath \
+libapache2-mod-php7.2 \
+php7.2-curl \
+php7.2-ldap \
+php7.2-mysql \
+php7.2-gd \
+php7.2-xml \
+php7.2-mbstring \
+php7.2-zip \
+php7.2-bcmath \
 patch \
 curl \
+wget  \
 vim \
 git \
+cron \
 mysql-client \
+supervisor \
+cron \
+gcc \
+make \
+autoconf \
+libc-dev \
+pkg-config \
+libmcrypt-dev \
+php7.2-dev \
+ca-certificates \
+unzip \
 && apt-get clean \
 && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

+
+RUN curl -L -O https://github.com/pear/pearweb_phars/raw/master/go-pear.phar
+RUN php go-pear.phar
+
+RUN pecl install mcrypt-1.0.2
+
+RUN bash -c "echo extension=/usr/lib/php/20170718/mcrypt.so > /etc/php/7.2/mods-available/mcrypt.ini"
+
 RUN phpenmod mcrypt
 RUN phpenmod gd
 RUN phpenmod bcmath

-RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php/7.0/apache2/php.ini
-RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php/7.0/cli/php.ini
+RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php/7.2/apache2/php.ini
+RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php/7.2/cli/php.ini

 RUN useradd -m --uid 1000 --gid 50 docker

@@ -38,11 +64,11 @@ COPY docker/000-default.conf /etc/apache2/sites-enabled/000-default.conf

 #SSL
 RUN mkdir -p /var/lib/snipeit/ssl
-COPY docker/001-default-ssl.conf /etc/apache2/sites-enabled/001-default-ssl.conf
-#COPY docker/001-default-ssl.conf /etc/apache2/sites-available/001-default-ssl.conf
+#COPY docker/001-default-ssl.conf /etc/apache2/sites-enabled/001-default-ssl.conf
+COPY docker/001-default-ssl.conf /etc/apache2/sites-available/001-default-ssl.conf

 RUN a2enmod ssl
-#RUN a2ensite 001-default-ssl.conf
+RUN a2ensite 001-default-ssl.conf

 COPY . /var/www/html

@@ -65,18 +91,20 @@ RUN \
 	rm -r "/var/www/html/storage/private_uploads" && ln -fs "/var/lib/snipeit/data/private_uploads" "/var/www/html/storage/private_uploads" \
      && rm -rf "/var/www/html/public/uploads" && ln -fs "/var/lib/snipeit/data/uploads" "/var/www/html/public/uploads" \
      && rm -r "/var/www/html/storage/app/backups" && ln -fs "/var/lib/snipeit/dumps" "/var/www/html/storage/app/backups" \
-      && mkdir "/var/lib/snipeit/keys" && ln -fs "/var/lib/snipeit/keys/oauth-private.key" "/var/www/html/storage/oauth-private.key" \
+      && mkdir -p "/var/lib/snipeit/keys" && ln -fs "/var/lib/snipeit/keys/oauth-private.key" "/var/www/html/storage/oauth-private.key" \
      && ln -fs "/var/lib/snipeit/keys/oauth-public.key" "/var/www/html/storage/oauth-public.key" \
-      && chown docker "/var/lib/snipeit/keys/"
+      && chown docker "/var/lib/snipeit/keys/" \
+      && chmod +x /var/www/html/artisan \
+      && echo "Finished setting up application in /var/www/html"

 ############## DEPENDENCIES via COMPOSER ###################

 #global install of composer
-RUN cd /tmp;curl -sS https://getcomposer.org/installer | php;mv /tmp/composer.phar /usr/local/bin/composer
+COPY --from=composer:latest /usr/bin/composer /usr/bin/composer

 # Get dependencies
 USER docker
-RUN cd /var/www/html;composer install && rm -rf /home/docker/.composer/cache
+RUN composer install --no-dev --working-dir=/var/www/html
 USER root

 ############### APPLICATION INSTALL/INIT #################
@@ -94,16 +122,11 @@ VOLUME ["/var/lib/snipeit"]

 ##### START SERVER

-COPY docker/entrypoint.sh /entrypoint.sh
-RUN chmod +x /entrypoint.sh
+COPY docker/startup.sh docker/supervisord.conf /
+COPY docker/supervisor-exit-event-listener /usr/bin/supervisor-exit-event-listener
+RUN chmod +x /startup.sh /usr/bin/supervisor-exit-event-listener

-# Add Tini
-ENV TINI_VERSION v0.14.0
-ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /tini
-RUN chmod +x /tini
-ENTRYPOINT ["/tini", "--"]
-
-CMD ["/entrypoint.sh"]
+CMD ["/startup.sh"]

 EXPOSE 80
 EXPOSE 443
--- a/Dockerfile.alpine
+++ b/Dockerfile.alpine
@@ -0,0 +1,82 @@
+FROM alpine:3.12
+# Apache + PHP
+RUN  apk add --no-cache \
+        apache2 \
+        php7 \
+        php7-common \
+        php7-apache2 \
+        php7-curl \
+        php7-ldap \
+        php7-mysqli \
+        php7-gd \
+        php7-xml \
+        php7-mbstring \
+        php7-zip \
+        php7-ctype \
+        php7-tokenizer \
+        php7-pdo_mysql \
+        php7-openssl \
+        php7-bcmath \
+        php7-phar \
+        php7-json \
+        php7-iconv \
+        php7-fileinfo \
+        php7-simplexml \
+        php7-session \
+        php7-dom \
+        php7-xmlwriter \
+        curl \
+        wget \
+        vim \
+        git \
+        mysql-client \
+        tini
+
+# Where apache's PID lives
+RUN mkdir -p /run/apache2 && chown apache:apache /run/apache2
+
+RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php7/php.ini
+COPY  docker/000-default-2.4.conf /etc/apache2/conf.d/default.conf
+
+# Enable mod_rewrite
+RUN sed -i '/LoadModule rewrite_module/s/^#//g' /etc/apache2/httpd.conf
+
+COPY . /var/www/html
+
+WORKDIR /var/www/html
+
+COPY docker/docker.env /var/www/html/.env
+
+RUN chown -R apache:apache /var/www/html
+
+RUN \
+	rm -r "/var/www/html/storage/private_uploads" \
+	&& mkdir -p "/var/lib/snipeit/data/private_uploads" && ln -fs "/var/lib/snipeit/data/private_uploads" "/var/www/html/storage/private_uploads" \
+    && rm -rf "/var/www/html/public/uploads" \
+    && mkdir -p "/var/lib/snipeit/data/uploads" && ln -fs "/var/lib/snipeit/data/uploads" "/var/www/html/public/uploads" \
+    && mkdir -p "/var/lib/snipeit/dumps" && rm -r "/var/www/html/storage/app/backups" && ln -fs "/var/lib/snipeit/dumps" "/var/www/html/storage/app/backups" \
+    && mkdir -p "/var/lib/snipeit/keys" && ln -fs "/var/lib/snipeit/keys/oauth-private.key" "/var/www/html/storage/oauth-private.key" \
+    && ln -fs "/var/lib/snipeit/keys/oauth-public.key" "/var/www/html/storage/oauth-public.key" \
+    && chown -R apache "/var/lib/snipeit"
+
+# Install composer
+COPY --from=composer:latest /usr/bin/composer /usr/bin/composer
+RUN mkdir -p /var/www/.composer && chown apache /var/www/.composer
+
+# Install dependencies
+USER apache
+RUN COMPOSER_CACHE_DIR=/dev/null composer install --no-dev --working-dir=/var/www/html
+
+USER root
+
+VOLUME ["/var/lib/snipeit"]
+
+# Entrypoints
+COPY docker/entrypoint_alpine.sh /entrypoint.sh
+RUN chmod +x /entrypoint.sh
+
+ENTRYPOINT ["/sbin/tini", "--"]
+
+CMD ["/entrypoint.sh"]
+
+EXPOSE 80
--- a/README.md
+++ b/README.md
@@ -1,16 +1,15 @@
-[![Build Status](https://travis-ci.org/snipe/snipe-it.svg?branch=master)](https://travis-ci.org/snipe/snipe-it) [![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.svg)](https://crowdin.com/project/snipe-it) [![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/snipe/snipe-it?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeyhead.svg?style=social)](https://twitter.com/snipeyhead)  [![Codacy Badge](https://api.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://www.codacy.com/app/snipe/snipe-it?utm_source=github.com&amp;utm_medium=referral&amp;utm_content=snipe/snipe-it&amp;utm_campaign=Badge_Grade)
-[![All Contributors](https://img.shields.io/badge/all_contributors-99-orange.svg?style=flat-square)](#contributors) [![Open Source Helpers](https://www.codetriage.com/snipe/snipe-it/badges/users.svg)](https://www.codetriage.com/snipe/snipe-it)
-
+![Build Status](https://app.chipperci.com/projects/0e5f8979-31eb-4ee6-9abf-050b76ab0383/status/master) [![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.svg)](https://crowdin.com/project/snipe-it) [![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/snipe/snipe-it?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeitapp.svg?style=social)](https://twitter.com/snipeitapp)  [![Codacy Badge](https://api.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://www.codacy.com/app/snipe/snipe-it?utm_source=github.com&amp;utm_medium=referral&amp;utm_content=snipe/snipe-it&amp;utm_campaign=Badge_Grade)
+[![All Contributors](https://img.shields.io/badge/all_contributors-233-orange.svg?style=flat-square)](#contributors) 

 ## Snipe-IT - Open Source Asset Management System

 This is a FOSS project for asset management in IT Operations. Knowing who has which laptop, when it was purchased in order to depreciate it correctly, handling software licenses, etc.

-It is built on [Laravel 5.4](http://laravel.com).
+It is built on [Laravel 6](http://laravel.com).

-Snipe-IT is actively developed and we're [releasing quite frequently](https://github.com/snipe/snipe-it/releases). ([Check out the live demo here](https://snipeitapp.com/demo/).)
+Snipe-IT is actively developed and we [release quite frequently](https://github.com/snipe/snipe-it/releases). ([Check out the live demo here](https://snipeitapp.com/demo/).)

-__This is web-based software__. This means there there is no executable file (aka no .exe files), and it must be run on a web server and accessed through a web browser. It runs on any Mac OSX, flavor of Linux, as well as Windows, and we have a [Docker image](https://snipe-it.readme.io/docs/docker) available if that's what you're into.
+__This is web-based software__. This means there is no executable file (aka no .exe files), and it must be run on a web server and accessed through a web browser. It runs on any Mac OSX, flavor of Linux, as well as Windows, and we have a [Docker image](https://snipe-it.readme.io/docs/docker) available if that's what you're into.

 -----

@@ -58,38 +57,17 @@ Since the release of the JSON REST API, several third-party developers have been
 - [SnipeSharp - .NET module in C#](https://github.com/barrycarey/SnipeSharp) by [@barrycarey](https://github.com/barrycarey)
 - [InQRy](https://github.com/Microsoft/InQRy) by [@Microsoft](https://github.com/Microsoft)
 - [SnipeitPS](https://github.com/snazy2000/SnipeitPS) by [@snazy2000](https://github.com/snazy2000) - Powershell API Wrapper for Snipe-it
-
+- [jamf2snipe](https://github.com/ParadoxGuitarist/jamf2snipe) by [@ParadoxGuitarist](https://github.com/ParadoxGuitarist) - Python script to sync assets between a JAMFPro instance and a Snipe-IT instance
+- [Marksman](https://github.com/Scope-IT/marksman) - A Windows agent for Snipe-IT
+- [Snipe-IT plugin for Jira Service Desk (beta)](https://marketplace.atlassian.com/apps/1220379/snipe-it-for-jira-service-desk-beta?hosting=cloud&tab=overview) - for the upcoming Snipe-IT v5 only
+- [Python 3 CSV importer](https://github.com/gastamper/snipeit-csvimporter) - allows importing assets into Snipe-IT based on Item Name rather than Asset Tag.
+- [Snipe-IT Kubernetes Helm Chart](https://github.com/t3n/helm-charts/tree/master/snipeit) - For more information, [click here](https://hub.helm.sh/charts/t3n/snipeit).
+- [Snipe-IT Bulk Edit](https://github.com/bricelabelle/snipe-it-bulkedit) - Google Script files to use Google Sheets as a bulk checkout/checkin/edit tool for Snipe-it.
+                                                     
 As these were created by third-parties, Snipe-IT cannot provide support for these project, and you should contact the developers directly if you need assistance. Additionally, Snipe-IT makes no guarantees as to the reliability, accuracy or maintainability of these libraries. Use at your own risk. :) 

 -----

-### Contributors
-
-Thanks goes to all of these wonderful people ([emoji key](https://github.com/kentcdodds/all-contributors#emoji-key)) who have helped Snipe-IT get this far:
-
-<!-- ALL-CONTRIBUTORS-LIST:START - Do not remove or modify this section -->
-| [<img src="https://avatars3.githubusercontent.com/u/197404?v=3" width="110px;"/><br /><sub>snipe</sub>](http://www.snipe.net)<br />[💻](https://github.com/snipe/snipe-it/commits?author=snipe "Code") [🚇](#infra-snipe "Infrastructure (Hosting, Build-Tools, etc)") [📖](https://github.com/snipe/snipe-it/commits?author=snipe "Documentation") [⚠️](https://github.com/snipe/snipe-it/commits?author=snipe "Tests") [🐛](https://github.com/snipe/snipe-it/issues?q=author%3Asnipe "Bug reports") [🎨](#design-snipe "Design") [👀](#review-snipe "Reviewed Pull Requests") | [<img src="https://avatars0.githubusercontent.com/u/36335?v=3" width="110px;"/><br /><sub>Brady Wetherington</sub>](http://www.uberbrady.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=uberbrady "Code") [📖](https://github.com/snipe/snipe-it/commits?author=uberbrady "Documentation") [🚇](#infra-uberbrady "Infrastructure (Hosting, Build-Tools, etc)") [👀](#review-uberbrady "Reviewed Pull Requests") | [<img src="https://avatars0.githubusercontent.com/u/3803132?v=3" width="110px;"/><br /><sub>Daniel Meltzer</sub>](https://github.com/dmeltzer)<br />[💻](https://github.com/snipe/snipe-it/commits?author=dmeltzer "Code") [⚠️](https://github.com/snipe/snipe-it/commits?author=dmeltzer "Tests") [📖](https://github.com/snipe/snipe-it/commits?author=dmeltzer "Documentation") | [<img src="https://avatars0.githubusercontent.com/u/1609106?v=3" width="110px;"/><br /><sub>Michael T</sub>](http://www.tuckertechonline.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mtucker6784 "Code") | [<img src="https://avatars2.githubusercontent.com/u/3274937?v=3" width="110px;"/><br /><sub>madd15</sub>](https://github.com/madd15)<br />[📖](https://github.com/snipe/snipe-it/commits?author=madd15 "Documentation") [💬](#question-madd15 "Answering Questions") | [<img src="https://avatars2.githubusercontent.com/u/894126?v=3" width="110px;"/><br /><sub>Vincent Sposato</sub>](https://github.com/vsposato)<br />[💻](https://github.com/snipe/snipe-it/commits?author=vsposato "Code") | [<img src="https://avatars0.githubusercontent.com/u/1639757?v=3" width="110px;"/><br /><sub>Andrea Bergamasco</sub>](https://github.com/vjandrea)<br />[💻](https://github.com/snipe/snipe-it/commits?author=vjandrea "Code") |
-| :---: | :---: | :---: | :---: | :---: | :---: | :---: |
-| [<img src="https://avatars0.githubusercontent.com/u/10640152?v=3" width="110px;"/><br /><sub>Karol</sub>](https://github.com/kpawelski)<br />[🌍](#translation-kpawelski "Translation") [💻](https://github.com/snipe/snipe-it/commits?author=kpawelski "Code") | [<img src="https://avatars3.githubusercontent.com/u/600106?v=3" width="110px;"/><br /><sub>morph027</sub>](http://blog.morph027.de/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=morph027 "Code") | [<img src="https://avatars3.githubusercontent.com/u/22935755?v=3" width="110px;"/><br /><sub>fvleminckx</sub>](https://github.com/fvleminckx)<br />[🚇](#infra-fvleminckx "Infrastructure (Hosting, Build-Tools, etc)") | [<img src="https://avatars2.githubusercontent.com/u/15633547?v=3" width="110px;"/><br /><sub>itsupportcmsukorg</sub>](https://github.com/itsupportcmsukorg)<br />[💻](https://github.com/snipe/snipe-it/commits?author=itsupportcmsukorg "Code") [🐛](https://github.com/snipe/snipe-it/issues?q=author%3Aitsupportcmsukorg "Bug reports") | [<img src="https://avatars3.githubusercontent.com/u/12373799?v=3" width="110px;"/><br /><sub>Frank</sub>](https://override.io)<br />[💻](https://github.com/snipe/snipe-it/commits?author=base-zero "Code") | [<img src="https://avatars0.githubusercontent.com/u/10137?v=3" width="110px;"/><br /><sub>Deleted user</sub>](https://github.com/ghost)<br />[🌍](#translation-ghost "Translation") | [<img src="https://avatars1.githubusercontent.com/u/10802313?v=3" width="110px;"/><br /><sub>tiagom62</sub>](https://github.com/tiagom62)<br />[💻](https://github.com/snipe/snipe-it/commits?author=tiagom62 "Code") [🚇](#infra-tiagom62 "Infrastructure (Hosting, Build-Tools, etc)") |
-| [<img src="https://avatars3.githubusercontent.com/u/2389047?v=3" width="110px;"/><br /><sub>Ryan Stafford</sub>](https://github.com/rystaf)<br />[💻](https://github.com/snipe/snipe-it/commits?author=rystaf "Code") | [<img src="https://avatars2.githubusercontent.com/u/10345935?v=3" width="110px;"/><br /><sub>Eammon Hanlon</sub>](https://github.com/ehanlon)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ehanlon "Code") | [<img src="https://avatars0.githubusercontent.com/u/441924?v=3" width="110px;"/><br /><sub>zjean</sub>](https://github.com/zjean)<br />[💻](https://github.com/snipe/snipe-it/commits?author=zjean "Code") | [<img src="https://avatars0.githubusercontent.com/u/12660103?v=3" width="110px;"/><br /><sub>Matthias Frei</sub>](http://www.frei.media)<br />[💻](https://github.com/snipe/snipe-it/commits?author=FREImedia "Code") | [<img src="https://avatars0.githubusercontent.com/u/3767518?v=3" width="110px;"/><br /><sub>opsydev</sub>](https://github.com/opsydev)<br />[💻](https://github.com/snipe/snipe-it/commits?author=opsydev "Code") | [<img src="https://avatars1.githubusercontent.com/u/82290?v=3" width="110px;"/><br /><sub>Daniel Dreier</sub>](http://www.ddreier.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ddreier "Code") | [<img src="https://avatars0.githubusercontent.com/u/23448?v=3" width="110px;"/><br /><sub>Nikolai Prokoschenko</sub>](http://rassie.org)<br />[💻](https://github.com/snipe/snipe-it/commits?author=rassie "Code") |
-| [<img src="https://avatars0.githubusercontent.com/u/13452757?v=3" width="110px;"/><br /><sub>Drew</sub>](https://github.com/YetAnotherCodeMonkey)<br />[💻](https://github.com/snipe/snipe-it/commits?author=YetAnotherCodeMonkey "Code") | [<img src="https://avatars0.githubusercontent.com/u/1342320?v=3" width="110px;"/><br /><sub>Walter</sub>](https://github.com/merid14)<br />[💻](https://github.com/snipe/snipe-it/commits?author=merid14 "Code") | [<img src="https://avatars3.githubusercontent.com/u/11254614?v=3" width="110px;"/><br /><sub>Petr Baloun</sub>](https://github.com/balous)<br />[💻](https://github.com/snipe/snipe-it/commits?author=balous "Code") | [<img src="https://avatars0.githubusercontent.com/u/6117660?v=3" width="110px;"/><br /><sub>reidblomquist</sub>](https://github.com/reidblomquist)<br />[📖](https://github.com/snipe/snipe-it/commits?author=reidblomquist "Documentation") | [<img src="https://avatars0.githubusercontent.com/u/539914?v=3" width="110px;"/><br /><sub>Mathieu Kooiman</sub>](https://github.com/mathieuk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mathieuk "Code") | [<img src="https://avatars3.githubusercontent.com/u/6606421?v=3" width="110px;"/><br /><sub>csayre</sub>](https://github.com/csayre)<br />[📖](https://github.com/snipe/snipe-it/commits?author=csayre "Documentation") | [<img src="https://avatars1.githubusercontent.com/u/768488?v=3" width="110px;"/><br /><sub>Adam Dunson</sub>](https://github.com/adamdunson)<br />[💻](https://github.com/snipe/snipe-it/commits?author=adamdunson "Code") |
-| [<img src="https://avatars0.githubusercontent.com/u/5547470?v=3" width="110px;"/><br /><sub>Hereward</sub>](https://github.com/thehereward)<br />[💻](https://github.com/snipe/snipe-it/commits?author=thehereward "Code") | [<img src="https://avatars0.githubusercontent.com/u/5802977?v=3" width="110px;"/><br /><sub>swoopdk</sub>](https://github.com/swoopdk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=swoopdk "Code") | [<img src="https://avatars1.githubusercontent.com/u/3470403?v=3" width="110px;"/><br /><sub>Abdullah Alansari</sub>](https://linkedin.com/in/ahimta)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Ahimta "Code") | [<img src="https://avatars0.githubusercontent.com/u/796443?v=3" width="110px;"/><br /><sub>Micael Rodrigues</sub>](https://github.com/MicaelRodrigues)<br />[💻](https://github.com/snipe/snipe-it/commits?author=MicaelRodrigues "Code") | [<img src="https://avatars0.githubusercontent.com/u/614564?v=3" width="110px;"/><br /><sub>Patrick Gallagher</sub>](http://macadmincorner.com)<br />[📖](https://github.com/snipe/snipe-it/commits?author=patgmac "Documentation") | [<img src="https://avatars3.githubusercontent.com/u/7165922?v=3" width="110px;"/><br /><sub>Miliamber</sub>](https://github.com/Miliamber)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Miliamber "Code") | [<img src="https://avatars3.githubusercontent.com/u/861766?v=3" width="110px;"/><br /><sub>hawk554</sub>](https://github.com/hawk554)<br />[💻](https://github.com/snipe/snipe-it/commits?author=hawk554 "Code") |
-| [<img src="https://avatars1.githubusercontent.com/u/1695622?v=3" width="110px;"/><br /><sub>Justin Kerr</sub>](http://jbirdkerr.net)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jbirdkerr "Code") | [<img src="https://avatars3.githubusercontent.com/u/11426176?v=3" width="110px;"/><br /><sub>Ira W. Snyder</sub>](http://www.irasnyder.com/devel/)<br />[📖](https://github.com/snipe/snipe-it/commits?author=irasnyd "Documentation") | [<img src="https://avatars2.githubusercontent.com/u/2475759?v=3" width="110px;"/><br /><sub>Aladin Alaily</sub>](https://github.com/aalaily)<br />[💻](https://github.com/snipe/snipe-it/commits?author=aalaily "Code") | [<img src="https://avatars0.githubusercontent.com/u/10247644?v=3" width="110px;"/><br /><sub>Chase Hansen</sub>](https://github.com/kobie-chasehansen)<br />[💻](https://github.com/snipe/snipe-it/commits?author=kobie-chasehansen "Code") [💬](#question-kobie-chasehansen "Answering Questions") [🐛](https://github.com/snipe/snipe-it/issues?q=author%3Akobie-chasehansen "Bug reports") | [<img src="https://avatars2.githubusercontent.com/u/13545400?v=3" width="110px;"/><br /><sub>IDM Helpdesk</sub>](https://github.com/IDM-Helpdesk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=IDM-Helpdesk "Code") | [<img src="https://avatars2.githubusercontent.com/u/614439?v=3" width="110px;"/><br /><sub>Kai</sub>](http://balticer.de)<br />[💻](https://github.com/snipe/snipe-it/commits?author=balticer "Code") | [<img src="https://avatars1.githubusercontent.com/u/8762511?v=3" width="110px;"/><br /><sub>Michael Daniels</sub>](http://www.michaeldaniels.me)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mdaniels5757 "Code") |
-| [<img src="https://avatars3.githubusercontent.com/u/1532660?v=3" width="110px;"/><br /><sub>Tom Castleman</sub>](http://tomcastleman.me)<br />[💻](https://github.com/snipe/snipe-it/commits?author=tomcastleman "Code") | [<img src="https://avatars3.githubusercontent.com/u/10723243?v=3" width="110px;"/><br /><sub>Daniel Nemanic</sub>](https://github.com/DanielNemanic)<br />[💻](https://github.com/snipe/snipe-it/commits?author=DanielNemanic "Code") | [<img src="https://avatars0.githubusercontent.com/u/150648?v=3" width="110px;"/><br /><sub>SouthWolf</sub>](https://github.com/southwolf)<br />[💻](https://github.com/snipe/snipe-it/commits?author=southwolf "Code") | [<img src="https://avatars2.githubusercontent.com/u/131616?v=3" width="110px;"/><br /><sub>Ivar Nesje</sub>](https://github.com/ivarne)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ivarne "Code") | [<img src="https://avatars1.githubusercontent.com/u/62333?v=3" width="110px;"/><br /><sub>Jérémy Benoist</sub>](http://www.j0k3r.net)<br />[📖](https://github.com/snipe/snipe-it/commits?author=j0k3r "Documentation") | [<img src="https://avatars2.githubusercontent.com/u/724344?v=3" width="110px;"/><br /><sub>Chris Leathley</sub>](https://github.com/cleathley)<br />[🚇](#infra-cleathley "Infrastructure (Hosting, Build-Tools, etc)") | [<img src="https://avatars0.githubusercontent.com/u/972498?v=3" width="110px;"/><br /><sub>splaer</sub>](https://github.com/splaer)<br />[🐛](https://github.com/snipe/snipe-it/issues?q=author%3Asplaer "Bug reports") [💻](https://github.com/snipe/snipe-it/commits?author=splaer "Code") |
-| [<img src="https://avatars1.githubusercontent.com/u/967362?v=3" width="110px;"/><br /><sub>Joe Ferguson</sub>](http://www.joeferguson.me)<br />[💻](https://github.com/snipe/snipe-it/commits?author=svpernova09 "Code") | [<img src="https://avatars3.githubusercontent.com/u/6108682?v=3" width="110px;"/><br /><sub>diwanicki</sub>](https://github.com/diwanicki)<br />[💻](https://github.com/snipe/snipe-it/commits?author=diwanicki "Code") [📖](https://github.com/snipe/snipe-it/commits?author=diwanicki "Documentation") | [<img src="https://avatars3.githubusercontent.com/u/2527115?v=3" width="110px;"/><br /><sub>Lee Thoong Ching</sub>](https://github.com/pakkua80)<br />[📖](https://github.com/snipe/snipe-it/commits?author=pakkua80 "Documentation") [💻](https://github.com/snipe/snipe-it/commits?author=pakkua80 "Code") | [<img src="https://avatars1.githubusercontent.com/u/461491?v=3" width="110px;"/><br /><sub>Marek Šuppa</sub>](http://shu.io)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mrshu "Code") | [<img src="https://avatars1.githubusercontent.com/u/8693762?v=3" width="110px;"/><br /><sub>Juan J. Martinez</sub>](https://github.com/mizar1616)<br />[🌍](#translation-mizar1616 "Translation") | [<img src="https://avatars1.githubusercontent.com/u/1458388?v=3" width="110px;"/><br /><sub>R Ryan Dial</sub>](https://github.com/rrdial)<br />[🌍](#translation-rrdial "Translation") | [<img src="https://avatars2.githubusercontent.com/u/2871745?v=3" width="110px;"/><br /><sub>Andrej Manduch</sub>](https://github.com/burlito)<br />[📖](https://github.com/snipe/snipe-it/commits?author=burlito "Documentation") |
-| [<img src="https://avatars0.githubusercontent.com/u/8341172?v=3" width="110px;"/><br /><sub>Jay Richards</sub>](http://www.cordeos.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=technogenus "Code") | [<img src="https://avatars2.githubusercontent.com/u/7295127?v=3" width="110px;"/><br /><sub>Alexander Innes</sub>](https://necurity.co.uk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=leostat "Code") | [<img src="https://avatars2.githubusercontent.com/u/334485?v=3" width="110px;"/><br /><sub>Danny Garcia</sub>](https://buzzedword.codes)<br />[💻](https://github.com/snipe/snipe-it/commits?author=buzzedword "Code") | [<img src="https://avatars2.githubusercontent.com/u/366855?v=3" width="110px;"/><br /><sub>archpoint</sub>](https://github.com/archpoint)<br />[💻](https://github.com/snipe/snipe-it/commits?author=archpoint "Code") | [<img src="https://avatars1.githubusercontent.com/u/67991?v=3" width="110px;"/><br /><sub>Jake McGraw</sub>](http://www.jakemcgraw.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jakemcgraw "Code") | [<img src="https://avatars1.githubusercontent.com/u/1714374?v=3" width="110px;"/><br /><sub>FleischKarussel</sub>](https://github.com/FleischKarussel)<br />[📖](https://github.com/snipe/snipe-it/commits?author=FleischKarussel "Documentation") | [<img src="https://avatars3.githubusercontent.com/u/319644?v=3" width="110px;"/><br /><sub>Dylan Yi</sub>](https://github.com/feeva)<br />[💻](https://github.com/snipe/snipe-it/commits?author=feeva "Code") |
-| [<img src="https://avatars2.githubusercontent.com/u/857740?v=3" width="110px;"/><br /><sub>Gil Rutkowski</sub>](http://FlashingCursor.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=flashingcursor "Code") | [<img src="https://avatars3.githubusercontent.com/u/129360?v=3" width="110px;"/><br /><sub>Desmond Morris</sub>](http://www.desmondmorris.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=desmondmorris "Code") | [<img src="https://avatars2.githubusercontent.com/u/52936?v=3" width="110px;"/><br /><sub>Nick Peelman</sub>](http://peelman.us)<br />[💻](https://github.com/snipe/snipe-it/commits?author=peelman "Code") | [<img src="https://avatars0.githubusercontent.com/u/53161?v=3" width="110px;"/><br /><sub>Abraham Vegh</sub>](https://abrahamvegh.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=abrahamvegh "Code") | [<img src="https://avatars0.githubusercontent.com/u/2818680?v=3" width="110px;"/><br /><sub>Mohamed Rashid</sub>](https://github.com/rashivkp)<br />[📖](https://github.com/snipe/snipe-it/commits?author=rashivkp "Documentation") | [<img src="https://avatars3.githubusercontent.com/u/1509456?v=3" width="110px;"/><br /><sub>Kasey</sub>](http://hinchk.github.io)<br />[💻](https://github.com/snipe/snipe-it/commits?author=HinchK "Code") | [<img src="https://avatars2.githubusercontent.com/u/10522541?v=3" width="110px;"/><br /><sub>Brett</sub>](https://github.com/BrettFagerlund)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=BrettFagerlund "Tests") |
-| [<img src="https://avatars2.githubusercontent.com/u/16108587?v=3" width="110px;"/><br /><sub>Jason Spriggs</sub>](http://jasonspriggs.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jasonspriggs "Code") | [<img src="https://avatars2.githubusercontent.com/u/1134568?v=3" width="110px;"/><br /><sub>Nate Felton</sub>](http://n8felton.wordpress.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=n8felton "Code") | [<img src="https://avatars2.githubusercontent.com/u/14036694?v=3" width="110px;"/><br /><sub>Manasses Ferreira</sub>](http://homepages.dcc.ufmg.br/~manassesferreira)<br />[💻](https://github.com/snipe/snipe-it/commits?author=manassesferreira "Code") | [<img src="https://avatars0.githubusercontent.com/u/15913949?v=3" width="110px;"/><br /><sub>Steve</sub>](https://github.com/steveelwood)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=steveelwood "Tests") | [<img src="https://avatars1.githubusercontent.com/u/3361683?v=3" width="110px;"/><br /><sub>matc</sub>](http://twitter.com/matc)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=matc "Tests") | [<img src="https://avatars3.githubusercontent.com/u/7405702?v=3" width="110px;"/><br /><sub>Cole R. Davis</sub>](http://www.davisracingteam.com)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=VanillaNinjaD "Tests") | [<img src="https://avatars2.githubusercontent.com/u/10167681?v=3" width="110px;"/><br /><sub>gibsonjoshua55</sub>](https://github.com/gibsonjoshua55)<br />[💻](https://github.com/snipe/snipe-it/commits?author=gibsonjoshua55 "Code") |
-| [<img src="https://avatars2.githubusercontent.com/u/2809241?v=4" width="110px;"/><br /><sub>Robin Temme</sub>](https://github.com/zwerch)<br />[💻](https://github.com/snipe/snipe-it/commits?author=zwerch "Code") | [<img src="https://avatars0.githubusercontent.com/u/6961695?v=4" width="110px;"/><br /><sub>Iman</sub>](https://github.com/imanghafoori1)<br />[💻](https://github.com/snipe/snipe-it/commits?author=imanghafoori1 "Code") | [<img src="https://avatars1.githubusercontent.com/u/6551003?v=4" width="110px;"/><br /><sub>Richard Hofman</sub>](https://github.com/richardhofman6)<br />[💻](https://github.com/snipe/snipe-it/commits?author=richardhofman6 "Code") | [<img src="https://avatars0.githubusercontent.com/u/3697569?v=4" width="110px;"/><br /><sub>gizzmojr</sub>](https://github.com/gizzmojr)<br />[💻](https://github.com/snipe/snipe-it/commits?author=gizzmojr "Code") | [<img src="https://avatars3.githubusercontent.com/u/404729?v=4" width="110px;"/><br /><sub>Jenny Li</sub>](https://github.com/imjennyli)<br />[📖](https://github.com/snipe/snipe-it/commits?author=imjennyli "Documentation") | [<img src="https://avatars0.githubusercontent.com/u/869227?v=4" width="110px;"/><br /><sub>Geoff Young</sub>](https://github.com/GeoffYoung)<br />[💻](https://github.com/snipe/snipe-it/commits?author=GeoffYoung "Code") | [<img src="https://avatars3.githubusercontent.com/u/1068477?v=4" width="110px;"/><br /><sub>Elliot Blackburn</sub>](http://www.elliotblackburn.com)<br />[📖](https://github.com/snipe/snipe-it/commits?author=BlueHatbRit "Documentation") |
-| [<img src="https://avatars1.githubusercontent.com/u/6357451?v=4" width="110px;"/><br /><sub>Tõnis Ormisson</sub>](http://andmemasin.eu)<br />[💻](https://github.com/snipe/snipe-it/commits?author=TonisOrmisson "Code") | [<img src="https://avatars0.githubusercontent.com/u/449411?v=4" width="110px;"/><br /><sub>Nicolai Essig</sub>](http://www.nicolai-essig.de)<br />[💻](https://github.com/snipe/snipe-it/commits?author=thakilla "Code") | [<img src="https://avatars1.githubusercontent.com/u/14809698?v=4" width="110px;"/><br /><sub>Danielle</sub>](https://github.com/techincolor)<br />[📖](https://github.com/snipe/snipe-it/commits?author=techincolor "Documentation") | [<img src="https://avatars1.githubusercontent.com/u/18545156?v=4" width="110px;"/><br /><sub>Lawrence</sub>](https://github.com/TheVakman)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=TheVakman "Tests") [🐛](https://github.com/snipe/snipe-it/issues?q=author%3ATheVakman "Bug reports") | [<img src="https://avatars1.githubusercontent.com/u/22473767?v=4" width="110px;"/><br /><sub>uknzaeinozpas</sub>](https://github.com/uknzaeinozpas)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=uknzaeinozpas "Tests") [💻](https://github.com/snipe/snipe-it/commits?author=uknzaeinozpas "Code") | [<img src="https://avatars3.githubusercontent.com/u/422752?v=4" width="110px;"/><br /><sub>Ryan</sub>](https://github.com/Gelob)<br />[📖](https://github.com/snipe/snipe-it/commits?author=Gelob "Documentation") | [<img src="https://avatars1.githubusercontent.com/u/10672546?v=4" width="110px;"/><br /><sub>vcordes79</sub>](https://github.com/vcordes79)<br />[💻](https://github.com/snipe/snipe-it/commits?author=vcordes79 "Code") |
-| [<img src="https://avatars3.githubusercontent.com/u/27958330?v=4" width="110px;"/><br /><sub>fordster78</sub>](https://github.com/fordster78)<br />[💻](https://github.com/snipe/snipe-it/commits?author=fordster78 "Code") | [<img src="https://avatars0.githubusercontent.com/u/34064225?v=4" width="110px;"/><br /><sub>CronKz</sub>](https://github.com/CronKz)<br />[💻](https://github.com/snipe/snipe-it/commits?author=CronKz "Code") | [<img src="https://avatars1.githubusercontent.com/u/585486?v=4" width="110px;"/><br /><sub>Tim Bishop</sub>](https://github.com/tdb)<br />[💻](https://github.com/snipe/snipe-it/commits?author=tdb "Code") | [<img src="https://avatars2.githubusercontent.com/u/5384694?v=4" width="110px;"/><br /><sub>Sean McIlvenna</sub>](https://www.seanmcilvenna.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=seanmcilvenna "Code") | [<img src="https://avatars3.githubusercontent.com/u/36515590?v=4" width="110px;"/><br /><sub>cepacs</sub>](https://github.com/cepacs)<br />[🐛](https://github.com/snipe/snipe-it/issues?q=author%3Acepacs "Bug reports") [📖](https://github.com/snipe/snipe-it/commits?author=cepacs "Documentation") | [<img src="https://avatars2.githubusercontent.com/u/37537300?v=4" width="110px;"/><br /><sub>lea-mink</sub>](https://github.com/lea-mink)<br />[💻](https://github.com/snipe/snipe-it/commits?author=lea-mink "Code") | [<img src="https://avatars0.githubusercontent.com/u/7140719?v=4" width="110px;"/><br /><sub>Hannah Tinkler</sub>](https://github.com/hannahtinkler)<br />[💻](https://github.com/snipe/snipe-it/commits?author=hannahtinkler "Code") |
-| [<img src="https://avatars1.githubusercontent.com/u/1086388?v=4" width="110px;"/><br /><sub>Doeke Zanstra</sub>](https://github.com/doekman)<br />[💻](https://github.com/snipe/snipe-it/commits?author=doekman "Code") |
-<!-- ALL-CONTRIBUTORS-LIST:END -->
-
-This project follows the [all-contributors](https://github.com/kentcdodds/all-contributors) specification. Contributions of any kind welcome!
-
-----
-
 ### Contributing

 Please see the documentation on [contributing and developing for Snipe-IT](https://snipe-it.readme.io/docs/contributing-overview).
@@ -102,3 +80,50 @@ Please note that this project is released with a [Contributor Code of Conduct](C
 ### Security

