Changed branch from develop to master

Merge remote-tracking branch 'origin/develop'
Bumped version
2021-02-25 16:54:23 -08:00 · 2021-02-25 16:53:50 -08:00 · 2021-02-25 16:53:37 -08:00 · 2021-02-25 16:44:55 -08:00 · 2021-02-25 16:43:38 -08:00 · 2021-02-25 13:35:05 -08:00
1533 changed files with 23934 additions and 8823 deletions
--- a/.all-contributorsrc
+++ b/.all-contributorsrc
@@ -135,7 +135,8 @@
      "avatar_url": "https://avatars0.githubusercontent.com/u/10137?v=3",
      "profile": "https://github.com/ghost",
      "contributions": [
-        "translation"
+        "translation",
+        "code"
      ]
    },
    {
@@ -1938,6 +1939,195 @@
      "contributions": [
        "code"
      ]
+    },
+    {
+      "login": "dampfklon",
+      "name": "Dampfklon",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/1733625?v=4",
+      "profile": "https://github.com/dampfklon",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "chamilton-ccn",
+      "name": "Charles Hamilton",
+      "avatar_url": "https://avatars2.githubusercontent.com/u/52973156?v=4",
+      "profile": "https://communityclosing.com",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "giannello",
+      "name": "Giuseppe Iannello",
+      "avatar_url": "https://avatars.githubusercontent.com/u/551789?v=4",
+      "profile": "https://github.com/giannello",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "PeterDaveHello",
+      "name": "Peter Dave Hello",
+      "avatar_url": "https://avatars.githubusercontent.com/u/3691490?v=4",
+      "profile": "https://www.peterdavehello.org/",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "sigmoidal",
+      "name": "sigmoidal",
+      "avatar_url": "https://avatars.githubusercontent.com/u/6106332?v=4",
+      "profile": "https://github.com/sigmoidal",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "phenixdotnet",
+      "name": "Vincent Lainé",
+      "avatar_url": "https://avatars.githubusercontent.com/u/2082554?v=4",
+      "profile": "https://github.com/phenixdotnet",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "derlucas",
+      "name": "Lucas Pleß",
+      "avatar_url": "https://avatars.githubusercontent.com/u/1943040?v=4",
+      "profile": "http://www.lucas-pless.com",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "iansltx",
+      "name": "Ian Littman",
+      "avatar_url": "https://avatars.githubusercontent.com/u/472804?v=4",
+      "profile": "http://twitter.com/iansltx",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "PauloLuna",
+      "name": "João Paulo",
+      "avatar_url": "https://avatars.githubusercontent.com/u/3519029?v=4",
+      "profile": "https://github.com/PauloLuna",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "ThoBur",
+      "name": "ThoBur",
+      "avatar_url": "https://avatars.githubusercontent.com/u/70443365?v=4",
+      "profile": "https://github.com/ThoBur",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "alek13",
+      "name": "Alexander Chibrikin",
+      "avatar_url": "https://avatars.githubusercontent.com/u/1972329?v=4",
+      "profile": "http://phpprofi.ru/",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "winstan",
+      "name": "Anthony Winstanley",
+      "avatar_url": "https://avatars.githubusercontent.com/u/438332?v=4",
+      "profile": "https://github.com/winstan",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "fashberg",
+      "name": "Folke",
+      "avatar_url": "https://avatars.githubusercontent.com/u/3075214?v=4",
+      "profile": "https://github.com/fashberg",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "benwa",
+      "name": "Bennett Blodinger",
+      "avatar_url": "https://avatars.githubusercontent.com/u/1351571?v=4",
+      "profile": "https://github.com/benwa",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "ncareau",
+      "name": "NMC",
+      "avatar_url": "https://avatars.githubusercontent.com/u/2974631?v=4",
+      "profile": "https://nmc.dev",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "andres-baller",
+      "name": "andres-baller",
+      "avatar_url": "https://avatars.githubusercontent.com/u/52182449?v=4",
+      "profile": "https://github.com/andres-baller",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "sean-borg",
+      "name": "sean-borg",
+      "avatar_url": "https://avatars.githubusercontent.com/u/67109348?v=4",
+      "profile": "https://github.com/sean-borg",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "EDVLeer",
+      "name": "EDVLeer",
+      "avatar_url": "https://avatars.githubusercontent.com/u/32170051?v=4",
+      "profile": "https://github.com/EDVLeer",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "Kurokat",
+      "name": "Kurokat",
+      "avatar_url": "https://avatars.githubusercontent.com/u/23075196?v=4",
+      "profile": "https://github.com/Kurokat",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "koelle25",
+      "name": "Kevin Köllmann",
+      "avatar_url": "https://avatars.githubusercontent.com/u/915514?v=4",
+      "profile": "https://www.kevinkoellmann.de",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "sw-mreyes",
+      "name": "sw-mreyes",
+      "avatar_url": "https://avatars.githubusercontent.com/u/49025941?v=4",
+      "profile": "https://github.com/sw-mreyes",
+      "contributions": [
+        "code"
+      ]
    }
  ]
 }
--- a/.env.example
+++ b/.env.example
@@ -51,7 +51,7 @@ MAIL_FROM_ADDR=you@example.com
 MAIL_FROM_NAME='Snipe-IT'
 MAIL_REPLYTO_ADDR=you@example.com
 MAIL_REPLYTO_NAME='Snipe-IT'
-MAIL_BACKUP_NOTIFICATION_ADDRESS=you@example.com
+MAIL_AUTO_EMBED_METHOD='attachment'

 # --------------------------------------------
 # REQUIRED: IMAGE LIBRARY
@@ -59,6 +59,15 @@ MAIL_BACKUP_NOTIFICATION_ADDRESS=you@example.com
 # --------------------------------------------
 IMAGE_LIB=gd

+
+# --------------------------------------------
+# OPTIONAL: BACKUP SETTINGS
+# --------------------------------------------
+MAIL_BACKUP_NOTIFICATION_DRIVER=null
+MAIL_BACKUP_NOTIFICATION_ADDRESS=null
+BACKUP_ENV=true
+
+
 # --------------------------------------------
 # OPTIONAL: SESSION SETTINGS
 # --------------------------------------------
@@ -68,6 +77,7 @@ ENCRYPT=false
 COOKIE_NAME=snipeit_session
 COOKIE_DOMAIN=null
 SECURE_COOKIES=false
+API_TOKEN_EXPIRATION_YEARS=40

 # --------------------------------------------
 # OPTIONAL: SECURITY HEADER SETTINGS
@@ -125,6 +135,7 @@ PRIVATE_AWS_BUCKET_ROOT=null
 # --------------------------------------------
 LOGIN_MAX_ATTEMPTS=5
 LOGIN_LOCKOUT_DURATION=60
+RESET_PASSWORD_LINK_EXPIRES=900

 # --------------------------------------------
 # OPTIONAL: MISC
@@ -134,6 +145,5 @@ APP_LOG_MAX_FILES=10
 APP_LOCKED=false
 APP_CIPHER=AES-256-CBC
 GOOGLE_MAPS_API=
-BACKUP_ENV=true
 LDAP_MEM_LIM=500M
 LDAP_TIME_LIM=600
--- a/.github/ISSUE_TEMPLATE/Bug_report.md
+++ b/.github/ISSUE_TEMPLATE/Bug_report.md
@@ -48,6 +48,7 @@ If applicable, add screenshots to help explain your problem.
 - Any errors that appear in your browser's error console.
 - Confirm whether the error is reproducible on the demo: https://snipeitapp.com/demo.
 - Include any additional information you can find in `storage/logs` and your webserver's logs.
+- Include the output from `php -m` (this should display what modules you have enabled.)

 **Additional context**
 - Is this a fresh install or an upgrade? 
--- a/.gitignore
+++ b/.gitignore
@@ -60,3 +60,4 @@ phpmd\.xml
 _ide_helper.php
 .phpstorm.meta.php
 _ide_helper_models.php
+/.phplint-cache
--- a/.htaccess
+++ b/.htaccess
@@ -5,7 +5,15 @@

    # Make sure .env files not not browseable if in a sub-directory.
    <FilesMatch "\.env$">
-    Deny from all
+       # Apache 2.2
+       <IfModule !authz_core_module>
+          Deny from all
+       </IfModule>
+       
+       # Apache 2.4+
+       <IfModule authz_core_module>
+          Require all denied
+       </IfModule>
    </FilesMatch>
    
 </IfModule>
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,80 +0,0 @@
-addons:
-    code_climate:
-      repo_token:
-        secure: "C/bUAEpwfZB82dkzI2Nxx3PW5w/BzbKkSyCkp6YjT046jD2/QKvz6ngCFlt3tAWV11TXWFI6D8DzkMmdWOrQl3SGlPZXRD8QOvCiz0HiGMDvlxjAaPaQecGaQZdx/H4m6xTUXRNUVaYmxlMgkkFCWhAp+HZDs0iyOEVamp0Jszg="
-    hosts:
-        - localhost
-sudo: false
-
-# see http://about.travis-ci.org/docs/user/languages/php/ for more hints
-language: php
-
-services:
-  - mysql
-
-# list any PHP version you want to test against
-php:
-  - 7.2
-  - 7.3.0
-  - 7.4
-
-
-# execute any number of scripts before the test run, custom env's are available as variables
-before_script:
-  - phpenv config-add .github/travis-memory.ini
-  - phantomjs --webdriver=4444  &
-  - sleep 4
-  - mysql -e 'CREATE DATABASE snipeit_unit;'
-  - mysql -e 'CREATE USER "travis'@'localhost";'
-  - mysql -e 'GRANT ALL PRIVILEGES ON * . * TO "travis'@'localhost";'
-  - mysql -e 'FLUSH PRIVILEGES;'
-  - cp .env.testing-ci .env
-  - composer self-update
-  - composer install -n --prefer-source
-  - chmod -R 777 storage
-  - php artisan migrate --env=testing-ci --database=mysql --force
-  - ./vendor/bin/codecept build
-  - php artisan --env=testing-ci key:generate 
-  - php artisan --env=testing-ci snipeit:travisci-install
-  - php artisan --env=testing-ci db:seed --database=mysql --force
-  - php artisan --env=testing-ci snipeit:create-admin --first_name=Alison --last_name=Foobar --email=me@example.com --username=snipe --password=password
-  - php artisan --env=testing-ci passport:install
-  - php artisan serve --env=testing-ci --port=8000 --host=localhost &
-  - sleep 5
-  - pip install --user codecov
-  - sleep 5
-
-
-
-# omitting "script:" will default to phpunit
-# use the $DB env variable to determine the phpunit.xml to use
-# script: ./vendor/bin/codecept run --env testing-ci
-script:
-  - ./vendor/bin/codecept run unit
-#  - ./vendor/bin/codecept run acceptance --env=testing-ci
-  - ./vendor/bin/codecept run functional --env=functional-travis -g func1
-  - ./vendor/bin/codecept run functional --env=functional-travis -g func2
-  - ./vendor/bin/codecept run api --env=functional-travis
-
-after_script:
-  - vendor/bin/test-reporter
-
-after_success:
-  - codecov
-
-after_failure:
-  - cat tests/_output/*.fail.html
-  - curl http://localhost:8000/login
-  - cat storage/logs/laravel.log
-
-# configure notifications (email, IRC, campfire etc)
-notifications:
-  email: false
-  slack:
-    secure: vv9we1RxB9RsrMbomSdq6D7vz/okobw87pEkgIZjB+hj1QpQ2by90gsPsOa+NgsJEFaEP7e4KlT6SH8kK+zhbmuKaUd3d1//XdcancE22LZXi6tkiB5yuR/Jhhb1LLDqyGJTB4D92hMnnCPiUjpxNA3r437ttNeYRdYIEEP3drA=
-  webhooks:
-    urls:
-      - https://webhooks.gitter.im/e/5e136eb0c1965f3918d0
-    on_success: change  # options: [always|never|change] default: always
-    on_failure: change  # options: [always|never|change] default: always
-    on_start: false     # default: false
--- a/Dockerfile.alpine
+++ b/Dockerfile.alpine
@@ -1,6 +1,6 @@
-FROM alpine:3.8
+FROM alpine:3.12
 # Apache + PHP
-RUN  apk add --update --no-cache \
+RUN  apk add --no-cache \
        apache2 \
        php7 \
        php7-common \
@@ -23,6 +23,8 @@ RUN  apk add --update --no-cache \
        php7-fileinfo \
        php7-simplexml \
        php7-session \
+        php7-dom \
+        php7-xmlwriter \
        curl \
        wget \
        vim \
--- a/README.md
+++ b/README.md
@@ -1,13 +1,11 @@
-[![Build Status](https://travis-ci.org/snipe/snipe-it.svg?branch=master)](https://travis-ci.org/snipe/snipe-it) [![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.svg)](https://crowdin.com/project/snipe-it) [![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/snipe/snipe-it?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeitapp.svg?style=social)](https://twitter.com/snipeitapp)  [![Codacy Badge](https://api.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://www.codacy.com/app/snipe/snipe-it?utm_source=github.com&amp;utm_medium=referral&amp;utm_content=snipe/snipe-it&amp;utm_campaign=Badge_Grade)
-[![All Contributors](https://img.shields.io/badge/all_contributors-189-orange.svg?style=flat-square)](#contributors) [![Open Source Helpers](https://www.codetriage.com/snipe/snipe-it/badges/users.svg)](https://www.codetriage.com/snipe/snipe-it)
-[![All Contributors](https://img.shields.io/badge/all_contributors-212-orange.svg?style=flat-square)](#contributors) [![Open Source Helpers](https://www.codetriage.com/snipe/snipe-it/badges/users.svg)](https://www.codetriage.com/snipe/snipe-it)
-
+![Build Status](https://app.chipperci.com/projects/0e5f8979-31eb-4ee6-9abf-050b76ab0383/status/master) [![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.svg)](https://crowdin.com/project/snipe-it) [![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/snipe/snipe-it?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeitapp.svg?style=social)](https://twitter.com/snipeitapp)  [![Codacy Badge](https://api.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://www.codacy.com/app/snipe/snipe-it?utm_source=github.com&amp;utm_medium=referral&amp;utm_content=snipe/snipe-it&amp;utm_campaign=Badge_Grade)
+[![All Contributors](https://img.shields.io/badge/all_contributors-233-orange.svg?style=flat-square)](#contributors) 

 ## Snipe-IT - Open Source Asset Management System

 This is a FOSS project for asset management in IT Operations. Knowing who has which laptop, when it was purchased in order to depreciate it correctly, handling software licenses, etc.

-It is built on [Laravel 5.5](http://laravel.com).
+It is built on [Laravel 6](http://laravel.com).

 Snipe-IT is actively developed and we [release quite frequently](https://github.com/snipe/snipe-it/releases). ([Check out the live demo here](https://snipeitapp.com/demo/).)

@@ -64,7 +62,8 @@ Since the release of the JSON REST API, several third-party developers have been
 - [Snipe-IT plugin for Jira Service Desk (beta)](https://marketplace.atlassian.com/apps/1220379/snipe-it-for-jira-service-desk-beta?hosting=cloud&tab=overview) - for the upcoming Snipe-IT v5 only
 - [Python 3 CSV importer](https://github.com/gastamper/snipeit-csvimporter) - allows importing assets into Snipe-IT based on Item Name rather than Asset Tag.
 - [Snipe-IT Kubernetes Helm Chart](https://github.com/t3n/helm-charts/tree/master/snipeit) - For more information, [click here](https://hub.helm.sh/charts/t3n/snipeit).
-
+- [Snipe-IT Bulk Edit](https://github.com/bricelabelle/snipe-it-bulkedit) - Google Script files to use Google Sheets as a bulk checkout/checkin/edit tool for Snipe-it.
+                                                     
 As these were created by third-parties, Snipe-IT cannot provide support for these project, and you should contact the developers directly if you need assistance. Additionally, Snipe-IT makes no guarantees as to the reliability, accuracy or maintainability of these libraries. Use at your own risk. :) 

