Merge pull request #10423 from misilot/automated-image-build-github-actions

Automatic Building of Docker Images and Pushing to DockerHub

.all-contributorsrc

@@ -2378,6 +2378,141 @@
       "contributions": [
         "code"
       ]
+    },
+    {
+      "login": "vapier",
+      "name": "Mike Frysinger",
+      "avatar_url": "https://avatars.githubusercontent.com/u/176950?v=4",
+      "profile": "https://wh0rd.org/",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "AL4AL",
+      "name": "ALPHA",
+      "avatar_url": "https://avatars.githubusercontent.com/u/22044358?v=4",
+      "profile": "https://github.com/AL4AL",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "FliegenKLATSCH",
+      "name": "FliegenKLATSCH",
+      "avatar_url": "https://avatars.githubusercontent.com/u/1042587?v=4",
+      "profile": "https://www.ifern.de",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "jerm",
+      "name": "Jeremy Price",
+      "avatar_url": "https://avatars.githubusercontent.com/u/442138?v=4",
+      "profile": "https://github.com/jerm",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "Toreg87",
+      "name": "Toreg87",
+      "avatar_url": "https://avatars.githubusercontent.com/u/84392209?v=4",
+      "profile": "https://github.com/Toreg87",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "Computroniks",
+      "name": "Matthew Nickson",
+      "avatar_url": "https://avatars.githubusercontent.com/u/67638596?v=4",
+      "profile": "https://github.com/Computroniks",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "jethron",
+      "name": "Jethro Nederhof",
+      "avatar_url": "https://avatars.githubusercontent.com/u/1646397?v=4",
+      "profile": "https://jethron.id.au",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "01ste02",
+      "name": "Oskar Stenberg",
+      "avatar_url": "https://avatars.githubusercontent.com/u/23289826?v=4",
+      "profile": "https://github.com/01ste02",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "Robert-Azelis",
+      "name": "Robert-Azelis",
+      "avatar_url": "https://avatars.githubusercontent.com/u/82208283?v=4",
+      "profile": "https://github.com/Robert-Azelis",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "alwism",
+      "name": "Alexander William Smith",
+      "avatar_url": "https://avatars.githubusercontent.com/u/60648387?v=4",
+      "profile": "https://github.com/alwism",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "leitwerk-ag",
+      "name": "LEITWERK AG",
+      "avatar_url": "https://avatars.githubusercontent.com/u/24418301?v=4",
+      "profile": "https://www.leitwerk.de/",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "adamboutcher",
+      "name": "Adam",
+      "avatar_url": "https://avatars.githubusercontent.com/u/1911435?v=4",
+      "profile": "http://www.aboutcher.co.uk",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "sneak-it",
+      "name": "Ian",
+      "avatar_url": "https://avatars.githubusercontent.com/u/16104273?v=4",
+      "profile": "https://snksrv.com",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "bestlong",
+      "name": "Shao Yu-Lung (Allen)",
+      "avatar_url": "https://avatars.githubusercontent.com/u/4023909?v=4",
+      "profile": "http://blog.bestlong.idv.tw/",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "Haxatron",
+      "name": "Haxatron",
+      "avatar_url": "https://avatars.githubusercontent.com/u/76475453?v=4",
+      "profile": "https://github.com/Haxatron",
+      "contributions": [
+        "code"
+      ]
     }
   ]
 }

.github/ISSUE_TEMPLATE/Bug_report.md

@@ -1,62 +0,0 @@
----
-name: Bug report
-about: Create a report to help us improve
-
----
-
-#### Please confirm you have done the following before posting your bug report:
-
-- [ ] I have enabled debug mode 
-- [ ] I have read [checked the Common Issues page](https://snipe-it.readme.io/docs/common-issues)
-
-**Describe the bug**
-A clear and concise description of what the bug is.
-
-**To Reproduce**
-Steps to reproduce the behavior:
-1. Go to '...'
-2. Click on '....'
-3. Scroll down to '....'
-4. See error
-
-**Expected behavior**
-A clear and concise description of what you expected to happen.
-
-**Screenshots**
-If applicable, add screenshots to help explain your problem.
-
-**Server (please complete the following information):**
- - Snipe-IT Version 
- - OS: [e.g. Ubuntu, CentOS]
- - Web Server: [e.g. Apache, IIS]
- - PHP Version 
-
-**Desktop (please complete the following information):**
- - OS: [e.g. iOS]
- - Browser [e.g. chrome, safari]
- - Version [e.g. 22]
-
-**Smartphone (please complete the following information):**
- - Device: [e.g. iPhone6]
- - OS: [e.g. iOS8.1]
- - Browser [e.g. stock browser, safari]
- - Version [e.g. 22]
-
-**Error Messages**
-- WITH DEBUG TURNED ON, if you're getting an error in your browser, include that error
-- If a stacktrace is provided in the error, include that too.
-- Any errors that appear in your browser's error console.
-- Confirm whether the error is reproducible on the demo: https://snipeitapp.com/demo.
-- Include any additional information you can find in `storage/logs` and your webserver's logs.
-- Include the output from `php -m` (this should display what modules you have enabled.)
-
-**Additional context**
-- Is this a fresh install or an upgrade? 
-- What OS and web server you're running Snipe-IT on
-- What method you used to install Snipe-IT (install.sh, manual installation, docker, etc)
-- Include what you've done so far in the installation, and if you got any error messages along the way.
-- Indicate whether or not you've manually edited any data directly in the database
-
-Add any other context about the problem here.
-
-Please do not post an issue without answering the related questions above. If you have opened a different issue and already answered these questions, answer them again, once for every ticket. It will be next to impossible for us to help you.

.github/ISSUE_TEMPLATE/Feature_request.md

@@ -1,23 +0,0 @@
----
-name: Feature request
-about: Suggest an idea for this project
-
----
-
-**Server (please complete the following information):**
- - Snipe-IT Version 
- - OS: [e.g. Ubuntu, CentOS]
- - Web Server: [e.g. Apache, IIS]
- - PHP Version 
-
-**Is your feature request related to a problem? Please describe.**
-A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
-
-**Describe the solution you'd like**
-A clear and concise description of what you want to happen.
-
-**Describe alternatives you've considered**
-A clear and concise description of any alternative solutions or features you've considered.
-
-**Additional context**
-Add any other context or screenshots about the feature request here.

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,129 @@
+name: Bug Report
+description: Create a report to help us improve
+body:
+  - type: checkboxes
+    attributes:
+      label: Debug mode
+      description: Please confirm you have done the following before posting your bug report
+      options:
+        - label: I have enabled debug mode
+          required: true
+        - label: I have read [checked the Common Issues page](https://snipe-it.readme.io/docs/common-issues)
+          required: true
+  - type: textarea
+    attributes:
+      label: Describe the bug
+      description: A clear and concise description of what the bug is.
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Reproduction steps
+      description: Steps to reproduce the behavior.
+      value: |
+        1.
+        2.
+        3.
+        ...
+    validations:
+        required: true
+  - type: textarea
+    attributes:
+      label: Expected behavior
+      description: A clear and concise description of what you expected to happen.
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Screenshots
+      description: 'If applicable, add screenshots to help explain your problem.'
+  - type: markdown
+    attributes:
+      value: "### Server"
+  - type: input
+    attributes:
+      label: Snipe-IT Version
+    validations:
+      required: true
+  - type: input
+    id: server_operatingSystem
+    attributes:
+      label: Operating System
+      description: 'e.g. Ubuntu, Windows'
+    validations:
+      required: true
+  - type: input
+    attributes:
+      label: Web Server
+      description: 'e.g. Apache, IIS'
+    validations:
+      required: true
+  - type: input
+    attributes:
+      label: PHP Version
+    validations:
+      required: true
+  - type: markdown
+    attributes:
+      value: "### Desktop"
+  - type: input
+    id: desktop_operatingSystem
+    attributes:
+      label: Operating System
+      description: 'e.g. Ubuntu, Windows'
+  - type: input
+    id: desktop_browser
+    attributes:
+      label: Browser
+      description: 'e.g. Google Chrome, Safari'
+  - type: input
+    id: desktop_version
+    attributes:
+      label: Version
+      description: 'e.g. 93'
+  - type: markdown
+    attributes:
+      value: "### Mobile"
+  - type: input
+    attributes:
+      label: Device
+      description: 'e.g. iPhone 6, Pixel 4a'
+  - type: input
+    id: mobile_operatingSystem
+    attributes:
+      label: Operating System
+      description: 'e.g. iOS 8.1, Android 9'
+  - type: input
+    id: mobile_browser
+    attributes:
+      label: Browser
+      description: 'e.g. Google Chrome, Safari'
+  - type: input
+    id: mobile_version
+    attributes:
+      label: Version
+      description: 'e.g. 93'
+  - type: textarea
+    attributes:
+      label: Error messages
+      description: |
+        WITH DEBUG TURNED ON, if you're getting an error in your browser, include that error
+        If a stacktrace is provided in the error, include that too.
+        Any errors that appear in your browser's error console.
+        Confirm whether the error is reproducible on the demo: https://snipeitapp.com/demo.
+        Include any additional information you can find in `storage/logs` and your webserver's logs.
+        Include the output from `php -m` (this should display what modules you have enabled.)
+      render: shell
+  - type: textarea
+    attributes:
+      label: Additional context
+      description: |
+        Is this a fresh install or an upgrade?
+        What OS and web server you're running Snipe-IT on
+        What method you used to install Snipe-IT (install.sh, manual installation, docker, etc)
+        Include what you've done so far in the installation, and if you got any error messages along the way.
+        Indicate whether or not you've manually edited any data directly in the database
+        Add any other context about the problem here.
+  - type: markdown
+    attributes:
+      value: Please do not post an issue without answering the related questions above. If you have opened a different issue and already answered these questions, answer them again, once for every ticket. It will be next to impossible for us to help you.

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1 @@
+blank_issues_enabled: false

.github/ISSUE_TEMPLATE/feature_request.yml

@@ -0,0 +1,42 @@
+name: Feature Request
+description: Suggest an idea for this project
+body:
+  - type: input
+    attributes:
+      label: Snipe-IT Version
+    validations:
+      required: true
+  - type: input
+    id: server_operatingSystem
+    attributes:
+      label: Operating System
+      description: 'e.g. Ubuntu, Windows'
+    validations:
+      required: true
+  - type: input
+    attributes:
+      label: Web Server
+      description: 'e.g. Apache, IIS'
+    validations:
+      required: true
+  - type: input
+    attributes:
+      label: PHP Version
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Is your feature request related to a problem? Please describe. A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Describe the solution you'd like A clear and concise description of what you want to happen.
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Describe alternatives you've considered A clear and concise description of any alternative solutions or features you've considered.
+  - type: textarea
+    attributes:
+      label: Additional context Add any other context or screenshots about the feature request here.

.github/workflows/docker-alpine.yml

@@ -0,0 +1,82 @@
+# Snipe-IT (Alpine) Docker image build for hub.docker.com
+name: Docker images (Alpine)
+
+# Run this Build for all pushes to 'master' or develop branch, or tagged releases.
+# Also run for PRs to ensure PR doesn't break Docker build process
+on:
+  push:
+    branches:
+      - master
+      - develop
+    tags:
+      - 'v**'
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
+
+  pull_request:
+
+jobs:
+  docker:
+    # Ensure this job never runs on forked repos. It's only executed for 'snipe/snipe-it'
+    if: github.repository == 'snipe/snipe-it'
+    runs-on: ubuntu-latest
+    env:
+      # Define tags to use for Docker images based on Git tags/branches (for docker/metadata-action)
+      # For a new commit on default branch (master), use the literal tag 'latest' on Docker image.
+      # For a new commit on other branches, use the branch name as the tag for Docker image.
+      # For a new tag, copy that tag name as the tag for Docker image.
+      IMAGE_TAGS: |
+        type=raw,value=latest,enable=${{ endsWith(github.ref, github.event.repository.default_branch) }},suffix=-alpine
+        type=ref,event=branch,enable=${{ !endsWith(github.ref, github.event.repository.default_branch) }},suffix=-alpine
+        type=ref,event=tag,suffix=-alpine
+      # Define default tag "flavor" for docker/metadata-action per
+      # https://github.com/docker/metadata-action#flavor-input
+      # We turn off 'latest' tag by default.
+      TAGS_FLAVOR: |
+        latest=false
+
+    steps:
+      # https://github.com/actions/checkout
+      - name: Checkout codebase
+        uses: actions/checkout@v2
+
+      # https://github.com/docker/setup-buildx-action
+      - name: Setup Docker Buildx
+        uses: docker/setup-buildx-action@v1
+
+      # https://github.com/docker/login-action
+      - name: Login to DockerHub
+        # Only login if not a PR, as PRs only trigger a Docker build and not a push
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_ACCESS_TOKEN }}
+
+      ###############################################
+      # Build/Push the 'snipe/snipe-it' image
+      ###############################################
+      # https://github.com/docker/metadata-action
+      # Get Metadata for docker_build step below
+      - name: Sync metadata (tags, labels) from GitHub to Docker for 'snipe-it' image
+        id: meta_build
+        uses: docker/metadata-action@v3
+        with:
+          images: snipe/snipe-it
+          tags: ${{ env.IMAGE_TAGS }}
+          flavor: ${{ env.TAGS_FLAVOR }}
+
+      # https://github.com/docker/build-push-action
+      - name: Build and push 'snipe-it' image
+        id: docker_build
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          file: ./Dockerfile.alpine
+          platforms: linux/amd64
+          # For pull requests, we run the Docker build (to ensure no PR changes break the build),
+          # but we ONLY do an image push to DockerHub if it's NOT a PR
+          push: ${{ github.event_name != 'pull_request' }}
+          # Use tags / labels provided by 'docker/metadata-action' above
+          tags: ${{ steps.meta_build.outputs.tags }}
+          labels: ${{ steps.meta_build.outputs.labels }}

.github/workflows/docker.yml

@@ -0,0 +1,82 @@
+# Snipe-IT Docker image build for hub.docker.com
+name: Docker images
+
+# Run this Build for all pushes to 'master' or develop branch, or tagged releases.
+# Also run for PRs to ensure PR doesn't break Docker build process
+on:
+  push:
+    branches:
+      - master
+      - develop
+    tags:
+      - 'v**'
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
+
+  pull_request:
+
+jobs:
+  docker:
+    # Ensure this job never runs on forked repos. It's only executed for 'snipe/snipe-it'
+    if: github.repository == 'snipe/snipe-it'
+    runs-on: ubuntu-latest
+    env:
+      # Define tags to use for Docker images based on Git tags/branches (for docker/metadata-action)
+      # For a new commit on default branch (master), use the literal tag 'latest' on Docker image.
+      # For a new commit on other branches, use the branch name as the tag for Docker image.
+      # For a new tag, copy that tag name as the tag for Docker image.
+      IMAGE_TAGS: |
+        type=raw,value=latest,enable=${{ endsWith(github.ref, github.event.repository.default_branch) }}
+        type=ref,event=branch,enable=${{ !endsWith(github.ref, github.event.repository.default_branch) }}
+        type=ref,event=tag
+      # Define default tag "flavor" for docker/metadata-action per
+      # https://github.com/docker/metadata-action#flavor-input
+      # We turn off 'latest' tag by default.
+      TAGS_FLAVOR: |
+        latest=false
+
+    steps:
+      # https://github.com/actions/checkout
+      - name: Checkout codebase
+        uses: actions/checkout@v2
+
+      # https://github.com/docker/setup-buildx-action
+      - name: Setup Docker Buildx
+        uses: docker/setup-buildx-action@v1
+
+      # https://github.com/docker/login-action
+      - name: Login to DockerHub
+        # Only login if not a PR, as PRs only trigger a Docker build and not a push
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_ACCESS_TOKEN }}
+
+      ###############################################
+      # Build/Push the 'snipe/snipe-it' image
+      ###############################################
+      # https://github.com/docker/metadata-action
+      # Get Metadata for docker_build step below
+      - name: Sync metadata (tags, labels) from GitHub to Docker for 'snipe-it' image
+        id: meta_build
+        uses: docker/metadata-action@v3
+        with:
+          images: snipe/snipe-it
+          tags: ${{ env.IMAGE_TAGS }}
+          flavor: ${{ env.TAGS_FLAVOR }}
+
+      # https://github.com/docker/build-push-action
+      - name: Build and push 'snipe-it' image
+        id: docker_build
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          file: ./Dockerfile
+          platforms: linux/amd64
+          # For pull requests, we run the Docker build (to ensure no PR changes break the build),
+          # but we ONLY do an image push to DockerHub if it's NOT a PR
+          push: ${{ github.event_name != 'pull_request' }}
+          # Use tags / labels provided by 'docker/metadata-action' above
+          tags: ${{ steps.meta_build.outputs.tags }}
+          labels: ${{ steps.meta_build.outputs.labels }}

.gitignore

@@ -63,3 +63,5 @@ _ide_helper.php
 .phpstorm.meta.php
 _ide_helper_models.php
 /.phplint-cache
+storage/ldap_client_tls.cert
+storage/ldap_client_tls.key

Dockerfile

@@ -1,5 +1,5 @@
-FROM ubuntu:bionic
-LABEL maintainer Brady Wetherington <uberbrady@gmail.com>
+FROM ubuntu:focal
+LABEL maintainer Brady Wetherington <bwetherington@grokability.com>
 