 To report a security vulnerability, please email security@snipeitapp.com instead of using the issue tracker. 
+
+-----
+
+### Contributors
+
+Thanks goes to all of these wonderful people ([emoji key](https://github.com/kentcdodds/all-contributors#emoji-key)) who have helped Snipe-IT get this far:
+
+<!-- ALL-CONTRIBUTORS-LIST:START - Do not remove or modify this section -->
+| [<img src="https://avatars3.githubusercontent.com/u/197404?v=3" width="110px;"/><br /><sub>snipe</sub>](http://www.snipe.net)<br />[💻](https://github.com/snipe/snipe-it/commits?author=snipe "Code") [🚇](#infra-snipe "Infrastructure (Hosting, Build-Tools, etc)") [📖](https://github.com/snipe/snipe-it/commits?author=snipe "Documentation") [⚠️](https://github.com/snipe/snipe-it/commits?author=snipe "Tests") [🐛](https://github.com/snipe/snipe-it/issues?q=author%3Asnipe "Bug reports") [🎨](#design-snipe "Design") [👀](#review-snipe "Reviewed Pull Requests") | [<img src="https://avatars0.githubusercontent.com/u/36335?v=3" width="110px;"/><br /><sub>Brady Wetherington</sub>](http://www.uberbrady.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=uberbrady "Code") [📖](https://github.com/snipe/snipe-it/commits?author=uberbrady "Documentation") [🚇](#infra-uberbrady "Infrastructure (Hosting, Build-Tools, etc)") [👀](#review-uberbrady "Reviewed Pull Requests") | [<img src="https://avatars0.githubusercontent.com/u/3803132?v=3" width="110px;"/><br /><sub>Daniel Meltzer</sub>](https://github.com/dmeltzer)<br />[💻](https://github.com/snipe/snipe-it/commits?author=dmeltzer "Code") [⚠️](https://github.com/snipe/snipe-it/commits?author=dmeltzer "Tests") [📖](https://github.com/snipe/snipe-it/commits?author=dmeltzer "Documentation") | [<img src="https://avatars0.githubusercontent.com/u/1609106?v=3" width="110px;"/><br /><sub>Michael T</sub>](http://www.tuckertechonline.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mtucker6784 "Code") | [<img src="https://avatars2.githubusercontent.com/u/3274937?v=3" width="110px;"/><br /><sub>madd15</sub>](https://github.com/madd15)<br />[📖](https://github.com/snipe/snipe-it/commits?author=madd15 "Documentation") [💬](#question-madd15 "Answering Questions") | [<img src="https://avatars2.githubusercontent.com/u/894126?v=3" width="110px;"/><br /><sub>Vincent Sposato</sub>](https://github.com/vsposato)<br />[💻](https://github.com/snipe/snipe-it/commits?author=vsposato "Code") | [<img src="https://avatars0.githubusercontent.com/u/1639757?v=3" width="110px;"/><br /><sub>Andrea Bergamasco</sub>](https://github.com/vjandrea)<br />[💻](https://github.com/snipe/snipe-it/commits?author=vjandrea "Code") |
+| :---: | :---: | :---: | :---: | :---: | :---: | :---: |
+| [<img src="https://avatars0.githubusercontent.com/u/10640152?v=3" width="110px;"/><br /><sub>Karol</sub>](https://github.com/kpawelski)<br />[🌍](#translation-kpawelski "Translation") [💻](https://github.com/snipe/snipe-it/commits?author=kpawelski "Code") | [<img src="https://avatars3.githubusercontent.com/u/600106?v=3" width="110px;"/><br /><sub>morph027</sub>](http://blog.morph027.de/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=morph027 "Code") | [<img src="https://avatars3.githubusercontent.com/u/22935755?v=3" width="110px;"/><br /><sub>fvleminckx</sub>](https://github.com/fvleminckx)<br />[🚇](#infra-fvleminckx "Infrastructure (Hosting, Build-Tools, etc)") | [<img src="https://avatars2.githubusercontent.com/u/15633547?v=3" width="110px;"/><br /><sub>itsupportcmsukorg</sub>](https://github.com/itsupportcmsukorg)<br />[💻](https://github.com/snipe/snipe-it/commits?author=itsupportcmsukorg "Code") [🐛](https://github.com/snipe/snipe-it/issues?q=author%3Aitsupportcmsukorg "Bug reports") | [<img src="https://avatars3.githubusercontent.com/u/12373799?v=3" width="110px;"/><br /><sub>Frank</sub>](https://override.io)<br />[💻](https://github.com/snipe/snipe-it/commits?author=base-zero "Code") | [<img src="https://avatars0.githubusercontent.com/u/10137?v=3" width="110px;"/><br /><sub>Deleted user</sub>](https://github.com/ghost)<br />[🌍](#translation-ghost "Translation") [💻](https://github.com/snipe/snipe-it/commits?author=ghost "Code") | [<img src="https://avatars1.githubusercontent.com/u/10802313?v=3" width="110px;"/><br /><sub>tiagom62</sub>](https://github.com/tiagom62)<br />[💻](https://github.com/snipe/snipe-it/commits?author=tiagom62 "Code") [🚇](#infra-tiagom62 "Infrastructure (Hosting, Build-Tools, etc)") |
+| [<img src="https://avatars3.githubusercontent.com/u/2389047?v=3" width="110px;"/><br /><sub>Ryan Stafford</sub>](https://github.com/rystaf)<br />[💻](https://github.com/snipe/snipe-it/commits?author=rystaf "Code") | [<img src="https://avatars2.githubusercontent.com/u/10345935?v=3" width="110px;"/><br /><sub>Eammon Hanlon</sub>](https://github.com/ehanlon)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ehanlon "Code") | [<img src="https://avatars0.githubusercontent.com/u/441924?v=3" width="110px;"/><br /><sub>zjean</sub>](https://github.com/zjean)<br />[💻](https://github.com/snipe/snipe-it/commits?author=zjean "Code") | [<img src="https://avatars0.githubusercontent.com/u/12660103?v=3" width="110px;"/><br /><sub>Matthias Frei</sub>](http://www.frei.media)<br />[💻](https://github.com/snipe/snipe-it/commits?author=FREImedia "Code") | [<img src="https://avatars0.githubusercontent.com/u/3767518?v=3" width="110px;"/><br /><sub>opsydev</sub>](https://github.com/opsydev)<br />[💻](https://github.com/snipe/snipe-it/commits?author=opsydev "Code") | [<img src="https://avatars1.githubusercontent.com/u/82290?v=3" width="110px;"/><br /><sub>Daniel Dreier</sub>](http://www.ddreier.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ddreier "Code") | [<img src="https://avatars0.githubusercontent.com/u/23448?v=3" width="110px;"/><br /><sub>Nikolai Prokoschenko</sub>](http://rassie.org)<br />[💻](https://github.com/snipe/snipe-it/commits?author=rassie "Code") |
+| [<img src="https://avatars0.githubusercontent.com/u/13452757?v=3" width="110px;"/><br /><sub>Drew</sub>](https://github.com/YetAnotherCodeMonkey)<br />[💻](https://github.com/snipe/snipe-it/commits?author=YetAnotherCodeMonkey "Code") | [<img src="https://avatars0.githubusercontent.com/u/1342320?v=3" width="110px;"/><br /><sub>Walter</sub>](https://github.com/merid14)<br />[💻](https://github.com/snipe/snipe-it/commits?author=merid14 "Code") | [<img src="https://avatars3.githubusercontent.com/u/11254614?v=3" width="110px;"/><br /><sub>Petr Baloun</sub>](https://github.com/balous)<br />[💻](https://github.com/snipe/snipe-it/commits?author=balous "Code") | [<img src="https://avatars0.githubusercontent.com/u/6117660?v=3" width="110px;"/><br /><sub>reidblomquist</sub>](https://github.com/reidblomquist)<br />[📖](https://github.com/snipe/snipe-it/commits?author=reidblomquist "Documentation") | [<img src="https://avatars0.githubusercontent.com/u/539914?v=3" width="110px;"/><br /><sub>Mathieu Kooiman</sub>](https://github.com/mathieuk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mathieuk "Code") | [<img src="https://avatars3.githubusercontent.com/u/6606421?v=3" width="110px;"/><br /><sub>csayre</sub>](https://github.com/csayre)<br />[📖](https://github.com/snipe/snipe-it/commits?author=csayre "Documentation") | [<img src="https://avatars1.githubusercontent.com/u/768488?v=3" width="110px;"/><br /><sub>Adam Dunson</sub>](https://github.com/adamdunson)<br />[💻](https://github.com/snipe/snipe-it/commits?author=adamdunson "Code") |
+| [<img src="https://avatars0.githubusercontent.com/u/5547470?v=3" width="110px;"/><br /><sub>Hereward</sub>](https://github.com/thehereward)<br />[💻](https://github.com/snipe/snipe-it/commits?author=thehereward "Code") | [<img src="https://avatars0.githubusercontent.com/u/5802977?v=3" width="110px;"/><br /><sub>swoopdk</sub>](https://github.com/swoopdk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=swoopdk "Code") | [<img src="https://avatars1.githubusercontent.com/u/3470403?v=3" width="110px;"/><br /><sub>Abdullah Alansari</sub>](https://linkedin.com/in/ahimta)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Ahimta "Code") | [<img src="https://avatars0.githubusercontent.com/u/796443?v=3" width="110px;"/><br /><sub>Micael Rodrigues</sub>](https://github.com/MicaelRodrigues)<br />[💻](https://github.com/snipe/snipe-it/commits?author=MicaelRodrigues "Code") | [<img src="https://avatars0.githubusercontent.com/u/614564?v=3" width="110px;"/><br /><sub>Patrick Gallagher</sub>](http://macadmincorner.com)<br />[📖](https://github.com/snipe/snipe-it/commits?author=patgmac "Documentation") | [<img src="https://avatars3.githubusercontent.com/u/7165922?v=3" width="110px;"/><br /><sub>Miliamber</sub>](https://github.com/Miliamber)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Miliamber "Code") | [<img src="https://avatars3.githubusercontent.com/u/861766?v=3" width="110px;"/><br /><sub>hawk554</sub>](https://github.com/hawk554)<br />[💻](https://github.com/snipe/snipe-it/commits?author=hawk554 "Code") |
+| [<img src="https://avatars1.githubusercontent.com/u/1695622?v=3" width="110px;"/><br /><sub>Justin Kerr</sub>](http://jbirdkerr.net)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jbirdkerr "Code") | [<img src="https://avatars3.githubusercontent.com/u/11426176?v=3" width="110px;"/><br /><sub>Ira W. Snyder</sub>](http://www.irasnyder.com/devel/)<br />[📖](https://github.com/snipe/snipe-it/commits?author=irasnyd "Documentation") | [<img src="https://avatars2.githubusercontent.com/u/2475759?v=3" width="110px;"/><br /><sub>Aladin Alaily</sub>](https://github.com/aalaily)<br />[💻](https://github.com/snipe/snipe-it/commits?author=aalaily "Code") | [<img src="https://avatars0.githubusercontent.com/u/10247644?v=3" width="110px;"/><br /><sub>Chase Hansen</sub>](https://github.com/kobie-chasehansen)<br />[💻](https://github.com/snipe/snipe-it/commits?author=kobie-chasehansen "Code") [💬](#question-kobie-chasehansen "Answering Questions") [🐛](https://github.com/snipe/snipe-it/issues?q=author%3Akobie-chasehansen "Bug reports") | [<img src="https://avatars2.githubusercontent.com/u/13545400?v=3" width="110px;"/><br /><sub>IDM Helpdesk</sub>](https://github.com/IDM-Helpdesk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=IDM-Helpdesk "Code") | [<img src="https://avatars2.githubusercontent.com/u/614439?v=3" width="110px;"/><br /><sub>Kai</sub>](http://balticer.de)<br />[💻](https://github.com/snipe/snipe-it/commits?author=balticer "Code") | [<img src="https://avatars1.githubusercontent.com/u/8762511?v=3" width="110px;"/><br /><sub>Michael Daniels</sub>](http://www.michaeldaniels.me)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mdaniels5757 "Code") |
+| [<img src="https://avatars3.githubusercontent.com/u/1532660?v=3" width="110px;"/><br /><sub>Tom Castleman</sub>](http://tomcastleman.me)<br />[💻](https://github.com/snipe/snipe-it/commits?author=tomcastleman "Code") | [<img src="https://avatars3.githubusercontent.com/u/10723243?v=3" width="110px;"/><br /><sub>Daniel Nemanic</sub>](https://github.com/DanielNemanic)<br />[💻](https://github.com/snipe/snipe-it/commits?author=DanielNemanic "Code") | [<img src="https://avatars0.githubusercontent.com/u/150648?v=3" width="110px;"/><br /><sub>SouthWolf</sub>](https://github.com/southwolf)<br />[💻](https://github.com/snipe/snipe-it/commits?author=southwolf "Code") | [<img src="https://avatars2.githubusercontent.com/u/131616?v=3" width="110px;"/><br /><sub>Ivar Nesje</sub>](https://github.com/ivarne)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ivarne "Code") | [<img src="https://avatars1.githubusercontent.com/u/62333?v=3" width="110px;"/><br /><sub>Jérémy Benoist</sub>](http://www.j0k3r.net)<br />[📖](https://github.com/snipe/snipe-it/commits?author=j0k3r "Documentation") | [<img src="https://avatars2.githubusercontent.com/u/724344?v=3" width="110px;"/><br /><sub>Chris Leathley</sub>](https://github.com/cleathley)<br />[🚇](#infra-cleathley "Infrastructure (Hosting, Build-Tools, etc)") | [<img src="https://avatars0.githubusercontent.com/u/972498?v=3" width="110px;"/><br /><sub>splaer</sub>](https://github.com/splaer)<br />[🐛](https://github.com/snipe/snipe-it/issues?q=author%3Asplaer "Bug reports") [💻](https://github.com/snipe/snipe-it/commits?author=splaer "Code") |
+| [<img src="https://avatars1.githubusercontent.com/u/967362?v=3" width="110px;"/><br /><sub>Joe Ferguson</sub>](http://www.joeferguson.me)<br />[💻](https://github.com/snipe/snipe-it/commits?author=svpernova09 "Code") | [<img src="https://avatars3.githubusercontent.com/u/6108682?v=3" width="110px;"/><br /><sub>diwanicki</sub>](https://github.com/diwanicki)<br />[💻](https://github.com/snipe/snipe-it/commits?author=diwanicki "Code") [📖](https://github.com/snipe/snipe-it/commits?author=diwanicki "Documentation") | [<img src="https://avatars3.githubusercontent.com/u/2527115?v=3" width="110px;"/><br /><sub>Lee Thoong Ching</sub>](https://github.com/pakkua80)<br />[📖](https://github.com/snipe/snipe-it/commits?author=pakkua80 "Documentation") [💻](https://github.com/snipe/snipe-it/commits?author=pakkua80 "Code") | [<img src="https://avatars1.githubusercontent.com/u/461491?v=3" width="110px;"/><br /><sub>Marek Šuppa</sub>](http://shu.io)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mrshu "Code") | [<img src="https://avatars1.githubusercontent.com/u/8693762?v=3" width="110px;"/><br /><sub>Juan J. Martinez</sub>](https://github.com/mizar1616)<br />[🌍](#translation-mizar1616 "Translation") | [<img src="https://avatars1.githubusercontent.com/u/1458388?v=3" width="110px;"/><br /><sub>R Ryan Dial</sub>](https://github.com/rrdial)<br />[🌍](#translation-rrdial "Translation") | [<img src="https://avatars2.githubusercontent.com/u/2871745?v=3" width="110px;"/><br /><sub>Andrej Manduch</sub>](https://github.com/burlito)<br />[📖](https://github.com/snipe/snipe-it/commits?author=burlito "Documentation") |
+| [<img src="https://avatars0.githubusercontent.com/u/8341172?v=3" width="110px;"/><br /><sub>Jay Richards</sub>](http://www.cordeos.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=technogenus "Code") | [<img src="https://avatars2.githubusercontent.com/u/7295127?v=3" width="110px;"/><br /><sub>Alexander Innes</sub>](https://necurity.co.uk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=leostat "Code") | [<img src="https://avatars2.githubusercontent.com/u/334485?v=3" width="110px;"/><br /><sub>Danny Garcia</sub>](https://buzzedword.codes)<br />[💻](https://github.com/snipe/snipe-it/commits?author=buzzedword "Code") | [<img src="https://avatars2.githubusercontent.com/u/366855?v=3" width="110px;"/><br /><sub>archpoint</sub>](https://github.com/archpoint)<br />[💻](https://github.com/snipe/snipe-it/commits?author=archpoint "Code") | [<img src="https://avatars1.githubusercontent.com/u/67991?v=3" width="110px;"/><br /><sub>Jake McGraw</sub>](http://www.jakemcgraw.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jakemcgraw "Code") | [<img src="https://avatars1.githubusercontent.com/u/1714374?v=3" width="110px;"/><br /><sub>FleischKarussel</sub>](https://github.com/FleischKarussel)<br />[📖](https://github.com/snipe/snipe-it/commits?author=FleischKarussel "Documentation") | [<img src="https://avatars3.githubusercontent.com/u/319644?v=3" width="110px;"/><br /><sub>Dylan Yi</sub>](https://github.com/feeva)<br />[💻](https://github.com/snipe/snipe-it/commits?author=feeva "Code") |
+| [<img src="https://avatars2.githubusercontent.com/u/857740?v=3" width="110px;"/><br /><sub>Gil Rutkowski</sub>](http://FlashingCursor.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=flashingcursor "Code") | [<img src="https://avatars3.githubusercontent.com/u/129360?v=3" width="110px;"/><br /><sub>Desmond Morris</sub>](http://www.desmondmorris.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=desmondmorris "Code") | [<img src="https://avatars2.githubusercontent.com/u/52936?v=3" width="110px;"/><br /><sub>Nick Peelman</sub>](http://peelman.us)<br />[💻](https://github.com/snipe/snipe-it/commits?author=peelman "Code") | [<img src="https://avatars0.githubusercontent.com/u/53161?v=3" width="110px;"/><br /><sub>Abraham Vegh</sub>](https://abrahamvegh.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=abrahamvegh "Code") | [<img src="https://avatars0.githubusercontent.com/u/2818680?v=3" width="110px;"/><br /><sub>Mohamed Rashid</sub>](https://github.com/rashivkp)<br />[📖](https://github.com/snipe/snipe-it/commits?author=rashivkp "Documentation") | [<img src="https://avatars3.githubusercontent.com/u/1509456?v=3" width="110px;"/><br /><sub>Kasey</sub>](http://hinchk.github.io)<br />[💻](https://github.com/snipe/snipe-it/commits?author=HinchK "Code") | [<img src="https://avatars2.githubusercontent.com/u/10522541?v=3" width="110px;"/><br /><sub>Brett</sub>](https://github.com/BrettFagerlund)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=BrettFagerlund "Tests") |
+| [<img src="https://avatars2.githubusercontent.com/u/16108587?v=3" width="110px;"/><br /><sub>Jason Spriggs</sub>](http://jasonspriggs.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jasonspriggs "Code") | [<img src="https://avatars2.githubusercontent.com/u/1134568?v=3" width="110px;"/><br /><sub>Nate Felton</sub>](http://n8felton.wordpress.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=n8felton "Code") | [<img src="https://avatars2.githubusercontent.com/u/14036694?v=3" width="110px;"/><br /><sub>Manasses Ferreira</sub>](http://homepages.dcc.ufmg.br/~manassesferreira)<br />[💻](https://github.com/snipe/snipe-it/commits?author=manassesferreira "Code") | [<img src="https://avatars0.githubusercontent.com/u/15913949?v=3" width="110px;"/><br /><sub>Steve</sub>](https://github.com/steveelwood)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=steveelwood "Tests") | [<img src="https://avatars1.githubusercontent.com/u/3361683?v=3" width="110px;"/><br /><sub>matc</sub>](http://twitter.com/matc)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=matc "Tests") | [<img src="https://avatars3.githubusercontent.com/u/7405702?v=3" width="110px;"/><br /><sub>Cole R. Davis</sub>](http://www.davisracingteam.com)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=VanillaNinjaD "Tests") | [<img src="https://avatars2.githubusercontent.com/u/10167681?v=3" width="110px;"/><br /><sub>gibsonjoshua55</sub>](https://github.com/gibsonjoshua55)<br />[💻](https://github.com/snipe/snipe-it/commits?author=gibsonjoshua55 "Code") |
+| [<img src="https://avatars2.githubusercontent.com/u/2809241?v=4" width="110px;"/><br /><sub>Robin Temme</sub>](https://github.com/zwerch)<br />[💻](https://github.com/snipe/snipe-it/commits?author=zwerch "Code") | [<img src="https://avatars0.githubusercontent.com/u/6961695?v=4" width="110px;"/><br /><sub>Iman</sub>](https://github.com/imanghafoori1)<br />[💻](https://github.com/snipe/snipe-it/commits?author=imanghafoori1 "Code") | [<img src="https://avatars1.githubusercontent.com/u/6551003?v=4" width="110px;"/><br /><sub>Richard Hofman</sub>](https://github.com/richardhofman6)<br />[💻](https://github.com/snipe/snipe-it/commits?author=richardhofman6 "Code") | [<img src="https://avatars0.githubusercontent.com/u/3697569?v=4" width="110px;"/><br /><sub>gizzmojr</sub>](https://github.com/gizzmojr)<br />[💻](https://github.com/snipe/snipe-it/commits?author=gizzmojr "Code") | [<img src="https://avatars3.githubusercontent.com/u/404729?v=4" width="110px;"/><br /><sub>Jenny Li</sub>](https://github.com/imjennyli)<br />[📖](https://github.com/snipe/snipe-it/commits?author=imjennyli "Documentation") | [<img src="https://avatars0.githubusercontent.com/u/869227?v=4" width="110px;"/><br /><sub>Geoff Young</sub>](https://github.com/GeoffYoung)<br />[💻](https://github.com/snipe/snipe-it/commits?author=GeoffYoung "Code") | [<img src="https://avatars3.githubusercontent.com/u/1068477?v=4" width="110px;"/><br /><sub>Elliot Blackburn</sub>](http://www.elliotblackburn.com)<br />[📖](https://github.com/snipe/snipe-it/commits?author=BlueHatbRit "Documentation") |
+| [<img src="https://avatars1.githubusercontent.com/u/6357451?v=4" width="110px;"/><br /><sub>Tõnis Ormisson</sub>](http://andmemasin.eu)<br />[💻](https://github.com/snipe/snipe-it/commits?author=TonisOrmisson "Code") | [<img src="https://avatars0.githubusercontent.com/u/449411?v=4" width="110px;"/><br /><sub>Nicolai Essig</sub>](http://www.nicolai-essig.de)<br />[💻](https://github.com/snipe/snipe-it/commits?author=thakilla "Code") | [<img src="https://avatars1.githubusercontent.com/u/14809698?v=4" width="110px;"/><br /><sub>Danielle</sub>](https://github.com/techincolor)<br />[📖](https://github.com/snipe/snipe-it/commits?author=techincolor "Documentation") | [<img src="https://avatars1.githubusercontent.com/u/18545156?v=4" width="110px;"/><br /><sub>Lawrence</sub>](https://github.com/TheVakman)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=TheVakman "Tests") [🐛](https://github.com/snipe/snipe-it/issues?q=author%3ATheVakman "Bug reports") | [<img src="https://avatars1.githubusercontent.com/u/22473767?v=4" width="110px;"/><br /><sub>uknzaeinozpas</sub>](https://github.com/uknzaeinozpas)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=uknzaeinozpas "Tests") [💻](https://github.com/snipe/snipe-it/commits?author=uknzaeinozpas "Code") | [<img src="https://avatars3.githubusercontent.com/u/422752?v=4" width="110px;"/><br /><sub>Ryan</sub>](https://github.com/Gelob)<br />[📖](https://github.com/snipe/snipe-it/commits?author=Gelob "Documentation") | [<img src="https://avatars1.githubusercontent.com/u/10672546?v=4" width="110px;"/><br /><sub>vcordes79</sub>](https://github.com/vcordes79)<br />[💻](https://github.com/snipe/snipe-it/commits?author=vcordes79 "Code") |
+| [<img src="https://avatars3.githubusercontent.com/u/27958330?v=4" width="110px;"/><br /><sub>fordster78</sub>](https://github.com/fordster78)<br />[💻](https://github.com/snipe/snipe-it/commits?author=fordster78 "Code") | [<img src="https://avatars0.githubusercontent.com/u/34064225?v=4" width="110px;"/><br /><sub>CronKz</sub>](https://github.com/CronKz)<br />[💻](https://github.com/snipe/snipe-it/commits?author=CronKz "Code") [🌍](#translation-CronKz "Translation") | [<img src="https://avatars1.githubusercontent.com/u/585486?v=4" width="110px;"/><br /><sub>Tim Bishop</sub>](https://github.com/tdb)<br />[💻](https://github.com/snipe/snipe-it/commits?author=tdb "Code") | [<img src="https://avatars2.githubusercontent.com/u/5384694?v=4" width="110px;"/><br /><sub>Sean McIlvenna</sub>](https://www.seanmcilvenna.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=seanmcilvenna "Code") | [<img src="https://avatars3.githubusercontent.com/u/36515590?v=4" width="110px;"/><br /><sub>cepacs</sub>](https://github.com/cepacs)<br />[🐛](https://github.com/snipe/snipe-it/issues?q=author%3Acepacs "Bug reports") [📖](https://github.com/snipe/snipe-it/commits?author=cepacs "Documentation") | [<img src="https://avatars2.githubusercontent.com/u/37537300?v=4" width="110px;"/><br /><sub>lea-mink</sub>](https://github.com/lea-mink)<br />[💻](https://github.com/snipe/snipe-it/commits?author=lea-mink "Code") | [<img src="https://avatars0.githubusercontent.com/u/7140719?v=4" width="110px;"/><br /><sub>Hannah Tinkler</sub>](https://github.com/hannahtinkler)<br />[💻](https://github.com/snipe/snipe-it/commits?author=hannahtinkler "Code") |
+| [<img src="https://avatars1.githubusercontent.com/u/1086388?v=4" width="110px;"/><br /><sub>Doeke Zanstra</sub>](https://github.com/doekman)<br />[💻](https://github.com/snipe/snipe-it/commits?author=doekman "Code") | [<img src="https://avatars1.githubusercontent.com/u/4325936?v=4" width="110px;"/><br /><sub>Djamon Staal</sub>](https://www.sdhd.nl/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=SjamonDaal "Code") | [<img src="https://avatars3.githubusercontent.com/u/12306859?v=4" width="110px;"/><br /><sub>Earl Ramirez</sub>](https://github.com/EarlRamirez)<br />[💻](https://github.com/snipe/snipe-it/commits?author=EarlRamirez "Code") | [<img src="https://avatars2.githubusercontent.com/u/8671456?v=4" width="110px;"/><br /><sub>Richard Ray Thomas</sub>](https://github.com/RichardRay)<br />[💻](https://github.com/snipe/snipe-it/commits?author=RichardRay "Code") | [<img src="https://avatars3.githubusercontent.com/u/1852688?v=4" width="110px;"/><br /><sub>Ryan Kuba</sub>](https://www.taisun.io/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=thelamer "Code") | [<img src="https://avatars1.githubusercontent.com/u/6751928?v=4" width="110px;"/><br /><sub>Brian Monroe</sub>](https://github.com/ParadoxGuitarist)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ParadoxGuitarist "Code") | [<img src="https://avatars1.githubusercontent.com/u/605167?v=4" width="110px;"/><br /><sub>plexorama</sub>](https://github.com/plexorama)<br />[💻](https://github.com/snipe/snipe-it/commits?author=plexorama "Code") |
+| [<img src="https://avatars2.githubusercontent.com/u/1795149?v=4" width="110px;"/><br /><sub>Till Deeke</sub>](https://tilldeeke.de)<br />[💻](https://github.com/snipe/snipe-it/commits?author=tilldeeke "Code") | [<img src="https://avatars0.githubusercontent.com/u/12634129?v=4" width="110px;"/><br /><sub>5quirrel</sub>](https://github.com/5quirrel)<br />[💻](https://github.com/snipe/snipe-it/commits?author=5quirrel "Code") | [<img src="https://avatars1.githubusercontent.com/u/13071957?v=4" width="110px;"/><br /><sub>Jason</sub>](https://github.com/jasonlshelton)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jasonlshelton "Code") | [<img src="https://avatars3.githubusercontent.com/u/7128321?v=4" width="110px;"/><br /><sub>Antti</sub>](https://github.com/chemfy)<br />[💻](https://github.com/snipe/snipe-it/commits?author=chemfy "Code") | [<img src="https://avatars3.githubusercontent.com/u/10080364?v=4" width="110px;"/><br /><sub>DeusMaximus</sub>](https://github.com/DeusMaximus)<br />[💻](https://github.com/snipe/snipe-it/commits?author=DeusMaximus "Code") | [<img src="https://avatars2.githubusercontent.com/u/16384611?v=4" width="110px;"/><br /><sub>a-royal</sub>](https://github.com/A-ROYAL)<br />[🌍](#translation-A-ROYAL "Translation") | [<img src="https://avatars0.githubusercontent.com/u/5358208?v=4" width="110px;"/><br /><sub>Alberto Aldrigo</sub>](https://github.com/albertoaldrigo)<br />[🌍](#translation-albertoaldrigo "Translation") |
+| [<img src="https://avatars0.githubusercontent.com/u/1412342?v=4" width="110px;"/><br /><sub>Alex Stanev</sub>](http://alex.stanev.org/blog)<br />[🌍](#translation-RealEnder "Translation") | [<img src="https://avatars0.githubusercontent.com/u/177295?v=4" width="110px;"/><br /><sub>Andreas Rehm</sub>](http://devel.itsolution2.de)<br />[🌍](#translation-sirrus "Translation") | [<img src="https://avatars0.githubusercontent.com/u/5080535?v=4" width="110px;"/><br /><sub>Andreas Erhard</sub>](https://github.com/xelan)<br />[🌍](#translation-xelan "Translation") | [<img src="https://avatars2.githubusercontent.com/u/142350?v=4" width="110px;"/><br /><sub>Andrés Vanegas Jiménez</sub>](https://github.com/angeldeejay)<br />[🌍](#translation-angeldeejay "Translation") | [<img src="https://avatars0.githubusercontent.com/u/3910403?v=4" width="110px;"/><br /><sub>Antonio Schiavon</sub>](https://github.com/aschiavon91)<br />[🌍](#translation-aschiavon91 "Translation") | [<img src="https://avatars0.githubusercontent.com/u/10464547?v=4" width="110px;"/><br /><sub>benunter</sub>](https://github.com/benunter)<br />[🌍](#translation-benunter "Translation") | [<img src="https://avatars1.githubusercontent.com/u/5038647?v=4" width="110px;"/><br /><sub>Borys Żmuda</sub>](http://catweb24.pl)<br />[🌍](#translation-rudashi "Translation") |
+| [<img src="https://avatars0.githubusercontent.com/u/5539359?v=4" width="110px;"/><br /><sub>chibacityblues</sub>](https://github.com/chibacityblues)<br />[🌍](#translation-chibacityblues "Translation") | [<img src="https://avatars1.githubusercontent.com/u/1954830?v=4" width="110px;"/><br /><sub>Chien Wei Lin</sub>](https://github.com/cwlin0416)<br />[🌍](#translation-cwlin0416 "Translation") | [<img src="https://avatars3.githubusercontent.com/u/11700533?v=4" width="110px;"/><br /><sub>Christian Schuster</sub>](https://github.com/Againstreality)<br />[🌍](#translation-Againstreality "Translation") | [<img src="https://avatars1.githubusercontent.com/u/4308704?v=4" width="110px;"/><br /><sub>Christian Stefanus</sub>](http://chriss.webhostid.com)<br />[🌍](#translation-kopi-item "Translation") | [<img src="https://avatars3.githubusercontent.com/u/3009327?v=4" width="110px;"/><br /><sub>wxcafé</sub>](http://wxcafe.net)<br />[🌍](#translation-wxcafe "Translation") | [<img src="https://avatars3.githubusercontent.com/u/35761525?v=4" width="110px;"/><br /><sub>dpyroc</sub>](https://github.com/dpyroc)<br />[🌍](#translation-dpyroc "Translation") | [<img src="https://avatars1.githubusercontent.com/u/2153639?v=4" width="110px;"/><br /><sub>Daniel Friedlmaier</sub>](http://www.friedlmaier.net)<br />[🌍](#translation-da-friedl "Translation") |
+| [<img src="https://avatars1.githubusercontent.com/u/2947640?v=4" width="110px;"/><br /><sub>Daniel Heene</sub>](https://github.com/danielheene)<br />[🌍](#translation-danielheene "Translation") | [<img src="https://avatars3.githubusercontent.com/u/319022?v=4" width="110px;"/><br /><sub>danielcb</sub>](https://github.com/danielcb)<br />[🌍](#translation-danielcb "Translation") | [<img src="https://avatars3.githubusercontent.com/u/15846537?v=4" width="110px;"/><br /><sub>Dominik Senti</sub>](https://github.com/dominiksenti)<br />[🌍](#translation-dominiksenti "Translation") | [<img src="https://avatars0.githubusercontent.com/u/25570954?v=4" width="110px;"/><br /><sub>Eric Gautheron</sub>](http://www.konectik.com)<br />[🌍](#translation-EpixFr "Translation") | [<img src="https://avatars1.githubusercontent.com/u/5732623?v=4" width="110px;"/><br /><sub>Erlend Pilø</sub>](https://erlpil.com)<br />[🌍](#translation-Erlpil "Translation") | [<img src="https://avatars0.githubusercontent.com/u/541832?v=4" width="110px;"/><br /><sub>Fabio Rapposelli</sub>](http://fabio.technology)<br />[🌍](#translation-frapposelli "Translation") | [<img src="https://avatars2.githubusercontent.com/u/3605240?v=4" width="110px;"/><br /><sub>Felipe Barros</sub>](https://github.com/fgbs)<br />[🌍](#translation-fgbs "Translation") |
+| [<img src="https://avatars0.githubusercontent.com/u/257745?v=4" width="110px;"/><br /><sub>Fernando Possebon</sub>](https://github.com/possebon)<br />[🌍](#translation-possebon "Translation") | [<img src="https://avatars3.githubusercontent.com/u/2540832?v=4" width="110px;"/><br /><sub>gdraque</sub>](https://github.com/gdraque)<br />[🌍](#translation-gdraque "Translation") | [<img src="https://avatars0.githubusercontent.com/u/23440381?v=4" width="110px;"/><br /><sub>Georg Wallisch</sub>](https://github.com/georgwallisch)<br />[🌍](#translation-georgwallisch "Translation") | [<img src="https://avatars1.githubusercontent.com/u/9852832?v=4" width="110px;"/><br /><sub>Gerardo Robles</sub>](https://github.com/jgroblesr85)<br />[🌍](#translation-jgroblesr85 "Translation") | [<img src="https://avatars2.githubusercontent.com/u/11082640?v=4" width="110px;"/><br /><sub>Gluek</sub>](https://t.me/Gluek)<br />[🌍](#translation-mrgluek "Translation") | [<img src="https://avatars0.githubusercontent.com/u/6847946?v=4" width="110px;"/><br /><sub>AdnanAbuShahad</sub>](https://github.com/AdnanAbuShahad)<br />[🌍](#translation-AdnanAbuShahad "Translation") | [<img src="https://avatars1.githubusercontent.com/u/3580608?v=4" width="110px;"/><br /><sub>Hafidzi My</sub>](https://hafidzi.my)<br />[🌍](#translation-hafidzi "Translation") |
+| [<img src="https://avatars2.githubusercontent.com/u/205521?v=4" width="110px;"/><br /><sub>Harim Park</sub>](https://github.com/fofwisdom)<br />[🌍](#translation-fofwisdom "Translation") | [<img src="https://avatars2.githubusercontent.com/u/3333841?v=4" width="110px;"/><br /><sub>Henrik Kentsson</sub>](http://www.kentsson.se)<br />[🌍](#translation-Kentsson "Translation") | [<img src="https://avatars0.githubusercontent.com/u/36551034?v=4" width="110px;"/><br /><sub>Husnul Yaqien</sub>](https://github.com/husnulyaqien)<br />[🌍](#translation-husnulyaqien "Translation") | [<img src="https://avatars1.githubusercontent.com/u/2372747?v=4" width="110px;"/><br /><sub>Ibrahim</sub>](http://abaalkhail.org)<br />[🌍](#translation-abaalkh "Translation") | [<img src="https://avatars0.githubusercontent.com/u/1389334?v=4" width="110px;"/><br /><sub>igolman</sub>](https://github.com/igolman)<br />[🌍](#translation-igolman "Translation") | [<img src="https://avatars1.githubusercontent.com/u/3257070?v=4" width="110px;"/><br /><sub>itangiang</sub>](https://github.com/itangiang)<br />[🌍](#translation-itangiang "Translation") | [<img src="https://avatars2.githubusercontent.com/u/14814254?v=4" width="110px;"/><br /><sub>jarby1211</sub>](https://github.com/jarby1211)<br />[🌍](#translation-jarby1211 "Translation") |
+| [<img src="https://avatars3.githubusercontent.com/u/6719357?v=4" width="110px;"/><br /><sub>Jhonn Willker</sub>](http://jwillker.com)<br />[🌍](#translation-JohnWillker "Translation") | [<img src="https://avatars2.githubusercontent.com/u/10983635?v=4" width="110px;"/><br /><sub>Jose</sub>](https://github.com/joxelito94)<br />[🌍](#translation-joxelito94 "Translation") | [<img src="https://avatars0.githubusercontent.com/u/5206122?v=4" width="110px;"/><br /><sub>laopangzi</sub>](https://github.com/laopangzi)<br />[🌍](#translation-laopangzi "Translation") | [<img src="https://avatars2.githubusercontent.com/u/79707?v=4" width="110px;"/><br /><sub>Lars Strojny</sub>](http://usrportage.de)<br />[🌍](#translation-lstrojny "Translation") | [<img src="https://avatars0.githubusercontent.com/u/389801?v=4" width="110px;"/><br /><sub>MarcosBL</sub>](http://twitter.com/marcosbl)<br />[🌍](#translation-MarcosBL "Translation") | [<img src="https://avatars3.githubusercontent.com/u/35664606?v=4" width="110px;"/><br /><sub>marie joy cajes</sub>](https://github.com/mariejoyacajes)<br />[🌍](#translation-mariejoyacajes "Translation") | [<img src="https://avatars2.githubusercontent.com/u/3052816?v=4" width="110px;"/><br /><sub>Mark S. Johansen</sub>](http://www.markjohansen.dk)<br />[🌍](#translation-msjohansen "Translation") |
+| [<img src="https://avatars2.githubusercontent.com/u/982885?v=4" width="110px;"/><br /><sub>Martin Stub</sub>](http://martinstub.dk)<br />[🌍](#translation-stubben "Translation") | [<img src="https://avatars2.githubusercontent.com/u/28959963?v=4" width="110px;"/><br /><sub>Meyer Flavio</sub>](https://github.com/meyerf99)<br />[🌍](#translation-meyerf99 "Translation") | [<img src="https://avatars3.githubusercontent.com/u/796443?v=4" width="110px;"/><br /><sub>Micael Rodrigues</sub>](https://github.com/MicaelRodrigues)<br />[🌍](#translation-MicaelRodrigues "Translation") | [<img src="https://avatars0.githubusercontent.com/u/10481331?v=4" width="110px;"/><br /><sub>Mikael Rasmussen</sub>](http://rubixy.com/)<br />[🌍](#translation-mikaelssen "Translation") | [<img src="https://avatars1.githubusercontent.com/u/1544552?v=4" width="110px;"/><br /><sub>IxFail</sub>](https://github.com/IxFail)<br />[🌍](#translation-IxFail "Translation") | [<img src="https://avatars3.githubusercontent.com/u/18483118?v=4" width="110px;"/><br /><sub>Mohammed Fota</sub>](http://www.mohammedfota.com)<br />[🌍](#translation-MohammedFota "Translation") | [<img src="https://avatars0.githubusercontent.com/u/227080?v=4" width="110px;"/><br /><sub>Moayad Alserihi</sub>](https://github.com/omego)<br />[🌍](#translation-omego "Translation") |
+| [<img src="https://avatars0.githubusercontent.com/u/1680266?v=4" width="110px;"/><br /><sub>saymd</sub>](https://github.com/saymd)<br />[🌍](#translation-saymd "Translation") | [<img src="https://avatars0.githubusercontent.com/u/1826808?v=4" width="110px;"/><br /><sub>Patrik Larsson</sub>](https://nordsken.se)<br />[🌍](#translation-pooot "Translation") | [<img src="https://avatars1.githubusercontent.com/u/20584746?v=4" width="110px;"/><br /><sub>drcryo</sub>](https://github.com/drcryo)<br />[🌍](#translation-drcryo "Translation") | [<img src="https://avatars1.githubusercontent.com/u/19408004?v=4" width="110px;"/><br /><sub>pawel1615</sub>](https://github.com/pawel1615)<br />[🌍](#translation-pawel1615 "Translation") | [<img src="https://avatars2.githubusercontent.com/u/23340468?v=4" width="110px;"/><br /><sub>bodrovics</sub>](https://github.com/bodrovics)<br />[🌍](#translation-bodrovics "Translation") | [<img src="https://avatars0.githubusercontent.com/u/3257654?v=4" width="110px;"/><br /><sub>priatna</sub>](https://github.com/priatna)<br />[🌍](#translation-priatna "Translation") | [<img src="https://avatars1.githubusercontent.com/u/5358374?v=4" width="110px;"/><br /><sub>Fan Jiang</sub>](https://amayume.net)<br />[🌍](#translation-ProfFan "Translation") |
+| [<img src="https://avatars1.githubusercontent.com/u/22555451?v=4" width="110px;"/><br /><sub>ragnarcx</sub>](https://github.com/ragnarcx)<br />[🌍](#translation-ragnarcx "Translation") | [<img src="https://avatars2.githubusercontent.com/u/18654582?v=4" width="110px;"/><br /><sub>Rein van Haaren</sub>](http://www.reinvanhaaren.nl/)<br />[🌍](#translation-reinvanhaaren "Translation") | [<img src="https://avatars1.githubusercontent.com/u/386672?v=4" width="110px;"/><br /><sub>Teguh Dwicaksana</sub>](http://dheche.songolimo.net)<br />[🌍](#translation-dheche "Translation") | [<img src="https://avatars2.githubusercontent.com/u/2572552?v=4" width="110px;"/><br /><sub>fraccie</sub>](https://github.com/FRaccie)<br />[🌍](#translation-FRaccie "Translation") | [<img src="https://avatars0.githubusercontent.com/u/35182720?v=4" width="110px;"/><br /><sub>vinzruzell</sub>](https://github.com/vinzruzell)<br />[🌍](#translation-vinzruzell "Translation") | [<img src="https://avatars1.githubusercontent.com/u/7883603?v=4" width="110px;"/><br /><sub>Kevin Austin</sub>](http://kevinaustin.com)<br />[🌍](#translation-vipsystem "Translation") | [<img src="https://avatars3.githubusercontent.com/u/3861828?v=4" width="110px;"/><br /><sub>Wira Sandy</sub>](http://azuraweb.xyz)<br />[🌍](#translation-wira-sandy "Translation") |
+| [<img src="https://avatars2.githubusercontent.com/u/8663789?v=4" width="110px;"/><br /><sub>Илья</sub>](https://github.com/GrayHoax)<br />[🌍](#translation-GrayHoax "Translation") | [<img src="https://avatars3.githubusercontent.com/u/30119111?v=4" width="110px;"/><br /><sub>GodUseVPN</sub>](https://github.com/godusevpn)<br />[🌍](#translation-godusevpn "Translation") | [<img src="https://avatars1.githubusercontent.com/u/745576?v=4" width="110px;"/><br /><sub>周周</sub>](https://github.com/EngrZhou)<br />[🌍](#translation-EngrZhou "Translation") | [<img src="https://avatars3.githubusercontent.com/u/1631095?v=4" width="110px;"/><br /><sub>Sam</sub>](https://github.com/takuy)<br />[💻](https://github.com/snipe/snipe-it/commits?author=takuy "Code") | [<img src="https://avatars1.githubusercontent.com/u/264022?v=4" width="110px;"/><br /><sub>Azerothian</sub>](https://www.illisian.com.au)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Azerothian "Code") | [<img src="https://avatars1.githubusercontent.com/u/4930051?v=4" width="110px;"/><br /><sub>Wes Hulette</sub>](http://macfoo.wordpress.com/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jwhulette "Code") | [<img src="https://avatars0.githubusercontent.com/u/8134591?v=4" width="110px;"/><br /><sub>patrict</sub>](https://github.com/patrict)<br />[💻](https://github.com/snipe/snipe-it/commits?author=patrict "Code") |
+| [<img src="https://avatars3.githubusercontent.com/u/2611616?v=4" width="110px;"/><br /><sub>Dmitriy Minaev</sub>](https://github.com/VELIKII-DIVAN)<br />[💻](https://github.com/snipe/snipe-it/commits?author=VELIKII-DIVAN "Code") | [<img src="https://avatars0.githubusercontent.com/u/5132245?v=4" width="110px;"/><br /><sub>liquidhorse</sub>](https://github.com/liquidhorse)<br />[💻](https://github.com/snipe/snipe-it/commits?author=liquidhorse "Code") | [<img src="https://avatars1.githubusercontent.com/u/183678?v=4" width="110px;"/><br /><sub>Jordi Boggiano</sub>](https://seld.be/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Seldaek "Code") | [<img src="https://avatars0.githubusercontent.com/u/653557?v=4" width="110px;"/><br /><sub>Ivan Nieto</sub>](https://github.com/inietov)<br />[💻](https://github.com/snipe/snipe-it/commits?author=inietov "Code") | [<img src="https://avatars2.githubusercontent.com/u/6764151?v=4" width="110px;"/><br /><sub>Ben RUBSON</sub>](https://github.com/benrubson)<br />[💻](https://github.com/snipe/snipe-it/commits?author=benrubson "Code") | [<img src="https://avatars2.githubusercontent.com/u/8554558?v=4" width="110px;"/><br /><sub>NMathar</sub>](https://github.com/NMathar)<br />[💻](https://github.com/snipe/snipe-it/commits?author=NMathar "Code") | [<img src="https://avatars1.githubusercontent.com/u/139566?v=4" width="110px;"/><br /><sub>Steffen</sub>](https://github.com/smb)<br />[💻](https://github.com/snipe/snipe-it/commits?author=smb "Code") |
+| [<img src="https://avatars0.githubusercontent.com/u/6609453?v=4" width="110px;"/><br /><sub>Sxderp</sub>](https://github.com/Sxderp)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Sxderp "Code") | [<img src="https://avatars1.githubusercontent.com/u/4807843?v=4" width="110px;"/><br /><sub>fanta8897</sub>](https://github.com/fanta8897)<br />[💻](https://github.com/snipe/snipe-it/commits?author=fanta8897 "Code") | [<img src="https://avatars2.githubusercontent.com/u/2576509?v=4" width="110px;"/><br /><sub>Andrey Bolonin</sub>](https://andreybolonin.com/phpconsulting/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=andreybolonin "Code") | [<img src="https://avatars3.githubusercontent.com/u/2173307?v=4" width="110px;"/><br /><sub>shinayoshi</sub>](http://www.shinayoshi.net/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=shinayoshi "Code") | [<img src="https://avatars3.githubusercontent.com/u/2130159?v=4" width="110px;"/><br /><sub>Hubert</sub>](https://github.com/reuser)<br />[💻](https://github.com/snipe/snipe-it/commits?author=reuser "Code") | [<img src="https://avatars0.githubusercontent.com/u/6865789?v=4" width="110px;"/><br /><sub>KeenRivals</sub>](https://brashear.me)<br />[💻](https://github.com/snipe/snipe-it/commits?author=KeenRivals "Code") | [<img src="https://avatars3.githubusercontent.com/u/2902513?v=4" width="110px;"/><br /><sub>omyno</sub>](https://github.com/omyno)<br />[💻](https://github.com/snipe/snipe-it/commits?author=omyno "Code") |
+| [<img src="https://avatars1.githubusercontent.com/u/6271335?v=4" width="110px;"/><br /><sub>Evgeny</sub>](https://github.com/jackka)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jackka "Code") | [<img src="https://avatars2.githubusercontent.com/u/1169963?v=4" width="110px;"/><br /><sub>Colin Campbell</sub>](https://digitalist.se)<br />[💻](https://github.com/snipe/snipe-it/commits?author=colin-campbell "Code") | [<img src="https://avatars3.githubusercontent.com/u/2872098?v=4" width="110px;"/><br /><sub>Ľubomír Kučera</sub>](https://github.com/lubo)<br />[💻](https://github.com/snipe/snipe-it/commits?author=lubo "Code") | [<img src="https://avatars3.githubusercontent.com/u/570639?v=4" width="110px;"/><br /><sub>Martin Meredith</sub>](https://www.sourceguru.net)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Mezzle "Code") | [<img src="https://avatars1.githubusercontent.com/u/7632599?v=4" width="110px;"/><br /><sub>Tim Farmer</sub>](https://github.com/timothyfarmer)<br />[💻](https://github.com/snipe/snipe-it/commits?author=timothyfarmer "Code") | [<img src="https://avatars0.githubusercontent.com/u/17459600?v=4" width="110px;"/><br /><sub>Marián Skrip</sub>](https://github.com/mskrip)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mskrip "Code") | [<img src="https://avatars2.githubusercontent.com/u/47435081?v=4" width="110px;"/><br /><sub>Godfrey Martinez</sub>](https://github.com/Godmartinz)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Godmartinz "Code") |
+| [<img src="https://avatars1.githubusercontent.com/u/2075128?v=4" width="110px;"/><br /><sub>bigtreeEdo</sub>](https://github.com/bigtreeEdo)<br />[💻](https://github.com/snipe/snipe-it/commits?author=bigtreeEdo "Code") | [<img src="https://avatars0.githubusercontent.com/u/5000430?v=4" width="110px;"/><br /><sub>Colin  McNeil</sub>](https://colinmcneil.me/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ColinMcNeil "Code") | [<img src="https://avatars0.githubusercontent.com/u/421625?v=4" width="110px;"/><br /><sub>JoKneeMo</sub>](https://github.com/JoKneeMo)<br />[💻](https://github.com/snipe/snipe-it/commits?author=JoKneeMo "Code") | [<img src="https://avatars0.githubusercontent.com/u/54849013?v=4" width="110px;"/><br /><sub>Joshi</sub>](http://www.redbridge.se)<br />[💻](https://github.com/snipe/snipe-it/commits?author=joshi-redbridge "Code") | [<img src="https://avatars2.githubusercontent.com/u/15731458?v=4" width="110px;"/><br /><sub>Anthony Burns</sub>](https://github.com/anthonypburns)<br />[💻](https://github.com/snipe/snipe-it/commits?author=anthonypburns "Code") | [<img src="https://avatars1.githubusercontent.com/u/63399474?v=4" width="110px;"/><br /><sub>johnson-yi</sub>](https://github.com/johnson-yi)<br />[💻](https://github.com/snipe/snipe-it/commits?author=johnson-yi "Code") | [<img src="https://avatars1.githubusercontent.com/u/1862720?v=4" width="110px;"/><br /><sub>Sanjay Govind</sub>](https://tangentmc.net)<br />[💻](https://github.com/snipe/snipe-it/commits?author=sanjay900 "Code") |
+| [<img src="https://avatars0.githubusercontent.com/u/1255375?v=4" width="110px;"/><br /><sub>Peter Upfold</sub>](https://peter.upfold.org.uk/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=PeterUpfold "Code") | [<img src="https://avatars2.githubusercontent.com/u/961717?v=4" width="110px;"/><br /><sub>Jared Biel</sub>](https://github.com/jbiel)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jbiel "Code") | [<img src="https://avatars1.githubusercontent.com/u/1733625?v=4" width="110px;"/><br /><sub>Dampfklon</sub>](https://github.com/dampfklon)<br />[💻](https://github.com/snipe/snipe-it/commits?author=dampfklon "Code") | [<img src="https://avatars2.githubusercontent.com/u/52973156?v=4" width="110px;"/><br /><sub>Charles Hamilton</sub>](https://communityclosing.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=chamilton-ccn "Code") | [<img src="https://avatars.githubusercontent.com/u/551789?v=4" width="110px;"/><br /><sub>Giuseppe Iannello</sub>](https://github.com/giannello)<br />[💻](https://github.com/snipe/snipe-it/commits?author=giannello "Code") | [<img src="https://avatars.githubusercontent.com/u/3691490?v=4" width="110px;"/><br /><sub>Peter Dave Hello</sub>](https://www.peterdavehello.org/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=PeterDaveHello "Code") | [<img src="https://avatars.githubusercontent.com/u/6106332?v=4" width="110px;"/><br /><sub>sigmoidal</sub>](https://github.com/sigmoidal)<br />[💻](https://github.com/snipe/snipe-it/commits?author=sigmoidal "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/2082554?v=4" width="110px;"/><br /><sub>Vincent Lainé</sub>](https://github.com/phenixdotnet)<br />[💻](https://github.com/snipe/snipe-it/commits?author=phenixdotnet "Code") | [<img src="https://avatars.githubusercontent.com/u/1943040?v=4" width="110px;"/><br /><sub>Lucas Pleß</sub>](http://www.lucas-pless.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=derlucas "Code") | [<img src="https://avatars.githubusercontent.com/u/472804?v=4" width="110px;"/><br /><sub>Ian Littman</sub>](http://twitter.com/iansltx)<br />[💻](https://github.com/snipe/snipe-it/commits?author=iansltx "Code") | [<img src="https://avatars.githubusercontent.com/u/3519029?v=4" width="110px;"/><br /><sub>João Paulo</sub>](https://github.com/PauloLuna)<br />[💻](https://github.com/snipe/snipe-it/commits?author=PauloLuna "Code") | [<img src="https://avatars.githubusercontent.com/u/70443365?v=4" width="110px;"/><br /><sub>ThoBur</sub>](https://github.com/ThoBur)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ThoBur "Code") | [<img src="https://avatars.githubusercontent.com/u/1972329?v=4" width="110px;"/><br /><sub>Alexander Chibrikin</sub>](http://phpprofi.ru/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=alek13 "Code") | [<img src="https://avatars.githubusercontent.com/u/438332?v=4" width="110px;"/><br /><sub>Anthony Winstanley</sub>](https://github.com/winstan)<br />[💻](https://github.com/snipe/snipe-it/commits?author=winstan "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/3075214?v=4" width="110px;"/><br /><sub>Folke</sub>](https://github.com/fashberg)<br />[💻](https://github.com/snipe/snipe-it/commits?author=fashberg "Code") | [<img src="https://avatars.githubusercontent.com/u/1351571?v=4" width="110px;"/><br /><sub>Bennett Blodinger</sub>](https://github.com/benwa)<br />[💻](https://github.com/snipe/snipe-it/commits?author=benwa "Code") | [<img src="https://avatars.githubusercontent.com/u/2974631?v=4" width="110px;"/><br /><sub>NMC</sub>](https://nmc.dev)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ncareau "Code") | [<img src="https://avatars.githubusercontent.com/u/52182449?v=4" width="110px;"/><br /><sub>andres-baller</sub>](https://github.com/andres-baller)<br />[💻](https://github.com/snipe/snipe-it/commits?author=andres-baller "Code") | [<img src="https://avatars.githubusercontent.com/u/67109348?v=4" width="110px;"/><br /><sub>sean-borg</sub>](https://github.com/sean-borg)<br />[💻](https://github.com/snipe/snipe-it/commits?author=sean-borg "Code") | [<img src="https://avatars.githubusercontent.com/u/32170051?v=4" width="110px;"/><br /><sub>EDVLeer</sub>](https://github.com/EDVLeer)<br />[💻](https://github.com/snipe/snipe-it/commits?author=EDVLeer "Code") | [<img src="https://avatars.githubusercontent.com/u/23075196?v=4" width="110px;"/><br /><sub>Kurokat</sub>](https://github.com/Kurokat)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Kurokat "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/915514?v=4" width="110px;"/><br /><sub>Kevin Köllmann</sub>](https://www.kevinkoellmann.de)<br />[💻](https://github.com/snipe/snipe-it/commits?author=koelle25 "Code") | [<img src="https://avatars.githubusercontent.com/u/49025941?v=4" width="110px;"/><br /><sub>sw-mreyes</sub>](https://github.com/sw-mreyes)<br />[💻](https://github.com/snipe/snipe-it/commits?author=sw-mreyes "Code") |
+<!-- ALL-CONTRIBUTORS-LIST:END -->
+
+This project follows the [all-contributors](https://github.com/kentcdodds/all-contributors) specification. Contributions of any kind welcome!
+
--- a/26
+++ b/26
@@ -5,6 +5,14 @@ SNIPEIT_SH_URL= "https://raw.githubusercontent.com/snipe/snipe-it/master/snipeit
 NETWORK_BRIDGE= "en0: Wi-Fi (AirPort)"

 Vagrant.configure("2") do |config|
+  config.vm.define "bionic" do |bionic|
+    bionic.vm.box = "ubuntu/bionic64"
+    bionic.vm.hostname = 'bionic'
+    bionic.vm.network "public_network", bridge: NETWORK_BRIDGE
+    bionic.vm.provision :shell, :inline => "wget #{SNIPEIT_SH_URL}"
+    bionic.vm.provision :shell, :inline => "chmod 755 snipeit.sh"
+  end
+
  config.vm.define "xenial" do |xenial|
    xenial.vm.box = "ubuntu/xenial64"
    xenial.vm.hostname = 'xenial'
@@ -73,4 +81,22 @@ Vagrant.configure("2") do |config|
    fedora26.vm.provision :shell, :inline => "wget #{SNIPEIT_SH_URL}"
    fedora26.vm.provision :shell, :inline => "chmod 755 snipeit.sh"
  end
+
+  config.vm.define "freebsd" do |freebsd|
+    freebsd.vm.box = "freebsd/FreeBSD-11.2-RELEASE"
+    freebsd.vm.hostname = 'freebsd12'
+    freebsd.vm.network "forwarded_port", guest: 80, host: 8080
+    freebsd.vm.network "forwarded_port", guest:3306, host:3306 # mysql    
+    freebsd.vm.network "private_network", type: "dhcp"
+    freebsd.ssh.shell = "sh"
+    freebsd.vm.base_mac = "080027D14C66"
+    freebsd.vm.synced_folder ".", "/vagrant", :nfs => true, id: "vagrant-root",
+    :mount_options => ['rw', 'vers=3', 'tcp', 'actimeo=2']    
+    freebsd.vm.provision "shell", inline: <<-SHELL
+        pkg install -y python27;
+    SHELL
+    freebsd.vm.provision "ansible" do |ansible|
+        ansible.playbook = "ansible/freebsd/vagrant_playbook.yml"
+    end    
+  end  
 end
--- a/public/_debugbar/assets/jquery.min.map
+++ b/public/_debugbar/assets/jquery.min.map
--- a/ansible/freebsd/vagrant_playbook.yml
+++ b/ansible/freebsd/vagrant_playbook.yml
@@ -0,0 +1,260 @@
+---
+- name: Set up local server
+  hosts: all
+  remote_user: vagrant
+  become_user: root
+  become_method: sudo
+  vars:
+    - ansible_python_interpreter: /usr/local/bin/python2.7
+  gather_facts: no
+
+# Tasks    
+  tasks:
+
+    #
+    # Update the PKG database
+    #
+    - name: Upgrade PKG database
+      raw: sudo pkg upgrade -y  
+
+    #
+    # Mount the shared folders
+    #
+    - name: Update Vagrant Shared Folders
+      command:  "{{ item }}"
+      with_items:
+        - sysrc rpc_lockd_enable=YES
+        - sysrc rpc_statd_enable=YES
+      become: true   
+
+    #
+    # Install required utilities
+    #
+    - name: Install Utilities
+      pkgng:
+        name: "{{ item }}"
+        state: present 
+      with_items: 
+        - openssl
+        - node
+        - npm
+        - git
+        - nano
+        - wget
+        - bash
+      become: true          
+
+    #
+    # Install php and php dependancies
+    #
+    - name: Install PHP dependancies
+      pkgng:
+        name: "{{ item }}"
+        state: present
+      with_items: 
+        - php72
+        - php72-zip    
+        - php72-zlib   
+        - php72-extensions 
+        - php72-mbstring 
+        - php72-openssl 
+        # - php72-mysqli 
+        - php72-curl 
+        - php72-soap 
+        - php72-pdo_mysql 
+        # - php72-pdo_pgsql
+        - php72-ldap
+        - php72-curl
+        - php72-fileinfo
+        - php72-bcmath
+        - php72-gd
+      become: true
+
+    #
+    # Create a php.ini file
+    #
+    - name: PHP INI check
+      stat:
+        path: /usr/local/etc/php.ini
+      register: php_ini_exits
+
+    - name: Create PHP ini
+      command: cp /usr/local/etc/php.ini-development /usr/local/etc/php.ini
+      become: true
+      when: not php_ini_exits.stat.exists
+
+    - name: Enable PHP-FPM auto-start
+      command: sysrc php_fpm_enable=YES
+      become: true
+
+    - name: Start PHP-FPM service
+      service:
+        name: php-fpm
+        state: started
+      become: true   
+
+    #
+    # Install the lastest version of composer
+    #
+    - name: Composer check
+      stat:
+        path: /usr/local/bin/composer
+      register: composer_exits
+
+    - name: Install Composer
+      shell: |
+        EXPECTED_SIGNATURE=$(wget -q -O - https://composer.github.io/installer.sig)
+        php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
+        ACTUAL_SIGNATURE=$(php -r "echo hash_file('SHA384', 'composer-setup.php');")
+
+        if [ "$EXPECTED_SIGNATURE" != "$ACTUAL_SIGNATURE" ]
+        then
+            >&2 echo 'ERROR: Invalid installer signature'
+            rm composer-setup.php
+            exit 1
+        fi
+
+        php composer-setup.php --quiet
+        RESULT=$?
+        rm composer-setup.php
+        mv composer.phar /usr/local/bin/composer
+        exit $RESULT
+      when: not composer_exits.stat.exists
+      become: true
+
+    #
+    # Install MySQL Server
+    
+    - name: Install MySQL 5.7
+      pkgng:
+        name: mysql57-server
+        state: present
+      become: true    
+      register: sql_server
+
+    - name: Start MySQL server
+      service:
+        name: mysql-server
+        state: started
+      become: true 
+
+    - name: MySQL 5.7 auto-start
+      command: sysrc mysql_enable=YES
+      become: true
+      when: sql_server.changed == true
+      
+    - name: Get MySQL root password
+      command: tail -1 /root/.mysql_secret
+      register: myql_root_pwd
+      become: true 
+      when: sql_server.changed == true
+
+    - name: Change MySQL root password
+      command: mysqladmin -u root -p'{{myql_root_pwd.stdout}}' password vagrant
+      when: sql_server.changed == true
+
+    - name: Enable remote mysql
+      replace:
+        path: /usr/local/etc/mysql/my.cnf
+        regexp: "127.0.0.1"
+        replace: "0.0.0.0" 
+      become: true         
+      when: sql_server.changed == true 
+
+    - name: Grant user vagrant privelages
+      shell: mysql -u root -pvagrant -e "GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY 'vagrant' WITH GRANT OPTION; FLUSH PRIVILEGES;"
+      become: true 
+      when: sql_server.changed == true
+      ignore_errors: true
+
+    - name: Restart MySQL server
+      service:
+        name: mysql-server
+        state: restarted
+      become: true          
+
+
+    #  
+    # Install Apache Web Server
+    #
+    - name: Install Apache 2.4
+      pkgng:
+        name: apache24
+        state: present
+      become: true    
+      register: apache24_server     
+
+    - name: Apache 2.4 auto-start
+      command: sysrc apache24_enable=YES
+      become: true
+      when: apache24_server.changed == true 
+
+    - name: Enable Apache modules
+      replace:
+        path: /usr/local/etc/apache24/httpd.conf
+        regexp: "#{{ item }}"
+        replace: "{{ item }}" 
+      become: true 
+      with_items: 
+        - LoadModule rewrite_module libexec/apache24/mod_rewrite.so
+        - LoadModule vhost_alias_module libexec/apache24/mod_vhost_alias.so
+        - LoadModule deflate_module libexec/apache24/mod_deflate.so
+        - LoadModule expires_module libexec/apache24/mod_expires.so
+        - LoadModule mpm_worker_module libexec/apache24/mod_mpm_worker.so
+        - LoadModule proxy_fcgi_module libexec/apache24/mod_proxy_fcgi.so
+        - LoadModule proxy_module libexec/apache24/mod_proxy.so      
+        - Include etc/apache24/extra/httpd-vhosts.conf
+      when: apache24_server.changed == true  
+
+    - name: Disable Apache modules
+      replace:
+        path: /usr/local/etc/apache24/httpd.conf
+        regexp: "{{ item }}"
+        replace: "#{{ item }}" 
+      become: true 
+      with_items: 
+        - LoadModule mpm_prefork_module libexec/apache24/mod_mpm_prefork.so
+      when: apache24_server.changed == true            
+
+    - name: Backup vhosts
+      command: cp /usr/local/etc/apache24/extra/httpd-vhosts.conf /usr/local/etc/apache24/extra/httpd-vhosts.conf.bak
+      become: true
+      when: apache24_server.changed == true 
+
+    - name: Truncate vhosts
+      command: truncate -s 0 /usr/local/etc/apache24/extra/httpd-vhosts.conf
+      become: true
+      when: apache24_server.changed == true 
+
+    - name: Set up vhost
+      blockinfile:
+        path: "/usr/local/etc/apache24/extra/httpd-vhosts.conf"    
+        block: |
+          <VirtualHost *>
+              DocumentRoot /usr/local/www/apache24/data/public
+              ServerName vagrant.app              
+              ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9000/usr/local/www/apache24/data/public/$1
+              DirectoryIndex /index.php index.php
+              <Directory /usr/local/www/apache24/data/public>
+                  Options -Indexes +FollowSymLinks
+                  AllowOverride All
+                  Require all granted
+              </Directory>
+            </VirtualHost>
+      become: true
+      when: apache24_server.changed == true 
+
+    - name: Map apache dir to local folder
+      shell: |
+        if ! [ -L /var/www ]; then
+          rm -rf /usr/local/www/apache24/data;
+          ln -fs /vagrant /usr/local/www/apache24/data;
+        fi
+      become: true
+      when: apache24_server.changed == true
+
+    - name: Start Apache 2.4 server
+      service:
+        name: apache24
+        state: started
+      become: true     
--- a/app/Console/Commands/CheckinLicensesFromAllUsers.php
+++ b/app/Console/Commands/CheckinLicensesFromAllUsers.php
@@ -0,0 +1,95 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\LicenseSeat;
+use Illuminate\Console\Command;
+use App\Models\User;
+use App\Models\License;
+use Illuminate\Database\Eloquent\Model;
+
+class CheckinLicensesFromAllUsers extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:checkin-from-all {--license_id=} {--notify}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Checks in licenses from all users';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+        $license_id = $this->option('license_id');
+        $notify = $this->option('notify');
+
+        if (!$license_id) {
+            $this->error('ERROR: License ID is required.');
+            return false;
+        }
+
+
+        if (!$license = License::where('id','=',$license_id)->first()) {
+            $this->error('Invalid license ID');
+            return false;
+        }
+
+        $this->info('Checking in ALL seats for '.$license->name);
+
+
+        $licenseSeats = LicenseSeat::where('license_id', '=', $license_id)
+            ->whereNotNull('assigned_to')
+            ->with('user')
+            ->get();
+
+        $this->info(' There are ' .$licenseSeats->count(). ' seats checked out: ');
+
+        if (!$notify) {
+            $this->info('No mail will be sent.');
+        }
+
+        foreach ($licenseSeats as $seat) {
+            $this->info($seat->user->username .' has a license seat for '.$license->name);
+            $seat->assigned_to = null;
+
+            if ($seat->save()) {
+
+                // Override the email address so we don't notify on checkin
+                if (!$notify) {
+                    $seat->user->email = null;
+                }
+
+                // Log the checkin
+                $seat->logCheckin($seat->user, 'Checked in via cli tool');
+            }
+
+
+
+
+        }
+        
+
+    }
+}
--- a/app/Console/Commands/CheckoutLicenseToAllUsers.php
+++ b/app/Console/Commands/CheckoutLicenseToAllUsers.php
@@ -0,0 +1,112 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\LicenseSeat;
+use Illuminate\Console\Command;
+use App\Models\User;
+use App\Models\License;
+use Illuminate\Database\Eloquent\Model;
+
+class CheckoutLicenseToAllUsers extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:checkout-to-all {--license_id=} {--notify}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Command description';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+        $license_id = $this->option('license_id');
+        $notify = $this->option('notify');
+
+        if (!$license_id) {
+             $this->error('ERROR: License ID is required.');
+             return false;
+        }
+
+
+        if (!$license = License::where('id','=',$license_id)->with('assignedusers')->first()) {
+            $this->error('Invalid license ID');
+            return false;
+        }
+
+        $users = User::whereNull('deleted_at')->with('licenses')->get();
+
+        if ($users->count() > $license->getAvailSeatsCountAttribute()) {
+            $this->info('You do not have enough free seats to complete this task, so we will check out as many as we can. ');
+        }
+
+        $this->info('Checking out '.$users->count().' of '.$license->getAvailSeatsCountAttribute().' seats for '.$license->name);
+
+        if (!$notify) {
+            $this->info('No mail will be sent.');
+        }
+
+        foreach ($users as $user) {
+
+            // Check to make sure this user doesn't already have this license checked out
+            // to them
+
+            if ($user->licenses->where('id', '=', $license_id)->count()) {
+                $this->info($user->username .' already has this license checked out to them. Skipping... ');
+                continue;
+            }
+
+            
+            // If the license is valid, check that there is an available seat
+            if ($license->availCount()->count() < 1) {
+                $this->error('ERROR: No available seats');
+                return false;
+            }
+
+            $this->info($license->availCount()->count().' seats left');
+            // Get the seat ID
+            $licenseSeat = $license->freeSeat();
+
+
+            // Update the seat with checkout info,
+           $licenseSeat->assigned_to = $user->id;
+            if ($licenseSeat->save()) {
+
+                // Temporarily null the user's email address so we don't send mail if we're not supposed to
+                if (!$notify) {
+                    $user->email = null;
+                }
+
+                // Log the checkout
+                $licenseSeat->logCheckout('Checked out via cli tool', $user);
+                $this->info('License '.$license_id.' seat '.$licenseSeat->id.' checked out to '.$user->username);
+            }
+
+        }
+
+
+
+    }
+}
--- a/app/Console/Commands/CreateAdmin.php
+++ b/app/Console/Commands/CreateAdmin.php
@@ -76,10 +76,4 @@ class CreateAdmin extends Command

    }

-  //   protected function getArguments()
-  // 	{
-  // 		return array(
-  // 			array('username', InputArgument::REQUIRED, 'Username'),
-  // 		);
-    // }
 }
--- a/app/Console/Commands/DisableLDAP.php
+++ b/app/Console/Commands/DisableLDAP.php
@@ -2,8 +2,8 @@

 namespace App\Console\Commands;

-use Illuminate\Console\Command;
 use App\Models\Setting;
+use Illuminate\Console\Command;

 class DisableLDAP extends Command
 {
@@ -41,7 +41,7 @@ class DisableLDAP extends Command

        if ($this->confirm("\n****************************************************\nThis will disable LDAP support. You will not be able \nto login with an account that does not exist \nlocally in the Snipe-IT local database. \n****************************************************\n\nDo you wish to continue? [y|N]")) {

-            $setting = Setting::first();
+            $setting = Setting::getSettings();
            $setting->ldap_enabled = 0;
            if ($setting->save()) {
                $this->info('LDAP has been set to disabled.');
--- a/app/Console/Commands/FixDoubleEscape.php
+++ b/app/Console/Commands/FixDoubleEscape.php
@@ -71,7 +71,7 @@ class FixDoubleEscape extends Command

                    foreach($classname::where("$field",'LIKE','%&%')->get() as $row) {
                        $this->info('Updating '.$field.' for '.$classname);
-                        $row->{$field} = html_entity_decode($row->{$field});
+                        $row->{$field} = html_entity_decode($row->{$field},ENT_QUOTES);
                        $row->save();
                        $count[$classname][$field]++;

--- a/app/Console/Commands/FixMismatchedAssetsAndLogs.php
+++ b/app/Console/Commands/FixMismatchedAssetsAndLogs.php
@@ -0,0 +1,105 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\Actionlog;
+use App\Models\Asset;
+use Illuminate\Console\Command;
+
+class FixMismatchedAssetsAndLogs extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:fix-assets-and-logs {--dryrun : Run the sync process but don\'t update the database}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This script attempts to check the log table and check that the assets.assigned_to matches the last checkout.';
+
+    /**
+     * Is dry-run?
+     *
+     * @var bool
+     */
+    private $dryrun = false;
+
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+        if ($this->option('dryrun')) {
+            $this->dryrun = true;
+        }
+
+        if ($this->dryrun) {
+            $this->info('This is a DRY RUN - no changes will be saved.' );
+        }
+
+        $mismatch_count = 0;
+        $assets = Asset::whereNotNull('assigned_to')
+            ->where('assigned_type', '=', 'App\\Models\\User')
+            ->orderBy('id', 'ASC')->get();
+        foreach ($assets as $asset) {
+
+            // get the last checkout of the asset
+            if ($checkout_log = Actionlog::where('target_type', '=', 'App\\Models\\User')
+                ->where('action_type', '=', 'checkout')
+                ->where('item_id', '=', $asset->id)
+                ->orderBy('created_at', 'DESC')
+                ->first()) {
+
+                    // Now check for a subsequent checkin log - we want to ignore those
+                    if (!$checkin_log = Actionlog::where('target_type', '=', 'App\\Models\\User')
+                        ->where('action_type', '=', 'checkin from')
+                        ->where('item_id', '=', $asset->id)
+                        ->whereDate('created_at', '>', $checkout_log->created_at)
+                        ->orderBy('created_at', 'DESC')
+                        ->first()) {
+
+                        //print_r($asset);
+                        if ($checkout_log->target_id != $asset->assigned_to) {
+                            $this->error('Log ID: '.$checkout_log->id.' -- Asset ID '. $checkout_log->item_id.' SHOULD BE checked out to User '.$checkout_log->target_id.' but its assigned_to is '.$asset->assigned_to );
+
+                            if (!$this->dryrun) {
+                                $asset->assigned_to = $checkout_log->target_id;
+                                if ($asset->save()) {
+                                    $this->info('Asset record updated.');
+                                } else {
+                                    $this->error('Error updating asset: '.$asset->getErrors());
+                                }
+                            }
+                            $mismatch_count++;
+                        }
+                    } else {
+                        //$this->info('Asset ID '.$asset->id.': There is a checkin '.$checkin_log->created_at.' after this checkout '.$checkout_log->created_at);
+
+                    }
+
+            }
+
+        }
+        $this->info($mismatch_count.' mismatched assets.');
+
+    }
+}
--- a/app/Console/Commands/ImportLocations.php
+++ b/app/Console/Commands/ImportLocations.php
@@ -0,0 +1,162 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+use League\Csv\Reader;
+use App\Models\Location;
+
+class ImportLocations extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:import-locations {filename}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Import locations and their parents';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+
+        if (!ini_get("auto_detect_line_endings")) {
+            ini_set("auto_detect_line_endings", '1');
+        }
+
+        $filename = $this->argument('filename');
+        $csv = Reader::createFromPath(storage_path('private_uploads/imports/').$filename, 'r');
+        $this->info('Attempting to process: '.storage_path('private_uploads/imports/').$filename);
+        $csv->setHeaderOffset(0); //because we don't want to insert the header
+        $results = $csv->getRecords();
+
+        // Import parent location names first if they don't exist
+        foreach ($results as $parent_index => $parent_row) {
+
+            if (array_key_exists('Parent Name', $parent_row)) {
+                $parent_name = trim($parent_row['Parent Name']);
+                if (array_key_exists('Name', $parent_row)) {
+                    $this->info('- Parent: ' . $parent_name . ' in row as: ' . trim($parent_row['Parent Name']));
+                }
+
+                // Save parent location name
+                // This creates a sort of name-stub that we'll update later on in this script
+                $parent_location = Location::firstOrCreate(array('name' => $parent_name));
+                if (array_key_exists('Name', $parent_row)) {
+                    $this->info('Parent for ' . $parent_row['Name'] . ' is ' . $parent_name . '. Attempting to save ' . $parent_name . '.');
+                }
+
+                // Check if the record was updated or created.
+                // This is mostly for clearer debugging.
+                if ($parent_location->exists) {
+                    $this->info('- Parent location '.$parent_name.' already exists.');
+                } else {
+                    $this->info('- Parent location '.$parent_name.' was created.');
+                }
+
+            } else {
+                $this->info('- No Parent Name provided, so no parent location will be created.');
+            }
+
+        }
+
+        $this->info('----- Parents Created.... backfilling additional details... --------');
+        // Loop through ALL records and add/update them if there are additional fields
+        // besides name
+        foreach ($results as $index => $row) {
+
+            if (array_key_exists('Parent Name', $row)) {
+                $parent_name = trim($row['Parent Name']);
+            } else {
+                $parent_name = null;
+            }
+
+            // Set the location attributes to save
+            if (array_key_exists('Name', $row)) {
+                $location = Location::firstOrCreate(array('name' => trim($row['Name'])));
+                $location->name = trim($row['Name']);
+                $this->info('Checking location: '.$location->name);
+            } else {
+                $this->error('Location name is required and is missing from at least one row in this dataset. Check your CSV for extra trailing rows and try again.');
+                return false;
+            }
+            if (array_key_exists('Currency', $row)) {
+                $location->currency = trim($row['Currency']);
+            }
+            if (array_key_exists('Address 1', $row)) {
+                $location->address = trim($row['Address 1']);
+            }
+            if (array_key_exists('Address 2', $row)) {
+                $location->address2 = trim($row['Address 2']);
+            }
+            if (array_key_exists('City', $row)) {
+                $location->city = trim($row['City']);
+            }
+            if (array_key_exists('State', $row)) {
+                $location->state = trim($row['State']);
+            }
+            if (array_key_exists('Zip', $row)) {
+                $location->zip = trim($row['Zip']);
+            }
+            if (array_key_exists('Country', $row)) {
+                $location->country = trim($row['Country']);
+            }
+            if (array_key_exists('OU', $row)) {
+                $location->ldap_ou = trim($row['OU']);
+            }
+
+
+            // If a parent name is provided, we created it earlier in the script,
+            // so let's grab that ID
+            if ($parent_name) {
+                $this->info('-- Searching for Parent Name: '.$parent_name);
+                $parent = Location::where('name', '=', $parent_name)->first();
+                $location->parent_id = $parent->id;
+                $this->info('Parent: '.$parent_name.' - ID: '.$parent->id);
+            }
+
+            // Make sure the more advanced (non-name) fields pass validation
+            if (($location->isValid()) && ($location->save())) {
+
+                // Check if the record was updated or created.
+                // This is mostly for clearer debugging.
+                if ($location->exists) {
+                    $this->info('Location ' . $location->name . ' already exists. Updating...');
+                } else {
+                    $this->info('- Location '.$location->name.' was created. ');
+                }
+
+            // If there's a validation error, display that
+            } else {
+                $this->error('- Non-parent Location '.$location->name.' could not be created: '.$location->getErrors() );
+            }
+
+
+
+
+        }
+
+
+    }
+}
--- a/app/Console/Commands/LdapSync.php
+++ b/app/Console/Commands/LdapSync.php
@@ -42,9 +42,8 @@ class LdapSync extends Command
     */
    public function handle()
    {
-        ini_set('max_execution_time', 600); //600 seconds = 10 minutes
-        ini_set('memory_limit', '500M');
-
+        ini_set('max_execution_time', env('LDAP_TIME_LIM', 600)); //600 seconds = 10 minutes
+        ini_set('memory_limit', env('LDAP_MEM_LIM', '500M'));
        $ldap_result_username = Setting::getSettings()->ldap_username_field;
        $ldap_result_last_name = Setting::getSettings()->ldap_lname_field;
        $ldap_result_first_name = Setting::getSettings()->ldap_fname_field;
@@ -61,16 +60,16 @@ class LdapSync extends Command
                $json_summary = [ "error" => true, "error_message" => $e->getMessage(), "summary" => [] ];
                $this->info(json_encode($json_summary));
            }
-            LOG::error($e);
+            LOG::info($e);
            return [];
        }