 -----
@@ -91,7 +90,7 @@ Thanks goes to all of these wonderful people ([emoji key](https://github.com/ken
 <!-- ALL-CONTRIBUTORS-LIST:START - Do not remove or modify this section -->
 | [<img src="https://avatars3.githubusercontent.com/u/197404?v=3" width="110px;"/><br /><sub>snipe</sub>](http://www.snipe.net)<br />[💻](https://github.com/snipe/snipe-it/commits?author=snipe "Code") [🚇](#infra-snipe "Infrastructure (Hosting, Build-Tools, etc)") [📖](https://github.com/snipe/snipe-it/commits?author=snipe "Documentation") [⚠️](https://github.com/snipe/snipe-it/commits?author=snipe "Tests") [🐛](https://github.com/snipe/snipe-it/issues?q=author%3Asnipe "Bug reports") [🎨](#design-snipe "Design") [👀](#review-snipe "Reviewed Pull Requests") | [<img src="https://avatars0.githubusercontent.com/u/36335?v=3" width="110px;"/><br /><sub>Brady Wetherington</sub>](http://www.uberbrady.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=uberbrady "Code") [📖](https://github.com/snipe/snipe-it/commits?author=uberbrady "Documentation") [🚇](#infra-uberbrady "Infrastructure (Hosting, Build-Tools, etc)") [👀](#review-uberbrady "Reviewed Pull Requests") | [<img src="https://avatars0.githubusercontent.com/u/3803132?v=3" width="110px;"/><br /><sub>Daniel Meltzer</sub>](https://github.com/dmeltzer)<br />[💻](https://github.com/snipe/snipe-it/commits?author=dmeltzer "Code") [⚠️](https://github.com/snipe/snipe-it/commits?author=dmeltzer "Tests") [📖](https://github.com/snipe/snipe-it/commits?author=dmeltzer "Documentation") | [<img src="https://avatars0.githubusercontent.com/u/1609106?v=3" width="110px;"/><br /><sub>Michael T</sub>](http://www.tuckertechonline.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mtucker6784 "Code") | [<img src="https://avatars2.githubusercontent.com/u/3274937?v=3" width="110px;"/><br /><sub>madd15</sub>](https://github.com/madd15)<br />[📖](https://github.com/snipe/snipe-it/commits?author=madd15 "Documentation") [💬](#question-madd15 "Answering Questions") | [<img src="https://avatars2.githubusercontent.com/u/894126?v=3" width="110px;"/><br /><sub>Vincent Sposato</sub>](https://github.com/vsposato)<br />[💻](https://github.com/snipe/snipe-it/commits?author=vsposato "Code") | [<img src="https://avatars0.githubusercontent.com/u/1639757?v=3" width="110px;"/><br /><sub>Andrea Bergamasco</sub>](https://github.com/vjandrea)<br />[💻](https://github.com/snipe/snipe-it/commits?author=vjandrea "Code") |
 | :---: | :---: | :---: | :---: | :---: | :---: | :---: |
-| [<img src="https://avatars0.githubusercontent.com/u/10640152?v=3" width="110px;"/><br /><sub>Karol</sub>](https://github.com/kpawelski)<br />[🌍](#translation-kpawelski "Translation") [💻](https://github.com/snipe/snipe-it/commits?author=kpawelski "Code") | [<img src="https://avatars3.githubusercontent.com/u/600106?v=3" width="110px;"/><br /><sub>morph027</sub>](http://blog.morph027.de/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=morph027 "Code") | [<img src="https://avatars3.githubusercontent.com/u/22935755?v=3" width="110px;"/><br /><sub>fvleminckx</sub>](https://github.com/fvleminckx)<br />[🚇](#infra-fvleminckx "Infrastructure (Hosting, Build-Tools, etc)") | [<img src="https://avatars2.githubusercontent.com/u/15633547?v=3" width="110px;"/><br /><sub>itsupportcmsukorg</sub>](https://github.com/itsupportcmsukorg)<br />[💻](https://github.com/snipe/snipe-it/commits?author=itsupportcmsukorg "Code") [🐛](https://github.com/snipe/snipe-it/issues?q=author%3Aitsupportcmsukorg "Bug reports") | [<img src="https://avatars3.githubusercontent.com/u/12373799?v=3" width="110px;"/><br /><sub>Frank</sub>](https://override.io)<br />[💻](https://github.com/snipe/snipe-it/commits?author=base-zero "Code") | [<img src="https://avatars0.githubusercontent.com/u/10137?v=3" width="110px;"/><br /><sub>Deleted user</sub>](https://github.com/ghost)<br />[🌍](#translation-ghost "Translation") | [<img src="https://avatars1.githubusercontent.com/u/10802313?v=3" width="110px;"/><br /><sub>tiagom62</sub>](https://github.com/tiagom62)<br />[💻](https://github.com/snipe/snipe-it/commits?author=tiagom62 "Code") [🚇](#infra-tiagom62 "Infrastructure (Hosting, Build-Tools, etc)") |
+| [<img src="https://avatars0.githubusercontent.com/u/10640152?v=3" width="110px;"/><br /><sub>Karol</sub>](https://github.com/kpawelski)<br />[🌍](#translation-kpawelski "Translation") [💻](https://github.com/snipe/snipe-it/commits?author=kpawelski "Code") | [<img src="https://avatars3.githubusercontent.com/u/600106?v=3" width="110px;"/><br /><sub>morph027</sub>](http://blog.morph027.de/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=morph027 "Code") | [<img src="https://avatars3.githubusercontent.com/u/22935755?v=3" width="110px;"/><br /><sub>fvleminckx</sub>](https://github.com/fvleminckx)<br />[🚇](#infra-fvleminckx "Infrastructure (Hosting, Build-Tools, etc)") | [<img src="https://avatars2.githubusercontent.com/u/15633547?v=3" width="110px;"/><br /><sub>itsupportcmsukorg</sub>](https://github.com/itsupportcmsukorg)<br />[💻](https://github.com/snipe/snipe-it/commits?author=itsupportcmsukorg "Code") [🐛](https://github.com/snipe/snipe-it/issues?q=author%3Aitsupportcmsukorg "Bug reports") | [<img src="https://avatars3.githubusercontent.com/u/12373799?v=3" width="110px;"/><br /><sub>Frank</sub>](https://override.io)<br />[💻](https://github.com/snipe/snipe-it/commits?author=base-zero "Code") | [<img src="https://avatars0.githubusercontent.com/u/10137?v=3" width="110px;"/><br /><sub>Deleted user</sub>](https://github.com/ghost)<br />[🌍](#translation-ghost "Translation") [💻](https://github.com/snipe/snipe-it/commits?author=ghost "Code") | [<img src="https://avatars1.githubusercontent.com/u/10802313?v=3" width="110px;"/><br /><sub>tiagom62</sub>](https://github.com/tiagom62)<br />[💻](https://github.com/snipe/snipe-it/commits?author=tiagom62 "Code") [🚇](#infra-tiagom62 "Infrastructure (Hosting, Build-Tools, etc)") |
 | [<img src="https://avatars3.githubusercontent.com/u/2389047?v=3" width="110px;"/><br /><sub>Ryan Stafford</sub>](https://github.com/rystaf)<br />[💻](https://github.com/snipe/snipe-it/commits?author=rystaf "Code") | [<img src="https://avatars2.githubusercontent.com/u/10345935?v=3" width="110px;"/><br /><sub>Eammon Hanlon</sub>](https://github.com/ehanlon)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ehanlon "Code") | [<img src="https://avatars0.githubusercontent.com/u/441924?v=3" width="110px;"/><br /><sub>zjean</sub>](https://github.com/zjean)<br />[💻](https://github.com/snipe/snipe-it/commits?author=zjean "Code") | [<img src="https://avatars0.githubusercontent.com/u/12660103?v=3" width="110px;"/><br /><sub>Matthias Frei</sub>](http://www.frei.media)<br />[💻](https://github.com/snipe/snipe-it/commits?author=FREImedia "Code") | [<img src="https://avatars0.githubusercontent.com/u/3767518?v=3" width="110px;"/><br /><sub>opsydev</sub>](https://github.com/opsydev)<br />[💻](https://github.com/snipe/snipe-it/commits?author=opsydev "Code") | [<img src="https://avatars1.githubusercontent.com/u/82290?v=3" width="110px;"/><br /><sub>Daniel Dreier</sub>](http://www.ddreier.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ddreier "Code") | [<img src="https://avatars0.githubusercontent.com/u/23448?v=3" width="110px;"/><br /><sub>Nikolai Prokoschenko</sub>](http://rassie.org)<br />[💻](https://github.com/snipe/snipe-it/commits?author=rassie "Code") |
 | [<img src="https://avatars0.githubusercontent.com/u/13452757?v=3" width="110px;"/><br /><sub>Drew</sub>](https://github.com/YetAnotherCodeMonkey)<br />[💻](https://github.com/snipe/snipe-it/commits?author=YetAnotherCodeMonkey "Code") | [<img src="https://avatars0.githubusercontent.com/u/1342320?v=3" width="110px;"/><br /><sub>Walter</sub>](https://github.com/merid14)<br />[💻](https://github.com/snipe/snipe-it/commits?author=merid14 "Code") | [<img src="https://avatars3.githubusercontent.com/u/11254614?v=3" width="110px;"/><br /><sub>Petr Baloun</sub>](https://github.com/balous)<br />[💻](https://github.com/snipe/snipe-it/commits?author=balous "Code") | [<img src="https://avatars0.githubusercontent.com/u/6117660?v=3" width="110px;"/><br /><sub>reidblomquist</sub>](https://github.com/reidblomquist)<br />[📖](https://github.com/snipe/snipe-it/commits?author=reidblomquist "Documentation") | [<img src="https://avatars0.githubusercontent.com/u/539914?v=3" width="110px;"/><br /><sub>Mathieu Kooiman</sub>](https://github.com/mathieuk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mathieuk "Code") | [<img src="https://avatars3.githubusercontent.com/u/6606421?v=3" width="110px;"/><br /><sub>csayre</sub>](https://github.com/csayre)<br />[📖](https://github.com/snipe/snipe-it/commits?author=csayre "Documentation") | [<img src="https://avatars1.githubusercontent.com/u/768488?v=3" width="110px;"/><br /><sub>Adam Dunson</sub>](https://github.com/adamdunson)<br />[💻](https://github.com/snipe/snipe-it/commits?author=adamdunson "Code") |
 | [<img src="https://avatars0.githubusercontent.com/u/5547470?v=3" width="110px;"/><br /><sub>Hereward</sub>](https://github.com/thehereward)<br />[💻](https://github.com/snipe/snipe-it/commits?author=thehereward "Code") | [<img src="https://avatars0.githubusercontent.com/u/5802977?v=3" width="110px;"/><br /><sub>swoopdk</sub>](https://github.com/swoopdk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=swoopdk "Code") | [<img src="https://avatars1.githubusercontent.com/u/3470403?v=3" width="110px;"/><br /><sub>Abdullah Alansari</sub>](https://linkedin.com/in/ahimta)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Ahimta "Code") | [<img src="https://avatars0.githubusercontent.com/u/796443?v=3" width="110px;"/><br /><sub>Micael Rodrigues</sub>](https://github.com/MicaelRodrigues)<br />[💻](https://github.com/snipe/snipe-it/commits?author=MicaelRodrigues "Code") | [<img src="https://avatars0.githubusercontent.com/u/614564?v=3" width="110px;"/><br /><sub>Patrick Gallagher</sub>](http://macadmincorner.com)<br />[📖](https://github.com/snipe/snipe-it/commits?author=patgmac "Documentation") | [<img src="https://avatars3.githubusercontent.com/u/7165922?v=3" width="110px;"/><br /><sub>Miliamber</sub>](https://github.com/Miliamber)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Miliamber "Code") | [<img src="https://avatars3.githubusercontent.com/u/861766?v=3" width="110px;"/><br /><sub>hawk554</sub>](https://github.com/hawk554)<br />[💻](https://github.com/snipe/snipe-it/commits?author=hawk554 "Code") |
@@ -115,14 +114,15 @@ Thanks goes to all of these wonderful people ([emoji key](https://github.com/ken
 | [<img src="https://avatars2.githubusercontent.com/u/982885?v=4" width="110px;"/><br /><sub>Martin Stub</sub>](http://martinstub.dk)<br />[🌍](#translation-stubben "Translation") | [<img src="https://avatars2.githubusercontent.com/u/28959963?v=4" width="110px;"/><br /><sub>Meyer Flavio</sub>](https://github.com/meyerf99)<br />[🌍](#translation-meyerf99 "Translation") | [<img src="https://avatars3.githubusercontent.com/u/796443?v=4" width="110px;"/><br /><sub>Micael Rodrigues</sub>](https://github.com/MicaelRodrigues)<br />[🌍](#translation-MicaelRodrigues "Translation") | [<img src="https://avatars0.githubusercontent.com/u/10481331?v=4" width="110px;"/><br /><sub>Mikael Rasmussen</sub>](http://rubixy.com/)<br />[🌍](#translation-mikaelssen "Translation") | [<img src="https://avatars1.githubusercontent.com/u/1544552?v=4" width="110px;"/><br /><sub>IxFail</sub>](https://github.com/IxFail)<br />[🌍](#translation-IxFail "Translation") | [<img src="https://avatars3.githubusercontent.com/u/18483118?v=4" width="110px;"/><br /><sub>Mohammed Fota</sub>](http://www.mohammedfota.com)<br />[🌍](#translation-MohammedFota "Translation") | [<img src="https://avatars0.githubusercontent.com/u/227080?v=4" width="110px;"/><br /><sub>Moayad Alserihi</sub>](https://github.com/omego)<br />[🌍](#translation-omego "Translation") |
 | [<img src="https://avatars0.githubusercontent.com/u/1680266?v=4" width="110px;"/><br /><sub>saymd</sub>](https://github.com/saymd)<br />[🌍](#translation-saymd "Translation") | [<img src="https://avatars0.githubusercontent.com/u/1826808?v=4" width="110px;"/><br /><sub>Patrik Larsson</sub>](https://nordsken.se)<br />[🌍](#translation-pooot "Translation") | [<img src="https://avatars1.githubusercontent.com/u/20584746?v=4" width="110px;"/><br /><sub>drcryo</sub>](https://github.com/drcryo)<br />[🌍](#translation-drcryo "Translation") | [<img src="https://avatars1.githubusercontent.com/u/19408004?v=4" width="110px;"/><br /><sub>pawel1615</sub>](https://github.com/pawel1615)<br />[🌍](#translation-pawel1615 "Translation") | [<img src="https://avatars2.githubusercontent.com/u/23340468?v=4" width="110px;"/><br /><sub>bodrovics</sub>](https://github.com/bodrovics)<br />[🌍](#translation-bodrovics "Translation") | [<img src="https://avatars0.githubusercontent.com/u/3257654?v=4" width="110px;"/><br /><sub>priatna</sub>](https://github.com/priatna)<br />[🌍](#translation-priatna "Translation") | [<img src="https://avatars1.githubusercontent.com/u/5358374?v=4" width="110px;"/><br /><sub>Fan Jiang</sub>](https://amayume.net)<br />[🌍](#translation-ProfFan "Translation") |
 | [<img src="https://avatars1.githubusercontent.com/u/22555451?v=4" width="110px;"/><br /><sub>ragnarcx</sub>](https://github.com/ragnarcx)<br />[🌍](#translation-ragnarcx "Translation") | [<img src="https://avatars2.githubusercontent.com/u/18654582?v=4" width="110px;"/><br /><sub>Rein van Haaren</sub>](http://www.reinvanhaaren.nl/)<br />[🌍](#translation-reinvanhaaren "Translation") | [<img src="https://avatars1.githubusercontent.com/u/386672?v=4" width="110px;"/><br /><sub>Teguh Dwicaksana</sub>](http://dheche.songolimo.net)<br />[🌍](#translation-dheche "Translation") | [<img src="https://avatars2.githubusercontent.com/u/2572552?v=4" width="110px;"/><br /><sub>fraccie</sub>](https://github.com/FRaccie)<br />[🌍](#translation-FRaccie "Translation") | [<img src="https://avatars0.githubusercontent.com/u/35182720?v=4" width="110px;"/><br /><sub>vinzruzell</sub>](https://github.com/vinzruzell)<br />[🌍](#translation-vinzruzell "Translation") | [<img src="https://avatars1.githubusercontent.com/u/7883603?v=4" width="110px;"/><br /><sub>Kevin Austin</sub>](http://kevinaustin.com)<br />[🌍](#translation-vipsystem "Translation") | [<img src="https://avatars3.githubusercontent.com/u/3861828?v=4" width="110px;"/><br /><sub>Wira Sandy</sub>](http://azuraweb.xyz)<br />[🌍](#translation-wira-sandy "Translation") |
-| [<img src="https://avatars2.githubusercontent.com/u/8663789?v=4" width="110px;"/><br /><sub>Илья</sub>](https://github.com/GrayHoax)<br />[🌍](#translation-GrayHoax "Translation") | [<img src="https://avatars3.githubusercontent.com/u/30119111?v=4" width="110px;"/><br /><sub>GodUseVPN</sub>](https://github.com/godusevpn)<br />[🌍](#translation-godusevpn "Translation") | [<img src="https://avatars1.githubusercontent.com/u/745576?v=4" width="110px;"/><br /><sub>周周</sub>](https://github.com/EngrZhou)<br />[🌍](#translation-EngrZhou "Translation") | [<img src="https://avatars3.githubusercontent.com/u/1631095?v=4" width="110px;"/><br /><sub>Sam</sub>](https://github.com/takuy)<br />[💻](https://github.com/snipe/snipe-it/commits?author=takuy "Code") | [<img src="https://avatars1.githubusercontent.com/u/264022?v=4" width="110px;"/><br /><sub>Azerothian</sub>](https://www.illisian.com.au)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Azerothian "Code") | [<img src="https://avatars1.githubusercontent.com/u/7632599?v=4" width="110px;"/><br /><sub>Tim Farmer</sub>](https://github.com/timothyfarmer)<br />[💻](https://github.com/snipe/snipe-it/commits?author=timothyfarmer "Code") | [<img src="https://avatars0.githubusercontent.com/u/17459600?v=4" width="110px;"/><br /><sub>Marián Skrip</sub>](https://github.com/mskrip)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mskrip "Code") |
-| [<img src="https://avatars2.githubusercontent.com/u/47435081?v=4" width="110px;"/><br /><sub>Godfrey Martinez</sub>](https://github.com/Godmartinz)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Godmartinz "Code") | [<img src="https://avatars1.githubusercontent.com/u/2075128?v=4" width="110px;"/><br /><sub>bigtreeEdo</sub>](https://github.com/bigtreeEdo)<br />[💻](https://github.com/snipe/snipe-it/commits?author=bigtreeEdo "Code") | [<img src="https://avatars0.githubusercontent.com/u/5000430?v=4" width="110px;"/><br /><sub>Colin  McNeil</sub>](https://colinmcneil.me/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ColinMcNeil "Code") | [<img src="https://avatars0.githubusercontent.com/u/421625?v=4" width="110px;"/><br /><sub>JoKneeMo</sub>](https://github.com/JoKneeMo)<br />[💻](https://github.com/snipe/snipe-it/commits?author=JoKneeMo "Code") | [<img src="https://avatars0.githubusercontent.com/u/54849013?v=4" width="110px;"/><br /><sub>Joshi</sub>](http://www.redbridge.se)<br />[💻](https://github.com/snipe/snipe-it/commits?author=joshi-redbridge "Code") | [<img src="https://avatars2.githubusercontent.com/u/15731458?v=4" width="110px;"/><br /><sub>Anthony Burns</sub>](https://github.com/anthonypburns)<br />[💻](https://github.com/snipe/snipe-it/commits?author=anthonypburns "Code") | [<img src="https://avatars2.githubusercontent.com/u/1972329?v=4" width="110px;"/><br /><sub>Alexander Chibrikin</sub>](http://phpprofi.ru/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=alek13 "Code") |
 | [<img src="https://avatars2.githubusercontent.com/u/8663789?v=4" width="110px;"/><br /><sub>Илья</sub>](https://github.com/GrayHoax)<br />[🌍](#translation-GrayHoax "Translation") | [<img src="https://avatars3.githubusercontent.com/u/30119111?v=4" width="110px;"/><br /><sub>GodUseVPN</sub>](https://github.com/godusevpn)<br />[🌍](#translation-godusevpn "Translation") | [<img src="https://avatars1.githubusercontent.com/u/745576?v=4" width="110px;"/><br /><sub>周周</sub>](https://github.com/EngrZhou)<br />[🌍](#translation-EngrZhou "Translation") | [<img src="https://avatars3.githubusercontent.com/u/1631095?v=4" width="110px;"/><br /><sub>Sam</sub>](https://github.com/takuy)<br />[💻](https://github.com/snipe/snipe-it/commits?author=takuy "Code") | [<img src="https://avatars1.githubusercontent.com/u/264022?v=4" width="110px;"/><br /><sub>Azerothian</sub>](https://www.illisian.com.au)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Azerothian "Code") | [<img src="https://avatars1.githubusercontent.com/u/4930051?v=4" width="110px;"/><br /><sub>Wes Hulette</sub>](http://macfoo.wordpress.com/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jwhulette "Code") | [<img src="https://avatars0.githubusercontent.com/u/8134591?v=4" width="110px;"/><br /><sub>patrict</sub>](https://github.com/patrict)<br />[💻](https://github.com/snipe/snipe-it/commits?author=patrict "Code") |
 | [<img src="https://avatars3.githubusercontent.com/u/2611616?v=4" width="110px;"/><br /><sub>Dmitriy Minaev</sub>](https://github.com/VELIKII-DIVAN)<br />[💻](https://github.com/snipe/snipe-it/commits?author=VELIKII-DIVAN "Code") | [<img src="https://avatars0.githubusercontent.com/u/5132245?v=4" width="110px;"/><br /><sub>liquidhorse</sub>](https://github.com/liquidhorse)<br />[💻](https://github.com/snipe/snipe-it/commits?author=liquidhorse "Code") | [<img src="https://avatars1.githubusercontent.com/u/183678?v=4" width="110px;"/><br /><sub>Jordi Boggiano</sub>](https://seld.be/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Seldaek "Code") | [<img src="https://avatars0.githubusercontent.com/u/653557?v=4" width="110px;"/><br /><sub>Ivan Nieto</sub>](https://github.com/inietov)<br />[💻](https://github.com/snipe/snipe-it/commits?author=inietov "Code") | [<img src="https://avatars2.githubusercontent.com/u/6764151?v=4" width="110px;"/><br /><sub>Ben RUBSON</sub>](https://github.com/benrubson)<br />[💻](https://github.com/snipe/snipe-it/commits?author=benrubson "Code") | [<img src="https://avatars2.githubusercontent.com/u/8554558?v=4" width="110px;"/><br /><sub>NMathar</sub>](https://github.com/NMathar)<br />[💻](https://github.com/snipe/snipe-it/commits?author=NMathar "Code") | [<img src="https://avatars1.githubusercontent.com/u/139566?v=4" width="110px;"/><br /><sub>Steffen</sub>](https://github.com/smb)<br />[💻](https://github.com/snipe/snipe-it/commits?author=smb "Code") |
 | [<img src="https://avatars0.githubusercontent.com/u/6609453?v=4" width="110px;"/><br /><sub>Sxderp</sub>](https://github.com/Sxderp)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Sxderp "Code") | [<img src="https://avatars1.githubusercontent.com/u/4807843?v=4" width="110px;"/><br /><sub>fanta8897</sub>](https://github.com/fanta8897)<br />[💻](https://github.com/snipe/snipe-it/commits?author=fanta8897 "Code") | [<img src="https://avatars2.githubusercontent.com/u/2576509?v=4" width="110px;"/><br /><sub>Andrey Bolonin</sub>](https://andreybolonin.com/phpconsulting/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=andreybolonin "Code") | [<img src="https://avatars3.githubusercontent.com/u/2173307?v=4" width="110px;"/><br /><sub>shinayoshi</sub>](http://www.shinayoshi.net/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=shinayoshi "Code") | [<img src="https://avatars3.githubusercontent.com/u/2130159?v=4" width="110px;"/><br /><sub>Hubert</sub>](https://github.com/reuser)<br />[💻](https://github.com/snipe/snipe-it/commits?author=reuser "Code") | [<img src="https://avatars0.githubusercontent.com/u/6865789?v=4" width="110px;"/><br /><sub>KeenRivals</sub>](https://brashear.me)<br />[💻](https://github.com/snipe/snipe-it/commits?author=KeenRivals "Code") | [<img src="https://avatars3.githubusercontent.com/u/2902513?v=4" width="110px;"/><br /><sub>omyno</sub>](https://github.com/omyno)<br />[💻](https://github.com/snipe/snipe-it/commits?author=omyno "Code") |
 | [<img src="https://avatars1.githubusercontent.com/u/6271335?v=4" width="110px;"/><br /><sub>Evgeny</sub>](https://github.com/jackka)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jackka "Code") | [<img src="https://avatars2.githubusercontent.com/u/1169963?v=4" width="110px;"/><br /><sub>Colin Campbell</sub>](https://digitalist.se)<br />[💻](https://github.com/snipe/snipe-it/commits?author=colin-campbell "Code") | [<img src="https://avatars3.githubusercontent.com/u/2872098?v=4" width="110px;"/><br /><sub>Ľubomír Kučera</sub>](https://github.com/lubo)<br />[💻](https://github.com/snipe/snipe-it/commits?author=lubo "Code") | [<img src="https://avatars3.githubusercontent.com/u/570639?v=4" width="110px;"/><br /><sub>Martin Meredith</sub>](https://www.sourceguru.net)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Mezzle "Code") | [<img src="https://avatars1.githubusercontent.com/u/7632599?v=4" width="110px;"/><br /><sub>Tim Farmer</sub>](https://github.com/timothyfarmer)<br />[💻](https://github.com/snipe/snipe-it/commits?author=timothyfarmer "Code") | [<img src="https://avatars0.githubusercontent.com/u/17459600?v=4" width="110px;"/><br /><sub>Marián Skrip</sub>](https://github.com/mskrip)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mskrip "Code") | [<img src="https://avatars2.githubusercontent.com/u/47435081?v=4" width="110px;"/><br /><sub>Godfrey Martinez</sub>](https://github.com/Godmartinz)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Godmartinz "Code") |
 | [<img src="https://avatars1.githubusercontent.com/u/2075128?v=4" width="110px;"/><br /><sub>bigtreeEdo</sub>](https://github.com/bigtreeEdo)<br />[💻](https://github.com/snipe/snipe-it/commits?author=bigtreeEdo "Code") | [<img src="https://avatars0.githubusercontent.com/u/5000430?v=4" width="110px;"/><br /><sub>Colin  McNeil</sub>](https://colinmcneil.me/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ColinMcNeil "Code") | [<img src="https://avatars0.githubusercontent.com/u/421625?v=4" width="110px;"/><br /><sub>JoKneeMo</sub>](https://github.com/JoKneeMo)<br />[💻](https://github.com/snipe/snipe-it/commits?author=JoKneeMo "Code") | [<img src="https://avatars0.githubusercontent.com/u/54849013?v=4" width="110px;"/><br /><sub>Joshi</sub>](http://www.redbridge.se)<br />[💻](https://github.com/snipe/snipe-it/commits?author=joshi-redbridge "Code") | [<img src="https://avatars2.githubusercontent.com/u/15731458?v=4" width="110px;"/><br /><sub>Anthony Burns</sub>](https://github.com/anthonypburns)<br />[💻](https://github.com/snipe/snipe-it/commits?author=anthonypburns "Code") | [<img src="https://avatars1.githubusercontent.com/u/63399474?v=4" width="110px;"/><br /><sub>johnson-yi</sub>](https://github.com/johnson-yi)<br />[💻](https://github.com/snipe/snipe-it/commits?author=johnson-yi "Code") | [<img src="https://avatars1.githubusercontent.com/u/1862720?v=4" width="110px;"/><br /><sub>Sanjay Govind</sub>](https://tangentmc.net)<br />[💻](https://github.com/snipe/snipe-it/commits?author=sanjay900 "Code") |
-| [<img src="https://avatars0.githubusercontent.com/u/1255375?v=4" width="110px;"/><br /><sub>Peter Upfold</sub>](https://peter.upfold.org.uk/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=PeterUpfold "Code") | [<img src="https://avatars2.githubusercontent.com/u/961717?v=4" width="110px;"/><br /><sub>Jared Biel</sub>](https://github.com/jbiel)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jbiel "Code") |
+| [<img src="https://avatars0.githubusercontent.com/u/1255375?v=4" width="110px;"/><br /><sub>Peter Upfold</sub>](https://peter.upfold.org.uk/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=PeterUpfold "Code") | [<img src="https://avatars2.githubusercontent.com/u/961717?v=4" width="110px;"/><br /><sub>Jared Biel</sub>](https://github.com/jbiel)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jbiel "Code") | [<img src="https://avatars1.githubusercontent.com/u/1733625?v=4" width="110px;"/><br /><sub>Dampfklon</sub>](https://github.com/dampfklon)<br />[💻](https://github.com/snipe/snipe-it/commits?author=dampfklon "Code") | [<img src="https://avatars2.githubusercontent.com/u/52973156?v=4" width="110px;"/><br /><sub>Charles Hamilton</sub>](https://communityclosing.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=chamilton-ccn "Code") | [<img src="https://avatars.githubusercontent.com/u/551789?v=4" width="110px;"/><br /><sub>Giuseppe Iannello</sub>](https://github.com/giannello)<br />[💻](https://github.com/snipe/snipe-it/commits?author=giannello "Code") | [<img src="https://avatars.githubusercontent.com/u/3691490?v=4" width="110px;"/><br /><sub>Peter Dave Hello</sub>](https://www.peterdavehello.org/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=PeterDaveHello "Code") | [<img src="https://avatars.githubusercontent.com/u/6106332?v=4" width="110px;"/><br /><sub>sigmoidal</sub>](https://github.com/sigmoidal)<br />[💻](https://github.com/snipe/snipe-it/commits?author=sigmoidal "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/2082554?v=4" width="110px;"/><br /><sub>Vincent Lainé</sub>](https://github.com/phenixdotnet)<br />[💻](https://github.com/snipe/snipe-it/commits?author=phenixdotnet "Code") | [<img src="https://avatars.githubusercontent.com/u/1943040?v=4" width="110px;"/><br /><sub>Lucas Pleß</sub>](http://www.lucas-pless.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=derlucas "Code") | [<img src="https://avatars.githubusercontent.com/u/472804?v=4" width="110px;"/><br /><sub>Ian Littman</sub>](http://twitter.com/iansltx)<br />[💻](https://github.com/snipe/snipe-it/commits?author=iansltx "Code") | [<img src="https://avatars.githubusercontent.com/u/3519029?v=4" width="110px;"/><br /><sub>João Paulo</sub>](https://github.com/PauloLuna)<br />[💻](https://github.com/snipe/snipe-it/commits?author=PauloLuna "Code") | [<img src="https://avatars.githubusercontent.com/u/70443365?v=4" width="110px;"/><br /><sub>ThoBur</sub>](https://github.com/ThoBur)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ThoBur "Code") | [<img src="https://avatars.githubusercontent.com/u/1972329?v=4" width="110px;"/><br /><sub>Alexander Chibrikin</sub>](http://phpprofi.ru/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=alek13 "Code") | [<img src="https://avatars.githubusercontent.com/u/438332?v=4" width="110px;"/><br /><sub>Anthony Winstanley</sub>](https://github.com/winstan)<br />[💻](https://github.com/snipe/snipe-it/commits?author=winstan "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/3075214?v=4" width="110px;"/><br /><sub>Folke</sub>](https://github.com/fashberg)<br />[💻](https://github.com/snipe/snipe-it/commits?author=fashberg "Code") | [<img src="https://avatars.githubusercontent.com/u/1351571?v=4" width="110px;"/><br /><sub>Bennett Blodinger</sub>](https://github.com/benwa)<br />[💻](https://github.com/snipe/snipe-it/commits?author=benwa "Code") | [<img src="https://avatars.githubusercontent.com/u/2974631?v=4" width="110px;"/><br /><sub>NMC</sub>](https://nmc.dev)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ncareau "Code") | [<img src="https://avatars.githubusercontent.com/u/52182449?v=4" width="110px;"/><br /><sub>andres-baller</sub>](https://github.com/andres-baller)<br />[💻](https://github.com/snipe/snipe-it/commits?author=andres-baller "Code") | [<img src="https://avatars.githubusercontent.com/u/67109348?v=4" width="110px;"/><br /><sub>sean-borg</sub>](https://github.com/sean-borg)<br />[💻](https://github.com/snipe/snipe-it/commits?author=sean-borg "Code") | [<img src="https://avatars.githubusercontent.com/u/32170051?v=4" width="110px;"/><br /><sub>EDVLeer</sub>](https://github.com/EDVLeer)<br />[💻](https://github.com/snipe/snipe-it/commits?author=EDVLeer "Code") | [<img src="https://avatars.githubusercontent.com/u/23075196?v=4" width="110px;"/><br /><sub>Kurokat</sub>](https://github.com/Kurokat)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Kurokat "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/915514?v=4" width="110px;"/><br /><sub>Kevin Köllmann</sub>](https://www.kevinkoellmann.de)<br />[💻](https://github.com/snipe/snipe-it/commits?author=koelle25 "Code") | [<img src="https://avatars.githubusercontent.com/u/49025941?v=4" width="110px;"/><br /><sub>sw-mreyes</sub>](https://github.com/sw-mreyes)<br />[💻](https://github.com/snipe/snipe-it/commits?author=sw-mreyes "Code") |
 <!-- ALL-CONTRIBUTORS-LIST:END -->

 This project follows the [all-contributors](https://github.com/kentcdodds/all-contributors) specification. Contributions of any kind welcome!
--- a/app/Console/Commands/FixMismatchedAssetsAndLogs.php
+++ b/app/Console/Commands/FixMismatchedAssetsAndLogs.php
@@ -0,0 +1,105 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\Actionlog;
+use App\Models\Asset;
+use Illuminate\Console\Command;
+
+class FixMismatchedAssetsAndLogs extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:fix-assets-and-logs {--dryrun : Run the sync process but don\'t update the database}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This script attempts to check the log table and check that the assets.assigned_to matches the last checkout.';
+
+    /**
+     * Is dry-run?
+     *
+     * @var bool
+     */
+    private $dryrun = false;
+
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+        if ($this->option('dryrun')) {
+            $this->dryrun = true;
+        }
+
+        if ($this->dryrun) {
+            $this->info('This is a DRY RUN - no changes will be saved.' );
+        }
+
+        $mismatch_count = 0;
+        $assets = Asset::whereNotNull('assigned_to')
+            ->where('assigned_type', '=', 'App\\Models\\User')
+            ->orderBy('id', 'ASC')->get();
+        foreach ($assets as $asset) {
+
+            // get the last checkout of the asset
+            if ($checkout_log = Actionlog::where('target_type', '=', 'App\\Models\\User')
+                ->where('action_type', '=', 'checkout')
+                ->where('item_id', '=', $asset->id)
+                ->orderBy('created_at', 'DESC')
+                ->first()) {
+
+                    // Now check for a subsequent checkin log - we want to ignore those
+                    if (!$checkin_log = Actionlog::where('target_type', '=', 'App\\Models\\User')
+                        ->where('action_type', '=', 'checkin from')
+                        ->where('item_id', '=', $asset->id)
+                        ->whereDate('created_at', '>', $checkout_log->created_at)
+                        ->orderBy('created_at', 'DESC')
+                        ->first()) {
+
+                        //print_r($asset);
+                        if ($checkout_log->target_id != $asset->assigned_to) {
+                            $this->error('Log ID: '.$checkout_log->id.' -- Asset ID '. $checkout_log->item_id.' SHOULD BE checked out to User '.$checkout_log->target_id.' but its assigned_to is '.$asset->assigned_to );
+
+                            if (!$this->dryrun) {
+                                $asset->assigned_to = $checkout_log->target_id;
+                                if ($asset->save()) {
+                                    $this->info('Asset record updated.');
+                                } else {
+                                    $this->error('Error updating asset: '.$asset->getErrors());
+                                }
+                            }
+                            $mismatch_count++;
+                        }
+                    } else {
+                        //$this->info('Asset ID '.$asset->id.': There is a checkin '.$checkin_log->created_at.' after this checkout '.$checkout_log->created_at);
+
+                    }
+
+            }
+
+        }
+        $this->info($mismatch_count.' mismatched assets.');
+
+    }
+}
--- a/app/Console/Commands/ImportLocations.php
+++ b/app/Console/Commands/ImportLocations.php
@@ -88,11 +88,13 @@ class ImportLocations extends Command

            if (array_key_exists('Parent Name', $row)) {
                $parent_name = trim($row['Parent Name']);
+            } else {
+                $parent_name = null;
            }

            // Set the location attributes to save
            if (array_key_exists('Name', $row)) {
-                $location = Location::firstOrNew(array('name' => trim($row['Name'])));
+                $location = Location::firstOrCreate(array('name' => trim($row['Name'])));
                $location->name = trim($row['Name']);
                $this->info('Checking location: '.$location->name);
            } else {
--- a/app/Console/Commands/LdapSync.php
+++ b/app/Console/Commands/LdapSync.php
@@ -1,24 +1,14 @@
 <?php

-declare(strict_types=1);
-
 namespace App\Console\Commands;

-use Log;
-use Exception;
-use App\Models\User;
-use App\Services\LdapAd;
-use App\Models\Location;
 use Illuminate\Console\Command;
-use Adldap\Models\User as AdldapUser;
+use App\Models\Setting;
+use App\Models\Ldap;
+use App\Models\User;
+use App\Models\Location;
+use Log;

-/**
- * LDAP / AD sync command.
- *
- * @author Wes Hulette <jwhulette@gmail.com>
- *
- * @since 5.0.0
- */
 class LdapSync extends Command
 {
    /**
@@ -26,79 +16,23 @@ class LdapSync extends Command
     *
     * @var string
     */
-    protected $signature = 'snipeit:ldap-sync 
-                {--location= : A location name } 
-                {--location_id= : A location id} 
-                {--base_dn= : A diffrent base DN to use } 
-                {--summary : Print summary } 
-                {--json_summary : Print summary in json format } 
-                {--dryrun : Run the sync process but don\'t update the database}';
+    protected $signature = 'snipeit:ldap-sync {--location=} {--location_id=} {--base_dn=} {--summary} {--json_summary}';

    /**
     * The console command description.
     *
     * @var string
     */
-    protected $description = 'Command line LDAP/AD sync';
-
-    /**
-     * An LdapAd instance.
-     *
-     * @var \App\Models\LdapAd
-     */
-    private $ldap;
-
-    /**
-     * LDAP settings collection.
-     *
-     * @var \Illuminate\Support\Collection
-     */
-    private $settings = null;
-
-    /**
-     * A default location collection.
-     *
-     * @var \Illuminate\Support\Collection
-     */
-    private $defaultLocation = null;
-
-    /**
-     * Mapped locations collection.
-     *
-     * @var \Illuminate\Support\Collection
-     */
-    private $mappedLocations = null;
-
-    /**
-     * The summary collection.
-     *
-     * @var \Illuminate\Support\Collection
-     */
-    private $summary;
-
-    /**
-     * Is dry-run?
-     *
-     * @var bool
-     */
-    private $dryrun = false;
-
-    /**
-     * Show users to be imported.
-     *
-     * @var array
-     */
-    private $userlist = [];
+    protected $description = 'Command line LDAP sync';

    /**
     * Create a new command instance.
+     *
+     * @return void
     */
-    public function __construct(LdapAd $ldap)
+    public function __construct()
    {
        parent::__construct();
-        $this->ldap     = $ldap;
-        $this->settings = $this->ldap->ldapSettings;
-        $this->summary  = collect();
    }