 # No need to add `apt-get clean` here, reference:
 # - https://github.com/snipe/snipe-it/pull/9201
@@ -14,15 +14,15 @@ RUN export DEBIAN_FRONTEND=noninteractive; \
 apt-utils \
 apache2 \
 apache2-bin \
-libapache2-mod-php7.2 \
-php7.2-curl \
-php7.2-ldap \
-php7.2-mysql \
-php7.2-gd \
-php7.2-xml \
-php7.2-mbstring \
-php7.2-zip \
-php7.2-bcmath \
+libapache2-mod-php7.4 \
+php7.4-curl \
+php7.4-ldap \
+php7.4-mysql \
+php7.4-gd \
+php7.4-xml \
+php7.4-mbstring \
+php7.4-zip \
+php7.4-bcmath \
 patch \
 curl \
 wget  \
@@ -38,7 +38,7 @@ autoconf \
 libc-dev \
 pkg-config \
 libmcrypt-dev \
-php7.2-dev \
+php7.4-dev \
 ca-certificates \
 unzip \
 && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
@@ -47,16 +47,16 @@ unzip \
 RUN curl -L -O https://github.com/pear/pearweb_phars/raw/master/go-pear.phar
 RUN php go-pear.phar
 
-RUN pecl install mcrypt-1.0.2
+RUN pecl install mcrypt-1.0.3
 
-RUN bash -c "echo extension=/usr/lib/php/20170718/mcrypt.so > /etc/php/7.2/mods-available/mcrypt.ini"
+RUN bash -c "echo extension=/usr/lib/php/20190902/mcrypt.so > /etc/php/7.4/mods-available/mcrypt.ini"
 
 RUN phpenmod mcrypt
 RUN phpenmod gd
 RUN phpenmod bcmath
 
-RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php/7.2/apache2/php.ini
-RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php/7.2/cli/php.ini
+RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php/7.4/apache2/php.ini
+RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php/7.4/cli/php.ini
 
 RUN useradd -m --uid 1000 --gid 50 docker
 
@@ -96,6 +96,8 @@ RUN \
       && rm -r "/var/www/html/storage/app/backups" && ln -fs "/var/lib/snipeit/dumps" "/var/www/html/storage/app/backups" \
       && mkdir -p "/var/lib/snipeit/keys" && ln -fs "/var/lib/snipeit/keys/oauth-private.key" "/var/www/html/storage/oauth-private.key" \
       && ln -fs "/var/lib/snipeit/keys/oauth-public.key" "/var/www/html/storage/oauth-public.key" \
+      && ln -fs "/var/lib/snipeit/keys/ldap_client_tls.cert" "/var/www/html/storage/ldap_client_tls.cert" \
+      && ln -fs "/var/lib/snipeit/keys/ldap_client_tls.key" "/var/www/html/storage/ldap_client_tls.key" \
       && chown docker "/var/lib/snipeit/keys/" \
       && chown -h docker "/var/www/html/storage/" \
       && chmod +x /var/www/html/artisan \

Dockerfile.alpine

@@ -1,4 +1,4 @@
-FROM alpine:3.13
+FROM alpine:3
 # Apache + PHP
 RUN  apk add --no-cache \
         apache2 \

Procfile

@@ -0,0 +1 @@
+web: php heroku/startup.php && heroku-php-apache2 public/

README.md

@@ -1,5 +1,5 @@
-![Build Status](https://app.chipperci.com/projects/0e5f8979-31eb-4ee6-9abf-050b76ab0383/status/master) [![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.svg)](https://crowdin.com/project/snipe-it) [![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/snipe/snipe-it?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeitapp.svg?style=social)](https://twitter.com/snipeitapp)  [![Codacy Badge](https://api.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://www.codacy.com/app/snipe/snipe-it?utm_source=github.com&utm_medium=referral&utm_content=snipe/snipe-it&utm_campaign=Badge_Grade)
-[![All Contributors](https://img.shields.io/badge/all_contributors-261-orange.svg?style=flat-square)](#contributors) 
+![Build Status](https://app.chipperci.com/projects/0e5f8979-31eb-4ee6-9abf-050b76ab0383/status/master) [![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.svg)](https://crowdin.com/project/snipe-it) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeitapp.svg?style=social)](https://twitter.com/snipeitapp)  [![Codacy Badge](https://api.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://www.codacy.com/app/snipe/snipe-it?utm_source=github.com&utm_medium=referral&utm_content=snipe/snipe-it&utm_campaign=Badge_Grade)
+[![All Contributors](https://img.shields.io/badge/all_contributors-276-orange.svg?style=flat-square)](#contributors) [![Discord](https://badgen.net/badge/icon/discord?icon=discord&label)](https://discord.gg/yZFtShAcKk) [![huntr](https://cdn.huntr.dev/huntr_security_badge_mono.svg)](https://huntr.dev)
 
 ## Snipe-IT - Open Source Asset Management System
 
@@ -19,6 +19,8 @@ For instructions on installing and configuring Snipe-IT on your server, check ou
 
 If you're having trouble with the installation, please check the [Common Issues](https://snipe-it.readme.io/docs/common-issues) and [Getting Help](https://snipe-it.readme.io/docs/getting-help) documentation, and search this repository's open *and* closed issues for help.
 
+[![Deploy](https://www.herokucdn.com/deploy/button.svg)](https://heroku.com/deploy)
+
 -----
 ### User's Manual
 For help using Snipe-IT, check out the [user's manual](https://snipe-it.readme.io/docs/overview).
@@ -55,11 +57,11 @@ Since the release of the JSON REST API, several third-party developers have been
 
 - [Python Module](https://github.com/jbloomer/SnipeIT-PythonAPI) by [@jbloomer](https://github.com/jbloomer)
 - [SnipeSharp - .NET module in C#](https://github.com/barrycarey/SnipeSharp) by [@barrycarey](https://github.com/barrycarey)
-- [InQRy](https://github.com/Microsoft/InQRy) by [@Microsoft](https://github.com/Microsoft)
+- [InQRy -unmaintained-](https://github.com/Microsoft/InQRy) by [@Microsoft](https://github.com/Microsoft)
 - [SnipeitPS](https://github.com/snazy2000/SnipeitPS) by [@snazy2000](https://github.com/snazy2000) - Powershell API Wrapper for Snipe-it
 - [jamf2snipe](https://github.com/ParadoxGuitarist/jamf2snipe) by [@ParadoxGuitarist](https://github.com/ParadoxGuitarist) - Python script to sync assets between a JAMFPro instance and a Snipe-IT instance
 - [Marksman](https://github.com/Scope-IT/marksman) - A Windows agent for Snipe-IT
-- [Snipe-IT plugin for Jira Service Desk (beta)](https://marketplace.atlassian.com/apps/1220379/snipe-it-for-jira-service-desk-beta?hosting=cloud&tab=overview) - for the upcoming Snipe-IT v5 only
+- [Snipe-IT plugin for Jira Service Desk](https://marketplace.atlassian.com/apps/1220964/snipe-it-for-jira)
 - [Python 3 CSV importer](https://github.com/gastamper/snipeit-csvimporter) - allows importing assets into Snipe-IT based on Item Name rather than Asset Tag.
 - [Snipe-IT Kubernetes Helm Chart](https://github.com/t3n/helm-charts/tree/master/snipeit) - For more information, [click here](https://hub.helm.sh/charts/t3n/snipeit).
 - [Snipe-IT Bulk Edit](https://github.com/bricelabelle/snipe-it-bulkedit) - Google Script files to use Google Sheets as a bulk checkout/checkin/edit tool for Snipe-it.
@@ -126,7 +128,9 @@ Thanks goes to all of these wonderful people ([emoji key](https://github.com/ken
 | [<img src="https://avatars.githubusercontent.com/u/9255772?v=4" width="110px;"/><br /><sub>Mark Stenglein</sub>](https://markstenglein.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ocelotsloth "Code") | [<img src="https://avatars.githubusercontent.com/u/35658596?v=4" width="110px;"/><br /><sub>ajsy</sub>](https://github.com/ajsy)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ajsy "Code") | [<img src="https://avatars.githubusercontent.com/u/3628035?v=4" width="110px;"/><br /><sub>Jan Kiesewetter</sub>](https://github.com/t3easy)<br />[💻](https://github.com/snipe/snipe-it/commits?author=t3easy "Code") | [<img src="https://avatars.githubusercontent.com/u/79449630?v=4" width="110px;"/><br /><sub>Tetrachloromethane250</sub>](https://github.com/Tetrachloromethane250)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Tetrachloromethane250 "Code") | [<img src="https://avatars.githubusercontent.com/u/22004482?v=4" width="110px;"/><br /><sub>Lars Kajes</sub>](https://www.kajes.se/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=kajes "Code") | [<img src="https://avatars.githubusercontent.com/u/13993216?v=4" width="110px;"/><br /><sub>Joly0</sub>](https://github.com/Joly0)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Joly0 "Code") | [<img src="https://avatars.githubusercontent.com/u/1501022?v=4" width="110px;"/><br /><sub>theburger</sub>](https://github.com/limeless)<br />[💻](https://github.com/snipe/snipe-it/commits?author=limeless "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/36065681?v=4" width="110px;"/><br /><sub>David Valin Alonso</sub>](https://github.com/deivishome)<br />[💻](https://github.com/snipe/snipe-it/commits?author=deivishome "Code") | [<img src="https://avatars.githubusercontent.com/u/8290389?v=4" width="110px;"/><br /><sub>andreaci</sub>](https://github.com/andreaci)<br />[💻](https://github.com/snipe/snipe-it/commits?author=andreaci "Code") | [<img src="https://avatars.githubusercontent.com/u/1828542?v=4" width="110px;"/><br /><sub>Jelle Sebreghts</sub>](http://www.jellesebreghts.be)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Jelle-S "Code") | [<img src="https://avatars.githubusercontent.com/u/11180862?v=4" width="110px;"/><br /><sub>Michael Pietsch</sub>](https://github.com/Skywalker-11)<br /> | [<img src="https://avatars.githubusercontent.com/u/22068886?v=4" width="110px;"/><br /><sub>Masudul Haque Shihab</sub>](https://github.com/sh1hab)<br />[💻](https://github.com/snipe/snipe-it/commits?author=sh1hab "Code") | [<img src="https://avatars.githubusercontent.com/u/16099942?v=4" width="110px;"/><br /><sub>Supapong Areeprasertkul</sub>](http://www.freedomdive.com/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=zybersup "Code") | [<img src="https://avatars.githubusercontent.com/u/207358?v=4" width="110px;"/><br /><sub>Peter Sarossy</sub>](https://github.com/psarossy)<br />[💻](https://github.com/snipe/snipe-it/commits?author=psarossy "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/11823649?v=4" width="110px;"/><br /><sub>Renee Margaret McConahy</sub>](https://github.com/nepella)<br />[💻](https://github.com/snipe/snipe-it/commits?author=nepella "Code") | [<img src="https://avatars.githubusercontent.com/u/5553884?v=4" width="110px;"/><br /><sub>JohnnyPicnic</sub>](https://github.com/JohnnyPicnic)<br />[💻](https://github.com/snipe/snipe-it/commits?author=JohnnyPicnic "Code") | [<img src="https://avatars.githubusercontent.com/u/8799594?v=4" width="110px;"/><br /><sub>markbrule</sub>](https://github.com/markbrule)<br />[💻](https://github.com/snipe/snipe-it/commits?author=markbrule "Code") | [<img src="https://avatars.githubusercontent.com/u/1962801?v=4" width="110px;"/><br /><sub>Mike Campbell</sub>](https://github.com/mikecmpbll)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mikecmpbll "Code") | [<img src="https://avatars.githubusercontent.com/u/11973217?v=4" width="110px;"/><br /><sub>tbrconnect</sub>](https://github.com/tbrconnect)<br />[💻](https://github.com/snipe/snipe-it/commits?author=tbrconnect "Code") | [<img src="https://avatars.githubusercontent.com/u/12447225?v=4" width="110px;"/><br /><sub>kcoyo</sub>](https://github.com/kcoyo)<br />[💻](https://github.com/snipe/snipe-it/commits?author=kcoyo "Code") | [<img src="https://avatars.githubusercontent.com/u/494017?v=4" width="110px;"/><br /><sub>Travis Miller</sub>](https://travismiller.com/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=travismiller "Code") |
-| [<img src="https://avatars.githubusercontent.com/u/8735148?v=4" width="110px;"/><br /><sub>Petri Asikainen</sub>](https://github.com/PetriAsi)<br />[💻](https://github.com/snipe/snipe-it/commits?author=PetriAsi "Code") | [<img src="https://avatars.githubusercontent.com/u/11424540?v=4" width="110px;"/><br /><sub>derdeagle</sub>](https://github.com/derdeagle)<br />[💻](https://github.com/snipe/snipe-it/commits?author=derdeagle "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/8735148?v=4" width="110px;"/><br /><sub>Petri Asikainen</sub>](https://github.com/PetriAsi)<br />[💻](https://github.com/snipe/snipe-it/commits?author=PetriAsi "Code") | [<img src="https://avatars.githubusercontent.com/u/11424540?v=4" width="110px;"/><br /><sub>derdeagle</sub>](https://github.com/derdeagle)<br />[💻](https://github.com/snipe/snipe-it/commits?author=derdeagle "Code") | [<img src="https://avatars.githubusercontent.com/u/176950?v=4" width="110px;"/><br /><sub>Mike Frysinger</sub>](https://wh0rd.org/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=vapier "Code") | [<img src="https://avatars.githubusercontent.com/u/22044358?v=4" width="110px;"/><br /><sub>ALPHA</sub>](https://github.com/AL4AL)<br />[💻](https://github.com/snipe/snipe-it/commits?author=AL4AL "Code") | [<img src="https://avatars.githubusercontent.com/u/1042587?v=4" width="110px;"/><br /><sub>FliegenKLATSCH</sub>](https://www.ifern.de)<br />[💻](https://github.com/snipe/snipe-it/commits?author=FliegenKLATSCH "Code") | [<img src="https://avatars.githubusercontent.com/u/442138?v=4" width="110px;"/><br /><sub>Jeremy Price</sub>](https://github.com/jerm)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jerm "Code") | [<img src="https://avatars.githubusercontent.com/u/84392209?v=4" width="110px;"/><br /><sub>Toreg87</sub>](https://github.com/Toreg87)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Toreg87 "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/67638596?v=4" width="110px;"/><br /><sub>Matthew Nickson</sub>](https://github.com/Computroniks)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Computroniks "Code") | [<img src="https://avatars.githubusercontent.com/u/1646397?v=4" width="110px;"/><br /><sub>Jethro Nederhof</sub>](https://jethron.id.au)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jethron "Code") | [<img src="https://avatars.githubusercontent.com/u/23289826?v=4" width="110px;"/><br /><sub>Oskar Stenberg</sub>](https://github.com/01ste02)<br />[💻](https://github.com/snipe/snipe-it/commits?author=01ste02 "Code") | [<img src="https://avatars.githubusercontent.com/u/82208283?v=4" width="110px;"/><br /><sub>Robert-Azelis</sub>](https://github.com/Robert-Azelis)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Robert-Azelis "Code") | [<img src="https://avatars.githubusercontent.com/u/60648387?v=4" width="110px;"/><br /><sub>Alexander William Smith</sub>](https://github.com/alwism)<br />[💻](https://github.com/snipe/snipe-it/commits?author=alwism "Code") | [<img src="https://avatars.githubusercontent.com/u/24418301?v=4" width="110px;"/><br /><sub>LEITWERK AG</sub>](https://www.leitwerk.de/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=leitwerk-ag "Code") | [<img src="https://avatars.githubusercontent.com/u/1911435?v=4" width="110px;"/><br /><sub>Adam</sub>](http://www.aboutcher.co.uk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=adamboutcher "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/16104273?v=4" width="110px;"/><br /><sub>Ian</sub>](https://snksrv.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=sneak-it "Code") | [<img src="https://avatars.githubusercontent.com/u/4023909?v=4" width="110px;"/><br /><sub>Shao Yu-Lung (Allen)</sub>](http://blog.bestlong.idv.tw/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=bestlong "Code") | [<img src="https://avatars.githubusercontent.com/u/76475453?v=4" width="110px;"/><br /><sub>Haxatron</sub>](https://github.com/Haxatron)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Haxatron "Code") |
 <!-- ALL-CONTRIBUTORS-LIST:END -->
 
 This project follows the [all-contributors](https://github.com/kentcdodds/all-contributors) specification. Contributions of any kind welcome!