        $summary = array();

-        try {    
+        try {
            if ($this->option('base_dn') != '') {
                $search_base = $this->option('base_dn');
-                LOG::debug('Importing users from specified base DN: \"'.$search_base.'\".');                
+                LOG::debug('Importing users from specified base DN: \"'.$search_base.'\".');
            } else {
                $search_base = null;
            }
@@ -80,12 +79,12 @@ class LdapSync extends Command
                $json_summary = [ "error" => true, "error_message" => $e->getMessage(), "summary" => [] ];
                $this->info(json_encode($json_summary));
            }
-            LOG::error($e);
+            LOG::info($e);
            return [];
        }

        /* Determine which location to assign users to by default. */
-        $location = NULL;
+        $location = NULL; // FIXME - this would be better called "$default_location", which is more explicit about its purpose

        if ($this->option('location')!='') {
            $location = Location::where('name', '=', $this->option('location'))->first();
@@ -106,9 +105,9 @@ class LdapSync extends Command
            // Retrieve locations with a mapped OU, and sort them from the shallowest to deepest OU (see #3993)
            $ldap_ou_locations = Location::where('ldap_ou', '!=', '')->get()->toArray();
            $ldap_ou_lengths = array();
-            
-            foreach ($ldap_ou_locations as $location) {
-                $ldap_ou_lengths[] = strlen($location["ldap_ou"]);
+
+            foreach ($ldap_ou_locations as $ou_loc) {
+                $ldap_ou_lengths[] = strlen($ou_loc["ldap_ou"]);
            }

            array_multisort($ldap_ou_lengths, SORT_ASC, $ldap_ou_locations);
@@ -125,18 +124,33 @@ class LdapSync extends Command

            // Grab subsets based on location-specific DNs, and overwrite location for these users.
            foreach ($ldap_ou_locations as $ldap_loc) {
-                $location_users = Ldap::findLdapUsers($ldap_loc["ldap_ou"]);
+                try {
+                    $location_users = Ldap::findLdapUsers($ldap_loc["ldap_ou"]);
+                } catch (\Exception $e) { // FIXME: this is stolen from line 77 or so above
+                    if ($this->option('json_summary')) {
+                        $json_summary = [ "error" => true, "error_message" => trans('admin/users/message.error.ldap_could_not_search')." Location: ".$ldap_loc['name']." (ID: ".$ldap_loc['id'].") cannot connect to \"".$ldap_loc["ldap_ou"]."\" - ".$e->getMessage(), "summary" => [] ];
+                        $this->info(json_encode($json_summary));
+                    }
+                    LOG::info($e);
+                    return [];
+                }
                $usernames = array();
                for ($i = 0; $i < $location_users["count"]; $i++) {
-                    $location_users[$i]["ldap_location_override"] = true;
-                    $location_users[$i]["location_id"] = $ldap_loc["id"];
-                    $usernames[] = $location_users[$i][$ldap_result_username][0];
+
+                    if (array_key_exists($ldap_result_username, $location_users[$i])) {
+                        $location_users[$i]["ldap_location_override"] = true;
+                        $location_users[$i]["location_id"] = $ldap_loc["id"];
+                        $usernames[] = $location_users[$i][$ldap_result_username][0];
+                    }
+
                }

                // Delete located users from the general group.
                foreach ($results as $key => $generic_entry) {
-                    if (in_array($generic_entry[$ldap_result_username][0], $usernames)) {
-                        unset($results[$key]);
+                   if ((is_array($generic_entry)) && (array_key_exists($ldap_result_username, $generic_entry))) {
+                        if (in_array($generic_entry[$ldap_result_username][0], $usernames)) {
+                            unset($results[$key]);
+                        }
                    }
                }

@@ -162,30 +176,61 @@ class LdapSync extends Command
                $item["ldap_location_override"] = isset($results[$i]["ldap_location_override"]) ? $results[$i]["ldap_location_override"]:"";
                $item["location_id"] = isset($results[$i]["location_id"]) ? $results[$i]["location_id"]:"";

-                if ( array_key_exists('useraccountcontrol', $results[$i]) ) {
-                    $enabled_accounts = [
-                        '512', '544', '66048', '66080', '262656', '262688', '328192', '328224'
-                    ];
-                    $item['activated'] = ( in_array($results[$i]['useraccountcontrol'][0], $enabled_accounts) ) ? 1 : 0;
+                $user = User::where('username', $item["username"])->first();
+                if ($user) {
+                    // Updating an existing user.
+                    $item["createorupdate"] = 'updated';
                } else {
-                    $item['activated'] = 0;
-                }
-
-                // User exists
-                $item["createorupdate"] = 'updated';
-                if (!$user = User::where('username', $item["username"])->first()) {
+                    // Creating a new user.
                    $user = new User;
                    $user->password = $pass;
+                    $user->activated = 0;
                    $item["createorupdate"] = 'created';
                }

-                // Create the user if they don't exist.
-                $user->first_name = e($item["firstname"]);
-                $user->last_name = e($item["lastname"]);
-                $user->username = e($item["username"]);
-                $user->email = e($item["email"]);
+                $user->first_name = $item["firstname"];
+                $user->last_name = $item["lastname"];
+                $user->username = $item["username"];
+                $user->email = $item["email"];
                $user->employee_num = e($item["employee_number"]);
-                $user->activated = $item['activated'];
+
+                // Sync activated state for Active Directory.
+                if ( array_key_exists('useraccountcontrol', $results[$i]) ) {
+                    /* The following is _probably_ the correct logic, but we can't use it because
+                       some users may have been dependent upon the previous behavior, and this
+                       could cause additional access to be available to users they don't want
+                       to allow to log in.
+
+                    $useraccountcontrol = $results[$i]['useraccountcontrol'][0];
+                    if(
+                        // based on MS docs at: https://support.microsoft.com/en-us/help/305144/how-to-use-useraccountcontrol-to-manipulate-user-account-properties
+                        ($useraccountcontrol & 0x200) && // is a NORMAL_ACCOUNT
+                        !($useraccountcontrol & 0x02) && // *and* _not_ ACCOUNTDISABLE
+                        !($useraccountcontrol & 0x10)    // *and* _not_ LOCKOUT
+                    ) {
+                        $user->activated = 1;
+                    } else {
+                        $user->activated = 0;
+                    } */
+                  $enabled_accounts = [
+                    '512',    // 0x200    NORMAL_ACCOUNT
+                    '544',    // 0x220    NORMAL_ACCOUNT, PASSWD_NOTREQD
+                    '66048',  // 0x10200  NORMAL_ACCOUNT, DONT_EXPIRE_PASSWORD
+                    '66080',  // 0x10220  NORMAL_ACCOUNT, PASSWD_NOTREQD, DONT_EXPIRE_PASSWORD
+                    '262656', // 0x40200  NORMAL_ACCOUNT, SMARTCARD_REQUIRED
+                    '262688', // 0x40220  NORMAL_ACCOUNT, PASSWD_NOTREQD, SMARTCARD_REQUIRED
+                    '328192', // 0x50200  NORMAL_ACCOUNT, SMARTCARD_REQUIRED, DONT_EXPIRE_PASSWORD
+                    '328224', // 0x50220  NORMAL_ACCOUNT, PASSWD_NOT_REQD, SMARTCARD_REQUIRED, DONT_EXPIRE_PASSWORD
+                    '4260352',// 0x410200 NORMAL_ACCOUNT, DONT_EXPIRE_PASSWORD, DONT_REQ_PREAUTH
+                    '1049088',// 0x100200 NORMAL_ACCOUNT, NOT_DELEGATED
+                  ];
+                  $user->activated = ( in_array($results[$i]['useraccountcontrol'][0], $enabled_accounts) ) ? 1 : 0;
+                }
+
+                // If we're not using AD, and there isn't an activated flag set, activate all users
+                elseif (empty($ldap_result_active_flag)) {
+                  $user->activated = 1;
+                }

                if ($item['ldap_location_override'] == true) {
                    $user->location_id = $item['location_id'];
@@ -199,7 +244,6 @@ class LdapSync extends Command

                }

-                $user->notes = 'Imported from LDAP';
                $user->ldap_import = 1;

                $errors = '';
@@ -229,7 +273,7 @@ class LdapSync extends Command
                }
            }
        } else if ($this->option('json_summary')) {
-            $json_summary = [ "error" => false, "error_message" => "", "summary" => $summary ];
+            $json_summary = [ "error" => false, "error_message" => "", "summary" => $summary ]; // hardcoding the error to false and the error_message to blank seems a bit weird
            $this->info(json_encode($json_summary));
        } else {
            return $summary;
--- a/app/Console/Commands/LdapSyncNg.php
+++ b/app/Console/Commands/LdapSyncNg.php
@@ -0,0 +1,399 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Console\Commands;
+
+use Log;
+use Exception;
+use App\Models\User;
+use App\Services\LdapAd;
+use App\Models\Location;
+use Illuminate\Console\Command;
+use Adldap\Models\User as AdldapUser;
+
+/**
+ * LDAP / AD sync command.
+ *
+ * @author Wes Hulette <jwhulette@gmail.com>
+ *
+ * @since 5.0.0
+ */
+class LdapSyncNg extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:ldap-sync-ng 
+                {--location= : A location name } 
+                {--location_id= : A location id} 
+                {--base_dn= : A diffrent base DN to use } 
+                {--summary : Print summary } 
+                {--json_summary : Print summary in json format } 
+                {--dryrun : Run the sync process but don\'t update the database}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Command line LDAP/AD sync';
+
+    /**
+     * An LdapAd instance.
+     *
+     * @var \App\Models\LdapAd
+     */
+    private $ldap;
+
+    /**
+     * LDAP settings collection.
+     *
+     * @var \Illuminate\Support\Collection
+     */
+    private $settings = null;
+
+    /**
+     * A default location collection.
+     *
+     * @var \Illuminate\Support\Collection
+     */
+    private $defaultLocation = null;
+
+    /**
+     * Mapped locations collection.
+     *
+     * @var \Illuminate\Support\Collection
+     */
+    private $mappedLocations = null;
+
+    /**
+     * The summary collection.
+     *
+     * @var \Illuminate\Support\Collection
+     */
+    private $summary;
+
+    /**
+     * Is dry-run?
+     *
+     * @var bool
+     */
+    private $dryrun = false;
+
+    /**
+     * Show users to be imported.
+     *
+     * @var array
+     */
+    private $userlist = [];
+
+    /**
+     * Create a new command instance.
+     */
+    public function __construct(LdapAd $ldap)
+    {
+        parent::__construct();
+        $this->ldap     = $ldap;
+        $this->settings = $this->ldap->ldapSettings;
+        $this->summary  = collect();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+        $dispatcher =  \Adldap\Adldap::getEventDispatcher();
+
+        // Listen for all model events.
+        $dispatcher->listen('Adldap\Models\Events\*', function ($eventName, array $data) {
+            echo $eventName; // Returns 'Adldap\Models\Events\Updating'
+            var_dump($data); // Returns [0] => (object) Adldap\Models\Events\Updating;
+            \Log::debug("Event: ".$eventName." data - ".print_r($data, true));
+        });
+        $dispatcher->listen('Adldap\Auth\Events\*', function ($eventName, array $data) {
+            echo $eventName; // Returns 'Adldap\Models\Events\Updating'
+            var_dump($data); // Returns [0] => (object) Adldap\Models\Events\Updating;
+            \Log::debug("Event: ".$eventName." data - ".print_r($data, true));
+        });
+
+        ini_set('max_execution_time', env('LDAP_TIME_LIM', "600")); //600 seconds = 10 minutes
+        ini_set('memory_limit', '500M');
+        $old_error_reporting = error_reporting(); // grab old error_reporting .ini setting, for later re-enablement
+        error_reporting($old_error_reporting & ~E_DEPRECATED); // disable deprecation warnings, for LDAP in PHP 7.4 (and greater)
+
+        if ($this->option('dryrun')) {
+            $this->dryrun = true;
+        }
+        $this->checkIfLdapIsEnabled();
+        $this->checkLdapConnection();
+        $this->setBaseDn();
+        $this->getUserDefaultLocation();
+        /*
+         * Use the default location if set, this is needed for the LDAP users sync page
+         */
+        if (!$this->option('base_dn') && null == $this->defaultLocation) {
+            $this->getMappedLocations();
+        }
+        $this->processLdapUsers();
+        // Print table of users
+        if ($this->dryrun) {
+            $this->info('The following users will be synced!');
+            $headers = ['First Name', 'Last Name', 'Username', 'Email', 'Employee #', 'Location Id', 'Status'];
+            $this->table($headers, $this->summary->toArray());
+        }
+
+        error_reporting($old_error_reporting); // re-enable deprecation warnings.
+        return $this->getSummary();
+    }
+
+    /**
+     * Generate the LDAP sync summary.
+     *
+     * @author Wes Hulette <jwhulette@gmail.com>
+     *
+     * @since 5.0.0
+     *
+     * @return string
+     */
+    private function getSummary(): string
+    {
+        if ($this->option('summary') && null === $this->dryrun) {
+            $this->summary->each(function ($item) {
+                $this->info('USER: '.$item['note']);
+
+                if ('ERROR' === $item['status']) {
+                    $this->error('ERROR: '.$item['note']);
+                }
+            });
+        } elseif ($this->option('json_summary')) {
+            $json_summary = [
+                'error' => false,
+                'error_message' => '',
+                'summary' => $this->summary->toArray(),
+            ];
+            $this->info(json_encode($json_summary));
+        }
+
+        return '';
+    }
+
+    /**
+     * Create a new user or update an existing user.
+     *
+     * @author Wes Hulette <jwhulette@gmail.com>
+     *
+     * @since 5.0.0
+     *
+     * @param \Adldap\Models\User $snipeUser
+     */
+    private function updateCreateUser(AdldapUser $snipeUser): void
+    {
+        $user = $this->ldap->processUser($snipeUser, $this->defaultLocation, $this->mappedLocations);
+        $summary = [
+            'firstname'       => $user->first_name,
+            'lastname'        => $user->last_name,
+            'username'        => $user->username,
+            'employee_number' => $user->employee_num,
+            'email'           => $user->email,
+            'location_id'     => $user->location_id,
+        ];
+        // Only update the database if is not a dry run
+        if (!$this->dryrun) {
+            if ($user->isDirty()) { //if nothing on the user changed, don't bother trying to save anything nor put anything in the summary
+                if ($user->save()) {
+                    $summary['note']   = ($user->wasRecentlyCreated ? 'CREATED' : 'UPDATED');
+                    $summary['status'] = 'SUCCESS';
+                } else {
+                    $errors = '';
+                    foreach ($user->getErrors()->getMessages() as  $error) {
+                        $errors .= implode(", ",$error);
+                    }
+                    $summary['note']   = $snipeUser->getDN().' was not imported. REASON: '.$errors;
+                    $summary['status'] = 'ERROR';
+                }
+            } else {
+                $summary = null;
+            }
+        }
+
+        // $summary['note'] = ($user->getOriginal('username') ? 'UPDATED' : 'CREATED'); // this seems, kinda, like, superfluous, relative to the $summary['note'] thing above, yeah?
+        if($summary) { //if the $user wasn't dirty, $summary was set to null so that we will skip the following push()
+            $this->summary->push($summary);
+        }
+    }
+
+    /**
+     * Process the users to update / create.
+     *
+     * @author Wes Hulette <jwhulette@gmail.com>
+     *
+     * @since 5.0.0
+     *
+     */
+    private function processLdapUsers(): void
+    {
+        try {
+            \Log::debug("CAL:LING GET LDAP SUSERS");
+            $ldapUsers = $this->ldap->getLdapUsers();
+            \Log::debug("END CALLING GET LDAP USERS");
+        } catch (Exception $e) {
+            $this->outputError($e);
+            exit($e->getMessage());
+        }
+
+        if (0 == $ldapUsers->count()) {
+            $msg = 'ERROR: No users found!';
+            Log::error($msg);
+            if ($this->dryrun) {
+                $this->error($msg);
+            }
+            exit($msg);
+        }
+
+        // Process each individual users
+        foreach ($ldapUsers->getResults() as $user) { // AdLdap2's paginate() method is weird, it gets *everything* and ->getResults() returns *everything*
+            $this->updateCreateUser($user);
+        }
+    }
+
+    /**
+     * Get the mapped locations if a base_dn is provided.
+     *
+     * @author Wes Hulette <jwhulette@gmail.com>
+     *
+     * @since 5.0.0
+     */
+    private function getMappedLocations()
+    {
+        $ldapOuLocation = Location::where('ldap_ou', '!=', '')->select(['id', 'ldap_ou'])->get();
+        $locations = $ldapOuLocation->sortBy(function ($ou, $key) {
+            return strlen($ou->ldap_ou);
+        });
+        if ($locations->count() > 0) {
+            $msg = 'Some locations have special OUs set. Locations will be automatically set for users in those OUs.';
+            LOG::debug($msg);
+            if ($this->dryrun) {
+                $this->info($msg);
+            }
+
+            $this->mappedLocations = $locations->pluck('ldap_ou', 'id'); // TODO: this seems ok-ish, but the key-> value is going location_id -> OU name, and the primary action here is the opposite of that - going from OU's to location ID's.
+        }
+    }
+
+    /**
+     * Set the base dn if supplied.
+     *
+     * @author Wes Hulette <jwhulette@gmail.com>
+     *
+     * @since 5.0.0
+     */
+    private function setBaseDn(): void
+    {
+        if ($this->option('base_dn')) {
+            $this->ldap->baseDn = $this->option('base_dn');
+            $msg = sprintf('Importing users from specified base DN: "%s"', $this->ldap->baseDn);
+            LOG::debug($msg);
+            if ($this->dryrun) {
+                $this->info($msg);
+            }
+        }
+    }
+
+    /**
+     * Get a default location id for imported users.
+     *
+     * @author Wes Hulette <jwhulette@gmail.com>
+     *
+     * @since 5.0.0
+     */
+    private function getUserDefaultLocation(): void
+    {
+        $location = $this->option('location_id') ?? $this->option('location');
+        if ($location) {
+            $userLocation = Location::where('name', '=', $location)
+                ->orWhere('id', '=', intval($location))
+                ->select(['name', 'id'])
+                ->first();
+            if ($userLocation) {
+                $msg = 'Importing users with default location: '.$userLocation->name.' ('.$userLocation->id.')';
+                LOG::debug($msg);
+
+                if ($this->dryrun) {
+                    $this->info($msg);
+                }
+
+                $this->defaultLocation = collect([
+                    $userLocation->id => $userLocation->name,
+                ]);
+            } else {
+                $msg = 'The supplied location is invalid!';
+                LOG::error($msg);
+                if ($this->dryrun) {
+                    $this->error($msg);
+                }
+                exit(0);
+            }
+        }
+    }
+
+    /**
+     * Check if LDAP intergration is enabled.
+     *
+     * @author Wes Hulette <jwhulette@gmail.com>
+     *
+     * @since 5.0.0
+     */
+    private function checkIfLdapIsEnabled(): void
+    {
+        if (false === $this->settings['ldap_enabled']) {
+            $msg = 'LDAP intergration is not enabled. Exiting sync process.';
+            $this->info($msg);
+            Log::info($msg);
+            exit(0);
+        }
+    }
+
+    /**
+     * Check to make sure we can access the server.
+     *
+     * @author Wes Hulette <jwhulette@gmail.com>
+     *
+     * @since 5.0.0
+     */
+    private function checkLdapConnection(): void
+    {
+        try {
+            $this->ldap->testLdapAdUserConnection();
+            $this->ldap->testLdapAdBindConnection();
+        } catch (Exception $e) {
+            $this->outputError($e);
+            exit(0);
+        }
+    }
+
+    /**
+     * Output the json summary to the screen if enabled.
+     *
+     * @param Exception $error
+     */
+    private function outputError($error): void
+    {
+        if ($this->option('json_summary')) {
+            $json_summary = [
+                'error' => true,
+                'error_message' => $error->getMessage(),
+                'summary' => [],
+            ];
+            $this->info(json_encode($json_summary));
+        }
+        $this->error($error->getMessage());
+        LOG::error($error);
+    }
+}
--- a/app/Console/Commands/MergeUsersByUsername.php
+++ b/app/Console/Commands/MergeUsersByUsername.php
@@ -0,0 +1,112 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+use App\Models\User;
+use Carbon\Carbon;
+
+
+class MergeUsersByUsername extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:merge-users';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This command allows you to merge the history of users. It looks for users without an email address as their username and merges them into the version that does have an email username.';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+        // Get the list of users who have an email address as their username
+        $users = User::where('username', 'LIKE', '%@%')->whereNull('deleted_at')->get();
+
+        foreach ($users as $user) {
+            $parts = explode("@", $user->username);
+            $bad_users = User::where('username', '=', $parts[0])->whereNull('deleted_at')->with('assets', 'manager', 'userlog', 'licenses', 'consumables', 'accessories', 'managedLocations')->get();
+
+            foreach ($bad_users as $bad_user) {
+                $this->info($bad_user->username.' ('.$bad_user->id.')  will be merged into '.$user->username.'  ('.$user->id.') ');
+
+                // Walk the list of assets
+                foreach ($bad_user->assets as $asset) {
+                    $this->info( 'Updating asset '.$asset->asset_tag.' '.$asset->id.' to user '.$user->id);
+                    $asset->assigned_to = $user->id;
+                    if (!$asset->save()) {
+                        $this->error( 'Could not update assigned_to field on asset '.$asset->asset_tag.' '.$asset->id.' to user '.$user->id);
+                        $this->error( 'Error saving: '.$asset->getErrors());
+                    }
+                }
+
+                // Walk the list of licenses
+                foreach ($bad_user->licenses as $license) {
+                    $this->info( 'Updating license '.$license->name.' '.$license->id.' to user '.$user->id);
+                    $bad_user->licenses()->updateExistingPivot($license->id, ['assigned_to' => $user->id]);
+                }
+
+                // Walk the list of consumables
+                foreach ($bad_user->consumables as $consumable) {
+                    $this->info( 'Updating consumable '.$consumable->id.' to user '.$user->id);
+                    $bad_user->consumables()->updateExistingPivot($consumable->id, ['assigned_to' => $user->id]);
+                }
+
+                // Walk the list of accessories
+                foreach ($bad_user->accessories as $accessory) {
+                    $this->info( 'Updating accessory '.$accessory->id.' to user '.$user->id);
+                    $bad_user->accessories()->updateExistingPivot($accessory->id, ['assigned_to' => $user->id]);
+                }
+
+                // Walk the list of logs
+                foreach ($bad_user->userlog as $log) {
+                    $this->info( 'Updating action log record '.$log->id.' to user '.$user->id);
+                    $log->target_id = $user->id;
+                    $log->save();
+                }
+
+                // Update any manager IDs
+                $this->info( 'Updating managed user records to user '.$user->id);
+                User::where('manager_id', '=', $bad_user->id)->update(['manager_id' => $user->id]);
+
+
+                // Update location manager IDs
+                foreach ($bad_user->managedLocations as $managedLocation) {
+                    $this->info( 'Updating managed location record '.$managedLocation->name.' to manager '.$user->id);
+                    $managedLocation->manager_id = $user->id;
+                    $managedLocation->save();
+                }
+
+                // Mark the user as deleted
+                $this->info( 'Marking the user as deleted');
+                $bad_user->deleted_at = Carbon::now()->timestamp;
+                $bad_user->save();
+
+
+            }
+
+        }
+
+
+    }
+}
--- a/app/Console/Commands/MoveUploadsToNewDisk.php
+++ b/app/Console/Commands/MoveUploadsToNewDisk.php
@@ -0,0 +1,183 @@
+<?php
+
+namespace App\Console\Commands;
+
+
+use Illuminate\Console\Command;
+use Illuminate\Support\Facades\Storage;
+
+class MoveUploadsToNewDisk extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:move-uploads {delete_local?}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This will move your locally uploaded files to whatever your current disk is.';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+        if (config('filesystems.default')=='local') {
+            $this->error('Your current disk is set to local so we cannot proceed.');
+            $this->warn("Please configure your .env settings for S3. \nChange your PUBLIC_FILESYSTEM_DISK value to 's3_public' and your PRIVATE_FILESYSTEM_DISK to s3_private.");
+            return false;
+        }
+        $delete_local = $this->argument('delete_local');
+
+        $public_uploads['accessories'] = glob('public/accessories'."/*.*");
+        $public_uploads['assets'] = glob('public/assets'."/*.*");
+        $public_uploads['avatars'] = glob('public/avatars'."/*.*");
+        $public_uploads['categories'] = glob('public/categories'."/*.*");
+        $public_uploads['companies'] = glob('public/companies'."/*.*");
+        $public_uploads['components'] = glob('public/components'."/*.*");
+        $public_uploads['consumables'] = glob('public/consumables'."/*.*");
+        $public_uploads['departments'] = glob('public/departments'."/*.*");
+        $public_uploads['locations'] = glob('public/locations'."/*.*");
+        $public_uploads['manufacturers'] = glob('public/manufacturers'."/*.*");
+        $public_uploads['suppliers'] = glob('public/suppliers'."/*.*");
+        $public_uploads['assetmodels'] = glob('public/models'."/*.*");
+
+
+        // iterate files
+        foreach($public_uploads as $public_type => $public_upload)
+        {
+            $type_count = 0;
+            $this->info("- There are ".count($public_upload).' PUBLIC '.$public_type.' files.');
+
+            for ($i = 0; $i < count($public_upload); $i++) {
+                $type_count++;
+                $filename = basename($public_upload[$i]);
+
+                try  {
+                    Storage::disk('public')->put('uploads/'.public_type.'/'.$filename, file_get_contents($public_upload[$i]));
+                    $new_url = Storage::disk('public')->url('uploads/'.$public_type.'/'.$filename, $filename);
+                    $this->info($type_count.'. PUBLIC: '.$filename.' was copied to '.$new_url);
+                } catch (\Exception $e) {
+                    \Log::debug($e);
+                    $this->error($e);
+                }
+
+            }
+
+        }
+
+        $logos = glob("public/uploads/setting*.*");
+        $this->info("- There are ".count($logos).' files that might be logos.');
+        $type_count = 0;
+
+        foreach ($logos as $logo) {
+            $this->info($logo);
+            $type_count++;
+            $filename = basename($logo);
+            Storage::disk('public')->put('uploads/'.$filename, file_get_contents($logo));
+            $this->info($type_count.'. LOGO: '.$filename.' was copied to '.env('PUBLIC_AWS_URL').'/uploads/'.$filename);
+        }
+
+        $private_uploads['assets'] = glob('storage/private_uploads/assets'."/*.*");
+        $private_uploads['signatures'] = glob('storage/private_uploads/signatures'."/*.*");
+        $private_uploads['audits'] = glob('storage/private_uploads/audits'."/*.*");
+        $private_uploads['assetmodels'] = glob('storage/private_uploads/assetmodels'."/*.*");
+        $private_uploads['imports'] = glob('storage/private_uploads/imports'."/*.*");
+        $private_uploads['licenses'] = glob('storage/private_uploads/licenses'."/*.*");
+        $private_uploads['users'] = glob('storage/private_uploads/users'."/*.*");
+        $private_uploads['backups'] = glob('storage/private_uploads/users'."/*.*");
+
+
+        foreach($private_uploads as $private_type => $private_upload)
+        {
+            $this->info("- There are ".count($private_upload).' PRIVATE '.$private_type.' files.');
+
+            $type_count = 0;
+            for ($x = 0; $x < count($private_upload); $x++) {
+                $type_count++;
+                $filename = basename($private_upload[$x]);
+
+                try  {
+                    Storage::put($private_type.'/'.$filename, file_get_contents($private_upload[$i]));
+                    $new_url = Storage::url($private_type.'/'.$filename, $filename);
+                    $this->info($type_count.'. PRIVATE: '.$filename.' was copied to '.$new_url);
+
+                } catch (\Exception $e) {
+                    \Log::debug($e);
+                    $this->error($e);
+                }
+
+            }
+
+        }
+
+
+        if ($delete_local=='true') {
+            $public_delete_count = 0;
+            $private_delete_count = 0;
+
+            $this->info("\n\n");
+            $this->error('!!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!');
+            $this->warn("\nTHIS WILL DELETE ALL OF YOUR LOCAL UPLOADED FILES. \n\nThis cannot be undone, so you should take a backup of your system before you proceed.\n");
+            $this->error('!!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!');
+
+            if ($this->confirm("Do you wish to continue?")) {
+
+                foreach($public_uploads as $public_type => $public_upload) {
+
+                    for ($i = 0; $i < count($public_upload); $i++) {
+                        $filename = $public_upload[$i];
+                        try {
+                            unlink($filename);
+                            $public_delete_count++;
+                        } catch (\Exception $e) {
+                            \Log::debug($e);
+                            $this->error($e);
+                        }
+
+                    }
+                }
+
+                foreach($private_uploads as $private_type => $private_upload)
+                {
+
+                    for ($i = 0; $i < count($private_upload); $i++) {
+                        $filename = $private_upload[$i];
+                        try {
+                            unlink($filename);
+                            $private_delete_count++;
+                        } catch (\Exception $e) {
+                            \Log::debug($e);
+                            $this->error($e);
+                        }
+
+                    }
+                }
+
+                $this->info($public_delete_count." PUBLIC local files and ".$private_delete_count." PRIVATE local files were deleted from your filesystem.");
+            }
+        }
+
+
+
+
+    }
+}
--- a/app/Console/Commands/ObjectImportCommand.php
+++ b/app/Console/Commands/ObjectImportCommand.php
@@ -1,31 +1,9 @@
 <?php
 namespace App\Console\Commands;

-use App\Helpers\Helper;
-use App\Importer\AccessoryImporter;
-use App\Importer\AssetImporter;
-use App\Importer\ConsumableImporter;
-use App\Importer\Importer;
-use App\Models\Accessory;
-use App\Models\Asset;
-use App\Models\AssetModel;
-use App\Models\Category;
-use App\Models\Company;
-use App\Models\Consumable;
-use App\Models\CustomField;
-use App\Models\Location;
-use App\Models\Manufacturer;
-use App\Models\Setting;
-use App\Models\Statuslabel;
-use App\Models\Supplier;
-use App\Models\User;
-use DB;
 use Illuminate\Console\Command;
-use Illuminate\Database\Eloquent\Model;
-use League\Csv\Reader;
 use Symfony\Component\Console\Input\InputArgument;
 use Symfony\Component\Console\Input\InputOption;
-use ForceUTF8\Encoding;

 ini_set('max_execution_time', 600); //600 seconds = 10 minutes
 ini_set('memory_limit', '500M');
@@ -65,7 +43,7 @@ class ObjectImportCommand extends Command
     *
     * @return mixed
     */
-    public function fire()
+    public function handle()
    {
        $filename = $this->argument('filename');
        $class = title_case($this->option('item-type'));
@@ -74,10 +52,13 @@ class ObjectImportCommand extends Command
        $importer->setCallbacks([$this, 'log'], [$this, 'progress'], [$this, 'errorCallback'])
                 ->setUserId($this->option('user_id'))
                 ->setUpdating($this->option('update'))
+                 ->setShouldNotify($this->option('send-welcome'))
                 ->setUsernameFormat($this->option('username_format'));

-        $logFile = $this->option('logfile');
-        \Log::useFiles($logFile);
+
+        // This $logFile/useFiles() bit is currently broken, so commenting it out for now
+        // $logFile = $this->option('logfile');
+        // \Log::useFiles($logFile);
        $this->comment('======= Importing Items from '.$filename.' =========');
        $importer->import();

@@ -172,6 +153,7 @@ class ObjectImportCommand extends Command
        array('web-importer', null, InputOption::VALUE_NONE, 'Internal: packages output for use with the web importer'),
        array('user_id', null, InputOption::VALUE_REQUIRED, 'ID of user creating items', 1),
        array('update', null, InputOption::VALUE_NONE, 'If a matching item is found, update item information'),
+        array('send-welcome', null, InputOption::VALUE_NONE, 'Whether to send a welcome email to any new users that are created.'),
        );

    }
--- a/app/Console/Commands/PaveIt.php
+++ b/app/Console/Commands/PaveIt.php
@@ -79,14 +79,24 @@ class PaveIt extends Command
                DB::statement('delete from accessories_users');
                DB::statement('delete from asset_logs');
                DB::statement('delete from asset_maintenances');
+                DB::statement('delete from login_attempts');
                DB::statement('delete from asset_uploads');
                DB::statement('delete from action_logs');
                DB::statement('delete from checkout_requests');
+                DB::statement('delete from checkout_acceptances');
                DB::statement('delete from consumables_users');
                DB::statement('delete from custom_field_custom_fieldset');
                DB::statement('delete from custom_fields');
                DB::statement('delete from custom_fieldsets');
                DB::statement('delete from components_assets');
+                DB::statement('delete from kits');
+                DB::statement('delete from kits_accessories');
+                DB::statement('delete from kits_consumables');
+                DB::statement('delete from kits_licenses');
+                DB::statement('delete from kits_models');
+                DB::statement('delete from login_attempts');
+                DB::statement('delete from models_custom_fields');
+                DB::statement('delete from permission_groups');
                DB::statement('delete from password_resets');
                DB::statement('delete from requested_assets');
                DB::statement('delete from requests');
@@ -103,7 +113,10 @@ class PaveIt extends Command
                \DB::statement('drop table IF EXISTS assets');
                \DB::statement('drop table IF EXISTS categories');
                \DB::statement('drop table IF EXISTS checkout_requests');
+                \DB::statement('drop table IF EXISTS checkout_acceptances');
                \DB::statement('drop table IF EXISTS companies');
+                \DB::statement('drop table IF EXISTS components');
+                \DB::statement('drop table IF EXISTS components_assets');
                \DB::statement('drop table IF EXISTS consumables_users');
                \DB::statement('drop table IF EXISTS consumables');
                \DB::statement('drop table IF EXISTS custom_field_custom_fieldset');
@@ -113,11 +126,17 @@ class PaveIt extends Command
                \DB::statement('drop table IF EXISTS departments');
                \DB::statement('drop table IF EXISTS groups');
                \DB::statement('drop table IF EXISTS history');
-                \DB::statement('drop table IF EXISTS components');
-                \DB::statement('drop table IF EXISTS components_assets');
+                \DB::statement('drop table IF EXISTS kits');
+                \DB::statement('drop table IF EXISTS kits_accessories');
+                \DB::statement('drop table IF EXISTS kits_consumables');
+                \DB::statement('drop table IF EXISTS kits_licenses');
+                \DB::statement('drop table IF EXISTS kits_models');
+                \DB::statement('drop table IF EXISTS models_custom_fields');
+                \DB::statement('drop table IF EXISTS permission_groups');
                \DB::statement('drop table IF EXISTS license_seats');
                \DB::statement('drop table IF EXISTS licenses');
                \DB::statement('drop table IF EXISTS locations');
+                \DB::statement('drop table IF EXISTS login_attempts');
                \DB::statement('drop table IF EXISTS manufacturers');
                \DB::statement('drop table IF EXISTS models');
                \DB::statement('drop table IF EXISTS migrations');
--- a/app/Console/Commands/Purge.php
+++ b/app/Console/Commands/Purge.php
@@ -2,22 +2,19 @@

 namespace App\Console\Commands;

+use App\Models\Accessory;
+use App\Models\Asset;
+use App\Models\AssetModel;
+use App\Models\Category;
+use App\Models\Component;
+use App\Models\Consumable;
+use App\Models\License;
+use App\Models\Location;
+use App\Models\Manufacturer;
+use App\Models\Statuslabel;
+use App\Models\Supplier;
+use App\Models\User;
 use Illuminate\Console\Command;
-use DB;
-use \App\Models\Asset;
-use \App\Models\AssetModel;
-use \App\Models\Location;
-use \App\Models\Company;
-use \App\Models\License;
-use \App\Models\Accessory;
-use \App\Models\Component;
-use \App\Models\Consumable;
-use \App\Models\Category;
-use \App\Models\User;
-use \App\Models\Supplier;
-use \App\Models\Manufacturer;
-use \App\Models\Depreciation;
-use \App\Models\Statuslabel;

 class Purge extends Command
 {
@@ -33,7 +30,7 @@ class Purge extends Command
     *
     * @var string
     */
-    protected $description = 'Purge all soft-deleted deleted records in the database. This will rewrite history for items that have been edited, or checked in or out. It will also reqrite history for users associated with deleted items.';
+    protected $description = 'Purge all soft-deleted deleted records in the database. This will rewrite history for items that have been edited, or checked in or out. It will also rewrite history for users associated with deleted items.';

    /**
     * Create a new command instance.
--- a/app/Console/Commands/PurgeLoginAttempts.php
+++ b/app/Console/Commands/PurgeLoginAttempts.php
@@ -0,0 +1,44 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+
+class PurgeLoginAttempts extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:purge-logins';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Clears the login_attempts table';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+        if ($this->confirm("\n****************************************************\nTHIS WILL DELETE ALL OF THE YOUR LOGIN ATTEMPT RECORDS. \nThere is NO undo! \n****************************************************\n\nDo you wish to continue? No backsies! [y|N]")) {
+                \DB::statement('delete from login_attempts');
+        }
+    }
+}
--- a/app/Console/Commands/ReEncodeCustomFieldNames.php
+++ b/app/Console/Commands/ReEncodeCustomFieldNames.php
@@ -0,0 +1,126 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\CustomField;
+use Illuminate\Console\Command;
+
+class ReEncodeCustomFieldNames extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:regenerate-fieldnames';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This utility will regenerate the column names for custom fields. It should typically only be needed when a PHP upgrade changed the behavior of the unicode conversion between versions.';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * All three of these things must match for the custom fields system to work as expected:
+     *
+     * - what the system thinks the output of $field->convertUnicodeDbSlug() is
+     * - the actual db_column name in the customfields table
+     * - the physical column name that was created on the assets table
+     *
+     * For some people who upgraded their version of PHP, the unicode converter now behaves
+     * differently in than it did when their custom fields were first created, specifically as it
+     * relates to handling slashes, ampersands, etc. This can result in the field names no longer
+     * matching up, as an older version of the PHP extension simply dropped slashes, etc, while the
+     * newer version of the PHP extension will convert them to underscores.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+        if ($this->confirm('This will regenerate all of the custom field database fieldnames in your database. THIS WILL CHANGE YOUR SCHEMA AND SHOULD NOT BE DONE WITHOUT MAKING A BACKUP FIRST. Do you wish to continue?'))
+        {
+
+            /** Get all of the custom fields */
+            $fields = CustomField::get();
+
+            $asset_columns = \DB::getSchemaBuilder()->getColumnListing('assets');
+            $custom_field_columns = array();
+
+            /** Loop through the columns on the assets table */
+            foreach ($asset_columns as $asset_column) {
+
+                /** Add ones that start with _snipeit_ to an array for handling */
+                if (strpos($asset_column, '_snipeit_') === 0) {
+
+                    /**
+                     * Get the ID of the custom field based on the fieldname.
+                     * For example, in _snipeit_mac_address_1, we grab the 1 because we know
+                     * that's the ID of the custom field that created the column.
+                     * Then use that ID as the array key for use comparing the actual assets field name
+                     * and the db_column value from the custom fields table.
+                     */
+                    $last_part = substr(strrchr($asset_column, "_snipeit_"), 1);
+                    $custom_field_columns[$last_part] = $asset_column;
+                }
+            }
+
+            foreach ($fields as $field) {
+
+                $this->info($field->name .' ('.$field->id.') column should be '. $field->convertUnicodeDbSlug().'');
+
+                /** The assets table has the column it should have, all is well */
+                if (\Schema::hasColumn('assets', $field->convertUnicodeDbSlug()))
+                {
+                    $this->info('-- ✓ This field exists - all good');
+
+                /**
+                 * There is a mismatch between the fieldname on the assets table and
+                 * what $field->convertUnicodeDbSlug() is *now* expecting.
+                 */
+                } else {
+                        $this->warn('-- X Field mismatch: updating... ');
+
+                        /** Make sure the custom_field_columns array has the ID */
+                        if (array_key_exists($field->id, $custom_field_columns)) {
+
+                            /**
+                             * Update the asset schema to the corrected fieldname that will be recognized by the
+                             *  system elsewhere that we use $field->convertUnicodeDbSlug()
+                             */
+                            \Schema::table('assets', function($table) use ($custom_field_columns, $field) {
+                                $table->renameColumn($custom_field_columns[$field->id], $field->convertUnicodeDbSlug());
+                            });
+
+                            $this->warn('-- ✓ Field updated from '.$custom_field_columns[$field->id].' to '.$field->convertUnicodeDbSlug());
+
+                        } else {
+                            $this->warn('-- X WARNING: There is no field on the assets table ending in  '.$field->id.'. This may require more in-depth investigation and may mean the schema was altered manually.');
+                        }
+                }
+
+                /** Update the db_column property in the custom fields table, just in case it doesn't match the other
+                 * things.
+                 */
+                $field->db_column = $field->convertUnicodeDbSlug();
+                $field->save();
+
+
+            }
+
+        }
+
+
+    }
+}
--- a/app/Console/Commands/RecryptFromMcrypt.php
+++ b/app/Console/Commands/RecryptFromMcrypt.php
@@ -2,11 +2,11 @@

 namespace App\Console\Commands;

-use App\Models\CustomField;
-use Illuminate\Console\Command;
 use App\LegacyEncrypter\McryptEncrypter;
-use App\Models\Setting;
 use App\Models\Asset;
+use App\Models\CustomField;
+use App\Models\Setting;
+use Illuminate\Console\Command;
 use Illuminate\Support\Facades\Storage;

 class RecryptFromMcrypt extends Command
--- a/app/Console/Commands/RegenerateAssetTags.php
+++ b/app/Console/Commands/RegenerateAssetTags.php
@@ -2,11 +2,10 @@

 namespace App\Console\Commands;

-use Illuminate\Console\Command;
 use App\Models\Asset;
 use App\Models\Setting;
-use DB;
 use Artisan;
+use Illuminate\Console\Command;

 class RegenerateAssetTags extends Command
 {
--- a/app/Console/Commands/ResetDemoSettings.php
+++ b/app/Console/Commands/ResetDemoSettings.php
@@ -3,9 +3,9 @@
 namespace App\Console\Commands;


-use Illuminate\Console\Command;
 use App\Models\Setting;
 use App\Models\User;
+use Illuminate\Console\Command;

 class ResetDemoSettings extends Command
 {
@@ -51,9 +51,9 @@ class ResetDemoSettings extends Command
        $settings->header_color = null;
        $settings->barcode_type = 'QRCODE';
        $settings->default_currency = 'USD';
-        $settings->brand = 3;
+        $settings->brand = 2;
        $settings->ldap_enabled = 0;
-        $settings->full_multiple_companies_support = 1;
+        $settings->full_multiple_companies_support = 0;
        $settings->alt_barcode = 'C128';
        $settings->skin = '';
        $settings->email_domain = 'snipeitapp.com';
@@ -63,6 +63,17 @@ class ResetDemoSettings extends Command
        $settings->time_display_format = 'g:iA';
        $settings->thumbnail_max_h = '30';
        $settings->locale = 'en';
+        $settings->version_footer = 'on';
+        $settings->support_footer = null;
+        $settings->saml_enabled = '0';
+        $settings->saml_sp_x509cert = null;
+        $settings->saml_idp_metadata = null;
+        $settings->saml_attr_mapping_username = null;
+        $settings->saml_forcelogin = '0';
+        $settings->saml_slo = null;
+        $settings->saml_custom_settings = null;
+
+
        $settings->save();

        if ($user = User::where('username', '=', 'admin')->first()) {
@@ -70,7 +81,7 @@ class ResetDemoSettings extends Command
            $user->save();
        }

-        
+
    }

 }
--- a/app/Console/Commands/RestoreDeletedUsers.php
+++ b/app/Console/Commands/RestoreDeletedUsers.php
@@ -0,0 +1,117 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\Actionlog;
+use App\Models\Asset;
+use App\Models\License;
+use App\Models\User;
+use Artisan;
+use DB;
+use Illuminate\Console\Command;
+
+class RestoreDeletedUsers extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:restore-users {--start_date=} {--end_date=}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Restore users, and any associated assets and license checkouts.';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+        $start_date = $this->option('start_date');
+        $end_date = $this->option('end_date');
+        $asset_totals = 0;
+        $license_totals = 0;
+        $user_count = 0;
+
+
+        if (($start_date=='') || ($end_date=='')) {
+            $this->info('ERROR: All fields are required.');
+            return false;
+        }
+
+        $users = User::whereBetween('deleted_at', [$start_date, $end_date])->withTrashed()->get();
+        $this->info('There are '.$users->count().' users deleted between '.$start_date.' and '.$end_date);
+        $this->warn('Making a backup!');
+        Artisan::call('backup:run');
+
+        foreach ($users as $user) {
+            $user_count++;
+            $user_logs = Actionlog::where('target_id', $user->id)->where('target_type',User::class)
+                ->where('action_type','checkout')->with('item')->get();
+
+            $this->info($user_count.'. '.$user->username.' ('.$user->id.') was deleted at '.$user->deleted_at. ' and has '.$user_logs->count().' checkouts associated.');
+
+            foreach ($user_logs as $user_log) {
+                $this->info('  * '.$user_log->item_type.': '.$user_log->item->name.' - item_id: '.$user_log->item_id);
+
+                if ($user_log->item_type==Asset::class) {
+                    $asset_totals++;
+
+                    DB::table('assets')
+                        ->where('id', $user_log->item_id)
+                        ->update(['assigned_to' => $user->id, 'assigned_type'=> User::class]);
+
+                    $this->info('      ** Asset '.$user_log->item->id.' ('.$user_log->item->asset_tag.') restored to user '.$user->id.'');
+
+                } elseif ($user_log->item_type==License::class) {
+                    $license_totals++;
+
+                    $avail_seat = DB::table('license_seats')->where('license_id','=',$user_log->item->id)
+                        ->whereNull('assigned_to')->whereNull('asset_id')->whereBetween('updated_at', [$start_date, $end_date])->first();
+                    if ($avail_seat) {
+                        $this->info('      ** Allocating seat '.$avail_seat->id.' for this License');
+
+                        DB::table('license_seats')
+                            ->where('id', $avail_seat->id)
+                            ->update(['assigned_to' => $user->id]);
+
+                    } else {
+                        $this->warn('ERROR: No available seats for '.$user_log->item->name);
+                    }
+
+                }
+
+            }
+
+            $this->warn('Restoring user '.$user->username.'!');
+            $user->restore();
+
+
+        }
+
+        $this->info($asset_totals.' assets affected');
+        $this->info($license_totals.' licenses affected');
+
+
+
+    }
+
+
+}
--- a/app/Console/Commands/RotateAppKey.php
+++ b/app/Console/Commands/RotateAppKey.php
@@ -0,0 +1,135 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+use Artisan;
+use App\Models\CustomField;
+use App\Models\Asset;
+use App\Models\Setting;
+use \Illuminate\Encryption\Encrypter;
+
+class RotateAppKey extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:rotate-key';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Command description';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+        if ($this->confirm("\n****************************************************\nTHIS WILL MODIFY YOUR APP_KEY AND DE-CRYPT YOUR ENCRYPTED CUSTOM FIELDS AND \nRE-ENCRYPT THEM WITH A NEWLY GENERATED KEY. \n\nThere is NO undo. \n\nMake SURE you have a database backup and a backup of your .env generated BEFORE running this command. \n\nIf you do not save the newly generated APP_KEY to your .env in this process, \nyour encrypted data will no longer be decryptable. \n\nAre you SURE you wish to continue, and have confirmed you have a database backup and an .env backup? "))  {
+
+
+
+            // Get the existing app_key and ciphers
+            // We put them in a variable since we clear the cache partway through here.
+            $old_app_key = config('app.key');
+            $cipher = config('app.cipher');
+
+            // Generate a new one
+            Artisan::call('key:generate', ['--show' => true]);
+            $new_app_key = Artisan::output();
+
+            // Clear the config cache
+            Artisan::call('config:clear');
+
+            $this->warn('Your app cipher is: '.$cipher);
+            $this->warn('Your old APP_KEY is: '.$old_app_key);
+            $this->warn('Your new APP_KEY is: '.$new_app_key);
+
+            // Write the new app key to the .env file
+            $this->writeNewEnvironmentFileWith($new_app_key);
+
+            // Manually create an old encrypter instance using the old app key
+            // and also create a new encrypter instance so we can re-crypt the field
+            // using the newly generated app key
+            $oldEncrypter = new Encrypter(base64_decode(substr($old_app_key, 7)), $cipher);
+            $newEncrypter = new Encrypter(base64_decode(substr($new_app_key, 7)), $cipher);
+
+            $fields = CustomField::where('field_encrypted', '1')->get();
+
+
+            foreach ($fields as $field) {
+
+                $assets = Asset::whereNotNull($field->db_column)->get();
+
+                foreach ($assets as $asset) {
+
+                    $asset->{$field->db_column} = $oldEncrypter->decrypt($asset->{$field->db_column});
+                    $this->line('DECRYPTED: '. $field->db_column);
+                    $asset->{$field->db_column} = $newEncrypter->encrypt($asset->{$field->db_column});
+                    $this->line('ENCRYPTED: '.$field->db_column);
+                    $asset->save();
+
+                }
+
+            }
+
+            // Handle the LDAP password if one is provided
+            $setting = Setting::first();
+            if ($setting->ldap_pword!='') {
+                $setting->ldap_pword =  $oldEncrypter->decrypt($setting->ldap_pword);
+                $setting->ldap_pword =  $newEncrypter->encrypt($setting->ldap_pword);
+                $setting->save();
+                $this->warn('LDAP password has been re-encrypted.');
+            }
+
+
+        } else {
+            $this->info('This operation has been canceled. No changes have been made.');
+        }
+    }
+
+    /**
+     * Write a new environment file with the given key.
+     *
+     * @param  string  $key
+     * @return void
+     */
+    protected function writeNewEnvironmentFileWith($key)
+    {
+
+        file_put_contents($this->laravel->environmentFilePath(), preg_replace(
+            $this->keyReplacementPattern(),
+            'APP_KEY='.$key,
+            file_get_contents($this->laravel->environmentFilePath())
+        ));
+    }
+
+    /**
+     * Get a regex pattern that will match env APP_KEY with any random key.
+     *
+     * @return string
+     */
+    protected function keyReplacementPattern()
+    {
+        $escaped = preg_quote('='.$this->laravel['config']['app.key'], '/');
+        return "/^APP_KEY{$escaped}/m";
+    }
+
+}
--- a/app/Console/Commands/SendCurrentInventoryToUsers.php
+++ b/app/Console/Commands/SendCurrentInventoryToUsers.php
@@ -0,0 +1,60 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\User;
+use App\Notifications\CurrentInventory;
+use Illuminate\Console\Command;
+
+class SendCurrentInventoryToUsers extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:user-inventory';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This will send users a report of all of the items currently checked out to them.';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+        $users = User::whereNull('deleted_at')->whereNotNull('email')->with('assets', 'accessories', 'licenses')->get();
+
+        $count = 0;
+        foreach ($users as $user) {
+
+            if (($user->assets->count() > 0) || ($user->accessories->count() > 0) || ($user->licenses->count() > 0))
+            {
+                $count++;
+                $user->notify((new CurrentInventory($user)));
+            }
+
+        }
+
+        $this->info($count.' users notified.');
+
+
+    }
+}
--- a/app/Console/Commands/SendExpectedCheckinAlerts.php
+++ b/app/Console/Commands/SendExpectedCheckinAlerts.php
@@ -2,17 +2,16 @@

 namespace App\Console\Commands;

-
 use App\Models\Asset;
 use App\Models\Setting;
-use Illuminate\Console\Command;
-use App\Notifications\ExpectedCheckinNotification;
 use App\Notifications\ExpectedCheckinAdminNotification;
+use App\Notifications\ExpectedCheckinNotification;
 use Carbon\Carbon;
+use Illuminate\Console\Command;
+use App\Models\Recipients\AlertRecipient;

 class SendExpectedCheckinAlerts extends Command
 {
-
    /**
     * The console command name.
     *
@@ -29,8 +28,6 @@ class SendExpectedCheckinAlerts extends Command

    /**
     * Create a new command instance.
-     *
-     * @return void
     */
    public function __construct()
    {
@@ -42,32 +39,27 @@ class SendExpectedCheckinAlerts extends Command
     *
     * @return mixed
     */
-    public function fire()
+    public function handle()
    {
-        $settings = Setting::getSettings();
+        $settings   = Setting::getSettings();
        $whenNotify = Carbon::now()->addDays(7);
-        $assets = Asset::with('assignedTo')->whereNotNull('assigned_to')->whereNotNull('expected_checkin')->where('expected_checkin', '<=', $whenNotify)->get();
+        $assets     = Asset::with('assignedTo')->whereNotNull('assigned_to')->whereNotNull('expected_checkin')->where('expected_checkin', '<=', $whenNotify)->get();

-        $this->info($whenNotify.' is deadline');
-        $this->info($assets->count().' assets');
+        $this->info($whenNotify . ' is deadline');
+        $this->info($assets->count() . ' assets');

        foreach ($assets as $asset) {
-            if ($asset->assigned  && $asset->checkedOutToUser()) {
+            if ($asset->assigned && $asset->checkedOutToUser()) {
                $asset->assigned->notify((new ExpectedCheckinNotification($asset)));
            }
        }

-
-        // Send a rollup to the admin, if settings dictate
-        $recipient = new \App\Models\Recipients\AlertRecipient();
-
-        if ($settings->alert_email!='') {
-            $recipient->notify(new ExpectedCheckinAdminNotification($assets));
+        if (($assets) && ($assets->count() > 0) && ($settings->alert_email != '')) {
+            // Send a rollup to the admin, if settings dictate
+            $recipients = collect(explode(',', $settings->alert_email))->map(function ($item, $key) {
+                return new AlertRecipient($item);
+            });
+            \Notification::send($recipients, new ExpectedCheckinAdminNotification($assets));
        }
-
-
-
-
-
    }
 }
--- a/app/Console/Commands/SendExpirationAlerts.php
+++ b/app/Console/Commands/SendExpirationAlerts.php
@@ -4,14 +4,14 @@ namespace App\Console\Commands;

 use App\Models\Asset;
 use App\Models\License;
+use App\Models\Recipients\AlertRecipient;
 use App\Models\Setting;
-use DB;
-
+use App\Notifications\ExpiringAssetsNotification;
+use App\Notifications\ExpiringLicenseNotification;
 use Illuminate\Console\Command;

 class SendExpirationAlerts extends Command
 {
-
    /**
     * The console command name.
     *
@@ -28,8 +28,6 @@ class SendExpirationAlerts extends Command