    /**
@@ -108,274 +42,241 @@ class LdapSync extends Command
     */
    public function handle()
    {
-        ini_set('max_execution_time', '600'); //600 seconds = 10 minutes
-        ini_set('memory_limit', '500M');
-        $old_error_reporting = error_reporting(); // grab old error_reporting .ini setting, for later re-enablement
-        error_reporting($old_error_reporting & ~E_DEPRECATED); // disable deprecation warnings, for LDAP in PHP 7.4 (and greater)
+        ini_set('max_execution_time', env('LDAP_TIME_LIM', 600)); //600 seconds = 10 minutes
+        ini_set('memory_limit', env('LDAP_MEM_LIM', '500M'));
+        $ldap_result_username = Setting::getSettings()->ldap_username_field;
+        $ldap_result_last_name = Setting::getSettings()->ldap_lname_field;
+        $ldap_result_first_name = Setting::getSettings()->ldap_fname_field;

-        if ($this->option('dryrun')) {
-            $this->dryrun = true;
-        }
-        $this->checkIfLdapIsEnabled();
-        $this->checkLdapConnetion();
-        $this->setBaseDn();
-        $this->getUserDefaultLocation();
-        /*
-         * Use the default location if set, this is needed for the LDAP users sync page
-         */
-        if (!$this->option('base_dn') && null == $this->defaultLocation) {
-            $this->getMappedLocations();
-        }
-        $this->processLdapUsers();
-        // Print table of users
-        if ($this->dryrun) {
-            $this->info('The following users will be synced!');
-            $headers = ['First Name', 'Last Name', 'Username', 'Email', 'Employee #', 'Location Id', 'Status'];
-            $this->table($headers, $this->summary->toArray());
+        $ldap_result_active_flag = Setting::getSettings()->ldap_active_flag_field;
+        $ldap_result_emp_num = Setting::getSettings()->ldap_emp_num;
+        $ldap_result_email = Setting::getSettings()->ldap_email;
+
+        try {
+            $ldapconn = Ldap::connectToLdap();
+            Ldap::bindAdminToLdap($ldapconn);
+        } catch (\Exception $e) {
+            if ($this->option('json_summary')) {
+                $json_summary = [ "error" => true, "error_message" => $e->getMessage(), "summary" => [] ];
+                $this->info(json_encode($json_summary));
+            }
+            LOG::info($e);
+            return [];
        }

-        error_reporting($old_error_reporting); // re-enable deprecation warnings.
-        return $this->getSummary();
-    }
+        $summary = array();

-    /**
-     * Generate the LDAP sync summary.
-     *
-     * @author Wes Hulette <jwhulette@gmail.com>
-     *
-     * @since 5.0.0
-     *
-     * @return string
-     */
-    private function getSummary(): string
-    {
-        if ($this->option('summary') && null === $this->dryrun) {
-            $this->summary->each(function ($item) {
-                $this->info('USER: '.$item['note']);
-
-                if ('ERROR' === $item['status']) {
-                    $this->error('ERROR: '.$item['note']);
-                }
-            });
-        } elseif ($this->option('json_summary')) {
-            $json_summary = [
-                'error' => false,
-                'error_message' => '',
-                'summary' => $this->summary->toArray(),
-            ];
-            $this->info(json_encode($json_summary));
-        }
-
-        return '';
-    }
-
-    /**
-     * Create a new user or update an existing user.
-     *
-     * @author Wes Hulette <jwhulette@gmail.com>
-     *
-     * @since 5.0.0
-     *
-     * @param \Adldap\Models\User $snipeUser
-     */
-    private function updateCreateUser(AdldapUser $snipeUser): void
-    {
-        $user = $this->ldap->processUser($snipeUser, $this->defaultLocation, $this->mappedLocations);
-        $summary = [
-            'firstname'       => $user->first_name,
-            'lastname'        => $user->last_name,
-            'username'        => $user->username,
-            'employee_number' => $user->employee_num,
-            'email'           => $user->email,
-            'location_id'     => $user->location_id,
-        ];
-        // Only update the database if is not a dry run
-        if (!$this->dryrun) {
-            if ($user->save()) {
-                $summary['note']   = ($user->wasRecentlyCreated ? 'CREATED' : 'UPDATED');
-                $summary['status'] = 'SUCCESS';
+        try {
+            if ($this->option('base_dn') != '') {
+                $search_base = $this->option('base_dn');
+                LOG::debug('Importing users from specified base DN: \"'.$search_base.'\".');
            } else {
+                $search_base = null;
+            }
+            $results = Ldap::findLdapUsers($search_base);
+        } catch (\Exception $e) {
+            if ($this->option('json_summary')) {
+                $json_summary = [ "error" => true, "error_message" => $e->getMessage(), "summary" => [] ];
+                $this->info(json_encode($json_summary));
+            }
+            LOG::info($e);
+            return [];
+        }
+
+        /* Determine which location to assign users to by default. */
+        $location = NULL; // FIXME - this would be better called "$default_location", which is more explicit about its purpose
+
+        if ($this->option('location')!='') {
+            $location = Location::where('name', '=', $this->option('location'))->first();
+            LOG::debug('Location name '.$this->option('location').' passed');
+            LOG::debug('Importing to '.$location->name.' ('.$location->id.')');
+        } elseif ($this->option('location_id')!='') {
+            $location = Location::where('id', '=', $this->option('location_id'))->first();
+            LOG::debug('Location ID '.$this->option('location_id').' passed');
+            LOG::debug('Importing to '.$location->name.' ('.$location->id.')');
+        }
+
+        if (!isset($location)) {
+            LOG::debug('That location is invalid or a location was not provided, so no location will be assigned by default.');
+        }
+
+        /* Process locations with explicitly defined OUs, if doing a full import. */
+        if ($this->option('base_dn')=='') {
+            // Retrieve locations with a mapped OU, and sort them from the shallowest to deepest OU (see #3993)
+            $ldap_ou_locations = Location::where('ldap_ou', '!=', '')->get()->toArray();
+            $ldap_ou_lengths = array();
+
+            foreach ($ldap_ou_locations as $ou_loc) {
+                $ldap_ou_lengths[] = strlen($ou_loc["ldap_ou"]);
+            }
+
+            array_multisort($ldap_ou_lengths, SORT_ASC, $ldap_ou_locations);
+
+            if (sizeof($ldap_ou_locations) > 0) {
+                LOG::debug('Some locations have special OUs set. Locations will be automatically set for users in those OUs.');
+            }
+
+            // Inject location information fields
+            for ($i = 0; $i < $results["count"]; $i++) {
+                $results[$i]["ldap_location_override"] = false;
+                $results[$i]["location_id"] = 0;
+            }
+
+            // Grab subsets based on location-specific DNs, and overwrite location for these users.
+            foreach ($ldap_ou_locations as $ldap_loc) {
+                try {
+                    $location_users = Ldap::findLdapUsers($ldap_loc["ldap_ou"]);
+                } catch (\Exception $e) { // FIXME: this is stolen from line 77 or so above
+                    if ($this->option('json_summary')) {
+                        $json_summary = [ "error" => true, "error_message" => trans('admin/users/message.error.ldap_could_not_search')." Location: ".$ldap_loc['name']." (ID: ".$ldap_loc['id'].") cannot connect to \"".$ldap_loc["ldap_ou"]."\" - ".$e->getMessage(), "summary" => [] ];
+                        $this->info(json_encode($json_summary));
+                    }
+                    LOG::info($e);
+                    return [];
+                }
+                $usernames = array();
+                for ($i = 0; $i < $location_users["count"]; $i++) {
+
+                    if (array_key_exists($ldap_result_username, $location_users[$i])) {
+                        $location_users[$i]["ldap_location_override"] = true;
+                        $location_users[$i]["location_id"] = $ldap_loc["id"];
+                        $usernames[] = $location_users[$i][$ldap_result_username][0];
+                    }
+
+                }
+
+                // Delete located users from the general group.
+                foreach ($results as $key => $generic_entry) {
+                   if ((is_array($generic_entry)) && (array_key_exists($ldap_result_username, $generic_entry))) {
+                        if (in_array($generic_entry[$ldap_result_username][0], $usernames)) {
+                            unset($results[$key]);
+                        }
+                    }
+                }
+
+                $global_count = $results['count'];
+                $results = array_merge($location_users, $results);
+                $results['count'] = $global_count;
+            }
+        }
+
+        /* Create user account entries in Snipe-IT */
+        $tmp_pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
+        $pass = bcrypt($tmp_pass);
+
+        for ($i = 0; $i < $results["count"]; $i++) {
+            if (empty($ldap_result_active_flag) || $results[$i][$ldap_result_active_flag][0] == "TRUE") {
+
+                $item = array();
+                $item["username"] = isset($results[$i][$ldap_result_username][0]) ? $results[$i][$ldap_result_username][0] : "";
+                $item["employee_number"] = isset($results[$i][$ldap_result_emp_num][0]) ? $results[$i][$ldap_result_emp_num][0] : "";
+                $item["lastname"] = isset($results[$i][$ldap_result_last_name][0]) ? $results[$i][$ldap_result_last_name][0] : "";
+                $item["firstname"] = isset($results[$i][$ldap_result_first_name][0]) ? $results[$i][$ldap_result_first_name][0] : "";
+                $item["email"] = isset($results[$i][$ldap_result_email][0]) ? $results[$i][$ldap_result_email][0] : "" ;
+                $item["ldap_location_override"] = isset($results[$i]["ldap_location_override"]) ? $results[$i]["ldap_location_override"]:"";
+                $item["location_id"] = isset($results[$i]["location_id"]) ? $results[$i]["location_id"]:"";
+
+                $user = User::where('username', $item["username"])->first();
+                if ($user) {
+                    // Updating an existing user.
+                    $item["createorupdate"] = 'updated';
+                } else {
+                    // Creating a new user.
+                    $user = new User;
+                    $user->password = $pass;
+                    $user->activated = 0;
+                    $item["createorupdate"] = 'created';
+                }
+
+                $user->first_name = $item["firstname"];
+                $user->last_name = $item["lastname"];
+                $user->username = $item["username"];
+                $user->email = $item["email"];
+                $user->employee_num = e($item["employee_number"]);
+
+                // Sync activated state for Active Directory.
+                if ( array_key_exists('useraccountcontrol', $results[$i]) ) {
+                    /* The following is _probably_ the correct logic, but we can't use it because
+                       some users may have been dependent upon the previous behavior, and this
+                       could cause additional access to be available to users they don't want
+                       to allow to log in.
+
+                    $useraccountcontrol = $results[$i]['useraccountcontrol'][0];
+                    if(
+                        // based on MS docs at: https://support.microsoft.com/en-us/help/305144/how-to-use-useraccountcontrol-to-manipulate-user-account-properties
+                        ($useraccountcontrol & 0x200) && // is a NORMAL_ACCOUNT
+                        !($useraccountcontrol & 0x02) && // *and* _not_ ACCOUNTDISABLE
+                        !($useraccountcontrol & 0x10)    // *and* _not_ LOCKOUT
+                    ) {
+                        $user->activated = 1;
+                    } else {
+                        $user->activated = 0;
+                    } */
+                  $enabled_accounts = [
+                    '512',    // 0x200    NORMAL_ACCOUNT
+                    '544',    // 0x220    NORMAL_ACCOUNT, PASSWD_NOTREQD
+                    '66048',  // 0x10200  NORMAL_ACCOUNT, DONT_EXPIRE_PASSWORD
+                    '66080',  // 0x10220  NORMAL_ACCOUNT, PASSWD_NOTREQD, DONT_EXPIRE_PASSWORD
+                    '262656', // 0x40200  NORMAL_ACCOUNT, SMARTCARD_REQUIRED
+                    '262688', // 0x40220  NORMAL_ACCOUNT, PASSWD_NOTREQD, SMARTCARD_REQUIRED
+                    '328192', // 0x50200  NORMAL_ACCOUNT, SMARTCARD_REQUIRED, DONT_EXPIRE_PASSWORD
+                    '328224', // 0x50220  NORMAL_ACCOUNT, PASSWD_NOT_REQD, SMARTCARD_REQUIRED, DONT_EXPIRE_PASSWORD
+                    '4260352',// 0x410200 NORMAL_ACCOUNT, DONT_EXPIRE_PASSWORD, DONT_REQ_PREAUTH
+                    '1049088',// 0x100200 NORMAL_ACCOUNT, NOT_DELEGATED
+                  ];
+                  $user->activated = ( in_array($results[$i]['useraccountcontrol'][0], $enabled_accounts) ) ? 1 : 0;
+                }
+
+                // If we're not using AD, and there isn't an activated flag set, activate all users
+                elseif (empty($ldap_result_active_flag)) {
+                  $user->activated = 1;
+                }
+
+                if ($item['ldap_location_override'] == true) {
+                    $user->location_id = $item['location_id'];
+                } elseif ((isset($location)) && (!empty($location))) {
+
+                    if ((is_array($location)) && (array_key_exists('id', $location))) {
+                        $user->location_id = $location['id'];
+                    } elseif (is_object($location)) {
+                        $user->location_id = $location->id;
+                    }
+
+                }
+
+                $user->ldap_import = 1;
+
                $errors = '';
-                foreach ($user->getErrors()->getMessages() as  $error) {
-                    $errors .= implode(", ",$error);
-                }
-                $summary['note']   = $snipeUser->getDN().' was not imported. REASON: '.$errors;
-                $summary['status'] = 'ERROR';
-            }
-        }

-        // $summary['note'] = ($user->getOriginal('username') ? 'UPDATED' : 'CREATED'); // this seems, kinda, like, superfluous, relative to the $summary['note'] thing above, yeah?
-        $this->summary->push($summary);
-    }
-
-    /**
-     * Process the users to update / create.
-     *
-     * @author Wes Hulette <jwhulette@gmail.com>
-     *
-     * @since 5.0.0
-     *
-     * @param int $page The page to get the result set
-     */
-    private function processLdapUsers(int $page=0): void
-    {
-        try {
-            $ldapUsers = $this->ldap->getLdapUsers($page);
-        } catch (Exception $e) {
-            $this->outputError($e);
-            exit($e->getMessage());
-        }
-
-        if (0 == $ldapUsers->count()) {
-            $msg = 'ERROR: No users found!';
-            Log::error($msg);
-            if ($this->dryrun) {
-                $this->error($msg);
-            }
-            exit($msg);
-        }
-
-        // Process each individual users
-        foreach ($ldapUsers as $user) {
-            $this->updateCreateUser($user);
-        }
-
-        if ($ldapUsers->getCurrentPage() < $ldapUsers->getPages()-1) {
-            $this->processLdapUsers($ldapUsers->getCurrentPage() + 1);
-        }
-    }
-
-    /**
-     * Get the mapped locations if a base_dn is provided.
-     *
-     * @author Wes Hulette <jwhulette@gmail.com>
-     *
-     * @since 5.0.0
-     */
-    private function getMappedLocations()
-    {
-        $ldapOuLocation = Location::where('ldap_ou', '!=', '')->select(['id', 'ldap_ou'])->get();
-        $locations = $ldapOuLocation->sortBy(function ($ou, $key) {
-            return strlen($ou->ldap_ou);
-        });
-        if ($locations->count() > 0) {
-            $msg = 'Some locations have special OUs set. Locations will be automatically set for users in those OUs.';
-            LOG::debug($msg);
-            if ($this->dryrun) {
-                $this->info($msg);
-            }
-
-            $this->mappedLocations = $locations->pluck('ldap_ou', 'id'); // TODO: this seems ok-ish, but the key-> value is going location_id -> OU name, and the primary action here is the opposite of that - going from OU's to location ID's.
-        }
-    }
-
-    /**
-     * Set the base dn if supplied.
-     *
-     * @author Wes Hulette <jwhulette@gmail.com>
-     *
-     * @since 5.0.0
-     */
-    private function setBaseDn(): void
-    {
-        if ($this->option('base_dn')) {
-            $this->ldap->baseDn = $this->option('base_dn');
-            $msg = sprintf('Importing users from specified base DN: "%s"', $this->ldap->baseDn);
-            LOG::debug($msg);
-            if ($this->dryrun) {
-                $this->info($msg);
-            }
-        }
-    }
-
-    /**
-     * Get a default location id for imported users.
-     *
-     * @author Wes Hulette <jwhulette@gmail.com>
-     *
-     * @since 5.0.0
-     */
-    private function getUserDefaultLocation(): void
-    {
-        $location = $this->option('location_id') ?? $this->option('location');
-        if ($location) {
-            $userLocation = Location::where('name', '=', $location)
-                ->orWhere('id', '=', intval($location))
-                ->select(['name', 'id'])
-                ->first();
-            if ($userLocation) {
-                $msg = 'Importing users with default location: '.$userLocation->name.' ('.$userLocation->id.')';
-                LOG::debug($msg);
-
-                if ($this->dryrun) {
-                    $this->info($msg);
+                if ($user->save()) {
+                    $item["note"] = $item["createorupdate"];
+                    $item["status"]='success';
+                } else {
+                    foreach ($user->getErrors()->getMessages() as $key => $err) {
+                        $errors .= $err[0];
+                    }
+                    $item["note"] = $errors;
+                    $item["status"]='error';
                }

-                $this->defaultLocation = collect([
-                    $userLocation->id => $userLocation->name,
-                ]);
-            } else {
-                $msg = 'The supplied location is invalid!';
-                LOG::error($msg);
-                if ($this->dryrun) {
-                    $this->error($msg);
-                }
-                exit(0);
+                array_push($summary, $item);
            }
-        }
-    }

-    /**
-     * Check if LDAP intergration is enabled.
-     *
-     * @author Wes Hulette <jwhulette@gmail.com>
-     *
-     * @since 5.0.0
-     */
-    private function checkIfLdapIsEnabled(): void
-    {
-        if (false === $this->settings['ldap_enabled']) {
-            $msg = 'LDAP intergration is not enabled. Exiting sync process.';
-            $this->info($msg);
-            Log::info($msg);
-            exit(0);
        }
-    }

-    /**
-     * Check to make sure we can access the server.
-     *
-     * @author Wes Hulette <jwhulette@gmail.com>
-     *
-     * @since 5.0.0
-     */
-    private function checkLdapConnetion(): void
-    {
-        try {
-            $this->ldap->testLdapAdUserConnection();
-            $this->ldap->testLdapAdBindConnection();
-        } catch (Exception $e) {
-            $this->outputError($e);
-            exit(0);
-        }
-    }
-
-    /**
-     * Output the json summary to the screen if enabled.
-     *
-     * @param Exception $error
-     */
-    private function outputError($error): void
-    {
-        if ($this->option('json_summary')) {
-            $json_summary = [
-                'error' => true,
-                'error_message' => $error->getMessage(),
-                'summary' => [],
-            ];
+        if ($this->option('summary')) {
+            for ($x = 0; $x < count($summary); $x++) {
+                if ($summary[$x]['status']=='error') {
+                    $this->error('ERROR: '.$summary[$x]['firstname'].' '.$summary[$x]['lastname'].' (username:  '.$summary[$x]['username'].') was not imported: '.$summary[$x]['note']);
+                } else {
+                    $this->info('User '.$summary[$x]['firstname'].' '.$summary[$x]['lastname'].' (username:  '.$summary[$x]['username'].') was '.strtoupper($summary[$x]['createorupdate']).'.');
+                }
+            }
+        } else if ($this->option('json_summary')) {
+            $json_summary = [ "error" => false, "error_message" => "", "summary" => $summary ]; // hardcoding the error to false and the error_message to blank seems a bit weird
            $this->info(json_encode($json_summary));
+        } else {
+            return $summary;
        }
-        $this->error($error->getMessage());
-        LOG::error($error);
    }
 }
--- a/app/Console/Commands/LdapSyncNg.php
+++ b/app/Console/Commands/LdapSyncNg.php
@@ -0,0 +1,399 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Console\Commands;
+
+use Log;
+use Exception;
+use App\Models\User;
+use App\Services\LdapAd;
+use App\Models\Location;
+use Illuminate\Console\Command;
+use Adldap\Models\User as AdldapUser;
+
+/**
+ * LDAP / AD sync command.
+ *
+ * @author Wes Hulette <jwhulette@gmail.com>
+ *
+ * @since 5.0.0
+ */
+class LdapSyncNg extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:ldap-sync-ng 
+                {--location= : A location name } 
+                {--location_id= : A location id} 
+                {--base_dn= : A diffrent base DN to use } 
+                {--summary : Print summary } 
+                {--json_summary : Print summary in json format } 
+                {--dryrun : Run the sync process but don\'t update the database}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Command line LDAP/AD sync';
+
+    /**
+     * An LdapAd instance.
+     *
+     * @var \App\Models\LdapAd
+     */
+    private $ldap;
+
+    /**
+     * LDAP settings collection.
+     *
+     * @var \Illuminate\Support\Collection
+     */
+    private $settings = null;
+
+    /**
+     * A default location collection.
+     *
+     * @var \Illuminate\Support\Collection
+     */
+    private $defaultLocation = null;
+
+    /**
+     * Mapped locations collection.
+     *
+     * @var \Illuminate\Support\Collection
+     */
+    private $mappedLocations = null;
+
+    /**
+     * The summary collection.
+     *
+     * @var \Illuminate\Support\Collection
+     */
+    private $summary;
+
+    /**
+     * Is dry-run?
+     *
+     * @var bool
+     */
+    private $dryrun = false;
+
+    /**
+     * Show users to be imported.
+     *
+     * @var array
+     */
+    private $userlist = [];
+
+    /**
+     * Create a new command instance.
+     */
+    public function __construct(LdapAd $ldap)
+    {
+        parent::__construct();
+        $this->ldap     = $ldap;
+        $this->settings = $this->ldap->ldapSettings;
+        $this->summary  = collect();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+        $dispatcher =  \Adldap\Adldap::getEventDispatcher();
+
+        // Listen for all model events.
+        $dispatcher->listen('Adldap\Models\Events\*', function ($eventName, array $data) {
+            echo $eventName; // Returns 'Adldap\Models\Events\Updating'
+            var_dump($data); // Returns [0] => (object) Adldap\Models\Events\Updating;
+            \Log::debug("Event: ".$eventName." data - ".print_r($data, true));
+        });
+        $dispatcher->listen('Adldap\Auth\Events\*', function ($eventName, array $data) {
+            echo $eventName; // Returns 'Adldap\Models\Events\Updating'
+            var_dump($data); // Returns [0] => (object) Adldap\Models\Events\Updating;
+            \Log::debug("Event: ".$eventName." data - ".print_r($data, true));
+        });
+
+        ini_set('max_execution_time', env('LDAP_TIME_LIM', "600")); //600 seconds = 10 minutes
+        ini_set('memory_limit', '500M');
+        $old_error_reporting = error_reporting(); // grab old error_reporting .ini setting, for later re-enablement
+        error_reporting($old_error_reporting & ~E_DEPRECATED); // disable deprecation warnings, for LDAP in PHP 7.4 (and greater)
+
+        if ($this->option('dryrun')) {
+            $this->dryrun = true;
+        }
+        $this->checkIfLdapIsEnabled();
+        $this->checkLdapConnection();
+        $this->setBaseDn();
+        $this->getUserDefaultLocation();
+        /*
+         * Use the default location if set, this is needed for the LDAP users sync page
+         */
+        if (!$this->option('base_dn') && null == $this->defaultLocation) {
+            $this->getMappedLocations();
+        }
+        $this->processLdapUsers();
+        // Print table of users
+        if ($this->dryrun) {
+            $this->info('The following users will be synced!');
+            $headers = ['First Name', 'Last Name', 'Username', 'Email', 'Employee #', 'Location Id', 'Status'];
+            $this->table($headers, $this->summary->toArray());
+        }
+
+        error_reporting($old_error_reporting); // re-enable deprecation warnings.
+        return $this->getSummary();
+    }
+
+    /**
+     * Generate the LDAP sync summary.
+     *
+     * @author Wes Hulette <jwhulette@gmail.com>
+     *
+     * @since 5.0.0
+     *
+     * @return string
+     */
+    private function getSummary(): string
+    {
+        if ($this->option('summary') && null === $this->dryrun) {
+            $this->summary->each(function ($item) {
+                $this->info('USER: '.$item['note']);
+
+                if ('ERROR' === $item['status']) {
+                    $this->error('ERROR: '.$item['note']);
+                }
+            });
+        } elseif ($this->option('json_summary')) {
+            $json_summary = [
+                'error' => false,
+                'error_message' => '',
+                'summary' => $this->summary->toArray(),
+            ];
+            $this->info(json_encode($json_summary));
+        }
+
+        return '';
+    }
+
+    /**
+     * Create a new user or update an existing user.
+     *
+     * @author Wes Hulette <jwhulette@gmail.com>
+     *
+     * @since 5.0.0
+     *
+     * @param \Adldap\Models\User $snipeUser
+     */
+    private function updateCreateUser(AdldapUser $snipeUser): void
+    {
+        $user = $this->ldap->processUser($snipeUser, $this->defaultLocation, $this->mappedLocations);
+        $summary = [
+            'firstname'       => $user->first_name,
+            'lastname'        => $user->last_name,
+            'username'        => $user->username,
+            'employee_number' => $user->employee_num,
+            'email'           => $user->email,
+            'location_id'     => $user->location_id,
+        ];
+        // Only update the database if is not a dry run
+        if (!$this->dryrun) {
+            if ($user->isDirty()) { //if nothing on the user changed, don't bother trying to save anything nor put anything in the summary
+                if ($user->save()) {
+                    $summary['note']   = ($user->wasRecentlyCreated ? 'CREATED' : 'UPDATED');
+                    $summary['status'] = 'SUCCESS';
+                } else {
+                    $errors = '';
+                    foreach ($user->getErrors()->getMessages() as  $error) {
+                        $errors .= implode(", ",$error);
+                    }
+                    $summary['note']   = $snipeUser->getDN().' was not imported. REASON: '.$errors;
+                    $summary['status'] = 'ERROR';
+                }
+            } else {
+                $summary = null;
+            }
+        }
+
+        // $summary['note'] = ($user->getOriginal('username') ? 'UPDATED' : 'CREATED'); // this seems, kinda, like, superfluous, relative to the $summary['note'] thing above, yeah?
+        if($summary) { //if the $user wasn't dirty, $summary was set to null so that we will skip the following push()
+            $this->summary->push($summary);
+        }
+    }
+
+    /**
+     * Process the users to update / create.
+     *
+     * @author Wes Hulette <jwhulette@gmail.com>
+     *
+     * @since 5.0.0
+     *
+     */
+    private function processLdapUsers(): void
+    {
+        try {
+            \Log::debug("CAL:LING GET LDAP SUSERS");
+            $ldapUsers = $this->ldap->getLdapUsers();
+            \Log::debug("END CALLING GET LDAP USERS");
+        } catch (Exception $e) {
+            $this->outputError($e);
+            exit($e->getMessage());
+        }
+
+        if (0 == $ldapUsers->count()) {
+            $msg = 'ERROR: No users found!';
+            Log::error($msg);
+            if ($this->dryrun) {
+                $this->error($msg);
+            }
+            exit($msg);
+        }
+
+        // Process each individual users
+        foreach ($ldapUsers->getResults() as $user) { // AdLdap2's paginate() method is weird, it gets *everything* and ->getResults() returns *everything*
+            $this->updateCreateUser($user);
+        }
+    }
+
+    /**
+     * Get the mapped locations if a base_dn is provided.
+     *
+     * @author Wes Hulette <jwhulette@gmail.com>
+     *
+     * @since 5.0.0
+     */
+    private function getMappedLocations()
+    {
+        $ldapOuLocation = Location::where('ldap_ou', '!=', '')->select(['id', 'ldap_ou'])->get();
+        $locations = $ldapOuLocation->sortBy(function ($ou, $key) {
+            return strlen($ou->ldap_ou);
+        });
+        if ($locations->count() > 0) {
+            $msg = 'Some locations have special OUs set. Locations will be automatically set for users in those OUs.';
+            LOG::debug($msg);
+            if ($this->dryrun) {
+                $this->info($msg);
+            }
+
+            $this->mappedLocations = $locations->pluck('ldap_ou', 'id'); // TODO: this seems ok-ish, but the key-> value is going location_id -> OU name, and the primary action here is the opposite of that - going from OU's to location ID's.
+        }
+    }
+
+    /**
+     * Set the base dn if supplied.
+     *
+     * @author Wes Hulette <jwhulette@gmail.com>
+     *
+     * @since 5.0.0
+     */
+    private function setBaseDn(): void
+    {
+        if ($this->option('base_dn')) {
+            $this->ldap->baseDn = $this->option('base_dn');
+            $msg = sprintf('Importing users from specified base DN: "%s"', $this->ldap->baseDn);
+            LOG::debug($msg);
+            if ($this->dryrun) {
+                $this->info($msg);
+            }
+        }
+    }
+
+    /**
+     * Get a default location id for imported users.
+     *
+     * @author Wes Hulette <jwhulette@gmail.com>
+     *
+     * @since 5.0.0
+     */
+    private function getUserDefaultLocation(): void
+    {
+        $location = $this->option('location_id') ?? $this->option('location');
+        if ($location) {
+            $userLocation = Location::where('name', '=', $location)
+                ->orWhere('id', '=', intval($location))
+                ->select(['name', 'id'])
+                ->first();
+            if ($userLocation) {
+                $msg = 'Importing users with default location: '.$userLocation->name.' ('.$userLocation->id.')';
+                LOG::debug($msg);
+
+                if ($this->dryrun) {
+                    $this->info($msg);
+                }
+
+                $this->defaultLocation = collect([
+                    $userLocation->id => $userLocation->name,
+                ]);
+            } else {
+                $msg = 'The supplied location is invalid!';
+                LOG::error($msg);
+                if ($this->dryrun) {
+                    $this->error($msg);
+                }
+                exit(0);
+            }
+        }
+    }
+
+    /**
+     * Check if LDAP intergration is enabled.
+     *
+     * @author Wes Hulette <jwhulette@gmail.com>
+     *
+     * @since 5.0.0
+     */
+    private function checkIfLdapIsEnabled(): void
+    {
+        if (false === $this->settings['ldap_enabled']) {
+            $msg = 'LDAP intergration is not enabled. Exiting sync process.';
+            $this->info($msg);
+            Log::info($msg);
+            exit(0);
+        }
+    }
+
+    /**
+     * Check to make sure we can access the server.
+     *
+     * @author Wes Hulette <jwhulette@gmail.com>
+     *
+     * @since 5.0.0
+     */
+    private function checkLdapConnection(): void
+    {
+        try {
+            $this->ldap->testLdapAdUserConnection();
+            $this->ldap->testLdapAdBindConnection();
+        } catch (Exception $e) {
+            $this->outputError($e);
+            exit(0);
+        }
+    }
+
+    /**
+     * Output the json summary to the screen if enabled.
+     *
+     * @param Exception $error
+     */
+    private function outputError($error): void
+    {
+        if ($this->option('json_summary')) {
+            $json_summary = [
+                'error' => true,
+                'error_message' => $error->getMessage(),
+                'summary' => [],
+            ];
+            $this->info(json_encode($json_summary));
+        }
+        $this->error($error->getMessage());
+        LOG::error($error);
+    }
+}
--- a/app/Console/Commands/MergeUsersByUsername.php
+++ b/app/Console/Commands/MergeUsersByUsername.php
@@ -54,7 +54,10 @@ class MergeUsersByUsername extends Command
                foreach ($bad_user->assets as $asset) {
                    $this->info( 'Updating asset '.$asset->asset_tag.' '.$asset->id.' to user '.$user->id);
                    $asset->assigned_to = $user->id;
-                    $asset->save();
+                    if (!$asset->save()) {
+                        $this->error( 'Could not update assigned_to field on asset '.$asset->asset_tag.' '.$asset->id.' to user '.$user->id);
+                        $this->error( 'Error saving: '.$asset->getErrors());
+                    }
                }