ansible/ubuntu/vagrant_playbook.yml

@@ -199,7 +199,7 @@
         - { regexp: '^DB_PASSWORD=', line: 'DB_PASSWORD=vagrant' }
         - { regexp: '^APP_URL=', line: "APP_URL=http://{{ fqdn }}" }
         - { regexp: '^APP_ENV=', line: "APP_ENV=development" }
-        - { regexp: '^APP_DEBUG=', line: "APP_ENV=true" }
+        - { regexp: '^APP_DEBUG=', line: "APP_DEBUG=true" }
     - name: Generate application key
       shell: "php {{ app_path }}/artisan key:generate --force"
     - name: Artisan Migrate

app.json

@@ -0,0 +1,154 @@
+{
+    "name": "Snipe-IT",
+    "description": "Open source asset management.",
+    "keywords": [
+      "asset management",
+      "it asset"
+    ],
+    "website": "https://snipeitapp.com/",
+    "repository": "https://github.com/snipe/snipe-it",
+    "logo": "https://pbs.twimg.com/profile_images/976748875733020672/K-HnZCCK_400x400.jpg",
+    "success_url": "/setup",
+    "env": {
+      "APP_ENV": {
+        "description": "Laravel environment mode. Unless developing the application, this should be production.",
+        "value": "production"
+      },
+      "APP_DEBUG": {
+        "description": "Laravel debug mode. Unless developing the application or actively debugging a problem, this should be set to false.",
+        "value": "false"
+      },
+      "APP_KEY": {
+        "description": "A secret key for verifying the integrity of signed cookies. (See either https://snipe-it.readme.io/docs/generate-your-app-key or generate at https://coderstoolbox.online/toolbox/generate-symfony-secret)",
+        "value": ""
+      },
+      "APP_URL": {
+        "description": "URL where your Snipe-IT install will be available at.",
+        "value": "https://your-app-name.herokuapp.com"
+      },
+      "APP_TIMEZONE": {
+        "description": "Which timezone do you want to use for your install? (http://php.net/manual/en/timezones.php)",
+        "value": "UTC"
+      },
+      "APP_LOCALE": {
+        "description": "Which language do you want to use for your install? (https://snipe-it.readme.io/docs/configuration#setting-a-language)",
+        "value": "en"
+      },
+      "MAX_RESULTS": {
+        "description": "The maximum number of search results that can be returned at one time.",
+        "value": "500"
+      },
+      "MAIL_DRIVER": {
+        "description": "Mail driver - Generally SMTP on Heroku - https://snipe-it.readme.io/docs/configuration#required-outgoing-mail-settings",
+        "value": "smtp"
+      },
+      "MAIL_HOST": {
+        "description": "SMTP Server Hostname",
+        "value": "smtp.your.domain.name"
+      },
+      "MAIL_PORT": {
+        "description": "SMTP Server Port",
+        "value": "25"
+      },
+      "MAIL_USERNAME": {
+        "description": "SMTP Server Username",
+        "value": "YOURUSERNAME"
+      },
+      "MAIL_PASSWORD": {
+        "description": "SMTP Server Password",
+        "value": "YOURPASSWORD"
+      },
+      "MAIL_ENCRYPTION": {
+        "description": "Encryption protocol for email sending.",
+        "value": "null"
+      },
+      "MAIL_FROM_ADDR": {
+        "description": "Email from address",
+        "value": "no-reply@domain.name"
+      },
+      "MAIL_FROM_NAME": {
+        "description": "Email from Name",
+        "value": "Snipe-IT"
+      },
+      "MAIL_REPLYTO_ADDR": {
+        "description": "Email Reply-To address",
+        "value": "your@domain.name"
+      },
+      "MAIL_REPLYTO_NAME": {
+        "description": "Email Reply-To Name",
+        "value": "Snipe-IT"
+      },
+      "MAIL_AUTO_EMBED": {
+        "description": "Whether or not to embed images in emails (via CID or base64) versus linking to them.",
+        "value": "true"
+      },
+      "MAIL_AUTO_EMBED_METHOD": {
+        "description": "Method that should be used for attaching inline images.",
+        "value": "base64"
+      },
+      "SESSION_LIFETIME": {
+        "description": "Specify the time in minutes that the session should remain valid.",
+        "value": "12000"
+      },
+      "EXPIRE_ON_CLOSE": {
+        "description": "Specify whether or not the logged in session should be expired when the user closes their browser window.",
+        "value": "false"
+      },
+      "ENCRYPT": {
+        "description": "Specify whether you wish to use encrypted cookies for your Snipe-IT sessions.",
+        "value": "true"
+      },
+      "COOKIE_NAME": {
+        "description": "The name of the cookie set by Snipe-IT for session management.",
+        "value": "snipeit_session"
+      },
+      "COOKIE_DOMAIN": {
+        "description": "The domain name that the session cookie should be sent for.",
+        "value": "your-app-name.herokuapp.com"
+      },
+      "SECURE_COOKIES": {
+        "description": "Should cookies only be sent for HTTPS connections? Generally true on Heroku.",
+        "value": "true"
+      },
+      "LOGIN_MAX_ATTEMPTS": {
+        "description": "The maximum number of failed attempts allowed before the user is throttled.",
+        "value": "5"
+      },
+      "LOGIN_LOCKOUT_DURATION": {
+        "description": "The duration (in seconds) that the user should be blocked from attempting to authenticate again.",
+        "value": "60"
+      },
+      "APP_LOG": {
+        "description": "Driver to send logs to. (errorlog for stderr)",
+        "value": "errorlog"
+      },
+      "ALLOW_IFRAMING": {
+        "description": "Allow Snipe-IT to be loaded using an iFrame?",
+        "value": "false"
+      },
+      "GOOGLE_MAPS_API": {
+        "description": "Include your Google Maps API key here if you'd like Snipe-IT to load maps from Google on your locations and suppliers pages.",
+        "required": false
+      },
+      "BACKUP_ENV": {
+        "description": "Set this to true if you wish to backup your .env file in your Admin > Backups process.",
+        "value": "true"
+      },
+      "ENABLE_HSTS": {
+        "description": "Whether or not to send the HSTS security policy header.",
+        "value": "false"
+      }
+    },
+    "formation": {
+      "web": {
+        "quantity": 1,
+        "size": "free"
+      }
+    },
+    "image": "heroku/php",
+    "addons": [
+      "cleardb:ignite",
+      "heroku-redis:hobby-dev",
+      "papertrail:choklad"
+    ]
+  }

app/Console/Commands/PaveIt.php

@@ -2,23 +2,9 @@
 
 namespace App\Console\Commands;
 
-use App\Models\Accessory;
 use App\Models\Asset;
-use App\Models\AssetModel;
-use App\Models\Category;
-use App\Models\Company;
-use App\Models\Component;
-use App\Models\Consumable;
-use App\Models\Department;
-use App\Models\Depreciation;
-use App\Models\Group;
-use App\Models\Import;
-use App\Models\License;
-use App\Models\LicenseSeat;
-use App\Models\Location;
-use App\Models\Manufacturer;
-use App\Models\Statuslabel;
-use App\Models\Supplier;
+use App\Models\CustomField;
+use Schema;
 use DB;
 use Illuminate\Console\Command;
 
@@ -29,15 +15,14 @@ class PaveIt extends Command
      *
      * @var string
      */
-    protected $signature = 'snipeit:pave
-              {--soft : Perform a "Soft" Delete, leaving all migrations, table structure, and the first user in place.}';
+    protected $signature = 'snipeit:pave  {--force : Skip the interactive yes/no prompt for confirmation}';
 
     /**
      * The console command description.
      *
      * @var string
      */
-    protected $description = 'Pave the database to start over. This should ALMOST NEVER BE USED. (It is primarily a quick tool for developers.)';
+    protected $description = 'Clear the database tables, leaving all migrations, table structure, and the first user in place. (It is primarily a quick tool for developers.) If you want to destroy all tables as well, use php artisan db:wipe.';
 
     /**
      * Create a new command instance.
@@ -56,106 +41,51 @@ class PaveIt extends Command
      */
     public function handle()
     {
-        if ($this->confirm("\n****************************************************\nTHIS WILL DELETE ALL OF THE DATA IN YOUR DATABASE. \nThere is NO undo. This WILL destroy ALL of your data. \n****************************************************\n\nDo you wish to continue? No backsies! [y|N]")) {
-            if ($this->option('soft')) {
-                Accessory::getQuery()->delete();
-                Asset::getQuery()->delete();
-                Category::getQuery()->delete();
-                Company::getQuery()->delete();
-                Component::getQuery()->delete();
-                Consumable::getQuery()->delete();
-                Department::getQuery()->delete();
-                Depreciation::getQuery()->delete();
-                License::getQuery()->delete();
-                LicenseSeat::getQuery()->delete();
-                Location::getQuery()->delete();
-                Manufacturer::getQuery()->delete();
-                AssetModel::getQuery()->delete();
-                Statuslabel::getQuery()->delete();
-                Supplier::getQuery()->delete();
-                Group::getQuery()->delete();
-                Import::getQuery()->delete();
 
-                DB::statement('delete from accessories_users');
-                DB::statement('delete from asset_logs');
-                DB::statement('delete from asset_maintenances');
-                DB::statement('delete from login_attempts');
-                DB::statement('delete from asset_uploads');
-                DB::statement('delete from action_logs');
-                DB::statement('delete from checkout_requests');
-                DB::statement('delete from checkout_acceptances');
-                DB::statement('delete from consumables_users');
-                DB::statement('delete from custom_field_custom_fieldset');
-                DB::statement('delete from custom_fields');
-                DB::statement('delete from custom_fieldsets');
-                DB::statement('delete from components_assets');
-                DB::statement('delete from kits');
-                DB::statement('delete from kits_accessories');
-                DB::statement('delete from kits_consumables');
-                DB::statement('delete from kits_licenses');
-                DB::statement('delete from kits_models');
-                DB::statement('delete from login_attempts');
-                DB::statement('delete from models_custom_fields');
-                DB::statement('delete from permission_groups');
-                DB::statement('delete from password_resets');
-                DB::statement('delete from requested_assets');
-                DB::statement('delete from requests');
-                DB::statement('delete from throttle');
-                DB::statement('delete from users_groups');
-                DB::statement('delete from users WHERE id!=1');
-            } else {
-                \DB::statement('drop table IF EXISTS accessories_users');
-                \DB::statement('drop table IF EXISTS accessories');
-                \DB::statement('drop table IF EXISTS asset_logs');
-                \DB::statement('drop table IF EXISTS action_logs');
-                \DB::statement('drop table IF EXISTS asset_maintenances');
-                \DB::statement('drop table IF EXISTS asset_uploads');
-                \DB::statement('drop table IF EXISTS assets');
-                \DB::statement('drop table IF EXISTS categories');
-                \DB::statement('drop table IF EXISTS checkout_requests');
-                \DB::statement('drop table IF EXISTS checkout_acceptances');
-                \DB::statement('drop table IF EXISTS companies');
-                \DB::statement('drop table IF EXISTS components');
-                \DB::statement('drop table IF EXISTS components_assets');
-                \DB::statement('drop table IF EXISTS consumables_users');
-                \DB::statement('drop table IF EXISTS consumables');
-                \DB::statement('drop table IF EXISTS custom_field_custom_fieldset');
-                \DB::statement('drop table IF EXISTS custom_fields');
-                \DB::statement('drop table IF EXISTS custom_fieldsets');
-                \DB::statement('drop table IF EXISTS depreciations');
-                \DB::statement('drop table IF EXISTS departments');
-                \DB::statement('drop table IF EXISTS groups');
-                \DB::statement('drop table IF EXISTS history');
-                \DB::statement('drop table IF EXISTS kits');
-                \DB::statement('drop table IF EXISTS kits_accessories');
-                \DB::statement('drop table IF EXISTS kits_consumables');
-                \DB::statement('drop table IF EXISTS kits_licenses');
-                \DB::statement('drop table IF EXISTS kits_models');
-                \DB::statement('drop table IF EXISTS models_custom_fields');
-                \DB::statement('drop table IF EXISTS permission_groups');
-                \DB::statement('drop table IF EXISTS license_seats');
-                \DB::statement('drop table IF EXISTS licenses');
-                \DB::statement('drop table IF EXISTS locations');
-                \DB::statement('drop table IF EXISTS login_attempts');
-                \DB::statement('drop table IF EXISTS manufacturers');
-                \DB::statement('drop table IF EXISTS models');
-                \DB::statement('drop table IF EXISTS migrations');
-                \DB::statement('drop table IF EXISTS oauth_access_tokens');
-                \DB::statement('drop table IF EXISTS oauth_auth_codes');
-                \DB::statement('drop table IF EXISTS oauth_clients');
-                \DB::statement('drop table IF EXISTS oauth_personal_access_clients');
-                \DB::statement('drop table IF EXISTS oauth_refresh_tokens');
-                \DB::statement('drop table IF EXISTS password_resets');
-                \DB::statement('drop table IF EXISTS requested_assets');
-                \DB::statement('drop table IF EXISTS requests');
-                \DB::statement('drop table IF EXISTS settings');
-                \DB::statement('drop table IF EXISTS status_labels');
-                \DB::statement('drop table IF EXISTS suppliers');
-                \DB::statement('drop table IF EXISTS throttle');
-                \DB::statement('drop table IF EXISTS users_groups');
-                \DB::statement('drop table IF EXISTS users');
-                \DB::statement('drop table IF EXISTS imports');
+        if (!$this->option('force')) {
+            $confirmation = $this->confirm("\n****************************************************\nTHIS WILL DELETE ALL OF THE DATA IN YOUR DATABASE. \nThere is NO undo. This WILL destroy ALL of your data, \nINCLUDING ANY non-Snipe-IT tables you have in this database. \n****************************************************\n\nDo you wish to continue? No backsies! ");
+            if (!$confirmation) {
+                $this->error('ABORTING');
+                exit(-1);
             }
         }
+
+        // List all the tables in the database so we don't have to worry about missing some as the app grows
+        $tables = DB::connection()->getDoctrineSchemaManager()->listTableNames();
+
+        $except_tables = [
+            'oauth_access_tokens',
+            'oauth_clients',
+            'oauth_personal_access_clients',
+            'migrations',
+            'settings',
+            'users',
+        ];
+
+        // We only need to find out what these are so we can nuke these columns on the assets table.
+        $custom_fields = CustomField::get();
+        foreach ($custom_fields as $custom_field) {
+            $this->info('DROP the '.$custom_field->db_column.' column from assets as well.');
+
+            if (\Schema::hasColumn('assets', $custom_field->db_column)) {
+                \Schema::table('assets', function ($table) use ($custom_field) {
+                    $table->dropColumn($custom_field->db_column);
+                });
+            }
+        }
+
+        foreach ($tables as $table) {
+            if (in_array($table, $except_tables)) {
+                $this->info($table. ' is SKIPPED.');
+            } else {
+                \DB::statement('truncate '.$table);
+                $this->info($table. ' is TRUNCATED.');
+            }
+        }
+
+        // Leave in the demo oauth keys so we don't have to reset them every day in the demos
+        \DB::statement('delete from oauth_clients WHERE id > 2');
+        \DB::statement('delete from oauth_access_tokens WHERE id > 2');
+    
     }
-}
+}

app/Console/Commands/ResetDemoSettings.php

@@ -81,8 +81,8 @@ class ResetDemoSettings extends Command
             $user->save();
         }
 
-        \Storage::disk('local_public')->put('snipe-logo.png', file_get_contents(public_path('img/demo/snipe-logo.png')));
-        \Storage::disk('local_public')->put('snipe-logo-lg.png', file_get_contents(public_path('img/demo/snipe-logo-lg.png')));
+        \Storage::disk('public')->put('snipe-logo.png', file_get_contents(public_path('img/demo/snipe-logo.png')));
+        \Storage::disk('public')->put('snipe-logo-lg.png', file_get_contents(public_path('img/demo/snipe-logo-lg.png')));
 
     }
 

app/Console/Commands/RestoreFromBackup.php

@@ -61,7 +61,7 @@ class RestoreFromBackup extends Command
 
         $za = new ZipArchive();
 
-        $errcode = $za->open($filename, ZipArchive::RDONLY);
+        $errcode = $za->open($filename/* , ZipArchive::RDONLY */); // that constant only exists in PHP 7.4 and higher
         if ($errcode !== true) {
             $errors = [
                 ZipArchive::ER_EXISTS => "File already exists.",
@@ -248,8 +248,13 @@ class RestoreFromBackup extends Command
         }
         fclose($pipes[0]);
         fclose($sql_contents);
+        
+        $this->line(stream_get_contents($pipes[1]));
         fclose($pipes[1]);
+
+        $this->error(stream_get_contents($pipes[2]));
         fclose($pipes[2]);
+
         //wait, have to do fclose() on all pipes first?
         $close_results = proc_close($proc_results);
         if($close_results != 0) {

app/Exceptions/Handler.php

@@ -121,6 +121,6 @@ class Handler extends ExceptionHandler
      */
     protected function invalidJson($request, ValidationException $exception)
     {
-        return response()->json(Helper::formatStandardApiResponse('error', null, $exception->errors(), 400));
+        return response()->json(Helper::formatStandardApiResponse('error', null, $exception->errors(), 422));
     }
 }

app/Helpers/Helper.php

@@ -46,7 +46,10 @@ class Helper
     public static function formatCurrencyOutput($cost)
     {
         if (is_numeric($cost)) {
-            return number_format($cost, 2, '.', '');
+            if (Setting::getSettings()->digit_separator=='1.234,56') {
+                return number_format($cost, 2, ',', '.');
+            }
+            return number_format($cost, 2, '.', ',');
         }
         // It's already been parsed.
         return $cost;
@@ -64,7 +67,7 @@ class Helper
     {
         $colors = [
             "#008941",
-            "#FF4A46",
+            "#FF851B",
             "#006FA6",
             "#A30059",
             "#1CE6FF",
@@ -400,6 +403,19 @@ class Helper
      */
     public static function ParseFloat($floatString)
     {
+        /*******
+         * 
+         * WARNING: This does conversions based on *locale* - a Unix-ey-like thing.
+         * 
+         * Everything else in the system tends to convert based on the Snipe-IT settings
+         * 
+         * So it's very likely this is *not* what you want - instead look for the new
+         * 
+         * ParseCurrency($currencyString)
+         * 
+         * Which should be directly below here
+         * 
+         */
         $LocaleInfo = localeconv();
         $floatString = str_replace(",", "", $floatString);
         $floatString = str_replace($LocaleInfo["decimal_point"], ".", $floatString);
@@ -413,6 +429,26 @@ class Helper
         $floatString = str_replace($currencySymbol, '', $floatString);
         return floatval($floatString);
     }
+    
+    /**
+     * Format currency using comma or period for thousands, and period or comma for decimal, based on settings.
+     * 
+     * @author [B. Wetherington] [<bwetherington@grokability.com>]
+     * @since [v5.2]
+     * @return Float
+     */
+    public static function ParseCurrency($currencyString) {
+        $without_currency = str_replace(Setting::getSettings()->default_currency, '', $currencyString); //generally shouldn't come up, since we don't do this in fields, but just in case it does...
+        if(Setting::getSettings()->digit_separator=='1.234,56') {
+            //EU format
+            $without_thousands = str_replace('.', '', $without_currency);
+            $corrected_decimal = str_replace(',', '.', $without_thousands);
+        } else {
+            $without_thousands = str_replace(',', '', $without_currency);
+            $corrected_decimal = $without_thousands;  // decimal is already OK
+        }
+        return floatval($corrected_decimal);
+    }
 