    /**
     * Create a new command instance.
-     *
-     * @return void
     */
    public function __construct()
    {
@@ -41,97 +39,37 @@ class SendExpirationAlerts extends Command
     *
     * @return mixed
     */
-    public function fire()
+    public function handle()
    {
+        $settings  = Setting::getSettings();
+        $threshold = $settings->alert_interval;

-        // Expiring Assets
-        $expiring_assets = Asset::getExpiringWarrantee(Setting::getSettings()->alert_interval);
-        $this->info(count($expiring_assets).' expiring assets');
+        if (($settings->alert_email != '') && ($settings->alerts_enabled == 1)) {

-        $asset_data['count'] =  count($expiring_assets);
-        $asset_data['email_content'] ='';
-        $now = date("Y-m-d");
-
-
-        foreach ($expiring_assets as $asset) {
-
-            $expires = $asset->present()->warrantee_expires();
-            $difference =  round(abs(strtotime($expires) - strtotime($now))/86400);
-
-            if ($difference > 30) {
-                $asset_data['email_content'] .= '<tr style="background-color: #fcffa3;">';
-            } else {
-                $asset_data['email_content'] .= '<tr style="background-color:#d9534f;">';
-            }
-            $asset_data['email_content'] .= '<td><a href="'.config('app.url').'/hardware/'.e($asset->id).'/view">';
-            $asset_data['email_content'] .= $asset->present()->name().'</a></td><td>'.e($asset->asset_tag).'</td>';
-            $asset_data['email_content'] .= '<td>'.e($asset->present()->warrantee_expires()).'</td>';
-            $asset_data['email_content'] .= '<td>'.$difference.' '.trans('mail.days').'</td>';
-            $asset_data['email_content'] .= '<td>'.($asset->supplier ? e($asset->supplier->name) : '').'</td>';
-            $asset_data['email_content'] .= '<td>'.($asset->assignedTo ? e($asset->assignedTo->present()->name()) : '').'</td>';
-            $asset_data['email_content'] .= '</tr>';
-        }
-
-        // Expiring licenses
-        $expiring_licenses = License::getExpiringLicenses(Setting::getSettings()->alert_interval);
-        $this->info(count($expiring_licenses).' expiring licenses');
-
-
-        $license_data['count'] =  $expiring_licenses->count();
-        $license_data['email_content'] = '';
-
-        foreach ($expiring_licenses as $license) {
-            $expires = $license->expiration_date;
-            $difference =  round(abs(strtotime($expires) - strtotime($now))/86400);
-
-            if ($difference > 30) {
-                $license_data['email_content'] .= '<tr style="background-color: #fcffa3;">';
-            } else {
-                $license_data['email_content'] .= '<tr style="background-color:#d9534f;">';
-            }
-                $license_data['email_content'] .= '<td><a href="'.route('licenses.show', $license->id).'">';
-                $license_data['email_content'] .= $license->name.'</a></td>';
-                $license_data['email_content'] .= '<td>'.$license->expiration_date.'</td>';
-                $license_data['email_content'] .= '<td>'.$difference.' days</td>';
-                $license_data['email_content'] .= '</tr>';
-        }
-
-        if ((Setting::getSettings()->alert_email!='')  && (Setting::getSettings()->alerts_enabled==1)) {
-
-
-            if (count($expiring_assets) > 0) {
-                $this->info('Report sent to '.Setting::getSettings()->alert_email);
-                \Mail::send('emails.expiring-assets-report', $asset_data, function ($m) {
-                    $m->to(explode(',', Setting::getSettings()->alert_email), Setting::getSettings()->site_name);
-                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
-                    $m->subject(trans('mail.Expiring_Assets_Report'));
-                });
+            // Send a rollup to the admin, if settings dictate
+            $recipients = collect(explode(',', $settings->alert_email))->map(function ($item, $key) {
+                return new AlertRecipient($item);
+            });

+            // Expiring Assets
+            $assets = Asset::getExpiringWarrantee($threshold);
+            if ($assets->count() > 0) {
+                $this->info(trans_choice('mail.assets_warrantee_alert', $assets->count(), ['count' => $assets->count(), 'threshold' => $threshold]));
+                \Notification::send($recipients, new ExpiringAssetsNotification($assets, $threshold));
            }

-            if (count($expiring_licenses) > 0) {
-                $this->info('Report sent to '.Setting::getSettings()->alert_email);
-                \Mail::send('emails.expiring-licenses-report', $license_data, function ($m) {
-                    $m->to(explode(',', Setting::getSettings()->alert_email), Setting::getSettings()->site_name);
-                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
-                    $m->subject(trans('mail.Expiring_Licenses_Report'));
-                });
-
+            // Expiring licenses
+            $licenses = License::getExpiringLicenses($threshold);
+            if ($licenses->count() > 0) {
+                $this->info(trans_choice('mail.license_expiring_alert', $licenses->count(), ['count' => $licenses->count(), 'threshold' => $threshold]));
+                \Notification::send($recipients, new ExpiringLicenseNotification($licenses, $threshold));
            }
-
-
        } else {
-
-            if (Setting::getSettings()->alert_email=='') {
-                echo "Could not send email. No alert email configured in settings. \n";
-            } elseif (Setting::getSettings()->alerts_enabled!=1) {
-                echo "Alerts are disabled in the settings. No mail will be sent. \n";
+            if ($settings->alert_email == '') {
+                $this->error('Could not send email. No alert email configured in settings');
+            } elseif (1 != $settings->alerts_enabled) {
+                $this->info('Alerts are disabled in the settings. No mail will be sent');
            }
-
        }
-
-
-
-
    }
 }
--- a/app/Console/Commands/SendInventoryAlerts.php
+++ b/app/Console/Commands/SendInventoryAlerts.php
@@ -2,12 +2,12 @@

 namespace App\Console\Commands;

-use App\Models\Setting;
-use DB;
-use Mail;
 use App\Helpers\Helper;
-
+use App\Models\Recipients\AlertRecipient;
+use App\Models\Setting;
+use App\Notifications\InventoryAlert;
 use Illuminate\Console\Command;
+use Illuminate\Support\Facades\Notification;

 class SendInventoryAlerts extends Command
 {
@@ -27,8 +27,6 @@ class SendInventoryAlerts extends Command

    /**
     * Create a new command instance.
-     *
-     * @return void
     */
    public function __construct()
    {
@@ -42,28 +40,26 @@ class SendInventoryAlerts extends Command
     */
    public function handle()
    {
-        if ((Setting::getSettings()->alert_email!='')  && (Setting::getSettings()->alerts_enabled==1)) {
+        $settings = Setting::getSettings();

-            $data['data'] = Helper::checkLowInventory();
-            $data['count'] = count($data['data']);
+        if (($settings->alert_email != '') && ($settings->alerts_enabled == 1)) {
+            $items = Helper::checkLowInventory();

-            if (count($data['data']) > 0) {
-                \Mail::send('emails.low-inventory', $data, function ($m) {
-                    $m->to(explode(',', Setting::getSettings()->alert_email), Setting::getSettings()->site_name);
-                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
-                    $m->subject(trans('mail.Low_Inventory_Report'));
+            if (($items) && (count($items) > 0)) {
+                $this->info(trans_choice('mail.low_inventory_alert', count($items)));
+                // Send a rollup to the admin, if settings dictate
+                $recipients = collect(explode(',', $settings->alert_email))->map(function ($item, $key) {
+                    return new AlertRecipient($item);
                });

+                \Notification::send($recipients, new InventoryAlert($items, $settings->alert_threshold));
            }
-
        } else {
-            if (Setting::getSettings()->alert_email=='') {
-                echo "Could not send email. No alert email configured in settings. \n";
-            } elseif (Setting::getSettings()->alerts_enabled!=1) {
-                echo "Alerts are disabled in the settings. No mail will be sent. \n";
+            if ($settings->alert_email == '') {
+                $this->error('Could not send email. No alert email configured in settings');
+            } elseif (1 != $settings->alerts_enabled) {
+                $this->info('Alerts are disabled in the settings. No mail will be sent');
            }
        }
-
-
    }
 }
--- a/app/Console/Commands/SendUpcomingAuditReport.php
+++ b/app/Console/Commands/SendUpcomingAuditReport.php
@@ -0,0 +1,91 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\Asset;
+use App\Models\License;
+use App\Models\Setting;
+use App\Notifications\ExpiringAssetsNotification;
+use App\Models\Recipients;
+use DB;
+use Illuminate\Console\Command;
+use App\Notifications\SendUpcomingAuditNotification;
+use Carbon\Carbon;
+
+class SendUpcomingAuditReport extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:upcoming-audits';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Send email/slack notifications for upcoming asset audits.';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+        $settings = Setting::getSettings();
+
+        if (($settings->alert_email != '') && ($settings->audit_warning_days) && ($settings->alerts_enabled == 1)) {
+
+            // Send a rollup to the admin, if settings dictate
+            $recipients = collect(explode(',', $settings->alert_email))->map(function ($item, $key) {
+                return new \App\Models\Recipients\AlertRecipient($item);
+            });
+
+
+            // Assets due for auditing
+
+            $assets = Asset::whereNotNull('next_audit_date')
+                    ->DueOrOverdueForAudit($settings)
+                    ->orderBy('last_audit_date', 'asc')->get();
+
+            if ($assets->count() > 0) {
+
+                $this->info(trans_choice('mail.upcoming-audits', $assets->count(),
+                    ['count' => $assets->count(), 'threshold' => $settings->audit_warning_days]));
+                \Notification::send($recipients, new SendUpcomingAuditNotification($assets, $settings->audit_warning_days));
+                $this->info('Audit report sent to '.$settings->alert_email);
+            } else {
+                $this->info('No assets to be audited. No report sent.');
+            }
+
+
+
+        } elseif ($settings->alert_email=='') {
+            $this->error('Could not send email. No alert email configured in settings');
+        } elseif (!$settings->audit_warning_days) {
+            $this->error('No audit warning days set in Admin Notifications. No mail will be sent.');
+        } elseif ($settings->alerts_enabled!=1) {
+            $this->info('Alerts are disabled in the settings. No mail will be sent');
+        } else {
+            $this->error('Something went wrong. :( ');
+            $this->error('Admin Notifications Email Setting: '.$settings->alert_email);
+            $this->error('Admin Audit Warning Setting: '.$settings->audit_warning_days);
+            $this->error('Admin Alerts Emnabled: '.$settings->alerts_enabled);
+        }
+
+
+    }
+}
--- a/app/Console/Commands/SyncAssetCounters.php
+++ b/app/Console/Commands/SyncAssetCounters.php
@@ -2,8 +2,8 @@

 namespace App\Console\Commands;

-use Illuminate\Console\Command;
 use App\Models\Asset;
+use Illuminate\Console\Command;

 class SyncAssetCounters extends Command
 {
@@ -39,7 +39,7 @@ class SyncAssetCounters extends Command
    public function handle()
    {
        $start = microtime(true);
-        $assets = Asset::withCount('checkins', 'checkouts', 'userRequests')
+        $assets = Asset::withCount('checkins as checkins_count', 'checkouts as checkouts_count', 'userRequests as user_requests_count')
            ->withTrashed()->get();

        if ($assets) {
--- a/app/Console/Commands/SyncAssetLocations.php
+++ b/app/Console/Commands/SyncAssetLocations.php
@@ -2,10 +2,8 @@

 namespace App\Console\Commands;

-use App\Models\CustomField;
-use Illuminate\Console\Command;
 use App\Models\Asset;
-use Illuminate\Support\Facades\Storage;
+use Illuminate\Console\Command;

 class SyncAssetLocations extends Command
 {
@@ -64,7 +62,7 @@ class SyncAssetLocations extends Command
        $output['info'][] = 'There are '.$assigned_user_assets->count().' assets checked out to users.';
        foreach ($assigned_user_assets as $assigned_user_asset) {
            if (($assigned_user_asset->assignedTo) && ($assigned_user_asset->assignedTo->userLoc)) {
-                $new_location=$assigned_user_asset->assignedTo->userloc->id;
+                $new_location = $assigned_user_asset->assignedTo->userLoc->id;
                $output['info'][] ='Setting User Asset ' . $assigned_user_asset->id . ' ('.$assigned_user_asset->asset_tag.') to  ' . $assigned_user_asset->assignedTo->userLoc->name . ' which is id: ' . $new_location;
            } else {
                $output['warn'][] ='Asset ' . $assigned_user_asset->id . ' ('.$assigned_user_asset->asset_tag.') still has no location! ';
--- a/app/Console/Commands/SystemBackup.php
+++ b/app/Console/Commands/SystemBackup.php
@@ -36,7 +36,7 @@ class SystemBackup extends Command
     *
     * @return mixed
     */
-    public function fire()
+    public function handle()
    {
        //
        $this->call('backup:run');
--- a/app/Console/Kernel.php
+++ b/app/Console/Kernel.php
@@ -2,35 +2,14 @@

 namespace App\Console;

+use App\Console\Commands\ImportLocations;
+use App\Console\Commands\ReEncodeCustomFieldNames;
+use App\Console\Commands\RestoreDeletedUsers;
 use Illuminate\Console\Scheduling\Schedule;
 use Illuminate\Foundation\Console\Kernel as ConsoleKernel;

 class Kernel extends ConsoleKernel
 {
-    /**
-     * The Artisan commands provided by your application.
-     *
-     * @var array
-     */
-    protected $commands = [
-        Commands\PaveIt::class,
-        Commands\CreateAdmin::class,
-        Commands\SendExpirationAlerts::class,
-        Commands\SendInventoryAlerts::class,
-        Commands\SendExpectedCheckinAlerts::class,
-        Commands\ObjectImportCommand::class,
-        Commands\Version::class,
-        Commands\SystemBackup::class,
-        Commands\DisableLDAP::class,
-        Commands\Purge::class,
-        Commands\LdapSync::class,
-        Commands\FixDoubleEscape::class,
-        Commands\RecryptFromMcrypt::class,
-        Commands\ResetDemoSettings::class,
-        Commands\SyncAssetLocations::class,
-        Commands\RegenerateAssetTags::class,
-        Commands\SyncAssetCounters::class,
-    ];

    /**
     * Define the application's command schedule.
@@ -40,16 +19,21 @@ class Kernel extends ConsoleKernel
     */
    protected function schedule(Schedule $schedule)
    {
-
        $schedule->command('snipeit:inventory-alerts')->daily();
        $schedule->command('snipeit:expiring-alerts')->daily();
        $schedule->command('snipeit:expected-checkin')->daily();
        $schedule->command('snipeit:backup')->weekly();
        $schedule->command('backup:clean')->daily();
+        $schedule->command('snipeit:upcoming-audits')->daily();
    }

+    /**
+     * This method is required by Laravel to handle any console routes
+     * that are defined in routes/console.php.
+     */
    protected function commands()
    {
        require base_path('routes/console.php');
+        $this->load(__DIR__.'/Commands');
    }
 }
--- a/app/Events/CheckoutAccepted.php
+++ b/app/Events/CheckoutAccepted.php
@@ -0,0 +1,23 @@
+<?php
+
+namespace App\Events;
+
+use App\Models\CheckoutAcceptance;
+use App\Models\Contracts\Acceptable;
+use Illuminate\Foundation\Events\Dispatchable;
+use Illuminate\Queue\SerializesModels;
+
+class CheckoutAccepted
+{
+    use Dispatchable, SerializesModels;
+
+    /**
+     * Create a new event instance.
+     *
+     * @return void
+     */
+    public function __construct(CheckoutAcceptance $acceptance)
+    {
+        $this->acceptance       = $acceptance;
+    }
+}
--- a/app/Events/CheckoutDeclined.php
+++ b/app/Events/CheckoutDeclined.php
@@ -0,0 +1,23 @@
+<?php
+
+namespace App\Events;
+
+use App\Models\CheckoutAcceptance;
+use App\Models\Contracts\Acceptable;
+use Illuminate\Foundation\Events\Dispatchable;
+use Illuminate\Queue\SerializesModels;
+
+class CheckoutDeclined
+{
+    use Dispatchable, SerializesModels;
+    
+    /**
+     * Create a new event instance.
+     *
+     * @return void
+     */
+    public function __construct(CheckoutAcceptance $acceptance)
+    {
+        $this->acceptance       = $acceptance;
+    }
+}
--- a/app/Events/CheckoutableCheckedIn.php
+++ b/app/Events/CheckoutableCheckedIn.php
@@ -0,0 +1,32 @@
+<?php
+
+namespace App\Events;
+
+use App\Models\User;
+use Illuminate\Foundation\Events\Dispatchable;
+use Illuminate\Queue\SerializesModels;
+
+class CheckoutableCheckedIn
+{
+    use Dispatchable, SerializesModels;
+
+    public $checkoutable;
+    public $checkedOutTo;
+    public $checkedInBy;
+    public $note;
+    public $action_date; // Date setted in the hardware.checkin view at the checkin_at input, for the action log
+
+    /**
+     * Create a new event instance.
+     *
+     * @return void
+     */
+    public function __construct($checkoutable, $checkedOutTo, User $checkedInBy, $note, $action_date = null)
+    {
+        $this->checkoutable = $checkoutable;
+        $this->checkedOutTo = $checkedOutTo;
+        $this->checkedInBy  = $checkedInBy;
+        $this->note         = $note;
+        $this->action_date  = $action_date ?? date('Y-m-d');
+    }
+}
--- a/app/Events/CheckoutableCheckedOut.php
+++ b/app/Events/CheckoutableCheckedOut.php
@@ -0,0 +1,30 @@
+<?php
+
+namespace App\Events;
+
+use App\Models\User;
+use Illuminate\Foundation\Events\Dispatchable;
+use Illuminate\Queue\SerializesModels;
+
+class CheckoutableCheckedOut
+{
+    use Dispatchable, SerializesModels;
+
+    public $checkoutable;
+    public $checkedOutTo;
+    public $checkedOutBy;
+    public $note;
+
+    /**
+     * Create a new event instance.
+     *
+     * @return void
+     */
+    public function __construct($checkoutable, $checkedOutTo, User $checkedOutBy, $note)
+    {
+        $this->checkoutable = $checkoutable;
+        $this->checkedOutTo = $checkedOutTo;
+        $this->checkedOutBy = $checkedOutBy;
+        $this->note         = $note;
+    }
+}
--- a/app/Exceptions/CheckoutNotAllowed.php
+++ b/app/Exceptions/CheckoutNotAllowed.php
@@ -3,10 +3,20 @@
 namespace App\Exceptions;

 use Exception;
+
 class CheckoutNotAllowed extends Exception
 {
+
+    private $errorMessage;
+
+    function __construct($errorMessage = null)
+    {
+        $this->errorMessage = $errorMessage;
+
+        parent::__construct($errorMessage);
+    }
    public function __toString()
    {
-       return "A checkout is not allowed under these circumstances";
+       return is_null($this->errorMessage) ? "A checkout is not allowed under these circumstances" : $this->errorMessage;
    }
 }
--- a/app/Exceptions/Handler.php
+++ b/app/Exceptions/Handler.php
@@ -9,6 +9,7 @@ use App\Helpers\Helper;
 use Illuminate\Validation\ValidationException;
 use Log;

+
 class Handler extends ExceptionHandler
 {
    /**
@@ -23,6 +24,8 @@ class Handler extends ExceptionHandler
        \Illuminate\Database\Eloquent\ModelNotFoundException::class,
        \Illuminate\Session\TokenMismatchException::class,
        \Illuminate\Validation\ValidationException::class,
+        \Intervention\Image\Exception\NotSupportedException::class,
+        \League\OAuth2\Server\Exception\OAuthServerException::class,
    ];

    /**
@@ -66,10 +69,6 @@ class Handler extends ExceptionHandler
                return response()->json(Helper::formatStandardApiResponse('error', null, $className . ' not found'), 200);
            }

-            if ($e instanceof \Illuminate\Validation\ValidationException) {
-                return response()->json(Helper::formatStandardApiResponse('error', null, $e->response['messages'], 400));
-            }
-
            if ($this->isHttpException($e)) {

                $statusCode = $e->getStatusCode();
@@ -84,11 +83,6 @@ class Handler extends ExceptionHandler

                }
            }
-            // Try to parse 500 Errors in a bit nicer way when debug is enabled.
-            if (config('app.debug')) {
-                return response()->json(Helper::formatStandardApiResponse('error', null, "An Error has occured! " . $e->getMessage()), 500);
-            }
-
        }


@@ -112,9 +106,21 @@ class Handler extends ExceptionHandler
    protected function unauthenticated($request, AuthenticationException $exception)
    {
        if ($request->expectsJson()) {
-            return response()->json(['error' => 'Unauthorized.'], 401);
+            return response()->json(['error' => 'Unauthorized or unauthenticated.'], 401);
        }

        return redirect()->guest('login');
    }
+
+    /**
+     * Convert a validation exception into a JSON response.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Illuminate\Validation\ValidationException  $exception
+     * @return \Illuminate\Http\JsonResponse
+     */
+    protected function invalidJson($request, ValidationException $exception)
+    {
+        return response()->json(Helper::formatStandardApiResponse('error', null, $exception->errors(), 400));
+    }
 }
--- a/app/Helpers/Helper.php
+++ b/app/Helpers/Helper.php
@@ -1,25 +1,16 @@
 <?php
 namespace App\Helpers;

-use DB;
-use App\Models\Statuslabel;
-use App\Models\Location;
-use App\Models\Department;
-use App\Models\AssetModel;
-use App\Models\Company;
-use App\Models\User;
-use App\Models\Manufacturer;
-use App\Models\Supplier;
-use App\Models\Category;
-use App\Models\Depreciation;
-use App\Models\CustomFieldset;
-use App\Models\CustomField;
-use App\Models\Component;
 use App\Models\Accessory;
+use App\Models\Component;
 use App\Models\Consumable;
-use App\Models\Asset;
+use App\Models\CustomField;
+use App\Models\CustomFieldset;
+use App\Models\Depreciation;
 use App\Models\Setting;
+use App\Models\Statuslabel;
 use Crypt;
+use Image;
 use Illuminate\Contracts\Encryption\DecryptException;

 class Helper
@@ -64,27 +55,313 @@ class Helper

    /**
     * Static colors for pie charts.
-     * This is inelegant, and could be refactored later.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v3.3]
     * @return Array
     */
-    public static function chartColors()
+    public static function defaultChartColors($index = 0)
    {
        $colors = [
-            '#f56954',
-            '#00a65a',
-            '#f39c12',
-            '#00c0ef',
-            '#3c8dbc',
-            '#d2d6de',
-            '#3c8dbc',
-            '#3c8dbc',
-            '#3c8dbc',
-
+            "#008941",
+            "#FF4A46",
+            "#006FA6",
+            "#A30059",
+            "#1CE6FF",
+            "#FFDBE5",
+            "#7A4900",
+            "#0000A6",
+            "#63FFAC",
+            "#B79762",
+            "#004D43",
+            "#8FB0FF",
+            "#997D87",
+            "#5A0007",
+            "#809693",
+            "#FEFFE6",
+            "#1B4400",
+            "#4FC601",
+            "#3B5DFF",
+            "#4A3B53",
+            "#FF2F80",
+            "#61615A",
+            "#BA0900",
+            "#6B7900",
+            "#00C2A0",
+            "#FFAA92",
+            "#FF90C9",
+            "#B903AA",
+            "#D16100",
+            "#DDEFFF",
+            "#000035",
+            "#7B4F4B",
+            "#A1C299",
+            "#300018",
+            "#0AA6D8",
+            "#013349",
+            "#00846F",
+            "#372101",
+            "#FFB500",
+            "#C2FFED",
+            "#A079BF",
+            "#CC0744",
+            "#C0B9B2",
+            "#C2FF99",
+            "#001E09",
+            "#00489C",
+            "#6F0062",
+            "#0CBD66",
+            "#EEC3FF",
+            "#456D75",
+            "#B77B68",
+            "#7A87A1",
+            "#788D66",
+            "#885578",
+            "#FAD09F",
+            "#FF8A9A",
+            "#D157A0",
+            "#BEC459",
+            "#456648",
+            "#0086ED",
+            "#886F4C",
+            "#34362D",
+            "#B4A8BD",
+            "#00A6AA",
+            "#452C2C",
+            "#636375",
+            "#A3C8C9",
+            "#FF913F",
+            "#938A81",
+            "#575329",
+            "#00FECF",
+            "#B05B6F",
+            "#8CD0FF",
+            "#3B9700",
+            "#04F757",
+            "#C8A1A1",
+            "#1E6E00",
+            "#7900D7",
+            "#A77500",
+            "#6367A9",
+            "#A05837",
+            "#6B002C",
+            "#772600",
+            "#D790FF",
+            "#9B9700",
+            "#549E79",
+            "#FFF69F",
+            "#201625",
+            "#72418F",
+            "#BC23FF",
+            "#99ADC0",
+            "#3A2465",
+            "#922329",
+            "#5B4534",
+            "#FDE8DC",
+            "#404E55",
+            "#0089A3",
+            "#CB7E98",
+            "#A4E804",
+            "#324E72",
+            "#6A3A4C",
+            "#83AB58",
+            "#001C1E",
+            "#D1F7CE",
+            "#004B28",
+            "#C8D0F6",
+            "#A3A489",
+            "#806C66",
+            "#222800",
+            "#BF5650",
+            "#E83000",
+            "#66796D",
+            "#DA007C",
+            "#FF1A59",
+            "#8ADBB4",
+            "#1E0200",
+            "#5B4E51",
+            "#C895C5",
+            "#320033",
+            "#FF6832",
+            "#66E1D3",
+            "#CFCDAC",
+            "#D0AC94",
+            "#7ED379",
+            "#012C58",
+            "#7A7BFF",
+            "#D68E01",
+            "#353339",
+            "#78AFA1",
+            "#FEB2C6",
+            "#75797C",
+            "#837393",
+            "#943A4D",
+            "#B5F4FF",
+            "#D2DCD5",
+            "#9556BD",
+            "#6A714A",
+            "#001325",
+            "#02525F",
+            "#0AA3F7",
+            "#E98176",
+            "#DBD5DD",
+            "#5EBCD1",
+            "#3D4F44",
+            "#7E6405",
+            "#02684E",
+            "#962B75",
+            "#8D8546",
+            "#9695C5",
+            "#E773CE",
+            "#D86A78",
+            "#3E89BE",
+            "#CA834E",
+            "#518A87",
+            "#5B113C",
+            "#55813B",
+            "#E704C4",
+            "#00005F",
+            "#A97399",
+            "#4B8160",
+            "#59738A",
+            "#FF5DA7",
+            "#F7C9BF",
+            "#643127",
+            "#513A01",
+            "#6B94AA",
+            "#51A058",
+            "#A45B02",
+            "#1D1702",
+            "#E20027",
+            "#E7AB63",
+            "#4C6001",
+            "#9C6966",
+            "#64547B",
+            "#97979E",
+            "#006A66",
+            "#391406",
+            "#F4D749",
+            "#0045D2",
+            "#006C31",
+            "#DDB6D0",
+            "#7C6571",
+            "#9FB2A4",
+            "#00D891",
+            "#15A08A",
+            "#BC65E9",
+            "#FFFFFE",
+            "#C6DC99",
+            "#203B3C",
+            "#671190",
+            "#6B3A64",
+            "#F5E1FF",
+            "#FFA0F2",
+            "#CCAA35",
+            "#374527",
+            "#8BB400",
+            "#797868",
+            "#C6005A",
+            "#3B000A",
+            "#C86240",
+            "#29607C",
+            "#402334",
+            "#7D5A44",
+            "#CCB87C",
+            "#B88183",
+            "#AA5199",
+            "#B5D6C3",
+            "#A38469",
+            "#9F94F0",
+            "#A74571",
+            "#B894A6",
+            "#71BB8C",
+            "#00B433",
+            "#789EC9",
+            "#6D80BA",
+            "#953F00",
+            "#5EFF03",
+            "#E4FFFC",
+            "#1BE177",
+            "#BCB1E5",
+            "#76912F",
+            "#003109",
+            "#0060CD",
+            "#D20096",
+            "#895563",
+            "#29201D",
+            "#5B3213",
+            "#A76F42",
+            "#89412E",
+            "#1A3A2A",
+            "#494B5A",
+            "#A88C85",
+            "#F4ABAA",
+            "#A3F3AB",
+            "#00C6C8",
+            "#EA8B66",
+            "#958A9F",
+            "#BDC9D2",
+            "#9FA064",
+            "#BE4700",
+            "#658188",
+            "#83A485",
+            "#453C23",
+            "#47675D",
+            "#3A3F00",
+            "#061203",
+            "#DFFB71",
+            "#868E7E",
+            "#98D058",
+            "#6C8F7D",
+            "#D7BFC2",
+            "#3C3E6E",
+            "#D83D66",
+            "#2F5D9B",
+            "#6C5E46",
+            "#D25B88",
+            "#5B656C",
+            "#00B57F",
+            "#545C46",
+            "#866097",
+            "#365D25",
+            "#252F99",
+            "#00CCFF",
+            "#674E60",
+            "#FC009C",
+            "#92896B",
        ];
-        return $colors;
+
+
+
+        return $colors[$index];
+
+    }
+
+    /**
+     * Increases or decreases the brightness of a color by a percentage of the current brightness.
+     *
+     * @param   string  $hexCode        Supported formats: `#FFF`, `#FFFFFF`, `FFF`, `FFFFFF`
+     * @param   float   $adjustPercent  A number between -1 and 1. E.g. 0.3 = 30% lighter; -0.4 = 40% darker.
+     *
+     * @return  string
+     */
+    public static function adjustBrightness($hexCode, $adjustPercent) {
+        $hexCode = ltrim($hexCode, '#');
+
+        if (strlen($hexCode) == 3) {
+            $hexCode = $hexCode[0] . $hexCode[0] . $hexCode[1] . $hexCode[1] . $hexCode[2] . $hexCode[2];
+        }
+
+        $hexCode = array_map('hexdec', str_split($hexCode, 2));
+
+        foreach ($hexCode as & $color) {
+            $adjustableLimit = $adjustPercent < 0 ? $color : 255 - $color;
+            $adjustAmount = ceil($adjustableLimit * $adjustPercent);
+
+            $color = str_pad(dechex($color + $adjustAmount), 2, '0', STR_PAD_LEFT);
+        }
+
+        return '#' . implode($hexCode);
    }


@@ -137,95 +414,6 @@ class Helper
        return floatval($floatString);
    }

-
-    /**
-     * Get the list of models in an array to make a dropdown menu
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v2.5]
-     * @return Array
-     */
-    public static function modelList()
-    {
-        $models = AssetModel::with('manufacturer')->get();
-        $model_array[''] = trans('general.select_model');
-        foreach ($models as $model) {
-            $model_array[$model->id] = $model->present()->modelName();
-        }
-        return $model_array;
-    }
-
-    /**
-     * Get the list of companies in an array to make a dropdown menu
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v2.5]
-     * @return Array
-     */
-    public static function companyList()
-    {
-        $company_list = array('' => trans('general.select_company')) + DB::table('companies')
-                ->orderBy('name', 'asc')
-                ->pluck('name', 'id')
-                ->toArray();
-        return $company_list;
-    }
-
-
-    /**
-     * Get the list of categories in an array to make a dropdown menu
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v2.5]
-     * @return Array
-     */
-    public static function categoryList($category_type = null)
-    {
-        $categories = Category::orderBy('name', 'asc')
-                ->whereNull('deleted_at')
-                ->orderBy('name', 'asc');
-        if (!empty($category_type)) {
-            $categories = $categories->where('category_type', '=', $category_type);
-        }
-        $category_list = array('' => trans('general.select_category')) + $categories->pluck('name', 'id')->toArray();
-        return $category_list;
-    }
-
-
-    /**
-     * Get the list of categories in an array to make a dropdown menu
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v2.5]
-     * @return Array
-     */
-    public static function departmentList()
-    {
-        $departments = Department::orderBy('name', 'asc')
-            ->whereNull('deleted_at')
-            ->orderBy('name', 'asc');
-
-        return array('' => trans('general.select_department')) + $departments->pluck('name', 'id')->toArray();
-
-    }
-    
-
-    /**
-     * Get the list of suppliers in an array to make a dropdown menu
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v2.5]
-     * @return Array
-     */
-    public static function suppliersList()
-    {
-        $supplier_list = array('' => trans('general.select_supplier')) + Supplier::orderBy('name', 'asc')
-                ->orderBy('name', 'asc')
-                ->pluck('name', 'id')->toArray();
-        return $supplier_list;
-    }
-
-
    /**
     * Get the list of status labels in an array to make a dropdown menu
     *
@@ -240,35 +428,24 @@ class Helper
        return $statuslabel_list;
    }

-
    /**
-     * Get the list of locations in an array to make a dropdown menu
+     * Get the list of deployable status labels in an array to make a dropdown menu
+     *
+     * @todo This should probably be a selectlist, same as the other endpoints
+     * and we should probably add to the API controllers to make sure that
+     * the status_id submitted is actually really deployable.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v2.5]
+     * @since [v5.1.0]
     * @return Array
     */
-    public static function locationsList()
+    public static function deployableStatusLabelList()
    {
-        $location_list = array('' => trans('general.select_location')) + Location::orderBy('name', 'asc')
+        $statuslabel_list =  Statuslabel::where('deployable', '=', '1')->orderBy('default_label', 'desc')
+                ->orderBy('name','asc')
+                ->orderBy('deployable','desc')
                ->pluck('name', 'id')->toArray();
-        return $location_list;
-    }
-
-
-    /**
-     * Get the list of manufacturers in an array to make a dropdown menu
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v2.5]
-     * @return Array
-     */
-    public static function manufacturerList()
-    {
-        $manufacturer_list = array('' => trans('general.select_manufacturer')) +
-            Manufacturer::orderBy('name', 'asc')
-                ->pluck('name', 'id')->toArray();
-        return $manufacturer_list;
+        return $statuslabel_list;
    }

    /**
@@ -289,24 +466,6 @@ class Helper
        return $statuslabel_types;
    }

-    /**
-     * Get the list of managers in an array to make a dropdown menu
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v2.5]
-     * @return Array
-     */
-    public static function managerList()
-    {
-        $manager_list = array('' => trans('general.select_user')) +
-                        User::where('deleted_at', '=', null)
-                        ->orderBy('last_name', 'asc')
-                        ->orderBy('first_name', 'asc')->get()
-                        ->pluck('complete_name', 'id')->toArray();
-
-        return $manager_list;
-    }
-
    /**
     * Get the list of depreciations in an array to make a dropdown menu
     *
@@ -341,54 +500,6 @@ class Helper
        return $category_types;
    }

-    /**
-     * Get the list of users in an array to make a dropdown menu
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v2.5]
-     * @return Array
-     */
-    public static function usersList()
-    {
-        $users_list =   array( '' => trans('general.select_user')) +
-                        Company::scopeCompanyables(User::where('deleted_at', '=', null))
-                        ->where('show_in_list', '=', 1)
-                        ->orderBy('last_name', 'asc')
-                        ->orderBy('first_name', 'asc')->get()
-                        ->pluck('complete_name', 'id')->toArray();
-
-        return $users_list;
-    }
-
-    /**
-     * Get the list of assets in an array to make a dropdown menu
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v2.5]
-     * @return Array
-     */
-    public static function assetsList()
-    {
-        $assets_list = array('' => trans('general.select_asset')) + Asset::orderBy('name', 'asc')
-                ->whereNull('deleted_at')
-                ->pluck('name', 'id')->toArray();
-        return $assets_list;
-    }
-
-    /**
-     * Get the detailed list of assets in an array to make a dropdown menu
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v2.5]
-     * @return array
-     */
-    public static function detailedAssetList()
-    {
-        $assets = array('' => trans('general.select_asset')) + Company::scopeCompanyables(Asset::with('assignedTo', 'model'), 'assets.company_id')->get()->pluck('detailed_name', 'id')->toArray();
-        return $assets;
-    }
-
-
    /**
     * Get the list of custom fields in an array to make a dropdown menu
     *
@@ -411,9 +522,10 @@ class Helper
     */
    public static function predefined_formats()
    {
-        $keys = array_keys(CustomField::$PredefinedFormats);
+        $keys = array_keys(CustomField::PREDEFINED_FORMATS);
        $stuff = array_combine($keys, $keys);
-        return $stuff+["" => trans('admin/custom_fields/general.custom_format')];
+
+        return $stuff;
    }

    /**
@@ -467,16 +579,16 @@ class Helper
     */
    public static function checkLowInventory()
    {
-        $consumables = Consumable::withCount('consumableAssignments')->whereNotNull('min_amt')->get();
-        $accessories = Accessory::withCount('users')->whereNotNull('min_amt')->get();
-        $components = Component::withCount('assets')->whereNotNull('min_amt')->get();
+        $consumables = Consumable::withCount('consumableAssignments as consumable_assignments_count')->whereNotNull('min_amt')->get();
+        $accessories = Accessory::withCount('users as users_count')->whereNotNull('min_amt')->get();
+        $components = Component::withCount('assets as assets_count')->whereNotNull('min_amt')->get();

        $avail_consumables = 0;
        $items_array = array();
        $all_count = 0;

        foreach ($consumables as $consumable) {
-            $avail = $consumable->qty - $consumable->consumable_assignment_count;  //$consumable->numRemaining();
+            $avail = $consumable->numRemaining();
            if ($avail < ($consumable->min_amt) + \App\Models\Setting::getSettings()->alert_threshold) {
                if ($consumable->qty > 0) {
                    $percent = number_format((($avail / $consumable->qty) * 100), 0);
@@ -800,38 +912,32 @@ class Helper

        $extension = substr(strrchr($filename,'.'),1);

-        if ($extension) {
-            switch ($extension) {
-                case 'jpg':
-                case 'jpeg':
-                case 'gif':
-                case 'png':
-                    return "fa fa-file-image-o";
-                    break;
-                case 'doc':
-                case 'docx':
-                    return "fa fa-file-word-o";
-                    break;
-                case 'xls':
-                case 'xlsx':
-                    return "fa fa-file-excel-o";
-                    break;
-                case 'zip':
-                case 'rar':
-                    return "fa fa-file-archive-o";
-                    break;
-                case 'pdf':
-                    return "fa fa-file-pdf-o";
-                    break;
-                case 'txt':
-                    return "fa fa-file-text-o";
-                    break;
-                case 'lic':
-                    return "fa fa-floppy-o";
-                    break;
-                default:
-                    return "fa fa-file-o";
-            }
+        $allowedExtensionMap = [
+            // Images
+            'jpg'   => 'fa fa-file-image-o',
+            'jpeg'   => 'fa fa-file-image-o',
+            'gif'   => 'fa fa-file-image-o',
+            'png'   => 'fa fa-file-image-o',
+            // word
+            'doc'   => 'fa fa-file-word-o',
+            'docx'   => 'fa fa-file-word-o',
+            // Excel
+            'xls'   => 'fa fa-file-excel-o',
+            'xlsx'   => 'fa fa-file-excel-o',
+            // archive
+            'zip'   => 'fa fa-file-archive-o',
+            'rar'   => 'fa fa-file-archive-o',
+            //Text
+            'txt'   => 'fa fa-file-text-o',
+            'rtf'   => 'fa fa-file-text-o',
+            'xml'   => 'fa fa-file-text-o',
+            // Misc
+            'pdf'   => 'fa fa-file-pdf-o',
+            'lic'   => 'fa fa-file-floppy-o',
+        ];
+
+        if ($extension && array_key_exists($extension, $allowedExtensionMap)) {
+            return $allowedExtensionMap[$extension];
        }
        return "fa fa-file-o";
    }
@@ -855,7 +961,80 @@ class Helper
        return false;
    }

+    /**
+     * Generate a random encrypted password.
+     *
+     * @author Wes Hulette <jwhulette@gmail.com>
+     *
+     * @since 5.0.0
+     *
+     * @return string
+     */
+    public static function generateEncyrptedPassword(): string
+    {
+        return bcrypt(Helper::generateUnencryptedPassword());
+    }

+    /**
+     * Get a random unencrypted password.
+     *
+     * @author Steffen Buehl <sb@sbuehl.com>
+     *
+     * @since 5.0.0
+     *
+     * @return string
+     */
+    public static function generateUnencryptedPassword(): string
+    {
+        $chars = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';

+        $password = '';
+        for ( $i = 0; $i < 20; $i++ ) {
+            $password .= substr( $chars, random_int( 0, strlen( $chars ) - 1 ), 1 );
+        }
+        return $password;
+    }
+
+    /**
+     * Process base64 encoded image data and save it on supplied path
+     *
+     * @param string $image_data base64 encoded image data with mime type
+     * @param string $save_path path to a folder where the image should be saved
+     * @return string path to uploaded image or false if something went wrong
+     */
+    public static function processUploadedImage(String $image_data, String $save_path) {
+        if ($image_data != null && $save_path != null) {
+            // After modification, the image is prefixed by mime info like the following:
+            // data:image/jpeg;base64,; This causes the image library to be unhappy, so we need to remove it.
+            $header = explode(';', $image_data, 2)[0];
+            // Grab the image type from the header while we're at it.
+            $extension = substr($header, strpos($header, '/')+1);
+            // Start reading the image after the first comma, postceding the base64.
+            $image = substr($image_data, strpos($image_data, ',')+1);
+
+            $file_name = str_random(25).".".$extension;
+
+            $directory= public_path($save_path);
+            // Check if the uploads directory exists.  If not, try to create it.
+            if (!file_exists($directory)) {
+                mkdir($directory, 0755, true);
+            }
+
+            $path = public_path($save_path.$file_name);
+
+            try {
+                Image::make($image)->resize(500, 500, function ($constraint) {
+                    $constraint->aspectRatio();
+                    $constraint->upsize();
+                })->save($path);
+            } catch (\Exception $e) {
+                return false;
+            }
+
+            return $file_name;
+        }
+
+        return false;
+    }

 }
--- a/app/Http/Controllers/Accessories/AccessoriesController.php
+++ b/app/Http/Controllers/Accessories/AccessoriesController.php
@@ -0,0 +1,207 @@
+<?php
+namespace App\Http\Controllers\Accessories;
+
+use App\Helpers\Helper;
+use App\Http\Controllers\Controller;
+use App\Http\Requests\ImageUploadRequest;
+use App\Models\Accessory;
+use App\Models\Company;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Storage;
+use Redirect;
+
+/** This controller handles all actions related to Accessories for
+ * the Snipe-IT Asset Management application.
+ *
+ * @version    v1.0
+ */
+class AccessoriesController extends Controller
+{
+    /**
+     * Returns a view that invokes the ajax tables which actually contains
+     * the content for the accessories listing, which is generated in getDatatable.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @see AccessoriesController::getDatatable() method that generates the JSON response
+     * @since [v1.0]
+     * @return View
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function index()
+    {
+        $this->authorize('index', Accessory::class);
+        return view('accessories/index');
+    }
+
+
+    /**
+     * Returns a view with a form to create a new Accessory.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @return View
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function create()
+    {
+        $this->authorize('create', Accessory::class);
+        $category_type = 'accessory';
+        return view('accessories/edit')->with('category_type', $category_type)
+          ->with('item', new Accessory);
+    }
+
+
+    /**
+     * Validate and save new Accessory from form post
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param ImageUploadRequest $request
+     * @return Redirect
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function store(ImageUploadRequest $request)
+    {
+        $this->authorize(Accessory::class);
+        // create a new model instance
+        $accessory = new Accessory();
+
+        // Update the accessory data
+        $accessory->name                    = request('name');
+        $accessory->category_id             = request('category_id');
+        $accessory->location_id             = request('location_id');
+        $accessory->min_amt                 = request('min_amt');
+        $accessory->company_id              = Company::getIdForCurrentUser(request('company_id'));
+        $accessory->order_number            = request('order_number');
+        $accessory->manufacturer_id         = request('manufacturer_id');
+        $accessory->model_number            = request('model_number');
+        $accessory->purchase_date           = request('purchase_date');
+        $accessory->purchase_cost           = Helper::ParseFloat(request('purchase_cost'));
+        $accessory->qty                     = request('qty');
+        $accessory->user_id                 = Auth::user()->id;
+        $accessory->supplier_id             = request('supplier_id');
+
+        $accessory = $request->handleImages($accessory);
+        
+        // Was the accessory created?
+        if ($accessory->save()) {
+            // Redirect to the new accessory  page
+            return redirect()->route('accessories.index')->with('success', trans('admin/accessories/message.create.success'));
+        }
+        return redirect()->back()->withInput()->withErrors($accessory->getErrors());
+    }
+
+    /**
+     * Return view for the Accessory update form, prepopulated with existing data
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param  int $accessoryId
+     * @return View
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function edit($accessoryId = null)
+    {
+
+        if ($item = Accessory::find($accessoryId)) {
+            $this->authorize($item);
+            return view('accessories/edit', compact('item'))->with('category_type', 'accessory');
+        }
+
+        return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist'));
+
+    }
+
+
+    /**
+     * Save edited Accessory from form post
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param ImageUploadRequest $request
+     * @param  int $accessoryId
+     * @return Redirect
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function update(ImageUploadRequest $request, $accessoryId = null)
+    {
+        if (is_null($accessory = Accessory::find($accessoryId))) {
+            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist'));
+        }
+
+        $this->authorize($accessory);
+
+        // Update the accessory data
+        $accessory->name                    = request('name');
+        $accessory->location_id             = request('location_id');
+        $accessory->min_amt                 = request('min_amt');
+        $accessory->category_id             = request('category_id');
+        $accessory->company_id              = Company::getIdForCurrentUser(request('company_id'));
+        $accessory->manufacturer_id         = request('manufacturer_id');
+        $accessory->order_number            = request('order_number');
+        $accessory->model_number            = request('model_number');
+        $accessory->purchase_date           = request('purchase_date');
+        $accessory->purchase_cost           = request('purchase_cost');
+        $accessory->qty                     = request('qty');
+        $accessory->supplier_id             = request('supplier_id');
+
+        $accessory = $request->handleImages($accessory);
+
+        // Was the accessory updated?
+        if ($accessory->save()) {
+            return redirect()->route('accessories.index')->with('success', trans('admin/accessories/message.update.success'));
+        }
+        return redirect()->back()->withInput()->withErrors($accessory->getErrors());
+    }
+
+    /**
+     * Delete the given accessory.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param  int $accessoryId
+     * @return Redirect
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function destroy($accessoryId)
+    {
+        if (is_null($accessory = Accessory::find($accessoryId))) {
+            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.not_found'));
+        }
+
+        $this->authorize($accessory);
+
+
+        if ($accessory->hasUsers() > 0) {
+             return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.assoc_users', array('count'=> $accessory->hasUsers())));
+        }
+
+        if ($accessory->image) {
+            try  {
+                Storage::disk('public')->delete('accessories'.'/'.$accessory->image);
+            } catch (\Exception $e) {
+                \Log::debug($e);
+            }
+        }
+
+        $accessory->delete();
+        return redirect()->route('accessories.index')->with('success', trans('admin/accessories/message.delete.success'));
+    }
+
+
+    /**
+     * Returns a view that invokes the ajax table which  contains
+     * the content for the accessory detail view, which is generated in getDataView.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param  int $accessoryID
+     * @see AccessoriesController::getDataView() method that generates the JSON response
+     * @since [v1.0]
+     * @return View
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function show($accessoryID = null)
+    {
+        $accessory = Accessory::find($accessoryID);
+        $this->authorize('view', $accessory);
+        if (isset($accessory->id)) {
+            return view('accessories/view', compact('accessory'));
+        }
+        return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist', ['id' => $accessoryID]));
+    }
+}
--- a/app/Http/Controllers/Accessories/AccessoryCheckinController.php
+++ b/app/Http/Controllers/Accessories/AccessoryCheckinController.php
@@ -0,0 +1,78 @@
+<?php
+
+namespace App\Http\Controllers\Accessories;
+
+use App\Events\CheckoutableCheckedIn;
+use App\Http\Controllers\Controller;
+use App\Models\Accessory;
+use App\Models\User;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\DB;
+
+class AccessoryCheckinController extends Controller
+{
+    /**
+     * Check the accessory back into inventory
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param Request $request
+     * @param integer $accessoryUserId
+     * @param string $backto
+     * @return View
+     * @internal param int $accessoryId
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function create($accessoryUserId = null, $backto = null)
+    {
+        // Check if the accessory exists
+        if (is_null($accessory_user = DB::table('accessories_users')->find($accessoryUserId))) {
+            // Redirect to the accessory management page with error
+            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.not_found'));
+        }
+
+        $accessory = Accessory::find($accessory_user->accessory_id);
+        $this->authorize('checkin', $accessory);
+        return view('accessories/checkin', compact('accessory'))->with('backto', $backto);
+    }
+
+    /**
+     * Check in the item so that it can be checked out again to someone else
+     *
+     * @uses Accessory::checkin_email() to determine if an email can and should be sent
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param null $accessoryUserId
+     * @param string $backto
+     * @return Redirect
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     * @internal param int $accessoryId
+     */
+    public function store(Request $request, $accessoryUserId = null, $backto = null)
+    {
+      // Check if the accessory exists
+        if (is_null($accessory_user = DB::table('accessories_users')->find($accessoryUserId))) {
+            // Redirect to the accessory management page with error
+            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist'));
+        }
+
+        $accessory = Accessory::find($accessory_user->accessory_id);
+
+        $this->authorize('checkin', $accessory);
+
+        $checkin_at = date('Y-m-d');
+        if($request->filled('checkin_at')){
+            $checkin_at = $request->input('checkin_at');
+        }
+
+        // Was the accessory updated?
+        if (DB::table('accessories_users')->where('id', '=', $accessory_user->id)->delete()) {
+            $return_to = e($accessory_user->assigned_to);
+
+            event(new CheckoutableCheckedIn($accessory, User::find($return_to), Auth::user(), $request->input('note'), $checkin_at));
+
+            return redirect()->route("accessories.show", $accessory->id)->with('success', trans('admin/accessories/message.checkin.success'));
+        }
+        // Redirect to the accessory management page with error
+        return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.checkin.error'));
+    }
+}
--- a/app/Http/Controllers/Accessories/AccessoryCheckoutController.php
+++ b/app/Http/Controllers/Accessories/AccessoryCheckoutController.php
@@ -0,0 +1,89 @@
+<?php
+
+namespace App\Http\Controllers\Accessories;
+
+use App\Events\CheckoutableCheckedOut;
+use App\Http\Controllers\Controller;
+use App\Models\Accessory;
+use App\Models\User;
+use Carbon\Carbon;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Input;
+
+class AccessoryCheckoutController extends Controller
+{
+
+    /**
+     * Return the form to checkout an Accessory to a user.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param  int $accessoryId
+     * @return View
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function create($accessoryId)
+    {
+        // Check if the accessory exists
+        if (is_null($accessory = Accessory::find($accessoryId))) {
+            // Redirect to the accessory management page with error
+            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.not_found'));
+        }
+
+        if ($accessory->category) {
+
+            $this->authorize('checkout', $accessory);
+
+            // Get the dropdown of users and then pass it to the checkout view
+            return view('accessories/checkout', compact('accessory'));
+        }
+
+        return redirect()->back()->with('error', 'The category type for this accessory is not valid. Edit the accessory and select a valid accessory category.');
+    }
+
+    /**
+     * Save the Accessory checkout information.
+     *
+     * If Slack is enabled and/or asset acceptance is enabled, it will also
+     * trigger a Slack message and send an email.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param Request $request
+     * @param  int $accessoryId
+     * @return Redirect
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function store(Request $request, $accessoryId)
+    {
+      // Check if the accessory exists
+        if (is_null($accessory = Accessory::find($accessoryId))) {
+            // Redirect to the accessory management page with error
+            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.user_not_found'));
+        }
+
+        $this->authorize('checkout', $accessory);
+
+        if (!$user = User::find($request->input('assigned_to'))) {
+            return redirect()->route('checkout/accessory', $accessory->id)->with('error', trans('admin/accessories/message.checkout.user_does_not_exist'));
+        }
+
+      // Update the accessory data
+        $accessory->assigned_to = e($request->input('assigned_to'));
+
+        $accessory->users()->attach($accessory->id, [
+            'accessory_id' => $accessory->id,
+            'created_at' => Carbon::now(),
+            'user_id' => Auth::id(),
+            'assigned_to' => $request->get('assigned_to'),
+            'note' => $request->input('note')
+        ]);
+
+        DB::table('accessories_users')->where('assigned_to', '=', $accessory->assigned_to)->where('accessory_id', '=', $accessory->id)->first();
+
+        event(new CheckoutableCheckedOut($accessory, $user, Auth::user(), $request->input('note')));
+
+      // Redirect to the new accessory page
+        return redirect()->route('accessories.index')->with('success', trans('admin/accessories/message.checkout.success'));
+    }
+}
--- a/app/Http/Controllers/AccessoriesController.php
+++ b/app/Http/Controllers/AccessoriesController.php
@@ -1,402 +0,0 @@
-<?php
-namespace App\Http\Controllers;
-
-use App\Helpers\Helper;
-use App\Models\Accessory;
-use App\Models\Company;
-use App\Models\User;
-use Auth;
-use Carbon\Carbon;
-use Config;
-use DB;
-use Gate;
-use Input;
-use Lang;
-use Redirect;
-use Illuminate\Http\Request;
-use Slack;
-use Str;
-use View;
-use Image;
-use App\Http\Requests\ImageUploadRequest;
-
-/** This controller handles all actions related to Accessories for
- * the Snipe-IT Asset Management application.
- *
- * @version    v1.0
- */
-class AccessoriesController extends Controller
-{
-
-    /**
-    * Returns a view that invokes the ajax tables which actually contains
-    * the content for the accessories listing, which is generated in getDatatable.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see AccessoriesController::getDatatable() method that generates the JSON response
-    * @since [v1.0]
-    * @return View
-    */
-    public function index(Request $request)
-    {
-        $this->authorize('index', Accessory::class);
-        return view('accessories/index');
-    }
-
-
-  /**
-   * Returns a view with a form to create a new Accessory.
-   *
-   * @author [A. Gianotto] [<snipe@snipe.net>]
-   * @return View
-   */
-    public function create(Request $request)
-    {
-        $this->authorize('create', Accessory::class);
-        $category_type = 'accessory';
-        return view('accessories/edit')->with('category_type', $category_type)
-          ->with('item', new Accessory);
-    }
-
-
-  /**
-   * Validate and save new Accessory from form post
-   *
-   * @author [A. Gianotto] [<snipe@snipe.net>]
-   * @return Redirect
-   */
-    public function store(ImageUploadRequest $request)
-    {
-        $this->authorize(Accessory::class);
-        // create a new model instance
-        $accessory = new Accessory();
-
-        // Update the accessory data
-        $accessory->name                    = request('name');
-        $accessory->category_id             = request('category_id');
-        $accessory->location_id             = request('location_id');
-        $accessory->min_amt                 = request('min_amt');
-        $accessory->company_id              = Company::getIdForCurrentUser(request('company_id'));
-        $accessory->order_number            = request('order_number');
-        $accessory->manufacturer_id         = request('manufacturer_id');
-        $accessory->model_number            = request('model_number');
-        $accessory->purchase_date           = request('purchase_date');
-        $accessory->purchase_cost           = Helper::ParseFloat(request('purchase_cost'));
-        $accessory->qty                     = request('qty');
-        $accessory->user_id                 = Auth::user()->id;
-        $accessory->supplier_id             = request('supplier_id');
-
-        if ($request->hasFile('image')) {
-
-            if (!config('app.lock_passwords')) {
-                $image = $request->file('image');
-                $ext = $image->getClientOriginalExtension();
-                $file_name = "accessory-".str_random(18).'.'.$ext;
-                $path = public_path('/uploads/accessories');
-                if ($image->getClientOriginalExtension()!='svg') {
-                    Image::make($image->getRealPath())->resize(null, 250, function ($constraint) {
-                        $constraint->aspectRatio();
-                        $constraint->upsize();
-                    })->save($path.'/'.$file_name);
-                } else {
-                    $image->move($path, $file_name);
-                }
-                $accessory->image = $file_name;
-            }
-        }
-
-
-
-        // Was the accessory created?
-        if ($accessory->save()) {
-            // Redirect to the new accessory  page
-            return redirect()->route('accessories.index')->with('success', trans('admin/accessories/message.create.success'));
-        }
-        return redirect()->back()->withInput()->withErrors($accessory->getErrors());
-    }
-
-  /**
-   * Return view for the Accessory update form, prepopulated with existing data
-   *
-   * @author [A. Gianotto] [<snipe@snipe.net>]
-   * @param  int  $accessoryId
-   * @return View
-   */
-    public function edit(Request $request, $accessoryId = null)
-    {
-
-        if ($item = Accessory::find($accessoryId)) {
-            $this->authorize($item);
-            $category_type = 'accessory';
-            return view('accessories/edit', compact('item'))->with('category_type', $category_type);
-        }
-
-        return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist'));
-
-    }
-
-
-  /**
-   * Save edited Accessory from form post
-   *
-   * @author [A. Gianotto] [<snipe@snipe.net>]
-   * @param  int  $accessoryId
-   * @return Redirect
-   */
-    public function update(ImageUploadRequest $request, $accessoryId = null)
-    {
-        if (is_null($accessory = Accessory::find($accessoryId))) {
-            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist'));
-        }
-
-        $this->authorize($accessory);
-
-        // Update the accessory data
-        $accessory->name                    = request('name');
-        $accessory->location_id             = request('location_id');
-        $accessory->min_amt                 = request('min_amt');
-        $accessory->category_id             = request('category_id');
-        $accessory->company_id              = Company::getIdForCurrentUser(request('company_id'));
-        $accessory->manufacturer_id         = request('manufacturer_id');
-        $accessory->order_number            = request('order_number');
-        $accessory->model_number            = request('model_number');
-        $accessory->purchase_date           = request('purchase_date');
-        $accessory->purchase_cost           = request('purchase_cost');
-        $accessory->qty                     = request('qty');
-        $accessory->supplier_id             = request('supplier_id');
-
-        if ($request->hasFile('image')) {
-            
-            if (!config('app.lock_passwords')) {
-                
-                
-                $image = $request->file('image');
-                $ext = $image->getClientOriginalExtension();
-                $file_name = "accessory-".str_random(18).'.'.$ext;
-                $path = public_path('/uploads/accessories');
-                if ($image->getClientOriginalExtension()!='svg') {
-                    Image::make($image->getRealPath())->resize(null, 250, function ($constraint) {
-                        $constraint->aspectRatio();
-                        $constraint->upsize();
-                    })->save($path.'/'.$file_name);
-                } else {
-                    $image->move($path, $file_name);
-                }
-                if (($accessory->image) && (file_exists($path.'/'.$accessory->image))) {
-                    unlink($path.'/'.$accessory->image);
-                }
-
-                $accessory->image = $file_name;
-            }
-        }
-
-
-        // Was the accessory updated?
-        if ($accessory->save()) {
-            return redirect()->route('accessories.index')->with('success', trans('admin/accessories/message.update.success'));
-        }
-        return redirect()->back()->withInput()->withErrors($accessory->getErrors());
-    }
-
-  /**
-   * Delete the given accessory.
-   *
-   * @author [A. Gianotto] [<snipe@snipe.net>]
-   * @param  int  $accessoryId
-   * @return Redirect
-   */
-    public function destroy(Request $request, $accessoryId)
-    {
-        if (is_null($accessory = Accessory::find($accessoryId))) {
-            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.not_found'));
-        }
-
-        $this->authorize($accessory);
-
-
-        if ($accessory->hasUsers() > 0) {
-             return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.assoc_users', array('count'=> $accessory->hasUsers())));
-        }
-        $accessory->delete();
-        return redirect()->route('accessories.index')->with('success', trans('admin/accessories/message.delete.success'));
-    }
-
-
-
-  /**
-  * Returns a view that invokes the ajax table which  contains
-  * the content for the accessory detail view, which is generated in getDataView.
-  *
-  * @author [A. Gianotto] [<snipe@snipe.net>]
-  * @param  int  $accessoryID
-  * @see AccessoriesController::getDataView() method that generates the JSON response
-  * @since [v1.0]
-  * @return View
-  */
-    public function show(Request $request, $accessoryID = null)
-    {
-        $accessory = Accessory::find($accessoryID);
-        $this->authorize('view', $accessory);
-        if (isset($accessory->id)) {
-            return view('accessories/view', compact('accessory'));
-        }
-        return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist', compact('id')));
-    }
-
-  /**
-   * Return the form to checkout an Accessory to a user.
-   *
-   * @author [A. Gianotto] [<snipe@snipe.net>]
-   * @param  int  $accessoryId
-   * @return View
-   */
-    public function getCheckout(Request $request, $accessoryId)
-    {
-        // Check if the accessory exists
-        if (is_null($accessory = Accessory::find($accessoryId))) {
-            // Redirect to the accessory management page with error
-            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.not_found'));
-        }
-
-        if ($accessory->category) {
-
-            $this->authorize('checkout', $accessory);
-
-            // Get the dropdown of users and then pass it to the checkout view
-            return view('accessories/checkout', compact('accessory'));
-        }
-
-        return redirect()->back()->with('error', 'The category type for this accessory is not valid. Edit the accessory and select a valid accessory category.');
-
-
-
-    }
-
-  /**
-   * Save the Accessory checkout information.
-   *
-   * If Slack is enabled and/or asset acceptance is enabled, it will also
-   * trigger a Slack message and send an email.
-   *
-   * @author [A. Gianotto] [<snipe@snipe.net>]
-   * @param  int  $accessoryId
-   * @return Redirect
-   */
-    public function postCheckout(Request $request, $accessoryId)
-    {
-      // Check if the accessory exists
-        if (is_null($accessory = Accessory::find($accessoryId))) {
-            // Redirect to the accessory management page with error
-            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.user_not_found'));
-        }
-
-        $this->authorize('checkout', $accessory);
-
-        if (!$user = User::find(Input::get('assigned_to'))) {
-            return redirect()->route('checkout/accessory', $accessory->id)->with('error', trans('admin/accessories/message.checkout.user_does_not_exist'));
-        }
-
-      // Update the accessory data
-        $accessory->assigned_to = e(Input::get('assigned_to'));
-
-        $accessory->users()->attach($accessory->id, [
-            'accessory_id' => $accessory->id,
-            'created_at' => Carbon::now(),
-            'user_id' => Auth::id(),
-            'assigned_to' => $request->get('assigned_to')
-        ]);
-
-        $logaction = $accessory->logCheckout(e(Input::get('note')), $user);
-
-        DB::table('accessories_users')->where('assigned_to', '=', $accessory->assigned_to)->where('accessory_id', '=', $accessory->id)->first();
-
-        $data['log_id'] = $logaction->id;
-        $data['eula'] = $accessory->getEula();
-        $data['first_name'] = $user->first_name;
-        $data['item_name'] = $accessory->name;
-        $data['checkout_date'] = $logaction->created_at;
-        $data['item_tag'] = '';
-        $data['expected_checkin'] = '';
-        $data['note'] = $logaction->note;
-        $data['require_acceptance'] = $accessory->requireAcceptance();
-
-      // Redirect to the new accessory page
-        return redirect()->route('accessories.index')->with('success', trans('admin/accessories/message.checkout.success'));
-    }
-
-
-    /**
-     * Check the accessory back into inventory
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @param Request $request
-     * @param integer $accessoryUserId
-     * @param string $backto
-     * @return View
-     * @internal param int $accessoryId
-     */
-    public function getCheckin(Request $request, $accessoryUserId = null, $backto = null)
-    {
-        // Check if the accessory exists
-        if (is_null($accessory_user = DB::table('accessories_users')->find($accessoryUserId))) {
-            // Redirect to the accessory management page with error
-            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.not_found'));
-        }
-
-        $accessory = Accessory::find($accessory_user->accessory_id);
-        $this->authorize('checkin', $accessory);
-        return view('accessories/checkin', compact('accessory'))->with('backto', $backto);
-    }
-
-
-    /**
-     * Check in the item so that it can be checked out again to someone else
-     *
-     * @uses Accessory::checkin_email() to determine if an email can and should be sent
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @param Request $request
-     * @param integer $accessoryUserId
-     * @param string $backto
-     * @return Redirect
-     * @internal param int $accessoryId
-     */
-    public function postCheckin(Request $request, $accessoryUserId = null, $backto = null)
-    {
-      // Check if the accessory exists
-        if (is_null($accessory_user = DB::table('accessories_users')->find($accessoryUserId))) {
-            // Redirect to the accessory management page with error
-            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist'));
-        }
-
-        $accessory = Accessory::find($accessory_user->accessory_id);
-
-        $this->authorize('checkin', $accessory);
-
-        $return_to = e($accessory_user->assigned_to);
-        $logaction = $accessory->logCheckin(User::find($return_to), e(Input::get('note')));
-
-        // Was the accessory updated?
-        if (DB::table('accessories_users')->where('id', '=', $accessory_user->id)->delete()) {
-            if (!is_null($accessory_user->assigned_to)) {
-                $user = User::find($accessory_user->assigned_to);
-            }
-
-            $data['log_id'] = $logaction->id;
-            $data['first_name'] = e($user->first_name);
-            $data['last_name'] = e($user->last_name);
-            $data['item_name'] = e($accessory->name);
-            $data['checkin_date'] = e($logaction->created_at);
-            $data['item_tag'] = '';
-            $data['note'] = e($logaction->note);
-
-            if ($backto=='user') {
-                return redirect()->route("users.show", $return_to)->with('success', trans('admin/accessories/message.checkin.success'));
-            }
-            return redirect()->route("accessories.show", $accessory->id)->with('success', trans('admin/accessories/message.checkin.success'));
-        }
-        // Redirect to the accessory management page with error
-        return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.checkin.error'));
-    }
-
-
-}
--- a/app/Http/Controllers/Account/AcceptanceController.php
+++ b/app/Http/Controllers/Account/AcceptanceController.php
@@ -0,0 +1,127 @@
+<?php 
+namespace App\Http\Controllers\Account;
+
+use App\Events\CheckoutAccepted;
+use App\Events\CheckoutDeclined;
+use App\Events\ItemAccepted;
+use App\Events\ItemDeclined;
+use App\Http\Controllers\Controller;
+use App\Models\CheckoutAcceptance;
+use App\Models\Company;
+use App\Models\Contracts\Acceptable;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Storage;
+use Illuminate\Support\Str;
+
+class AcceptanceController extends Controller {
+	
+    /**
+     * Show a listing of pending checkout acceptances for the current user
+     * 
+     * @return View
+     */
+    public function index() {
+        $acceptances = CheckoutAcceptance::forUser(Auth::user())->pending()->get();
+
+        return view('account/accept.index', compact('acceptances'));
+    }
+
+    /**
+     * Shows a form to either accept or decline the checkout acceptance
+     * 
+     * @param  int  $id
+     * @return mixed
+     */
+	public function create($id) {
+
+        $acceptance = CheckoutAcceptance::find($id);
+
+        if (is_null($acceptance)) {
+            return redirect()->route('account.accept')->with('error', trans('admin/hardware/message.does_not_exist'));
+        }
+
+        if (! $acceptance->isPending()) {
+            return redirect()->route('account.accept')->with('error', trans('admin/users/message.error.asset_already_accepted'));
+        }        
+
+        if (! $acceptance->isCheckedOutTo(Auth::user())) {
+            return redirect()->route('account.accept')->with('error', trans('admin/users/message.error.incorrect_user_accepted'));
+        }
+
+        if (!Company::isCurrentUserHasAccess($acceptance->checkoutable)) {
+            return redirect()->route('account.accept')->with('error', trans('general.insufficient_permissions'));
+        }        
+
+        return view('account/accept.create', compact('acceptance'));
+	}
+
+    /**
+     * Stores the accept/decline of the checkout acceptance
+     * 
+     * @param  Request $request
+     * @param  int  $id
+     * @return Redirect
+     */
+    public function store(Request $request, $id) {
+        
+        $acceptance = CheckoutAcceptance::find($id);
+
+        if (is_null($acceptance)) {
+            return redirect()->route('account.accept')->with('error', trans('admin/hardware/message.does_not_exist'));
+        }
+
+        if (! $acceptance->isPending()) {
+            return redirect()->route('account.accept')->with('error', trans('admin/users/message.error.asset_already_accepted'));
+        }        
+
+        if (! $acceptance->isCheckedOutTo(Auth::user())) {
+            return redirect()->route('account.accept')->with('error', trans('admin/users/message.error.incorrect_user_accepted'));
+        }
+
+        if (!Company::isCurrentUserHasAccess($acceptance->checkoutable)) {
+            return redirect()->route('account.accept')->with('error', trans('general.insufficient_permissions'));
+        }   
+
+        if (!$request->filled('asset_acceptance')) {
+            return redirect()->back()->with('error', trans('admin/users/message.error.accept_or_decline'));
+        }
+
+        /**
+         * Get the signature and save it
+         */
+
+        if (!Storage::exists('private_uploads/signatures'))  Storage::makeDirectory('private_uploads/signatures', 775);
+
+
+        $sig_filename = '';
+        if ($request->filled('signature_output')) {
+            $sig_filename = "siglog-" .Str::uuid() . '-'.date('Y-m-d-his').".png";
+            $data_uri = e($request->input('signature_output'));
+            $encoded_image = explode(",", $data_uri);
+            $decoded_image = base64_decode($encoded_image[1]);
+            Storage::put('private_uploads/signatures/'.$sig_filename, (string)$decoded_image);
+        }
+
+
+        if ($request->input('asset_acceptance') == 'accepted') {
+
+            $acceptance->accept($sig_filename);
+
+            event(new CheckoutAccepted($acceptance));
+
+            $return_msg = trans('admin/users/message.accepted');
+
+        } else {
+
+            $acceptance->decline($sig_filename);         
+
+            event(new CheckoutDeclined($acceptance));
+
+            $return_msg = trans('admin/users/message.declined');
+
+        }
+
+        return redirect()->to('account/accept')->with('success', $return_msg);
+    }	
+}
--- a/app/Http/Controllers/Api/AccessoriesController.php
+++ b/app/Http/Controllers/Api/AccessoriesController.php
@@ -2,13 +2,17 @@