                // Walk the list of licenses
--- a/app/Console/Commands/MoveUploadsToNewDisk.php
+++ b/app/Console/Commands/MoveUploadsToNewDisk.php
@@ -47,33 +47,33 @@ class MoveUploadsToNewDisk extends Command
        }
        $delete_local = $this->argument('delete_local');

-        $public_uploads['accessories'] = glob('storage/app/public/accessories'."/*.*");
-        $public_uploads['assets'] = glob('storage/app/public/assets'."/*.*");
-        $public_uploads['avatars'] = glob('storage/app/public/avatars'."/*.*");
-        $public_uploads['categories'] = glob('storage/app/public/categories'."/*.*");
-        $public_uploads['companies'] = glob('storage/app/public/companies'."/*.*");
-        $public_uploads['components'] = glob('storage/app/public/components'."/*.*");
-        $public_uploads['consumables'] = glob('storage/app/public/consumables'."/*.*");
-        $public_uploads['departments'] = glob('storage/app/public/departments'."/*.*");
-        $public_uploads['locations'] = glob('storage/app/public/locations'."/*.*");
-        $public_uploads['manufacturers'] = glob('storage/app/public/manufacturers'."/*.*");
-        $public_uploads['suppliers'] = glob('storage/app/public/suppliers'."/*.*");
-        $public_uploads['assetmodels'] = glob('storage/app/public/models'."/*.*");
+        $public_uploads['accessories'] = glob('public/accessories'."/*.*");
+        $public_uploads['assets'] = glob('public/assets'."/*.*");
+        $public_uploads['avatars'] = glob('public/avatars'."/*.*");
+        $public_uploads['categories'] = glob('public/categories'."/*.*");
+        $public_uploads['companies'] = glob('public/companies'."/*.*");
+        $public_uploads['components'] = glob('public/components'."/*.*");
+        $public_uploads['consumables'] = glob('public/consumables'."/*.*");
+        $public_uploads['departments'] = glob('public/departments'."/*.*");
+        $public_uploads['locations'] = glob('public/locations'."/*.*");
+        $public_uploads['manufacturers'] = glob('public/manufacturers'."/*.*");
+        $public_uploads['suppliers'] = glob('public/suppliers'."/*.*");
+        $public_uploads['assetmodels'] = glob('public/models'."/*.*");


        // iterate files
        foreach($public_uploads as $public_type => $public_upload)
        {
            $type_count = 0;
-            $this->info("\nThere are ".count($public_upload).' PUBLIC '.$public_type.' files.');
+            $this->info("- There are ".count($public_upload).' PUBLIC '.$public_type.' files.');

            for ($i = 0; $i < count($public_upload); $i++) {
                $type_count++;
                $filename = basename($public_upload[$i]);

                try  {
-                    Storage::disk('public')->put($public_type.'/'.$filename, file_get_contents($public_upload[$i]));
-                    $new_url = Storage::disk('public')->url($public_type.'/'.$filename, $filename);
+                    Storage::disk('public')->put('uploads/'.public_type.'/'.$filename, file_get_contents($public_upload[$i]));
+                    $new_url = Storage::disk('public')->url('uploads/'.$public_type.'/'.$filename, $filename);
                    $this->info($type_count.'. PUBLIC: '.$filename.' was copied to '.$new_url);
                } catch (\Exception $e) {
                    \Log::debug($e);
@@ -84,15 +84,16 @@ class MoveUploadsToNewDisk extends Command

        }

-        $logos = glob('public/uploads'."/setting*.*");
-        $this->info("\nThere are ".count($logos).' files that might be logos.');
+        $logos = glob("public/uploads/setting*.*");
+        $this->info("- There are ".count($logos).' files that might be logos.');
        $type_count = 0;

-        for ($l = 0; $l < count($logos); $l++) {
+        foreach ($logos as $logo) {
+            $this->info($logo);
            $type_count++;
-            $filename = basename($logos[$l]);
-            $new_url = Storage::disk('public')->url($logos[$l], file_get_contents($public_upload[$i]));
-            $this->info($type_count.'. LOGO: '.$filename.' was copied to '.$new_url);
+            $filename = basename($logo);
+            Storage::disk('public')->put('uploads/'.$filename, file_get_contents($logo));
+            $this->info($type_count.'. LOGO: '.$filename.' was copied to '.env('PUBLIC_AWS_URL').'/uploads/'.$filename);
        }

        $private_uploads['assets'] = glob('storage/private_uploads/assets'."/*.*");
@@ -107,8 +108,7 @@ class MoveUploadsToNewDisk extends Command

        foreach($private_uploads as $private_type => $private_upload)
        {
-            $this->info("\nThere are ".count($private_upload).' PRIVATE '.$private_type.' files.');
-            // $this->info(print_r($private_upload, true));
+            $this->info("- There are ".count($private_upload).' PRIVATE '.$private_type.' files.');

            $type_count = 0;
            for ($x = 0; $x < count($private_upload); $x++) {
@@ -116,7 +116,7 @@ class MoveUploadsToNewDisk extends Command
                $filename = basename($private_upload[$x]);

                try  {
-                    Storage::disk('private_uploads')->put($private_type.'/'.$filename, file_get_contents($public_upload[$i]));
+                    Storage::put($private_type.'/'.$filename, file_get_contents($private_upload[$i]));
                    $new_url = Storage::url($private_type.'/'.$filename, $filename);
                    $this->info($type_count.'. PRIVATE: '.$filename.' was copied to '.$new_url);

--- a/app/Console/Commands/ObjectImportCommand.php
+++ b/app/Console/Commands/ObjectImportCommand.php
@@ -55,8 +55,10 @@ class ObjectImportCommand extends Command
                 ->setShouldNotify($this->option('send-welcome'))
                 ->setUsernameFormat($this->option('username_format'));

-        $logFile = $this->option('logfile');
-        \Log::useFiles($logFile);
+
+        // This $logFile/useFiles() bit is currently broken, so commenting it out for now
+        // $logFile = $this->option('logfile');
+        // \Log::useFiles($logFile);
        $this->comment('======= Importing Items from '.$filename.' =========');
        $importer->import();

--- a/app/Console/Commands/PurgeLoginAttempts.php
+++ b/app/Console/Commands/PurgeLoginAttempts.php
@@ -0,0 +1,44 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+
+class PurgeLoginAttempts extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:purge-logins';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Clears the login_attempts table';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+        if ($this->confirm("\n****************************************************\nTHIS WILL DELETE ALL OF THE YOUR LOGIN ATTEMPT RECORDS. \nThere is NO undo! \n****************************************************\n\nDo you wish to continue? No backsies! [y|N]")) {
+                \DB::statement('delete from login_attempts');
+        }
+    }
+}
--- a/app/Console/Commands/ResetDemoSettings.php
+++ b/app/Console/Commands/ResetDemoSettings.php
@@ -64,11 +64,8 @@ class ResetDemoSettings extends Command
        $settings->thumbnail_max_h = '30';
        $settings->locale = 'en';
        $settings->version_footer = 'on';
-        $settings->support_footer = 'on';
+        $settings->support_footer = null;
        $settings->saml_enabled = '0';
-        $settings->saml_sp_entitiyid = '0';
-        $settings->saml_sp_acs_url = null;
-        $settings->saml_sp_sls_url = null;
        $settings->saml_sp_x509cert = null;
        $settings->saml_idp_metadata = null;
        $settings->saml_attr_mapping_username = null;
@@ -84,7 +81,7 @@ class ResetDemoSettings extends Command
            $user->save();
        }

-        
+
    }

 }
--- a/app/Console/Commands/SendExpectedCheckinAlerts.php
+++ b/app/Console/Commands/SendExpectedCheckinAlerts.php
@@ -8,6 +8,7 @@ use App\Notifications\ExpectedCheckinAdminNotification;
 use App\Notifications\ExpectedCheckinNotification;
 use Carbon\Carbon;
 use Illuminate\Console\Command;
+use App\Models\Recipients\AlertRecipient;

 class SendExpectedCheckinAlerts extends Command
 {
@@ -58,7 +59,7 @@ class SendExpectedCheckinAlerts extends Command
            $recipients = collect(explode(',', $settings->alert_email))->map(function ($item, $key) {
                return new AlertRecipient($item);
            });
-            Notification::send($recipients, new ExpectedCheckinAdminNotification($assets));
+            \Notification::send($recipients, new ExpectedCheckinAdminNotification($assets));
        }
    }
 }
--- a/app/Console/Commands/SendExpirationAlerts.php
+++ b/app/Console/Commands/SendExpirationAlerts.php
@@ -55,14 +55,14 @@ class SendExpirationAlerts extends Command
            $assets = Asset::getExpiringWarrantee($threshold);
            if ($assets->count() > 0) {
                $this->info(trans_choice('mail.assets_warrantee_alert', $assets->count(), ['count' => $assets->count(), 'threshold' => $threshold]));
-                Notification::send($recipients, new ExpiringAssetsNotification($assets, $threshold));
+                \Notification::send($recipients, new ExpiringAssetsNotification($assets, $threshold));
            }

            // Expiring licenses
            $licenses = License::getExpiringLicenses($threshold);
            if ($licenses->count() > 0) {
                $this->info(trans_choice('mail.license_expiring_alert', $licenses->count(), ['count' => $licenses->count(), 'threshold' => $threshold]));
-                Notification::send($recipients, new ExpiringLicenseNotification($licenses, $threshold));
+                \Notification::send($recipients, new ExpiringLicenseNotification($licenses, $threshold));
            }
        } else {
            if ($settings->alert_email == '') {
--- a/app/Console/Commands/SendInventoryAlerts.php
+++ b/app/Console/Commands/SendInventoryAlerts.php
@@ -52,7 +52,7 @@ class SendInventoryAlerts extends Command
                    return new AlertRecipient($item);
                });

-                Notification::send($recipients, new InventoryAlert($items, $settings->alert_threshold));
+                \Notification::send($recipients, new InventoryAlert($items, $settings->alert_threshold));
            }
        } else {
            if ($settings->alert_email == '') {
--- a/app/Exceptions/Handler.php
+++ b/app/Exceptions/Handler.php
@@ -25,6 +25,7 @@ class Handler extends ExceptionHandler
        \Illuminate\Session\TokenMismatchException::class,
        \Illuminate\Validation\ValidationException::class,
        \Intervention\Image\Exception\NotSupportedException::class,
+        \League\OAuth2\Server\Exception\OAuthServerException::class,
    ];

    /**
@@ -105,7 +106,7 @@ class Handler extends ExceptionHandler
    protected function unauthenticated($request, AuthenticationException $exception)
    {
        if ($request->expectsJson()) {
-            return response()->json(['error' => 'Unauthorized.'], 401);
+            return response()->json(['error' => 'Unauthorized or unauthenticated.'], 401);
        }

        return redirect()->guest('login');
--- a/app/Helpers/Helper.php
+++ b/app/Helpers/Helper.php
@@ -55,27 +55,313 @@ class Helper

    /**
     * Static colors for pie charts.
-     * This is inelegant, and could be refactored later.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v3.3]
     * @return Array
     */
-    public static function chartColors()
+    public static function defaultChartColors($index = 0)
    {
        $colors = [
-            '#f56954',
-            '#00a65a',
-            '#f39c12',
-            '#00c0ef',
-            '#3c8dbc',
-            '#d2d6de',
-            '#3c8dbc',
-            '#3c8dbc',
-            '#3c8dbc',
-
+            "#008941",
+            "#FF4A46",
+            "#006FA6",
+            "#A30059",
+            "#1CE6FF",
+            "#FFDBE5",
+            "#7A4900",
+            "#0000A6",
+            "#63FFAC",
+            "#B79762",
+            "#004D43",
+            "#8FB0FF",
+            "#997D87",
+            "#5A0007",
+            "#809693",
+            "#FEFFE6",
+            "#1B4400",
+            "#4FC601",
+            "#3B5DFF",
+            "#4A3B53",
+            "#FF2F80",
+            "#61615A",
+            "#BA0900",
+            "#6B7900",
+            "#00C2A0",
+            "#FFAA92",
+            "#FF90C9",
+            "#B903AA",
+            "#D16100",
+            "#DDEFFF",
+            "#000035",
+            "#7B4F4B",
+            "#A1C299",
+            "#300018",
+            "#0AA6D8",
+            "#013349",
+            "#00846F",
+            "#372101",
+            "#FFB500",
+            "#C2FFED",
+            "#A079BF",
+            "#CC0744",
+            "#C0B9B2",
+            "#C2FF99",
+            "#001E09",
+            "#00489C",
+            "#6F0062",
+            "#0CBD66",
+            "#EEC3FF",
+            "#456D75",
+            "#B77B68",
+            "#7A87A1",
+            "#788D66",
+            "#885578",
+            "#FAD09F",
+            "#FF8A9A",
+            "#D157A0",
+            "#BEC459",
+            "#456648",
+            "#0086ED",
+            "#886F4C",
+            "#34362D",
+            "#B4A8BD",
+            "#00A6AA",
+            "#452C2C",
+            "#636375",
+            "#A3C8C9",
+            "#FF913F",
+            "#938A81",
+            "#575329",
+            "#00FECF",
+            "#B05B6F",
+            "#8CD0FF",
+            "#3B9700",
+            "#04F757",
+            "#C8A1A1",
+            "#1E6E00",
+            "#7900D7",
+            "#A77500",
+            "#6367A9",
+            "#A05837",
+            "#6B002C",
+            "#772600",
+            "#D790FF",
+            "#9B9700",
+            "#549E79",
+            "#FFF69F",
+            "#201625",
+            "#72418F",
+            "#BC23FF",
+            "#99ADC0",
+            "#3A2465",
+            "#922329",
+            "#5B4534",
+            "#FDE8DC",
+            "#404E55",
+            "#0089A3",
+            "#CB7E98",
+            "#A4E804",
+            "#324E72",
+            "#6A3A4C",
+            "#83AB58",
+            "#001C1E",
+            "#D1F7CE",
+            "#004B28",
+            "#C8D0F6",
+            "#A3A489",
+            "#806C66",
+            "#222800",
+            "#BF5650",
+            "#E83000",
+            "#66796D",
+            "#DA007C",
+            "#FF1A59",
+            "#8ADBB4",
+            "#1E0200",
+            "#5B4E51",
+            "#C895C5",
+            "#320033",
+            "#FF6832",
+            "#66E1D3",
+            "#CFCDAC",
+            "#D0AC94",
+            "#7ED379",
+            "#012C58",
+            "#7A7BFF",
+            "#D68E01",
+            "#353339",
+            "#78AFA1",
+            "#FEB2C6",
+            "#75797C",
+            "#837393",
+            "#943A4D",
+            "#B5F4FF",
+            "#D2DCD5",
+            "#9556BD",
+            "#6A714A",
+            "#001325",
+            "#02525F",
+            "#0AA3F7",
+            "#E98176",
+            "#DBD5DD",
+            "#5EBCD1",
+            "#3D4F44",
+            "#7E6405",
+            "#02684E",
+            "#962B75",
+            "#8D8546",
+            "#9695C5",
+            "#E773CE",
+            "#D86A78",
+            "#3E89BE",
+            "#CA834E",
+            "#518A87",
+            "#5B113C",
+            "#55813B",
+            "#E704C4",
+            "#00005F",
+            "#A97399",
+            "#4B8160",
+            "#59738A",
+            "#FF5DA7",
+            "#F7C9BF",
+            "#643127",
+            "#513A01",
+            "#6B94AA",
+            "#51A058",
+            "#A45B02",
+            "#1D1702",
+            "#E20027",
+            "#E7AB63",
+            "#4C6001",
+            "#9C6966",
+            "#64547B",
+            "#97979E",
+            "#006A66",
+            "#391406",
+            "#F4D749",
+            "#0045D2",
+            "#006C31",
+            "#DDB6D0",
+            "#7C6571",
+            "#9FB2A4",
+            "#00D891",
+            "#15A08A",
+            "#BC65E9",
+            "#FFFFFE",
+            "#C6DC99",
+            "#203B3C",
+            "#671190",
+            "#6B3A64",
+            "#F5E1FF",
+            "#FFA0F2",
+            "#CCAA35",
+            "#374527",
+            "#8BB400",
+            "#797868",
+            "#C6005A",
+            "#3B000A",
+            "#C86240",
+            "#29607C",
+            "#402334",
+            "#7D5A44",
+            "#CCB87C",
+            "#B88183",
+            "#AA5199",
+            "#B5D6C3",
+            "#A38469",
+            "#9F94F0",
+            "#A74571",
+            "#B894A6",
+            "#71BB8C",
+            "#00B433",
+            "#789EC9",
+            "#6D80BA",
+            "#953F00",
+            "#5EFF03",
+            "#E4FFFC",
+            "#1BE177",
+            "#BCB1E5",
+            "#76912F",
+            "#003109",
+            "#0060CD",
+            "#D20096",
+            "#895563",
+            "#29201D",
+            "#5B3213",
+            "#A76F42",
+            "#89412E",
+            "#1A3A2A",
+            "#494B5A",
+            "#A88C85",
+            "#F4ABAA",
+            "#A3F3AB",
+            "#00C6C8",
+            "#EA8B66",
+            "#958A9F",
+            "#BDC9D2",
+            "#9FA064",
+            "#BE4700",
+            "#658188",
+            "#83A485",
+            "#453C23",
+            "#47675D",
+            "#3A3F00",
+            "#061203",
+            "#DFFB71",
+            "#868E7E",
+            "#98D058",
+            "#6C8F7D",
+            "#D7BFC2",
+            "#3C3E6E",
+            "#D83D66",
+            "#2F5D9B",
+            "#6C5E46",
+            "#D25B88",
+            "#5B656C",
+            "#00B57F",
+            "#545C46",
+            "#866097",
+            "#365D25",
+            "#252F99",
+            "#00CCFF",
+            "#674E60",
+            "#FC009C",
+            "#92896B",
        ];
-        return $colors;
+
+
+
+        return $colors[$index];
+
+    }
+
+    /**
+     * Increases or decreases the brightness of a color by a percentage of the current brightness.
+     *
+     * @param   string  $hexCode        Supported formats: `#FFF`, `#FFFFFF`, `FFF`, `FFFFFF`
+     * @param   float   $adjustPercent  A number between -1 and 1. E.g. 0.3 = 30% lighter; -0.4 = 40% darker.
+     *
+     * @return  string
+     */
+    public static function adjustBrightness($hexCode, $adjustPercent) {
+        $hexCode = ltrim($hexCode, '#');
+
+        if (strlen($hexCode) == 3) {
+            $hexCode = $hexCode[0] . $hexCode[0] . $hexCode[1] . $hexCode[1] . $hexCode[2] . $hexCode[2];
+        }
+
+        $hexCode = array_map('hexdec', str_split($hexCode, 2));
+
+        foreach ($hexCode as & $color) {
+            $adjustableLimit = $adjustPercent < 0 ? $color : 255 - $color;
+            $adjustAmount = ceil($adjustableLimit * $adjustPercent);
+
+            $color = str_pad(dechex($color + $adjustAmount), 2, '0', STR_PAD_LEFT);
+        }
+
+        return '#' . implode($hexCode);
    }


@@ -142,6 +428,26 @@ class Helper
        return $statuslabel_list;
    }

+    /**
+     * Get the list of deployable status labels in an array to make a dropdown menu
+     *
+     * @todo This should probably be a selectlist, same as the other endpoints
+     * and we should probably add to the API controllers to make sure that
+     * the status_id submitted is actually really deployable.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v5.1.0]
+     * @return Array
+     */
+    public static function deployableStatusLabelList()
+    {
+        $statuslabel_list =  Statuslabel::where('deployable', '=', '1')->orderBy('default_label', 'desc')
+                ->orderBy('name','asc')
+                ->orderBy('deployable','desc')
+                ->pluck('name', 'id')->toArray();
+        return $statuslabel_list;
+    }
+
    /**
     * Get the list of status label types in an array to make a dropdown menu
     *
--- a/app/Http/Controllers/Accessories/AccessoryCheckoutController.php
+++ b/app/Http/Controllers/Accessories/AccessoryCheckoutController.php
@@ -75,7 +75,8 @@ class AccessoryCheckoutController extends Controller
            'accessory_id' => $accessory->id,
            'created_at' => Carbon::now(),
            'user_id' => Auth::id(),
-            'assigned_to' => $request->get('assigned_to')
+            'assigned_to' => $request->get('assigned_to'),
+            'note' => $request->input('note')
        ]);

        DB::table('accessories_users')->where('assigned_to', '=', $accessory->assigned_to)->where('accessory_id', '=', $accessory->id)->first();
--- a/app/Http/Controllers/Account/AcceptanceController.php
+++ b/app/Http/Controllers/Account/AcceptanceController.php
@@ -94,7 +94,7 @@ class AcceptanceController extends Controller {
        if (!Storage::exists('private_uploads/signatures'))  Storage::makeDirectory('private_uploads/signatures', 775);


-
+        $sig_filename = '';
        if ($request->filled('signature_output')) {
            $sig_filename = "siglog-" .Str::uuid() . '-'.date('Y-m-d-his').".png";
            $data_uri = e($request->input('signature_output'));
--- a/app/Http/Controllers/Api/AccessoriesController.php
+++ b/app/Http/Controllers/Api/AccessoriesController.php
@@ -154,7 +154,6 @@ class AccessoriesController extends Controller
        $offset = request('offset', 0);
        $limit = request('limit', 50);

-        $accessory->lastCheckoutArray = $accessory->lastCheckout->toArray();
        $accessory_users = $accessory->users;
        $total = $accessory_users->count();

--- a/app/Http/Controllers/Api/AssetModelsController.php
+++ b/app/Http/Controllers/Api/AssetModelsController.php
@@ -30,7 +30,20 @@ class AssetModelsController extends Controller
    public function index(Request $request)
    {
        $this->authorize('view', AssetModel::class);
-        $allowed_columns = ['id','image','name','model_number','eol','notes','created_at','manufacturer','requestable', 'assets_count'];
+        $allowed_columns =
+            [
+                'id',
+                'image',
+                'name',
+                'model_number',
+                'eol',
+                'notes',
+                'created_at',
+                'manufacturer',
+                'requestable',
+                'assets_count',
+                'category'
+            ];

        $assetmodels = AssetModel::select([
            'models.id',
@@ -75,13 +88,14 @@ class AssetModelsController extends Controller
            case 'manufacturer':
                $assetmodels->OrderManufacturer($order);
                break;
+            case 'category':
+                $assetmodels->OrderCategory($order);
+                break;
            default:
                $assetmodels->orderBy($sort, $order);
                break;
        }

-
-
        $total = $assetmodels->count();
        $assetmodels = $assetmodels->skip($offset)->take($limit)->get();
        return (new AssetModelsTransformer)->transformAssetModels($assetmodels, $total);
@@ -239,17 +253,17 @@ class AssetModelsController extends Controller
            $assetmodel->use_text = '';

            if ($settings->modellistCheckedValue('category')) {
-                $assetmodel->use_text .= (($assetmodel->category) ? e($assetmodel->category->name).' - ' : '');
+                $assetmodel->use_text .= (($assetmodel->category) ? $assetmodel->category->name.' - ' : '');
            }

            if ($settings->modellistCheckedValue('manufacturer')) {
-                $assetmodel->use_text .= (($assetmodel->manufacturer) ? e($assetmodel->manufacturer->name).' ' : '');
+                $assetmodel->use_text .= (($assetmodel->manufacturer) ? $assetmodel->manufacturer->name.' ' : '');
            }

-            $assetmodel->use_text .=  e($assetmodel->name);
+            $assetmodel->use_text .=  $assetmodel->name;

            if (($settings->modellistCheckedValue('model_number')) && ($assetmodel->model_number!='')) {
-                $assetmodel->use_text .=  ' (#'.e($assetmodel->model_number).')';
+                $assetmodel->use_text .=  ' (#'.$assetmodel->model_number.')';
            }