     /**
      * Get the list of status labels in an array to make a dropdown menu
@@ -887,7 +923,8 @@ class Helper
             // If upload_max_size is less, then reduce. Except if upload_max_size is
             // zero, which indicates no limit.
             $upload_max = Helper::parse_size(ini_get('upload_max_filesize'));
-            if ($upload_max > 0 && $upload_max < $max_size) {
+
+            if ($upload_max > 0 && $upload_max < $post_max_size) {
                 $max_size = ini_get('upload_max_filesize');
             }
         }

app/Http/Controllers/Accessories/AccessoriesController.php

@@ -74,7 +74,7 @@ class AccessoriesController extends Controller
         $accessory->manufacturer_id         = request('manufacturer_id');
         $accessory->model_number            = request('model_number');
         $accessory->purchase_date           = request('purchase_date');
-        $accessory->purchase_cost           = Helper::ParseFloat(request('purchase_cost'));
+        $accessory->purchase_cost           = Helper::ParseCurrency(request('purchase_cost'));
         $accessory->qty                     = request('qty');
         $accessory->user_id                 = Auth::user()->id;
         $accessory->supplier_id             = request('supplier_id');
@@ -137,7 +137,7 @@ class AccessoriesController extends Controller
         $accessory->order_number            = request('order_number');
         $accessory->model_number            = request('model_number');
         $accessory->purchase_date           = request('purchase_date');
-        $accessory->purchase_cost           = request('purchase_cost');
+        $accessory->purchase_cost           = Helper::ParseCurrency(request('purchase_cost'));
         $accessory->qty                     = request('qty');
         $accessory->supplier_id             = request('supplier_id');
 

app/Http/Controllers/Api/AccessoriesController.php

@@ -13,6 +13,7 @@ use Carbon\Carbon;
 use Auth;
 use DB;
 use Illuminate\Http\Request;
+use App\Http\Requests\ImageUploadRequest;
 
 class AccessoriesController extends Controller
 {
@@ -26,9 +27,23 @@ class AccessoriesController extends Controller
     public function index(Request $request)
     {
         $this->authorize('view', Accessory::class);
-        $allowed_columns = ['id','name','model_number','eol','notes','created_at','min_amt','company_id'];
+        
+        // This array is what determines which fields should be allowed to be sorted on ON the table itself, no relations
+        // Relations will be handled in query scopes a little further down.
+        $allowed_columns = 
+            [
+                'id',
+                'name',
+                'model_number',
+                'eol',
+                'notes',
+                'created_at',
+                'min_amt',
+                'company_id'
+            ];
 
-        $accessories = Accessory::with('category', 'company', 'manufacturer', 'users', 'location');
+
+        $accessories = Accessory::select('accessories.*')->with('category', 'company', 'manufacturer', 'users', 'location', 'supplier');
 
         if ($request->filled('search')) {
             $accessories = $accessories->TextSearch($request->input('search'));
@@ -50,6 +65,10 @@ class AccessoriesController extends Controller
             $accessories->where('supplier_id','=',$request->input('supplier_id'));
         }
 
+        if ($request->filled('location_id')) {
+            $accessories->where('location_id','=',$request->input('location_id'));
+        }
+
         // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
         // case we override with the actual count, so we should return 0 items.
         $offset = (($accessories) && ($request->get('offset') > $accessories->count())) ? $accessories->count() : $request->get('offset', 0);
@@ -57,24 +76,32 @@ class AccessoriesController extends Controller
         // Check to make sure the limit is not higher than the max allowed
         ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');
 
-
         $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+        $sort_override =  $request->input('sort');
+        $column_sort = in_array($sort_override, $allowed_columns) ? $sort_override : 'created_at';
 
-        switch ($sort) {
+        switch ($sort_override) {
             case 'category':
                 $accessories = $accessories->OrderCategory($order);
                 break;
             case 'company':
                 $accessories = $accessories->OrderCompany($order);
                 break;
+            case 'location':
+                $accessories = $accessories->OrderLocation($order);
+                break;
+            case 'manufacturer':
+                $accessories = $accessories->OrderManufacturer($order);
+                break;    
+            case 'supplier':
+                $accessories = $accessories->OrderSupplier($order);
+                break;       
             default:
-                $accessories = $accessories->orderBy($sort, $order);
+                $accessories = $accessories->orderBy($column_sort, $order);
                 break;
         }
 
-        $accessories->orderBy($sort, $order);
-
+    
         $total = $accessories->count();
         $accessories = $accessories->skip($offset)->take($limit)->get();
         return (new AccessoriesTransformer)->transformAccessories($accessories, $total);
@@ -86,14 +113,15 @@ class AccessoriesController extends Controller
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest $request
      * @return \Illuminate\Http\Response
      */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
     {
         $this->authorize('create', Accessory::class);
         $accessory = new Accessory;
         $accessory->fill($request->all());
+        $accessory = $request->handleImages($accessory);
 
         if ($accessory->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', $accessory, trans('admin/accessories/message.create.success')));
@@ -165,9 +193,13 @@ class AccessoriesController extends Controller
 
         if ($request->filled('search')) {
             $accessory_users = $accessory->users()
-                                ->where('first_name', 'like', '%'.$request->input('search').'%')
-                                ->orWhere('last_name', 'like', '%'.$request->input('search').'%')
-                                ->get();
+                                         ->where(function ($query) use ($request) {
+                                             $search_str = '%' . $request->input('search') . '%';
+                                             $query->where('first_name', 'like', $search_str)
+                                                   ->orWhere('last_name', 'like', $search_str)
+                                                   ->orWhere('note', 'like', $search_str);
+                                         })
+                                         ->get();
             $total = $accessory_users->count();
         }
 
@@ -180,15 +212,16 @@ class AccessoriesController extends Controller
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest $request
      * @param  int  $id
      * @return \Illuminate\Http\Response
      */
-    public function update(Request $request, $id)
+    public function update(ImageUploadRequest $request, $id)
     {
         $this->authorize('update', Accessory::class);
         $accessory = Accessory::findOrFail($id);
         $accessory->fill($request->all());
+        $accessory = $request->handleImages($accessory);
 
         if ($accessory->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', $accessory, trans('admin/accessories/message.update.success')));

app/Http/Controllers/Api/AssetMaintenancesController.php

@@ -105,7 +105,7 @@ class AssetMaintenancesController extends Controller
         $assetMaintenance = new AssetMaintenance();
         $assetMaintenance->supplier_id = $request->input('supplier_id');
         $assetMaintenance->is_warranty = $request->input('is_warranty');
-        $assetMaintenance->cost =  e($request->input('cost'));
+        $assetMaintenance->cost =  Helper::ParseCurrency($request->input('cost'));
         $assetMaintenance->notes = e($request->input('notes'));
         $asset = Asset::find(e($request->input('asset_id')));
 
@@ -162,7 +162,7 @@ class AssetMaintenancesController extends Controller
 
         $assetMaintenance->supplier_id = e($request->input('supplier_id'));
         $assetMaintenance->is_warranty = e($request->input('is_warranty'));
-        $assetMaintenance->cost =  Helper::ParseFloat(e($request->input('cost')));
+        $assetMaintenance->cost =  Helper::ParseCurrency($request->input('cost'));
         $assetMaintenance->notes = e($request->input('notes'));
 
         $asset = Asset::find(request('asset_id'));

app/Http/Controllers/Api/AssetModelsController.php

@@ -9,6 +9,7 @@ use App\Http\Transformers\SelectlistTransformer;
 use App\Models\Asset;
 use App\Models\AssetModel;
 use Illuminate\Http\Request;
+use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Storage;
 
 /**
@@ -66,7 +67,7 @@ class AssetModelsController extends Controller
 
 
 
-        if ($request->filled('status')) {
+        if ($request->input('status')=='deleted') {
             $assetmodels->onlyTrashed();
         }
 
@@ -107,14 +108,15 @@ class AssetModelsController extends Controller
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest  $request
      * @return \Illuminate\Http\Response
      */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
     {
         $this->authorize('create', AssetModel::class);
         $assetmodel = new AssetModel;
         $assetmodel->fill($request->all());
+        $assetmodel = $request->handleImages($assetmodel);
 
         if ($assetmodel->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', $assetmodel, trans('admin/models/message.create.success')));
@@ -159,16 +161,17 @@ class AssetModelsController extends Controller
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest  $request
      * @param  int  $id
      * @return \Illuminate\Http\Response
      */
-    public function update(Request $request, $id)
+    public function update(ImageUploadRequest $request, $id)
     {
         $this->authorize('update', AssetModel::class);
         $assetmodel = AssetModel::findOrFail($id);
         $assetmodel->fill($request->all());
-
+        $assetmodel = $request->handleImages($assetmodel);
+        
         /**
          * Allow custom_fieldset_id to override and populate fieldset_id.
          * This is stupid, but required for legacy API support.

app/Http/Controllers/Api/AssetsController.php

@@ -7,8 +7,10 @@ use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Http\Requests\AssetCheckoutRequest;
 use App\Http\Transformers\AssetsTransformer;
+use App\Http\Transformers\DepreciationReportTransformer;
 use App\Http\Transformers\LicensesTransformer;
 use App\Http\Transformers\SelectlistTransformer;
+use App\Models\Actionlog;
 use App\Models\Asset;
 use App\Models\AssetModel;
 use App\Models\Company;
@@ -21,12 +23,14 @@ use Auth;
 use Carbon\Carbon;
 use DB;
 use Illuminate\Http\Request;
+use App\Http\Requests\ImageUploadRequest;
 use Input;
 use Paginator;
 use Slack;
 use Str;
 use TCPDF;
 use Validator;
+use Route;
 
 
 /**
@@ -47,10 +51,32 @@ class AssetsController extends Controller
      * @since [v4.0]
      * @return JsonResponse
      */
-    public function index(Request $request, $audit = null)
+    public function index(Request $request, $audit = null) 
     {
 
-        $this->authorize('index', Asset::class);
+        \Log::debug(Route::currentRouteName());
+        
+
+        /**
+         * This looks MAD janky (and it is), but the AssetsController@index does a LOT of heavy lifting throughout the 
+         * app. This bit here just makes sure that someone without permission to view assets doesn't 
+         * end up with priv escalations because they asked for a different endpoint. 
+         * 
+         * Since we never gave the specification for which transformer to use before, it should default 
+         * gracefully to just use the AssetTransformer by default, which shouldn't break anything. 
+         * 
+         * It was either this mess, or repeating ALL of the searching and sorting and filtering code, 
+         * which would have been far worse of a mess. *sad face*  - snipe (Sept 1, 2021)
+         */
+        if (Route::currentRouteName()=='api.depreciation-report.index') {
+            $transformer = 'App\Http\Transformers\DepreciationReportTransformer';
+            $this->authorize('reports.view');
+        } else {
+            $transformer = 'App\Http\Transformers\AssetsTransformer';
+            $this->authorize('index', Asset::class);          
+        }
+        
+       
         $settings = Setting::getSettings();
 
         $allowed_columns = [
@@ -89,10 +115,10 @@ class AssetsController extends Controller
         }
 
         $assets = Company::scopeCompanyables(Asset::select('assets.*'),"company_id","assets")
-            ->with('location', 'assetstatus', 'assetlog', 'company', 'defaultLoc','assignedTo',
-                'model.category', 'model.manufacturer', 'model.fieldset','supplier');
-
+            ->with('location', 'assetstatus', 'company', 'defaultLoc','assignedTo',
+                'model.category', 'model.manufacturer', 'model.fieldset','supplier'); //it might be tempting to add 'assetlog' here, but don't. It blows up update-heavy users.
 
+        
         // These are used by the API to query against specific ID numbers.
         // They are also used by the individual searches on detail pages like
         // locations, etc.
@@ -244,7 +270,7 @@ class AssetsController extends Controller
             $assets->TextSearch($request->input('search'));
         }
 
-
+        
         // This is kinda gross, but we need to do this because the Bootstrap Tables
         // API passes custom field ordering as custom_fields.fieldname, and we have to strip
         // that out to let the default sorter below order them correctly on the assets table.
@@ -293,8 +319,25 @@ class AssetsController extends Controller
 
         $total = $assets->count();
         $assets = $assets->skip($offset)->take($limit)->get();
-        // dd($assets);
-        return (new AssetsTransformer)->transformAssets($assets, $total);
+        
+    
+        /**
+         * Include additional associated relationships
+         */  
+        if ($request->input('components')) {
+            $assets->loadMissing(['components' => function ($query) {
+                $query->orderBy('created_at', 'desc');
+            }]);
+        }
+
+        
+
+
+        /**
+         * Here we're just determining which Transformer (via $transformer) to use based on the 
+         * variables we set earlier on in this method - we default to AssetsTransformer.
+         */
+        return (new $transformer)->transformAssets($assets, $total, $request);
     }
 
 
@@ -306,11 +349,11 @@ class AssetsController extends Controller
      * @since [v4.2.1]
      * @return JsonResponse
      */
-    public function showByTag($tag)
+    public function showByTag(Request $request, $tag)
     {
         if ($asset = Asset::with('assetstatus')->with('assignedTo')->where('asset_tag',$tag)->first()) {
             $this->authorize('view', $asset);
-            return (new AssetsTransformer)->transformAsset($asset);
+            return (new AssetsTransformer)->transformAsset($asset, $request);
         }
         return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 200);
 
@@ -324,18 +367,24 @@ class AssetsController extends Controller
      * @since [v4.2.1]
      * @return JsonResponse
      */
-    public function showBySerial($serial)
+    public function showBySerial(Request $request, $serial)
     {
         $this->authorize('index', Asset::class);
-        if ($assets = Asset::with('assetstatus')->with('assignedTo')
-            ->withTrashed()->where('serial',$serial)->get()) {
-                return (new AssetsTransformer)->transformAssets($assets, $assets->count());
+
+        $assets = Asset::with('assetstatus')->with('assignedTo');
+
+        if ($request->input('deleted', 'false') === 'true') {
+            $assets = $assets->withTrashed();
         }
-        return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 200);
 
+        $assets = $assets->where('serial', $serial)->get();
+        if ($assets) {
+            return (new AssetsTransformer)->transformAssets($assets, $assets->count());
+        } else {
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 200);
+        }
     }
 
-
     /**
      * Returns JSON with information about an asset for detail view.
      *
@@ -344,17 +393,17 @@ class AssetsController extends Controller
      * @since [v4.0]
      * @return JsonResponse
      */
-    public function show($id)
+    public function show(Request $request, $id)
     {
         if ($asset = Asset::with('assetstatus')->with('assignedTo')->withTrashed()
             ->withCount('checkins as checkins_count', 'checkouts as checkouts_count', 'userRequests as user_requests_count')->findOrFail($id)) {
             $this->authorize('view', $asset);
-            return (new AssetsTransformer)->transformAsset($asset);
+            return (new AssetsTransformer)->transformAsset($asset, $request->input('components') );
         }
 
 
     }
-    public function licenses($id)
+    public function licenses(Request $request, $id)
     {
         $this->authorize('view', Asset::class);
         $this->authorize('view', License::class);
@@ -425,11 +474,11 @@ class AssetsController extends Controller
      * Accepts a POST request to create a new asset
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @param Request $request
+     * @param \App\Http\Requests\ImageUploadRequest $request
      * @since [v4.0]
      * @return JsonResponse
      */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
     {
 
         $this->authorize('create', Asset::class);
@@ -450,7 +499,7 @@ class AssetsController extends Controller
         $asset->depreciate              = '0';
         $asset->status_id               = $request->get('status_id', 0);
         $asset->warranty_months         = $request->get('warranty_months', null);
-        $asset->purchase_cost           = Helper::ParseFloat($request->get('purchase_cost'));
+        $asset->purchase_cost           = Helper::ParseCurrency($request->get('purchase_cost')); // this is the API's store method, so I don't know that I want to do this? Confusing. FIXME (or not?!)
         $asset->purchase_date           = $request->get('purchase_date', null);
         $asset->assigned_to             = $request->get('assigned_to', null);
         $asset->supplier_id             = $request->get('supplier_id', 0);
@@ -458,21 +507,15 @@ class AssetsController extends Controller
         $asset->rtd_location_id         = $request->get('rtd_location_id', null);
         $asset->location_id             = $request->get('rtd_location_id', null);
 
-        if ($request->has('image_source') && $request->input('image_source') != "") {
-            $saved_image_path = Helper::processUploadedImage(
-                $request->input('image_source'), 'uploads/assets/'
-            );
+        /**
+        * this is here just legacy reasons. Api\AssetController
+        * used image_source  once to allow encoded image uploads.
+        */
+        if ($request->has('image_source')) {
+            $request->offsetSet('image', $request->offsetGet('image_source'));
+        }     
 