 namespace App\Http\Controllers\Api;

-use Illuminate\Http\Request;
-use App\Http\Controllers\Controller;
 use App\Helpers\Helper;
-use App\Models\Accessory;
+use App\Http\Controllers\Controller;
 use App\Http\Transformers\AccessoriesTransformer;
+use App\Http\Transformers\SelectlistTransformer;
+use App\Models\Accessory;
 use App\Models\Company;
-
+use App\Models\User;
+use Carbon\Carbon;
+use Auth;
+use DB;
+use Illuminate\Http\Request;

 class AccessoriesController extends Controller
 {
@@ -24,30 +28,36 @@ class AccessoriesController extends Controller
        $this->authorize('view', Accessory::class);
        $allowed_columns = ['id','name','model_number','eol','notes','created_at','min_amt','company_id'];

-        $accessories = Accessory::whereNull('accessories.deleted_at')->with('category', 'company', 'manufacturer', 'users', 'location');
+        $accessories = Accessory::with('category', 'company', 'manufacturer', 'users', 'location');

-        if ($request->has('search')) {
+        if ($request->filled('search')) {
            $accessories = $accessories->TextSearch($request->input('search'));
        }

-        if ($request->has('company_id')) {
+        if ($request->filled('company_id')) {
            $accessories->where('company_id','=',$request->input('company_id'));
        }

-        if ($request->has('category_id')) {
+        if ($request->filled('category_id')) {
            $accessories->where('category_id','=',$request->input('category_id'));
        }

-        if ($request->has('manufacturer_id')) {
+        if ($request->filled('manufacturer_id')) {
            $accessories->where('manufacturer_id','=',$request->input('manufacturer_id'));
        }

-        if ($request->has('supplier_id')) {
+        if ($request->filled('supplier_id')) {
            $accessories->where('supplier_id','=',$request->input('supplier_id'));
        }

-        $offset = $request->input('offset', 0);
-        $limit = $request->input('limit', 50);
+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($accessories) && ($request->get('offset') > $accessories->count())) ? $accessories->count() : $request->get('offset', 0);
+
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');
+
+
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';

@@ -132,18 +142,36 @@ class AccessoriesController extends Controller
     * @param  int  $id
     * @return \Illuminate\Http\Response
     */
-    public function checkedout($id)
+    public function checkedout($id, Request $request)
    {
        $this->authorize('view', Accessory::class);

-        $accessory = Accessory::findOrFail($id);
+        $accessory = Accessory::with('lastCheckout')->findOrFail($id);
        if (!Company::isCurrentUserHasAccess($accessory)) {
            return ['total' => 0, 'rows' => []];
        }
+
+        $offset = request('offset', 0);
+        $limit = request('limit', 50);
+
        $accessory_users = $accessory->users;
        $total = $accessory_users->count();

-        return (new AccessoriesTransformer)->transformCheckedoutAccessory($accessory_users, $total);
+        if($total < $offset){
+            $offset = 0;
+        }
+
+        $accessory_users = $accessory->users()->skip($offset)->take($limit)->get();
+
+        if ($request->filled('search')) {
+            $accessory_users = $accessory->users()
+                                ->where('first_name', 'like', '%'.$request->input('search').'%')
+                                ->orWhere('last_name', 'like', '%'.$request->input('search').'%')
+                                ->get();
+            $total = $accessory_users->count();
+        }
+
+        return (new AccessoriesTransformer)->transformCheckedoutAccessory($accessory, $accessory_users, $total);
    }


@@ -158,7 +186,7 @@ class AccessoriesController extends Controller
     */
    public function update(Request $request, $id)
    {
-        $this->authorize('edit', Accessory::class);
+        $this->authorize('update', Accessory::class);
        $accessory = Accessory::findOrFail($id);
        $accessory->fill($request->all());

@@ -191,4 +219,121 @@ class AccessoriesController extends Controller
        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/accessories/message.delete.success')));

    }
+
+
+    /**
+     * Save the Accessory checkout information.
+     *
+     * If Slack is enabled and/or asset acceptance is enabled, it will also
+     * trigger a Slack message and send an email.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param  int  $accessoryId
+     * @return Redirect
+     */
+    public function checkout(Request $request, $accessoryId)
+    {
+        // Check if the accessory exists
+        if (is_null($accessory = Accessory::find($accessoryId))) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/accessories/message.does_not_exist')));
+        }
+
+        $this->authorize('checkout', $accessory);
+
+
+        if ($accessory->numRemaining() > 0) {
+
+            if (!$user = User::find($request->input('assigned_to'))) {
+                return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/accessories/message.checkout.user_does_not_exist')));
+            }
+
+            // Update the accessory data
+            $accessory->assigned_to = $request->input('assigned_to');
+
+            $accessory->users()->attach($accessory->id, [
+                'accessory_id' => $accessory->id,
+                'created_at' => Carbon::now(),
+                'user_id' => Auth::id(),
+                'assigned_to' => $request->get('assigned_to')
+            ]);
+
+            $accessory->logCheckout($request->input('note'), $user);
+
+            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/accessories/message.checkout.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, 'No accessories remaining'));
+
+    }
+
+    /**
+     * Check in the item so that it can be checked out again to someone else
+     *
+     * @uses Accessory::checkin_email() to determine if an email can and should be sent
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param Request $request
+     * @param integer $accessoryUserId
+     * @param string $backto
+     * @return Redirect
+     * @internal param int $accessoryId
+     */
+    public function checkin(Request $request, $accessoryUserId = null)
+    {
+        if (is_null($accessory_user = DB::table('accessories_users')->find($accessoryUserId))) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/accessories/message.does_not_exist')));
+        }
+
+        $accessory = Accessory::find($accessory_user->accessory_id);
+        $this->authorize('checkin', $accessory);
+
+        $logaction = $accessory->logCheckin(User::find($accessoryUserId), $request->input('note'));
+
+        // Was the accessory updated?
+        if (DB::table('accessories_users')->where('id', '=', $accessory_user->id)->delete()) {
+            if (!is_null($accessory_user->assigned_to)) {
+                $user = User::find($accessory_user->assigned_to);
+            }
+
+            $data['log_id'] = $logaction->id;
+            $data['first_name'] = $user->first_name;
+            $data['last_name'] = $user->last_name;
+            $data['item_name'] = $accessory->name;
+            $data['checkin_date'] = $logaction->created_at;
+            $data['item_tag'] = '';
+            $data['note'] = $logaction->note;
+
+            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/accessories/message.checkin.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/accessories/message.checkin.error')));
+
+    }
+
+
+    /**
+    * Gets a paginated collection for the select2 menus
+    *
+    * @see \App\Http\Transformers\SelectlistTransformer
+    *
+    */
+    public function selectlist(Request $request)
+    {
+
+        $accessories = Accessory::select([
+            'accessories.id',
+            'accessories.name'
+        ]);
+
+        if ($request->filled('search')) {
+            $accessories = $accessories->where('accessories.name', 'LIKE', '%'.$request->get('search').'%');
+        }
+
+        $accessories = $accessories->orderBy('name', 'ASC')->paginate(50);
+
+
+        return (new SelectlistTransformer)->transformSelectlist($accessories);
+    }
+
+
+
 }
--- a/app/Http/Controllers/Api/AssetMaintenancesController.php
+++ b/app/Http/Controllers/Api/AssetMaintenancesController.php
@@ -9,7 +9,6 @@ use App\Models\AssetMaintenance;
 use App\Models\Company;
 use Auth;
 use Carbon\Carbon;
-use Gate;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Input;

@@ -34,18 +33,23 @@ class AssetMaintenancesController extends Controller
     */
    public function index(Request $request)
    {
-        $maintenances = AssetMaintenance::with('asset', 'supplier', 'asset.company', 'admin');
+        $maintenances = AssetMaintenance::with('asset', 'asset.model','asset.location', 'supplier', 'asset.company', 'admin');

-        if (Input::has('search')) {
-            $maintenances = $maintenances->TextSearch(e($request->input('search')));
+        if ($request->filled('search')) {
+            $maintenances = $maintenances->TextSearch($request->input('search'));
        }

-        if ($request->has('asset_id')) {
+        if ($request->filled('asset_id')) {
            $maintenances->where('asset_id', '=', $request->input('asset_id'));
        }

-        $offset = request('offset', 0);
-        $limit = request('limit', 50);
+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($maintenances) && ($request->get('offset') > $maintenances->count())) ? $maintenances->count() : $request->get('offset', 0);
+
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');
+

        $allowed_columns = [
                                'id',
@@ -60,8 +64,8 @@ class AssetMaintenancesController extends Controller
                                'asset_name',
                                'user_id'
                            ];
-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';

        switch ($sort) {
            case 'user_id':
--- a/app/Http/Controllers/Api/AssetModelsController.php
+++ b/app/Http/Controllers/Api/AssetModelsController.php
@@ -1,15 +1,15 @@
 <?php
 namespace App\Http\Controllers\Api;

-use App\Models\AssetModel;
-use App\Models\Asset;
-use App\Http\Controllers\Controller;
 use App\Helpers\Helper;
-use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
 use App\Http\Transformers\AssetModelsTransformer;
 use App\Http\Transformers\AssetsTransformer;
 use App\Http\Transformers\SelectlistTransformer;
-
+use App\Models\Asset;
+use App\Models\AssetModel;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Storage;

 /**
 * This class controls all actions related to asset models for
@@ -30,7 +30,20 @@ class AssetModelsController extends Controller
    public function index(Request $request)
    {
        $this->authorize('view', AssetModel::class);
-        $allowed_columns = ['id','image','name','model_number','eol','notes','created_at','manufacturer','assets_count'];
+        $allowed_columns =
+            [
+                'id',
+                'image',
+                'name',
+                'model_number',
+                'eol',
+                'notes',
+                'created_at',
+                'manufacturer',
+                'requestable',
+                'assets_count',
+                'category'
+            ];

        $assetmodels = AssetModel::select([
            'models.id',
@@ -38,6 +51,7 @@ class AssetModelsController extends Controller
            'models.name',
            'model_number',
            'eol',
+            'requestable',
            'models.notes',
            'models.created_at',
            'category_id',
@@ -48,20 +62,25 @@ class AssetModelsController extends Controller
            'models.updated_at',
         ])
            ->with('category','depreciation', 'manufacturer','fieldset')
-            ->withCount('assets');
+            ->withCount('assets as assets_count');



-        if ($request->has('status')) {
+        if ($request->filled('status')) {
            $assetmodels->onlyTrashed();
        }

-        if ($request->has('search')) {
+        if ($request->filled('search')) {
            $assetmodels->TextSearch($request->input('search'));
        }

-        $offset = $request->input('offset', 0);
-        $limit = $request->input('limit', 50);
+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($assetmodels) && ($request->get('offset') > $assetmodels->count())) ? $assetmodels->count() : $request->get('offset', 0);
+
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');
+
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'models.created_at';

@@ -69,13 +88,14 @@ class AssetModelsController extends Controller
            case 'manufacturer':
                $assetmodels->OrderManufacturer($order);
                break;
+            case 'category':
+                $assetmodels->OrderCategory($order);
+                break;
            default:
                $assetmodels->orderBy($sort, $order);
                break;
        }

-
-
        $total = $assetmodels->count();
        $assetmodels = $assetmodels->skip($offset)->take($limit)->get();
        return (new AssetModelsTransformer)->transformAssetModels($assetmodels, $total);
@@ -114,7 +134,7 @@ class AssetModelsController extends Controller
    public function show($id)
    {
        $this->authorize('view', AssetModel::class);
-        $assetmodel = AssetModel::withCount('assets')->findOrFail($id);
+        $assetmodel = AssetModel::withCount('assets as assets_count')->findOrFail($id);
        return (new AssetModelsTransformer)->transformAssetModel($assetmodel);
    }

@@ -145,10 +165,22 @@ class AssetModelsController extends Controller
     */
    public function update(Request $request, $id)
    {
-        $this->authorize('edit', AssetModel::class);
+        $this->authorize('update', AssetModel::class);
        $assetmodel = AssetModel::findOrFail($id);
        $assetmodel->fill($request->all());
-        $assetmodel->fieldset_id = $request->get("custom_fieldset_id");
+
+        /**
+         * Allow custom_fieldset_id to override and populate fieldset_id.
+         * This is stupid, but required for legacy API support.
+         *
+         * I have no idea why we manually overrode that field name
+         * in previous versions. I assume there was a good reason for
+         * it, but I'll be damned if I can think of one. - snipe
+         */
+        if ($request->filled('custom_fieldset_id')) {
+            $assetmodel->fieldset_id = $request->get("custom_fieldset_id");
+        }
+

        if ($assetmodel->save()) {
            return response()->json(Helper::formatStandardApiResponse('success', $assetmodel, trans('admin/models/message.update.success')));
@@ -177,9 +209,9 @@ class AssetModelsController extends Controller

        if ($assetmodel->image) {
            try  {
-                unlink(public_path().'/uploads/models/'.$assetmodel->image);
+                Storage::disk('public')->delete('assetmodels/'.$assetmodel->image);
            } catch (\Exception $e) {
-                \Log::error($e);
+                \Log::info($e);
            }
        }

@@ -210,7 +242,7 @@ class AssetModelsController extends Controller

        $settings = \App\Models\Setting::getSettings();

-        if ($request->has('search')) {
+        if ($request->filled('search')) {
            $assetmodels = $assetmodels->SearchByManufacturerOrCat($request->input('search'));
        }

@@ -221,20 +253,20 @@ class AssetModelsController extends Controller
            $assetmodel->use_text = '';

            if ($settings->modellistCheckedValue('category')) {
-                $assetmodel->use_text .= (($assetmodel->category) ? e($assetmodel->category->name).' - ' : '');
+                $assetmodel->use_text .= (($assetmodel->category) ? $assetmodel->category->name.' - ' : '');
            }

            if ($settings->modellistCheckedValue('manufacturer')) {
-                $assetmodel->use_text .= (($assetmodel->manufacturer) ? e($assetmodel->manufacturer->name).' ' : '');
+                $assetmodel->use_text .= (($assetmodel->manufacturer) ? $assetmodel->manufacturer->name.' ' : '');
            }

-            $assetmodel->use_text .=  e($assetmodel->name);
+            $assetmodel->use_text .=  $assetmodel->name;

            if (($settings->modellistCheckedValue('model_number')) && ($assetmodel->model_number!='')) {
-                $assetmodel->use_text .=  ' (#'.e($assetmodel->model_number).')';
+                $assetmodel->use_text .=  ' (#'.$assetmodel->model_number.')';
            }

-            $assetmodel->use_image = ($settings->modellistCheckedValue('image') && ($assetmodel->image)) ? url('/').'/uploads/models/'.$assetmodel->image : null;
+            $assetmodel->use_image = ($settings->modellistCheckedValue('image') && ($assetmodel->image)) ? Storage::disk('public')->url('models/'.e($assetmodel->image)) : null;
        }

        return (new SelectlistTransformer)->transformSelectlist($assetmodels);
--- a/app/Http/Controllers/Api/AssetsController.php
+++ b/app/Http/Controllers/Api/AssetsController.php
@@ -1,37 +1,31 @@
 <?php
 namespace App\Http\Controllers\Api;

+use Illuminate\Support\Facades\Gate;
 use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
-use App\Http\Requests\AssetRequest;
 use App\Http\Requests\AssetCheckoutRequest;
 use App\Http\Transformers\AssetsTransformer;
+use App\Http\Transformers\LicensesTransformer;
+use App\Http\Transformers\SelectlistTransformer;
 use App\Models\Asset;
 use App\Models\AssetModel;
 use App\Models\Company;
 use App\Models\CustomField;
+use App\Models\License;
 use App\Models\Location;
 use App\Models\Setting;
 use App\Models\User;
-use Artisan;
 use Auth;
 use Carbon\Carbon;
-use Config;
 use DB;
-use Gate;
 use Illuminate\Http\Request;
 use Input;
-use Lang;
-use Log;
-use Mail;
 use Paginator;
-use Response;
 use Slack;
 use Str;
 use TCPDF;
 use Validator;
-use View;
-use App\Http\Transformers\SelectlistTransformer;


 /**
@@ -52,7 +46,7 @@ class AssetsController extends Controller
     * @since [v4.0]
     * @return JsonResponse
     */
-    public function index(Request $request)
+    public function index(Request $request, $audit = null)
    {

        $this->authorize('index', Asset::class);
@@ -84,7 +78,7 @@ class AssetsController extends Controller

        $filter = array();

-        if ($request->has('filter')) {
+        if ($request->filled('filter')) {
            $filter = json_decode($request->input('filter'), true);
        }

@@ -95,13 +89,13 @@ class AssetsController extends Controller

        $assets = Company::scopeCompanyables(Asset::select('assets.*'),"company_id","assets")
            ->with('location', 'assetstatus', 'assetlog', 'company', 'defaultLoc','assignedTo',
-            'model.category', 'model.manufacturer', 'model.fieldset','supplier');
+                'model.category', 'model.manufacturer', 'model.fieldset','supplier');


        // These are used by the API to query against specific ID numbers.
        // They are also used by the individual searches on detail pages like
        // locations, etc.
-        if ($request->has('status_id')) {
+        if ($request->filled('status_id')) {
            $assets->where('assets.status_id', '=', $request->input('status_id'));
        }

@@ -109,45 +103,70 @@ class AssetsController extends Controller
            $assets->where('assets.requestable', '=', '1');
        }

-        if ($request->has('model_id')) {
+        if ($request->filled('model_id')) {
            $assets->InModelList([$request->input('model_id')]);
        }

-        if ($request->has('category_id')) {
+        if ($request->filled('category_id')) {
            $assets->InCategory($request->input('category_id'));
        }

-        if ($request->has('location_id')) {
+        if ($request->filled('location_id')) {
            $assets->where('assets.location_id', '=', $request->input('location_id'));
        }

-        if ($request->has('supplier_id')) {
+        if ($request->filled('rtd_location_id')) {
+            $assets->where('assets.rtd_location_id', '=', $request->input('rtd_location_id'));
+        }
+
+        if ($request->filled('supplier_id')) {
            $assets->where('assets.supplier_id', '=', $request->input('supplier_id'));
        }

-        if (($request->has('assigned_to')) && ($request->has('assigned_type'))) {
+        if (($request->filled('assigned_to')) && ($request->filled('assigned_type'))) {
            $assets->where('assets.assigned_to', '=', $request->input('assigned_to'))
-                    ->where('assets.assigned_type', '=', $request->input('assigned_type'));
+                ->where('assets.assigned_type', '=', $request->input('assigned_type'));
        }

-        if ($request->has('company_id')) {
+        if ($request->filled('company_id')) {
            $assets->where('assets.company_id', '=', $request->input('company_id'));
        }

-        if ($request->has('manufacturer_id')) {
+        if ($request->filled('manufacturer_id')) {
            $assets->ByManufacturer($request->input('manufacturer_id'));
        }

-        if ($request->has('depreciation_id')) {
+        if ($request->filled('depreciation_id')) {
            $assets->ByDepreciationId($request->input('depreciation_id'));
        }

-        $request->has('order_number') ? $assets = $assets->where('assets.order_number', '=', e($request->get('order_number'))) : '';
+        $request->filled('order_number') ? $assets = $assets->where('assets.order_number', '=', e($request->get('order_number'))) : '';
+
+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($assets) && ($request->get('offset') > $assets->count())) ? $assets->count() : $request->get('offset', 0);
+
+
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');

-        $offset = request('offset', 0);
-        $limit = $request->input('limit', 50);
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';

+        // This is used by the audit reporting routes
+        if (Gate::allows('audit', Asset::class)) {
+
+            switch ($audit) {
+                case 'due':
+                    $assets->DueOrOverdueForAudit($settings);
+                    break;
+                case 'overdue':
+                    $assets->overdueForAudit($settings);
+                    break;
+            }
+        }
+
+
+
        // This is used by the sidenav, mostly

        // We switched from using query scopes here because of a Laravel bug
@@ -155,7 +174,7 @@ class AssetsController extends Controller
        // I am sad. :(
        switch ($request->input('status')) {
            case 'Deleted':
-                $assets->withTrashed()->Deleted();
+                $assets->onlyTrashed();
                break;
            case 'Pending':
                $assets->join('status_labels AS status_alias',function ($join) {
@@ -167,12 +186,12 @@ class AssetsController extends Controller
                break;
            case 'RTD':
                $assets->whereNull('assets.assigned_to')
-                ->join('status_labels AS status_alias',function ($join) {
-                    $join->on('status_alias.id', "=", "assets.status_id")
-                        ->where('status_alias.deployable','=',1)
-                        ->where('status_alias.pending','=',0)
-                        ->where('status_alias.archived', '=', 0);
-                });
+                    ->join('status_labels AS status_alias',function ($join) {
+                        $join->on('status_alias.id', "=", "assets.status_id")
+                            ->where('status_alias.deployable','=',1)
+                            ->where('status_alias.pending','=',0)
+                            ->where('status_alias.archived', '=', 0);
+                    });
                break;
            case 'Undeployable':
                $assets->Undeployable();
@@ -188,11 +207,11 @@ class AssetsController extends Controller
            case 'Requestable':
                $assets->where('assets.requestable', '=', 1)
                    ->join('status_labels AS status_alias',function ($join) {
-                    $join->on('status_alias.id', "=", "assets.status_id")
-                        ->where('status_alias.deployable','=',1)
-                        ->where('status_alias.pending','=',0)
-                        ->where('status_alias.archived', '=', 0);
-                });
+                        $join->on('status_alias.id', "=", "assets.status_id")
+                            ->where('status_alias.deployable','=',1)
+                            ->where('status_alias.pending','=',0)
+                            ->where('status_alias.archived', '=', 0);
+                    });

                break;
            case 'Deployed':
@@ -201,14 +220,14 @@ class AssetsController extends Controller
                break;
            default:

-                if ((!$request->has('status_id')) && ($settings->show_archived_in_list!='1')) {
+                if ((!$request->filled('status_id')) && ($settings->show_archived_in_list!='1')) {
                    // terrible workaround for complex-query Laravel bug in fulltext
                    $assets->join('status_labels AS status_alias',function ($join) {
                        $join->on('status_alias.id', "=", "assets.status_id")
                            ->where('status_alias.archived', '=', 0);
                    });
-                    
-                // If there is a status ID, don't take show_archived_in_list into consideration
+
+                    // If there is a status ID, don't take show_archived_in_list into consideration
                } else {
                    $assets->join('status_labels AS status_alias',function ($join) {
                        $join->on('status_alias.id', "=", "assets.status_id");
@@ -220,7 +239,7 @@ class AssetsController extends Controller

        if ((!is_null($filter)) && (count($filter)) > 0) {
            $assets->ByFilter($filter);
-        } elseif ($request->has('search')) {
+        } elseif ($request->filled('search')) {
            $assets->TextSearch($request->input('search'));
        }

@@ -233,8 +252,8 @@ class AssetsController extends Controller
        // This handles all of the pivot sorting (versus the assets.* fields
        // in the allowed_columns array)
        $column_sort = in_array($sort_override, $allowed_columns) ? $sort_override : 'assets.created_at';
-        
-        
+
+
        switch ($sort_override) {
            case 'model':
                $assets->OrderModels($order);
@@ -273,6 +292,7 @@ class AssetsController extends Controller

        $total = $assets->count();
        $assets = $assets->skip($offset)->take($limit)->get();
+        // dd($assets);
        return (new AssetsTransformer)->transformAssets($assets, $total);
    }

@@ -287,11 +307,11 @@ class AssetsController extends Controller
     */
    public function showByTag($tag)
    {
-        if ($asset = Asset::with('assetstatus')->with('assignedTo')->withTrashed()->where('asset_tag',$tag)->first()) {
+        if ($asset = Asset::with('assetstatus')->with('assignedTo')->where('asset_tag',$tag)->first()) {
            $this->authorize('view', $asset);
            return (new AssetsTransformer)->transformAsset($asset);
        }
-        return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 404);
+        return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 200);

    }

@@ -305,17 +325,17 @@ class AssetsController extends Controller
     */
    public function showBySerial($serial)
    {
+        $this->authorize('index', Asset::class);
        if ($assets = Asset::with('assetstatus')->with('assignedTo')
            ->withTrashed()->where('serial',$serial)->get()) {
-                $this->authorize('view', $assets);
                return (new AssetsTransformer)->transformAssets($assets, $assets->count());
        }
-        return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 404);
+        return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 200);

    }


-     /**
+    /**
     * Returns JSON with information about an asset for detail view.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
@@ -325,13 +345,22 @@ class AssetsController extends Controller
     */
    public function show($id)
    {
-        if ($asset = Asset::with('assetstatus')->with('assignedTo')->withTrashed()->withCount('checkins', 'checkouts', 'userRequests')->findOrFail($id)) {
+        if ($asset = Asset::with('assetstatus')->with('assignedTo')->withTrashed()
+            ->withCount('checkins as checkins_count', 'checkouts as checkouts_count', 'userRequests as user_requests_count')->findOrFail($id)) {
            $this->authorize('view', $asset);
            return (new AssetsTransformer)->transformAsset($asset);
        }


    }
+    public function licenses($id)
+    {
+        $this->authorize('view', Asset::class);
+        $this->authorize('view', License::class);
+        $asset = Asset::where('id', $id)->withTrashed()->first();
+        $licenses = $asset->licenses()->get();
+        return (new LicensesTransformer())->transformLicenses($licenses, $licenses->count());
+     }


    /**
@@ -353,13 +382,13 @@ class AssetsController extends Controller
            'assets.assigned_to',
            'assets.assigned_type',
            'assets.status_id'
-            ])->with('model', 'assetstatus', 'assignedTo')->NotArchived());
+            ])->with('model', 'assetstatus', 'assignedTo')->NotArchived(), 'company_id', 'assets');

-        if ($request->has('assetStatusType') && $request->input('assetStatusType') === 'RTD') {
+        if ($request->filled('assetStatusType') && $request->input('assetStatusType') === 'RTD') {
            $assets = $assets->RTD();
        }

-        if ($request->has('search')) {
+        if ($request->filled('search')) {
            $assets = $assets->AssignedSearch($request->input('search'));
        }

@@ -378,7 +407,7 @@ class AssetsController extends Controller
                $asset->use_text .= ' → '.$asset->assigned->getFullNameAttribute();
            }

-            
+
            if ($asset->assetstatus->getStatuslabelType()=='pending') {
                $asset->use_text .=  '('.$asset->assetstatus->getStatuslabelType().')';
            }
@@ -399,7 +428,7 @@ class AssetsController extends Controller
     * @since [v4.0]
     * @return JsonResponse
     */
-    public function store(AssetRequest $request)
+    public function store(Request $request)
    {

        $this->authorize('create', Asset::class);
@@ -426,13 +455,36 @@ class AssetsController extends Controller
        $asset->supplier_id             = $request->get('supplier_id', 0);
        $asset->requestable             = $request->get('requestable', 0);
        $asset->rtd_location_id         = $request->get('rtd_location_id', null);
+        $asset->location_id             = $request->get('rtd_location_id', null);
+
+        if ($request->has('image_source') && $request->input('image_source') != "") {
+            $saved_image_path = Helper::processUploadedImage(
+                $request->input('image_source'), 'uploads/assets/'
+            );
+
+            if (!$saved_image_path) {
+                return response()->json(Helper::formatStandardApiResponse(
+                        'error',
+                        null,
+                        trans('admin/hardware/message.create.error')
+                    ), 200);
+            }
+
+            $asset->image = $saved_image_path;
+        }

        // Update custom fields in the database.
        // Validation for these fields is handled through the AssetRequest form request
        $model = AssetModel::find($request->get('model_id'));
-        if ($model->fieldset) {
+        if (($model) && ($model->fieldset)) {
            foreach ($model->fieldset->fields as $field) {
-                $asset->{$field->convertUnicodeDbSlug()} = e($request->input($field->convertUnicodeDbSlug(), null));
+                if ($field->field_encrypted=='1') {
+                    if (Gate::allows('admin')) {
+                        $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt($request->input($field->convertUnicodeDbSlug()));
+                    }
+                } else {
+                    $asset->{$field->convertUnicodeDbSlug()} = $request->input($field->convertUnicodeDbSlug());
+                }
            }
        }

@@ -448,6 +500,11 @@ class AssetsController extends Controller
            if (isset($target)) {
                $asset->checkOut($target, Auth::user(), date('Y-m-d H:i:s'), '', 'Checked out on asset creation', e($request->get('name')));
            }
+
+            if ($asset->image) {
+                $asset->image = $asset->getImageUrl();
+            }
+
            return response()->json(Helper::formatStandardApiResponse('success', $asset, trans('admin/hardware/message.create.success')));
        }

@@ -465,52 +522,55 @@ class AssetsController extends Controller
     */
    public function update(Request $request, $id)
    {
-        $this->authorize('edit', Asset::class);
+        $this->authorize('update', Asset::class);

        if ($asset = Asset::find($id)) {
-            ($request->has('model_id')) ?
-                $asset->model()->associate(AssetModel::find($request->get('model_id'))) : '';
-            ($request->has('name')) ?
-                $asset->name = $request->get('name') : '';
-            ($request->has('serial')) ?
-                $asset->serial = $request->get('serial') : '';
-            ($request->has('model_id')) ?
-                $asset->model_id = $request->get('model_id') : '';
-            ($request->has('order_number')) ?
-                $asset->order_number = $request->get('order_number') : '';
-            ($request->has('notes')) ?
-                $asset->notes = $request->get('notes') : '';
-            ($request->has('asset_tag')) ?
-                $asset->asset_tag = $request->get('asset_tag') : '';
-            ($request->has('archived')) ?
-                $asset->archived = $request->get('archived') : '';
-            ($request->has('status_id')) ?
-                $asset->status_id = $request->get('status_id') : '';
-            ($request->has('warranty_months')) ?
-                $asset->warranty_months = $request->get('warranty_months') : '';
-            ($request->has('purchase_cost')) ?
-                $asset->purchase_cost = Helper::ParseFloat($request->get('purchase_cost')) : '';
-            ($request->has('purchase_date')) ?
-                $asset->purchase_date = $request->get('purchase_date') : '';
-            ($request->has('assigned_to')) ?
-                $asset->assigned_to = $request->get('assigned_to') : '';
-            ($request->has('supplier_id')) ?
-                $asset->supplier_id = $request->get('supplier_id') : '';
-            ($request->has('requestable')) ?
-                $asset->requestable = $request->get('requestable') : '';
-            ($request->has('rtd_location_id')) ?
-                $asset->rtd_location_id = $request->get('rtd_location_id') : '';
-            ($request->has('rtd_location_id')) ?
+            $asset->fill($request->all());
+
+            ($request->filled('model_id')) ?
+                $asset->model()->associate(AssetModel::find($request->get('model_id'))) : null;
+            ($request->filled('rtd_location_id')) ?
                $asset->location_id = $request->get('rtd_location_id') : '';
-            ($request->has('company_id')) ?
+            ($request->filled('company_id')) ?
                $asset->company_id = Company::getIdForCurrentUser($request->get('company_id')) : '';

+($request->filled('rtd_location_id')) ?
+                $asset->location_id = $request->get('rtd_location_id') : null;
+
+
+            if ($request->filled('image_source')) {
+                if ($request->input('image_source') == "") {
+            ($request->filled('rtd_location_id')) ?
+                $asset->location_id = $request->get('rtd_location_id') : null;
+                    $asset->image = null;
+                } else {
+                    $saved_image_path = Helper::processUploadedImage(
+                        $request->input('image_source'), 'uploads/assets/'
+                    );
+
+                    if (!$saved_image_path) {
+                        return response()->json(Helper::formatStandardApiResponse(
+                            'error',
+                            null,
+                            trans('admin/hardware/message.update.error')
+                        ), 200);
+                    }
+
+                    $asset->image = $saved_image_path;
+                }
+            }

            // Update custom fields
            if (($model = AssetModel::find($asset->model_id)) && (isset($model->fieldset))) {
                foreach ($model->fieldset->fields as $field) {
                    if ($request->has($field->convertUnicodeDbSlug())) {
-                        $asset->{$field->convertUnicodeDbSlug()} = e($request->input($field->convertUnicodeDbSlug()));
+                        if ($field->field_encrypted=='1') {
+                            if (Gate::allows('admin')) {
+                                $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt($request->input($field->convertUnicodeDbSlug()));
+                            }
+                        } else {
+                            $asset->{$field->convertUnicodeDbSlug()} = $request->input($field->convertUnicodeDbSlug());
+                        }
                    }
                }
            }
@@ -518,11 +578,15 @@ class AssetsController extends Controller

            if ($asset->save()) {

-                if (($request->has('assigned_user')) && ($target = User::find($request->get('assigned_user')))) {
+                if (($request->filled('assigned_user')) && ($target = User::find($request->get('assigned_user')))) {
                        $location = $target->location_id;
-                } elseif (($request->has('assigned_asset')) && ($target = Asset::find($request->get('assigned_asset')))) {
-                            $location = $target->location_id;
-                } elseif (($request->has('assigned_location')) && ($target = Location::find($request->get('assigned_location')))) {
+                } elseif (($request->filled('assigned_asset')) && ($target = Asset::find($request->get('assigned_asset')))) {
+                    $location = $target->location_id;
+
+                    Asset::where('assigned_type', '\\App\\Models\\Asset')->where('assigned_to', $id)
+                        ->update(['location_id' => $target->location_id]);
+
+                } elseif (($request->filled('assigned_location')) && ($target = Location::find($request->get('assigned_location')))) {
                    $location = $target->id;
                }

@@ -530,6 +594,10 @@ class AssetsController extends Controller
                    $asset->checkOut($target, Auth::user(), date('Y-m-d H:i:s'), '', 'Checked out on asset update', e($request->get('name')), $location);
                }

+                if ($asset->image) {
+                    $asset->image = $asset->getImageUrl();
+                }
+
                return response()->json(Helper::formatStandardApiResponse('success', $asset, trans('admin/hardware/message.update.success')));
            }
            return response()->json(Helper::formatStandardApiResponse('error', null, $asset->getErrors()), 200);
@@ -605,16 +673,14 @@ class AssetsController extends Controller
            $target = Asset::where('id','!=',$asset_id)->find(request('assigned_asset'));
            $asset->location_id = $target->rtd_location_id;
            // Override with the asset's location_id if it has one
-            if ($target->location_id!='') {
-                $asset->location_id = ($target) ? $target->location_id : '';
-            }
+            $asset->location_id = (($target) && (isset($target->location_id))) ? $target->location_id : '';
            $error_payload['target_id'] = $request->input('assigned_asset');
            $error_payload['target_type'] = 'asset';

        } elseif (request('checkout_to_type')=='user') {
            // Fetch the target and set the asset's new location_id
            $target = User::find(request('assigned_user'));
-            $asset->location_id = ($target) ? $target->location_id : '';
+            $asset->location_id = (($target) && (isset($target->location_id))) ? $target->location_id : '';
            $error_payload['target_id'] = $request->input('assigned_user');
            $error_payload['target_type'] = 'user';
        }
@@ -631,21 +697,23 @@ class AssetsController extends Controller
        $expected_checkin = request('expected_checkin', null);
        $note = request('note', null);
        $asset_name = request('name', null);
-        
+
        // Set the location ID to the RTD location id if there is one
-        if ($asset->rtd_location_id!='') {
-            $asset->location_id = $target->rtd_location_id;
-        }
+        // Wait, why are we doing this? This overrides the stuff we set further up, which makes no sense.
+        // TODO: Follow up here. WTF. Commented out for now. 


+//        if ((isset($target->rtd_location_id)) && ($asset->rtd_location_id!='')) {
+//            $asset->location_id = $target->rtd_location_id;
+//        }
+

-        

        if ($asset->checkOut($target, Auth::user(), $checkout_at, $expected_checkin, $note, $asset_name, $asset->location_id)) {
            return response()->json(Helper::formatStandardApiResponse('success', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkout.success')));
        }

-        return response()->json(Helper::formatStandardApiResponse('error', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkout.error')))->withErrors($asset->getErrors());
+        return response()->json(Helper::formatStandardApiResponse('error', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkout.error')));
    }


@@ -674,19 +742,23 @@ class AssetsController extends Controller
        $asset->assigned_to = null;
        $asset->assignedTo()->disassociate($asset);
        $asset->accepted = null;
-        $asset->name = Input::get('name');
+
+        if ($request->filled('name')) {
+            $asset->name = $request->input('name');
+        }
+        
        $asset->location_id =  $asset->rtd_location_id;

-        if ($request->has('location_id')) {
+        if ($request->filled('location_id')) {
            $asset->location_id =  $request->input('location_id');
        }

-        if (Input::has('status_id')) {
-            $asset->status_id =  Input::get('status_id');
+        if ($request->has('status_id')) {
+            $asset->status_id =  $request->input('status_id');
        }

        if ($asset->save()) {
-            $asset->logCheckin($target, e(request('note')));
+            $asset->logCheckin($target, e($request->input('note')));
            return response()->json(Helper::formatStandardApiResponse('success', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkin.success')));
        }

@@ -717,21 +789,35 @@ class AssetsController extends Controller
            return response()->json(Helper::formatStandardApiResponse('error', null, $validator->errors()->all()));
        }

+        $settings = Setting::getSettings();
+        $dt = Carbon::now()->addMonths($settings->audit_interval)->toDateString();
+
        $asset = Asset::where('asset_tag','=', $request->input('asset_tag'))->first();


        if ($asset) {
            // We don't want to log this as a normal update, so let's bypass that
            $asset->unsetEventDispatcher();
-            $asset->next_audit_date = $request->input('next_audit_date');
-            $asset->last_audit_date = date('Y-m-d h:i:s');
+            $asset->next_audit_date = $dt;
+
+            if ($request->filled('next_audit_date')) {
+                $asset->next_audit_date = $request->input('next_audit_date');
+            }
+
+            // Check to see if they checked the box to update the physical location,
+            // not just note it in the audit notes
+            if ($request->input('update_location')=='1') {
+                $asset->location_id = $request->input('location_id');
+            }
+
+            $asset->last_audit_date = date('Y-m-d H:i:s');

            if ($asset->save()) {
                $log = $asset->logAudit(request('note'),request('location_id'));
                return response()->json(Helper::formatStandardApiResponse('success', [
                    'asset_tag'=> e($asset->asset_tag),
                    'note'=> e($request->input('note')),
-                    'next_audit_date' => Helper::getFormattedDateObject($log->calcNextAuditDate())
+                    'next_audit_date' => Helper::getFormattedDateObject($asset->next_audit_date)
                ], trans('admin/hardware/message.audit.success')));
            }
        }
@@ -755,7 +841,8 @@ class AssetsController extends Controller
     */
    public function requestable(Request $request)
    {
-        
+        $this->authorize('viewRequestable', Asset::class);
+
        $assets = Company::scopeCompanyables(Asset::select('assets.*'),"company_id","assets")
            ->with('location', 'assetstatus', 'assetlog', 'company', 'defaultLoc','assignedTo',
                'model.category', 'model.manufacturer', 'model.fieldset','supplier')->where('assets.requestable', '=', '1');
--- a/app/Http/Controllers/Api/CategoriesController.php
+++ b/app/Http/Controllers/Api/CategoriesController.php
@@ -2,12 +2,13 @@

 namespace App\Http\Controllers\Api;

-use Illuminate\Http\Request;
-use App\Http\Controllers\Controller;
 use App\Helpers\Helper;
-use App\Models\Category;
+use App\Http\Controllers\Controller;
 use App\Http\Transformers\CategoriesTransformer;
 use App\Http\Transformers\SelectlistTransformer;
+use App\Models\Category;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Storage;

 class CategoriesController extends Controller
 {
@@ -24,14 +25,19 @@ class CategoriesController extends Controller
        $allowed_columns = ['id', 'name','category_type', 'category_type','use_default_eula','eula_text', 'require_acceptance','checkin_email', 'assets_count', 'accessories_count', 'consumables_count', 'components_count','licenses_count', 'image'];

        $categories = Category::select(['id', 'created_at', 'updated_at', 'name','category_type','use_default_eula','eula_text', 'require_acceptance','checkin_email','image'])
-            ->withCount('assets', 'accessories', 'consumables', 'components','licenses');
+            ->withCount('assets as assets_count', 'accessories as accessories_count', 'consumables as consumables_count', 'components as components_count','licenses as licenses_count');

-        if ($request->has('search')) {
+        if ($request->filled('search')) {
            $categories = $categories->TextSearch($request->input('search'));
        }

-        $offset = $request->input('offset', 0);
-        $limit = $request->input('limit', 50);
+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($categories) && ($request->get('offset') > $categories->count())) ? $categories->count() : $request->get('offset', 0);
+
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');
+
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'assets_count';
        $categories->orderBy($sort, $order);
@@ -92,7 +98,7 @@ class CategoriesController extends Controller
     */
    public function update(Request $request, $id)
    {
-        $this->authorize('edit', Category::class);
+        $this->authorize('update', Category::class);
        $category = Category::findOrFail($id);
        $category->fill($request->all());

@@ -116,14 +122,10 @@ class CategoriesController extends Controller
        $this->authorize('delete', Category::class);
        $category = Category::findOrFail($id);

-        if ($category->has_models() > 0) {
-            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/categories/message.assoc_items', ['asset_type'=>'model'])));
-        } elseif ($category->accessories()->count() > 0) {
-            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/categories/message.assoc_items', ['asset_type'=>'accessory'])));
-        } elseif ($category->consumables()->count() > 0) {
-            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/categories/message.assoc_items', ['asset_type'=>'consumable'])));
-        } elseif ($category->components()->count() > 0) {
-            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/categories/message.assoc_items', ['asset_type'=>'component'])));
+        if (!$category->isDeletable()) {
+            return response()->json(
+                Helper::formatStandardApiResponse('error', null,  trans('admin/categories/message.assoc_items', ['asset_type'=>$category->category_type]))
+            );
        }
        $category->delete();
        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/categories/message.delete.success')));
@@ -148,7 +150,7 @@ class CategoriesController extends Controller
            'image',
        ]);

-        if ($request->has('search')) {
+        if ($request->filled('search')) {
            $categories = $categories->where('name', 'LIKE', '%'.$request->get('search').'%');
        }

@@ -158,7 +160,7 @@ class CategoriesController extends Controller
        // This lets us have more flexibility in special cases like assets, where
        // they may not have a ->name value but we want to display something anyway
        foreach ($categories as $category) {
-            $category->use_image = ($category->image) ? url('/').'/uploads/categories/'.$category->image : null;
+            $category->use_image = ($category->image) ? Storage::disk('public')->url('categories/'.$category->image, $category->image) : null;
        }

        return (new SelectlistTransformer)->transformSelectlist($categories);
--- a/app/Http/Controllers/Api/CompaniesController.php
+++ b/app/Http/Controllers/Api/CompaniesController.php
@@ -2,12 +2,13 @@

 namespace App\Http\Controllers\Api;

-use App\Http\Transformers\CompaniesTransformer;
-use Illuminate\Http\Request;
-use App\Http\Controllers\Controller;
 use App\Helpers\Helper;
-use App\Models\Company;
+use App\Http\Controllers\Controller;
+use App\Http\Transformers\CompaniesTransformer;
 use App\Http\Transformers\SelectlistTransformer;
+use App\Models\Company;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Storage;

 class CompaniesController extends Controller
 {
@@ -35,14 +36,19 @@ class CompaniesController extends Controller
            'components_count',
        ];

-        $companies = Company::withCount('assets','licenses','accessories','consumables','components','users');
+        $companies = Company::withCount('assets as assets_count','licenses as licenses_count','accessories as accessories_count','consumables as consumables_count','components as components_count','users as users_count');

-        if ($request->has('search')) {
+        if ($request->filled('search')) {
            $companies->TextSearch($request->input('search'));
        }

-        $offset = $request->input('offset', 0);
-        $limit = $request->input('limit', 50);
+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($companies) && ($request->get('offset') > $companies->count())) ? $companies->count() : $request->get('offset', 0);
+
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');
+
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
        $companies->orderBy($sort, $order);
@@ -104,7 +110,7 @@ class CompaniesController extends Controller
     */
    public function update(Request $request, $id)
    {
-        $this->authorize('edit', Company::class);
+        $this->authorize('update', Company::class);
        $company = Company::findOrFail($id);
        $company->fill($request->all());

@@ -127,28 +133,17 @@ class CompaniesController extends Controller
     */
    public function destroy($id)
    {
-       $this->authorize('delete', Company::class);
-       $company = Company::findOrFail($id);
-            $this->authorize('delete', $company);
+        $this->authorize('delete', Company::class);
+        $company = Company::findOrFail($id);
+        $this->authorize('delete', $company);

-        try {
-            $company->delete();
+        if ( !$company->isDeletable() ) {
            return response()
-                ->json(Helper::formatStandardApiResponse('success', null,  trans('admin/companies/message.delete.success')));
-        } catch (\Illuminate\Database\QueryException $exception) {
-            /*
-                 * NOTE: This happens when there's a foreign key constraint violation
-                 * For example when rows in other tables are referencing this company
-                 */
-            if ($exception->getCode() == 23000) {
-                return response()
                    ->json(Helper::formatStandardApiResponse('error', null,  trans('admin/companies/message.assoc_users')));
-
-            } else {
-                throw $exception;
-            }
        }
-
+        $company->delete();
+        return response()
+            ->json(Helper::formatStandardApiResponse('success', null,  trans('admin/companies/message.delete.success')));
    }

    /**
@@ -168,7 +163,7 @@ class CompaniesController extends Controller
            'companies.image',
        ]);