            $assetmodel->use_image = ($settings->modellistCheckedValue('image') && ($assetmodel->image)) ? Storage::disk('public')->url('models/'.e($assetmodel->image)) : null;
--- a/app/Http/Controllers/Api/AssetsController.php
+++ b/app/Http/Controllers/Api/AssetsController.php
@@ -141,8 +141,6 @@ class AssetsController extends Controller
        }

        $request->filled('order_number') ? $assets = $assets->where('assets.order_number', '=', e($request->get('order_number'))) : '';
-        $offset = (($assets) && (request('offset') > $assets->count())) ? 0 : request('offset', 0);
-

        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
        // case we override with the actual count, so we should return 0 items.
@@ -812,7 +810,7 @@ class AssetsController extends Controller
                $asset->location_id = $request->input('location_id');
            }

-            $asset->last_audit_date = date('Y-m-d h:i:s');
+            $asset->last_audit_date = date('Y-m-d H:i:s');

            if ($asset->save()) {
                $log = $asset->logAudit(request('note'),request('location_id'));
--- a/app/Http/Controllers/Api/DepreciationsController.php
+++ b/app/Http/Controllers/Api/DepreciationsController.php
@@ -20,7 +20,7 @@ class DepreciationsController extends Controller
    public function index(Request $request)
    {
        $this->authorize('view', Depreciation::class);
-        $allowed_columns = ['id','name','created_at'];
+        $allowed_columns = ['id','name','months','created_at'];

        $depreciations = Depreciation::select('id','name','months','user_id','created_at','updated_at');

--- a/app/Http/Controllers/Api/LicensesController.php
+++ b/app/Http/Controllers/Api/LicensesController.php
@@ -103,11 +103,33 @@ class LicensesController extends Controller
            case 'category':
                $licenses = $licenses->leftJoin('categories', 'licenses.category_id', '=', 'categories.id')->orderBy('categories.name', $order);
                break;
+            case 'depreciation':
+                $licenses = $licenses->leftJoin('depreciations', 'licenses.depreciation_id', '=', 'depreciations.id')->orderBy('depreciations.name', $order);
+                break;
            case 'company':
                $licenses = $licenses->leftJoin('companies', 'licenses.company_id', '=', 'companies.id')->orderBy('companies.name', $order);
                break;
            default:
-                $allowed_columns = ['id','name','purchase_cost','expiration_date','purchase_order','order_number','notes','purchase_date','serial','company','category','license_name','license_email','free_seats_count','seats'];
+                $allowed_columns =
+                    [
+                        'id',
+                        'name',
+                        'purchase_cost',
+                        'expiration_date',
+                        'purchase_order',
+                        'order_number',
+                        'notes',
+                        'purchase_date',
+                        'serial',
+                        'company',
+                        'category',
+                        'license_name',
+                        'license_email',
+                        'free_seats_count',
+                        'seats',
+                        'termination_date',
+                        'depreciation_id'
+                    ];
                $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
                $licenses = $licenses->orderBy($sort, $order);
                break;
--- a/app/Http/Controllers/Api/LocationsController.php
+++ b/app/Http/Controllers/Api/LocationsController.php
@@ -26,7 +26,7 @@ class LocationsController extends Controller
        $allowed_columns = [
            'id','name','address','address2','city','state','country','zip','created_at',
            'updated_at','manager_id','image',
-            'assigned_assets_count','users_count','assets_count','currency'];
+            'assigned_assets_count','users_count','assets_count','currency','ldap_ou'];

        $locations = Location::with('parent', 'manager', 'children')->select([
            'locations.id',
@@ -42,6 +42,7 @@ class LocationsController extends Controller
            'locations.created_at',
            'locations.updated_at',
            'locations.image',
+            'locations.ldap_ou',
            'locations.currency'
        ])->withCount('assignedAssets as assigned_assets_count')
            ->withCount('assets as assets_count')
--- a/app/Http/Controllers/Api/ReportsController.php
+++ b/app/Http/Controllers/Api/ReportsController.php
@@ -49,6 +49,7 @@ class ReportsController extends Controller
            'created_at',
            'target_id',
            'user_id',
+            'accept_signature',
            'action_type',
            'note'
        ];
--- a/app/Http/Controllers/Api/SettingsController.php
+++ b/app/Http/Controllers/Api/SettingsController.php
@@ -15,6 +15,9 @@ use Illuminate\Support\Facades\Log;
 use Illuminate\Support\Facades\Notification;
 use GuzzleHttp\Client;
 use Illuminate\Support\Facades\Storage;
+use Illuminate\Support\Facades\Validator;
+use App\Models\Ldap; // forward-port of v4 LDAP model for Sync
+

 class SettingsController extends Controller
 {
@@ -75,10 +78,22 @@ class SettingsController extends Controller

        Log::info('Preparing to get sample user set from LDAP directory');
        // Get a sample of 10 users so user can verify the data is correct
+        $settings = Setting::getSettings();
        try {
            Log::info('Testing LDAP sync');
            error_reporting(E_ALL & ~E_DEPRECATED); // workaround for php7.4, which deprecates ldap_control_paged_result
-            $users = $ldap->testUserImportSync();
+            // $users = $ldap->testUserImportSync(); // from AdLdap2 from v5, disabling and falling back to v4's sync code
+            $users = collect(Ldap::findLdapUsers())->slice(0, 11)->filter(function ($value, $key) { //choosing ELEVEN because one is going to be the count, which we're about to filter out in the next line
+                return is_int($key);
+            })->map(function ($item) use ($settings) {
+                return (object) [
+                    'username'        => $item[$settings['ldap_username_field']][0] ?? null,
+                    'employee_number' => $item[$settings['ldap_emp_num']][0] ?? null,
+                    'lastname'        => $item[$settings['ldap_lname_field']][0] ?? null,
+                    'firstname'       => $item[$settings['ldap_fname_field']][0] ?? null,
+                    'email'           => $item[$settings['ldap_email']][0] ?? null,
+                ];
+            });
            $message['user_sync']  = [
                'users' => $users
            ];
@@ -93,6 +108,51 @@ class SettingsController extends Controller
        return response()->json($message, 200);
    }

+    public function ldaptestlogin(Request $request, LdapAd $ldap)
+    {
+
+        if (Setting::getSettings()->ldap_enabled!='1') {
+            \Log::debug('LDAP is not enabled. Cannot test.');
+            return response()->json(['message' => 'LDAP is not enabled, cannot test.'], 400);
+        }
+
+
+        $rules = array(
+            'ldaptest_user' => 'required',
+            'ldaptest_password' => 'required'
+        );
+
+        $validator = Validator::make($request->all(), $rules);
+        if ($validator->fails()) {
+            \Log::debug('LDAP Validation test failed.');
+            $validation_errors = implode(' ',$validator->errors()->all());
+            return response()->json(['message' => $validator->errors()->all()], 400);
+        }
+        
+
+        \Log::debug('Preparing to test LDAP login');
+        try {
+            DB::beginTransaction(); //this was the easiest way to invoke a full test of an LDAP login without adding new users to the DB (which may not be desired)
+
+            // $results = $ldap->ldap->auth()->attempt($request->input('ldaptest_username'), $request->input('ldaptest_password'), true);
+            // can't do this because that's a protected property.
+
+            $results = $ldap->ldapLogin($request->input('ldaptest_user'), $request->input('ldaptest_password')); // this would normally create a user on success (if they didn't already exist), but for the transaction
+            if($results) {
+                return response()->json(['message' => 'It worked! '. $request->input('ldaptest_user').' successfully binded to LDAP.'], 200);
+            } else {
+                return response()->json(['message' => 'Login Failed. '. $request->input('ldaptest_user').' did not successfully bind to LDAP.'], 400);
+            }
+        } catch (\Exception $e) {
+            \Log::debug('Connection failed');
+            return response()->json(['message' => $e->getMessage()], 400);
+        } finally {
+            DB::rollBack(); // ALWAYS rollback, whether success or failure
+        }
+
+
+    }
+
    public function slacktest(Request $request)
    {

@@ -137,7 +197,7 @@ class SettingsController extends Controller
            try {
                Notification::send(Setting::first(), new MailTest());
                return response()->json(['message' => 'Mail sent to '.config('mail.reply_to.address')], 200);
-            } catch (Exception $e) {
+            } catch (\Exception $e) {
                return response()->json(['message' => $e->getMessage()], 500);
            }
        }
--- a/app/Http/Controllers/Api/StatuslabelsController.php
+++ b/app/Http/Controllers/Api/StatuslabelsController.php
@@ -167,25 +167,30 @@ class StatuslabelsController extends Controller
    {
        $this->authorize('view', Statuslabel::class);

-        $statuslabels = Statuslabel::with('assets')->groupBy('id')->withCount('assets as assets_count')->get();
+        $statuslabels = Statuslabel::with('assets')
+            ->groupBy('id')
+            ->withCount('assets as assets_count')
+            ->get();

        $labels=[];
        $points=[];
-        $colors=[];
+        $default_color_count = 0;
+
        foreach ($statuslabels as $statuslabel) {
            if ($statuslabel->assets_count > 0) {

                $labels[]=$statuslabel->name. ' ('.number_format($statuslabel->assets_count).')';
                $points[]=$statuslabel->assets_count;
+
                if ($statuslabel->color!='') {
-                    $colors[]=$statuslabel->color;
+                    $colors_array[] = $statuslabel->color;
+                } else {
+                    $colors_array[] = Helper::defaultChartColors($default_color_count);
+                    $default_color_count++;
                }
            }
        }

-        
-        $colors_array = array_merge($colors, Helper::chartColors());
-
        $result= [
            "labels" => $labels,
            "datasets" => [ [
--- a/app/Http/Controllers/Api/UsersController.php
+++ b/app/Http/Controllers/Api/UsersController.php
@@ -60,6 +60,7 @@ class UsersController extends Controller
            'users.updated_at',
            'users.username',
            'users.zip',
+            'users.ldap_import',

        ])->with('manager', 'groups', 'userloc', 'company', 'department','assets','licenses','accessories','consumables')
            ->withCount('assets as assets_count','licenses as licenses_count','accessories as accessories_count','consumables as consumables_count');
@@ -67,7 +68,9 @@ class UsersController extends Controller


        if (($request->filled('deleted')) && ($request->input('deleted')=='true')) {
-            $users = $users->GetDeleted();
+            $users = $users->onlyTrashed();
+        } elseif (($request->filled('all')) && ($request->input('all')=='true')) {
+            $users = $users->withTrashed();
        }

        if ($request->filled('company_id')) {
@@ -129,7 +132,7 @@ class UsersController extends Controller
                        'assets','accessories', 'consumables','licenses','groups','activated','created_at',
                        'two_factor_enrolled','two_factor_optin','last_login', 'assets_count', 'licenses_count',
                        'consumables_count', 'accessories_count', 'phone', 'address', 'city', 'state',
-                        'country', 'zip', 'id'
+                        'country', 'zip', 'id', 'ldap_import'
                    ];

                $sort = in_array($request->get('sort'), $allowed_columns) ? $request->get('sort') : 'first_name';
@@ -182,16 +185,16 @@ class UsersController extends Controller
        foreach ($users as $user) {
            $name_str = '';
            if ($user->last_name!='') {
-                $name_str .= e($user->last_name).', ';
+                $name_str .= $user->last_name.', ';
            }
-            $name_str .= e($user->first_name);
+            $name_str .= $user->first_name;

            if ($user->username!='') {
-                $name_str .= ' ('.e($user->username).')';
+                $name_str .= ' ('.$user->username.')';
            }

            if ($user->employee_num!='') {
-                $name_str .= ' - #'.e($user->employee_num);
+                $name_str .= ' - #'.$user->employee_num;
            }

            $user->use_text = $name_str;
--- a/app/Http/Controllers/AssetMaintenancesController.php
+++ b/app/Http/Controllers/AssetMaintenancesController.php
@@ -100,9 +100,9 @@ class AssetMaintenancesController extends Controller
        $assetMaintenance = new AssetMaintenance();
        $assetMaintenance->supplier_id = $request->input('supplier_id');
        $assetMaintenance->is_warranty = $request->input('is_warranty');
-        $assetMaintenance->cost =  e($request->input('cost'));
-        $assetMaintenance->notes = e($request->input('notes'));
-        $asset = Asset::find(e($request->input('asset_id')));
+        $assetMaintenance->cost =  $request->input('cost');
+        $assetMaintenance->notes = $request->input('notes');
+        $asset = Asset::find($request->input('asset_id'));

        if ((!Company::isCurrentUserHasAccess($asset)) && ($asset!=null)) {
            return static::getInsufficientPermissionsRedirect();
--- a/app/Http/Controllers/Assets/AssetCheckinController.php
+++ b/app/Http/Controllers/Assets/AssetCheckinController.php
@@ -76,9 +76,32 @@ class AssetCheckinController extends Controller
            $asset->status_id =  e($request->get('status_id'));
        }

+        // This is just meant to correct legacy issues where some user data would have 0
+        // as a location ID, which isn't valid. Later versions of Snipe-IT have stricter validation
+        // rules, so it's necessary to fix this for long-time users. It's kinda gross, but will help
+        // people (and their data) in the long run
+
+        if ($asset->rtd_location_id=='0') {
+            \Log::debug('Manually override the RTD location IDs');
+            \Log::debug('Original RTD Location ID: '.$asset->rtd_location_id);
+            $asset->rtd_location_id = '';
+            \Log::debug('New RTD Location ID: '.$asset->rtd_location_id);
+        }
+
+        if ($asset->location_id=='0') {
+            \Log::debug('Manually override the location IDs');
+            \Log::debug('Original Location ID: '.$asset->location_id);
+            $asset->location_id = '';
+            \Log::debug('New RTD Location ID: '.$asset->location_id);
+        }
+
        $asset->location_id = $asset->rtd_location_id;
+        \Log::debug('After Location ID: '.$asset->location_id);
+        \Log::debug('After RTD Location ID: '.$asset->rtd_location_id);
+

        if ($request->filled('location_id')) {
+            \Log::debug('NEW Location ID: '.$request->get('location_id'));
            $asset->location_id =  e($request->get('location_id'));
        }

@@ -97,6 +120,6 @@ class AssetCheckinController extends Controller
            return redirect()->route("hardware.index")->with('success', trans('admin/hardware/message.checkin.success'));
        }
        // Redirect to the asset management page with error
-        return redirect()->route("hardware.index")->with('error', trans('admin/hardware/message.checkin.error'));
+        return redirect()->route("hardware.index")->with('error', trans('admin/hardware/message.checkin.error').$asset->getErrors());
    }
 }
--- a/app/Http/Controllers/Assets/AssetCheckoutController.php
+++ b/app/Http/Controllers/Assets/AssetCheckoutController.php
@@ -4,6 +4,7 @@ namespace App\Http\Controllers\Assets;


 use App\Exceptions\CheckoutNotAllowed;
+use App\Helpers\Helper;
 use App\Http\Controllers\CheckInOutRequest;
 use App\Http\Controllers\Controller;
 use App\Http\Requests\AssetCheckoutRequest;
@@ -33,7 +34,8 @@ class AssetCheckoutController extends Controller
        $this->authorize('checkout', $asset);

        if ($asset->availableForCheckout()) {
-            return view('hardware/checkout', compact('asset'));
+            return view('hardware/checkout', compact('asset'))
+                ->with('statusLabel_list', Helper::deployableStatusLabelList());
        }
        return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkout.not_available'));

@@ -75,12 +77,16 @@ class AssetCheckoutController extends Controller
                $expected_checkin = $request->get('expected_checkin');
            }

+            if ($request->filled('status_id')) {
+                $asset->status_id = $request->get('status_id');
+            }
+
            if ($asset->checkOut($target, $admin, $checkout_at, $expected_checkin, e($request->get('note')), $request->get('name'))) {
                return redirect()->route("hardware.index")->with('success', trans('admin/hardware/message.checkout.success'));
            }

            // Redirect to the asset management page with error
-            return redirect()->to("hardware/$assetId/checkout")->with('error', trans('admin/hardware/message.checkout.error'))->withErrors($asset->getErrors());
+            return redirect()->to("hardware/$assetId/checkout")->with('error', trans('admin/hardware/message.checkout.error').$asset->getErrors());
        } catch (ModelNotFoundException $e) {
            return redirect()->back()->with('error', trans('admin/hardware/message.checkout.error'))->withErrors($asset->getErrors());
        } catch (CheckoutNotAllowed $e) {
--- a/app/Http/Controllers/Assets/AssetsController.php
+++ b/app/Http/Controllers/Assets/AssetsController.php
@@ -165,10 +165,17 @@ class AssetsController extends Controller
                foreach ($model->fieldset->fields as $field) {
                    if ($field->field_encrypted=='1') {
                        if (Gate::allows('admin')) {
-                            $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt($request->input($field->convertUnicodeDbSlug()));
-                        }
+                            if(is_array($request->input($field->convertUnicodeDbSlug()))){
+                                $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt(e(implode(', ', $request->input($field->convertUnicodeDbSlug()))));
+                            }else{
+                                $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt(e($request->input($field->convertUnicodeDbSlug())));
+                            }                        }
                    } else {
-                        $asset->{$field->convertUnicodeDbSlug()} = $request->input($field->convertUnicodeDbSlug());
+                        if(is_array($request->input($field->convertUnicodeDbSlug()))){
+                            $asset->{$field->convertUnicodeDbSlug()} = implode(', ', $request->input($field->convertUnicodeDbSlug()));
+                        }else{
+                            $asset->{$field->convertUnicodeDbSlug()} = $request->input($field->convertUnicodeDbSlug());
+                        }
                    }
                }
            }
@@ -342,10 +349,18 @@ class AssetsController extends Controller
            foreach ($model->fieldset->fields as $field) {
                if ($field->field_encrypted=='1') {
                    if (Gate::allows('admin')) {
-                        $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt(e($request->input($field->convertUnicodeDbSlug())));
+                        if(is_array($request->input($field->convertUnicodeDbSlug()))){
+                            $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt(e(implode(', ', $request->input($field->convertUnicodeDbSlug()))));
+                        }else{
+                            $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt(e($request->input($field->convertUnicodeDbSlug())));
+                        }
                    }
                } else {
-                    $asset->{$field->convertUnicodeDbSlug()} = $request->input($field->convertUnicodeDbSlug());
+                    if(is_array($request->input($field->convertUnicodeDbSlug()))){
+                        $asset->{$field->convertUnicodeDbSlug()} = implode(', ', $request->input($field->convertUnicodeDbSlug()));
+                    }else{
+                        $asset->{$field->convertUnicodeDbSlug()} = $request->input($field->convertUnicodeDbSlug());
+                    }
                }
            }
        }
--- a/app/Http/Controllers/Auth/ForgotPasswordController.php
+++ b/app/Http/Controllers/Auth/ForgotPasswordController.php
@@ -5,7 +5,6 @@ namespace App\Http\Controllers\Auth;
 use App\Http\Controllers\Controller;
 use Illuminate\Foundation\Auth\SendsPasswordResetEmails;
 use Illuminate\Http\Request;
-use Illuminate\Support\Facades\Validator;

 class ForgotPasswordController extends Controller
 {
@@ -60,7 +59,7 @@ class ForgotPasswordController extends Controller
         */

        $request->validate([
-            'email' => ['required', 'email', 'max:255'],
+            'username' => ['required', 'max:255'],
        ]);
        

@@ -74,16 +73,16 @@ class ForgotPasswordController extends Controller
         */
        $response = $this->broker()->sendResetLink(
            array_merge(
-                $request->only('email'),
+                $request->only('username'),
                ['activated' => '1'],
                ['ldap_import' => '0']
            )
        );

        if ($response === \Password::RESET_LINK_SENT) {
-            \Log::info('Password reset attempt: User '.$request->input('email').' found, password reset sent');
+            \Log::info('Password reset attempt: User '.$request->input('username').' WAS found, password reset sent');
        } else {
-            \Log::info('Password reset attempt: User '.$request->input('email').' not found or user is inactive');
+            \Log::info('Password reset attempt: User matching username '.$request->input('username').' NOT FOUND or user is inactive');
        }


--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@@ -105,13 +105,13 @@ class LoginController extends Controller
        $samlData = $request->session()->get('saml_login');
        if ($saml->isEnabled() && !empty($samlData)) {
            try {
-                LOG::debug("Attempting to log user in by SAML authentication.");
+                Log::debug("Attempting to log user in by SAML authentication.");
                $user = $saml->samlLogin($samlData);
                if(!is_null($user)) {
                    Auth::login($user, true);
                } else {
                    $username = $saml->getUsername();
-                    LOG::debug("SAML user '$username' could not be found in database.");
+                    Log::error("SAML user '$username' could not be found in database.");
                    $request->session()->flash('error', trans('auth/message.signin.error'));
                    $saml->clearData();
                }
@@ -121,7 +121,7 @@ class LoginController extends Controller
                    $user->save();
                }
            } catch (\Exception $e) {
-                LOG::debug("There was an error authenticating the SAML user: " . $e->getMessage());
+                Log::error("There was an error authenticating the SAML user: " . $e->getMessage());
                throw new \Exception($e->getMessage());
            }
        }
@@ -157,9 +157,26 @@ class LoginController extends Controller
        if (Setting::getSettings()->login_remote_user_enabled == "1" && isset($remote_user) && !empty($remote_user)) {
            Log::debug("Authenticating via HTTP header $header_name.");

-            $pos = strpos($remote_user, '\\');
+            $strip_prefixes = [
+                // IIS/AD
+                // https://github.com/snipe/snipe-it/pull/5862
+                '\\',
+
+                // Google Cloud IAP
+                // https://cloud.google.com/iap/docs/identity-howto#getting_the_users_identity_with_signed_headers
+                'accounts.google.com:',
+            ];
+
+            $pos = 0;
+            foreach ($strip_prefixes as $needle) {
+                if (($pos = strpos($remote_user, $needle)) !== FALSE) {
+                    $pos += strlen($needle);
+                    break;
+                }
+            }
+
            if ($pos > 0) {
-                $remote_user = substr($remote_user, $pos + 1);
+                $remote_user = substr($remote_user, $pos);
            };
            
            try {
@@ -189,8 +206,8 @@ class LoginController extends Controller
            return redirect()->back()->withInput()->withErrors($validator);
        }

-        $this->maxLoginAttempts = config('auth.throttle.max_attempts');
-        $this->lockoutTime = config('auth.throttle.lockout_duration');
+        $this->maxLoginAttempts = config('auth.passwords.users.throttle.max_attempts');
+        $this->lockoutTime = config('auth.passwords.users.throttle.lockout_duration');

        if ($lockedOut = $this->hasTooManyLoginAttempts($request)) {
            $this->fireLockoutEvent($request);
@@ -234,6 +251,7 @@ class LoginController extends Controller

        if ($user = Auth::user()) {
            $user->last_login = \Carbon::now();
+            $user->activated = 1;
            $user->save();
        }
        // Redirect to the users page
@@ -451,8 +469,8 @@ class LoginController extends Controller
     */
    protected function hasTooManyLoginAttempts(Request $request)
    {
-        $lockoutTime = config('auth.throttle.lockout_duration');
-        $maxLoginAttempts = config('auth.throttle.max_attempts');
+        $lockoutTime = config('auth.passwords.users.throttle.lockout_duration');
+        $maxLoginAttempts = config('auth.passwords.users.throttle.max_attempts');

        return $this->limiter()->tooManyAttempts(
            $this->throttleKey($request),
--- a/app/Http/Controllers/Auth/ResetPasswordController.php
+++ b/app/Http/Controllers/Auth/ResetPasswordController.php
@@ -3,9 +3,13 @@
 namespace App\Http\Controllers\Auth;

 use App\Http\Controllers\Controller;
+use App\Http\Requests\SaveUserRequest;
 use App\Models\Setting;
+use App\Models\User;
 use Illuminate\Foundation\Auth\ResetsPasswords;
 use Illuminate\Http\Request;
+use Illuminate\Validation\Rule;
+use Illuminate\Validation\Validator;

 class ResetPasswordController extends Controller
 {
@@ -29,6 +33,8 @@ class ResetPasswordController extends Controller
     */
    protected $redirectTo = '/';

+    protected $username = 'username';
+
    /**
     * Create a new controller instance.
     *
@@ -44,7 +50,7 @@ class ResetPasswordController extends Controller
        return [
            'token' => 'required',
            'username' => 'required',
-            'password' => 'required|confirmed|'.Setting::passwordComplexityRulesSaving('update'),
+            'password' => 'confirmed|'.Setting::passwordComplexityRulesSaving('store'),
        ];
    }

@@ -55,7 +61,7 @@ class ResetPasswordController extends Controller
            'username', 'password', 'password_confirmation', 'token'
        );
    }
-
+    

    public function showResetForm(Request $request, $token = null)
    {
@@ -67,11 +73,48 @@ class ResetPasswordController extends Controller
        );
    }

+
+    public function reset(Request $request)
+    {
+
+        $messages = [
+            'password.not_in' => trans('validation.disallow_same_pwd_as_user_fields'),
+        ];
+
+        $request->validate($this->rules(), $request->all(), $this->validationErrorMessages());
+
+        // Check to see if the user even exists
+        $user = User::where('username', '=', $request->input('username'))->first();
+
+        $broker = $this->broker();
+        if (strpos(Setting::passwordComplexityRulesSaving('store'), 'disallow_same_pwd_as_user_fields') !== FALSE) {
+            $request->validate(
+                [
+                'password' => 'required|notIn:["'.$user->email.'","'.$user->username.'","'.$user->first_name.'","'.$user->last_name.'"'
+            ], $messages);
+            
+        }
+
+
+        $response = $broker->reset(
+            $this->credentials($request), function ($user, $password) {
+                $this->resetPassword($user, $password);
+            }
+        );
+
+        return $response == \Password::PASSWORD_RESET
+            ? $this->sendResetResponse($request, $response)
+            : $this->sendResetFailedResponse($request, $response);
+    }
+
+
    protected function sendResetFailedResponse(Request $request, $response)
    {
        return redirect()->back()
            ->withInput(['username'=> $request->input('username')])
-            ->withErrors(['username' => trans($response)]);
+            ->withErrors(['username' => trans($response), 'password' => trans($response)]);
    }

-}
+
+
+}
--- a/app/Http/Controllers/Auth/SamlController.php
+++ b/app/Http/Controllers/Auth/SamlController.php
@@ -53,8 +53,10 @@ class SamlController extends Controller
        if (empty($metadata)) {
            return response()->view('errors.403', [], 403);
        }
-
-        return response($metadata)->header('Content-Type', 'text/xml');
+    
+        return response()->streamDownload(function () use ($metadata) {
+            echo $metadata;
+        }, 'snipe-it-metadata.xml', ['Content-Type' => 'text/xml']);
    }

    /**
@@ -99,8 +101,8 @@ class SamlController extends Controller
        $errors = $auth->getErrors();

        if (!empty($errors)) {
-            Log::debug("There was an error with SAML ACS: " . implode(', ', $errors));
-            Log::debug("Reason: " . $auth->getLastErrorReason());
+            Log::error("There was an error with SAML ACS: " . implode(', ', $errors));
+            Log::error("Reason: " . $auth->getLastErrorReason());
            return redirect()->route('login')->with('error', trans('auth/message.signin.error'));
        }

@@ -113,7 +115,7 @@ class SamlController extends Controller
     * Receives LogoutRequest/LogoutResponse from IdP and flashes
     * back to the LoginController for logging out.
     * 
-     * /saml/slo
+     * /saml/sls
     * 
     * @author Johnson Yi <jyi.dev@outlook.com>
     * 
@@ -126,12 +128,13 @@ class SamlController extends Controller
    public function sls(Request $request)
    {
        $auth = $this->saml->getAuth();
-        $sloUrl = $auth->processSLO(true, null, null, null, true);
+        $retrieveParametersFromServer = $this->saml->getSetting('retrieveParametersFromServer', false);
+        $sloUrl = $auth->processSLO(true, null, $retrieveParametersFromServer, null, true);
        $errors = $auth->getErrors();
        
        if (!empty($errors)) {
-            Log::debug("There was an error with SAML SLS: " . implode(', ', $errors));
-            Log::debug("Reason: " . $auth->getLastErrorReason());
+            Log::error("There was an error with SAML SLS: " . implode(', ', $errors));
+            Log::error("Reason: " . $auth->getLastErrorReason());
            return view('errors.403');
        }