-            if (!$saved_image_path) {
-                return response()->json(Helper::formatStandardApiResponse(
-                        'error',
-                        null,
-                        trans('admin/hardware/message.create.error')
-                    ), 200);
-            }
-
-            $asset->image = $saved_image_path;
-        }
+        $asset = $request->handleImages($asset);
 
         // Update custom fields in the database.
         // Validation for these fields is handled through the AssetRequest form request
@@ -540,11 +583,11 @@ class AssetsController extends Controller
      * Accepts a POST request to update an asset
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @param Request $request
+     * @param \App\Http\Requests\ImageUploadRequest $request
      * @since [v4.0]
      * @return JsonResponse
      */
-    public function update(Request $request, $id)
+    public function update(ImageUploadRequest $request, $id)
     {
         $this->authorize('update', Asset::class);
 
@@ -558,32 +601,19 @@ class AssetsController extends Controller
             ($request->filled('company_id')) ?
                 $asset->company_id = Company::getIdForCurrentUser($request->get('company_id')) : '';
 
-($request->filled('rtd_location_id')) ?
-                $asset->location_id = $request->get('rtd_location_id') : null;
-
-
-            if ($request->filled('image_source')) {
-                if ($request->input('image_source') == "") {
             ($request->filled('rtd_location_id')) ?
                 $asset->location_id = $request->get('rtd_location_id') : null;
-                    $asset->image = null;
-                } else {
-                    $saved_image_path = Helper::processUploadedImage(
-                        $request->input('image_source'), 'uploads/assets/'
-                    );
 
-                    if (!$saved_image_path) {
-                        return response()->json(Helper::formatStandardApiResponse(
-                            'error',
-                            null,
-                            trans('admin/hardware/message.update.error')
-                        ), 200);
-                    }
-
-                    $asset->image = $saved_image_path;
-                }
-            }
+            /**
+            * this is here just legacy reasons. Api\AssetController
+            * used image_source  once to allow encoded image uploads.
+            */
+            if ($request->has('image_source')) {
+                $request->offsetSet('image', $request->offsetGet('image_source'));
+            }     
 
+            $asset = $request->handleImages($asset); 
+            
             // Update custom fields
             if (($model = AssetModel::find($asset->model_id)) && (isset($model->fieldset))) {
                 foreach ($model->fieldset->fields as $field) {
@@ -658,6 +688,39 @@ class AssetsController extends Controller
         return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 200);
     }
 
+    
+
+    /**
+     * Restore a soft-deleted asset.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $assetId
+     * @since [v5.1.18]
+     * @return JsonResponse
+     */
+    public function restore($assetId = null)
+    {
+        // Get asset information
+        $asset = Asset::withTrashed()->find($assetId);
+        $this->authorize('delete', $asset);
+        if (isset($asset->id)) {
+            // Restore the asset
+            Asset::withTrashed()->where('id', $assetId)->restore();
+
+            $logaction = new Actionlog();
+            $logaction->item_type = Asset::class;
+            $logaction->item_id = $asset->id;
+            $logaction->created_at =  date("Y-m-d H:i:s");
+            $logaction->user_id = Auth::user()->id;
+            $logaction->logaction('restored');
+
+            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/hardware/message.restore.success')));
+        
+
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 200);
+    }
+
 
 
     /**
@@ -782,7 +845,6 @@ class AssetsController extends Controller
         }
 
         if ($asset->save()) {
-            $asset->logCheckin($target, e($request->input('note')));
             event(new CheckoutableCheckedIn($asset, $target, Auth::user(), $request->input('note')));
 
             return response()->json(Helper::formatStandardApiResponse('success', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkin.success')));
@@ -848,7 +910,7 @@ class AssetsController extends Controller
             }
         }
 
-        return response()->json(Helper::formatStandardApiResponse('error', ['asset_tag'=> e($request->input('asset_tag'))], 'Asset with tag '.$request->input('asset_tag').' not found'));
+        return response()->json(Helper::formatStandardApiResponse('error', ['asset_tag'=> e($request->input('asset_tag'))], 'Asset with tag '.e($request->input('asset_tag')).' not found'));
 
 
 

app/Http/Controllers/Api/CategoriesController.php

@@ -8,6 +8,7 @@ use App\Http\Transformers\CategoriesTransformer;
 use App\Http\Transformers\SelectlistTransformer;
 use App\Models\Category;
 use Illuminate\Http\Request;
+use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Storage;
 
 class CategoriesController extends Controller
@@ -54,14 +55,16 @@ class CategoriesController extends Controller
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest $request
      * @return \Illuminate\Http\Response
      */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
     {
         $this->authorize('create', Category::class);
         $category = new Category;
         $category->fill($request->all());
+        $category->category_type = strtolower($request->input('category_type'));
+        $category = $request->handleImages($category);
 
         if ($category->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', $category, trans('admin/categories/message.create.success')));
@@ -92,15 +95,17 @@ class CategoriesController extends Controller
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest  $request
      * @param  int  $id
      * @return \Illuminate\Http\Response
      */
-    public function update(Request $request, $id)
+    public function update(ImageUploadRequest $request, $id)
     {
         $this->authorize('update', Category::class);
         $category = Category::findOrFail($id);
         $category->fill($request->all());
+        $category->category_type = strtolower($request->input('category_type'));
+        $category = $request->handleImages($category);
 
         if ($category->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', $category, trans('admin/categories/message.update.success')));

app/Http/Controllers/Api/CompaniesController.php

@@ -8,6 +8,7 @@ use App\Http\Transformers\CompaniesTransformer;
 use App\Http\Transformers\SelectlistTransformer;
 use App\Models\Company;
 use Illuminate\Http\Request;
+use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Storage;
 
 class CompaniesController extends Controller
@@ -65,15 +66,16 @@ class CompaniesController extends Controller
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest $request
      * @return \Illuminate\Http\Response
      */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
     {
         $this->authorize('create', Company::class);
         $company = new Company;
         $company->fill($request->all());
-
+        $company = $request->handleImages($company);
+        
         if ($company->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', (new CompaniesTransformer)->transformCompany($company), trans('admin/companies/message.create.success')));
         }
@@ -104,15 +106,16 @@ class CompaniesController extends Controller
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest  $request
      * @param  int  $id
      * @return \Illuminate\Http\Response
      */
-    public function update(Request $request, $id)
+    public function update(ImageUploadRequest $request, $id)
     {
         $this->authorize('update', Company::class);
         $company = Company::findOrFail($id);
         $company->fill($request->all());
+        $company = $request->handleImages($company);
 
         if ($company->save()) {
             return response()

app/Http/Controllers/Api/ComponentsController.php

@@ -8,6 +8,10 @@ use App\Http\Transformers\ComponentsTransformer;
 use App\Models\Company;
 use App\Models\Component;
 use Illuminate\Http\Request;
+use App\Http\Requests\ImageUploadRequest;
+use App\Events\CheckoutableCheckedIn;
+use App\Events\ComponentCheckedIn;
+use App\Models\Asset;
 
 class ComponentsController extends Controller
 {
@@ -22,8 +26,25 @@ class ComponentsController extends Controller
     public function index(Request $request)
     {
         $this->authorize('view', Component::class);
+
+        // This array is what determines which fields should be allowed to be sorted on ON the table itself, no relations
+        // Relations will be handled in query scopes a little further down.
+        $allowed_columns = 
+            [
+                'id',
+                'name',
+                'min_amt',
+                'order_number',
+                'serial',
+                'purchase_date',
+                'purchase_cost',
+                'qty',
+                'image',
+            ];
+
+
         $components = Company::scopeCompanyables(Component::select('components.*')
-            ->with('company', 'location', 'category'));
+            ->with('company', 'location', 'category', 'assets'));
 
         if ($request->filled('search')) {
             $components = $components->TextSearch($request->input('search'));
@@ -48,11 +69,12 @@ class ComponentsController extends Controller
         // Check to make sure the limit is not higher than the max allowed
         ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');
 
-        $allowed_columns = ['id','name','min_amt','order_number','serial','purchase_date','purchase_cost','company','category','qty','location','image'];
+        
         $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+        $sort_override =  $request->input('sort');
+        $column_sort = in_array($sort_override, $allowed_columns) ? $sort_override : 'created_at';
 
-        switch ($sort) {
+        switch ($sort_override) {
             case 'category':
                 $components = $components->OrderCategory($order);
                 break;
@@ -63,7 +85,7 @@ class ComponentsController extends Controller
                 $components = $components->OrderCompany($order);
                 break;
             default:
-                $components = $components->orderBy($sort, $order);
+                $components = $components->orderBy($column_sort, $order);
                 break;
         }
 
@@ -78,14 +100,15 @@ class ComponentsController extends Controller
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest  $request
      * @return \Illuminate\Http\Response
      */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
     {
         $this->authorize('create', Component::class);
         $component = new Component;
         $component->fill($request->all());
+        $component = $request->handleImages($component);
 
         if ($component->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', $component, trans('admin/components/message.create.success')));
@@ -116,15 +139,17 @@ class ComponentsController extends Controller
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param   \App\Http\Requests\ImageUploadRequest  $request
      * @param  int  $id
      * @return \Illuminate\Http\Response
      */
-    public function update(Request $request, $id)
+    public function update(ImageUploadRequest $request, $id)
     {
         $this->authorize('update', Component::class);
         $component = Component::findOrFail($id);
         $component->fill($request->all());
+        $component = $request->handleImages($component);
+        
 
         if ($component->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', $component, trans('admin/components/message.update.success')));
@@ -172,4 +197,119 @@ class ComponentsController extends Controller
         $assets = $assets->skip($offset)->take($limit)->get();
         return (new ComponentsTransformer)->transformCheckedoutComponents($assets, $total);
     }
+
+
+    /**
+     * Validate and checkout the component.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * t
+     * @since [v5.1.8]
+     * @param Request $request
+     * @param int $componentId
+     * @return \Illuminate\Http\RedirectResponse
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function checkout(Request $request, $componentId)
+    {
+        // Check if the component exists
+        if (is_null($component = Component::find($componentId))) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/components/message.does_not_exist')));
+        }
+
+        $this->authorize('checkout', $component);
+
+
+        if ($component->numRemaining() >= $request->get('assigned_qty')) {
+
+            if (!$asset = Asset::find($request->input('assigned_to'))) {
+                return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')));
+            }
+
+            // Update the accessory data
+            $component->assigned_to = $request->input('assigned_to');
+
+            $component->assets()->attach($component->id, [
+                'component_id' => $component->id,
+                'created_at' => \Carbon::now(),
+                'assigned_qty' => $request->get('assigned_qty', 1),
+                'user_id' => \Auth::id(),
+                'asset_id' => $request->get('assigned_to')
+            ]);
+
+            $component->logCheckout($request->input('note'), $asset);
+
+            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/components/message.checkout.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, 'Not enough components remaining: '.$component->numRemaining().' remaining, '.$request->get('assigned_qty').' requested.'));
+    }
+
+    /**
+     * Validate and store checkin data.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v5.1.8]
+     * @param Request $request
+     * @param $component_asset_id
+     * @return \Illuminate\Http\RedirectResponse
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function checkin(Request $request, $component_asset_id)
+    {
+        if ($component_assets = \DB::table('components_assets')->find($component_asset_id)) {
+
+            if (is_null($component = Component::find($component_assets->component_id))) {
+
+                return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/components/message.not_found')));
+            }
+
+            $this->authorize('checkin', $component);
+
+            $max_to_checkin = $component_assets->assigned_qty;
+
+            if ($max_to_checkin > 1) {
+                
+                $validator = \Validator::make($request->all(), [
+                    "checkin_qty" => "required|numeric|between:1,$max_to_checkin"
+                ]);
+    
+                if ($validator->fails()) {
+                    return response()->json(Helper::formatStandardApiResponse('error', null, 'Checkin quantity must be between 1 and '.$max_to_checkin));
+                }
+            }
+            
+
+            // Validation passed, so let's figure out what we have to do here.
+            $qty_remaining_in_checkout = ($component_assets->assigned_qty - (int)$request->input('checkin_qty', 1));
+
+            // We have to modify the record to reflect the new qty that's
+            // actually checked out.
+            $component_assets->assigned_qty = $qty_remaining_in_checkout;
+
+            \Log::debug($component_asset_id.' - '.$qty_remaining_in_checkout.' remaining in record '.$component_assets->id);
+            
+            \DB::table('components_assets')->where('id',
+                $component_asset_id)->update(['assigned_qty' => $qty_remaining_in_checkout]);
+
+            // If the checked-in qty is exactly the same as the assigned_qty,
+            // we can simply delete the associated components_assets record
+            if ($qty_remaining_in_checkout == 0) {
+                \DB::table('components_assets')->where('id', '=', $component_asset_id)->delete();
+            }
+            
+
+            $asset = Asset::find($component_assets->asset_id);
+
+            event(new CheckoutableCheckedIn($component, $asset, \Auth::user(), $request->input('note'), \Carbon::now()));
+
+            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/components/message.checkin.success')));
+
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, 'No matching checkouts for that component join record'));
+
+    
+    }
+
 }

app/Http/Controllers/Api/ConsumablesController.php

@@ -10,6 +10,7 @@ use App\Models\Company;
 use App\Models\Consumable;
 use App\Models\User;
 use Illuminate\Http\Request;
+use App\Http\Requests\ImageUploadRequest;
 
 class ConsumablesController extends Controller
 {
@@ -24,6 +25,26 @@ class ConsumablesController extends Controller
     public function index(Request $request)
     {
         $this->authorize('index', Consumable::class);
+
+        // This array is what determines which fields should be allowed to be sorted on ON the table itself, no relations
+        // Relations will be handled in query scopes a little further down.
+        $allowed_columns = 
+            [
+                'id',
+                'name',
+                'order_number',
+                'min_amt',
+                'purchase_date',
+                'purchase_cost',
+                'company',
+                'category',
+                'model_number', 
+                'item_no', 
+                'qty',
+                'image',
+                ];
+
+
         $consumables = Company::scopeCompanyables(
             Consumable::select('consumables.*')
                 ->with('company', 'location', 'category', 'users', 'manufacturer')
@@ -41,10 +62,18 @@ class ConsumablesController extends Controller
             $consumables->where('category_id','=',$request->input('category_id'));
         }
 
+        if ($request->filled('model_number')) {
+            $consumables->where('model_number','=',$request->input('model_number'));
+        }
+
         if ($request->filled('manufacturer_id')) {
             $consumables->where('manufacturer_id','=',$request->input('manufacturer_id'));
         }
 
+        if ($request->filled('location_id')) {
+            $consumables->where('location_id','=',$request->input('location_id'));
+        }
+
 
         // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
         // case we override with the actual count, so we should return 0 items.
@@ -53,12 +82,14 @@ class ConsumablesController extends Controller
         // Check to make sure the limit is not higher than the max allowed
         ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');
 
-        $allowed_columns = ['id','name','order_number','min_amt','purchase_date','purchase_cost','company','category','model_number', 'item_no', 'manufacturer','location','qty','image'];
+        
         $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+
+        $sort_override =  $request->input('sort');
+        $column_sort = in_array($sort_override, $allowed_columns) ? $sort_override : 'created_at';
 
 
-        switch ($sort) {
+        switch ($sort_override) {
             case 'category':
                 $consumables = $consumables->OrderCategory($order);
                 break;
@@ -72,7 +103,7 @@ class ConsumablesController extends Controller
                 $consumables = $consumables->OrderCompany($order);
                 break;
             default:
-                $consumables = $consumables->orderBy($sort, $order);
+                $consumables = $consumables->orderBy($column_sort, $order);
                 break;
         }
 
@@ -90,14 +121,15 @@ class ConsumablesController extends Controller
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0]
-     * @param  \Illuminate\Http\Request $request
+     * @param  \App\Http\Requests\ImageUploadRequest $request
      * @return \Illuminate\Http\Response
      */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
     {
         $this->authorize('create', Consumable::class);
         $consumable = new Consumable;
         $consumable->fill($request->all());
+        $consumable = $request->handleImages($consumable);
 
         if ($consumable->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', $consumable, trans('admin/consumables/message.create.success')));
@@ -125,16 +157,17 @@ class ConsumablesController extends Controller
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0]
-     * @param  \Illuminate\Http\Request $request
+     * @param  \App\Http\Requests\ImageUploadRequest $request
      * @param  int $id
      * @return \Illuminate\Http\Response
      */
-    public function update(Request $request, $id)
+    public function update(ImageUploadRequest $request, $id)
     {
         $this->authorize('update', Consumable::class);
         $consumable = Consumable::findOrFail($id);
         $consumable->fill($request->all());
-
+        $consumable = $request->handleImages($consumable);
+        
         if ($consumable->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', $consumable, trans('admin/consumables/message.update.success')));
         }

app/Http/Controllers/Api/DepartmentsController.php

@@ -9,6 +9,7 @@ use App\Http\Transformers\SelectlistTransformer;
 use App\Models\Department;
 use Auth;
 use Illuminate\Http\Request;
+use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Storage;
 
 class DepartmentsController extends Controller
@@ -73,14 +74,16 @@ class DepartmentsController extends Controller
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest  $request
      * @return \Illuminate\Http\Response
      */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
     {
         $this->authorize('create', Department::class);
         $department = new Department;
         $department->fill($request->all());
+        $department = $request->handleImages($department);
+
         $department->user_id = Auth::user()->id;
         $department->manager_id = ($request->filled('manager_id' ) ? $request->input('manager_id') : null);
 