-        if ($request->has('search')) {
+        if ($request->filled('search')) {
            $companies = $companies->where('companies.name', 'LIKE', '%'.$request->get('search').'%');
        }

@@ -178,7 +173,7 @@ class CompaniesController extends Controller
        // This lets us have more flexibility in special cases like assets, where
        // they may not have a ->name value but we want to display something anyway
        foreach ($companies as $company) {
-            $company->use_image = ($company->image) ? url('/').'/uploads/companies/'.$company->image : null;
+            $company->use_image = ($company->image) ? Storage::disk('public')->url('companies/'.$company->image, $company->image) : null;
        }

        return (new SelectlistTransformer)->transformSelectlist($companies);
--- a/app/Http/Controllers/Api/ComponentsController.php
+++ b/app/Http/Controllers/Api/ComponentsController.php
@@ -2,14 +2,12 @@

 namespace App\Http\Controllers\Api;

-use Illuminate\Http\Request;
-use App\Http\Controllers\Controller;
-use App\Http\Transformers\AssetsTransformer;
-use App\Http\Transformers\ComponentsTransformer;
-use App\Http\Transformers\ComponentsAssetsTransformer;
-use App\Models\Component;
-use App\Models\Company;
 use App\Helpers\Helper;
+use App\Http\Controllers\Controller;
+use App\Http\Transformers\ComponentsTransformer;
+use App\Models\Company;
+use App\Models\Component;
+use Illuminate\Http\Request;

 class ComponentsController extends Controller
 {
@@ -24,23 +22,31 @@ class ComponentsController extends Controller
    public function index(Request $request)
    {
        $this->authorize('view', Component::class);
-        $components = Company::scopeCompanyables(Component::select('components.*')->whereNull('components.deleted_at')
+        $components = Company::scopeCompanyables(Component::select('components.*')
            ->with('company', 'location', 'category'));

-        if ($request->has('search')) {
+        if ($request->filled('search')) {
            $components = $components->TextSearch($request->input('search'));
        }

-        if ($request->has('company_id')) {
+        if ($request->filled('company_id')) {
            $components->where('company_id','=',$request->input('company_id'));
        }

-        if ($request->has('category_id')) {
+        if ($request->filled('category_id')) {
            $components->where('category_id','=',$request->input('category_id'));
        }

-        $offset = request('offset', 0);
-        $limit = request('limit', 50);
+        if ($request->filled('location_id')) {
+            $components->where('location_id','=',$request->input('location_id'));
+        }
+
+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($components) && ($request->get('offset') > $components->count())) ? $components->count() : $request->get('offset', 0);
+
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');

        $allowed_columns = ['id','name','min_amt','order_number','serial','purchase_date','purchase_cost','company','category','qty','location','image'];
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
@@ -116,7 +122,7 @@ class ComponentsController extends Controller
     */
    public function update(Request $request, $id)
    {
-        $this->authorize('edit', Component::class);
+        $this->authorize('update', Component::class);
        $component = Component::findOrFail($id);
        $component->fill($request->all());

--- a/app/Http/Controllers/Api/ConsumablesController.php
+++ b/app/Http/Controllers/Api/ConsumablesController.php
@@ -2,12 +2,14 @@

 namespace App\Http\Controllers\Api;

-use Illuminate\Http\Request;
+use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
+use App\Http\Transformers\ConsumablesTransformer;
+use App\Http\Transformers\SelectlistTransformer;
 use App\Models\Company;
 use App\Models\Consumable;
-use App\Http\Transformers\ConsumablesTransformer;
-use App\Helpers\Helper;
+use App\Models\User;
+use Illuminate\Http\Request;

 class ConsumablesController extends Controller
 {
@@ -24,25 +26,33 @@ class ConsumablesController extends Controller
        $this->authorize('index', Consumable::class);
        $consumables = Company::scopeCompanyables(
            Consumable::select('consumables.*')
-                ->whereNull('consumables.deleted_at')
                ->with('company', 'location', 'category', 'users', 'manufacturer')
        );

-        if ($request->has('search')) {
+        if ($request->filled('search')) {
            $consumables = $consumables->TextSearch(e($request->input('search')));
        }

-        if ($request->has('company_id')) {
+        if ($request->filled('company_id')) {
            $consumables->where('company_id','=',$request->input('company_id'));
        }

-        if ($request->has('manufacturer_id')) {
+        if ($request->filled('category_id')) {
+            $consumables->where('category_id','=',$request->input('category_id'));
+        }
+
+        if ($request->filled('manufacturer_id')) {
            $consumables->where('manufacturer_id','=',$request->input('manufacturer_id'));
        }


-        $offset = request('offset', 0);
-        $limit = request('limit', 50);
+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($consumables) && ($request->get('offset') > $consumables->count())) ? $consumables->count() : $request->get('offset', 0);
+
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');
+
        $allowed_columns = ['id','name','order_number','min_amt','purchase_date','purchase_cost','company','category','model_number', 'item_no', 'manufacturer','location','qty','image'];
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
@@ -121,7 +131,7 @@ class ConsumablesController extends Controller
     */
    public function update(Request $request, $id)
    {
-        $this->authorize('edit', Consumable::class);
+        $this->authorize('update', Consumable::class);
        $consumable = Consumable::findOrFail($id);
        $consumable->fill($request->all());

@@ -149,11 +159,11 @@ class ConsumablesController extends Controller
        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/consumables/message.delete.success')));
    }

-        /**
+    /**
    * Returns a JSON response containing details on the users associated with this consumable.
    *
    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see ConsumablesController::getView() method that returns the form.
+    * @see \App\Http\Controllers\Consumables\ConsumablesController::getView() method that returns the form.
    * @since [v1.0]
    * @param int $consumableId
    * @return array
@@ -162,7 +172,7 @@ class ConsumablesController extends Controller
    {
        $consumable = Consumable::with(array('consumableAssignments'=>
        function ($query) {
-            $query->orderBy('created_at', 'DESC');
+            $query->orderBy($query->getModel()->getTable().'.created_at', 'DESC');
        },
        'consumableAssignments.admin'=> function ($query) {
        },
@@ -188,4 +198,79 @@ class ConsumablesController extends Controller
        $data = array('total' => $consumableCount, 'rows' => $rows);
        return $data;
    }
+
+    /**
+     * Checkout a consumable
+     *
+     * @author [A. Gutierrez] [<andres@baller.tv>]
+     * @param int $id
+     * @since [v4.9.5]
+     * @return JsonResponse
+     */
+    public function checkout(Request $request, $id)
+    {
+        // Check if the consumable exists
+        if (is_null($consumable = Consumable::find($id))) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/consumables/message.does_not_exist')));
+        }
+
+        $this->authorize('checkout', $consumable);
+
+        if ($consumable->qty > 0) {
+
+            // Check if the user exists
+            $assigned_to = $request->input('assigned_to');
+            if (is_null($user = User::find($assigned_to))) {
+                // Return error message
+                return response()->json(Helper::formatStandardApiResponse('error', null, 'No user found'));
+            }
+
+            // Update the consumable data
+            $consumable->assigned_to = e($assigned_to);
+
+            $consumable->users()->attach($consumable->id, [
+                'consumable_id' => $consumable->id,
+                'user_id' => $user->id,
+                'assigned_to' => $assigned_to
+            ]);
+
+            // Log checkout event
+            $logaction = $consumable->logCheckout(e($request->input('note')), $user);
+            $data['log_id'] = $logaction->id;
+            $data['eula'] = $consumable->getEula();
+            $data['first_name'] = $user->first_name;
+            $data['item_name'] = $consumable->name;
+            $data['checkout_date'] = $logaction->created_at;
+            $data['note'] = $logaction->note;
+            $data['require_acceptance'] = $consumable->requireAcceptance();
+
+            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/consumables/message.checkout.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, 'No consumables remaining'));
+    }
+
+    /**
+    * Gets a paginated collection for the select2 menus
+    *
+    * @see \App\Http\Transformers\SelectlistTransformer
+    *
+    */
+    public function selectlist(Request $request)
+    {
+
+        $consumables = Consumable::select([
+            'consumables.id',
+            'consumables.name'
+        ]);
+
+        if ($request->filled('search')) {
+            $consumables = $consumables->where('consumables.name', 'LIKE', '%'.$request->get('search').'%');
+        }
+
+        $consumables = $consumables->orderBy('name', 'ASC')->paginate(50);
+
+
+        return (new SelectlistTransformer)->transformSelectlist($consumables);
+    }
 }
--- a/app/Http/Controllers/Api/CustomFieldsController.php
+++ b/app/Http/Controllers/Api/CustomFieldsController.php
@@ -9,7 +9,6 @@ use App\Models\CustomField;
 use App\Models\CustomFieldset;
 use Illuminate\Http\Request;
 use Validator;
-use Illuminate\Validation\Rule;

 class CustomFieldsController extends Controller
 {
@@ -24,7 +23,7 @@ class CustomFieldsController extends Controller

    public function index()
    {
-        $this->authorize('index', CustomFields::class);
+        $this->authorize('index', CustomField::class);
        $fields = CustomField::get();
        return (new CustomFieldsTransformer)->transformCustomFields($fields, $fields->count());
    }
@@ -38,7 +37,7 @@ class CustomFieldsController extends Controller
    */
    public function show($id)
    {
-      $this->authorize('show', CustomField::class);
+      $this->authorize('view', CustomField::class);
        if ($field = CustomField::find($id)) {
            return (new CustomFieldsTransformer)->transformCustomField($field);
        }
@@ -57,9 +56,15 @@ class CustomFieldsController extends Controller
     */
    public function update(Request $request, $id)
    {
-        $this->authorize('edit', CustomField::class);
+        $this->authorize('update', CustomField::class);
        $field = CustomField::findOrFail($id);
-        $data = $request->all();
+
+        /**
+         * Updated values for the field,
+         * without the "field_encrypted" flag, preventing the change of encryption status
+         * @var array
+         */
+        $data = $request->except(['field_encrypted']);

        $validator = Validator::make($data, $field->validationRules());
        if ($validator->fails()) {
@@ -106,6 +111,9 @@ class CustomFieldsController extends Controller
    public function postReorder(Request $request, $id)
    {
        $fieldset = CustomFieldset::find($id);
+
+        $this->authorize('update', $fieldset);
+
        $fields = array();
        $order_array = array();

@@ -125,7 +133,8 @@ class CustomFieldsController extends Controller

    public function associate(Request $request, $field_id)
    {
-        $this->authorize('edit', CustomFieldset::class);
+        $this->authorize('update', CustomFieldset::class);
+
        $field = CustomField::findOrFail($field_id);

        $fieldset_id = $request->input('fieldset_id');
@@ -142,7 +151,8 @@ class CustomFieldsController extends Controller

    public function disassociate(Request $request, $field_id)
    {
-        $this->authorize('edit', CustomFieldset::class);
+        $this->authorize('update', CustomFieldset::class);
+
        $field = CustomField::findOrFail($field_id);

        $fieldset_id = $request->input('fieldset_id');
@@ -167,6 +177,8 @@ class CustomFieldsController extends Controller
    {
        $field = CustomField::findOrFail($field_id);

+        $this->authorize('delete', $field);
+
        if ($field->fieldset->count() >0) {
            return response()->json(Helper::formatStandardApiResponse('error', null, 'Field is in use.'));
        }
--- a/app/Http/Controllers/Api/CustomFieldsetsController.php
+++ b/app/Http/Controllers/Api/CustomFieldsetsController.php
@@ -1,22 +1,14 @@
 <?php
 namespace App\Http\Controllers\Api;

-use View;
-use App\Models\CustomFieldset;
-use App\Models\CustomField;
-use Input;
-use Validator;
-use Redirect;
-use App\Models\AssetModel;
-use Lang;
-use Auth;
-use Illuminate\Http\Request;
-use Log;
-use App\Http\Controllers\Controller;
 use App\Helpers\Helper;
-use App\Http\Transformers\CustomFieldsTransformer;
+use App\Http\Controllers\Controller;
 use App\Http\Transformers\CustomFieldsetsTransformer;
-use App\Http\Requests\AssetRequest;
+use App\Http\Transformers\CustomFieldsTransformer;
+use App\Models\CustomFieldset;
+use Illuminate\Http\Request;
+use Redirect;
+use View;

 /**
 * This controller handles all actions related to Custom Asset Fieldsets for
@@ -43,7 +35,7 @@ class CustomFieldsetsController extends Controller
    public function index()
    {
        $this->authorize('index', CustomFieldset::class);
-        $fieldsets = CustomFieldset::withCount(['fields', 'models'])->get();
+        $fieldsets = CustomFieldset::withCount('fields as fields_count', 'models as models_count')->get();
        return (new CustomFieldsetsTransformer)->transformCustomFieldsets($fieldsets, $fieldsets->count());

    }
@@ -58,7 +50,7 @@ class CustomFieldsetsController extends Controller
    */
    public function show($id)
    {
-      $this->authorize('show', CustomFieldset::class);
+      $this->authorize('view', CustomFieldset::class);
        if ($fieldset = CustomFieldset::find($id)) {
            return (new CustomFieldsetsTransformer)->transformCustomFieldset($fieldset);
        }
@@ -79,7 +71,7 @@ class CustomFieldsetsController extends Controller
     */
    public function update(Request $request, $id)
    {
-        $this->authorize('edit', CustomFieldset::class);
+        $this->authorize('update', CustomFieldset::class);
        $fieldset = CustomFieldset::findOrFail($id);
        $fieldset->fill($request->all());

--- a/app/Http/Controllers/Api/DepartmentsController.php
+++ b/app/Http/Controllers/Api/DepartmentsController.php
@@ -2,20 +2,21 @@

 namespace App\Http\Controllers\Api;

-use Illuminate\Http\Request;
-use App\Http\Controllers\Controller;
-use App\Models\Department;
-use App\Http\Transformers\DepartmentsTransformer;
 use App\Helpers\Helper;
-use Auth;
+use App\Http\Controllers\Controller;
+use App\Http\Transformers\DepartmentsTransformer;
 use App\Http\Transformers\SelectlistTransformer;
+use App\Models\Department;
+use Auth;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Storage;

 class DepartmentsController extends Controller
 {
    /**
     * Display a listing of the resource.
     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @author [Godfrey Martinez] [<snipe@snipe.net>]
     * @since [v4.0]
     * @return \Illuminate\Http\Response
     */
@@ -33,14 +34,19 @@ class DepartmentsController extends Controller
            'departments.created_at',
            'departments.updated_at',
            'departments.image'
-        ])->with('users')->with('location')->with('manager')->with('company')->withCount('users');
+        ])->with('users')->with('location')->with('manager')->with('company')->withCount('users as users_count');

-        if ($request->has('search')) {
+        if ($request->filled('search')) {
            $departments = $departments->TextSearch($request->input('search'));
        }

-        $offset = $request->input('offset', 0);
-        $limit = $request->input('limit', 50);
+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($departments) && ($request->get('offset') > $departments->count())) ? $departments->count() : $request->get('offset', 0);
+
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');
+
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';

@@ -76,7 +82,7 @@ class DepartmentsController extends Controller
        $department = new Department;
        $department->fill($request->all());
        $department->user_id = Auth::user()->id;
-        $department->manager_id = ($request->has('manager_id' ) ? $request->input('manager_id') : null);
+        $department->manager_id = ($request->filled('manager_id' ) ? $request->input('manager_id') : null);

        if ($department->save()) {
            return response()->json(Helper::formatStandardApiResponse('success', $department, trans('admin/departments/message.create.success')));
@@ -100,20 +106,44 @@ class DepartmentsController extends Controller
        return (new DepartmentsTransformer)->transformDepartment($department);
    }

+    /**
+     * Update the specified resource in storage.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v5.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('update', Department::class);
+        $department = Department::findOrFail($id);
+        $department->fill($request->all());
+
+        if ($department->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $department, trans('admin/departments/message.update.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $department->getErrors()));
+    }
+


    /**
-     * Validates and deletes selected location.
+     * Validates and deletes selected department.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param int $locationId
-     * @since [v1.0]
+     * @since [v4.0]
     * @return \Illuminate\Http\RedirectResponse
     */
    public function destroy($id)
    {
        $department = Department::findOrFail($id);

+        $this->authorize('delete', $department);
+
        if ($department->users->count() > 0) {
            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/departments/message.assoc_users')));
        }
@@ -140,7 +170,7 @@ class DepartmentsController extends Controller
            'image',
        ]);

-        if ($request->has('search')) {
+        if ($request->filled('search')) {
            $departments = $departments->where('name', 'LIKE', '%'.$request->get('search').'%');
        }

@@ -150,7 +180,7 @@ class DepartmentsController extends Controller
        // This lets us have more flexibility in special cases like assets, where
        // they may not have a ->name value but we want to display something anyway
        foreach ($departments as $department) {
-            $department->use_image = ($department->image) ? url('/').'/uploads/departments/'.$department->image : null;
+            $department->use_image = ($department->image) ? Storage::disk('public')->url('departments/'.$department->image, $department->image) : null;
        }

        return (new SelectlistTransformer)->transformSelectlist($departments);
--- a/app/Http/Controllers/Api/DepreciationsController.php
+++ b/app/Http/Controllers/Api/DepreciationsController.php
@@ -2,11 +2,11 @@

 namespace App\Http\Controllers\Api;

-use Illuminate\Http\Request;
-use App\Http\Controllers\Controller;
 use App\Helpers\Helper;
-use App\Models\Depreciation;
+use App\Http\Controllers\Controller;
 use App\Http\Transformers\DepreciationsTransformer;
+use App\Models\Depreciation;
+use Illuminate\Http\Request;

 class DepreciationsController extends Controller
 {
@@ -20,16 +20,21 @@ class DepreciationsController extends Controller
    public function index(Request $request)
    {
        $this->authorize('view', Depreciation::class);
-        $allowed_columns = ['id','name','created_at'];
+        $allowed_columns = ['id','name','months','created_at'];

        $depreciations = Depreciation::select('id','name','months','user_id','created_at','updated_at');

-        if ($request->has('search')) {
+        if ($request->filled('search')) {
            $depreciations = $depreciations->TextSearch($request->input('search'));
        }

-        $offset = $request->input('offset', 0);
-        $limit = $request->input('limit', 50);
+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($depreciations) && ($request->get('offset') > $depreciations->count())) ? $depreciations->count() : $request->get('offset', 0);
+
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');
+
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
        $depreciations->orderBy($sort, $order);
@@ -88,7 +93,7 @@ class DepreciationsController extends Controller
     */
    public function update(Request $request, $id)
    {
-        $this->authorize('edit', Depreciation::class);
+        $this->authorize('update', Depreciation::class);
        $depreciation = Depreciation::findOrFail($id);
        $depreciation->fill($request->all());

@@ -110,10 +115,10 @@ class DepreciationsController extends Controller
    public function destroy($id)
    {
        $this->authorize('delete', Depreciation::class);
-        $depreciation = Depreciation::findOrFail($id);
+        $depreciation = Depreciation::withCount('models as models_count')->findOrFail($id);
        $this->authorize('delete', $depreciation);

-        if ($depreciation->has_models() > 0) {
+        if ($depreciation->models_count > 0) {
            return response()->json(Helper::formatStandardApiResponse('error', trans('admin/depreciations/message.assoc_users')));
        }

--- a/app/Http/Controllers/Api/GroupsController.php
+++ b/app/Http/Controllers/Api/GroupsController.php
@@ -2,11 +2,11 @@

 namespace App\Http\Controllers\Api;

-use Illuminate\Http\Request;
-use App\Http\Controllers\Controller;
 use App\Helpers\Helper;
-use App\Models\Group;
+use App\Http\Controllers\Controller;
 use App\Http\Transformers\GroupsTransformer;
+use App\Models\Group;
+use Illuminate\Http\Request;

 class GroupsController extends Controller
 {
@@ -22,14 +22,19 @@ class GroupsController extends Controller
        $this->authorize('view', Group::class);
        $allowed_columns = ['id','name','created_at', 'users_count'];

-        $groups = Group::select('id','name','permissions','created_at','updated_at')->withCount('users');
+        $groups = Group::select('id','name','permissions','created_at','updated_at')->withCount('users as users_count');

-        if ($request->has('search')) {
+        if ($request->filled('search')) {
            $groups = $groups->TextSearch($request->input('search'));
        }

-        $offset = $request->input('offset', 0);
-        $limit = $request->input('limit', 50);
+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($groups) && ($request->get('offset') > $groups->count())) ? $groups->count() : $request->get('offset', 0);
+
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');
+
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
        $groups->orderBy($sort, $order);
@@ -88,7 +93,7 @@ class GroupsController extends Controller
     */
    public function update(Request $request, $id)
    {
-        $this->authorize('edit', Group::class);
+        $this->authorize('update', Group::class);
        $group = Group::findOrFail($id);
        $group->fill($request->all());

--- a/app/Http/Controllers/Api/ImportController.php
+++ b/app/Http/Controllers/Api/ImportController.php
@@ -6,15 +6,15 @@ use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Http\Requests\ItemImportRequest;
 use App\Http\Transformers\ImportsTransformer;
+use App\Models\Asset;
 use App\Models\Company;
 use App\Models\Import;
-use Illuminate\Http\Request;
-use Illuminate\Support\Facades\Input;
+use Artisan;
+use Illuminate\Support\Facades\Request;
 use Illuminate\Support\Facades\Session;
+use Illuminate\Support\Facades\Storage;
 use League\Csv\Reader;
 use Symfony\Component\HttpFoundation\File\Exception\FileException;
-use Artisan;
-use App\Models\Asset;

 class ImportController extends Controller
 {
@@ -25,7 +25,7 @@ class ImportController extends Controller
     */
    public function index()
    {
-        //
+        $this->authorize('import');
        $imports = Import::latest()->get();
        return (new ImportsTransformer)->transformImports($imports);

@@ -39,11 +39,9 @@ class ImportController extends Controller
     */
    public function store()
    {
-        //
-        if (!Company::isCurrentUserAuthorized()) {
-            return redirect()->route('hardware.index')->with('error', trans('general.insufficient_permissions'));
-        } elseif (!config('app.lock_passwords')) {
-            $files = Input::file('files');
+        $this->authorize('import');
+        if (!config('app.lock_passwords')) {
+            $files = Request::file('files');
            $path = config('app.private_uploads').'/imports';
            $results = [];
            $import = new Import;
@@ -114,14 +112,21 @@ class ImportController extends Controller
    /**
     * Processes the specified Import.
     *
-     * @param  \App\Import  $import
+     * @param  int  $import_id
     * @return \Illuminate\Http\Response
     */
    public function process(ItemImportRequest $request, $import_id)
    {
-        $this->authorize('create', Asset::class);
+        $this->authorize('import');
+
        // Run a backup immediately before processing
-        Artisan::call('backup:run');
+        if ($request->has('run-backup')) {
+            \Log::debug('Backup manually requested via importer');
+            Artisan::call('backup:run');
+        } else {
+            \Log::debug('NO BACKUP requested via importer');
+        }
+
        $errors = $request->import(Import::find($import_id));
        $redirectTo = "hardware.index";
        switch ($request->get('import-type')) {
@@ -157,19 +162,26 @@ class ImportController extends Controller
    /**
     * Remove the specified resource from storage.
     *
-     * @param  \App\Import  $import
+     * @param  int  $import_id
     * @return \Illuminate\Http\Response
     */
    public function destroy($import_id)
    {
        $this->authorize('create', Asset::class);
-        $import = Import::find($import_id);
-        try {
-            unlink(config('app.private_uploads').'/imports/'.$import->file_path);
-            $import->delete();
-            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/hardware/message.import.file_delete_success')));
-        } catch (\Exception $e) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.import.file_delete_error')), 500);
+        
+        if ($import = Import::find($import_id)) {
+            try {
+                // Try to delete the file
+                Storage::delete('imports/'.$import->file_path);
+                $import->delete();
+                return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/hardware/message.import.file_delete_success')));
+
+            } catch (\Exception $e) {
+                // If the file delete didn't work, remove it from the database anyway and return a warning
+                $import->delete();
+                return response()->json(Helper::formatStandardApiResponse('warning', null, trans('admin/hardware/message.import.file_not_deleted_warning')));
+            }
        }
+
    }
 }
--- a/app/Http/Controllers/Api/LicensesController.php
+++ b/app/Http/Controllers/Api/LicensesController.php
@@ -6,6 +6,7 @@ use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Http\Transformers\LicenseSeatsTransformer;
 use App\Http\Transformers\LicensesTransformer;
+use App\Http\Transformers\SelectlistTransformer;
 use App\Models\Company;
 use App\Models\License;
 use App\Models\LicenseSeat;
@@ -25,65 +26,70 @@ class LicensesController extends Controller
    public function index(Request $request)
    {
        $this->authorize('view', License::class);
-        $licenses = Company::scopeCompanyables(License::with('company', 'manufacturer', 'freeSeats', 'supplier','category')->withCount('freeSeats'));
+        $licenses = Company::scopeCompanyables(License::with('company', 'manufacturer', 'freeSeats', 'supplier','category')->withCount('freeSeats as free_seats_count'));


-        if ($request->has('company_id')) {
+        if ($request->filled('company_id')) {
            $licenses->where('company_id','=',$request->input('company_id'));
        }

-        if ($request->has('name')) {
+        if ($request->filled('name')) {
            $licenses->where('licenses.name','=',$request->input('name'));
        }

-        if ($request->has('product_key')) {
+        if ($request->filled('product_key')) {
            $licenses->where('licenses.serial','=',$request->input('product_key'));
        }

-        if ($request->has('order_number')) {
+        if ($request->filled('order_number')) {
            $licenses->where('order_number','=',$request->input('order_number'));
        }

-        if ($request->has('purchase_order')) {
+        if ($request->filled('purchase_order')) {
            $licenses->where('purchase_order','=',$request->input('purchase_order'));
        }

-        if ($request->has('license_name')) {
+        if ($request->filled('license_name')) {
            $licenses->where('license_name','=',$request->input('license_name'));
        }

-        if ($request->has('license_email')) {
+        if ($request->filled('license_email')) {
            $licenses->where('license_email','=',$request->input('license_email'));
        }

-        if ($request->has('manufacturer_id')) {
+        if ($request->filled('manufacturer_id')) {
            $licenses->where('manufacturer_id','=',$request->input('manufacturer_id'));
        }

-        if ($request->has('supplier_id')) {
+        if ($request->filled('supplier_id')) {
            $licenses->where('supplier_id','=',$request->input('supplier_id'));
        }

-        if ($request->has('category_i')) {
-            $licenses->where('category_i','=',$request->input('category_i'));
+        if ($request->filled('category_id')) {
+            $licenses->where('category_id','=',$request->input('category_id'));
        }

-        if ($request->has('depreciation_id')) {
+        if ($request->filled('depreciation_id')) {
            $licenses->where('depreciation_id','=',$request->input('depreciation_id'));
        }

-        if ($request->has('supplier_id')) {
+        if ($request->filled('supplier_id')) {
            $licenses->where('supplier_id','=',$request->input('supplier_id'));
        }


-        if ($request->has('search')) {
+        if ($request->filled('search')) {
            $licenses = $licenses->TextSearch($request->input('search'));
        }


-        $offset = request('offset', 0);
-        $limit = request('limit', 50);
+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($licenses) && ($request->get('offset') > $licenses->count())) ? $licenses->count() : $request->get('offset', 0);
+
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');
+
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';


@@ -97,11 +103,33 @@ class LicensesController extends Controller
            case 'category':
                $licenses = $licenses->leftJoin('categories', 'licenses.category_id', '=', 'categories.id')->orderBy('categories.name', $order);
                break;
+            case 'depreciation':
+                $licenses = $licenses->leftJoin('depreciations', 'licenses.depreciation_id', '=', 'depreciations.id')->orderBy('depreciations.name', $order);
+                break;
            case 'company':
                $licenses = $licenses->leftJoin('companies', 'licenses.company_id', '=', 'companies.id')->orderBy('companies.name', $order);
                break;
            default:
-                $allowed_columns = ['id','name','purchase_cost','expiration_date','purchase_order','order_number','notes','purchase_date','serial','company','category','license_name','license_email','free_seats_count','seats'];
+                $allowed_columns =
+                    [
+                        'id',
+                        'name',
+                        'purchase_cost',
+                        'expiration_date',
+                        'purchase_order',
+                        'order_number',
+                        'notes',
+                        'purchase_date',
+                        'serial',
+                        'company',
+                        'category',
+                        'license_name',
+                        'license_email',
+                        'free_seats_count',
+                        'seats',
+                        'termination_date',
+                        'depreciation_id'
+                    ];
                $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
                $licenses = $licenses->orderBy($sort, $order);
                break;
@@ -150,7 +178,7 @@ class LicensesController extends Controller
    public function show($id)
    {
        $this->authorize('view', License::class);
-        $license = License::findOrFail($id);
+        $license = License::withCount('freeSeats')->findOrFail($id);
        $license = $license->load('assignedusers', 'licenseSeats.user', 'licenseSeats.asset');
        return (new LicensesTransformer)->transformLicense($license);
    }
@@ -168,7 +196,7 @@ class LicensesController extends Controller
    public function update(Request $request, $id)
    {
        //
-        $this->authorize('edit', License::class);
+        $this->authorize('update', License::class);

        $license = License::findOrFail($id);
        $license->fill($request->all());
@@ -223,13 +251,24 @@ class LicensesController extends Controller

        if ($license = License::find($licenseId)) {

-            $seats = LicenseSeat::where('license_id', $licenseId)->with('license', 'user', 'asset');
+            $this->authorize('view', $license);
+
+            $seats = LicenseSeat::with('license', 'user', 'asset', 'user.department')
+                ->where('license_seats.license_id', $licenseId);

-            $offset = request('offset', 0);
-            $limit = request('limit', 50);
            $order = $request->input('order') === 'asc' ? 'asc' : 'desc';

+            if ($request->input('sort')=='department') {
+                $seats->OrderDepartments($order);
+            } else {
+                $seats->orderBy('id', $order);
+            }
+
+            $offset = (($seats) && (request('offset') > $seats->count())) ? 0 : request('offset', 0);
+            $limit = request('limit', 50);
+            
            $total = $seats->count();
+
            $seats = $seats->skip($offset)->take($limit)->get();

            if ($seats) {
@@ -242,5 +281,29 @@ class LicensesController extends Controller

    }

+    
+    /**
+     * Gets a paginated collection for the select2 menus
+     *
+     * @see \App\Http\Transformers\SelectlistTransformer
+     */
+    public function selectlist(Request $request)
+    {
+
+        $licenses = License::select([
+            'licenses.id',
+            'licenses.name'
+        ]);
+
+        if ($request->filled('search')) {
+            $licenses = $licenses->where('licenses.name', 'LIKE', '%'.$request->get('search').'%');
+        }
+
+        $licenses = $licenses->orderBy('name', 'ASC')->paginate(50);
+
+
+        return (new SelectlistTransformer)->transformSelectlist($licenses);
+    }
+

 }
--- a/app/Http/Controllers/Api/LocationsController.php
+++ b/app/Http/Controllers/Api/LocationsController.php
@@ -8,6 +8,8 @@ use App\Helpers\Helper;
 use App\Models\Location;
 use App\Http\Transformers\LocationsTransformer;
 use App\Http\Transformers\SelectlistTransformer;
+use Illuminate\Pagination\LengthAwarePaginator;
+use Illuminate\Support\Collection;

 class LocationsController extends Controller
 {
@@ -22,11 +24,11 @@ class LocationsController extends Controller
    {
        $this->authorize('view', Location::class);
        $allowed_columns = [
-                'id','name','address','address2','city','state','country','zip','created_at',
-                'updated_at','manager_id','image',
-                'assigned_assets_count','users_count','assets_count','currency'];
+            'id','name','address','address2','city','state','country','zip','created_at',
+            'updated_at','manager_id','image',
+            'assigned_assets_count','users_count','assets_count','currency','ldap_ou'];

-        $locations = Location::with('parent', 'manager', 'childLocations')->select([
+        $locations = Location::with('parent', 'manager', 'children')->select([
            'locations.id',
            'locations.name',
            'locations.address',
@@ -40,19 +42,23 @@ class LocationsController extends Controller
            'locations.created_at',
            'locations.updated_at',
            'locations.image',
+            'locations.ldap_ou',
            'locations.currency'
-        ])->withCount('assignedAssets')
-        ->withCount('assets')
-        ->withCount('users');
+        ])->withCount('assignedAssets as assigned_assets_count')
+            ->withCount('assets as assets_count')
+            ->withCount('users as users_count');

-        if ($request->has('search')) {
+        if ($request->filled('search')) {
            $locations = $locations->TextSearch($request->input('search'));
        }



-        $offset = $request->input('offset', 0);
-        $limit = $request->input('limit', 50);
+        $offset = (($locations) && (request('offset') > $locations->count())) ? 0 : request('offset', 0);
+
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');
+
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';

@@ -106,7 +112,26 @@ class LocationsController extends Controller
    public function show($id)
    {
        $this->authorize('view', Location::class);
-        $location = Location::findOrFail($id);
+        $location = Location::with('parent', 'manager', 'children')
+            ->select([
+                'locations.id',
+                'locations.name',
+                'locations.address',
+                'locations.address2',
+                'locations.city',
+                'locations.state',
+                'locations.zip',
+                'locations.country',
+                'locations.parent_id',
+                'locations.manager_id',
+                'locations.created_at',
+                'locations.updated_at',
+                'locations.image',
+                'locations.currency'
+            ])
+            ->withCount('assignedAssets as assigned_assets_count')
+            ->withCount('assets as assets_count')
+            ->withCount('users as users_count')->findOrFail($id);
        return (new LocationsTransformer)->transformLocation($location);
    }

@@ -118,15 +143,19 @@ class LocationsController extends Controller
     * @since [v4.0]
     * @param  \Illuminate\Http\Request  $request
     * @param  int  $id
-     * @return \Illuminate\Http\Response
+     * @return \Illuminate\Http\JsonResponse
     */
    public function update(Request $request, $id)
    {
-        $this->authorize('edit', Location::class);
+        $this->authorize('update', Location::class);
        $location = Location::findOrFail($id);
+
        $location->fill($request->all());

-        if ($location->save()) {
+
+        if ($location->isValid()) {
+
+            $location->save();
            return response()->json(
                Helper::formatStandardApiResponse(
                    'success',
@@ -151,6 +180,10 @@ class LocationsController extends Controller
    {
        $this->authorize('delete', Location::class);
        $location = Location::findOrFail($id);
+        if(!$location->isDeletable()) {
+            return response()
+                    ->json(Helper::formatStandardApiResponse('error', null,  trans('admin/companies/message.assoc_users')));
+        }
        $this->authorize('delete', $location);
        $location->delete();
        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/locations/message.delete.success')));
@@ -159,6 +192,27 @@ class LocationsController extends Controller
    /**
     * Gets a paginated collection for the select2 menus
     *
+     * This is handled slightly differently as of ~4.7.8-pre, as
+     * we have to do some recursive magic to get the hierarchy to display
+     * properly when looking at the parent/child relationship in the
+     * rich menus.
+     *
+     * This means we can't use the normal pagination that we use elsewhere
+     * in our selectlists, since we have to get the full set before we can
+     * determine which location is parent/child/grandchild, etc.
+     *
+     * This also means that hierarchy display gets a little funky when people
+     * use the Select2 search functionality, but there's not much we can do about
+     * that right now.
+     *
+     * As a result, instead of paginating as part of the query, we have to grab
+     * the entire data set, and then invoke a paginator manually and pass that
+     * through to the SelectListTransformer.
+     *
+     * Many thanks to @uberbrady for the help getting this working better.
+     * Recursion still sucks, but I guess he doesn't have to get in the
+     * sea... this time.
+     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0.16]
     * @see \App\Http\Transformers\SelectlistTransformer
@@ -170,25 +224,44 @@ class LocationsController extends Controller
        $locations = Location::select([
            'locations.id',
            'locations.name',
+            'locations.parent_id',
            'locations.image',
        ]);

-        if ($request->has('search')) {
-            $locations = $locations->where('locations.name', 'LIKE', '%'.$request->get('search').'%');
+        $page = 1;
+        if ($request->filled('page')) {
+            $page = $request->input('page');
        }

-        $locations = $locations->orderBy('name', 'ASC')->paginate(50);
+        if ($request->filled('search')) {
+            $locations = $locations->where('locations.name', 'LIKE', '%'.$request->input('search').'%');
+        }
+
+        $locations = $locations->orderBy('name', 'ASC')->get();
+
+        $locations_with_children = [];

-        // Loop through and set some custom properties for the transformer to use.
-        // This lets us have more flexibility in special cases like assets, where
-        // they may not have a ->name value but we want to display something anyway
        foreach ($locations as $location) {
-            $location->use_text = $location->name;
-            $location->use_image = ($location->image) ? url('/').'/uploads/locations/'.$location->image : null;
+            if (!array_key_exists($location->parent_id, $locations_with_children)) {
+                $locations_with_children[$location->parent_id] = [];
+            }
+            $locations_with_children[$location->parent_id][] = $location;
        }

-        return (new SelectlistTransformer)->transformSelectlist($locations);
+        if ($request->filled('search')) {
+            $locations_formatted =  $locations;
+        } else {
+            $location_options = Location::indenter($locations_with_children);
+            $locations_formatted = new Collection($location_options);
+
+        }
+
+        $paginated_results =  new LengthAwarePaginator($locations_formatted->forPage($page, 500), $locations_formatted->count(), 500, $page, []);
+
+        //return [];
+        return (new SelectlistTransformer)->transformSelectlist($paginated_results);

    }

+
 }
--- a/app/Http/Controllers/Api/ManufacturersController.php
+++ b/app/Http/Controllers/Api/ManufacturersController.php
@@ -2,13 +2,13 @@

 namespace App\Http\Controllers\Api;

-use Illuminate\Http\Request;
-use App\Http\Controllers\Controller;
 use App\Helpers\Helper;
-use App\Models\Manufacturer;
-use App\Http\Transformers\DatatablesTransformer;
+use App\Http\Controllers\Controller;
 use App\Http\Transformers\ManufacturersTransformer;
 use App\Http\Transformers\SelectlistTransformer;
+use App\Models\Manufacturer;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Storage;

 class ManufacturersController extends Controller
 {
@@ -26,21 +26,24 @@ class ManufacturersController extends Controller

        $manufacturers = Manufacturer::select(
            array('id','name','url','support_url','support_email','support_phone','created_at','updated_at','image', 'deleted_at')
-        )->withCount('assets')->withCount('licenses')->withCount('consumables')->withCount('accessories');
+        )->withCount('assets as assets_count')->withCount('licenses as licenses_count')->withCount('consumables as consumables_count')->withCount('accessories as accessories_count');

        if ($request->input('deleted')=='true') {
            $manufacturers->onlyTrashed();
        }

-        if ($request->has('search')) {
+        if ($request->filled('search')) {
            $manufacturers = $manufacturers->TextSearch($request->input('search'));
        }


+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($manufacturers) && ($request->get('offset') > $manufacturers->count())) ? $manufacturers->count() : $request->get('offset', 0);

+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');

-        $offset = request('offset', 0);
-        $limit = $request->input('limit', 50);
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
        $manufacturers->orderBy($sort, $order);
@@ -83,7 +86,7 @@ class ManufacturersController extends Controller
    public function show($id)
    {
        $this->authorize('view', Manufacturer::class);
-        $manufacturer = Manufacturer::findOrFail($id);
+        $manufacturer = Manufacturer::withCount('assets as assets_count')->withCount('licenses as licenses_count')->withCount('consumables as consumables_count')->withCount('accessories as accessories_count')->findOrFail($id);
        return (new ManufacturersTransformer)->transformManufacturer($manufacturer);
    }

@@ -99,7 +102,7 @@ class ManufacturersController extends Controller
     */
    public function update(Request $request, $id)
    {
-        $this->authorize('edit', Manufacturer::class);
+        $this->authorize('update', Manufacturer::class);
        $manufacturer = Manufacturer::findOrFail($id);
        $manufacturer->fill($request->all());

@@ -120,11 +123,21 @@ class ManufacturersController extends Controller
     */
    public function destroy($id)
    {
+
        $this->authorize('delete', Manufacturer::class);
        $manufacturer = Manufacturer::findOrFail($id);
        $this->authorize('delete', $manufacturer);
-        $manufacturer->delete();
-        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/manufacturers/message.delete.success')));
+
+        if ($manufacturer->isDeletable()) {
+            $manufacturer->delete();
+            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/manufacturers/message.delete.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/manufacturers/message.assoc_users')));
+
+
+
+

    }

@@ -145,7 +158,7 @@ class ManufacturersController extends Controller
            'image',
        ]);

-        if ($request->has('search')) {
+        if ($request->filled('search')) {
            $manufacturers = $manufacturers->where('name', 'LIKE', '%'.$request->get('search').'%');
        }

@@ -156,7 +169,7 @@ class ManufacturersController extends Controller
        // they may not have a ->name value but we want to display something anyway
        foreach ($manufacturers as $manufacturer) {
            $manufacturer->use_text = $manufacturer->name;
-            $manufacturer->use_image = ($manufacturer->image) ? url('/').'/uploads/manufacturers/'.$manufacturer->image : null;
+            $manufacturer->use_image = ($manufacturer->image) ? Storage::disk('public')->url('manufacturers/'.$manufacturer->image, $manufacturer->image) : null;
        }

        return (new SelectlistTransformer)->transformSelectlist($manufacturers);
--- a/app/Http/Controllers/Api/PredefinedKitsController.php
+++ b/app/Http/Controllers/Api/PredefinedKitsController.php
@@ -0,0 +1,449 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use App\Helpers\Helper;
+use App\Http\Controllers\Controller;
+use App\Http\Transformers\PredefinedKitsTransformer;
+use App\Models\PredefinedKit;
+use Illuminate\Http\Request;
+
+/**
+ *  @author [D. Minaev.] [<dmitriy.minaev.v@gmail.com>]
+ */
+class PredefinedKitsController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     *
+     * @return \Illuminate\Http\Response
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('view', PredefinedKit::class);
+        $allowed_columns = ['id', 'name'];
+
+        $kits = PredefinedKit::query();
+
+        if ($request->filled('search')) {
+            $kits = $kits->TextSearch($request->input('search'));
+        }
+
+        $offset = $request->input('offset', 0);
+        $limit = $request->input('limit', 50);
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'assets_count';
+        $kits->orderBy($sort, $order);
+
+        $total = $kits->count();
+        $kits = $kits->skip($offset)->take($limit)->get();
+        return (new PredefinedKitsTransformer)->transformPredefinedKits($kits, $total);
+
+    }
+
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        $this->authorize('create', PredefinedKit::class);
+        $kit = new PredefinedKit;
+        $kit->fill($request->all());
+
+        if ($kit->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $kit, trans('admin/kits/general.create_success')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $kit->getErrors()));
+
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show($id)
+    {
+        $this->authorize('view', PredefinedKit::class);
+        $kit = PredefinedKit::findOrFail($id);
+        return (new PredefinedKitsTransformer)->transformPredefinedKit($kit);
+    }
+
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id kit id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        $this->authorize('update', PredefinedKit::class);
+        $kit = PredefinedKit::findOrFail($id);
+        $kit->fill($request->all());
+
+        if ($kit->save()) {
+            return response()->json(Helper::formatStandardApiResponse('success', $kit, trans('admin/kits/general.update_success')));      // TODO: trans
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, $kit->getErrors()));
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($id)
+    {
+        $this->authorize('delete', PredefinedKit::class);
+        $kit = PredefinedKit::findOrFail($id);
+
+        // Delete childs
+        $kit->models()->detach();
+        $kit->licenses()->detach();
+        $kit->consumables()->detach();
+        $kit->accessories()->detach();
+
+        $kit->delete();
+        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/kits/general.delete_success')));     // TODO: trans
+
+    }
+
+
+    /**
+     * Gets a paginated collection for the select2 menus
+     *
+     * @see \App\Http\Transformers\SelectlistTransformer
+     *
+     */
+    public function selectlist(Request $request)
+    {
+
+        $kits = PredefinedKit::select([
+            'id',
+            'name'
+        ]);
+
+        if ($request->filled('search')) {
+            $kits = $kits->where('name', 'LIKE', '%'.$request->get('search').'%');
+        }
+
+        $kits = $kits->orderBy('name', 'ASC')->paginate(50);
+
+        return (new SelectlistTransformer)->transformSelectlist($kits);
+
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function indexLicenses($kit_id) {
+        $this->authorize('view', PredefinedKit::class);
+        $kit = PredefinedKit::findOrFail($kit_id);
+        $licenses = $kit->licenses;
+        return (new PredefinedKitsTransformer)->transformElements($licenses, $licenses->count());
+    }
+
+    
+    /**
+     * Store the specified resource.
+     *
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+     public function storeLicense(Request $request, $kit_id)
+     {
+         $this->authorize('update', PredefinedKit::class);
+         
+         $kit = PredefinedKit::findOrFail($kit_id);        
+         $quantity = $request->input('quantity', 1);
+         if( $quantity < 1) {
+             $quantity = 1;
+         }
+
+         $license_id = $request->get('license');
+         $relation = $kit->licenses();
+         if( $relation->find($license_id) ) {
+             return response()->json(Helper::formatStandardApiResponse('error', null, ['license' => 'License already attached to kit']));
+         }
+
+         $relation->attach( $license_id, ['quantity' => $quantity]);
+         return response()->json(Helper::formatStandardApiResponse('success', $kit, 'License added successfull'));     // TODO: trans
+    }
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $kit_id
+     * @return \Illuminate\Http\Response
+     */
+     public function updateLicense(Request $request, $kit_id, $license_id)
+     {
+         $this->authorize('update', PredefinedKit::class);
+         $kit = PredefinedKit::findOrFail($kit_id);
+         $quantity = $request->input('quantity', 1);
+         if( $quantity < 1) {
+             $quantity = 1;
+         }
+         $kit->licenses()->syncWithoutDetaching([$license_id => ['quantity' =>  $quantity]]);
+ 
+         return response()->json(Helper::formatStandardApiResponse('success', $kit, 'License updated'));  // TODO: trans
+     }
+
+     /**
+     * Remove the specified resource from storage.
+     *
+     * @param  int  $kit_id
+     * @return \Illuminate\Http\Response
+     */
+    public function detachLicense($kit_id, $license_id)
+    {
+        $this->authorize('update', PredefinedKit::class);
+        $kit = PredefinedKit::findOrFail($kit_id);
+
+        $kit->licenses()->detach($license_id);
+        return response()->json(Helper::formatStandardApiResponse('success', $kit,  trans('admin/kits/general.delete_success')));
+    }
+    
+    /**
+     * Display the specified resource.
+     *
+     * @param  int  $kit_id
+     * @return \Illuminate\Http\Response
+     */
+     public function indexModels($kit_id) {
+        $this->authorize('view', PredefinedKit::class);
+        $kit = PredefinedKit::findOrFail($kit_id);
+        $models = $kit->models;
+        return (new PredefinedKitsTransformer)->transformElements($models, $models->count());
+    }
+    
+    /**
+     * Store the specified resource.
+     *
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+     public function storeModel(Request $request, $kit_id)
+     {
+
+
+        $this->authorize('update', PredefinedKit::class);
+        
+        $kit = PredefinedKit::findOrFail($kit_id);        
+        
+        $model_id = $request->get('model');
+        $quantity = $request->input('quantity', 1);
+        if( $quantity < 1) {
+            $quantity = 1;
+        }
+        
+        $relation = $kit->models();
+        if( $relation->find($model_id) ) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, ['model' => 'Model already attached to kit']));
+        }
+        $relation->attach($model_id, ['quantity' => $quantity]);
+        
+        return response()->json(Helper::formatStandardApiResponse('success', $kit, 'Model added successfull'));
+    }
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $kit_id
+     * @return \Illuminate\Http\Response
+     */
+     public function updateModel(Request $request, $kit_id, $model_id)
+     {
+         $this->authorize('update', PredefinedKit::class);
+         $kit = PredefinedKit::findOrFail($kit_id);
+         $quantity = $request->input('quantity', 1);
+         if( $quantity < 1) {
+             $quantity = 1;
+         }
+         $kit->models()->syncWithoutDetaching([$model_id => ['quantity' =>  $quantity]]);
+ 
+         return response()->json(Helper::formatStandardApiResponse('success', $kit, 'License updated'));  // TODO: trans
+     }
+
+     /**
+     * Remove the specified resource from storage.
+     *
+     * @param  int  $kit_id
+     * @return \Illuminate\Http\Response
+     */
+    public function detachModel($kit_id, $model_id)
+    {
+        $this->authorize('update', PredefinedKit::class);
+        $kit = PredefinedKit::findOrFail($kit_id);
+
+        $kit->models()->detach($model_id);
+        return response()->json(Helper::formatStandardApiResponse('success', $kit,  trans('admin/kits/general.model_removed_success')));
+    }
+
+
+    
+    /**
+     * Display the specified resource.
+     *
+     * @param  int  $kit_id
+     * @return \Illuminate\Http\Response
+     */
+    public function indexConsumables($kit_id) {
+        $this->authorize('view', PredefinedKit::class);
+        $kit = PredefinedKit::findOrFail($kit_id);
+        $consumables = $kit->consumables;
+        return (new PredefinedKitsTransformer)->transformElements($consumables, $consumables->count());
+    }
+
+    
+    /**
+     * Store the specified resource.
+     *
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+     public function storeConsumable(Request $request, $kit_id)
+     {
+         $this->authorize('update', PredefinedKit::class);
+         
+         $kit = PredefinedKit::findOrFail($kit_id);        
+         $quantity = $request->input('quantity', 1);
+         if( $quantity < 1) {
+             $quantity = 1;
+         }
+
+         $consumable_id = $request->get('consumable');
+         $relation = $kit->consumables();
+         if( $relation->find($consumable_id) ) {
+             return response()->json(Helper::formatStandardApiResponse('error', null, ['consumable' => 'Consumable already attached to kit']));
+         }
+
+         $relation->attach( $consumable_id, ['quantity' => $quantity]);
+         return response()->json(Helper::formatStandardApiResponse('success', $kit, 'Consumable added successfull'));     // TODO: trans
+    }
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $kit_id
+     * @return \Illuminate\Http\Response
+     */
+     public function updateConsumable(Request $request, $kit_id, $consumable_id)
+     {
+         $this->authorize('update', PredefinedKit::class);
+         $kit = PredefinedKit::findOrFail($kit_id);
+         $quantity = $request->input('quantity', 1);
+         if( $quantity < 1) {
+             $quantity = 1;
+         }
+         $kit->consumables()->syncWithoutDetaching([$consumable_id => ['quantity' =>  $quantity]]);
+ 
+         return response()->json(Helper::formatStandardApiResponse('success', $kit, 'Consumable updated'));  // TODO: trans
+     }
+
+     /**
+     * Remove the specified resource from storage.
+     *
+     * @param  int  $kit_id
+     * @return \Illuminate\Http\Response
+     */
+    public function detachConsumable($kit_id, $consumable_id)
+    {
+        $this->authorize('update', PredefinedKit::class);
+        $kit = PredefinedKit::findOrFail($kit_id);
+
+        $kit->consumables()->detach($consumable_id);
+        return response()->json(Helper::formatStandardApiResponse('success', $kit,  'Delete was successfull'));     // TODO: trans
+    }
+
+    
+    /**
+     * Display the specified resource.
+     *
+     * @param  int  $kit_id
+     * @return \Illuminate\Http\Response
+     */
+    public function indexAccessories($kit_id) {
+        $this->authorize('view', PredefinedKit::class);
+        $kit = PredefinedKit::findOrFail($kit_id);
+        $accessories = $kit->accessories;
+        return (new PredefinedKitsTransformer)->transformElements($accessories, $accessories->count());
+    }
+
+    
+    /**
+     * Store the specified resource.
+     *
+     * @param  int  $kit_id
+     * @return \Illuminate\Http\Response
+     */
+     public function storeAccessory(Request $request, $kit_id)
+     {
+         $this->authorize('update', PredefinedKit::class);
+         
+         $kit = PredefinedKit::findOrFail($kit_id);        
+         $quantity = $request->input('quantity', 1);
+         if( $quantity < 1) {
+             $quantity = 1;
+         }
+
+         $accessory_id = $request->get('accessory');
+         $relation = $kit->accessories();
+         if( $relation->find($accessory_id) ) {
+             return response()->json(Helper::formatStandardApiResponse('error', null, ['accessory' => 'Accessory already attached to kit']));
+         }
+
+         $relation->attach( $accessory_id, ['quantity' => $quantity]);
+         return response()->json(Helper::formatStandardApiResponse('success', $kit, 'Accessory added successfull'));     // TODO: trans
+    }
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $kit_id
+     * @return \Illuminate\Http\Response
+     */
+     public function updateAccessory(Request $request, $kit_id, $accessory_id)
+     {
+         $this->authorize('update', PredefinedKit::class);
+         $kit = PredefinedKit::findOrFail($kit_id);
+         $quantity = $request->input('quantity', 1);
+         if( $quantity < 1) {
+             $quantity = 1;
+         }
+         $kit->accessories()->syncWithoutDetaching([$accessory_id => ['quantity' =>  $quantity]]);
+ 
+         return response()->json(Helper::formatStandardApiResponse('success', $kit, 'Accessory updated'));  // TODO: trans
+     }
+
+     /**
+     * Remove the specified resource from storage.
+     *
+     * @param  int  $kit_id
+     * @return \Illuminate\Http\Response
+     */
+    public function detachAccessory($kit_id, $accessory_id)
+    {
+        $this->authorize('update', PredefinedKit::class);
+        $kit = PredefinedKit::findOrFail($kit_id);
+
+        $kit->accessories()->detach($accessory_id);
+        return response()->json(Helper::formatStandardApiResponse('success', $kit,  'Delete was successfull'));     // TODO: trans
+    }
+}
--- a/app/Http/Controllers/Api/ProfileController.php
+++ b/app/Http/Controllers/Api/ProfileController.php
@@ -2,11 +2,10 @@

 namespace App\Http\Controllers\Api;

-use App\Models\CheckoutRequest;
-use App\Http\Controllers\Controller;
-use Auth;
 use App\Helpers\Helper;
-
+use App\Http\Controllers\Controller;
+use App\Models\CheckoutRequest;
+use Auth;

 class ProfileController extends Controller
 {
@@ -27,15 +26,20 @@ class ProfileController extends Controller


        foreach ($checkoutRequests as $checkoutRequest) {
-            $results['rows'][] = [
-                'image' => $checkoutRequest->itemRequested()->present()->getImageUrl(),
-                'name' => $checkoutRequest->itemRequested()->present()->name(),
-                'type' => $checkoutRequest->itemType(),
-                'qty' => $checkoutRequest->quantity,
-                'location' => ($checkoutRequest->location()) ? $checkoutRequest->location()->name : null,
-                'expected_checkin' => Helper::getFormattedDateObject($checkoutRequest->itemRequested()->expected_checkin, 'datetime'),
-                'request_date' => Helper::getFormattedDateObject($checkoutRequest->created_at, 'datetime'),
-            ];
+
+            // Make sure the asset and request still exist
+            if ($checkoutRequest && $checkoutRequest->itemRequested()) {
+                $results['rows'][] = [
+                    'image' => $checkoutRequest->itemRequested()->present()->getImageUrl(),
+                    'name' => $checkoutRequest->itemRequested()->present()->name(),
+                    'type' => $checkoutRequest->itemType(),
+                    'qty' => $checkoutRequest->quantity,
+                    'location' => ($checkoutRequest->location()) ? $checkoutRequest->location()->name : null,
+                    'expected_checkin' => Helper::getFormattedDateObject($checkoutRequest->itemRequested()->expected_checkin, 'datetime'),
+                    'request_date' => Helper::getFormattedDateObject($checkoutRequest->created_at, 'datetime'),
+                ];
+            }
+
        }
        return $results;
    }
--- a/app/Http/Controllers/Api/ReportsController.php
+++ b/app/Http/Controllers/Api/ReportsController.php
@@ -2,10 +2,10 @@

 namespace App\Http\Controllers\Api;

-use Illuminate\Http\Request;
 use App\Http\Controllers\Controller;
-use App\Models\Actionlog;
 use App\Http\Transformers\ActionlogsTransformer;
+use App\Models\Actionlog;
+use Illuminate\Http\Request;

 class ReportsController extends Controller
 {
@@ -18,28 +18,29 @@ class ReportsController extends Controller
     */
    public function index(Request $request)
    {
-
+        $this->authorize('reports.view');
+        
        $actionlogs = Actionlog::with('item', 'user', 'target','location');

-        if ($request->has('search')) {
+        if ($request->filled('search')) {
            $actionlogs = $actionlogs->TextSearch(e($request->input('search')));
        }

-        if (($request->has('target_type'))  && ($request->has('target_id'))) {
+        if (($request->filled('target_type'))  && ($request->filled('target_id'))) {
            $actionlogs = $actionlogs->where('target_id','=',$request->input('target_id'))
                ->where('target_type','=',"App\\Models\\".ucwords($request->input('target_type')));
        }

-        if (($request->has('item_type'))  && ($request->has('item_id'))) {
+        if (($request->filled('item_type'))  && ($request->filled('item_id'))) {
            $actionlogs = $actionlogs->where('item_id','=',$request->input('item_id'))
                ->where('item_type','=',"App\\Models\\".ucwords($request->input('item_type')));
        }

-        if ($request->has('action_type')) {
+        if ($request->filled('action_type')) {
            $actionlogs = $actionlogs->where('action_type','=',$request->input('action_type'))->orderBy('created_at', 'desc');
        }

-        if ($request->has('uploads')) {
+        if ($request->filled('uploads')) {
            $actionlogs = $actionlogs->whereNotNull('filename')->orderBy('created_at', 'desc');
        }

@@ -48,6 +49,7 @@ class ReportsController extends Controller
            'created_at',
            'target_id',
            'user_id',
+            'accept_signature',
            'action_type',
            'note'
        ];
--- a/app/Http/Controllers/Api/SettingsController.php
+++ b/app/Http/Controllers/Api/SettingsController.php
@@ -2,50 +2,113 @@

 namespace App\Http\Controllers\Api;

-use Illuminate\Http\Request;
 use App\Http\Controllers\Controller;
-use App\Models\Ldap;
-use Validator;
+use App\Http\Transformers\LoginAttemptsTransformer;
 use App\Models\Setting;
-use Mail;
-use App\Notifications\SlackTest;
-use Notification;
 use App\Notifications\MailTest;
+use App\Services\LdapAd;
+use Illuminate\Http\JsonResponse;
+use Illuminate\Http\Request;
+use Illuminate\Http\Response;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Log;
+use Illuminate\Support\Facades\Notification;
+use GuzzleHttp\Client;
+use Illuminate\Support\Facades\Storage;
+use Illuminate\Support\Facades\Validator;
+use App\Models\Ldap; // forward-port of v4 LDAP model for Sync
+

 class SettingsController extends Controller
 {

-
-    public function ldaptest()
+    /**
+     * Test the ldap settings
+     * 
+     * @author Wes Hulette <jwhulette@gmail.com>
+     * 
+     * @since 5.0.0
+     * 
+     * @param App\Models\LdapAd $ldap
+     * 
+     * @return \Illuminate\Http\JsonResponse
+     */
+    public function ldapAdSettingsTest(LdapAd $ldap): JsonResponse
    {
-
-        if (Setting::getSettings()->ldap_enabled!='1') {
-            \Log::debug('LDAP is not enabled cannot test.');
+        if(!$ldap->init()) {
+            Log::info('LDAP is not enabled cannot test.');
            return response()->json(['message' => 'LDAP is not enabled, cannot test.'], 400);
        }

-        \Log::debug('Preparing to test LDAP connection');
+        // The connect, bind and resulting users message
+        $message = [];

+        Log::info('Preparing to test LDAP user login');
+        // Test user can connect to the LDAP server
        try {
-            $connection = Ldap::connectToLdap();
-            try {
-                \Log::debug('attempting to bind to LDAP for LDAP test');
-                Ldap::bindAdminToLdap($connection);
-                return response()->json(['message' => 'It worked!'], 200);
-            } catch (\Exception $e) {
-                \Log::debug('Bind failed');
-                return response()->json(['message' => $e->getMessage()], 400);
-                //return response()->json(['message' => $e->getMessage()], 500);
-            }
+            $ldap->testLdapAdUserConnection();
+            $message['login'] = [
+                'message' => 'Successfully connected to LDAP server.'
+            ];
+        } catch (\Exception $ex) {
+                \Log::debug('LDAP connected but Bind failed. Please check your LDAP settings and try again.');
+            return response()->json([
+                'message' => 'Error logging into LDAP server, error: ' . $ex->getMessage() . ' - Verify your that your username and password are correct']);
+
        } catch (\Exception $e) {
-            \Log::debug('Connection failed');
-            return response()->json(['message' => $e->getMessage()], 600);
+            \Log::info('LDAP connection failed but we cannot debug it any further on our end.');
+            return response()->json(['message' => 'The LDAP connection failed but we cannot debug it any further on our end. The error from the server is: '.$e->getMessage()], 500);
+        }
+
+        Log::info('Preparing to test LDAP bind connection');
+        // Test user can bind to the LDAP server
+        try {
+            Log::info('Testing Bind');
+            $ldap->testLdapAdBindConnection();
+            $message['bind'] = [
+                'message' => 'Successfully binded to LDAP server.'
+            ];
+        } catch (\Exception $ex) {
+            Log::info('LDAP Bind failed');
+            return response()->json([
+                'message' => 'Error binding to LDAP server, error: ' . $ex->getMessage()
+            ], 400);
        }


+        Log::info('Preparing to get sample user set from LDAP directory');
+        // Get a sample of 10 users so user can verify the data is correct
+        $settings = Setting::getSettings();
+        try {
+            Log::info('Testing LDAP sync');
+            error_reporting(E_ALL & ~E_DEPRECATED); // workaround for php7.4, which deprecates ldap_control_paged_result
+            // $users = $ldap->testUserImportSync(); // from AdLdap2 from v5, disabling and falling back to v4's sync code
+            $users = collect(Ldap::findLdapUsers())->slice(0, 11)->filter(function ($value, $key) { //choosing ELEVEN because one is going to be the count, which we're about to filter out in the next line
+                return is_int($key);
+            })->map(function ($item) use ($settings) {
+                return (object) [
+                    'username'        => $item[$settings['ldap_username_field']][0] ?? null,
+                    'employee_number' => $item[$settings['ldap_emp_num']][0] ?? null,
+                    'lastname'        => $item[$settings['ldap_lname_field']][0] ?? null,
+                    'firstname'       => $item[$settings['ldap_fname_field']][0] ?? null,
+                    'email'           => $item[$settings['ldap_email']][0] ?? null,
+                ];
+            });
+            $message['user_sync']  = [
+                'users' => $users
+            ];
+        } catch (\Exception $ex) {
+            Log::info('LDAP sync failed');
+            $message['user_sync']  = [
+                'message' => 'Error getting users from LDAP directory, error: ' . $ex->getMessage()
+            ];
+            return response()->json($message, 400);
+        }
+
+        return response()->json($message, 200);
    }

-    public function ldaptestlogin(Request $request)
+    public function ldaptestlogin(Request $request, LdapAd $ldap)
    {

        if (Setting::getSettings()->ldap_enabled!='1') {
@@ -69,55 +132,54 @@ class SettingsController extends Controller

        \Log::debug('Preparing to test LDAP login');
        try {
-            $connection = Ldap::connectToLdap();
-            try {
-                Ldap::bindAdminToLdap($connection);
-                \Log::debug('Attempting to bind to LDAP for LDAP test');
-                try {
-                    $ldap_user = Ldap::findAndBindUserLdap($request->input('ldaptest_user'), $request->input('ldaptest_password'));
-                    if ($ldap_user) {
-                        \Log::debug('It worked! '. $request->input('ldaptest_user').' successfully binded to LDAP.');
-                        return response()->json(['message' => 'It worked! '. $request->input('ldaptest_user').' successfully binded to LDAP.'], 200);
-                    }
-                    return response()->json(['message' => 'Login Failed. '. $request->input('ldaptest_user').' did not successfully bind to LDAP.'], 400);
+            DB::beginTransaction(); //this was the easiest way to invoke a full test of an LDAP login without adding new users to the DB (which may not be desired)

-                } catch (\Exception $e) {
-                    \Log::debug('LDAP login failed');
-                    return response()->json(['message' => $e->getMessage()], 400);
-                }
+            // $results = $ldap->ldap->auth()->attempt($request->input('ldaptest_username'), $request->input('ldaptest_password'), true);
+            // can't do this because that's a protected property.