--- a/app/Http/Controllers/Components/ComponentsController.php
+++ b/app/Http/Controllers/Components/ComponentsController.php
@@ -124,7 +124,7 @@ class ComponentsController extends Controller
        }
        $min = $component->numCHeckedOut();
        $validator = Validator::make($request->all(), [
-            "qty" => "required|numeric|gt:$min"
+            "qty" => "required|numeric|min:$min"
        ]);

        if ($validator->fails()) {
--- a/app/Http/Controllers/HealthController.php
+++ b/app/Http/Controllers/HealthController.php
@@ -0,0 +1,23 @@
+<?php
+namespace App\Http\Controllers;
+
+use Illuminate\Routing\Controller as BaseController;
+
+
+/**
+ * This controller provide the healthz route  for
+ * the Snipe-IT Asset Management application.
+ *
+ * @version    v1.0
+ */
+class HealthController extends BaseController
+{
+    /**
+     * Returns a fixed JSON content ({ "status": "ok"}) which indicate the app is up and running
+     */
+    public function get() {
+        return response()->json([
+            "status" => "ok"
+        ]);
+    }
+}
--- a/app/Http/Controllers/Licenses/LicenseFilesController.php
+++ b/app/Http/Controllers/Licenses/LicenseFilesController.php
@@ -39,7 +39,8 @@ class LicenseFilesController extends Controller
                $upload_success = false;
                foreach ($request->file('file') as $file) {

-                    $file_name = 'license-'.date('Y-m-d-His').'-'.$file->getBasename().'.'.$file->getClientOriginalExtension();
+
+                    $file_name = 'license-'.$license->id.'-'.str_random(8).'-'.str_slug(basename($file->getClientOriginalName(), '.'.$file->getClientOriginalExtension())).'.'.$file->getClientOriginalExtension();


                    $upload_success = $file->storeAs('private_uploads/licenses', $file_name);
--- a/app/Http/Controllers/LocationsController.php
+++ b/app/Http/Controllers/LocationsController.php
@@ -67,7 +67,6 @@ class LocationsController extends Controller
    {
        $this->authorize('create', Location::class);
        $location = new Location();
-        $location->id               = null; // This is required to make Laravels different validation work, it errors if the parameter doesn't exist (maybe a bug)?
        $location->name             = $request->input('name');
        $location->parent_id        = $request->input('parent_id', null);
        $location->currency         = $request->input('currency', '$');
@@ -132,7 +131,6 @@ class LocationsController extends Controller
            return redirect()->route('locations.index')->with('error', trans('admin/locations/message.does_not_exist'));
        }

-
        // Update the location data
        $location->name         = $request->input('name');
        $location->parent_id    = $request->input('parent_id', null);
--- a/app/Http/Controllers/ManufacturersController.php
+++ b/app/Http/Controllers/ManufacturersController.php
@@ -70,7 +70,7 @@ class ManufacturersController extends Controller
        $manufacturer->support_url      = $request->input('support_url');
        $manufacturer->support_phone    = $request->input('support_phone');
        $manufacturer->support_email    = $request->input('support_email');
-        $manufacturer = $request->handleImages($manufacturer,600, public_path().'/uploads/manufacturers');
+        $manufacturer = $request->handleImages($manufacturer);



@@ -137,7 +137,7 @@ class ManufacturersController extends Controller
            $manufacturer->image = null;
        }

-        $manufacturer = $request->handleImages($manufacturer,600, public_path().'/uploads/manufacturers');
+        $manufacturer = $request->handleImages($manufacturer);


        if ($manufacturer->save()) {
@@ -158,7 +158,7 @@ class ManufacturersController extends Controller
    public function destroy($manufacturerId)
    {
        $this->authorize('delete', Manufacturer::class);
-        if (is_null($manufacturer = Manufacturer::withCount('models as models_count')->find($manufacturerId))) {
+        if (is_null($manufacturer = Manufacturer::withTrashed()->withCount('models as models_count')->find($manufacturerId))) {
            return redirect()->route('manufacturers.index')->with('error', trans('admin/manufacturers/message.not_found'));
        }

@@ -174,8 +174,12 @@ class ManufacturersController extends Controller
            }
        }

-        // Delete the manufacturer
-        $manufacturer->delete();
+        // Soft delete the manufacturer if active, permanent delete if is already deleted
+        if($manufacturer->deleted_at === NULL) {
+            $manufacturer->delete();
+        } else {
+            $manufacturer->forceDelete();
+        }
        // Redirect to the manufacturers management page
        return redirect()->route('manufacturers.index')->with('success', trans('admin/manufacturers/message.delete.success'));
    }
--- a/app/Http/Controllers/ProfileController.php
+++ b/app/Http/Controllers/ProfileController.php
@@ -156,6 +156,28 @@ class ProfileController extends Controller
            if (!Hash::check($request->input('current_password'), $user->password)) {
                $validator->errors()->add('current_password', trans('validation.hashed_pass'));
            }
+
+            // This checks to make sure that the user's password isn't the same as their username,
+            // email address, first name or last name (see https://github.com/snipe/snipe-it/issues/8661)
+            // While this is handled via SaveUserRequest form request in other places, we have to do this manually
+            // here because we don't have the username, etc form fields available in the profile password change
+            // form.
+
+            // There may be a more elegant way to do this in the future.
+
+            // First let's see if that option is enabled in the settings
+            if (strpos(Setting::passwordComplexityRulesSaving('store'), 'disallow_same_pwd_as_user_fields') !== FALSE) {
+                if (($request->input('password') == $user->username) ||
+                    ($request->input('password') == $user->email) ||
+                    ($request->input('password') == $user->first_name) ||
+                    ($request->input('password') == $user->last_name))
+                {
+                    $validator->errors()->add('password', trans('validation.disallow_same_pwd_as_user_fields'));
+                }
+            }
+
+
+
            
        });

--- a/app/Http/Controllers/ReportsController.php
+++ b/app/Http/Controllers/ReportsController.php
@@ -217,6 +217,99 @@ class ReportsController extends Controller
    }


+    /**
+     * Exports the activity report to CSV
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v5.0.7]
+     * @return \Illuminate\Http\Response
+     */
+    public function postActivityReport(Request $request)
+    {
+        ini_set('max_execution_time', 12000);
+        $this->authorize('reports.view');
+
+        \Debugbar::disable();
+        $response = new StreamedResponse(function () {
+
+            \Log::debug('Starting streamed response');
+
+            // Open output stream
+            $handle = fopen('php://output', 'w');
+            stream_set_timeout($handle, 2000);
+
+            $header = [
+                trans('general.date'),
+                trans('general.admin'),
+                trans('general.action'),
+                trans('general.type'),
+                trans('general.item'),
+                'To',
+                trans('general.notes'),
+                'Changed',
+
+            ];
+            $executionTime = microtime(true) - $_SERVER["REQUEST_TIME_FLOAT"];
+            \Log::debug('Starting headers: '.$executionTime);
+            fputcsv($handle, $header);
+            $executionTime = microtime(true) - $_SERVER["REQUEST_TIME_FLOAT"];
+            \Log::debug('Added headers: '.$executionTime);
+
+            $actionlogs = Actionlog::with('item', 'user', 'target','location')
+                ->orderBy('created_at', 'DESC')
+                ->chunk(20, function($actionlogs) use($handle) {
+
+                $executionTime = microtime(true) - $_SERVER["REQUEST_TIME_FLOAT"];
+                \Log::debug('Walking results: '.$executionTime);
+                $count = 0;
+
+                foreach ($actionlogs as $actionlog) {
+
+                    $count++;
+                    $target_name = '';
+
+                    if ($actionlog->target) {
+                        if ($actionlog->targetType()=='user') {
+                           $target_name =  $actionlog->target->getFullNameAttribute();
+                        } else {
+                            $target_name = $actionlog->target->getDisplayNameAttribute();
+                        }
+                    }
+
+
+                    $row = [
+                        $actionlog->created_at,
+                        ($actionlog->user) ? e($actionlog->user->getFullNameAttribute()) : '',
+                        $actionlog->present()->actionType(),
+                        e($actionlog->itemType()),
+                        ($actionlog->itemType()=='user') ? $actionlog->filename : e($actionlog->item->getDisplayNameAttribute()),
+                        $target_name,
+                        ($actionlog->note) ? e($actionlog->note): '',
+                        $actionlog->log_meta,
+                    ];
+                    fputcsv($handle, $row);
+
+                }
+            });
+
+            // Close the output stream
+            fclose($handle);
+            $executionTime = microtime(true) - $_SERVER["REQUEST_TIME_FLOAT"];
+            \Log::debug('-- SCRIPT COMPLETED IN '. $executionTime);
+
+        }, 200, [
+            'Content-Type' => 'text/csv',
+            'Content-Disposition'
+            => 'attachment; filename="activity-report-'.date('Y-m-d-his').'.csv"',
+        ]);
+
+
+        return $response;
+
+
+    }
+
+
    /**
     * Displays license report
     *
@@ -539,6 +632,14 @@ class ReportsController extends Controller
            if (($request->filled('expected_checkin_start')) && ($request->filled('expected_checkin_end'))) {
                $assets->whereBetween('assets.expected_checkin', [$request->input('expected_checkin_start'), $request->input('expected_checkin_end')]);
            }
+
+            if (($request->filled('last_audit_start')) && ($request->filled('last_audit_end'))) {
+                $assets->whereBetween('assets.last_audit_date', [$request->input('last_audit_start'), $request->input('last_audit_end')]);
+            }
+
+            if (($request->filled('next_audit_start')) && ($request->filled('next_audit_end'))) {
+                $assets->whereBetween('assets.next_audit_date', [$request->input('next_audit_start'), $request->input('next_audit_end')]);
+            }
            
            $assets->orderBy('assets.created_at', 'ASC')->chunk(20, function($assets) use($handle, $customfields, $request) {

@@ -682,7 +783,7 @@ class ReportsController extends Controller
                            $diff = ($asset->purchase_cost - $depreciation);
                            $row[]        = Helper::formatCurrencyOutput($depreciation);
                            $row[]        = Helper::formatCurrencyOutput($diff);
-                            $row[]        = ($asset->depreciated_date()!='') ? $asset->depreciated_date()->format('Y-m-d') : '';
+                            $row[]        = ($asset->depreciation) ? $asset->depreciated_date()->format('Y-m-d') : '';
                    }

                    if ($request->filled('checkout_date')) {
--- a/app/Http/Controllers/SettingsController.php
+++ b/app/Http/Controllers/SettingsController.php
@@ -577,6 +577,7 @@ class SettingsController extends Controller
        $setting->default_currency    = $request->input('default_currency', '$');
        $setting->date_display_format = $request->input('date_display_format');
        $setting->time_display_format = $request->input('time_display_format');
+        $setting->digit_separator = $request->input('digit_separator');

        if ($setting->save()) {
            return redirect()->route('settings.index')
@@ -1015,7 +1016,7 @@ class SettingsController extends Controller

        $path         = 'app/backups';
        $backup_files = Storage::files($path);
-        $files        = [];
+        $files_raw        = [];

        if (count($backup_files) > 0) {
            for ($f = 0; $f < count($backup_files); ++$f) {
@@ -1023,7 +1024,7 @@ class SettingsController extends Controller
                // Skip dotfiles like .gitignore and .DS_STORE
                if ((substr(basename($backup_files[$f]), 0, 1) != '.')) {

-                    $files[] = [
+                    $files_raw[] = [
                        'filename' => basename($backup_files[$f]),
                        'filesize' => Setting::fileSizeConvert(Storage::size($backup_files[$f])),
                        'modified' => Storage::lastModified($backup_files[$f]),
@@ -1035,6 +1036,9 @@ class SettingsController extends Controller
            }
        }

+        // Reverse the array so it lists oldest first
+        $files = array_reverse($files_raw);
+
        return view('settings/backups', compact('path', 'files'));
    }

@@ -1138,6 +1142,7 @@ class SettingsController extends Controller
     */
    public function getPurge()
    {
+        \Log::warning('User ID '.Auth::user()->id.' is attempting a PURGE');
        return view('settings.purge-form');
    }

@@ -1154,6 +1159,8 @@ class SettingsController extends Controller
    {
        if (! config('app.lock_passwords')) {
            if ('DELETE' == $request->input('confirm_purge')) {
+
+                \Log::warning('User ID '.Auth::user()->id.' initiated a PURGE!');
                // Run a backup immediately before processing
                Artisan::call('backup:run');
                Artisan::call('snipeit:purge', ['--force' => 'true', '--no-interaction' => true]);
--- a/app/Http/Controllers/Users/LDAPImportController.php
+++ b/app/Http/Controllers/Users/LDAPImportController.php
@@ -6,6 +6,7 @@ use App\Http\Controllers\Controller;
 use App\Services\LdapAd;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Artisan;
+use App\Models\User; // Note that this is awful close to 'Users' the namespace above; be careful

 class LDAPImportController extends Controller
 {
@@ -65,6 +66,7 @@ class LDAPImportController extends Controller
     */
    public function store(Request $request)
    {
+        $this->authorize('update', User::class);
        // Call Artisan LDAP import command.
        $location_id = $request->input('location_id');
        Artisan::call('snipeit:ldap-sync', ['--location_id' => $location_id, '--json_summary' => true]);
--- a/app/Http/Controllers/Users/UserFilesController.php
+++ b/app/Http/Controllers/Users/UserFilesController.php
@@ -38,7 +38,7 @@ class UserFilesController extends Controller
                $filename = 'user-' . $user->id . '-' . str_random(8);
                $filename .= '-' . str_slug($file->getClientOriginalName()) . '.' . $extension;
                if (!$file->move($destinationPath, $filename)) {
-                    return JsonResponse::create(["error" => "Unabled to move file"], 500);
+                    return redirect()->back()->with('error', trans('admin/users/message.upload.invalidfiles'));
                }
                //Log the uploaded file to the log
                $logAction = new Actionlog();
@@ -57,10 +57,10 @@ class UserFilesController extends Controller
                }
                $logActions[] = $logAction;
            }
-//            dd($logActions);
-            return JsonResponse::create($logActions);
+            // dd($logActions);
+            return redirect()->back()->with('success', trans('admin/users/message.upload.success'));
        }
-        return JsonResponse::create(["error" => "No User associated with this request"], 500);
+        return redirect()->back()->with('error', trans('admin/users/message.upload.nofiles'));

    }

--- a/app/Http/Controllers/ViewAssetsController.php
+++ b/app/Http/Controllers/ViewAssetsController.php
@@ -10,8 +10,7 @@ use App\Models\User;
 use App\Notifications\RequestAssetCancelation;
 use App\Notifications\RequestAssetNotification;
 use Illuminate\Support\Facades\Auth;
-use Illuminate\Support\Facades\Input;
-use Redirect;
+use Illuminate\Http\Request;

 /**
 * This controller handles all actions related to the ability for users
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@@ -14,6 +14,7 @@ class Kernel extends HttpKernel
     * @var array
     */
    protected $middleware = [
+        \App\Http\Middleware\NoSessionStore::class,
        \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
        \Illuminate\Session\Middleware\StartSession::class,
        \Illuminate\View\Middleware\ShareErrorsFromSession::class,
@@ -38,6 +39,7 @@ class Kernel extends HttpKernel
            \App\Http\Middleware\CheckLocale::class,
            \App\Http\Middleware\CheckForTwoFactor::class,
            \Laravel\Passport\Http\Middleware\CreateFreshApiToken::class,
+            \App\Http\Middleware\AssetCountForSidebar::class,
        ],

        'api' => [
--- a/app/Http/Middleware/AssetCountForSidebar.php
+++ b/app/Http/Middleware/AssetCountForSidebar.php
@@ -0,0 +1,58 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Auth;
+use App\Models\Asset;
+use Closure;
+
+class AssetCountForSidebar
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        try
+        {
+            $total_rtd_sidebar = Asset::RTD()->count();
+            view()->share('total_rtd_sidebar', $total_rtd_sidebar);
+        } catch (\Exception $e) {
+            \Log::debug($e);
+        }
+
+        try {
+            $total_deployed_sidebar = Asset::Deployed()->count();
+            view()->share('total_deployed_sidebar', $total_deployed_sidebar);
+        } catch (\Exception $e) {
+            \Log::debug($e);
+        }
+
+        try {
+            $total_archived_sidebar = Asset::Archived()->count();
+            view()->share('total_archived_sidebar', $total_archived_sidebar);
+        } catch (\Exception $e) {
+            \Log::debug($e);
+        }
+
+        try {
+            $total_pending_sidebar = Asset::Pending()->count();
+            view()->share('total_pending_sidebar', $total_pending_sidebar);
+        } catch (\Exception $e) {
+            \Log::debug($e);
+        }
+
+        try {
+            $total_undeployable_sidebar = Asset::Undeployable()->count();
+            view()->share('total_undeployable_sidebar', $total_undeployable_sidebar);
+        } catch (\Exception $e) {
+            \Log::debug($e);
+        }
+
+        return $next($request);
+    }
+}
--- a/app/Http/Middleware/CheckForSetup.php
+++ b/app/Http/Middleware/CheckForSetup.php
@@ -27,7 +27,7 @@ class CheckForSetup
            }

        } else {
-            if (!($request->is('setup*')) && !($request->is('.env'))) {
+            if (!($request->is('setup*')) && !($request->is('.env')) && !($request->is('health'))) {
                return redirect(url('/').'/setup');
            }

--- a/app/Http/Middleware/NoSessionStore.php
+++ b/app/Http/Middleware/NoSessionStore.php
@@ -0,0 +1,29 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+
+class NoSessionStore
+{
+    protected $except = [
+        'health'
+    ];
+
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request $request
+     * @param  \Closure $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        foreach ($this->except as $except) {
+            if ($request->is($except)) {
+                config()->set('session.driver', 'array');
+            }
+        }
+        return $next($request);
+    }
+}
--- a/app/Http/Middleware/SecurityHeaders.php
+++ b/app/Http/Middleware/SecurityHeaders.php
@@ -106,7 +106,7 @@ class SecurityHeaders
            $csp_policy[] = "connect-src 'self'";
            $csp_policy[] = "object-src 'none'";
            $csp_policy[] = "font-src 'self' data:";
-            $csp_policy[] = "img-src 'self' data: gravatar.com maps.google.com maps.gstatic.com *.googleapis.com";
+            $csp_policy[] = "img-src 'self' data: ".config('app.url')." ".env('PUBLIC_AWS_URL')." https://secure.gravatar.com http://gravatar.com maps.google.com maps.gstatic.com *.googleapis.com";
            $csp_policy = join(';', $csp_policy);
            $response->headers->set('Content-Security-Policy', $csp_policy);
        }
--- a/app/Http/Middleware/VerifyCsrfToken.php
+++ b/app/Http/Middleware/VerifyCsrfToken.php
@@ -12,5 +12,6 @@ class VerifyCsrfToken extends BaseVerifier
     * @var array
     */
    protected $except = [
+        'health'
    ];
 }
--- a/app/Http/Requests/AssetFileRequest.php
+++ b/app/Http/Requests/AssetFileRequest.php
@@ -24,7 +24,7 @@ class AssetFileRequest extends Request
    {
        $max_file_size = \App\Helpers\Helper::file_upload_max_size();
        return [
-          'file.*' => 'required|mimes:png,gif,jpg,svg,jpeg,doc,docx,pdf,txt,zip,rar,xls,lic,xml,rtf|max:'.$max_file_size,
+          'file.*' => 'required|mimes:png,gif,jpg,svg,jpeg,doc,docx,pdf,txt,zip,rar,xls,xlsx,lic,xml,rtf|max:'.$max_file_size,
        ];
    }
 }
--- a/app/Http/Requests/ImageUploadRequest.php
+++ b/app/Http/Requests/ImageUploadRequest.php
@@ -27,7 +27,7 @@ class ImageUploadRequest extends Request
    public function rules()
    {
        return [
-            'image' => 'mimes:png,gif,jpg,jpeg,svg,bmp,svg+xml',
+            'image' => 'mimes:png,gif,jpg,jpeg,svg,bmp,svg+xml,webp',
            'avatar' => 'mimes:png,gif,jpg,jpeg,svg,bmp,svg+xml',
        ];
    }
@@ -91,8 +91,8 @@ class ImageUploadRequest extends Request
                \Log::info('File name will be: '.$file_name);
                \Log::debug('File extension is: '. $ext);

-                if ($image->getClientOriginalExtension()!=='svg') {
-                    \Log::debug('Not an SVG - resize');
+                if (($image->getClientOriginalExtension()!=='webp') && ($image->getClientOriginalExtension()!=='svg')) {
+                    \Log::debug('Not an SVG or webp - resize');
                    \Log::debug('Trying to upload to: '.$path.'/'.$file_name);
                    $upload = Image::make($image->getRealPath())->resize(null, $w, function ($constraint) {
                        $constraint->aspectRatio();
@@ -102,20 +102,27 @@ class ImageUploadRequest extends Request
                    // This requires a string instead of an object, so we use ($string)
                    Storage::disk('public')->put($path.'/'.$file_name, (string)$upload->encode());

-
-                // If the file is an SVG, we need to clean it and NOT encode it
                } else {
-                    \Log::debug('This is an SVG');
-                    $sanitizer = new Sanitizer();
-                    $dirtySVG = file_get_contents($image->getRealPath());
-                    $cleanSVG = $sanitizer->sanitize($dirtySVG);
+                    // If the file is a webp, we need to just move it since webp support
+                    // needs to be compiled into gd for resizing to be available
+                    if ($image->getClientOriginalExtension()=='webp') {
+                        \Log::debug('This is a webp, just move it');
+                        Storage::disk('public')->put($path.'/'.$file_name, file_get_contents($image));
+                    // If the file is an SVG, we need to clean it and NOT encode it
+                    } else {

-                    try {
-                        \Log::debug('Trying to upload to: '.$path.'/'.$file_name);
-                        Storage::disk('public')->put($path.'/'.$file_name, $cleanSVG);
-                    } catch (\Exception $e) {
-                        \Log::debug('Upload no workie :( ');
-                        \Log::debug($e);
+                        \Log::debug('This is an SVG');
+                        $sanitizer = new Sanitizer();
+                        $dirtySVG = file_get_contents($image->getRealPath());
+                        $cleanSVG = $sanitizer->sanitize($dirtySVG);
+
+                        try {
+                            \Log::debug('Trying to upload to: '.$path.'/'.$file_name);
+                            Storage::disk('public')->put($path.'/'.$file_name, $cleanSVG);
+                        } catch (\Exception $e) {
+                            \Log::debug('Upload no workie :( ');
+                            \Log::debug($e);
+                        }
                    }
                }

--- a/app/Http/Requests/SaveUserRequest.php
+++ b/app/Http/Requests/SaveUserRequest.php
@@ -34,7 +34,7 @@ class SaveUserRequest extends FormRequest
    {

        $rules = [
-            'manager_id' => "nullable|exists:users,id|different:users.id"
+            'manager_id' => "nullable|exists:users,id"
        ];

        switch($this->method())
--- a/app/Http/Requests/SettingsSamlRequest.php
+++ b/app/Http/Requests/SettingsSamlRequest.php
@@ -70,22 +70,27 @@ class SettingsSamlRequest extends FormRequest
                ]);
                
                $csr = openssl_csr_new($dn, $pkey, ['digest_alg' => 'sha256']);
-                
-                $x509 = openssl_csr_sign($csr, null, $pkey, 3650, ['digest_alg' => 'sha256']);

-                openssl_x509_export($x509, $x509cert);
-                openssl_pkey_export($pkey, $privateKey);
+                if ($csr) {

-                $errors = [];
-                while (($error = openssl_error_string() !== false)) {
-                    $errors[] = $error;
-                }
-    
-                if (!(empty($x509cert) && empty($privateKey))) {
-                    $this->merge([
-                        'saml_sp_x509cert' => $x509cert,
-                        'saml_sp_privatekey' => $privateKey,
-                    ]);
+                    $x509 = openssl_csr_sign($csr, null, $pkey, 3650, ['digest_alg' => 'sha256']);
+
+                    openssl_x509_export($x509, $x509cert);
+                    openssl_pkey_export($pkey, $privateKey);
+
+                    $errors = [];
+                    while (($error = openssl_error_string() !== false)) {
+                        $errors[] = $error;
+                    }
+        
+                    if (!(empty($x509cert) && empty($privateKey))) {
+                        $this->merge([
+                            'saml_sp_x509cert' => $x509cert,
+                            'saml_sp_privatekey' => $privateKey,
+                        ]);
+                    }
+                } else {
+                    $validator->errors()->add('saml_integration', 'openssl.cnf is missing/invalid');
                }
            }

--- a/app/Http/Requests/SetupUserRequest.php
+++ b/app/Http/Requests/SetupUserRequest.php
@@ -27,7 +27,7 @@ class SetupUserRequest extends Request
          'last_name' => 'required|string|min:1',
          'username' => 'required|string|min:2|unique:users,username,NULL,deleted_at',
          'email' => 'email|unique:users,email',
-          'password' => 'required|min:6|confirmed',
+          'password' => 'required|min:8|confirmed',
          'email_domain' => 'required|min:4',
        ];
    }
--- a/app/Http/Transformers/AccessoriesTransformer.php
+++ b/app/Http/Transformers/AccessoriesTransformer.php
@@ -68,8 +68,13 @@ class AccessoriesTransformer


        $array = array();
+
+
        foreach ($accessory_users as $user) {
+            \Log::debug(print_r($user->pivot, true));
+            \Log::debug(print_r($user->pivot, true));
            $array[] = [
+
                'assigned_pivot_id' => $user->pivot->id,
                'id' => (int) $user->id,
                'username' => e($user->username),
@@ -77,7 +82,8 @@ class AccessoriesTransformer
                'first_name'=> e($user->first_name),
                'last_name'=> e($user->last_name),
                'employee_number' =>  e($user->employee_num),
-                'checkout_notes' => $accessory->lastCheckoutArray[0]['note'],
+                'checkout_notes' => $user->pivot->note,
+                'last_checkout' => Helper::getFormattedDateObject($user->pivot->created_at, 'datetime'),
                'type' => 'user',
                'available_actions' => ['checkin' => true]
            ];
--- a/app/Http/Transformers/ActionlogsTransformer.php
+++ b/app/Http/Transformers/ActionlogsTransformer.php
@@ -113,7 +113,7 @@ class ActionlogsTransformer
            ] : null,

            'note'          => ($actionlog->note) ? e($actionlog->note): null,
-            'signature_file'   => ($actionlog->signature_filename) ? route('log.signature.view', ['filename' => $actionlog->signature_filename ]) : null,
+            'signature_file'   => ($actionlog->accept_signature) ? route('log.signature.view', ['filename' => $actionlog->accept_signature ]) : null,
            'log_meta'          => ((isset($clean_meta)) && (is_array($clean_meta))) ? $clean_meta: null,
            'action_date'   => ($actionlog->action_date) ? Helper::getFormattedDateObject($actionlog->action_date, 'datetime'): null,