@@ -111,15 +114,16 @@ class DepartmentsController extends Controller
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v5.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest  $request
      * @param  int  $id
      * @return \Illuminate\Http\Response
      */
-    public function update(Request $request, $id)
+    public function update(ImageUploadRequest $request, $id)
     {
         $this->authorize('update', Department::class);
         $department = Department::findOrFail($id);
         $department->fill($request->all());
+        $department = $request->handleImages($department);
 
         if ($department->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', $department, trans('admin/departments/message.update.success')));

app/Http/Controllers/Api/DepreciationsController.php

@@ -20,9 +20,9 @@ class DepreciationsController extends Controller
     public function index(Request $request)
     {
         $this->authorize('view', Depreciation::class);
-        $allowed_columns = ['id','name','months','created_at'];
+        $allowed_columns = ['id','name','months','depreciation_min','created_at'];
 
-        $depreciations = Depreciation::select('id','name','months','user_id','created_at','updated_at');
+        $depreciations = Depreciation::select('id','name','months','depreciation_min','user_id','created_at','updated_at');
 
         if ($request->filled('search')) {
             $depreciations = $depreciations->TextSearch($request->input('search'));

app/Http/Controllers/Api/LocationsController.php

@@ -3,6 +3,7 @@
 namespace App\Http\Controllers\Api;
 
 use Illuminate\Http\Request;
+use App\Http\Requests\ImageUploadRequest;
 use App\Http\Controllers\Controller;
 use App\Helpers\Helper;
 use App\Models\Location;
@@ -86,14 +87,15 @@ class LocationsController extends Controller
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest  $request
      * @return \Illuminate\Http\Response
      */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
     {
         $this->authorize('create', Location::class);
         $location = new Location;
         $location->fill($request->all());
+        $location = $request->handleImages($location);
 
         if ($location->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', (new LocationsTransformer)->transformLocation($location), trans('admin/locations/message.create.success')));
@@ -141,17 +143,17 @@ class LocationsController extends Controller
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest  $request
      * @param  int  $id
      * @return \Illuminate\Http\JsonResponse
      */
-    public function update(Request $request, $id)
+    public function update(ImageUploadRequest $request, $id)
     {
         $this->authorize('update', Location::class);
         $location = Location::findOrFail($id);
 
         $location->fill($request->all());
-
+        $location = $request->handleImages($location);
 
         if ($location->isValid()) {
 

app/Http/Controllers/Api/ManufacturersController.php

@@ -8,6 +8,7 @@ use App\Http\Transformers\ManufacturersTransformer;
 use App\Http\Transformers\SelectlistTransformer;
 use App\Models\Manufacturer;
 use Illuminate\Http\Request;
+use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Storage;
 
 class ManufacturersController extends Controller
@@ -59,14 +60,15 @@ class ManufacturersController extends Controller
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest $request
      * @return \Illuminate\Http\Response
      */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
     {
         $this->authorize('create', Manufacturer::class);
         $manufacturer = new Manufacturer;
         $manufacturer->fill($request->all());
+        $manufacturer = $request->handleImages($manufacturer);
 
         if ($manufacturer->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', $manufacturer, trans('admin/manufacturers/message.create.success')));
@@ -96,15 +98,16 @@ class ManufacturersController extends Controller
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest  $request
      * @param  int  $id
      * @return \Illuminate\Http\Response
      */
-    public function update(Request $request, $id)
+    public function update(ImageUploadRequest $request, $id)
     {
         $this->authorize('update', Manufacturer::class);
         $manufacturer = Manufacturer::findOrFail($id);
         $manufacturer->fill($request->all());
+        $manufacturer = $request->handleImages($manufacturer);
 
         if ($manufacturer->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', $manufacturer, trans('admin/manufacturers/message.update.success')));

app/Http/Controllers/Api/SettingsController.php

@@ -17,6 +17,7 @@ use GuzzleHttp\Client;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Facades\Validator;
 use App\Models\Ldap; // forward-port of v4 LDAP model for Sync
+use App\Http\Requests\SlackSettingsRequest;
 
 
 class SettingsController extends Controller
@@ -165,31 +166,41 @@ class SettingsController extends Controller
     public function slacktest(Request $request)
     {
 
-        $slack = new Client([
-            'base_url' => e($request->input('slack_endpoint')),
-            'defaults' => [
-                'exceptions' => false
-            ]
+        $validator = Validator::make($request->all(), [
+            'slack_endpoint'                      => 'url|required_with:slack_channel|starts_with:https://hooks.slack.com/|nullable',
+            'slack_channel'                       => 'required_with:slack_endpoint|starts_with:#|nullable',
         ]);
 
-
-        $payload = json_encode(
-            [
-                'channel'    => e($request->input('slack_channel')),
-                'text'       => trans('general.slack_test_msg'),
-                'username'    => e($request->input('slack_botname')),
-                'icon_emoji' => ':heart:'
-            ]);
-
-        try {
-            $slack->post($request->input('slack_endpoint'),['body' => $payload]);
-            return response()->json(['message' => 'Success'], 200);
-        } catch (\Exception $e) {
-            return response()->json(['message' => 'Oops! Please check the channel name and webhook endpoint URL. Slack responded with: '.$e->getMessage()], 400);
+        if ($validator->fails()) {
+            return response()->json(['message' => 'Validation failed', 'errors' => $validator->errors()], 422);
         }
 
-        return response()->json(['message' => 'Something went wrong :( '], 400);
+        // If validation passes, continue to the curl request
+            $slack = new Client([
+                'base_url' => e($request->input('slack_endpoint')),
+                'defaults' => [
+                    'exceptions' => false,
+                ],
+            ]);
 
+            $payload = json_encode(
+                [
+                    'channel'    => e($request->input('slack_channel')),
+                    'text'       => trans('general.slack_test_msg'),
+                    'username'    => e($request->input('slack_botname')),
+                    'icon_emoji' => ':heart:',
+                ]);
+
+            try {
+                $slack->post($request->input('slack_endpoint'), ['body' => $payload]);
+                return response()->json(['message' => 'Success'], 200);
+
+            } catch (\Exception $e) {
+                return response()->json(['message' => 'FARTS! Please check the channel name and webhook endpoint URL ('.$request->input('slack_endpoint').'). Slack responded with: '.$e->getMessage()], 400);
+            }
+        
+        //} 
+        return response()->json(['message' => 'Something went wrong :( '], 400);
     }
 
 

app/Http/Controllers/Api/StatuslabelsController.php

@@ -22,7 +22,7 @@ class StatuslabelsController extends Controller
     public function index(Request $request)
     {
         $this->authorize('view', Statuslabel::class);
-        $allowed_columns = ['id','name','created_at', 'assets_count','color','default_label'];
+        $allowed_columns = ['id','name','created_at', 'assets_count','color', 'notes','default_label'];
 
         $statuslabels = Statuslabel::withCount('assets as assets_count');
 
@@ -71,6 +71,10 @@ class StatuslabelsController extends Controller
         $statuslabel->deployable        =  $statusType['deployable'];
         $statuslabel->pending           =  $statusType['pending'];
         $statuslabel->archived          =  $statusType['archived'];
+        $statuslabel->color             =  $request->input('color');
+        $statuslabel->show_in_nav       =  $request->input('show_in_nav', 0);
+        $statuslabel->default_label     =  $request->input('default_label', 0);
+
 
         if ($statuslabel->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', $statuslabel, trans('admin/statuslabels/message.create.success')));
@@ -111,9 +115,7 @@ class StatuslabelsController extends Controller
         
         $request->except('deployable', 'pending','archived');
 
-        if (!$request->filled('type')) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, 'Status label type is required.'));
-        }
+
 
         $statuslabel->fill($request->all());
 
@@ -121,6 +123,9 @@ class StatuslabelsController extends Controller
         $statuslabel->deployable        =  $statusType['deployable'];
         $statuslabel->pending           =  $statusType['pending'];
         $statuslabel->archived          =  $statusType['archived'];
+        $statuslabel->color             =  $request->input('color');
+        $statuslabel->show_in_nav       =  $request->input('show_in_nav');
+        $statuslabel->default_label     =  $request->input('default_label');
 
         if ($statuslabel->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', $statuslabel, trans('admin/statuslabels/message.update.success')));
@@ -176,7 +181,6 @@ class StatuslabelsController extends Controller
 
         foreach ($statuslabels as $statuslabel) {
             if ($statuslabel->assets_count > 0) {
-
                 $labels[]=$statuslabel->name. ' ('.number_format($statuslabel->assets_count).')';
                 $points[]=$statuslabel->assets_count;
 
@@ -184,8 +188,8 @@ class StatuslabelsController extends Controller
                     $colors_array[] = $statuslabel->color;
                 } else {
                     $colors_array[] = Helper::defaultChartColors($default_color_count);
-                    $default_color_count++;
                 }
+                $default_color_count++;
             }
         }
 

app/Http/Controllers/Api/SuppliersController.php

@@ -8,6 +8,7 @@ use App\Http\Transformers\SelectlistTransformer;
 use App\Http\Transformers\SuppliersTransformer;
 use App\Models\Supplier;
 use Illuminate\Http\Request;
+use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Storage;
 
 class SuppliersController extends Controller
@@ -55,14 +56,15 @@ class SuppliersController extends Controller
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest  $request
      * @return \Illuminate\Http\Response
      */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
     {
         $this->authorize('create', Supplier::class);
         $supplier = new Supplier;
         $supplier->fill($request->all());
+        $supplier = $request->handleImages($supplier);
 
         if ($supplier->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', $supplier, trans('admin/suppliers/message.create.success')));
@@ -92,15 +94,16 @@ class SuppliersController extends Controller
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest  $request
      * @param  int  $id
      * @return \Illuminate\Http\Response
      */
-    public function update(Request $request, $id)
+    public function update(ImageUploadRequest $request, $id)
     {
         $this->authorize('update', Supplier::class);
         $supplier = Supplier::findOrFail($id);
         $supplier->fill($request->all());
+        $supplier = $request->handleImages($supplier);
 
         if ($supplier->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', $supplier, trans('admin/suppliers/message.update.success')));

app/Http/Controllers/Api/UsersController.php

@@ -16,6 +16,7 @@ use App\Models\License;
 use App\Models\User;
 use Auth;
 use Illuminate\Http\Request;
+use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Storage;
 
 class UsersController extends Controller
@@ -74,6 +75,10 @@ class UsersController extends Controller
             $users = $users->withTrashed();
         }
 
+        if ($request->filled('activated')) {
+            $users = $users->where('users.activated', '=', $request->input('activated'));
+        }
+
         if ($request->filled('company_id')) {
             $users = $users->where('users.company_id', '=', $request->input('company_id'));
         }
@@ -90,6 +95,30 @@ class UsersController extends Controller
             $users = $users->where('users.username', '=', $request->input('username'));
         }
 
+        if ($request->filled('first_name')) {
+            $users = $users->where('users.first_name', '=', $request->input('first_name'));
+        }
+
+        if ($request->filled('last_name')) {
+            $users = $users->where('users.last_name', '=', $request->input('last_name'));
+        }
+
+        if ($request->filled('employee_num')) {
+            $users = $users->where('users.employee_num', '=', $request->input('employee_num'));
+        }
+
+        if ($request->filled('state')) {
+            $users = $users->where('users.state', '=', $request->input('state'));
+        }
+
+        if ($request->filled('country')) {
+            $users = $users->where('users.country', '=', $request->input('country'));
+        }
+
+        if ($request->filled('zip')) {
+            $users = $users->where('users.zip', '=', $request->input('zip'));
+        }
+
         if ($request->filled('group_id')) {
             $users = $users->ByGroup($request->get('group_id'));
         }
@@ -98,6 +127,10 @@ class UsersController extends Controller
             $users = $users->where('users.department_id','=',$request->input('department_id'));
         }
 
+        if ($request->filled('manager_id')) {
+            $users = $users->where('users.manager_id','=',$request->input('manager_id'));
+        }
+
         if ($request->filled('search')) {
             $users = $users->TextSearch($request->input('search'));
         }
@@ -237,7 +270,8 @@ class UsersController extends Controller
         $tmp_pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
         $user->password = bcrypt($request->get('password', $tmp_pass));
 
-
+        app('App\Http\Requests\ImageUploadRequest')->handleImages($user, 600, 'image', 'avatars', 'avatar');
+        
         if ($user->save()) {
             if ($request->filled('groups')) {
                 $user->groups()->sync($request->input('groups'));
@@ -280,9 +314,15 @@ class UsersController extends Controller
 
         $user = User::findOrFail($id);
 
-        // This is a janky hack to prevent people from changing admin demo user data on the public demo.
-        // The $ids 1 and 2 are special since they are seeded as superadmins in the demo seeder.
-        // Thanks, jerks. You are why we can't have nice things. - snipe
+        /**
+         * This is a janky hack to prevent people from changing admin demo user data on the public demo.
+         * 
+         * The $ids 1 and 2 are special since they are seeded as superadmins in the demo seeder.
+         * 
+         *  Thanks, jerks. You are why we can't have nice things. - snipe
+         * 
+         */ 
+
 
         if ((($id == 1) || ($id == 2)) && (config('app.lock_passwords'))) {
             return response()->json(Helper::formatStandardApiResponse('error', null, 'Permission denied. You cannot update user information via API on the demo.'));
@@ -290,7 +330,7 @@ class UsersController extends Controller
 
 
         $user->fill($request->all());
-
+        
         if ($user->id == $request->input('manager_id')) {
             return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot be your own manager'));
         }
@@ -320,6 +360,9 @@ class UsersController extends Controller
         Asset::where('assigned_type', User::class)
             ->where('assigned_to', $user->id)->update(['location_id' => $request->input('location_id', null)]);
 
+        
+        app('App\Http\Requests\ImageUploadRequest')->handleImages($user, 600, 'image', 'avatars', 'avatar');
+          
         if ($user->save()) {
 
             // Sync group memberships:
@@ -397,12 +440,12 @@ class UsersController extends Controller
      * @param $userId
      * @return string JSON
      */
-    public function assets($id)
+    public function assets(Request $request, $id)
     {
         $this->authorize('view', User::class);
         $this->authorize('view', Asset::class);
         $assets = Asset::where('assigned_to', '=', $id)->where('assigned_type', '=', User::class)->with('model')->get();
-        return (new AssetsTransformer)->transformAssets($assets, $assets->count());
+        return (new AssetsTransformer)->transformAssets($assets, $assets->count(), $request);
     }
 
     /**

app/Http/Controllers/AssetMaintenancesController.php

@@ -100,7 +100,7 @@ class AssetMaintenancesController extends Controller
         $assetMaintenance = new AssetMaintenance();
         $assetMaintenance->supplier_id = $request->input('supplier_id');
         $assetMaintenance->is_warranty = $request->input('is_warranty');
-        $assetMaintenance->cost =  $request->input('cost');
+        $assetMaintenance->cost = Helper::ParseCurrency($request->input('cost'));
         $assetMaintenance->notes = $request->input('notes');
         $asset = Asset::find($request->input('asset_id'));
 
@@ -209,10 +209,10 @@ class AssetMaintenancesController extends Controller
             return static::getInsufficientPermissionsRedirect();
         }
 
-        $assetMaintenance->supplier_id = e($request->input('supplier_id'));
-        $assetMaintenance->is_warranty = e($request->input('is_warranty'));
-        $assetMaintenance->cost =  Helper::ParseFloat(e($request->input('cost')));
-        $assetMaintenance->notes = e($request->input('notes'));
+        $assetMaintenance->supplier_id = $request->input('supplier_id');
+        $assetMaintenance->is_warranty = $request->input('is_warranty');
+        $assetMaintenance->cost =  Helper::ParseCurrency($request->input('cost'));
+        $assetMaintenance->notes = $request->input('notes');
 
         $asset = Asset::find(request('asset_id'));
 

app/Http/Controllers/AssetModelsController.php

@@ -269,6 +269,7 @@ class AssetModelsController extends Controller
     */
     public function getClone($modelId = null)
     {
+        $this->authorize('create', AssetModel::class);
         // Check if the model exists
         if (is_null($model_to_clone = AssetModel::find($modelId))) {
             return redirect()->route('models.index')->with('error', trans('admin/models/message.does_not_exist'));

app/Http/Controllers/Assets/AssetFilesController.php

@@ -2,7 +2,6 @@
 
 namespace App\Http\Controllers\Assets;
 