-            } catch (\Exception $e) {
-                \Log::debug('Bind failed');
-                return response()->json(['message' => $e->getMessage()], 400);
-                //return response()->json(['message' => $e->getMessage()], 500);
+            $results = $ldap->ldapLogin($request->input('ldaptest_user'), $request->input('ldaptest_password')); // this would normally create a user on success (if they didn't already exist), but for the transaction
+            if($results) {
+                return response()->json(['message' => 'It worked! '. $request->input('ldaptest_user').' successfully binded to LDAP.'], 200);
+            } else {
+                return response()->json(['message' => 'Login Failed. '. $request->input('ldaptest_user').' did not successfully bind to LDAP.'], 400);
            }
        } catch (\Exception $e) {
            \Log::debug('Connection failed');
-            return response()->json(['message' => $e->getMessage()], 500);
+            return response()->json(['message' => $e->getMessage()], 400);
+        } finally {
+            DB::rollBack(); // ALWAYS rollback, whether success or failure
        }


    }

-
-    public function slacktest()
+    public function slacktest(Request $request)
    {

-        if ($settings = Setting::getSettings()->slack_channel=='') {
-            \Log::debug('Slack is not enabled. Cannot test.');
-            return response()->json(['message' => 'Slack is not enabled, cannot test.'], 400);
-        }
+        $slack = new Client([
+            'base_url' => e($request->input('slack_endpoint')),
+            'defaults' => [
+                'exceptions' => false
+            ]
+        ]);

-        \Log::debug('Preparing to test slack connection');
+
+        $payload = json_encode(
+            [
+                'channel'    => e($request->input('slack_channel')),
+                'text'       => trans('general.slack_test_msg'),
+                'username'    => e($request->input('slack_botname')),
+                'icon_emoji' => ':heart:'
+            ]);

        try {
-            Notification::send($settings = Setting::getSettings(), new SlackTest());
+            $slack->post($request->input('slack_endpoint'),['body' => $payload]);
            return response()->json(['message' => 'Success'], 200);
        } catch (\Exception $e) {
-            \Log::debug('Slack connection failed');
-            return response()->json(['message' => $e->getMessage()], 400);
+            return response()->json(['message' => 'Oops! Please check the channel name and webhook endpoint URL. Slack responded with: '.$e->getMessage()], 400);
        }

+        return response()->json(['message' => 'Something went wrong :( '], 400);

    }

@@ -135,7 +197,7 @@ class SettingsController extends Controller
            try {
                Notification::send(Setting::first(), new MailTest());
                return response()->json(['message' => 'Mail sent to '.config('mail.reply_to.address')], 200);
-            } catch (Exception $e) {
+            } catch (\Exception $e) {
                return response()->json(['message' => $e->getMessage()], 500);
            }
        }
@@ -144,5 +206,74 @@ class SettingsController extends Controller
    }


+    /**
+     * Delete server-cached barcodes
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v5.0.0]
+     * @return Response
+     */
+    public function purgeBarcodes()
+    {
+
+        $file_count = 0;
+        $files = Storage::disk('public')->files('barcodes');
+
+        foreach ($files as $file) { // iterate files
+
+            $file_parts = explode(".", $file);
+            $extension = end($file_parts);
+            \Log::debug($extension);
+
+            // Only generated barcodes would have a .png file extension
+            if ($extension =='png') {
+
+                \Log::debug('Deleting: '.$file);
+
+
+                try  {
+                    Storage::disk('public')->delete($file);
+                    \Log::debug('Deleting: '.$file);
+                    $file_count++;
+                } catch (\Exception $e) {
+                    \Log::debug($e);
+                }
+            }
+
+        }
+
+        return response()->json(['message' => 'Deleted '.$file_count.' barcodes'], 200);
+
+    }
+
+
+
+
+
+    /**
+     * Get a list of login attempts
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v5.0.0]
+     * @param  \Illuminate\Http\Request  $request
+     * @return array
+     */
+    public function showLoginAttempts(Request $request)
+    {
+        $allowed_columns = ['id', 'username', 'remote_ip', 'user_agent','successful','created_at'];
+
+        $login_attempts =  DB::table('login_attempts');
+        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->get('sort'), $allowed_columns) ? $request->get('sort') : 'created_at';
+
+        $total = $login_attempts->count();
+        $login_attempts->orderBy($sort, $order);
+        $login_attempt_results = $login_attempts->skip(request('offset', 0))->take(request('limit',  20))->get();
+
+        return (new LoginAttemptsTransformer)->transformLoginAttempts($login_attempt_results, $total);
+
+    }
+
+

 }
--- a/app/Http/Controllers/Api/StatuslabelsController.php
+++ b/app/Http/Controllers/Api/StatuslabelsController.php
@@ -2,13 +2,13 @@

 namespace App\Http\Controllers\Api;

-use Illuminate\Http\Request;
-use App\Http\Controllers\Controller;
 use App\Helpers\Helper;
-use App\Models\Statuslabel;
-use App\Models\Asset;
-use App\Http\Transformers\StatuslabelsTransformer;
+use App\Http\Controllers\Controller;
 use App\Http\Transformers\AssetsTransformer;
+use App\Http\Transformers\StatuslabelsTransformer;
+use App\Models\Asset;
+use App\Models\Statuslabel;
+use Illuminate\Http\Request;

 class StatuslabelsController extends Controller
 {
@@ -24,14 +24,19 @@ class StatuslabelsController extends Controller
        $this->authorize('view', Statuslabel::class);
        $allowed_columns = ['id','name','created_at', 'assets_count','color','default_label'];

-        $statuslabels = Statuslabel::withCount('assets');
+        $statuslabels = Statuslabel::withCount('assets as assets_count');

-        if ($request->has('search')) {
+        if ($request->filled('search')) {
            $statuslabels = $statuslabels->TextSearch($request->input('search'));
        }

-        $offset = $request->input('offset', 0);
-        $limit = $request->input('limit', 50);
+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($statuslabels) && ($request->get('offset') > $statuslabels->count())) ? $statuslabels->count() : $request->get('offset', 0);
+
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');
+
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
        $statuslabels->orderBy($sort, $order);
@@ -55,7 +60,7 @@ class StatuslabelsController extends Controller
        $this->authorize('create', Statuslabel::class);
        $request->except('deployable', 'pending','archived');

-        if (!$request->has('type')) {
+        if (!$request->filled('type')) {
            return response()->json(Helper::formatStandardApiResponse('error', null, ["type" => ["Status label type is required."]]),500);
        }

@@ -101,12 +106,12 @@ class StatuslabelsController extends Controller
     */
    public function update(Request $request, $id)
    {
-        $this->authorize('edit', Statuslabel::class);
+        $this->authorize('update', Statuslabel::class);
        $statuslabel = Statuslabel::findOrFail($id);
        
        $request->except('deployable', 'pending','archived');

-        if (!$request->has('type')) {
+        if (!$request->filled('type')) {
            return response()->json(Helper::formatStandardApiResponse('error', null, 'Status label type is required.'));
        }

@@ -160,26 +165,32 @@ class StatuslabelsController extends Controller

    public function getAssetCountByStatuslabel()
    {
+        $this->authorize('view', Statuslabel::class);

-        $statuslabels = Statuslabel::with('assets')->groupBy('id')->withCount('assets')->get();
+        $statuslabels = Statuslabel::with('assets')
+            ->groupBy('id')
+            ->withCount('assets as assets_count')
+            ->get();

        $labels=[];
        $points=[];
-        $colors=[];
+        $default_color_count = 0;
+
        foreach ($statuslabels as $statuslabel) {
            if ($statuslabel->assets_count > 0) {

                $labels[]=$statuslabel->name. ' ('.number_format($statuslabel->assets_count).')';
                $points[]=$statuslabel->assets_count;
+
                if ($statuslabel->color!='') {
-                    $colors[]=$statuslabel->color;
+                    $colors_array[] = $statuslabel->color;
+                } else {
+                    $colors_array[] = Helper::defaultChartColors($default_color_count);
+                    $default_color_count++;
                }
            }
        }

-        
-        $colors_array = array_merge($colors, Helper::chartColors());
-
        $result= [
            "labels" => $labels,
            "datasets" => [ [
@@ -203,11 +214,11 @@ class StatuslabelsController extends Controller
    {
        $this->authorize('view', Statuslabel::class);
        $this->authorize('index', Asset::class);
-        $assets = Asset::where('status_id','=',$id);
+        $assets = Asset::where('status_id','=',$id)->with('assignedTo');

        $allowed_columns = [
            'id',
-            'name'
+            'name',
        ];

        $offset = request('offset', 0);
--- a/app/Http/Controllers/Api/SuppliersController.php
+++ b/app/Http/Controllers/Api/SuppliersController.php
@@ -2,13 +2,13 @@

 namespace App\Http\Controllers\Api;

-use Illuminate\Http\Request;
-use App\Http\Controllers\Controller;
 use App\Helpers\Helper;
-use App\Models\Supplier;
-use App\Http\Transformers\SuppliersTransformer;
+use App\Http\Controllers\Controller;
 use App\Http\Transformers\SelectlistTransformer;
-
+use App\Http\Transformers\SuppliersTransformer;
+use App\Models\Supplier;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Storage;

 class SuppliersController extends Controller
 {
@@ -22,19 +22,24 @@ class SuppliersController extends Controller
    public function index(Request $request)
    {
        $this->authorize('view', Supplier::class);
-        $allowed_columns = ['id','name','address','phone','contact','fax','email','image','assets_count','licenses_count', 'accessories_count'];
+        $allowed_columns = ['id','name','address','phone','contact','fax','email','image','assets_count','licenses_count', 'accessories_count','url'];
        
        $suppliers = Supplier::select(
                array('id','name','address','address2','city','state','country','fax', 'phone','email','contact','created_at','updated_at','deleted_at','image','notes')
-            )->withCount('assets')->withCount('licenses')->withCount('accessories')->whereNull('deleted_at');
+            )->withCount('assets as assets_count')->withCount('licenses as licenses_count')->withCount('accessories as accessories_count');


-        if ($request->has('search')) {
+        if ($request->filled('search')) {
            $suppliers = $suppliers->TextSearch($request->input('search'));
        }

-        $offset = request('offset', 0);
-        $limit = $request->input('limit', 50);
+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($suppliers) && ($request->get('offset') > $suppliers->count())) ? $suppliers->count() : $request->get('offset', 0);
+
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');
+
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
        $suppliers->orderBy($sort, $order);
@@ -93,7 +98,7 @@ class SuppliersController extends Controller
     */
    public function update(Request $request, $id)
    {
-        $this->authorize('edit', Supplier::class);
+        $this->authorize('update', Supplier::class);
        $supplier = Supplier::findOrFail($id);
        $supplier->fill($request->all());

@@ -115,7 +120,7 @@ class SuppliersController extends Controller
    public function destroy($id)
    {
        $this->authorize('delete', Supplier::class);
-        $supplier = Supplier::with('asset_maintenances', 'assets', 'licenses')->withCount('asset_maintenances','assets', 'licenses')->findOrFail($id);
+        $supplier = Supplier::with('asset_maintenances', 'assets', 'licenses')->withCount('asset_maintenances as asset_maintenances_count','assets as assets_count', 'licenses as licenses_count')->findOrFail($id);
        $this->authorize('delete', $supplier);


@@ -153,7 +158,7 @@ class SuppliersController extends Controller
            'image',
        ]);

-        if ($request->has('search')) {
+        if ($request->filled('search')) {
            $suppliers = $suppliers->where('suppliers.name', 'LIKE', '%'.$request->get('search').'%');
        }

@@ -164,7 +169,7 @@ class SuppliersController extends Controller
        // they may not have a ->name value but we want to display something anyway
        foreach ($suppliers as $supplier) {
            $supplier->use_text = $supplier->name;
-            $supplier->use_image = ($supplier->image) ? url('/').'/uploads/suppliers/'.$supplier->image : null;
+            $supplier->use_image = ($supplier->image) ? Storage::disk('public')->url('suppliers/'.$supplier->image, $supplier->image) : null;
        }

        return (new SelectlistTransformer)->transformSelectlist($suppliers);
--- a/app/Http/Controllers/Api/UsersController.php
+++ b/app/Http/Controllers/Api/UsersController.php
@@ -2,16 +2,21 @@

 namespace App\Http\Controllers\Api;

-use Illuminate\Http\Request;
-use App\Http\Controllers\Controller;
-use App\Http\Transformers\UsersTransformer;
-use App\Models\Company;
-use App\Models\User;
 use App\Helpers\Helper;
+use App\Http\Controllers\Controller;
 use App\Http\Requests\SaveUserRequest;
-use App\Models\Asset;
+use App\Http\Transformers\AccessoriesTransformer;
 use App\Http\Transformers\AssetsTransformer;
+use App\Http\Transformers\LicensesTransformer;
 use App\Http\Transformers\SelectlistTransformer;
+use App\Http\Transformers\UsersTransformer;
+use App\Models\Asset;
+use App\Models\Company;
+use App\Models\License;
+use App\Models\User;
+use Auth;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Storage;

 class UsersController extends Controller
 {
@@ -51,42 +56,61 @@ class UsersController extends Controller
            'users.phone',
            'users.state',
            'users.two_factor_enrolled',
+            'users.two_factor_optin',
            'users.updated_at',
            'users.username',
            'users.zip',
+            'users.ldap_import',

        ])->with('manager', 'groups', 'userloc', 'company', 'department','assets','licenses','accessories','consumables')
-            ->withCount('assets','licenses','accessories','consumables');
+            ->withCount('assets as assets_count','licenses as licenses_count','accessories as accessories_count','consumables as consumables_count');
        $users = Company::scopeCompanyables($users);


-        if (($request->has('deleted')) && ($request->input('deleted')=='true')) {
-            $users = $users->GetDeleted();
+        if (($request->filled('deleted')) && ($request->input('deleted')=='true')) {
+            $users = $users->onlyTrashed();
+        } elseif (($request->filled('all')) && ($request->input('all')=='true')) {
+            $users = $users->withTrashed();
        }

-        if ($request->has('company_id')) {
+        if ($request->filled('company_id')) {
            $users = $users->where('users.company_id', '=', $request->input('company_id'));
        }

-        if ($request->has('location_id')) {
+        if ($request->filled('location_id')) {
            $users = $users->where('users.location_id', '=', $request->input('location_id'));
        }

-        if ($request->has('group_id')) {
+        if ($request->filled('email')) {
+            $users = $users->where('users.email', '=', $request->input('email'));
+        }
+
+        if ($request->filled('username')) {
+            $users = $users->where('users.username', '=', $request->input('username'));
+        }
+
+        if ($request->filled('group_id')) {
            $users = $users->ByGroup($request->get('group_id'));
        }

-        if ($request->has('department_id')) {
+        if ($request->filled('department_id')) {
            $users = $users->where('users.department_id','=',$request->input('department_id'));
        }

-        if ($request->has('search')) {
+        if ($request->filled('search')) {
            $users = $users->TextSearch($request->input('search'));
        }

        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
-        $offset = request('offset', 0);
-        $limit = request('limit',  20);
+        $offset = (($users) && (request('offset') > $users->count())) ? 0 : request('offset', 0);
+
+        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
+        // case we override with the actual count, so we should return 0 items.
+        $offset = (($users) && ($request->get('offset') > $users->count())) ? $users->count() : $request->get('offset', 0);
+
+        // Check to make sure the limit is not higher than the max allowed
+        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');
+

        switch ($request->input('sort')) {
            case 'manager':
@@ -98,6 +122,9 @@ class UsersController extends Controller
            case 'department':
                $users = $users->OrderDepartment($order);
                break;
+            case 'company':
+                $users = $users->OrderCompany($order);
+                break;
            default:
                $allowed_columns =
                    [
@@ -105,7 +132,7 @@ class UsersController extends Controller
                        'assets','accessories', 'consumables','licenses','groups','activated','created_at',
                        'two_factor_enrolled','two_factor_optin','last_login', 'assets_count', 'licenses_count',
                        'consumables_count', 'accessories_count', 'phone', 'address', 'city', 'state',
-                        'country', 'zip'
+                        'country', 'zip', 'id', 'ldap_import'
                    ];

                $sort = in_array($request->get('sort'), $allowed_columns) ? $request->get('sort') : 'first_name';
@@ -142,13 +169,12 @@ class UsersController extends Controller
                'users.avatar',
                'users.email',
            ]
-            );
+            )->where('show_in_list', '=', '1');

        $users = Company::scopeCompanyables($users);

-        if ($request->has('search')) {
-            $users = $users->where('first_name', 'LIKE', '%'.$request->get('search').'%')
-                ->orWhere('last_name', 'LIKE', '%'.$request->get('search').'%')
+        if ($request->filled('search')) {
+            $users = $users->SimpleNameSearch($request->get('search'))
                ->orWhere('username', 'LIKE', '%'.$request->get('search').'%')
                ->orWhere('employee_num', 'LIKE', '%'.$request->get('search').'%');
        }
@@ -159,16 +185,16 @@ class UsersController extends Controller
        foreach ($users as $user) {
            $name_str = '';
            if ($user->last_name!='') {
-                $name_str .= e($user->last_name).', ';
+                $name_str .= $user->last_name.', ';
            }
-            $name_str .= e($user->first_name);
+            $name_str .= $user->first_name;

            if ($user->username!='') {
-                $name_str .= ' ('.e($user->username).')';
+                $name_str .= ' ('.$user->username.')';
            }

            if ($user->employee_num!='') {
-                $name_str .= ' - #'.e($user->employee_num);
+                $name_str .= ' - #'.$user->employee_num;
            }

            $user->use_text = $name_str;
@@ -191,14 +217,33 @@ class UsersController extends Controller
     */
    public function store(SaveUserRequest $request)
    {
-        $this->authorize('view', User::class);
+        $this->authorize('create', User::class);
+
        $user = new User;
        $user->fill($request->all());

+        if ($request->has('permissions')) {
+
+            $permissions_array = $request->input('permissions');
+
+            // Strip out the superuser permission if the API user isn't a superadmin
+            if (!Auth::user()->isSuperUser()) {
+                unset($permissions_array['superuser']);
+            }
+            $user->permissions =  $permissions_array;
+        }
+
        $tmp_pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
        $user->password = bcrypt($request->get('password', $tmp_pass));

+
        if ($user->save()) {
+            if ($request->filled('groups')) {
+                $user->groups()->sync($request->input('groups'));
+            } else {
+                $user->groups()->sync(array());
+            }
+            
            return response()->json(Helper::formatStandardApiResponse('success', (new UsersTransformer)->transformUser($user), trans('admin/users/message.success.create')));
        }
        return response()->json(Helper::formatStandardApiResponse('error', null, $user->getErrors()));
@@ -214,7 +259,7 @@ class UsersController extends Controller
    public function show($id)
    {
        $this->authorize('view', User::class);
-        $user = User::findOrFail($id);
+        $user = User::withCount('assets as assets_count','licenses as licenses_count','accessories as accessories_count','consumables as consumables_count')->findOrFail($id);
        return (new UsersTransformer)->transformUser($user);
    }

@@ -230,23 +275,67 @@ class UsersController extends Controller
     */
    public function update(SaveUserRequest $request, $id)
    {
-        $this->authorize('edit', User::class);
+        $this->authorize('update', User::class);
+
        $user = User::findOrFail($id);
+
+        // This is a janky hack to prevent people from changing admin demo user data on the public demo.
+        // The $ids 1 and 2 are special since they are seeded as superadmins in the demo seeder.
+        // Thanks, jerks. You are why we can't have nice things. - snipe
+
+        if ((($id == 1) || ($id == 2)) && (config('app.lock_passwords'))) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'Permission denied. You cannot update user information via API on the demo.'));
+        }
+
+
        $user->fill($request->all());

        if ($user->id == $request->input('manager_id')) {
            return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot be your own manager'));
        }

-        if ($request->has('password')) {
+        if ($request->filled('password')) {
            $user->password = bcrypt($request->input('password'));
        }

+        // We need to use has()  instead of filled()
+        // here because we need to overwrite permissions
+        // if someone needs to null them out
+        if ($request->has('permissions')) {
+
+            $permissions_array = $request->input('permissions');
+
+            // Strip out the superuser permission if the API user isn't a superadmin
+            if (!Auth::user()->isSuperUser()) {
+                unset($permissions_array['superuser']);
+            }
+            $user->permissions =  $permissions_array;
+        }
+
+
+
+
        // Update the location of any assets checked out to this user
        Asset::where('assigned_type', User::class)
            ->where('assigned_to', $user->id)->update(['location_id' => $request->input('location_id', null)]);

        if ($user->save()) {
+
+            // Sync group memberships:
+            // This was changed in Snipe-IT v4.6.x to 4.7, since we upgraded to Laravel 5.5
+            // which changes the behavior of has vs filled.
+            // The $request->has method will now return true even if the input value is an empty string or null.
+            // A new $request->filled method has was added that provides the previous behavior of the has method.
+
+            // Check if the request has groups passed and has a value
+            if ($request->filled('groups')) {
+                $user->groups()->sync($request->input('groups'));
+            // The groups field has been passed but it is null, so we should blank it out
+            } elseif ($request->has('groups'))  {
+                $user->groups()->sync(array());
+            }
+
+
            return response()->json(Helper::formatStandardApiResponse('success', (new UsersTransformer)->transformUser($user), trans('admin/users/message.success.update')));
        }

@@ -268,11 +357,32 @@ class UsersController extends Controller
        $this->authorize('delete', $user);


-        if ($user->assets()->count() > 0) {
+        if (($user->assets) && ($user->assets->count() > 0)) {
            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/users/message.error.delete_has_assets')));
        }

+        if (($user->licenses) && ($user->licenses->count() > 0)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null,  'This user still has ' . $user->licenses->count() . ' license(s) associated with them and cannot be deleted.'));
+        }
+
+        if (($user->accessories) && ($user->accessories->count() > 0)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null,  'This user still has ' . $user->accessories->count() . ' accessories associated with them.'));
+        }
+
+        if (($user->managedLocations()) && ($user->managedLocations()->count() > 0)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null,  'This user still has ' . $user->managedLocations()->count() . ' locations that they manage.'));
+        }
+
        if ($user->delete()) {
+
+            // Remove the user's avatar if they have one
+            if (Storage::disk('public')->exists('avatars/'.$user->avatar)) {
+                try  {
+                    Storage::disk('public')->delete('avatars/'.$user->avatar);
+                } catch (\Exception $e) {
+                    \Log::debug($e);
+               }
+            }
            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/users/message.success.delete')));
        }
        return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/users/message.error.delete')));
@@ -289,11 +399,48 @@ class UsersController extends Controller
    public function assets($id)
    {
        $this->authorize('view', User::class);
-        $assets = Asset::where('assigned_to', '=', $id)->with('model')->get();
+        $this->authorize('view', Asset::class);
+        $assets = Asset::where('assigned_to', '=', $id)->where('assigned_type', '=', User::class)->with('model')->get();
        return (new AssetsTransformer)->transformAssets($assets, $assets->count());
    }

    /**
+     * Return JSON containing a list of accessories assigned to a user.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.6.14]
+     * @param $userId
+     * @return string JSON
+     */
+    public function accessories($id)
+    {
+        $this->authorize('view', User::class);
+        $user = User::findOrFail($id);
+        $this->authorize('view', Accessory::class);
+        $accessories = $user->accessories;
+        return (new AccessoriesTransformer)->transformAccessories($accessories, $accessories->count());
+    }
+
+    /**
+     * Return JSON containing a list of licenses assigned to a user.
+     *
+     * @author [N. Mathar] [<snipe@snipe.net>]
+     * @since [v5.0]
+     * @param $userId
+     * @return string JSON
+     */
+    public function licenses($id)
+    {
+        $this->authorize('view', User::class);
+        $this->authorize('view', License::class);
+        $user = User::where('id', $id)->withTrashed()->first();
+        $licenses = $user->licenses()->get();
+        return (new LicensesTransformer())->transformLicenses($licenses, $licenses->count());
+    }
+
+    /**
+
+
     * Reset the user's two-factor status
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
@@ -304,9 +451,9 @@ class UsersController extends Controller
    public function postTwoFactorReset(Request $request)
    {

-        $this->authorize('edit', User::class);
+        $this->authorize('update', User::class);

-        if ($request->has('id')) {
+        if ($request->filled('id')) {
            try {
                $user = User::find($request->get('id'));
                $user->two_factor_secret = null;
@@ -320,4 +467,17 @@ class UsersController extends Controller
        return response()->json(['message' => 'No ID provided'], 500);

    }
+
+    /**
+     * Get info on the current user.
+     *
+     * @author [Juan Font] [<juanfontalonso@gmail.com>]
+     * @since [v4.4.2]
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function getCurrentUserInfo(Request $request)
+    {
+        return (new UsersTransformer)->transformUser($request->user());
+    }
 }
--- a/app/Http/Controllers/AssetMaintenancesController.php
+++ b/app/Http/Controllers/AssetMaintenancesController.php
@@ -1,26 +1,17 @@
 <?php
 namespace App\Http\Controllers;

+use App\Helpers\Helper;
+use App\Models\Asset;
 use App\Models\AssetMaintenance;
-use Carbon\Carbon;
 use App\Models\Company;
-use DB;
-use Input;
-use Lang;
-use Log;
-use Mail;
-use Response;
+use Auth;
+use Carbon\Carbon;
+use Illuminate\Http\Request;
 use Slack;
 use Str;
 use TCPDF;
-use Validator;
 use View;
-use App\Models\Setting;
-use App\Models\Asset;
-use App\Helpers\Helper;
-use Auth;
-use Gate;
-use Illuminate\Http\Request;

 /**
 * This controller handles all actions related to Asset Maintenance for
@@ -109,9 +100,9 @@ class AssetMaintenancesController extends Controller
        $assetMaintenance = new AssetMaintenance();
        $assetMaintenance->supplier_id = $request->input('supplier_id');
        $assetMaintenance->is_warranty = $request->input('is_warranty');
-        $assetMaintenance->cost =  e($request->input('cost'));
-        $assetMaintenance->notes = e($request->input('notes'));
-        $asset = Asset::find(e($request->input('asset_id')));
+        $assetMaintenance->cost =  $request->input('cost');
+        $assetMaintenance->notes = $request->input('notes');
+        $asset = Asset::find($request->input('asset_id'));

        if ((!Company::isCurrentUserHasAccess($asset)) && ($asset!=null)) {
            return static::getInsufficientPermissionsRedirect();
@@ -162,6 +153,10 @@ class AssetMaintenancesController extends Controller
            // Redirect to the improvement management page
            return redirect()->route('maintenances.index')
                           ->with('error', trans('admin/asset_maintenances/message.not_found'));
+        } elseif (!$assetMaintenance->asset) {
+            return redirect()->route('maintenances.index')
+                ->with('error', 'The asset associated with this maintenance does not exist.');
+
        } elseif (!Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
            return static::getInsufficientPermissionsRedirect();
        }
--- a/app/Http/Controllers/AssetModelsController.php
+++ b/app/Http/Controllers/AssetModelsController.php
@@ -1,23 +1,15 @@
 <?php
 namespace App\Http\Controllers;

-use App\Models\CustomField;
-use Image;
-use Input;
-use Lang;
-use App\Models\AssetModel;
-use Redirect;
-use Auth;
-use DB;
-use Str;
-use Validator;
-use View;
-use App\Models\Asset;
-use App\Models\Company;
-use Config;
 use App\Helpers\Helper;
-use Illuminate\Http\Request;
 use App\Http\Requests\ImageUploadRequest;
+use App\Models\AssetModel;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Input;
+use Illuminate\Support\Facades\View;
+use Redirect;
+use Request;
+use Storage;

 use Symfony\Component\HttpFoundation\JsonResponse;

@@ -31,13 +23,14 @@ use Symfony\Component\HttpFoundation\JsonResponse;
 class AssetModelsController extends Controller
 {
    /**
-    * Returns a view that invokes the ajax tables which actually contains
-    * the content for the accessories listing, which is generated in getDatatable.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @since [v1.0]
-    * @return View
-    */
+     * Returns a view that invokes the ajax tables which actually contains
+     * the content for the accessories listing, which is generated in getDatatable.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @return View
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
    public function index()
    {
        $this->authorize('index', AssetModel::class);
@@ -45,29 +38,31 @@ class AssetModelsController extends Controller
    }

    /**
-    * Returns a view containing the asset model creation form.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @since [v1.0]
-    * @return View
-    */
+     * Returns a view containing the asset model creation form.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @return View
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
    public function create()
    {
        $this->authorize('create', AssetModel::class);
-        $category_type = 'asset';
-        return view('models/edit')->with('category_type',$category_type)
-        ->with('depreciation_list', Helper::depreciationList())
-        ->with('item', new AssetModel);
+        return view('models/edit')->with('category_type', 'asset')
+            ->with('depreciation_list', Helper::depreciationList())
+            ->with('item', new AssetModel);
    }


    /**
-    * Validate and process the new Asset Model data.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @since [v1.0]
-    * @return Redirect
-    */
+     * Validate and process the new Asset Model data.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @param ImageUploadRequest $request
+     * @return Redirect
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
    public function store(ImageUploadRequest $request)
    {

@@ -84,29 +79,13 @@ class AssetModelsController extends Controller
        $model->category_id         = $request->input('category_id');
        $model->notes               = $request->input('notes');
        $model->user_id             = Auth::id();
-        $model->requestable         = Input::has('requestable');
+        $model->requestable         = Request::has('requestable');

        if ($request->input('custom_fieldset')!='') {
            $model->fieldset_id = e($request->input('custom_fieldset'));
        }

-        if (Input::file('image')) {
-
-            $image = Input::file('image');
-            $file_name = str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
-            $path = app('models_upload_path');
-
-            if ($image->getClientOriginalExtension()!='svg') {
-                Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
-                    $constraint->aspectRatio();
-                    $constraint->upsize();
-                })->save($path.'/'.$file_name);
-            } else {
-                $image->move($path, $file_name);
-            }
-            $model->image = $file_name;
-
-        }
+        $model = $request->handleImages($model);

            // Was it created?
        if ($model->save()) {
@@ -121,53 +100,14 @@ class AssetModelsController extends Controller
    }

    /**
-     * Validates and stores new Asset Model data created from the
-     * modal form on the Asset Creation view.
+     * Returns a view containing the asset model edit form.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v2.0]
-     * @param Request $request
-     * @return String JSON
+     * @since [v1.0]
+     * @param int $modelId
+     * @return View
+     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
-    public function apiStore(Request $request)
-    {
-        //COPYPASTA!!!! FIXME
-        $this->authorize('create', AssetModel::class);
-        $model = new AssetModel;
-
-        $settings=Input::all();
-        $settings['eol']= null;
-
-        $model->name=$request->input('name');
-        $model->manufacturer_id = $request->input('manufacturer_id');
-        $model->category_id = $request->input('category_id');
-        $model->model_number = $request->input('model_number');
-        $model->user_id = Auth::id();
-        $model->notes            = $request->input('notes');
-        $model->eol= null;
-
-        if ($request->input('fieldset_id')=='') {
-            $model->fieldset_id = null;
-        } else {
-            $model->fieldset_id = e($request->input('fieldset_id'));
-        }
-
-        if ($model->save()) {
-            return JsonResponse::create($model);
-        } else {
-            return JsonResponse::create(["error" => "Failed validation: ".print_r($model->getErrors()->all('<li>:message</li>'), true)], 500);
-        }
-    }
-
-
-    /**
-    * Returns a view containing the asset model edit form.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @since [v1.0]
-    * @param int $modelId
-    * @return View
-    */
    public function edit($modelId = null)
    {
        $this->authorize('update', AssetModel::class);
@@ -184,14 +124,16 @@ class AssetModelsController extends Controller


    /**
-    * Validates and processes form data from the edit
-    * Asset Model form based on the model ID passed.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @since [v1.0]
-    * @param int $modelId
-    * @return Redirect
-    */
+     * Validates and processes form data from the edit
+     * Asset Model form based on the model ID passed.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @param ImageUploadRequest $request
+     * @param int $modelId
+     * @return Redirect
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
    public function update(ImageUploadRequest $request, $modelId = null)
    {
        $this->authorize('update', AssetModel::class);
@@ -201,6 +143,8 @@ class AssetModelsController extends Controller
            return redirect()->route('models.index')->with('error', trans('admin/models/message.does_not_exist'));
        }

+        $model = $request->handleImages($model);
+
        $model->depreciation_id     = $request->input('depreciation_id');
        $model->eol                 = $request->input('eol');
        $model->name                = $request->input('name');
@@ -210,6 +154,8 @@ class AssetModelsController extends Controller
        $model->notes               = $request->input('notes');
        $model->requestable         = $request->input('requestable', '0');

+
+
        $this->removeCustomFieldsDefaultValues($model);

        if ($request->input('custom_fieldset')=='') {
@@ -222,37 +168,6 @@ class AssetModelsController extends Controller
            }
        }

-        $old_image = $model->image;
-
-        // Set the model's image property to null if the image is being deleted
-        if ($request->input('image_delete') == 1) {
-            $model->image = null;
-        }
-
-        if ($request->file('image')) {
-            $image = $request->file('image');
-            $file_name = $model->id.'-'.str_slug($image->getClientOriginalName()) . "." . $image->getClientOriginalExtension();
-
-            if ($image->getClientOriginalExtension()!='svg') {
-                Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
-                    $constraint->aspectRatio();
-                    $constraint->upsize();
-                })->save(app('models_upload_path').$file_name);
-            } else {
-                $image->move(app('models_upload_path'), $file_name);
-            }
-            $model->image = $file_name;
-
-        }
-
-        if ((($request->file('image')) && (isset($old_image)) && ($old_image!='')) || ($request->input('image_delete') == 1)) {
-            try  {
-                unlink(app('models_upload_path').$old_image);
-            } catch (\Exception $e) {
-                \Log::error($e);
-            }
-        }
-

        if ($model->save()) {
            return redirect()->route("models.index")->with('success', trans('admin/models/message.update.success'));
@@ -261,14 +176,15 @@ class AssetModelsController extends Controller
    }

    /**
-    * Validate and delete the given Asset Model. An Asset Model
-    * cannot be deleted if there are associated assets.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @since [v1.0]
-    * @param int $modelId
-    * @return Redirect
-    */
+     * Validate and delete the given Asset Model. An Asset Model
+     * cannot be deleted if there are associated assets.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @param int $modelId
+     * @return Redirect
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
    public function destroy($modelId)
    {
        $this->authorize('delete', AssetModel::class);
@@ -284,9 +200,9 @@ class AssetModelsController extends Controller

        if ($model->image) {
            try  {
-                unlink(public_path().'/uploads/models/'.$model->image);
+                Storage::disk('public')->delete('models/'.$model->image);
            } catch (\Exception $e) {
-                \Log::error($e);
+                \Log::info($e);
            }
        }

@@ -299,13 +215,14 @@ class AssetModelsController extends Controller


    /**
-    * Restore a given Asset Model (mark as un-deleted)
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @since [v1.0]
-    * @param int $modelId
-    * @return Redirect
-    */
+     * Restore a given Asset Model (mark as un-deleted)
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @param int $modelId
+     * @return Redirect
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
    public function getRestore($modelId = null)
    {
        $this->authorize('create', AssetModel::class);
@@ -313,16 +230,8 @@ class AssetModelsController extends Controller
        $model = AssetModel::withTrashed()->find($modelId);

        if (isset($model->id)) {
-
-            // Restore the model
            $model->restore();
-
-            // Prepare the success message
-            $success = trans('admin/models/message.restore.success');
-
-            // Redirect back
-            return redirect()->route('models.index')->with('success', $success);
-
+            return redirect()->route('models.index')->with('success', trans('admin/models/message.restore.success'));
        }
        return redirect()->back()->with('error', trans('admin/models/message.not_found'));

@@ -330,13 +239,14 @@ class AssetModelsController extends Controller


    /**
-    * Get the model information to present to the model view page
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @since [v1.0]
-    * @param int $modelId
-    * @return View
-    */
+     * Get the model information to present to the model view page
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @param int $modelId
+     * @return View
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
    public function show($modelId = null)
    {
        $this->authorize('view', AssetModel::class);
@@ -345,11 +255,8 @@ class AssetModelsController extends Controller
        if (isset($model->id)) {
            return view('models/view', compact('model'));
        }
-        // Prepare the error message
-        $error = trans('admin/models/message.does_not_exist', compact('id'));

-        // Redirect to the user management page
-        return redirect()->route('models.index')->with('error', $error);
+        return redirect()->route('models.index')->with('error', trans('admin/models/message.does_not_exist'));
    }

    /**
@@ -371,14 +278,10 @@ class AssetModelsController extends Controller
        $model->id = null;

        // Show the page
-        $view = View::make('models/edit');
-        $view->with('category_list', Helper::categoryList('asset'));
-        $view->with('depreciation_list', Helper::depreciationList());
-        $view->with('manufacturer_list', Helper::manufacturerList());
-        $view->with('item', $model);
-        $view->with('clone_model', $model_to_clone);
-        return $view;
-
+        return view('models/edit')
+            ->with('depreciation_list', Helper::depreciationList())
+            ->with('item', $model)
+            ->with('clone_model', $model_to_clone);
    }


@@ -392,8 +295,7 @@ class AssetModelsController extends Controller
    */
    public function getCustomFields($modelId)
    {
-        $model = AssetModel::find($modelId);
-        return view("models.custom_fields_form")->with("model", $model);
+        return view("models.custom_fields_form")->with("model", AssetModel::find($modelId));
    }


@@ -408,14 +310,14 @@ class AssetModelsController extends Controller
     */
    public function postBulkEdit(Request $request)
    {
-        
-        $models_raw_array = Input::get('ids');
+
+        $models_raw_array = $request->input('ids');

        // Make sure some IDs have been selected
        if ((is_array($models_raw_array)) && (count($models_raw_array) > 0)) {


-            $models = AssetModel::whereIn('id', $models_raw_array)->withCount('assets')->orderBy('assets_count', 'ASC')->get();
+            $models = AssetModel::whereIn('id', $models_raw_array)->withCount('assets as assets_count')->orderBy('assets_count', 'ASC')->get();

            // If deleting....
            if ($request->input('bulk_actions')=='delete') {
@@ -433,13 +335,8 @@ class AssetModelsController extends Controller
                $nochange = ['NC' => 'No Change'];
                $fieldset_list = $nochange + Helper::customFieldsetList();
                $depreciation_list = $nochange + Helper::depreciationList();
-                $category_list = $nochange + Helper::categoryList('asset');
-                $manufacturer_list = $nochange + Helper::manufacturerList();
-

                return view('models/bulk-edit', compact('models'))
-                    ->with('manufacturer_list', $manufacturer_list)
-                    ->with('category_list', $category_list)
                    ->with('fieldset_list', $fieldset_list)
                    ->with('depreciation_list', $depreciation_list);
            }
@@ -463,14 +360,14 @@ class AssetModelsController extends Controller
    public function postBulkEditSave(Request $request)
    {

-        $models_raw_array = Input::get('ids');
+        $models_raw_array = $request->input('ids');
        $update_array = array();


-        if (($request->has('manufacturer_id') && ($request->input('manufacturer_id')!='NC'))) {
+        if (($request->filled('manufacturer_id') && ($request->input('manufacturer_id')!='NC'))) {
            $update_array['manufacturer_id'] = $request->input('manufacturer_id');
        }
-        if (($request->has('category_id') && ($request->input('category_id')!='NC'))) {
+        if (($request->filled('category_id') && ($request->input('category_id')!='NC'))) {
            $update_array['category_id'] = $request->input('category_id');
        }
        if ($request->input('fieldset_id')!='NC') {
@@ -504,11 +401,11 @@ class AssetModelsController extends Controller
     */
    public function postBulkDelete(Request $request)
    {
-        $models_raw_array = Input::get('ids');
+        $models_raw_array = $request->input('ids');

        if ((is_array($models_raw_array)) && (count($models_raw_array) > 0)) {

-            $models = AssetModel::whereIn('id', $models_raw_array)->withCount('assets')->get();
+            $models = AssetModel::whereIn('id', $models_raw_array)->withCount('assets as assets_count')->get();