--- a/app/Http/Transformers/LicensesTransformer.php
+++ b/app/Http/Transformers/LicensesTransformer.php
@@ -29,6 +29,8 @@ class LicensesTransformer
            'order_number' => e($license->order_number),
            'purchase_order' => e($license->purchase_order),
            'purchase_date' => Helper::getFormattedDateObject($license->purchase_date, 'date'),
+            'termination_date' => Helper::getFormattedDateObject($license->termination_date, 'date'),
+            'depreciation' => ($license->depreciation) ? ['id' => (int) $license->depreciation->id,'name'=> e($license->depreciation->name)] : null,
            'purchase_cost' => e($license->purchase_cost),
            'notes' => e($license->notes),
            'expiration_date' => Helper::getFormattedDateObject($license->expiration_date, 'date'),
--- a/app/Http/Transformers/LocationsTransformer.php
+++ b/app/Http/Transformers/LocationsTransformer.php
@@ -47,6 +47,7 @@ class LocationsTransformer
                'assets_count'    => (int) $location->assets_count,
                'users_count'    => (int) $location->users_count,
                'currency' =>  ($location->currency) ? e($location->currency) : null,
+                'ldap_ou' =>  ($location->ldap_ou) ? e($location->ldap_ou) : null,
                'created_at' => Helper::getFormattedDateObject($location->created_at, 'datetime'),
                'updated_at' => Helper::getFormattedDateObject($location->updated_at, 'datetime'),
                'parent' => ($location->parent) ? [
--- a/app/Http/Transformers/SelectlistTransformer.php
+++ b/app/Http/Transformers/SelectlistTransformer.php
@@ -25,15 +25,15 @@ class SelectlistTransformer
        foreach ($select_items as $select_item) {
            $items_array[]= [
                'id' => (int) $select_item->id,
-                'text' => ($select_item->use_text) ? e($select_item->use_text) : e($select_item->name),
-                'image' => ($select_item->use_image) ?  e($select_item->use_image) : null,
+                'text' => ($select_item->use_text) ? $select_item->use_text : $select_item->name,
+                'image' => ($select_item->use_image) ?  $select_item->use_image : null,

            ];

        }

        $results = [
-            'items' => $items_array,
+            'results' => $items_array,
            'pagination' =>
                [
                    'more' => ($select_items->currentPage() >= $select_items->lastPage()) ? false : true,
--- a/app/Http/Transformers/UsersTransformer.php
+++ b/app/Http/Transformers/UsersTransformer.php
@@ -52,9 +52,9 @@ class UsersTransformer
                'notes'=> e($user->notes),
                'permissions' => $user->decodePermissions(),
                'activated' => ($user->activated =='1') ? true : false,
+                'ldap_import' => ($user->ldap_import =='1') ? true : false,
                'two_factor_activated' => ($user->two_factor_active()) ? true : false,
                'two_factor_enrolled' => ($user->two_factor_active_and_enrolled()) ? true : false,
-
                'assets_count' => (int) $user->assets_count,
                'licenses_count' => (int) $user->licenses_count,
                'accessories_count' => (int) $user->accessories_count,
@@ -63,6 +63,7 @@ class UsersTransformer
                'created_at' => Helper::getFormattedDateObject($user->created_at, 'datetime'),
                'updated_at' => Helper::getFormattedDateObject($user->updated_at, 'datetime'),
                'last_login' => Helper::getFormattedDateObject($user->last_login, 'datetime'),
+                'deleted_at' => ($user->deleted_at) ?  Helper::getFormattedDateObject($user->deleted_at, 'datetime') : null,
            ];

        $permissions_array['available_actions'] = [
--- a/app/Importer/UserImporter.php
+++ b/app/Importer/UserImporter.php
@@ -125,7 +125,10 @@ class UserImporter extends ItemImporter
        if ($department) {
            $this->log('A matching department ' . $department_name . ' already exists');
            return $department->id;
+        } else {
+            return null;
        }
+
        $department = new department();
        $department->name = $department_name;
        $department->user_id = $this->user_id;
@@ -134,7 +137,8 @@ class UserImporter extends ItemImporter
            $this->log('department ' . $department_name . ' was created');
            return $department->id;
        }
-        $this->logError($department, 'Company');
+
+        $this->logError($department, 'Department');
        return null;
    }

--- a/app/Models/Accessory.php
+++ b/app/Models/Accessory.php
@@ -234,7 +234,7 @@ class Accessory extends SnipeModel

    public function users()
    {
-        return $this->belongsToMany('\App\Models\User', 'accessories_users', 'accessory_id', 'assigned_to')->withPivot('id')->withTrashed();
+        return $this->belongsToMany('\App\Models\User', 'accessories_users', 'accessory_id', 'assigned_to')->withPivot('id', 'created_at', 'note')->withTrashed();
    }

    /**
--- a/app/Models/Asset.php
+++ b/app/Models/Asset.php
@@ -130,6 +130,8 @@ class Asset extends Depreciable
        'supplier_id',
        'warranty_months',
        'requestable',
+        'last_checkout',
+        'expected_checkin',
    ];

    use Searchable;
@@ -164,6 +166,7 @@ class Asset extends Depreciable
        'supplier'           => ['name'],
        'company'            => ['name'],
        'defaultLoc'         => ['name'],
+        'location'           => ['name'],
        'model'              => ['name', 'model_number'],
        'model.category'     => ['name'],
        'model.manufacturer' => ['name'],
@@ -232,7 +235,10 @@ class Asset extends Depreciable
    }

    /**
-     * Determines if an asset is available for checkout
+     * Determines if an asset is available for checkout.
+     * This checks to see if the it's checked out to an invalid (deleted) user
+     * OR if the assigned_to and deleted_at fields on the asset are empty AND
+     * that the status is deployable
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v3.0]
@@ -240,12 +246,18 @@ class Asset extends Depreciable
     */
    public function availableForCheckout()
    {
-        if (
-            (empty($this->assigned_to)) &&
-            (empty($this->deleted_at)) &&
-            (($this->assetstatus) && ($this->assetstatus->deployable == 1)))
-        {
-            return true;
+
+        // This asset is not currently assigned to anyone and is not deleted...
+        if ((!$this->assigned_to) && (!$this->deleted_at)) {
+
+            // The asset status is not archived and is deployable
+            if (($this->assetstatus) && ($this->assetstatus->archived == '0')
+                && ($this->assetstatus->deployable == '1'))
+            {
+
+                return true;
+            }
+
        }
        return false;
    }
@@ -424,7 +436,7 @@ class Asset extends Depreciable
     */
    public function assignedTo()
    {
-        return $this->morphTo('assigned', 'assigned_type', 'assigned_to');
+        return $this->morphTo('assigned', 'assigned_type', 'assigned_to')->withTrashed();
    }

    /**
--- a/app/Models/Category.php
+++ b/app/Models/Category.php
@@ -165,6 +165,8 @@ class Category extends SnipeModel
                return $this->components()->count();
            case 'consumable':
                return $this->consumables()->count();
+            case 'license':
+                return $this->licenses()->count();
        }
        return '0';
    }
--- a/app/Models/CustomField.php
+++ b/app/Models/CustomField.php
@@ -285,9 +285,13 @@ class CustomField extends Model
     */
    public function formatFieldValuesAsArray()
    {
+        $result = [];
        $arr = preg_split("/\\r\\n|\\r|\\n/", $this->field_values);

-        $result[''] = 'Select '.strtolower($this->format);
+        if (($this->element!='checkbox') && ($this->element!='radio')) {
+            $result[''] = 'Select '.strtolower($this->format);
+        }
+

        for ($x = 0; $x < count($arr); $x++) {
            $arr_parts = explode('|', $arr[$x]);
--- a/app/Models/Ldap.php
+++ b/app/Models/Ldap.php
@@ -0,0 +1,297 @@
+<?php
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Model;
+use App\Models\User;
+use App\Models\Setting;
+use Exception;
+use Input;
+use Log;
+
+class Ldap extends Model
+{
+
+    /**
+     * Makes a connection to LDAP using the settings in Admin > Settings.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return connection
+     */
+
+    public static function connectToLdap()
+    {
+
+        $ldap_host    = Setting::getSettings()->ldap_server;
+        $ldap_version = Setting::getSettings()->ldap_version;
+        $ldap_server_cert_ignore = Setting::getSettings()->ldap_server_cert_ignore;
+        $ldap_use_tls = Setting::getSettings()->ldap_tls;
+
+
+        // If we are ignoring the SSL cert we need to setup the environment variable
+        // before we create the connection
+        if ($ldap_server_cert_ignore=='1') {
+            putenv('LDAPTLS_REQCERT=never');
+        }
+
+        // If the user specifies where CA Certs are, make sure to use them
+        if (env("LDAPTLS_CACERT")) {
+            putenv("LDAPTLS_CACERT=".env("LDAPTLS_CACERT"));
+        }
+
+        $connection = @ldap_connect($ldap_host);
+
+        if (!$connection) {
+            throw new Exception('Could not connect to LDAP server at '.$ldap_host.'. Please check your LDAP server name and port number in your settings.');
+        }
+
+        // Needed for AD
+        ldap_set_option($connection, LDAP_OPT_REFERRALS, 0);
+        ldap_set_option($connection, LDAP_OPT_PROTOCOL_VERSION, $ldap_version);
+        ldap_set_option($connection, LDAP_OPT_NETWORK_TIMEOUT, 20);
+
+        if ($ldap_use_tls=='1') {
+            ldap_start_tls($connection);
+        }
+
+        return $connection;
+    }
+
+
+    /**
+     * Binds/authenticates the user to LDAP, and returns their attributes.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @param $username
+     * @param $password
+     * @param bool|false $user
+     * @return bool true    if the username and/or password provided are valid
+     *              false   if the username and/or password provided are invalid
+     *         array of ldap_attributes if $user is true
+     *
+     */
+    static function findAndBindUserLdap($username, $password)
+    {
+        $settings = Setting::getSettings();
+        $connection = Ldap::connectToLdap();
+        $ldap_username_field     = $settings->ldap_username_field;
+        $baseDn      = $settings->ldap_basedn;
+        $userDn      = $ldap_username_field.'='.$username.','.$settings->ldap_basedn;
+
+        if ($settings->is_ad =='1') {
+            // Check if they are using the userprincipalname for the username field.
+            // If they are, we can skip building the UPN to authenticate against AD
+            if ($ldap_username_field=='userprincipalname') {
+                $userDn = $username;
+            } else {
+                // In case they haven't added an AD domain
+                    $userDn  = ($settings->ad_domain != '') ?  $username.'@'.$settings->ad_domain : $username.'@'.$settings->email_domain;
+            }
+
+        }
+
+        \Log::debug('Attempting to login using distinguished name:'.$userDn);
+
+
+        $filterQuery = $settings->ldap_auth_filter_query . $username;
+
+
+        if (!$ldapbind = @ldap_bind($connection, $userDn, $password)) {
+            if(!$ldapbind = Ldap::bindAdminToLdap($connection)){
+                    return false;
+            }
+        }
+
+        if (!$results = ldap_search($connection, $baseDn, $filterQuery)) {
+            throw new Exception('Could not search LDAP: ');
+        }
+
+        if (!$entry = ldap_first_entry($connection, $results)) {
+            return false;
+        }
+
+        if (!$user =  ldap_get_attributes($connection, $entry)) {
+            return false;
+        }
+
+        return array_change_key_case($user);
+
+    }
+
+
+    /**
+     * Binds/authenticates an admin to LDAP for LDAP searching/syncing.
+     * Here we also return a better error if the app key is donked.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @param bool|false $user
+     * @return bool true    if the username and/or password provided are valid
+     *              false   if the username and/or password provided are invalid
+     *
+     */
+    static function bindAdminToLdap($connection)
+    {
+
+        $ldap_username     = Setting::getSettings()->ldap_uname;
+
+        // Lets return some nicer messages for users who donked their app key, and disable LDAP
+        try {
+            $ldap_pass    = \Crypt::decrypt(Setting::getSettings()->ldap_pword);
+        } catch (Exception $e) {
+
+            throw new Exception('Your app key has changed! Could not decrypt LDAP password using your current app key, so LDAP authentication has been disabled. Login with a local account, update the LDAP password and re-enable it in Admin > Settings.');
+        }
+
+
+        if (!$ldapbind = @ldap_bind($connection, $ldap_username, $ldap_pass)) {
+            throw new Exception('Could not bind to LDAP: '.ldap_error($connection));
+        }
+
+    }
+
+
+    /**
+     * Parse and map LDAP attributes based on settings
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     *
+     * @param $ldapatttibutes
+     * @return array|bool
+     */
+    static function parseAndMapLdapAttributes($ldapatttibutes)
+    {
+        //Get LDAP attribute config
+        $ldap_result_username = Setting::getSettings()->ldap_username_field;
+        $ldap_result_emp_num = Setting::getSettings()->ldap_emp_num;
+        $ldap_result_last_name = Setting::getSettings()->ldap_lname_field;
+        $ldap_result_first_name = Setting::getSettings()->ldap_fname_field;
+        $ldap_result_email = Setting::getSettings()->ldap_email;
+
+        // Get LDAP user data
+        $item = array();
+        $item["username"] = isset($ldapatttibutes[$ldap_result_username][0]) ? $ldapatttibutes[$ldap_result_username][0] : "";
+        $item["employee_number"] = isset($ldapatttibutes[$ldap_result_emp_num][0]) ? $ldapatttibutes[$ldap_result_emp_num][0] : "";
+        $item["lastname"] = isset($ldapatttibutes[$ldap_result_last_name][0]) ? $ldapatttibutes[$ldap_result_last_name][0] : "";
+        $item["firstname"] = isset($ldapatttibutes[$ldap_result_first_name][0]) ? $ldapatttibutes[$ldap_result_first_name][0] : "";
+        $item["email"] = isset($ldapatttibutes[$ldap_result_email][0]) ? $ldapatttibutes[$ldap_result_email][0] : "" ;
+
+        return $item;
+
+
+    }
+
+    /**
+     * Create user from LDAP attributes
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @param $ldapatttibutes
+     * @return array|bool
+     */
+    static function createUserFromLdap($ldapatttibutes)
+    {
+        $item = Ldap::parseAndMapLdapAttributes($ldapatttibutes);
+
+
+        // Create user from LDAP data
+        if (!empty($item["username"])) {
+            $user = new User;
+            $user->first_name = $item["firstname"];
+            $user->last_name = $item["lastname"];
+            $user->username = $item["username"];
+            $user->email = $item["email"];
+
+            if (Setting::getSettings()->ldap_pw_sync=='1') {
+                $user->password = bcrypt(Input::get("password"));
+            } else {
+                $pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 25);
+                $user->password = bcrypt($pass);
+            }
+
+            $user->activated = 1;
+            $user->ldap_import = 1;
+            $user->notes = 'Imported on first login from LDAP';
+
+            if ($user->save()) {
+                return $user;
+            } else {
+                LOG::debug('Could not create user.'.$user->getErrors());
+                throw new Exception("Could not create user: ".$user->getErrors());
+            }
+        }
+
+        return false;
+
+    }
+
+    /**
+     * Searches LDAP
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @param $ldapatttibutes
+     * @param $base_dn
+     * @return array|bool
+     */
+    static function findLdapUsers($base_dn = null)
+    {
+
+        $ldapconn = Ldap::connectToLdap();
+        $ldap_bind = Ldap::bindAdminToLdap($ldapconn);
+        // Default to global base DN if nothing else is provided.
+        if (is_null($base_dn)) {
+            $base_dn = Setting::getSettings()->ldap_basedn;
+        }
+        $filter = Setting::getSettings()->ldap_filter;
+
+        // Set up LDAP pagination for very large databases
+        $page_size = 500;
+        $cookie = '';
+        $result_set = array();
+        $global_count = 0;
+
+        // Perform the search
+        do {
+
+            // Paginate (non-critical, if not supported by server)
+            if (!$ldap_paging = @ldap_control_paged_result($ldapconn, $page_size, false, $cookie)) {
+                throw new Exception('Problem with your LDAP connection. Try checking the Use TLS setting in Admin > Settings. ');
+            }
+
+            if ($filter != '' && substr($filter, 0, 1) != '(') { // wrap parens around NON-EMPTY filters that DON'T have them, for back-compatibility with AdLdap2-based filters
+                $filter = "($filter)";
+            }
+            $search_results = ldap_search($ldapconn, $base_dn, $filter);
+
+            if (!$search_results) {
+                return redirect()->route('users.index')->with('error', trans('admin/users/message.error.ldap_could_not_search').ldap_error($ldapconn)); // FIXME this is never called in any routed context - only from the Artisan command. So this redirect will never work.
+            }
+
+            // Get results from page
+            $results = ldap_get_entries($ldapconn, $search_results);
+            if (!$results) {
+                return redirect()->route('users.index')->with('error', trans('admin/users/message.error.ldap_could_not_get_entries').ldap_error($ldapconn)); // FIXME this is never called in any routed context - only from the Artisan command. So this redirect will never work.
+            }
+
+            // Add results to result set
+            $global_count += $results['count'];
+            $result_set = array_merge($result_set, $results);
+
+            @ldap_control_paged_result_response($ldapconn, $search_results, $cookie);
+
+        } while ($cookie !== null && $cookie != '');
+
+
+        // Clean up after search
+        $result_set['count'] = $global_count;
+        $results = $result_set;
+        @ldap_control_paged_result($ldapconn, 0);
+
+        return $results;
+
+
+    }
+}
--- a/app/Models/License.php
+++ b/app/Models/License.php
@@ -108,6 +108,7 @@ class License extends Depreciable
      'manufacturer' => ['name'],
      'company'      => ['name'],
      'category'     => ['name'],
+      'depreciation' => ['name'],
    ];

    /**
--- a/app/Models/Location.php
+++ b/app/Models/Location.php
@@ -28,7 +28,7 @@ class Location extends SnipeModel
        'address2'      => 'max:80|nullable',
        'zip'           => 'min:3|max:10|nullable',
        'manager_id'    => 'exists:users,id|nullable',
-        'parent_id'     => 'nullable|exists:locations,id|different:id',
+        'parent_id'     => 'non_circular:locations,id'
    );

    protected $casts = [
@@ -76,7 +76,7 @@ class Location extends SnipeModel
     * 
     * @var array
     */
-    protected $searchableAttributes = ['name', 'address', 'city', 'state', 'zip', 'created_at'];
+    protected $searchableAttributes = ['name', 'address', 'city', 'state', 'zip', 'created_at', 'ldap_ou'];

    /**
     * The relations and their attributes that should be included when searching the model.
--- a/app/Models/Manufacturer.php
+++ b/app/Models/Manufacturer.php
@@ -17,7 +17,7 @@ class Manufacturer extends SnipeModel

    // Declare the rules for the form validation
    protected $rules = array(
-        'name'   => 'required|min:2|max:255|unique:manufacturers,name,NULL,deleted_at',
+        'name'   => 'required|min:2|max:255|unique:manufacturers,name,NULL,id,deleted_at,NULL',
        'url'   => 'url|nullable',
        'support_url'   => 'url|nullable',
        'support_email'   => 'email|nullable'
--- a/app/Models/Setting.php
+++ b/app/Models/Setting.php
@@ -48,7 +48,6 @@ class Setting extends Model
    protected $rules = [
          'brand'                               => 'required|min:1|numeric',
          'qr_text'                             => 'max:31|nullable',
-          'logo_img'                            => 'mimes:jpeg,bmp,png,gif',
          'alert_email'                         => 'email_array|nullable',
          'admin_cc_email'                      => 'email|nullable',
          'default_currency'                    => 'required',
@@ -120,9 +119,6 @@ class Setting extends Model
            try {
                $usercount = User::withTrashed()->count();
                $settingsCount = self::count();
-                \Log::debug('User table and settings table exist and have records.');
-                \Log::debug('Settings: '.$settingsCount );
-                \Log::debug('Users: '.$usercount );
                return $usercount > 0 && $settingsCount > 0;
            } catch (\Throwable $th) {
                \Log::debug('User table and settings table DO NOT exist or DO NOT have records');
--- a/app/Models/User.php
+++ b/app/Models/User.php
@@ -26,10 +26,13 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
    use UniqueUndeletedTrait;
    use Notifiable;
    use Presentable;
+    use Searchable;
+
    protected $dates = ['deleted_at'];
    protected $hidden = ['password','remember_token','permissions','reset_password_code','persist_code'];
    protected $table = 'users';
    protected $injectUniqueIdentifier = true;
+
    protected $fillable = [
        'activated',
        'address',
@@ -67,6 +70,7 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
     * @var array
     */

+    // 'username' => 'required|string|min:1|unique:users,username,NULL,id,deleted_at,NULL',
    protected $rules = [
        'first_name'              => 'required|string|min:1',
        'username'                => 'required|string|min:1|unique_undeleted',
@@ -74,11 +78,10 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
        'password'                => 'required|min:8',
        'locale'                  => 'max:10|nullable',
        'website'                 => 'url|nullable',
-        'manager_id'              => 'nullable|exists:users,id|different:users.id',
+        'manager_id'              => 'nullable|exists:users,id|cant_manage_self',
        'location_id'             => 'exists:locations,id|nullable',
    ];

-    use Searchable;

    /**
     * The attributes that should be included when searching the model.
@@ -107,7 +110,8 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
        'groups'     => ['name'],
        'company'    => ['name'],
        'manager'    => ['first_name', 'last_name', 'username']
-    ];  
+    ];
+

    /**
     * Check user permissions
@@ -295,7 +299,8 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
     */
    public function accessories()
    {
-        return $this->belongsToMany('\App\Models\Accessory', 'accessories_users', 'assigned_to', 'accessory_id')->withPivot('id')->withTrashed();
+        return $this->belongsToMany('\App\Models\Accessory', 'accessories_users', 'assigned_to', 'accessory_id')
+            ->withPivot('id', 'created_at', 'note')->withTrashed();
    }

    /**
--- a/app/Notifications/CheckinAccessoryNotification.php
+++ b/app/Notifications/CheckinAccessoryNotification.php
@@ -111,7 +111,7 @@ class CheckinAccessoryNotification extends Notification
        ];

        return (new SlackMessage)
-            ->content(':arrow_down: :keyboard: Accessory Checked In')
+            ->content(':arrow_down: :keyboard: '.trans('mail.Accessory_Checkin_Notification'))
            ->from($botname)
            ->attachment(function ($attachment) use ($item, $note, $admin, $fields) {
                $attachment->title(htmlspecialchars_decode($item->present()->name), $item->present()->viewUrl())
@@ -135,7 +135,7 @@ class CheckinAccessoryNotification extends Notification
                'note'          => $this->note,
                'target'        => $this->target,
            ])
-            ->subject('Accessory checked in');
+            ->subject(trans('mail.Accessory_Checkin_Notification'));

    }
 }
--- a/app/Notifications/CheckinAssetNotification.php
+++ b/app/Notifications/CheckinAssetNotification.php
@@ -79,7 +79,7 @@ class CheckinAssetNotification extends Notification
        ];

        return (new SlackMessage)
-            ->content(':arrow_down: :computer: Asset Checked In')
+            ->content(':arrow_down: :computer: '.trans('mail.Asset_Checkin_Notification'))
            ->from($botname)
            ->attachment(function ($attachment) use ($item, $note, $admin, $fields) {
                $attachment->title(htmlspecialchars_decode($item->present()->name), $item->present()->viewUrl())
@@ -113,7 +113,7 @@ class CheckinAssetNotification extends Notification
                'fields'        => $fields,
                'expected_checkin'  => $this->expected_checkin,
            ])
-            ->subject('Asset checked in');
+            ->subject(trans('mail.Asset_Checkin_Notification'));


        return $message;
--- a/app/Notifications/CheckinLicenseSeatNotification.php
+++ b/app/Notifications/CheckinLicenseSeatNotification.php
@@ -83,7 +83,7 @@ class CheckinLicenseSeatNotification extends Notification


        return (new SlackMessage)
-            ->content(':arrow_down: :floppy_disk: License  Checked In')
+            ->content(':arrow_down: :floppy_disk: '.trans('mail.License_Checkin_Notification'))
            ->from($botname)
            ->attachment(function ($attachment) use ($item, $note, $admin, $fields) {
                $attachment->title(htmlspecialchars_decode($item->present()->name), $item->present()->viewUrl())
@@ -106,7 +106,7 @@ class CheckinLicenseSeatNotification extends Notification
                'note'          => $this->note,
                'target'        => $this->target,
            ])
-            ->subject('License checked in');
+            ->subject(trans('mail.License_Checkin_Notification'));

    }

--- a/app/Notifications/ExpectedCheckinAdminNotification.php
+++ b/app/Notifications/ExpectedCheckinAdminNotification.php
@@ -48,7 +48,7 @@ class ExpectedCheckinAdminNotification extends Notification
            [
                'assets'  => $this->assets,
            ])
-            ->subject('Expected asset checkin report');
+            ->subject(trans('mail.Expected_Checkin_Report'));

        return $message;

--- a/app/Notifications/ExpectedCheckinNotification.php
+++ b/app/Notifications/ExpectedCheckinNotification.php
@@ -2,7 +2,7 @@

 namespace App\Notifications;

-use Carbon\Carbon;
+use App\Helpers\Helper;
 use Illuminate\Bus\Queueable;
 use Illuminate\Notifications\Messages\MailMessage;
 use Illuminate\Notifications\Notification;
@@ -46,16 +46,18 @@ class ExpectedCheckinNotification extends Notification
     */
    public function toMail()
    {
-        $formatted_due = Carbon::parse($this->params->expected_checkin)->format('D,  M j, Y');
-        return (new MailMessage)
-            ->error()
-            ->subject('Reminder: '.$this->params->present()->name().' checkin deadline approaching')
-            ->line('Hi, '.$this->params->assignedto->first_name.' '.$this->params->assignedto->last_name)
-            ->greeting('An asset checked out to you is due to be checked back in on '.$formatted_due.'.')
-            ->line('Asset: '.$this->params->present()->name())
-            ->line('Serial: '.$this->params->serial)
-            ->line('Asset Tag: '.$this->params->asset_tag)
-            ->action('View Your Assets', route('view-assets'));
+
+        $message = (new MailMessage)->markdown('notifications.markdown.expected-checkin',
+            [
+                'date' => Helper::getFormattedDateObject($this->params->expected_checkin, 'date', false),
+                'asset' => $this->params->present()->name(),
+                'serial' => $this->params->serial,
+                'asset_tag' => $this->params->asset_tag
+            ])
+            ->subject(trans('mail.Expected_Checkin_Notification', ['name' => $this->params->present()->name()]));
+
+        return $message;
+
    }

 }
--- a/app/Notifications/RequestAssetNotification.php
+++ b/app/Notifications/RequestAssetNotification.php
@@ -62,11 +62,9 @@ class RequestAssetNotification extends Notification
        $notifyBy = [];

        if (Setting::getSettings()->slack_endpoint!='') {
-            \Log::debug('use slack');
            $notifyBy[] = 'slack';
        }