-
 use App\Http\Controllers\Controller;
 use App\Http\Requests\AssetFileRequest;
 use App\Models\Actionlog;
@@ -10,6 +9,7 @@ use App\Models\Asset;
 use Illuminate\Support\Facades\Response;
 use Illuminate\Support\Facades\Storage;
 use App\Helpers\StorageHelper;
+use enshrined\svgSanitize\Sanitizer;
 
 class AssetFilesController extends Controller
 {
@@ -36,9 +36,29 @@ class AssetFilesController extends Controller
             if (!Storage::exists('private_uploads/assets')) Storage::makeDirectory('private_uploads/assets', 775);
 
             foreach ($request->file('file') as $file) {
+
                 $extension = $file->getClientOriginalExtension();
                 $file_name = 'hardware-'.$asset->id.'-'.str_random(8).'-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$extension;
-                Storage::put('private_uploads/assets/'.$file_name, file_get_contents($file));
+
+                // Check for SVG and sanitize it
+                if ($extension=='svg') {
+                    \Log::debug('This is an SVG');
+
+                        $sanitizer = new Sanitizer();
+                        $dirtySVG = file_get_contents($file->getRealPath());
+                        $cleanSVG = $sanitizer->sanitize($dirtySVG);
+
+                        try {
+                            Storage::put('private_uploads/assets/'.$file_name, $cleanSVG);
+                        } catch (\Exception $e) {
+                            \Log::debug('Upload no workie :( ');
+                            \Log::debug($e);
+                        }
+                } else {
+                    Storage::put('private_uploads/assets/'.$file_name, file_get_contents($file));
+                }
+               
+                
                 $asset->logUpload($file_name, e($request->get('notes')));
             }
             return redirect()->back()->with('success', trans('admin/hardware/message.upload.success'));
@@ -117,13 +137,13 @@ class AssetFilesController extends Controller
             $this->authorize('update', $asset);
             $log = Actionlog::find($fileId);
             if ($log) {
-            if (Storage::exists($rel_path.'/'.$log->filename)) {
-                Storage::delete($rel_path.'/'.$log->filename);
+                if (Storage::exists($rel_path.'/'.$log->filename)) {
+                    Storage::delete($rel_path.'/'.$log->filename);
                 }
                 $log->delete();
                 return redirect()->back()->with('success', trans('admin/hardware/message.deletefile.success'));
             }
-            $log->delete();
+
             return redirect()->back()
                 ->with('success', trans('admin/hardware/message.deletefile.success'));
         }

app/Http/Controllers/Assets/AssetsController.php

@@ -138,7 +138,7 @@ class AssetsController extends Controller
             $asset->depreciate              = '0';
             $asset->status_id               = request('status_id', 0);
             $asset->warranty_months         = request('warranty_months', null);
-            $asset->purchase_cost           = Helper::ParseFloat($request->get('purchase_cost'));
+            $asset->purchase_cost           = Helper::ParseCurrency($request->get('purchase_cost'));
             $asset->purchase_date           = request('purchase_date', null);
             $asset->assigned_to             = request('assigned_to', null);
             $asset->supplier_id             = request('supplier_id', 0);
@@ -196,7 +196,7 @@ class AssetsController extends Controller
                 }
 
                 if (isset($target)) {
-                    $asset->checkOut($target, Auth::user(), date('Y-m-d H:i:s'), $request->input('expected_checkin', null), 'Checked out on asset creation', e($request->get('name')), $location);
+                    $asset->checkOut($target, Auth::user(), date('Y-m-d H:i:s'), $request->input('expected_checkin', null), 'Checked out on asset creation', $request->get('name'), $location);
                 }
 
                 $success = true;
@@ -302,7 +302,7 @@ class AssetsController extends Controller
 
         $asset->status_id = $request->input('status_id', null);
         $asset->warranty_months = $request->input('warranty_months', null);
-        $asset->purchase_cost = Helper::ParseFloat($request->input('purchase_cost', null));
+        $asset->purchase_cost = Helper::ParseCurrency($request->input('purchase_cost', null));
         $asset->purchase_date = $request->input('purchase_date', null);
         $asset->supplier_id = $request->input('supplier_id', null);
         $asset->expected_checkin = $request->input('expected_checkin', null);

app/Http/Controllers/Assets/BulkAssetsController.php

@@ -32,7 +32,8 @@ class BulkAssetsController extends Controller
             return redirect()->back()->with('error', 'No assets selected');
         }
 
-        $asset_ids = array_keys($request->input('ids'));
+        
+        $asset_ids = array_values(array_unique($request->input('ids')));
 
         if ($request->filled('bulk_actions')) {
             switch($request->input('bulk_actions')) {
@@ -50,7 +51,7 @@ class BulkAssetsController extends Controller
                     return view('hardware/bulk-delete')->with('assets', $assets);
                 case 'edit':
                     return view('hardware/bulk')
-                        ->with('assets', request('ids'))
+                        ->with('assets', $asset_ids)
                         ->with('statuslabel_list', Helper::statusLabelList());
             }
         }
@@ -90,6 +91,7 @@ class BulkAssetsController extends Controller
             || ($request->filled('model_id'))
         ) {
             foreach ($assets as $assetId) {
+
                 $this->update_array = [];
 
                 $this->conditionallyAddItem('purchase_date')
@@ -102,7 +104,7 @@ class BulkAssetsController extends Controller
                     ->conditionallyAddItem('warranty_months');
 
                 if ($request->filled('purchase_cost')) {
-                    $this->update_array['purchase_cost'] =  Helper::ParseFloat($request->input('purchase_cost'));
+                    $this->update_array['purchase_cost'] =  Helper::ParseCurrency($request->input('purchase_cost'));
                 }
 
                 if ($request->filled('company_id')) {

app/Http/Controllers/Auth/ForgotPasswordController.php

@@ -29,6 +29,7 @@ class ForgotPasswordController extends Controller
     public function __construct()
     {
         $this->middleware('guest');
+        $this->middleware('throttle:5,1', ['except' => 'showLinkRequestForm']);
     }
 
     /**
@@ -61,7 +62,7 @@ class ForgotPasswordController extends Controller
         $request->validate([
             'username' => ['required', 'max:255'],
         ]);
-        
+
 
 
         /**
@@ -71,13 +72,21 @@ class ForgotPasswordController extends Controller
          * Once we have attempted to send the link, we will examine the response
          * then see the message we need to show to the user. Finally, we'll send out a proper response.
          */
-        $response = $this->broker()->sendResetLink(
-            array_merge(
-                $request->only('username'),
-                ['activated' => '1'],
-                ['ldap_import' => '0']
-            )
-        );
+        
+        $response = null;
+
+        try {
+            $response = $this->broker()->sendResetLink(
+                array_merge(
+                    $request->only('username'),
+                    ['activated' => '1'],
+                    ['ldap_import' => '0']
+                )
+            );
+        } catch(\Exception $e) {
+            \Log::info('Password reset attempt: User '.$request->input('username').'failed with exception: '.$e );
+        }
+
 
         if ($response === \Password::RESET_LINK_SENT) {
             \Log::info('Password reset attempt: User '.$request->input('username').' WAS found, password reset sent');

app/Http/Controllers/Components/ComponentsController.php

@@ -5,6 +5,7 @@ use App\Http\Controllers\Controller;
 use App\Http\Requests\ImageUploadRequest;
 use App\Models\Company;
 use App\Models\Component;
+use App\Helpers\Helper;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Input;
 use Illuminate\Support\Facades\Storage;
@@ -74,7 +75,7 @@ class ComponentsController extends Controller
         $component->min_amt                = $request->input('min_amt', null);
         $component->serial                 = $request->input('serial', null);
         $component->purchase_date          = $request->input('purchase_date', null);
-        $component->purchase_cost          = $request->input('purchase_cost', null);
+        $component->purchase_cost          = Helper::ParseCurrency($request->input('purchase_cost', null));
         $component->qty                    = $request->input('qty');
         $component->user_id                = Auth::id();
 
@@ -144,7 +145,7 @@ class ComponentsController extends Controller
         $component->min_amt                = $request->input('min_amt');
         $component->serial                 = $request->input('serial');
         $component->purchase_date          = $request->input('purchase_date');
-        $component->purchase_cost          = request('purchase_cost');
+        $component->purchase_cost          = Helper::ParseCurrency(request('purchase_cost'));
         $component->qty                    = $request->input('qty');
 
         $component = $request->handleImages($component);

app/Http/Controllers/Consumables/ConsumablesController.php

@@ -75,7 +75,7 @@ class ConsumablesController extends Controller
         $consumable->model_number           = $request->input('model_number');
         $consumable->item_no                = $request->input('item_no');
         $consumable->purchase_date          = $request->input('purchase_date');
-        $consumable->purchase_cost          = Helper::ParseFloat($request->input('purchase_cost'));
+        $consumable->purchase_cost          = Helper::ParseCurrency($request->input('purchase_cost'));
         $consumable->qty                    = $request->input('qty');
         $consumable->user_id                = Auth::id();
 
@@ -141,7 +141,7 @@ class ConsumablesController extends Controller
         $consumable->model_number           = $request->input('model_number');
         $consumable->item_no                = $request->input('item_no');
         $consumable->purchase_date          = $request->input('purchase_date');
-        $consumable->purchase_cost          = Helper::ParseFloat($request->input('purchase_cost'));
+        $consumable->purchase_cost          = Helper::ParseCurrency($request->input('purchase_cost'));
         $consumable->qty                    = Helper::ParseFloat($request->input('qty'));
 
         $consumable = $request->handleImages($consumable);

app/Http/Controllers/CustomFieldsController.php

@@ -92,7 +92,7 @@ class CustomFieldsController extends Controller
         $this->authorize('create', CustomField::class);
 
         $field = new CustomField([
-            "name" => $request->get("name"),
+            "name" => trim($request->get("name")),
             "element" => $request->get("element"),
             "help_text" => $request->get("help_text"),
             "field_values" => $request->get("field_values"),
@@ -212,7 +212,7 @@ class CustomFieldsController extends Controller
  
         $this->authorize('update', $field);
 
-        $field->name          = e($request->get("name"));
+        $field->name          = trim(e($request->get("name")));
         $field->element       = e($request->get("element"));
         $field->field_values  = e($request->get("field_values"));
         $field->user_id       = Auth::id();

app/Http/Controllers/DepreciationsController.php

@@ -69,6 +69,7 @@ class DepreciationsController extends Controller
         // Depreciation data
         $depreciation->name             = $request->input('name');
         $depreciation->months           = $request->input('months');
+        $depreciation->depreciation_min= $request->input('depreciation_min');
         $depreciation->user_id          = Auth::id();
 
         // Was the asset created?
@@ -125,8 +126,9 @@ class DepreciationsController extends Controller
         $this->authorize('update', $depreciation);
 
         // Depreciation data
-        $depreciation->name      = $request->input('name');
-        $depreciation->months    = $request->input('months');
+        $depreciation->name             = $request->input('name');
+        $depreciation->months           = $request->input('months');
+        $depreciation->depreciation_min = $request->input('depreciation_min');
 
         // Was the asset created?
         if ($depreciation->save()) {

app/Http/Controllers/Licenses/LicenseCheckinController.php

@@ -7,6 +7,7 @@ use App\Http\Controllers\Controller;
 use App\Models\License;
 use App\Models\LicenseSeat;
 use App\Models\User;
+use App\Models\Asset;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Input;
@@ -80,7 +81,12 @@ class LicenseCheckinController extends Controller
             // Ooops.. something went wrong
             return redirect()->back()->withInput()->withErrors($validator);
         }
-        $return_to = User::find($licenseSeat->assigned_to);
+
+        if($licenseSeat->assigned_to != null){
+            $return_to = User::find($licenseSeat->assigned_to);
+        } else {
+            $return_to = Asset::find($licenseSeat->asset_id);
+        }
 
         // Update the asset data
         $licenseSeat->assigned_to                   = null;
@@ -88,7 +94,6 @@ class LicenseCheckinController extends Controller
 
         // Was the asset updated?
         if ($licenseSeat->save()) {
-
             event(new CheckoutableCheckedIn($licenseSeat, $return_to, Auth::user(), $request->input('note')));
 
             if ($backTo=='user') {

app/Http/Controllers/Licenses/LicenseFilesController.php

@@ -6,11 +6,11 @@ use App\Http\Controllers\Controller;
 use App\Http\Requests\AssetFileRequest;
 use App\Models\Actionlog;
 use App\Models\License;
-use Illuminate\Support\Facades\Input;
 use Illuminate\Support\Facades\Response;
 use Illuminate\Support\Facades\Storage;
 use Symfony\Component\HttpFoundation\JsonResponse;
 use App\Helpers\StorageHelper;
+use enshrined\svgSanitize\Sanitizer;
 
 class LicenseFilesController extends Controller
 {
@@ -37,28 +37,39 @@ class LicenseFilesController extends Controller
 
                 if (!Storage::exists('private_uploads/licenses')) Storage::makeDirectory('private_uploads/licenses', 775);
 
-                $upload_success = false;
                 foreach ($request->file('file') as $file) {
 
-
-                    $file_name = 'license-'.$license->id.'-'.str_random(8).'-'.str_slug(basename($file->getClientOriginalName(), '.'.$file->getClientOriginalExtension())).'.'.$file->getClientOriginalExtension();
+                    $extension = $file->getClientOriginalExtension();
+                    $file_name = 'license-'.$license->id.'-'.str_random(8).'-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$extension;
 
 
-                    $upload_success = $file->storeAs('private_uploads/licenses', $file_name);
-                    // $upload_success = $file->storeAs('private_uploads/licenses/'.$file_name, $file);
+                        // Check for SVG and sanitize it
+                        if ($extension == 'svg') {
+                            \Log::debug('This is an SVG');
+                            \Log::debug($file_name);
+
+                                $sanitizer = new Sanitizer();
+                                $dirtySVG = file_get_contents($file->getRealPath());
+                                $cleanSVG = $sanitizer->sanitize($dirtySVG);
+
+                                try {
+                                    Storage::put('private_uploads/licenses/'.$file_name, $cleanSVG);
+                                } catch (\Exception $e) {
+                                    \Log::debug('Upload no workie :( ');
+                                    \Log::debug($e);
+                                }
+
+                        } else {
+                            Storage::put('private_uploads/licenses/'.$file_name, file_get_contents($file));
+                        }
 
                     //Log the upload to the log
                     $license->logUpload($file_name, e($request->input('notes')));
                 }
 
-                // This being called from a modal seems to confuse redirect()->back()
-                // It thinks we should go to the dashboard.  As this is only used
-                // from the modal at present, hardcode the redirect.  Longterm
-                // maybe we evaluate something else.
-                if ($upload_success) {
+
                     return redirect()->route('licenses.show', $license->id)->with('success', trans('admin/licenses/message.upload.success'));
-                }
-                return redirect()->route('licenses.show', $license->id)->with('error', trans('admin/licenses/message.upload.error'));
+                
             }
             return redirect()->route('licenses.show', $license->id)->with('error', trans('admin/licenses/message.upload.nofiles'));
         }

app/Http/Controllers/Licenses/LicensesController.php

@@ -88,7 +88,7 @@ class LicensesController extends Controller
         $license->name              = $request->input('name');
         $license->notes             = $request->input('notes');
         $license->order_number      = $request->input('order_number');
-        $license->purchase_cost     = $request->input('purchase_cost');
+        $license->purchase_cost     = Helper::ParseCurrency($request->input('purchase_cost'));
         $license->purchase_date     = $request->input('purchase_date');
         $license->purchase_order    = $request->input('purchase_order');
         $license->purchase_order    = $request->input('purchase_order');
@@ -165,7 +165,7 @@ class LicensesController extends Controller
         $license->name              = $request->input('name');
         $license->notes             = $request->input('notes');
         $license->order_number      = $request->input('order_number');
-        $license->purchase_cost     = $request->input('purchase_cost');
+        $license->purchase_cost     = Helper::ParseCurrency($request->input('purchase_cost'));
         $license->purchase_date     = $request->input('purchase_date');
         $license->purchase_order    = $request->input('purchase_order');
         $license->reassignable      = $request->input('reassignable', 0);

app/Http/Controllers/ReportsController.php

@@ -102,11 +102,7 @@ class ReportsController extends Controller
     {
         $this->authorize('reports.view');
         $depreciations = Depreciation::get();
-        // Grab all the assets
-        $assets = Asset::with( 'assignedTo', 'assetstatus', 'defaultLoc', 'location', 'company', 'model.category', 'model.depreciation')
-                       ->orderBy('created_at', 'DESC')->get();
-
-        return view('reports/depreciation', compact('assets'))->with('depreciations',$depreciations);
+        return view('reports/depreciation')->with('depreciations',$depreciations);
     }
 
     /**
@@ -563,7 +559,7 @@ class ReportsController extends Controller
 
 
             foreach ($customfields as $customfield) {
-                if (e($request->input($customfield->db_column_name())) == '1') {
+                if ($request->input($customfield->db_column_name()) == '1') {
                     $header[] = $customfield->name;
                 }
             }

app/Http/Controllers/SettingsController.php

@@ -22,6 +22,7 @@ use Input;
 use Redirect;
 use Response;
 use App\Helpers\StorageHelper;
+use App\Http\Requests\SlackSettingsRequest;
 
 /**
  * This controller handles all actions related to Settings for
@@ -667,25 +668,12 @@ class SettingsController extends Controller
      *
      * @return View
      */
-    public function postSlack(Request $request)
+    public function postSlack(SlackSettingsRequest $request)
     {
         if (is_null($setting = Setting::getSettings())) {
             return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
         }
 
-        $validatedData = $request->validate([
-            'slack_channel'   => 'regex:/(?<!\w)#\w+/|required_with:slack_endpoint|nullable',
-        ]);
-
-
-        if ($validatedData) {
-
-            $setting->slack_endpoint = $request->input('slack_endpoint');
-            $setting->slack_channel = $request->input('slack_channel');
-            $setting->slack_botname = $request->input('slack_botname');
-
-        }
-
         if ($setting->save()) {
             return redirect()->route('settings.index')
                 ->with('success', trans('admin/settings/message.update.success'));
@@ -947,10 +935,14 @@ class SettingsController extends Controller
             $setting->ldap_jobtitle          = $request->input('ldap_jobtitle');
             $setting->ldap_country           = $request->input('ldap_country');
             $setting->ldap_dept              = $request->input('ldap_dept');
+            $setting->ldap_client_tls_cert   = $request->input('ldap_client_tls_cert');
+            $setting->ldap_client_tls_key    = $request->input('ldap_client_tls_key');
+
 