            $del_error_count = 0;
            $del_count = 0;
--- a/app/Http/Controllers/Assets/AssetCheckinController.php
+++ b/app/Http/Controllers/Assets/AssetCheckinController.php
@@ -0,0 +1,125 @@
+<?php
+
+namespace App\Http\Controllers\Assets;
+
+use App\Events\CheckoutableCheckedIn;
+use App\Helpers\Helper;
+use App\Http\Controllers\Controller;
+use App\Http\Requests\AssetCheckinRequest;
+use App\Models\Asset;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Redirect;
+use Illuminate\Support\Facades\View;
+
+class AssetCheckinController extends Controller
+{
+
+    /**
+     * Returns a view that presents a form to check an asset back into inventory.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $assetId
+     * @param string $backto
+     * @return View
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     * @since [v1.0]
+     */
+    public function create($assetId, $backto = null)
+    {
+        // Check if the asset exists
+        if (is_null($asset = Asset::find($assetId))) {
+            // Redirect to the asset management page with error
+            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+        }
+
+        $this->authorize('checkin', $asset);
+        return view('hardware/checkin', compact('asset'))->with('statusLabel_list', Helper::statusLabelList())->with('backto', $backto);
+    }
+
+    /**
+     * Validate and process the form data to check an asset back into inventory.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param AssetCheckinRequest $request
+     * @param int $assetId
+     * @param null $backto
+     * @return Redirect
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     * @since [v1.0]
+     */
+    public function store(AssetCheckinRequest $request, $assetId = null, $backto = null)
+    {
+        // Check if the asset exists
+        if (is_null($asset = Asset::find($assetId))) {
+            // Redirect to the asset management page with error
+            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+        }
+
+        if (is_null($target = $asset->assignedTo)) {
+            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkin.already_checked_in'));
+        }
+        $this->authorize('checkin', $asset);
+
+        if ($asset->assignedType() == Asset::USER) {
+            $user = $asset->assignedTo;
+        }
+
+        $asset->expected_checkin = null;
+        $asset->last_checkout = null;
+        $asset->assigned_to = null;
+        $asset->assignedTo()->disassociate($asset);
+        $asset->assigned_type = null;
+        $asset->accepted = null;
+        $asset->name = $request->get('name');
+
+        if ($request->filled('status_id')) {
+            $asset->status_id =  e($request->get('status_id'));
+        }
+
+        // This is just meant to correct legacy issues where some user data would have 0
+        // as a location ID, which isn't valid. Later versions of Snipe-IT have stricter validation
+        // rules, so it's necessary to fix this for long-time users. It's kinda gross, but will help
+        // people (and their data) in the long run
+
+        if ($asset->rtd_location_id=='0') {
+            \Log::debug('Manually override the RTD location IDs');
+            \Log::debug('Original RTD Location ID: '.$asset->rtd_location_id);
+            $asset->rtd_location_id = '';
+            \Log::debug('New RTD Location ID: '.$asset->rtd_location_id);
+        }
+
+        if ($asset->location_id=='0') {
+            \Log::debug('Manually override the location IDs');
+            \Log::debug('Original Location ID: '.$asset->location_id);
+            $asset->location_id = '';
+            \Log::debug('New RTD Location ID: '.$asset->location_id);
+        }
+
+        $asset->location_id = $asset->rtd_location_id;
+        \Log::debug('After Location ID: '.$asset->location_id);
+        \Log::debug('After RTD Location ID: '.$asset->rtd_location_id);
+
+
+        if ($request->filled('location_id')) {
+            \Log::debug('NEW Location ID: '.$request->get('location_id'));
+            $asset->location_id =  e($request->get('location_id'));
+        }
+
+        $checkin_at = date('Y-m-d');
+        if($request->filled('checkin_at')){
+            $checkin_at = $request->input('checkin_at');
+        }
+
+        // Was the asset updated?
+        if ($asset->save()) {
+            event(new CheckoutableCheckedIn($asset, $target, Auth::user(), $request->input('note'), $checkin_at));
+
+            if ((isset($user)) && ($backto =='user')) {
+                return redirect()->route("users.show", $user->id)->with('success', trans('admin/hardware/message.checkin.success'));
+            }
+            return redirect()->route("hardware.index")->with('success', trans('admin/hardware/message.checkin.success'));
+        }
+        // Redirect to the asset management page with error
+        return redirect()->route("hardware.index")->with('error', trans('admin/hardware/message.checkin.error').$asset->getErrors());
+    }
+}
--- a/app/Http/Controllers/Assets/AssetCheckoutController.php
+++ b/app/Http/Controllers/Assets/AssetCheckoutController.php
@@ -0,0 +1,97 @@
+<?php
+
+namespace App\Http\Controllers\Assets;
+
+
+use App\Exceptions\CheckoutNotAllowed;
+use App\Helpers\Helper;
+use App\Http\Controllers\CheckInOutRequest;
+use App\Http\Controllers\Controller;
+use App\Http\Requests\AssetCheckoutRequest;
+use App\Models\Asset;
+use Illuminate\Database\Eloquent\ModelNotFoundException;
+use Illuminate\Support\Facades\Auth;
+
+class AssetCheckoutController extends Controller
+{
+    use CheckInOutRequest;
+    /**
+    * Returns a view that presents a form to check an asset out to a
+    * user.
+    *
+    * @author [A. Gianotto] [<snipe@snipe.net>]
+    * @param int $assetId
+    * @since [v1.0]
+    * @return View
+    */
+    public function create($assetId)
+    {
+        // Check if the asset exists
+        if (is_null($asset = Asset::find(e($assetId)))) {
+            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+        }
+
+        $this->authorize('checkout', $asset);
+
+        if ($asset->availableForCheckout()) {
+            return view('hardware/checkout', compact('asset'))
+                ->with('statusLabel_list', Helper::deployableStatusLabelList());
+        }
+        return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkout.not_available'));
+
+
+    }
+
+    /**
+     * Validate and process the form data to check out an asset to a user.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param AssetCheckoutRequest $request
+     * @param int $assetId
+     * @return Redirect
+     * @since [v1.0]
+     */
+    public function store(AssetCheckoutRequest $request, $assetId)
+    {
+        try {
+            // Check if the asset exists
+            if (!$asset = Asset::find($assetId)) {
+                return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+            } elseif (!$asset->availableForCheckout()) {
+                return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkout.not_available'));
+            }
+            $this->authorize('checkout', $asset);
+            $admin = Auth::user();
+
+            $target = $this->determineCheckoutTarget($asset);
+
+            $asset = $this->updateAssetLocation($asset, $target);
+
+            $checkout_at = date("Y-m-d H:i:s");
+            if (($request->filled('checkout_at')) && ($request->get('checkout_at')!= date("Y-m-d"))) {
+                $checkout_at = $request->get('checkout_at');
+            }
+
+            $expected_checkin = '';
+            if ($request->filled('expected_checkin')) {
+                $expected_checkin = $request->get('expected_checkin');
+            }
+
+            if ($request->filled('status_id')) {
+                $asset->status_id = $request->get('status_id');
+            }
+
+            if ($asset->checkOut($target, $admin, $checkout_at, $expected_checkin, e($request->get('note')), $request->get('name'))) {
+                return redirect()->route("hardware.index")->with('success', trans('admin/hardware/message.checkout.success'));
+            }
+
+            // Redirect to the asset management page with error
+            return redirect()->to("hardware/$assetId/checkout")->with('error', trans('admin/hardware/message.checkout.error').$asset->getErrors());
+        } catch (ModelNotFoundException $e) {
+            return redirect()->back()->with('error', trans('admin/hardware/message.checkout.error'))->withErrors($asset->getErrors());
+        } catch (CheckoutNotAllowed $e) {
+            return redirect()->back()->with('error', $e->getMessage());
+        }
+    }
+
+}
--- a/app/Http/Controllers/Assets/AssetFilesController.php
+++ b/app/Http/Controllers/Assets/AssetFilesController.php
@@ -0,0 +1,133 @@
+<?php
+
+namespace App\Http\Controllers\Assets;
+
+
+use App\Http\Controllers\Controller;
+use App\Http\Requests\AssetFileRequest;
+use App\Models\Actionlog;
+use App\Models\Asset;
+use Illuminate\Support\Facades\Response;
+use Illuminate\Support\Facades\Storage;
+
+class AssetFilesController extends Controller
+{
+    /**
+     * Upload a file to the server.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param AssetFileRequest $request
+     * @param int $assetId
+     * @return Redirect
+     * @since [v1.0]
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function store(AssetFileRequest $request, $assetId = null)
+    {
+        if (!$asset = Asset::find($assetId)) {
+            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+        }
+
+        $this->authorize('update', $asset);
+
+        if ($request->hasFile('file')) {
+
+            if (!Storage::exists('private_uploads/assets')) Storage::makeDirectory('private_uploads/assets', 775);
+
+            foreach ($request->file('file') as $file) {
+                $extension = $file->getClientOriginalExtension();
+                $file_name = 'hardware-'.$asset->id.'-'.str_random(8).'-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$extension;
+                Storage::put('private_uploads/assets/'.$file_name, file_get_contents($file));
+                $asset->logUpload($file_name, e($request->get('notes')));
+            }
+            return redirect()->back()->with('success', trans('admin/hardware/message.upload.success'));
+        }
+
+        return redirect()->back()->with('error', trans('admin/hardware/message.upload.nofiles'));
+    }
+
+    /**
+     * Check for permissions and display the file.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param  int $assetId
+     * @param  int $fileId
+     * @since [v1.0]
+     * @return View
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function show($assetId = null, $fileId = null, $download = true)
+    {
+        $asset = Asset::find($assetId);
+        // the asset is valid
+        if (isset($asset->id)) {
+            $this->authorize('view', $asset);
+
+            if (!$log = Actionlog::find($fileId)) {
+                return response('No matching record for that asset/file', 500)
+                    ->header('Content-Type', 'text/plain');
+            }
+
+            $file = 'private_uploads/assets/'.$log->filename;
+            \Log::debug('Checking for '.$file);
+
+            if ($log->action_type =='audit') {
+                $file = 'private_uploads/audits/'.$log->filename;
+            }
+
+            if (!Storage::exists($file)) {
+                return response('File '.$file.' not found on server', 404)
+                    ->header('Content-Type', 'text/plain');
+            }
+
+            if ($download != 'true') {
+                  if ($contents = file_get_contents(Storage::url($file))) {
+                      return Response::make(Storage::url($file)->header('Content-Type', mime_content_type($file)));
+                  }
+                return JsonResponse::create(["error" => "Failed validation: "], 500);
+            }
+            return Storage::download($file);
+        }
+        // Prepare the error message
+        $error = trans('admin/hardware/message.does_not_exist', ['id' => $fileId]);
+
+        // Redirect to the hardware management page
+        return redirect()->route('hardware.index')->with('error', $error);
+    }
+
+    /**
+     * Delete the associated file
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param  int $assetId
+     * @param  int $fileId
+     * @since [v1.0]
+     * @return View
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function destroy($assetId = null, $fileId = null)
+    {
+        $asset = Asset::find($assetId);
+        $this->authorize('update', $asset);
+        $rel_path = 'storage/private_uploads/assets';
+
+        // the asset is valid
+        if (isset($asset->id)) {
+            $this->authorize('update', $asset);
+            $log = Actionlog::find($fileId);
+            if ($log) {
+            if (file_exists(base_path().'/'.$rel_path.'/'.$log->filename)) {
+                Storage::disk('public')->delete($rel_path.'/'.$log->filename);
+                }
+                $log->delete();
+                return redirect()->back()->with('success', trans('admin/hardware/message.deletefile.success'));
+            }
+            $log->delete();
+            return redirect()->back()
+                ->with('success', trans('admin/hardware/message.deletefile.success'));
+        }
+
+        // Redirect to the hardware management page
+        return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+    }
+}
--- a/app/Http/Controllers/Assets/AssetsController.php
+++ b/app/Http/Controllers/Assets/AssetsController.php
@@ -0,0 +1,819 @@
+<?php
+namespace App\Http\Controllers\Assets;
+
+use App\Helpers\Helper;
+use App\Http\Controllers\Controller;
+use App\Http\Requests\ImageUploadRequest;
+use App\Models\Actionlog;
+use App\Models\Asset;
+use App\Models\AssetModel;
+use App\Models\CheckoutRequest;
+use App\Models\Company;
+use App\Models\Location;
+use App\Models\Setting;
+use App\Models\User;
+use Auth;
+use Carbon\Carbon;
+use DB;
+use Gate;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Cache;
+use Illuminate\Support\Facades\Storage;
+use Input;
+use League\Csv\Reader;
+use League\Csv\Statement;
+use Paginator;
+use Redirect;
+use Response;
+use Slack;
+use Str;
+use TCPDF;
+use View;
+
+/**
+ * This class controls all actions related to assets for
+ * the Snipe-IT Asset Management application.
+ *
+ * @version    v1.0
+ * @author [A. Gianotto] [<snipe@snipe.net>]
+ */
+class AssetsController extends Controller
+{
+    protected $qrCodeDimensions = array( 'height' => 3.5, 'width' => 3.5);
+    protected $barCodeDimensions = array( 'height' => 2, 'width' => 22);
+
+
+    public function __construct()
+    {
+        $this->middleware('auth');
+        parent::__construct();
+    }
+
+    /**
+     * Returns a view that invokes the ajax tables which actually contains
+     * the content for the assets listing, which is generated in getDatatable.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @see AssetController::getDatatable() method that generates the JSON response
+     * @since [v1.0]
+     * @param Request $request
+     * @return View
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function index(Request $request)
+    {
+        $this->authorize('index', Asset::class);
+        $company = Company::find($request->input('company_id'));
+        return view('hardware/index')->with('company', $company);
+    }
+
+    /**
+     * Returns a view that presents a form to create a new asset.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @param Request $request
+     * @return View
+     * @internal param int $model_id
+     */
+    public function create(Request $request)
+    {
+        $this->authorize('create', Asset::class);
+        $view = View::make('hardware/edit')
+            ->with('statuslabel_list', Helper::statusLabelList())
+            ->with('item', new Asset)
+            ->with('statuslabel_types', Helper::statusTypeList());
+
+        if ($request->filled('model_id')) {
+            $selected_model = AssetModel::find($request->input('model_id'));
+            $view->with('selected_model', $selected_model);
+        }
+        return $view;
+    }
+
+    /**
+     * Validate and process new asset form data.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @return Redirect
+     */
+    public function store(ImageUploadRequest $request)
+    {
+        $this->authorize(Asset::class);
+
+        // Handle asset tags - there could be one, or potentially many.
+        // This is only necessary on create, not update, since bulk editing is handled
+        // differently
+        $asset_tags = $request->input('asset_tags');
+
+        $settings = Setting::getSettings();
+
+        $success = false;
+        $serials = $request->input('serials');
+
+        for ($a = 1; $a <= count($asset_tags); $a++) {
+
+            $asset = new Asset();
+            $asset->model()->associate(AssetModel::find($request->input('model_id')));
+            $asset->name                    = $request->input('name');
+
+            // Check for a corresponding serial
+            if (($serials) && (array_key_exists($a, $serials))) {
+                $asset->serial                  = $serials[$a];
+            }
+
+            if (($asset_tags) && (array_key_exists($a, $asset_tags))) {
+                $asset->asset_tag                  = $asset_tags[$a];
+            }
+
+            $asset->company_id              = Company::getIdForCurrentUser($request->input('company_id'));
+            $asset->model_id                = $request->input('model_id');
+            $asset->order_number            = $request->input('order_number');
+            $asset->notes                   = $request->input('notes');
+            $asset->user_id                 = Auth::id();
+            $asset->archived                = '0';
+            $asset->physical                = '1';
+            $asset->depreciate              = '0';
+            $asset->status_id               = request('status_id', 0);
+            $asset->warranty_months         = request('warranty_months', null);
+            $asset->purchase_cost           = Helper::ParseFloat($request->get('purchase_cost'));
+            $asset->purchase_date           = request('purchase_date', null);
+            $asset->assigned_to             = request('assigned_to', null);
+            $asset->supplier_id             = request('supplier_id', 0);
+            $asset->requestable             = request('requestable', 0);
+            $asset->rtd_location_id         = request('rtd_location_id', null);
+
+            if (!empty($settings->audit_interval)) {
+                $asset->next_audit_date         = Carbon::now()->addMonths($settings->audit_interval)->toDateString();
+            }
+
+            if ($asset->assigned_to=='') {
+                $asset->location_id = $request->input('rtd_location_id', null);
+            }
+
+            // Create the image (if one was chosen.)
+            if ($request->has('image')) {
+                $asset = $request->handleImages($asset);
+            }
+
+            // Update custom fields in the database.
+            // Validation for these fields is handled through the AssetRequest form request
+            $model = AssetModel::find($request->get('model_id'));
+
+            if (($model) && ($model->fieldset)) {
+                foreach ($model->fieldset->fields as $field) {
+                    if ($field->field_encrypted=='1') {
+                        if (Gate::allows('admin')) {
+                            if(is_array($request->input($field->convertUnicodeDbSlug()))){
+                                $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt(e(implode(', ', $request->input($field->convertUnicodeDbSlug()))));
+                            }else{
+                                $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt(e($request->input($field->convertUnicodeDbSlug())));
+                            }                        }
+                    } else {
+                        if(is_array($request->input($field->convertUnicodeDbSlug()))){
+                            $asset->{$field->convertUnicodeDbSlug()} = implode(', ', $request->input($field->convertUnicodeDbSlug()));
+                        }else{
+                            $asset->{$field->convertUnicodeDbSlug()} = $request->input($field->convertUnicodeDbSlug());
+                        }
+                    }
+                }
+            }
+
+            // Validate the asset before saving
+            if ($asset->isValid() && $asset->save()) {
+
+                if (request('assigned_user')) {
+                    $target = User::find(request('assigned_user'));
+                    $location = $target->location_id;
+                } elseif (request('assigned_asset')) {
+                    $target = Asset::find(request('assigned_asset'));
+                    $location = $target->location_id;
+                } elseif (request('assigned_location')) {
+                    $target = Location::find(request('assigned_location'));
+                    $location = $target->id;
+                }
+
+                if (isset($target)) {
+                    $asset->checkOut($target, Auth::user(), date('Y-m-d H:i:s'), $request->input('expected_checkin', null), 'Checked out on asset creation', e($request->get('name')), $location);
+                }
+
+                $success = true;
+
+
+            }
+
+        }
+
+        if ($success) {
+            // Redirect to the asset listing page
+            return redirect()->route('hardware.index')
+                ->with('success', trans('admin/hardware/message.create.success'));
+        }
+
+        return redirect()->back()->withInput()->withErrors($asset->getErrors());
+
+    }
+
+    /**
+     * Returns a view that presents a form to edit an existing asset.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $assetId
+     * @since [v1.0]
+     * @return View
+     */
+    public function edit($assetId = null)
+    {
+        if (!$item = Asset::find($assetId)) {
+            // Redirect to the asset management page with error
+            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+        }
+        //Handles company checks and permissions.
+        $this->authorize($item);
+
+        return view('hardware/edit', compact('item'))
+            ->with('statuslabel_list', Helper::statusLabelList())
+            ->with('statuslabel_types', Helper::statusTypeList());
+    }
+
+
+    /**
+     * Returns a view that presents information about an asset for detail view.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $assetId
+     * @since [v1.0]
+     * @return View
+     */
+    public function show($assetId = null)
+    {
+        $asset = Asset::withTrashed()->find($assetId);
+        $this->authorize('view', $asset);
+        $settings = Setting::getSettings();
+
+        if (isset($asset)) {
+            $audit_log = Actionlog::where('action_type', '=', 'audit')
+                ->where('item_id', '=', $assetId)
+                ->where('item_type', '=', Asset::class)
+                ->orderBy('created_at', 'DESC')->first();
+
+            if ($asset->location) {
+                $use_currency = $asset->location->currency;
+            } else {
+                if ($settings->default_currency!='') {
+                    $use_currency = $settings->default_currency;
+                } else {
+                    $use_currency = trans('general.currency');
+                }
+            }
+
+            $qr_code = (object) array(
+                'display' => $settings->qr_code == '1',
+                'url' => route('qr_code/hardware', $asset->id)
+            );
+
+            return view('hardware/view', compact('asset', 'qr_code', 'settings'))
+                ->with('use_currency', $use_currency)->with('audit_log', $audit_log);
+        }
+
+        return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+    }
+
+
+    /**
+     * Validate and process asset edit form.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $assetId
+     * @since [v1.0]
+     * @return Redirect
+     */
+
+    public function update(ImageUploadRequest $request, $assetId = null)
+    {
+        // Check if the asset exists
+        if (!$asset = Asset::find($assetId)) {
+            // Redirect to the asset management page with error
+            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+        }
+        $this->authorize($asset);
+
+        $asset->status_id = $request->input('status_id', null);
+        $asset->warranty_months = $request->input('warranty_months', null);
+        $asset->purchase_cost = Helper::ParseFloat($request->input('purchase_cost', null));
+        $asset->purchase_date = $request->input('purchase_date', null);
+        $asset->supplier_id = $request->input('supplier_id', null);
+        $asset->expected_checkin = $request->input('expected_checkin', null);
+
+        // If the box isn't checked, it's not in the request at all.
+        $asset->requestable = $request->filled('requestable');
+        $asset->rtd_location_id = $request->input('rtd_location_id', null);
+
+        if ($asset->assigned_to=='') {
+            $asset->location_id = $request->input('rtd_location_id', null);
+        }
+
+
+        if ($request->filled('image_delete')) {
+            try {
+                unlink(public_path().'/uploads/assets/'.$asset->image);
+                $asset->image = '';
+            } catch (\Exception $e) {
+                \Log::info($e);
+            }
+
+        }
+
+
+        // Update the asset data
+        $asset_tag           =  $request->input('asset_tags');
+        $serial              = $request->input('serials');
+        $asset->name         = $request->input('name');
+        $asset->serial       = $serial[1];
+        $asset->company_id   = Company::getIdForCurrentUser($request->input('company_id'));
+        $asset->model_id     = $request->input('model_id');
+        $asset->order_number = $request->input('order_number');
+        $asset->asset_tag    = $asset_tag[1];
+        $asset->notes        = $request->input('notes');
+        $asset->physical     = '1';
+
+        $asset = $request->handleImages($asset);
+
+        // Update custom fields in the database.
+        // Validation for these fields is handlded through the AssetRequest form request
+        // FIXME: No idea why this is returning a Builder error on db_column_name.
+        // Need to investigate and fix. Using static method for now.
+        $model = AssetModel::find($request->get('model_id'));
+        if (($model) && ($model->fieldset)) {
+            foreach ($model->fieldset->fields as $field) {
+                if ($field->field_encrypted=='1') {
+                    if (Gate::allows('admin')) {
+                        if(is_array($request->input($field->convertUnicodeDbSlug()))){
+                            $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt(e(implode(', ', $request->input($field->convertUnicodeDbSlug()))));
+                        }else{
+                            $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt(e($request->input($field->convertUnicodeDbSlug())));
+                        }
+                    }
+                } else {
+                    if(is_array($request->input($field->convertUnicodeDbSlug()))){
+                        $asset->{$field->convertUnicodeDbSlug()} = implode(', ', $request->input($field->convertUnicodeDbSlug()));
+                    }else{
+                        $asset->{$field->convertUnicodeDbSlug()} = $request->input($field->convertUnicodeDbSlug());
+                    }
+                }
+            }
+        }
+
+
+        if ($asset->save()) {
+            return redirect()->route("hardware.show", $assetId)
+                ->with('success', trans('admin/hardware/message.update.success'));
+        }
+
+        return redirect()->back()->withInput()->withErrors($asset->getErrors());
+    }
+
+    /**
+     * Delete a given asset (mark as deleted).
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $assetId
+     * @since [v1.0]
+     * @return Redirect
+     */
+    public function destroy($assetId)
+    {
+        // Check if the asset exists
+        if (is_null($asset = Asset::find($assetId))) {
+            // Redirect to the asset management page with error
+            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+        }
+
+        $this->authorize('delete', $asset);
+
+        DB::table('assets')
+            ->where('id', $asset->id)
+            ->update(array('assigned_to' => null));
+
+        if ($asset->image) {
+            try  {
+                Storage::disk('public')->delete('assets'.'/'.$asset->image);
+            } catch (\Exception $e) {
+                \Log::debug($e);
+            }
+        }
+
+        $asset->delete();
+
+        return redirect()->route('hardware.index')->with('success', trans('admin/hardware/message.delete.success'));
+    }
+
+
+
+    /**
+     * Searches the assets table by asset tag, and redirects if it finds one
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return Redirect
+     */
+    public function getAssetByTag(Request $request)
+    {
+        $topsearch = ($request->get('topsearch')=="true");
+
+        if (!$asset = Asset::where('asset_tag', '=', $request->get('assetTag'))->first()) {
+            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+        }
+        $this->authorize('view', $asset);
+        return redirect()->route('hardware.show', $asset->id)->with('topsearch', $topsearch);
+    }
+    /**
+     * Return a QR code for the asset
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $assetId
+     * @since [v1.0]
+     * @return Response
+     */
+    public function getQrCode($assetId = null)
+    {
+        $settings = Setting::getSettings();
+
+        if ($settings->qr_code == '1') {
+            $asset = Asset::withTrashed()->find($assetId);
+            if ($asset) {
+                $size = Helper::barcodeDimensions($settings->barcode_type);
+                $qr_file = public_path().'/uploads/barcodes/qr-'.str_slug($asset->asset_tag).'-'.str_slug($asset->id).'.png';
+
+                if (isset($asset->id, $asset->asset_tag)) {
+                    if (file_exists($qr_file)) {
+                        $header = ['Content-type' => 'image/png'];
+                        return response()->file($qr_file, $header);
+                    } else {
+                        $barcode = new \Com\Tecnick\Barcode\Barcode();
+                        $barcode_obj =  $barcode->getBarcodeObj($settings->barcode_type, route('hardware.show', $asset->id), $size['height'], $size['width'], 'black', array(-2, -2, -2, -2));
+                        file_put_contents($qr_file, $barcode_obj->getPngData());
+                        return response($barcode_obj->getPngData())->header('Content-type', 'image/png');
+                    }
+                }
+            }
+            return 'That asset is invalid';
+        }
+    }
+
+
+    /**
+     * Return a 2D barcode for the asset
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $assetId
+     * @since [v1.0]
+     * @return Response
+     */
+    public function getBarCode($assetId = null)
+    {
+        $settings = Setting::getSettings();
+        $asset = Asset::find($assetId);
+        $barcode_file = public_path().'/uploads/barcodes/'.str_slug($settings->alt_barcode).'-'.str_slug($asset->asset_tag).'.png';
+
+        if (isset($asset->id, $asset->asset_tag)) {
+            if (file_exists($barcode_file)) {
+                $header = ['Content-type' => 'image/png'];
+                return response()->file($barcode_file, $header);
+            } else {
+                // Calculate barcode width in pixel based on label width (inch)
+                $barcode_width = ($settings->labels_width - $settings->labels_display_sgutter) * 96.000000000001;
+
+                $barcode = new \Com\Tecnick\Barcode\Barcode();
+                $barcode_obj = $barcode->getBarcodeObj($settings->alt_barcode,$asset->asset_tag,($barcode_width < 300 ? $barcode_width : 300),50);
+
+                file_put_contents($barcode_file, $barcode_obj->getPngData());
+                return response($barcode_obj->getPngData())->header('Content-type', 'image/png');
+            }
+        }
+    }
+
+
+    /**
+     * Return a label for an individual asset.
+     *
+     * @author [L. Swartzendruber] [<logan.swartzendruber@gmail.com>
+     * @param int $assetId
+     * @return View
+     */
+    public function getLabel($assetId = null)
+    {
+        if (isset($assetId)) {
+            $asset = Asset::find($assetId);
+            $this->authorize('view', $asset);
+
+            return view('hardware/labels')
+                ->with('assets', Asset::find($asset))
+                ->with('settings', Setting::getSettings())
+                ->with('bulkedit', false)
+                ->with('count', 0);
+        }
+    }
+
+
+    /**
+     * Returns a view that presents a form to clone an asset.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $assetId
+     * @since [v1.0]
+     * @return View
+     */
+    public function getClone($assetId = null)
+    {
+        // Check if the asset exists
+        if (is_null($asset_to_clone = Asset::find($assetId))) {
+            // Redirect to the asset management page
+            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+        }
+
+        $this->authorize('create', $asset_to_clone);
+
+        $asset = clone $asset_to_clone;
+        $asset->id = null;
+        $asset->asset_tag = '';
+        $asset->serial = '';
+        $asset->assigned_to = '';
+
+        return view('hardware/edit')
+            ->with('statuslabel_list', Helper::statusLabelList())
+            ->with('statuslabel_types', Helper::statusTypeList())
+            ->with('item', $asset);
+    }
+
+    /**
+     * Return history import view
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @return View
+     */
+    public function getImportHistory()
+    {
+        $this->authorize('admin');
+        return view('hardware/history');
+    }
+
+    /**
+     * Import history
+     *
+     * This needs a LOT of love. It's done very inelegantly right now, and there are
+     * a ton of optimizations that could (and should) be done.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.3]
+     * @return View
+     */
+    public function postImportHistory(Request $request)
+    {
+
+        if (!$request->hasFile('user_import_csv')) {
+            return back()->with('error', 'No file provided. Please select a file for import and try again. ');
+        }
+
+        if (!ini_get("auto_detect_line_endings")) {
+            ini_set("auto_detect_line_endings", '1');
+        }
+        $csv = Reader::createFromPath($request->file('user_import_csv'));
+        $csv->setHeaderOffset(0);
+        $results = $csv->getRecords();
+        $item = array();
+        $status = array();
+        $status['error'] = array();
+        $status['success'] = array();
+        foreach ($results as $row) {
+            if (is_array($row)) {
+                $row = array_change_key_case($row, CASE_LOWER);
+                $asset_tag = Helper::array_smart_fetch($row, "asset tag");
+                if (!array_key_exists($asset_tag, $item)) {
+                    $item[$asset_tag] = array();
+                }
+                $batch_counter = count($item[$asset_tag]);
+                $item[$asset_tag][$batch_counter]['checkout_date'] = Carbon::parse(Helper::array_smart_fetch($row, "checkout date"))->format('Y-m-d H:i:s');
+                $item[$asset_tag][$batch_counter]['checkin_date'] = Carbon::parse(Helper::array_smart_fetch($row, "checkin date"))->format('Y-m-d H:i:s');
+                \Log::debug($item[$asset_tag][$batch_counter]['checkin_date']);
+                $item[$asset_tag][$batch_counter]['asset_tag'] = Helper::array_smart_fetch($row, "asset tag");
+                $item[$asset_tag][$batch_counter]['name'] = Helper::array_smart_fetch($row, "name");
+                $item[$asset_tag][$batch_counter]['email'] = Helper::array_smart_fetch($row, "email");
+                if ($asset = Asset::where('asset_tag', '=', $asset_tag)->first()) {
+                    $item[$asset_tag][$batch_counter]['asset_id'] = $asset->id;
+                    $base_username = User::generateFormattedNameFromFullName(Setting::getSettings()->username_format, $item[$asset_tag][$batch_counter]['name']);
+                    $user = User::where('username', '=', $base_username['username']);
+                    $user_query = ' on username '.$base_username['username'];
+                    if ($request->input('match_firstnamelastname')=='1') {
+                        $firstnamedotlastname = User::generateFormattedNameFromFullName('firstname.lastname', $item[$asset_tag][$batch_counter]['name']);
+                        $item[$asset_tag][$batch_counter]['username'][] = $firstnamedotlastname['username'];
+                        $user->orWhere('username', '=', $firstnamedotlastname['username']);
+                        $user_query .= ', or on username '.$firstnamedotlastname['username'];
+                    }
+                    if ($request->input('match_flastname')=='1') {
+                        $flastname = User::generateFormattedNameFromFullName('filastname', $item[$asset_tag][$batch_counter]['name']);
+                        $item[$asset_tag][$batch_counter]['username'][] = $flastname['username'];
+                        $user->orWhere('username', '=', $flastname['username']);
+                        $user_query .= ', or on username '.$flastname['username'];
+                    }
+                    if ($request->input('match_firstname')=='1') {
+                        $firstname = User::generateFormattedNameFromFullName('firstname', $item[$asset_tag][$batch_counter]['name']);
+                        $item[$asset_tag][$batch_counter]['username'][] = $firstname['username'];
+                        $user->orWhere('username', '=', $firstname['username']);
+                        $user_query .= ', or on username '.$firstname['username'];
+                    }
+                    if ($request->input('match_email')=='1') {
+                        if ($item[$asset_tag][$batch_counter]['email']=='') {
+                            $item[$asset_tag][$batch_counter]['username'][] = $user_email = User::generateEmailFromFullName($item[$asset_tag][$batch_counter]['name']);
+                            $user->orWhere('username', '=', $user_email);
+                            $user_query .= ', or on username '.$user_email;
+                        }
+                    }
+                    // A matching user was found
+                    if ($user = $user->first()) {
+                        $item[$asset_tag][$batch_counter]['checkedout_to'] = $user->id;
+                        $item[$asset_tag][$batch_counter]['user_id'] = $user->id;
+                        Actionlog::firstOrCreate(array(
+                            'item_id' => $asset->id,
+                            'item_type' => Asset::class,
+                            'user_id' =>  Auth::user()->id,
+                            'note' => 'Checkout imported by '.Auth::user()->present()->fullName().' from history importer',
+                            'target_id' => $item[$asset_tag][$batch_counter]['user_id'],
+                            'target_type' => User::class,
+                            'created_at' =>  $item[$asset_tag][$batch_counter]['checkout_date'],
+                            'action_type'   => 'checkout',
+                        ));
+                        $asset->assigned_to = $user->id;
+                        if ($asset->save()) {
+                            $status['success'][]['asset'][$asset_tag]['msg'] = 'Asset successfully matched for '.Helper::array_smart_fetch($row, "name").$user_query.' on '.$item[$asset_tag][$batch_counter]['checkout_date'];
+                        } else {
+                            $status['error'][]['asset'][$asset_tag]['msg'] = 'Asset and user was matched but could not be saved.';
+                        }
+                    } else {
+                        $item[$asset_tag][$batch_counter]['checkedout_to'] = null;
+                        $status['error'][]['user'][Helper::array_smart_fetch($row, "name")]['msg'] = 'User does not exist so no checkin log was created.';
+                    }
+                } else {
+                    $item[$asset_tag][$batch_counter]['asset_id'] = null;
+                    $status['error'][]['asset'][$asset_tag]['msg'] = 'Asset does not exist so no match was attempted.';
+                }
+            }
+        }
+        // Loop through and backfill the checkins
+        foreach ($item as $key => $asset_batch) {
+            $total_in_batch = count($asset_batch);
+            for ($x = 0; $x < $total_in_batch; $x++) {
+                $next = $x + 1;
+                // Only do this if a matching user was found
+                if ((array_key_exists('checkedout_to', $asset_batch[$x])) && ($asset_batch[$x]['checkedout_to']!='')) {
+                    if (($total_in_batch > 1) && ($x < $total_in_batch) && (array_key_exists($next, $asset_batch))) {
+                        $checkin_date = Carbon::parse($asset_batch[$next]['checkin_date'])->format('Y-m-d H:i:s');
+                        $asset_batch[$x]['real_checkin'] = $checkin_date;
+                        \Log::debug($asset_batch[$next]['checkin_date']);
+                        \Log::debug($checkin_date);
+                        Actionlog::firstOrCreate(array(
+                            'item_id' => $asset_batch[$x]['asset_id'],
+                            'item_type' => Asset::class,
+                            'user_id' => Auth::user()->id,
+                            'note' => 'Checkin imported by ' . Auth::user()->present()->fullName() . ' from history importer',
+                            'target_id' => null,
+                            'created_at' => $checkin_date,
+                            'action_type' => 'checkin'
+                        ));
+                    }
+                }
+            }
+        }
+        return view('hardware/history')->with('status', $status);
+    }
+
+    public function sortByName(array $recordA, array $recordB): int
+    {
+        return strcmp($recordB['Full Name'], $recordA['Full Name']);
+    }
+
+    /**
+     * Retore a deleted asset.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $assetId
+     * @since [v1.0]
+     * @return View
+     */
+    public function getRestore($assetId = null)
+    {
+        // Get asset information
+        $asset = Asset::withTrashed()->find($assetId);
+        $this->authorize('delete', $asset);
+        if (isset($asset->id)) {
+            // Restore the asset
+            Asset::withTrashed()->where('id', $assetId)->restore();
+
+            $logaction = new Actionlog();
+            $logaction->item_type = Asset::class;
+            $logaction->item_id = $asset->id;
+            $logaction->created_at =  date("Y-m-d H:i:s");
+            $logaction->user_id = Auth::user()->id;
+            $logaction->logaction('restored');
+
+            return redirect()->route('hardware.index')->with('success', trans('admin/hardware/message.restore.success'));
+        }
+        return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+    }
+
+    public function quickScan()
+    {
+        $this->authorize('audit', Asset::class);
+        $dt = Carbon::now()->addMonths(12)->toDateString();
+        return view('hardware/quickscan')->with('next_audit_date', $dt);
+    }
+
+
+
+    public function audit($id)
+    {
+        $settings = Setting::getSettings();
+        $this->authorize('audit', Asset::class);
+        $dt = Carbon::now()->addMonths($settings->audit_interval)->toDateString();
+        $asset = Asset::findOrFail($id);
+        return view('hardware/audit')->with('asset', $asset)->with('next_audit_date', $dt)->with('locations_list');
+    }
+
+    public function dueForAudit()
+    {
+        $this->authorize('audit', Asset::class);
+        return view('hardware/audit-due');
+    }
+
+    public function overdueForAudit()
+    {
+        $this->authorize('audit', Asset::class);
+        return view('hardware/audit-overdue');
+    }
+
+
+    public function auditStore(Request $request, $id)
+    {
+        $this->authorize('audit', Asset::class);
+
+        $rules = array(
+            'location_id' => 'exists:locations,id|nullable|numeric',
+            'next_audit_date' => 'date|nullable'
+        );
+
+        $validator = \Validator::make($request->all(), $rules);
+
+        if ($validator->fails()) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, $validator->errors()->all()));
+        }
+
+        $asset = Asset::findOrFail($id);
+
+        // We don't want to log this as a normal update, so let's bypass that
+        $asset->unsetEventDispatcher();
+
+        $asset->next_audit_date = $request->input('next_audit_date');
+        $asset->last_audit_date = date('Y-m-d h:i:s');
+
+        // Check to see if they checked the box to update the physical location,
+        // not just note it in the audit notes
+        if ($request->input('update_location')=='1') {
+            \Log::debug('update location in audit');
+            $asset->location_id = $request->input('location_id');
+        }
+
+
+        if ($asset->save()) {
+            $file_name = '';
+            // Upload an image, if attached
+            if ($request->hasFile('image')) {
+                $path = 'private_uploads/audits';
+                if (!Storage::exists($path)) Storage::makeDirectory($path, 775);
+                $upload = $image = $request->file('image');
+                $ext = $image->getClientOriginalExtension();
+                $file_name = 'audit-'.str_random(18).'.'.$ext;
+                Storage::putFileAs($path, $upload, $file_name);
+            }
+
+
+            $asset->logAudit($request->input('note'), $request->input('location_id'), $file_name);
+            return redirect()->to("hardware")->with('success', trans('admin/hardware/message.audit.success'));
+        }
+    }
+
+    public function getRequestedIndex($user_id = null)
+    {
+        $requestedItems = CheckoutRequest::with('user', 'requestedItem')->whereNull('canceled_at')->with('user', 'requestedItem');
+
+        if ($user_id) {
+            $requestedItems->where('user_id', $user_id)->get();
+        }
+
+        $requestedItems = $requestedItems->orderBy('created_at', 'desc')->get();
+
+        return view('hardware/requested', compact('requestedItems'));
+    }
+
+}
--- a/app/Http/Controllers/Assets/BulkAssetsController.php
+++ b/app/Http/Controllers/Assets/BulkAssetsController.php
@@ -0,0 +1,259 @@
+<?php
+
+namespace App\Http\Controllers\Assets;
+
+use App\Helpers\Helper;
+use App\Http\Controllers\CheckInOutRequest;
+use App\Http\Controllers\Controller;
+use App\Models\Asset;
+use App\Models\Setting;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\DB;
+
+class BulkAssetsController extends Controller
+{
+    use CheckInOutRequest;
+
+    /**
+     * Display the bulk edit page.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @return View
+     * @internal param int $assetId
+     * @since [v2.0]
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function edit(Request $request)
+    {
+        $this->authorize('update', Asset::class);
+
+        if (!$request->filled('ids')) {
+            return redirect()->back()->with('error', 'No assets selected');
+        }
+
+        $asset_ids = array_keys($request->input('ids'));
+
+        if ($request->filled('bulk_actions')) {
+            switch($request->input('bulk_actions')) {
+                case 'labels':
+                    return view('hardware/labels')
+                        ->with('assets', Asset::find($asset_ids))
+                        ->with('settings', Setting::getSettings())
+                        ->with('bulkedit', true)
+                        ->with('count', 0);
+                case 'delete':
+                    $assets = Asset::with('assignedTo', 'location')->find($asset_ids);
+                    $assets->each(function ($asset) {
+                        $this->authorize('delete', $asset);
+                    });
+                    return view('hardware/bulk-delete')->with('assets', $assets);
+                case 'edit':
+                    return view('hardware/bulk')
+                        ->with('assets', request('ids'))
+                        ->with('statuslabel_list', Helper::statusLabelList());
+            }
+        }
+        return redirect()->back()->with('error', 'No action selected');
+    }
+
+    /**
+     * Save bulk edits
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @return Redirect
+     * @internal param array $assets
+     * @since [v2.0]
+     */
+    public function update(Request $request)
+    {
+        $this->authorize('update', Asset::class);
+
+        \Log::debug($request->input('ids'));
+
+        if(!$request->filled('ids') || count($request->input('ids')) <= 0) {
+            return redirect()->route("hardware.index")->with('warning', trans('No assets selected, so nothing was updated.'));
+        }
+
+        $assets = array_keys($request->input('ids'));
+
+        if (($request->filled('purchase_date'))
+            || ($request->filled('expected_checkin'))
+            || ($request->filled('purchase_cost'))
+            || ($request->filled('supplier_id'))
+            || ($request->filled('order_number'))
+            || ($request->filled('warranty_months'))
+            || ($request->filled('rtd_location_id'))
+            || ($request->filled('requestable'))
+            || ($request->filled('company_id'))
+            || ($request->filled('status_id'))
+            || ($request->filled('model_id'))
+        ) {
+            foreach ($assets as $assetId) {
+                $this->update_array = [];
+
+                $this->conditionallyAddItem('purchase_date')
+                    ->conditionallyAddItem('expected_checkin')
+                    ->conditionallyAddItem('model_id')
+                    ->conditionallyAddItem('order_number')
+                    ->conditionallyAddItem('requestable')
+                    ->conditionallyAddItem('status_id')
+                    ->conditionallyAddItem('supplier_id')
+                    ->conditionallyAddItem('warranty_months');
+
+                if ($request->filled('purchase_cost')) {
+                    $this->update_array['purchase_cost'] =  Helper::ParseFloat($request->input('purchase_cost'));
+                }
+
+                if ($request->filled('company_id')) {
+                    $this->update_array['company_id'] =  $request->input('company_id');
+                    if ($request->input('company_id')=="clear") {
+                        $this->update_array['company_id'] = null;
+                    }
+                }
+
+                if ($request->filled('rtd_location_id')) {
+                    $this->update_array['rtd_location_id'] = $request->input('rtd_location_id');
+                    if (($request->filled('update_real_loc')) && (($request->input('update_real_loc')) == '1')) {
+                        $this->update_array['location_id'] = $request->input('rtd_location_id');
+                    }
+                }
+
+                DB::table('assets')
+                    ->where('id', $assetId)
+                    ->update($this->update_array);
+            } // endforeach
+            return redirect()->route("hardware.index")->with('success', trans('admin/hardware/message.update.success'));
+        // no values given, nothing to update
+        }
+        return redirect()->route("hardware.index")->with('warning', trans('admin/hardware/message.update.nothing_updated'));
+
+    }
+
+    /**
+     * Array to store update data per item
+     * @var Array
+     */
+    private $update_array;
+
+    /**
+     * Adds parameter to update array for an item if it exists in request
+     * @param  String $field field name
+     * @return BulkAssetsController Model for Chaining
+     */
+    protected function conditionallyAddItem($field)
+    {
+        if(request()->filled($field)) {
+            $this->update_array[$field] = request()->input($field);
+        }
+        return $this;
+    }
+
+    /**
+     * Save bulk deleted.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param Request $request
+     * @return View
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     * @internal param array $assets
+     * @since [v2.0]
+     */
+    public function destroy(Request $request)
+    {
+        $this->authorize('delete', Asset::class);
+
+        if ($request->filled('ids')) {
+            $assets = Asset::find($request->get('ids'));
+            foreach ($assets as $asset) {
+                $update_array['deleted_at'] = date('Y-m-d H:i:s');
+                $update_array['assigned_to'] = null;
+
+                DB::table('assets')
+                    ->where('id', $asset->id)
+                    ->update($update_array);
+            } // endforeach
+            return redirect()->to("hardware")->with('success', trans('admin/hardware/message.delete.success'));
+            // no values given, nothing to update
+        }
+        return redirect()->to("hardware")->with('info', trans('admin/hardware/message.delete.nothing_updated'));
+    }
+
+    /**
+     * Show Bulk Checkout Page
+     * @return View View to checkout multiple assets
+     */
+    public function showCheckout()
+    {
+        $this->authorize('checkout', Asset::class);
+        // Filter out assets that are not deployable.
+
+        return view('hardware/bulk-checkout');
+    }
+
+    /**
+     * Process Multiple Checkout Request
+     * @return View
+     */
+    public function storeCheckout(Request $request)
+    {
+        try {
+            $admin = Auth::user();
+
+            $target = $this->determineCheckoutTarget();
+
+            if (!is_array($request->get('selected_assets'))) {
+                return redirect()->route('hardware/bulkcheckout')->withInput()->with('error', trans('admin/hardware/message.checkout.no_assets_selected'));
+            }
+
+            $asset_ids = array_filter($request->get('selected_assets'));
+
+            if(request('checkout_to_type') =='asset') {
+                foreach ($asset_ids as $asset_id) {
+                    if ($target->id == $asset_id)  {
+                        return redirect()->back()->with('error', 'You cannot check an asset out to itself.');
+                    }
+                }
+            }
+            $checkout_at = date("Y-m-d H:i:s");
+            if (($request->filled('checkout_at')) && ($request->get('checkout_at')!= date("Y-m-d"))) {
+                $checkout_at = e($request->get('checkout_at'));
+            }
+
+            $expected_checkin = '';
+
+            if ($request->filled('expected_checkin')) {
+                $expected_checkin = e($request->get('expected_checkin'));
+            }
+
+            $errors = [];
+            DB::transaction(function () use ($target, $admin, $checkout_at, $expected_checkin, $errors, $asset_ids, $request) {
+
+                foreach ($asset_ids as $asset_id) {
+                    $asset = Asset::findOrFail($asset_id);
+                    $this->authorize('checkout', $asset);
+                    $error = $asset->checkOut($target, $admin, $checkout_at, $expected_checkin, e($request->get('note')), null);
+
+                    if ($target->location_id!='') {
+                        $asset->location_id = $target->location_id;
+                        $asset->unsetEventDispatcher();
+                        $asset->save();
+                    }
+
+                    if ($error) {
+                        array_merge_recursive($errors, $asset->getErrors()->toArray());
+                    }
+                }
+            });
+
+            if (!$errors) {
+              // Redirect to the new asset page
+                return redirect()->to("hardware")->with('success', trans('admin/hardware/message.checkout.success'));
+            }
+            // Redirect to the asset management page with error
+            return redirect()->to("hardware/bulk-checkout")->with('error', trans('admin/hardware/message.checkout.error'))->withErrors($errors);
+        } catch (ModelNotFoundException $e) {
+            return redirect()->to("hardware/bulk-checkout")->with('error', $e->getErrors());
+        }
+    }
+}
--- a/app/Http/Controllers/AssetsController.php
+++ b/app/Http/Controllers/AssetsController.php
--- a/app/Http/Controllers/Auth/ForgotPasswordController.php
+++ b/app/Http/Controllers/Auth/ForgotPasswordController.php
@@ -41,6 +41,8 @@ class ForgotPasswordController extends Controller
        return property_exists($this, 'subject') ? $this->subject : \Lang::get('mail.reset_link');
    }

+
+
    /**
     * Send a reset link to the given user.
     *
@@ -49,24 +51,58 @@ class ForgotPasswordController extends Controller
     */
    public function sendResetLinkEmail(Request $request)
    {
-        $this->validate($request, ['email' => 'required|email']);

-        // We will send the password reset link to this user. Once we have attempted
-        // to send the link, we will examine the response then see the message we
-        // need to show to the user. Finally, we'll send out a proper response.
+        /**
+         * Let's set a max character count here to prevent potential
+         * buffer overflow issues with attackers sending very large
+         * payloads through.
+         */
+
+        $request->validate([
+            'username' => ['required', 'max:255'],
+        ]);
+        
+
+
+        /**
+         * If we find a matching email with an activated user, we will
+         * send the password reset link to the user.
+         *
+         * Once we have attempted to send the link, we will examine the response
+         * then see the message we need to show to the user. Finally, we'll send out a proper response.
+         */
        $response = $this->broker()->sendResetLink(
-            $request->only('email')
+            array_merge(
+                $request->only('username'),
+                ['activated' => '1'],
+                ['ldap_import' => '0']
+            )
        );

        if ($response === \Password::RESET_LINK_SENT) {
-            return redirect()->route('login')->with('status', trans($response));
+            \Log::info('Password reset attempt: User '.$request->input('username').' WAS found, password reset sent');
+        } else {
+            \Log::info('Password reset attempt: User matching username '.$request->input('username').' NOT FOUND or user is inactive');
        }

-        // If an error was returned by the password broker, we will get this message
-        // translated so we can notify a user of the problem. We'll redirect back
-        // to where the users came from so they can attempt this process again.
-        return back()->withErrors(
-            ['email' => trans($response)]
-        );
-    }
+
+        /**
+         * If an error was returned by the password broker, we will get this message
+         * translated so we can notify a user of the problem. We'll redirect back
+         * to where the users came from so they can attempt this process again.
+         *
+         * HOWEVER, we do not want to translate the message if the user isn't found
+         * or isn't active, since that would allow an attacker to walk through
+         * a dictionary attack and figure out registered user email addresses.
+         *
+         * Instead we tell the user we've sent an email even though we haven't.
+         * It's bad UX, but better security. The compromises we sometimes have to make.
+        */
+
+        // Regardless of response, we do not want to disclose the status of a user account,
+        // so we give them a generic "If this exists, we're TOTALLY gonna email you" response
+        return redirect()->route('login')->with('success',trans('passwords.sent'));
+        }
+
+
 }
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@@ -2,20 +2,21 @@

 namespace App\Http\Controllers\Auth;

-use Validator;
 use App\Http\Controllers\Controller;
-use Illuminate\Foundation\Auth\ThrottlesLogins;
 use App\Models\Setting;
-use App\Models\Ldap;
 use App\Models\User;
-use Auth;
-use Config;
+use App\Services\LdapAd;
+use App\Services\Saml;
+use Com\Tecnick\Barcode\Barcode;
+use Google2FA;
+use Illuminate\Foundation\Auth\ThrottlesLogins;
 use Illuminate\Http\Request;
-use Input;
-use Redirect;
+use Illuminate\Support\Carbon;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Session;
+use Illuminate\Support\Facades\Validator;
 use Log;
-use View;
-use PragmaRX\Google2FA\Google2FA;
+use Redirect;

 /**
 * This controller handles authentication for the user, including local
@@ -39,22 +40,43 @@ class LoginController extends Controller
     */
    protected $redirectTo = '/';

+    /**
+     * @var LdapAd
+     */
+    protected $ldap;
+
+    /**
+     * @var Saml
+     */
+    protected $saml;
+
    /**
     * Create a new authentication controller instance.
     *
+     * @param LdapAd $ldap
+     * @param Saml $saml
+     *
     * @return void
     */
-    public function __construct()
+    public function __construct(LdapAd $ldap, Saml $saml)
    {
+        parent::__construct();
        $this->middleware('guest', ['except' => ['logout','postTwoFactorAuth','getTwoFactorAuth','getTwoFactorEnroll']]);
-        \Session::put('backUrl', \URL::previous());
+        Session::put('backUrl', \URL::previous());
+        $this->ldap = $ldap;
+        $this->saml = $saml;
    }

    function showLoginForm(Request $request)
    {
        $this->loginViaRemoteUser($request);
+        $this->loginViaSaml($request);
        if (Auth::check()) {
-            return redirect()->intended('dashboard');
+            return redirect()->intended('/');
+        }
+
+        if ($this->saml->isEnabled() && Setting::getSettings()->saml_forcelogin == "1" && !($request->has('nosaml') || $request->session()->has('error'))) {
+            return redirect()->route('saml.login');
        }

        if (Setting::getSettings()->login_common_disabled == "1") {
@@ -64,68 +86,109 @@ class LoginController extends Controller
        return view('auth.login');
    }

+    /**
+     * Log in a user by SAML
+     * 
+     * @author Johnson Yi <jyi.dev@outlook.com>
+     * 
+     * @since 5.0.0
+     *
+     * @param Request $request
+     * 
+     * @return User
+     * 
+     * @throws \Exception
+     */
+    private function loginViaSaml(Request $request)
+    {
+        $saml = $this->saml;
+        $samlData = $request->session()->get('saml_login');
+        if ($saml->isEnabled() && !empty($samlData)) {
+            try {
+                Log::debug("Attempting to log user in by SAML authentication.");
+                $user = $saml->samlLogin($samlData);
+                if(!is_null($user)) {
+                    Auth::login($user, true);
+                } else {
+                    $username = $saml->getUsername();
+                    Log::error("SAML user '$username' could not be found in database.");
+                    $request->session()->flash('error', trans('auth/message.signin.error'));
+                    $saml->clearData();
+                }
+
+                if ($user = Auth::user()) {
+                    $user->last_login = \Carbon::now();
+                    $user->save();
+                }
+            } catch (\Exception $e) {
+                Log::error("There was an error authenticating the SAML user: " . $e->getMessage());
+                throw new \Exception($e->getMessage());
+            }
+        }
+    }
+
+    /**
+     * Log in a user by LDAP
+     * 
+     * @author Wes Hulette <jwhulette@gmail.com>
+     * 
+     * @since 5.0.0
+     *
+     * @param Request $request
+     * 
+     * @return User
+     * 
+     * @throws \Exception
+     */
+    private function loginViaLdap(Request $request): User
+    {
+        try {
+            return $this->ldap->ldapLogin($request->input('username'), $request->input('password'));
+        } catch (\Exception $ex) {
+            LOG::debug("LDAP user login: " . $ex->getMessage());
+            throw new \Exception($ex->getMessage());
+        }
+    }
+
    private function loginViaRemoteUser(Request $request)
    {
-        $remote_user = $request->server('REMOTE_USER');
+        $header_name = Setting::getSettings()->login_remote_user_header_name ?: 'REMOTE_USER';
+        $remote_user = $request->server($header_name);
        if (Setting::getSettings()->login_remote_user_enabled == "1" && isset($remote_user) && !empty($remote_user)) {
-            LOG::debug("Authenticatiing via REMOTE_USER.");
+            Log::debug("Authenticating via HTTP header $header_name.");
+
+            $strip_prefixes = [
+                // IIS/AD
+                // https://github.com/snipe/snipe-it/pull/5862
+                '\\',
+
+                // Google Cloud IAP
+                // https://cloud.google.com/iap/docs/identity-howto#getting_the_users_identity_with_signed_headers
+                'accounts.google.com:',
+            ];
+
+            $pos = 0;
+            foreach ($strip_prefixes as $needle) {
+                if (($pos = strpos($remote_user, $needle)) !== FALSE) {
+                    $pos += strlen($needle);
+                    break;
+                }
+            }
+
+            if ($pos > 0) {
+                $remote_user = substr($remote_user, $pos);
+            };
+            
            try {
-                $user = User::where('username', '=', $remote_user)->whereNull('deleted_at')->first();
-                LOG::debug("Remote user auth lookup complete");
+                $user = User::where('username', '=', $remote_user)->whereNull('deleted_at')->where('activated', '=', '1')->first();
+                Log::debug("Remote user auth lookup complete");
                if(!is_null($user)) Auth::login($user, true);
            } catch(Exception $e) {
-                LOG::error("There was an error authenticating the Remote user: " . $e->getMessage());
+                Log::debug("There was an error authenticating the Remote user: " . $e->getMessage());
            }
        }
    }

-    private function loginViaLdap(Request $request)
-    {
-        LOG::debug("Binding user to LDAP.");
-        $ldap_user = Ldap::findAndBindUserLdap($request->input('username'), $request->input('password'));
-        if (!$ldap_user) {
-            LOG::debug("LDAP user ".$request->input('username')." not found in LDAP or could not bind");
-            throw new \Exception("Could not find user in LDAP directory");
-        } else {
-            LOG::debug("LDAP user ".$request->input('username')." successfully bound to LDAP");
-        }
-
-        // Check if the user already exists in the database and was imported via LDAP
-        $user = User::where('username', '=', Input::get('username'))->whereNull('deleted_at')->where('ldap_import', '=', 1)->first();
-        LOG::debug("Local auth lookup complete");
-
-        // The user does not exist in the database. Try to get them from LDAP.
-        // If user does not exist and authenticates successfully with LDAP we
-        // will create it on the fly and sign in with default permissions
-        if (!$user) {
-            LOG::debug("Local user ".Input::get('username')." does not exist");
-            LOG::debug("Creating local user ".Input::get('username'));
-
-            if ($user = Ldap::createUserFromLdap($ldap_user)) { //this handles passwords on its own
-                LOG::debug("Local user created.");
-            } else {
-                LOG::debug("Could not create local user.");
-                throw new \Exception("Could not create local user");
-            }
-            // If the user exists and they were imported from LDAP already
-        } else {
-            LOG::debug("Local user ".$request->input('username')." exists in database. Updating existing user against LDAP.");
-
-            $ldap_attr = Ldap::parseAndMapLdapAttributes($ldap_user);
-
-            if (Setting::getSettings()->ldap_pw_sync=='1') {
-                $user->password = bcrypt($request->input('password'));
-            }
-
-            $user->email = $ldap_attr['email'];
-            $user->first_name = $ldap_attr['firstname'];
-            $user->last_name = $ldap_attr['lastname'];
-            $user->save();
-        } // End if(!user)
-        return $user;
-    }
-
-
    /**
     * Account sign in form processing.
     *
@@ -137,14 +200,14 @@ class LoginController extends Controller
            return view('errors.403');
        }

-        $validator = $this->validator(Input::all());
+        $validator = $this->validator($request->all());

        if ($validator->fails()) {
            return redirect()->back()->withInput()->withErrors($validator);
        }

-        $this->maxLoginAttempts = config('auth.throttle.max_attempts');
-        $this->lockoutTime = config('auth.throttle.lockout_duration');
+        $this->maxLoginAttempts = config('auth.passwords.users.throttle.max_attempts');
+        $this->lockoutTime = config('auth.passwords.users.throttle.lockout_duration');

        if ($lockedOut = $this->hasTooManyLoginAttempts($request)) {
            $this->fireLockoutEvent($request);
@@ -154,30 +217,31 @@ class LoginController extends Controller
        $user = null;

        // Should we even check for LDAP users?
-        if (Setting::getSettings()->ldap_enabled=='1') {
+        if ($this->ldap->init()) {
            LOG::debug("LDAP is enabled.");
            try {
+                LOG::debug("Attempting to log user in by LDAP authentication.");
                $user = $this->loginViaLdap($request);
                Auth::login($user, true);

            // If the user was unable to login via LDAP, log the error and let them fall through to
            // local authentication.
            } catch (\Exception $e) {
-                LOG::error("There was an error authenticating the LDAP user: ".$e->getMessage());
+                Log::debug("There was an error authenticating the LDAP user: ".$e->getMessage());
            }
        }

        // If the user wasn't authenticated via LDAP, skip to local auth
        if (!$user) {
-            LOG::debug("Authenticating user against database.");
+            Log::debug("Authenticating user against database.");
          // Try to log the user in
-            if (!Auth::attempt(Input::only('username', 'password'), Input::get('remember-me', 0))) {
+            if (!Auth::attempt(['username' => $request->input('username'), 'password' => $request->input('password'), 'activated' => 1], $request->input('remember'))) {

                if (!$lockedOut) {
                    $this->incrementLoginAttempts($request);
                }

-                LOG::debug("Local authentication failed.");
+                Log::debug("Local authentication failed.");
                return redirect()->back()->withInput()->with('error', trans('auth/message.account_not_found'));
            } else {

@@ -187,7 +251,7 @@ class LoginController extends Controller

        if ($user = Auth::user()) {
            $user->last_login = \Carbon::now();
-            \Log::debug('Last login:'.$user->last_login);
+            $user->activated = 1;
            $user->save();
        }
        // Redirect to the users page
@@ -203,27 +267,46 @@ class LoginController extends Controller
    public function getTwoFactorEnroll()
    {

+        // Make sure the user is logged in
        if (!Auth::check()) {
-            return redirect()->route('login')->with('error', 'You must be logged in.');
+            return redirect()->route('login')->with('error', trans('auth/general.login_prompt'));
        }

+
+        $settings = Setting::getSettings();
        $user = Auth::user();
-        $google2fa = app()->make('PragmaRX\Google2FA\Contracts\Google2FA');

-        if ($user->two_factor_secret=='') {
-            $user->two_factor_secret = $google2fa->generateSecretKey(32);
-            $user->save();
+        // We wouldn't normally see this page if 2FA isn't enforced via the
+        // \App\Http\Middleware\CheckForTwoFactor middleware AND if a device isn't enrolled,
+        // but let's check check anyway in case there's a browser history or back button thing.
+        // While you can access this page directly, enrolling a device when 2FA isn't enforced
+        // won't cause any harm.
+
+        if (($user->two_factor_secret!='') && ($user->two_factor_enrolled==1)) {
+            return redirect()->route('two-factor')->with('error', trans('auth/message.two_factor.already_enrolled'));
        }

+        $secret = Google2FA::generateSecretKey();
+        $user->two_factor_secret = $secret;
+        $user->save();

-        $google2fa_url = $google2fa->getQRCodeGoogleUrl(
-            urlencode(Setting::getSettings()->site_name),
-            urlencode($user->username),
-            $user->two_factor_secret
-        );
-
-        return view('auth.two_factor_enroll')->with('google2fa_url', $google2fa_url);
+        $barcode = new Barcode();
+        $barcode_obj =
+            $barcode->getBarcodeObj(
+                'QRCODE',
+                sprintf(
+                    'otpauth://totp/%s:%s?secret=%s&issuer=Snipe-IT&period=30',
+                    urlencode($settings->site_name),
+                    urlencode($user->username),
+                    urlencode($secret)
+                ),
+                300,
+                300,
+                'black',
+                [-2, -2, -2, -2]
+            );

+        return view('auth.two_factor_enroll')->with('barcode_obj', $barcode_obj);
    }


@@ -234,34 +317,56 @@ class LoginController extends Controller
     */
    public function getTwoFactorAuth()
    {
+        // Check that the user is logged in
+        if (!Auth::check()) {
+            return redirect()->route('login')->with('error', trans('auth/general.login_prompt'));
+        }
+
+        $user = Auth::user();
+
+        // Check whether there is a device enrolled.
+        // This *should* be handled via the \App\Http\Middleware\CheckForTwoFactor middleware
+        // but we're just making sure (in case someone edited the database directly, etc)
+        if (($user->two_factor_secret=='') || ($user->two_factor_enrolled!=1)) {
+            return redirect()->route('two-factor-enroll');
+        }
+
        return view('auth.two_factor');
    }

    /**
     * Two factor code submission
     *
+     * @param Request $request
+     *
     * @return Redirect
     */
    public function postTwoFactorAuth(Request $request)
    {

        if (!Auth::check()) {
-            return redirect()->route('login')->with('error', 'You must be logged in.');
+            return redirect()->route('login')->with('error', trans('auth/general.login_prompt'));
+        }
+
+        if (!$request->filled('two_factor_secret')) {
+            return redirect()->route('two-factor')->with('error', trans('auth/message.two_factor.code_required'));
+        }
+
+        if (!$request->has('two_factor_secret')) {
+            return redirect()->route('two-factor')->with('error', 'Two-factor code is required.');
        }

        $user = Auth::user();
-        $secret = $request->get('two_factor_secret');
-        $google2fa = app()->make('PragmaRX\Google2FA\Contracts\Google2FA');
-        $valid = $google2fa->verifyKey($user->two_factor_secret, $secret);
+        $secret = $request->input('two_factor_secret');

-        if ($valid) {
+        if (Google2FA::verifyKey($user->two_factor_secret, $secret)) {
            $user->two_factor_enrolled = 1;
            $user->save();
            $request->session()->put('2fa_authed', 'true');
            return redirect()->route('home')->with('success', 'You are logged in!');
        }

-        return redirect()->route('two-factor')->with('error', 'Invalid two-factor code');
+        return redirect()->route('two-factor')->with('error', trans('auth/message.two_factor.invalid_code'));


    }
@@ -270,21 +375,47 @@ class LoginController extends Controller
    /**
     * Logout page.
     *
+     * @param Request $request
+     *
     * @return Redirect
     */
    public function logout(Request $request)
    {
-        $request->session()->forget('2fa_authed');
+        $settings = Setting::getSettings();
+        $saml = $this->saml;
+        $sloRedirectUrl = null;
+        $sloRequestUrl = null;

+        if ($saml->isEnabled()) {
+            $auth = $saml->getAuth();
+            $sloRedirectUrl = $request->session()->get('saml_slo_redirect_url');
+            
+            if (!empty($auth->getSLOurl()) && $settings->saml_slo == '1' && $saml->isAuthenticated()  && empty($sloRedirectUrl)) {
+                $sloRequestUrl = $auth->logout(null, array(), $saml->getNameId(), $saml->getSessionIndex(), true, $saml->getNameIdFormat(), $saml->getNameIdNameQualifier(), $saml->getNameIdSPNameQualifier());
+            }
+
+            $saml->clearData();
+        }
+
+        if (!empty($sloRequestUrl)) {
+            return redirect()->away($sloRequestUrl);
+        }
+
+        $request->session()->regenerate(true);
+
+        $request->session()->regenerate(true);
        Auth::logout();

-        $settings = Setting::getSettings();
+        if (!empty($sloRedirectUrl)) {
+            return redirect()->away($sloRedirectUrl);
+        }
+
        $customLogoutUrl = $settings->login_remote_user_custom_logout_url ;
        if ($settings->login_remote_user_enabled == '1' && $customLogoutUrl != '') {
            return redirect()->away($customLogoutUrl);
        }

-        return redirect()->route('login')->with('success', 'You have successfully logged out!');
+        return redirect()->route('login')->with(['success' => trans('auth/message.logout.success'), 'loggedout' => true]);
    }


@@ -309,11 +440,11 @@ class LoginController extends Controller
    }

    /**
-    * Redirect the user after determining they are locked out.
-    *
-    * @param  \Illuminate\Http\Request  $request
-    * @return \Illuminate\Http\RedirectResponse
-    */
+     * Redirect the user after determining they are locked out.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\RedirectResponse
+     */
    protected function sendLockoutResponse(Request $request)
    {
        $seconds = $this->limiter()->availableIn(
@@ -324,22 +455,22 @@ class LoginController extends Controller

        $message = \Lang::get('auth/message.throttle', ['minutes' => $minutes]);

-            return redirect()->back()
+        return redirect()->back()
            ->withInput($request->only($this->username(), 'remember'))
            ->withErrors([$this->username() => $message]);
    }


    /**
-    * Override the lockout time and duration
-    *
-    * @param  \Illuminate\Http\Request  $request
-    * @return \Illuminate\Http\RedirectResponse
-    */
+     * Override the lockout time and duration
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return bool
+     */
    protected function hasTooManyLoginAttempts(Request $request)
    {
-        $lockoutTime = config('auth.throttle.lockout_duration');
-        $maxLoginAttempts = config('auth.throttle.max_attempts');
+        $lockoutTime = config('auth.passwords.users.throttle.lockout_duration');
+        $maxLoginAttempts = config('auth.passwords.users.throttle.max_attempts');

        return $this->limiter()->tooManyAttempts(
            $this->throttleKey($request),
--- a/app/Http/Controllers/Auth/RegisterController.php
+++ b/app/Http/Controllers/Auth/RegisterController.php
@@ -3,7 +3,6 @@
 namespace App\Http\Controllers\Auth;

 use App\Http\Controllers\Controller;
-use Illuminate\Foundation\Auth\ResetsPasswords;

 class RegisterController extends Controller
 {
--- a/Show More
+++ b/Show More