-
        $notifyBy[] = 'mail';

        return $notifyBy;
--- a/app/Policies/PredefinedKitPolicy.php
+++ b/app/Policies/PredefinedKitPolicy.php
@@ -0,0 +1,11 @@
+<?php
+
+namespace App\Policies;
+
+class PredefinedKitPolicy extends SnipePermissionsPolicy
+{
+    protected function columnName()
+    {
+        return 'kits';
+    }
+}
--- a/app/Presenters/AssetModelPresenter.php
+++ b/app/Presenters/AssetModelPresenter.php
@@ -8,7 +8,129 @@ namespace App\Presenters;
 */
 class AssetModelPresenter extends Presenter
 {
-    
+    public static function dataTableLayout() {
+
+        $layout = [
+            [
+                "field" => "checkbox",
+                "checkbox" => true
+            ],
+            [
+                "field" => "id",
+                "searchable" => false,
+                "sortable" => true,
+                "switchable" => true,
+                "title" => trans('general.id'),
+                "visible" => false
+            ], [
+                "field" => "company",
+                "searchable" => true,
+                "sortable" => true,
+                "switchable" => true,
+                "title" => trans('admin/companies/table.title'),
+                "visible" => false,
+                "formatter" => "companiesLinkObjFormatter"
+            ], [
+                "field" => "name",
+                "searchable" => true,
+                "sortable" => true,
+                "visible" => true,
+                "title" => trans('general.name'),
+                "formatter" => "modelsLinkFormatter"
+            ],
+            [
+                "field" => "image",
+                "searchable" => false,
+                "sortable" => true,
+                "switchable" => true,
+                "title" => trans('general.image'),
+                "visible" => true,
+                "formatter" => 'imageFormatter',
+            ],
+            [
+                "field" => "manufacturer",
+                "searchable" => false,
+                "sortable" => true,
+                "switchable" => true,
+                "title" => trans('general.manufacturer'),
+                "visible" => false,
+                "formatter" => 'manufacturersLinkObjFormatter',
+            ],
+            [
+                "field" => "model_number",
+                "searchable" => false,
+                "sortable" => true,
+                "switchable" => true,
+                "title" => trans('admin/models/table.modelnumber'),
+                "visible" => true,
+            ],
+            [
+                "field" => "assets_count",
+                "searchable" => false,
+                "sortable" => true,
+                "switchable" => true,
+                "title" => trans('admin/models/table.numassets'),
+                "visible" => true,
+            ],
+            [
+                "field" => "depreciation",
+                "searchable" => false,
+                "sortable" => true,
+                "switchable" => true,
+                "title" => trans('general.depreciation'),
+                "visible" => false,
+                "formatter" => "depreciationsLinkObjFormatter",
+            ],
+            [
+                "field" => "category",
+                "searchable" => false,
+                "sortable" => true,
+                "switchable" => true,
+                "title" => trans('general.category'),
+                "visible" => false,
+                "formatter" => "categoriesLinkObjFormatter",
+            ],
+            [
+                "field" => "eol",
+                "searchable" => false,
+                "sortable" => true,
+                "switchable" => true,
+                "title" => trans('general.eol'),
+                "visible" => true,
+            ],
+            [
+                "field" => "fieldset",
+                "searchable" => false,
+                "sortable" => true,
+                "switchable" => true,
+                "title" => trans('admin/models/general.fieldset'),
+                "visible" => true,
+                "formatter" => "fieldsetsLinkObjFormatter",
+            ],
+            [
+                "field" => "notes",
+                "searchable" => true,
+                "sortable" => true,
+                "switchable" => true,
+                "title" => trans('general.notes'),
+                "visible" => false,
+            ],
+        ];
+
+
+        $layout[] = [
+            "field" => "actions",
+            "searchable" => false,
+            "sortable" => false,
+            "switchable" => false,
+            "title" => trans('table.actions'),
+            "formatter" => "licensesActionsFormatter",
+        ];
+
+
+        return json_encode($layout);
+
+    }
    /**
     * Formatted note for this model
     * @return string
--- a/app/Presenters/AssetPresenter.php
+++ b/app/Presenters/AssetPresenter.php
@@ -146,6 +146,7 @@ class AssetPresenter extends Presenter
                "searchable" => true,
                "sortable" => true,
                "title" => trans('general.purchase_cost'),
+                "formatter" => 'numberWithCommas',
                "footerFormatter" => 'sumFormatter',
            ], [
                "field" => "order_number",
@@ -360,18 +361,13 @@ class AssetPresenter extends Presenter
    /**
     * Get Displayable Name
     * @return string
+     *
+     * @todo this should be factored out - it should be subsumed by fullName (below)
+     *
     **/
    public function name()
    {
-
-        if (empty($this->model->name)) {
-            if (isset($this->model->model)) {
-                return $this->model->model->name.' ('.$this->model->asset_tag.')';
-            }
-            return $this->model->asset_tag;
-        }
-        return $this->model->name . ' (' . $this->model->asset_tag . ')';
-
+        return $this->fullName;
    }

    /**
@@ -381,13 +377,18 @@ class AssetPresenter extends Presenter
    public function fullName()
    {
        $str = '';
+
+        // Asset name
        if ($this->model->name) {
-            $str .= $this->name;
+            $str .= $this->model->name;
        }

+        // Asset tag
        if ($this->asset_tag) {
            $str .= ' ('.$this->model->asset_tag.')';
        }
+
+        // Asset Model name
        if ($this->model->model) {
            $str .= ' - '.$this->model->model->name;
        }
--- a/app/Presenters/DepreciationPresenter.php
+++ b/app/Presenters/DepreciationPresenter.php
@@ -8,5 +8,49 @@ namespace App\Presenters;
 */
 class DepreciationPresenter extends Presenter
 {
+    /**
+     * Json Column Layout for bootstrap table
+     * @return string
+     */
+    public static function dataTableLayout()
+    {
+        $layout = [
+            [
+                "field" => "id",
+                "searchable" => false,
+                "sortable" => true,
+                "switchable" => true,
+                "title" => trans('general.id'),
+                "visible" => false
+            ], [
+                "field" => "name",
+                "searchable" => true,
+                "sortable" => true,
+                "title" => trans('general.name'),
+                "visible" => true,
+                "formatter" => 'depreciationsLinkFormatter',
+            ],
+
+            [
+                "field" => "months",
+                "searchable" => true,
+                "sortable" => true,
+                "title" =>  trans('admin/depreciations/table.term'),
+                "visible" => true,
+            ],
+
+            [
+                "field" => "actions",
+                "searchable" => false,
+                "sortable" => false,
+                "switchable" => false,
+                "title" => trans('table.actions'),
+                "visible" => true,
+                "formatter" => "depreciationsActionsFormatter",
+            ]
+        ];
+
+        return json_encode($layout);
+    }

 }
--- a/app/Presenters/LicensePresenter.php
+++ b/app/Presenters/LicensePresenter.php
@@ -97,7 +97,26 @@ class LicensePresenter extends Presenter
                "visible" => false,
                "title" => trans('general.purchase_date'),
                'formatter' => 'dateDisplayFormatter'
-            ], [
+            ],
+            [
+                "field" => "termination_date",
+                "searchable" => true,
+                "sortable" => true,
+                "visible" => false,
+                "title" => trans('admin/licenses/form.termination_date'),
+                'formatter' => 'dateDisplayFormatter'
+            ],
+            [
+                "field" => "depreciation",
+                "searchable" => true,
+                "sortable" => true,
+                "switchable" => true,
+                "title" => trans('admin/hardware/form.depreciation'),
+                "visible" => false,
+                "formatter" => "depreciationsLinkObjFormatter",
+            ],
+
+            [
                "field" => "maintained",
                "searchable" => false,
                "sortable" => true,
--- a/app/Presenters/LocationPresenter.php
+++ b/app/Presenters/LocationPresenter.php
@@ -123,7 +123,16 @@ class LocationPresenter extends Presenter
                "switchable" => true,
                "title" =>  trans('admin/locations/table.country'),
                "visible" => false,
-            ],[
+            ],
+            [
+                "field" => "ldap_ou",
+                "searchable" => true,
+                "sortable" => true,
+                "switchable" => true,
+                "title" =>  trans('admin/locations/table.ldap_ou'),
+                "visible" => false,
+            ],
+            [
                "field" => "manager",
                "searchable" => false,
                "sortable" => true,
--- a/app/Presenters/UserPresenter.php
+++ b/app/Presenters/UserPresenter.php
@@ -225,6 +225,15 @@ class UserPresenter extends Presenter
                "visible" => true,
                'formatter' => 'groupsFormatter'
            ],
+            [
+                "field" => "ldap_import",
+                "searchable" => false,
+                "sortable" => true,
+                "switchable" => true,
+                "title" => trans('admin/settings/general.ldap_enabled'),
+                "visible" => false,
+                'formatter' => 'trueFalseFormatter'
+            ],
            [
                "field" => "two_factor_enrolled",
                "searchable" => false,
@@ -301,7 +310,7 @@ class UserPresenter extends Presenter
     */
    public function fullName()
    {
-        return "{$this->first_name} {$this->last_name}";
+        return html_entity_decode($this->first_name.' '.$this->last_name, ENT_QUOTES | ENT_XML1, 'UTF-8');
    }

    /**
--- a/app/Providers/AuthServiceProvider.php
+++ b/app/Providers/AuthServiceProvider.php
@@ -16,6 +16,7 @@ use App\Models\Depreciation;
 use App\Models\License;
 use App\Models\Location;
 use App\Models\Manufacturer;
+use App\Models\PredefinedKit;
 use App\Models\Statuslabel;
 use App\Models\Supplier;
 use App\Models\User;
@@ -33,6 +34,7 @@ use App\Policies\DepreciationPolicy;
 use App\Policies\LicensePolicy;
 use App\Policies\LocationPolicy;
 use App\Policies\ManufacturerPolicy;
+use App\Policies\PredefinedKitPolicy;
 use App\Policies\StatuslabelPolicy;
 use App\Policies\SupplierPolicy;
 use App\Policies\UserPolicy;
@@ -63,6 +65,7 @@ class AuthServiceProvider extends ServiceProvider
        Depreciation::class => DepreciationPolicy::class,
        License::class => LicensePolicy::class,
        Location::class => LocationPolicy::class,
+        PredefinedKit::class => PredefinedKitPolicy::class,
        Statuslabel::class => StatuslabelPolicy::class,
        Supplier::class => SupplierPolicy::class,
        User::class => UserPolicy::class,
@@ -87,8 +90,9 @@ class AuthServiceProvider extends ServiceProvider

        $this->registerPolicies();
        Passport::routes();
-        Passport::tokensExpireIn(Carbon::now()->addYears(20));
-        Passport::refreshTokensExpireIn(Carbon::now()->addYears(20));
+        Passport::tokensExpireIn(Carbon::now()->addYears(config('passport.expiration_years')));
+        Passport::refreshTokensExpireIn(Carbon::now()->addYears(config('passport.expiration_years')));
+        Passport::personalAccessTokensExpireIn(Carbon::now()->addYears(config('passport.expiration_years')));
        Passport::withCookieSerialization();


--- a/app/Providers/SamlServiceProvider.php
+++ b/app/Providers/SamlServiceProvider.php
@@ -49,7 +49,7 @@ class SamlServiceProvider extends ServiceProvider
                    'uses' => 'Auth\SamlController@login' ]
            );

-            Route::group(['prefix' => 'admin','middleware' => ['auth', 'authorize:superuser']], function () {
+            Route::group(['prefix' => 'admin','middleware' => ['web','auth', 'authorize:superuser']], function () {

                Route::get('saml', ['as' => 'settings.saml.index','uses' => 'SettingsController@getSamlSettings' ]);
                Route::post('saml', ['as' => 'settings.saml.save','uses' => 'SettingsController@postSamlSettings' ]);
--- a/app/Providers/ValidationServiceProvider.php
+++ b/app/Providers/ValidationServiceProvider.php
@@ -58,6 +58,52 @@ class ValidationServiceProvider extends ServiceProvider
        });


+        // Prevent circular references
+        //
+        // Example usage in Location model where parent_id references another Location:
+        //
+        //   protected $rules = array(
+        //     'parent_id' => 'non_circular:locations,id,10'
+        //   );
+        //
+        Validator::extend('non_circular', function ($attribute, $value, $parameters, $validator) {
+            if (count($parameters) < 2) {
+                throw new \Exception('Required validator parameters: <table>,<primary key>[,depth]');
+            }
+
+            // Parameters from the rule implementation ($pk will likely be 'id')
+            $table = array_get($parameters, 0);
+            $pk = array_get($parameters, 1);
+            $depth = (int) array_get($parameters, 2, 50);
+
+            // Data from the edited model
+            $data = $validator->getData();
+
+            // The primary key value from the edited model
+            $data_pk = array_get($data, $pk);
+            $value_pk = $value;
+
+            // If we’re editing an existing model and there is a parent value set… 
+            while ($data_pk && $value_pk) {
+
+                // It’s not valid for any parent id to be equal to the existing model’s id
+                if ($data_pk == $value_pk) {
+                    return false;
+                }
+
+                // Avoid accidental infinite loops
+                if (--$depth < 0) {
+                    return false;
+                }
+
+                // Get the next parent id
+                $value_pk = DB::table($table)->select($attribute)->where($pk, '=', $value_pk)->value($attribute);
+            }
+
+            return true;
+        });
+
+
        // Yo dawg. I heard you like validators.
        // This validates the custom validator regex in custom fields.
        // We're just checking that the regex won't throw an exception, not
@@ -91,6 +137,42 @@ class ValidationServiceProvider extends ServiceProvider
        });


+        // This ONLY works for create/update user forms, since the Update Profile Password form doesn't
+        // include any of these additional validator fields
+        Validator::extend('disallow_same_pwd_as_user_fields', function ($attribute, $value, $parameters, $validator) {
+            
+            $data = $validator->getData();
+
+            if (array_key_exists("username", $data)) {
+                if ($data['username'] == $data['password']) {
+                    return false;
+                }
+            }
+
+            if (array_key_exists("email", $data)) {
+                if ($data['email'] == $data['password']) {
+                    return false;
+                }
+            }
+
+            if (array_key_exists("first_name", $data)) {
+                if ($data['first_name'] == $data['password']) {
+                    return false;
+                }
+            }
+
+            if (array_key_exists("last_name", $data)) {
+                if ($data['last_name'] == $data['password']) {
+                    return false;
+                }
+            }
+
+
+           return true;
+
+
+        });
+
        Validator::extend('letters', function ($attribute, $value, $parameters) {
            return preg_match('/\pL/', $value);
        });
@@ -107,6 +189,27 @@ class ValidationServiceProvider extends ServiceProvider
            return preg_match('/\p{Z}|\p{S}|\p{P}/', $value);
        });

+        Validator::extend('cant_manage_self', function ($attribute, $value, $parameters, $validator) {
+            // $value is the actual *value* of the thing that's being validated
+            // $attribute is the name of the field that the validation is running on - probably manager_id in our case
+            // $parameters are the optional parameters - an array for everything, split on commas. But we don't take any params here.
+            // $validator gives us proper access to the rest of the actual data
+            $data = $validator->getData();
+
+            if(array_key_exists("id", $data)) {
+                if ($value && $value == $data['id']) {
+                    // if you definitely have an ID - you're saving an existing user - and your ID matches your manager's ID - fail.
+                    return false;
+                } else {
+                    return true;
+                }
+            } else {
+                // no 'id' key to compare against (probably because this is a new user)
+                // so it automatically passes this validation
+                return true;
+            }
+        });
+

    }

--- a/app/Services/LdapAd.php
+++ b/app/Services/LdapAd.php
@@ -23,10 +23,34 @@ use Illuminate\Support\Facades\Log;
 */
 class LdapAd extends LdapAdConfiguration
 {
-    /**
-     * @see https://wdmsb.wordpress.com/2014/12/03/descriptions-of-active-directory-useraccountcontrol-value/
-     */
-    const AD_USER_ACCOUNT_CONTROL_FLAGS = ['512', '544', '66048', '66080', '262656', '262688', '328192', '328224'];
+    /* The following is _probably_ the correct logic, but we can't use it because
+       some users may have been dependent upon the previous behavior, and this
+       could cause additional access to be available to users they don't want
+       to allow to log in.
+    $useraccountcontrol = $results[$i]['useraccountcontrol'][0];
+    if(
+        // based on MS docs at: https://support.microsoft.com/en-us/help/305144/how-to-use-useraccountcontrol-to-manipulate-user-account-properties
+        ($useraccountcontrol & 0x200) && // is a NORMAL_ACCOUNT
+        !($useraccountcontrol & 0x02) && // *and* _not_ ACCOUNTDISABLE
+        !($useraccountcontrol & 0x10)    // *and* _not_ LOCKOUT
+    ) {
+        $user->activated = 1;
+    } else {
+        $user->activated = 0;
+    } */
+    const AD_USER_ACCOUNT_CONTROL_FLAGS = [
+      '512',    // 0x200    NORMAL_ACCOUNT
+      '544',    // 0x220    NORMAL_ACCOUNT, PASSWD_NOTREQD
+      '66048',  // 0x10200  NORMAL_ACCOUNT, DONT_EXPIRE_PASSWORD
+      '66080',  // 0x10220  NORMAL_ACCOUNT, PASSWD_NOTREQD, DONT_EXPIRE_PASSWORD
+      '262656', // 0x40200  NORMAL_ACCOUNT, SMARTCARD_REQUIRED
+      '262688', // 0x40220  NORMAL_ACCOUNT, PASSWD_NOTREQD, SMARTCARD_REQUIRED
+      '328192', // 0x50200  NORMAL_ACCOUNT, SMARTCARD_REQUIRED, DONT_EXPIRE_PASSWORD
+      '328224', // 0x50220  NORMAL_ACCOUNT, PASSWD_NOT_REQD, SMARTCARD_REQUIRED, DONT_EXPIRE_PASSWORD
+      '4260352',// 0x410200 NORMAL_ACCOUNT, DONT_EXPIRE_PASSWORD, DONT_REQ_PREAUTH
+      '1049088',// 0x100200 NORMAL_ACCOUNT, NOT_DELEGATED
+      '1114624',// 0x110200 NORMAL_ACCOUNT, NOT_DELEGATED, DONT_EXPIRE_PASSWORD
+    ];

    /**
     * The LDAP results per page.
@@ -122,9 +146,17 @@ class LdapAd extends LdapAdConfiguration
            throw new Exception('Unable to find user in LDAP directory!');
        }

-        return User::where('username', $username)
+        $user = User::where('username', $username)
                ->whereNull('deleted_at')->where('ldap_import', '=', 1)
                ->where('activated', '=', '1')->first();
+        /* Above, I could've just done ->firstOrFail() which would've been cleaner, but it would've been miserable to
+           troubleshoot if it ever came up (giving a really generic and untraceable error message)
+        */
+        if (!$user) {
+            throw new Exception("User is either deleted, not activated (can't log in), not from LDAP, or can't be found in database");
+        }
+
+        return $user;
    }

    /**
@@ -142,7 +174,7 @@ class LdapAd extends LdapAdConfiguration
     */
    public function processUser(AdldapUser $user, ?Collection $defaultLocation=null, ?Collection $mappedLocations=null): ?User
    {
-        // Only sync active users
+        // Only sync active users <- I think this actually means 'existing', not 'activated/deactivated'
        if(!$user) {
            return null;
        }
@@ -154,8 +186,26 @@ class LdapAd extends LdapAdConfiguration
        $snipeUser['email']           = $user->{$this->ldapSettings['ldap_email']}[0] ?? '';
        $snipeUser['title']           = $user->getTitle() ?? '';
        $snipeUser['telephonenumber'] = $user->getTelephoneNumber() ?? '';
-        $snipeUser['location_id']     = $this->getLocationId($user, $defaultLocation, $mappedLocations);
-        $snipeUser['activated']       = $this->getActiveStatus($user);
+
+        /*
+         * $locationId being 'null' means we have no per-OU location information,
+         * but instead of explicitly setting it to null - which would override any admin-generated
+         * location assignments - we just don't set it at all. For a brand new User, the 'default null'
+         * on the column will cover us. For an already existing user, this will not override any
+         * locations that were explicitly chosen by the administrators.
+         *
+         * When syncing with a particular 'default location' in mind, those should still be respected
+         * and it *will* override the administrators previous choices. I think this is a fair compromise.
+         */
+        $locationId = $this->getLocationId($user, $defaultLocation, $mappedLocations);
+        if ($locationId !== null ) {
+            $snipeUser['location_id'] = $locationId;
+        }
+
+        $activeStatus = $this->getActiveStatus($user);
+        if ($activeStatus !== null) {
+            $snipeUser['activated'] = $activeStatus;
+        }

        return $this->setUserModel($snipeUser);
    }
@@ -185,9 +235,20 @@ class LdapAd extends LdapAdConfiguration
        $user->employee_num = trim($userInfo['employee_number']);
        $user->jobtitle     = trim($userInfo['title']);
        $user->phone        = trim($userInfo['telephonenumber']);
-        $user->activated    = $userInfo['activated'];
-        $user->location_id  = $userInfo['location_id'];
-        $user->notes        = 'Imported from LDAP';
+        if (array_key_exists('activated',$userInfo)) {
+            $user->activated    = $userInfo['activated'];
+        } else if ( !$user->exists ) { // no 'activated' flag was set or unset, *AND* this user is new - activate by default.
+            $user->activated = 1;
+        }
+        if (array_key_exists('location_id',$userInfo)) {
+            $user->location_id  = $userInfo['location_id'];
+        }
+
+        // this is a new user
+        if (!isset($user->id)) {
+            $user->notes        = 'Imported from LDAP';
+        }
+
        $user->ldap_import  = 1;

        return $user;
@@ -252,6 +313,8 @@ class LdapAd extends LdapAdConfiguration

    /**
     * Set the active status of the user.
+     * Returns 0 or 1 if the user is deactivated or activated
+     * or returns null if we just don't know
     *
     * @author Wes Hulette <jwhulette@gmail.com>
     *
@@ -259,22 +322,46 @@ class LdapAd extends LdapAdConfiguration
     *
     * @param \Adldap\Models\User $user
     *
-     * @return int
+     * @return int (or null)
     */
-    private function getActiveStatus(AdldapUser $user): int
+    private function getActiveStatus(AdldapUser $user): ?int
    {
-        $activeStatus = 0;
        /*
         * Check to see if we are connected to an AD server
         * if so, check the Active Directory User Account Control Flags
+         * If the admin has set their own 'active flag' - respect that instead
+         * (this may work to allow AD users to ignore the built-in UAC stuff that AD does)
         */
-        if ($user->hasAttribute($user->getSchema()->userAccountControl())) {
+        if ($user->hasAttribute($user->getSchema()->userAccountControl()) && !$this->ldapSettings['ldap_active_flag']) {
+            \Log::debug('This is AD - userAccountControl is'. $user->getSchema()->userAccountControl());
            $activeStatus = (in_array($user->getUserAccountControl(), self::AD_USER_ACCOUNT_CONTROL_FLAGS)) ? 1 : 0;
        } else {
-            // If there is no activated flag, assume this is handled via the OU and activate the users
+
+            //\Log::debug('This looks like LDAP (or an AD where the UAC is disabled)');
+            // If there is no activated flag, then we can't make any determination about activated/deactivated
            if (false == $this->ldapSettings['ldap_active_flag']) {
-                $activeStatus = 1;
+                \Log::debug('ldap_active_flag is false - no ldap_active_flag is set');
+                return null;
            }
+
+            // If there *is* an activated flag, then respect it *only* if it is actually present. If it's not there, ignore it.
+            if (!$user->hasAttribute($this->ldapSettings['ldap_active_flag'])) {
+                return null; // 'active' flag is defined, but does not exist on returned user record. So we don't know if they're active or not.
+            }
+
+            // if $user has the flag *AND* that flag has exactly one value -
+            if ( $user->{$this->ldapSettings['ldap_active_flag']} && count($user->{$this->ldapSettings['ldap_active_flag']}) == 1 ) {
+
+                $active_flag_value = $user->{$this->ldapSettings['ldap_active_flag']}[0];
+
+                // if the value of that flag is case-insensitively the string 'false' or boolean false
+                if ( strcasecmp($active_flag_value, "false") == 0 || $active_flag_value === false ) {
+                    return 0; // then make them INACTIVE
+                } else {
+                    return 1; // otherwise active
+                }
+            }
+            return 1; // fail 'open' (active) if we have the attribute and it's multivalued or empty; that's weird
        }

        return $activeStatus;
@@ -375,7 +462,7 @@ class LdapAd extends LdapAdConfiguration
    {
        /** @var Schema $schema */
        $schema = new $this->ldapConfig['schema'];
-        return [
+        return array_values(array_filter([
            $this->ldapSettings['ldap_username_field'],
            $this->ldapSettings['ldap_fname_field'],
            $this->ldapSettings['ldap_lname_field'],
@@ -386,7 +473,7 @@ class LdapAd extends LdapAdConfiguration
            $schema->userAccountControl(),
            $schema->title(),
            $schema->telephone(),
-        ];
+        ]));
    }

    /**
@@ -416,7 +503,7 @@ class LdapAd extends LdapAdConfiguration
    public function testLdapAdUserConnection(): void
    {
        try {
-            $this->ldap->connect(); //uh, this doesn't seem to exist :/
+            $this->ldap->connect();
        } catch (\Adldap\Auth\BindException $e) {
            Log::error($e);
            throw new Exception('Unable to connect to LDAP directory!');
@@ -467,6 +554,7 @@ class LdapAd extends LdapAdConfiguration
        if (!is_null($filter)) {
            $search = $search->rawFilter($filter);
        }
+        //I think it might be possible to potentially do our own paging here?

        return $search->select($this->getSelectedFields())
            ->paginate(self::PAGE_SIZE);
--- a/app/Services/Saml.php
+++ b/app/Services/Saml.php
@@ -5,6 +5,7 @@ namespace App\Services;
 use OneLogin\Saml2\Auth as OneLogin_Saml2_Auth;
 use OneLogin\Saml2\IdPMetadataParser as OneLogin_Saml2_IdPMetadataParser;
 use OneLogin\Saml2\Settings as OneLogin_Saml2_Settings;
+use OneLogin\Saml2\Utils as OneLogin_Saml2_Utils;
 use App\Models\Setting;
 use App\Models\User;
 use Exception;
@@ -153,6 +154,9 @@ class Saml
        $this->_enabled = $setting->saml_enabled == '1';

        if ($this->isEnabled()) {
+            //Let onelogin/php-saml know to use 'X-Forwarded-*' headers if it is from a trusted proxy
+            OneLogin_Saml2_Utils::setProxyVars(request()->isFromTrustedProxy());
+
            data_set($settings, 'sp.entityId', url('/'));
            data_set($settings, 'sp.assertionConsumerService.url', route('saml.acs'));
            data_set($settings, 'sp.singleLogoutService.url', route('saml.sls'));
@@ -320,6 +324,20 @@ class Saml
        return $this->_auth;
    }

+    /**
+     * Get a setting.
+     * 
+     * @author Johnson Yi <jyi.dev@outlook.com>
+     * 
+     * @param string|array|int $key
+     * @param mixed $default
+     * 
+     * @return void
+     */
+    public function getSetting($key, $default = null) {
+        return data_get($this->_settings, $key, $default);
+    }
+
    /**
     * Gets the SP metadata. The XML representation.
     *
--- a/composer.json
+++ b/composer.json
@@ -11,13 +11,14 @@
  "license": "AGPL-3.0-or-later",
  "type": "project",
  "require": {
-    "php": "^7.2",
+    "php": "^7.2.5",
    "ext-curl": "*",
    "ext-fileinfo": "*",
    "ext-json": "*",
    "ext-mbstring": "*",
    "ext-pdo": "*",
    "adldap2/adldap2": "^10.2",
+    "alek13/slack": "^1.12",
    "bacon/bacon-qr-code": "^1.0",
    "barryvdh/laravel-cors": "^0.11.3",
    "barryvdh/laravel-debugbar": "^3.2",
@@ -33,16 +34,15 @@
    "guzzlehttp/guzzle": "^6.5",
    "intervention/image": "^2.5",
    "javiereguiluz/easyslugger": "^1.0",
-    "laravel/framework": "^6.0",
+    "laravel/framework": "^6.20",
    "laravel/helpers": "^1.2",
-    "laravel/passport": "^8.4",
+    "laravel/passport": "^9.3.2",
    "laravel/slack-notification-channel": "^2.0",
    "laravel/tinker": "^2.4",
    "laravelcollective/html": "^6.0",
    "league/csv": "^9.5",
    "league/flysystem-aws-s3-v3": "^1.0",
    "league/flysystem-cached-adapter": "^1.0",
-    "maknz/slack": "^1.7",
    "neitanod/forceutf8": "^2.0",
    "nesbot/carbon": "^2.32",
    "onelogin/php-saml": "^3.4",
@@ -65,6 +65,7 @@
    "codeception/module-rest": "^1.2",
    "codeception/module-webdriver": "^1.0",
    "fzaninotto/faker": "^1.9",
+    "overtrue/phplint": "^2.2",
    "phpunit/php-token-stream": "^3.1",
    "phpunit/phpunit": "^8.5",
    "squizlabs/php_codesniffer": "^3.5",
@@ -109,7 +110,7 @@
    "optimize-autoloader": true,
    "process-timeout": 3000,
    "platform": {
-      "php": "7.2"
+      "php": "7.2.5"
    }
  }
-}
+}
--- a/Show More
+++ b/Show More