         }
 
         if ($setting->save()) {
+            $setting->update_client_side_cert_files();
             return redirect()->route('settings.ldap.index')
                 ->with('success', trans('admin/settings/message.update.success'));
         }

app/Http/Controllers/Users/UserFilesController.php

@@ -10,6 +10,8 @@ use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Input;
 use Illuminate\Support\Facades\Response;
 use Symfony\Component\HttpFoundation\JsonResponse;
+use enshrined\svgSanitize\Sanitizer;
+use Illuminate\Support\Facades\Storage;
 
 class UserFilesController extends Controller
 {
@@ -38,12 +40,31 @@ class UserFilesController extends Controller
                 return redirect()->back()->with('error', trans('admin/users/message.upload.nofiles'));
             }
             foreach($files as $file) {
+                
                 $extension = $file->getClientOriginalExtension();
-                $filename = 'user-' . $user->id . '-' . str_random(8);
-                $filename .= '-' . str_slug($file->getClientOriginalName()) . '.' . $extension;
-                if (!$file->move($destinationPath, $filename)) {
-                    return redirect()->back()->with('error', trans('admin/users/message.upload.invalidfiles'));
-                }
+                $file_name = 'user-'.$user->id.'-'.str_random(8).'-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$extension;
+
+
+                    // Check for SVG and sanitize it
+                    if ($extension == 'svg') {
+                        \Log::debug('This is an SVG');
+                        \Log::debug($file_name);
+
+                            $sanitizer = new Sanitizer();
+                            $dirtySVG = file_get_contents($file->getRealPath());
+                            $cleanSVG = $sanitizer->sanitize($dirtySVG);
+
+                            try {
+                                Storage::put('private_uploads/users/'.$file_name, $cleanSVG);
+                            } catch (\Exception $e) {
+                                \Log::debug('Upload no workie :( ');
+                                \Log::debug($e);
+                            }
+
+                    } else {
+                        Storage::put('private_uploads/users/'.$file_name, file_get_contents($file));
+                    }
+
                 //Log the uploaded file to the log
                 $logAction = new Actionlog();
                 $logAction->item_id = $user->id;
@@ -52,7 +73,7 @@ class UserFilesController extends Controller
                 $logAction->note = $request->input('notes');
                 $logAction->target_id = null;
                 $logAction->created_at = date("Y-m-d H:i:s");
-                $logAction->filename = $filename;
+                $logAction->filename = $file_name;
                 $logAction->action_type = 'uploaded';
 
                 if (!$logAction->save()) {

app/Http/Kernel.php

@@ -23,6 +23,7 @@ class Kernel extends HttpKernel
         \App\Http\Middleware\CheckForDebug::class,
         \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
         \App\Http\Middleware\SecurityHeaders::class,
+        \App\Http\Middleware\PreventBackHistory::class,
 
     ];
 

app/Http/Middleware/PreventBackHistory.php

@@ -0,0 +1,30 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+
+class PreventBackHistory
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        $headers = [
+            'Cache-Control' => 'no-cache, no-store, max-age=0, must-revalidate',
+            'Pragma'        => 'no-cache',
+            'Expires'       => 'Sun, 02 Jan 1990 00:00:00 GMT'
+        ];
+        $response = $next($request);
+        foreach($headers as $key => $value) {
+            $response->headers->set($key, $value);
+        }
+
+        return $response;
+    }
+}

app/Http/Requests/ImageUploadRequest.php

@@ -5,10 +5,14 @@ namespace App\Http\Requests;
 use App\Models\SnipeModel;
 use Intervention\Image\Facades\Image;
 use enshrined\svgSanitize\Sanitizer;
+use App\Http\Traits\ConvertsBase64ToFiles;
+use Illuminate\Http\UploadedFile;
 use Storage;
 
 class ImageUploadRequest extends Request
 {
+    use ConvertsBase64ToFiles;
+
     /**
      * Determine if the user is authorized to make this request.
      *
@@ -26,16 +30,32 @@ class ImageUploadRequest extends Request
      */
     public function rules()
     {
-        return [
-            'image' => 'mimes:png,gif,jpg,jpeg,svg,bmp,svg+xml,webp',
-            'avatar' => 'mimes:png,gif,jpg,jpeg,svg,bmp,svg+xml,webp',
-        ];
+       
+            return [
+                'image' => 'mimes:png,gif,jpg,jpeg,svg,bmp,svg+xml,webp',
+                'avatar' => 'mimes:png,gif,jpg,jpeg,svg,bmp,svg+xml,webp',
+            ];
     }
 
     public function response(array $errors)
     {
         return $this->redirector->back()->withInput()->withErrors($errors, $this->errorBag);
     }
+    
+    /** 
+     * Fields that should be traited from base64 to files
+     */
+    protected function base64FileKeys(): array
+    {
+        /**
+         * image_source is here just legacy reasons. Api\AssetController
+         * had it once to allow encoded image uploads.
+        */ 
+        return [
+            'image' => 'auto',
+            'image_source' => 'auto'
+        ];
+    }
 
     /**
      * Handle and store any images attached to request
@@ -77,14 +97,22 @@ class ImageUploadRequest extends Request
         \Log::debug('Form fieldname is: '.$form_fieldname);
         \Log::debug('DB fieldname is: '.$use_db_field);
         \Log::debug('Trying to upload to '. $path);
+        
+        // ConvertBase64ToFiles just changes object type, 
+        // as it cannot currently insert files to $this->files
+        if ($this->offsetGet($form_fieldname) instanceof UploadedFile) {
+           $image=$this->offsetGet($form_fieldname);
+        } else {
+            if ($this->hasFile($form_fieldname)) {
+                $image = $this->file($form_fieldname);
+            }
+        }
 
-        \Log::debug($this->file());
-
-        if ($this->hasFile($form_fieldname)) {
+        if (isset($image)) {
+            \Log::debug($image);
 
             if (!config('app.lock_passwords')) {
 
-                $image = $this->file($form_fieldname);
                 $ext = $image->getClientOriginalExtension();
                 $file_name = $type.'-'.$form_fieldname.'-'.str_random(10).'.'.$ext;
 
@@ -165,4 +193,5 @@ class ImageUploadRequest extends Request
 
         return $item;
     }
+    
 }

app/Http/Requests/SlackSettingsRequest.php

@@ -0,0 +1,33 @@
+<?php
+
+namespace App\Http\Requests;
+
+class SlackSettingsRequest extends Request
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     *
+     * @return bool
+     */
+    public function authorize()
+    {
+        return true;
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'slack_endpoint'                      => 'url|required_with:slack_channel|starts_with:"https://hooks.slack.com"|nullable',
+            'slack_channel'                       => 'required_with:slack_endpoint|starts_with:#|nullable',
+            'slack_botname'                       => 'string|nullable',
+
+        ];
+    }
+
+
+}

app/Http/Traits/ConvertsBase64ToFiles.php

@@ -0,0 +1,80 @@
+<?php
+
+namespace App\Http\Traits;
+
+use Illuminate\Http\UploadedFile;
+use Illuminate\Support\Arr;
+use Illuminate\Support\Collection;
+use Illuminate\Support\Str;
+
+trait ConvertsBase64ToFiles
+{
+    protected function base64FileKeys(): array
+    {
+        return [];
+    }
+
+    /**
+     * Pulls the Base64 contents for each file key and creates
+     * an UploadedFile instance from it and sets it on the
+     * request.
+     *
+     * @return void
+     */
+    protected function prepareForValidation()
+    {
+        $flattened = Arr::dot($this->base64FileKeys());
+
+        Collection::make($flattened)->each(function ($filename, $key) {
+            rescue(function () use ($key, $filename) {
+                // dont process plain files
+                if ( $this->file($key)){
+                    return;
+                }
+
+                $base64Contents = $this->input($key);
+
+                if (!$base64Contents) {
+                    return;
+                }
+                
+                // autogenerate filenames
+                if ($filename == 'auto'){
+                    $header = explode(';', $base64Contents, 2)[0];
+                    // Grab the image type from the header while we're at it.
+                    $filename = $key . '.' . substr($header, strpos($header, '/')+1);
+                }
+
+                // Generate a temporary path to store the Base64 contents
+                $tempFilePath = tempnam(sys_get_temp_dir(), $filename);
+
+                // Store the contents using a stream, or by decoding manually
+                if (Str::startsWith($base64Contents, 'data:') && count(explode(',', $base64Contents)) > 1) {
+                    $source = fopen($base64Contents, 'r');
+                    $destination = fopen($tempFilePath, 'w');
+
+                    stream_copy_to_stream($source, $destination);
+
+                    fclose($source);
+                    fclose($destination);
+                } else {
+                    file_put_contents($tempFilePath, base64_decode($base64Contents, true));
+                }
+
+                $uploadedFile = new UploadedFile($tempFilePath, $filename, null, null, true);
+
+                \Log::debug("Trait: uploadedfile ". $tempFilePath);
+                $this->offsetUnset($key);                                                                                                                                                                                                                                                                                                                                               
+                \Log::debug("Trait: encoded field \"$key\" removed" );
+                
+                //Inserting new file  to $this-files does not work so have to deal this after
+                $this->offsetSet($key,$uploadedFile);
+                \Log::debug("Trait:  field \"$key\" inserted as UplodedFile" );
+    
+            }, null, false);
+        });
+    }
+}
+/**
+ * Loosely based on idea https://github.com/protonemedia/laravel-mixins/tree/master/src/Request
+ * */

app/Http/Transformers/AccessoriesTransformer.php

@@ -82,7 +82,7 @@ class AccessoriesTransformer
                 'first_name'=> e($user->first_name),
                 'last_name'=> e($user->last_name),
                 'employee_number' =>  e($user->employee_num),
-                'checkout_notes' => $user->pivot->note,
+                'checkout_notes' => e($user->pivot->note),
                 'last_checkout' => Helper::getFormattedDateObject($user->pivot->created_at, 'datetime'),
                 'type' => 'user',
                 'available_actions' => ['checkin' => true]

app/Http/Transformers/ActionlogsTransformer.php

@@ -115,7 +115,7 @@ class ActionlogsTransformer
             'note'          => ($actionlog->note) ? e($actionlog->note): null,
             'signature_file'   => ($actionlog->accept_signature) ? route('log.signature.view', ['filename' => $actionlog->accept_signature ]) : null,
             'log_meta'          => ((isset($clean_meta)) && (is_array($clean_meta))) ? $clean_meta: null,
-            'action_date'   => ($actionlog->action_date) ? Helper::getFormattedDateObject($actionlog->action_date, 'datetime'): null,
+            'action_date'   => ($actionlog->action_date) ? Helper::getFormattedDateObject($actionlog->action_date, 'datetime'): Helper::getFormattedDateObject($actionlog->created_at, 'datetime'),
 
         ];
 

app/Http/Transformers/AssetsTransformer.php

@@ -93,15 +93,15 @@ class AssetsTransformer
                     $value = (Gate::allows('superadmin')) ? $decrypted : strtoupper(trans('admin/custom_fields/general.encrypted'));
 
                     $fields_array[$field->name] = [
-                            'field' => $field->convertUnicodeDbSlug(),
-                            'value' => $value,
+                            'field' => e($field->convertUnicodeDbSlug()),
+                            'value' => e($value),
                             'field_format' => $field->format,
                         ];
 
                 } else {
                     $fields_array[$field->name] = [
-                        'field' => $field->convertUnicodeDbSlug(),
-                        'value' => $asset->{$field->convertUnicodeDbSlug()},
+                        'field' => e($field->convertUnicodeDbSlug()),
+                        'value' => e($asset->{$field->convertUnicodeDbSlug()}),
                         'field_format' => $field->format,
                     ];
 
@@ -114,26 +114,38 @@ class AssetsTransformer
         }
 
         $permissions_array['available_actions'] = [
-            'checkout' => Gate::allows('checkout', Asset::class),
-            'checkin' => Gate::allows('checkin', Asset::class),
-            'clone' => Gate::allows('create', Asset::class),
-            'restore' => false,
-            'update' => (bool) Gate::allows('update', Asset::class),
-            'delete' => ($asset->assigned_to=='' && Gate::allows('delete', Asset::class)),
+            'checkout'      => ($asset->deleted_at=='' && Gate::allows('checkout', Asset::class)) ? true : false,
+            'checkin'       => ($asset->deleted_at=='' && Gate::allows('checkin', Asset::class)) ? true : false,
+            'clone'         => Gate::allows('create', Asset::class) ? true : false,
+            'restore'       => ($asset->deleted_at!='' && Gate::allows('create', Asset::class)) ? true : false,
+            'update'        => ($asset->deleted_at=='' && Gate::allows('update', Asset::class)) ? true : false,
+            'delete'        => ($asset->deleted_at=='' && $asset->assigned_to =='' && Gate::allows('delete', Asset::class)) ? true : false,
         ];
 
-        if ($asset->deleted_at!='') {
-            $permissions_array['available_actions'] = [
-                'checkout' => true,
-                'checkin' => false,
-                'clone' => Gate::allows('create', Asset::class),
-                'restore' => Gate::allows('create', Asset::class),
-                'update' => false,
-                'delete' => false,
-            ];
+
+
+        if (request('components')=='true') {
+        
+            if ($asset->components) {
+                $array['components'] = [];
+    
+                foreach ($asset->components as $component) {
+                    $array['components'][] = [
+                        
+                            'id' => $component->id,
+                            'pivot_id' => $component->pivot->id,
+                            'name' => e($component->name),
+                            'qty' => $component->pivot->assigned_qty,
+                            'price_cost' => $component->purchase_cost,
+                            'purchase_total' => $component->purchase_cost * $component->pivot->assigned_qty,
+                            'checkout_date' => Helper::getFormattedDateObject($component->pivot->created_at, 'datetime') ,
+                        
+                    ];
+                }
+            }
+
         }
-
-
+        
         $array += $permissions_array;
         return $array;
     }
@@ -197,4 +209,4 @@ class AssetsTransformer
         return $array;
 
     }
-}
+}

app/Http/Transformers/CategoriesTransformer.php

@@ -29,6 +29,7 @@ class CategoriesTransformer
                 'image' =>   ($category->image) ? Storage::disk('public')->url('categories/'.e($category->image)) : null,
                 'category_type' => ucwords(e($category->category_type)),
                 'has_eula' => ($category->getEula() ? true : false),
+                'use_default_eula' => ($category->use_default_eula=='1' ? true : false),
                 'eula' => ($category->getEula()),
                 'checkin_email' => ($category->checkin_email =='1'),
                 'require_acceptance' => ($category->require_acceptance == '1'),

app/Http/Transformers/DepreciationReportTransformer.php

@@ -0,0 +1,120 @@
+<?php
+namespace App\Http\Transformers;
+
+use App\Helpers\Helper;
+use App\Models\Asset;
+use Illuminate\Database\Eloquent\Collection;
+
+/**
+ *  This tranformer looks like it's extraneous, since we return as much or more
+ * info in the AssetsTransformer, but we want to flatten these results out so that they 
+ * don't dislose more information than we want. Folks with depreciation powers don't necessaily 
+ * have the right to see additional info, and inspecting the API call here could disclose 
+ * info they're not supposed to see.
+ * 
+ * @author [A. Gianotto] [<snipe@snipe.net>]
+ * @since [v5.2.0]
+ */
+class DepreciationReportTransformer
+{
+    public function transformAssets(Collection $assets, $total)
+    {
+        $array = array();
+        foreach ($assets as $asset) {
+            $array[] = self::transformAsset($asset);
+        }
+        return (new DatatablesTransformer)->transformDatatables($array, $total);
+    }
+
+
+    public function transformAsset(Asset $asset)
+    {
+
+        /**
+         * Set some default values here
+         */
+        $purchase_cost = null;
+        $depreciated_value = null;
+        $monthly_depreciation = null;
+        $diff = null;
+        $checkout_target = null;
+
+        /**
+         * If there is a location set and a currency set, use that for display
+         */
+        if ($asset->location && $asset->location->currency) {
+            $purchase_cost_currency = $asset->location->currency;
+        } else {
+            $purchase_cost_currency = \App\Models\Setting::getSettings()->default_currency;
+        }
+
+        /**
+         * If there is a NOT an empty purchase cost (meaning not null or '' but it *could* be zero),
+         * format the purchase cost. We coould do this inline in the transformer, but we need that value 
+         * for the other calculations that come after, like diff, etc.
+         */
+        if ($asset->purchase_cost!='') {
+            $purchase_cost = $asset->purchase_cost;
+        }
+       
+
+        /**
+         * Override the previously set null values if there is a valid model and associated depreciation
+         */
+        if (($asset->model) && ($asset->model->depreciation)) {
+            $depreciated_value = \App\Helpers\Helper::formatCurrencyOutput($asset->getDepreciatedValue());
+            $monthly_depreciation = \App\Helpers\Helper::formatCurrencyOutput(($asset->model->eol > 0 ? ($asset->purchase_cost / $asset->model->eol) : 0));
+            $diff = \App\Helpers\Helper::formatCurrencyOutput(($asset->purchase_cost - $asset->getDepreciatedValue()));
+        }
+
+        if ($asset->assigned) {
+            $checkout_target = $asset->assigned->name;
+            if ($asset->checkedOutToUser()) {
+                $checkout_target = $asset->assigned->getFullNameAttribute();
+            } 
+
+        }
+                   
+        $array = [
+    
+            'company' => ($asset->company) ? e($asset->company->name) : null,
+            'name' => e($asset->name),
+            'asset_tag' => e($asset->asset_tag),
+            'serial' => e($asset->serial),
+            'model' => ($asset->model) ?  e($asset->model->name) : null,
+            'model_number' => (($asset->model) && ($asset->model->model_number)) ? e($asset->model->model_number) : null,
+            'eol' => ($asset->purchase_date!='') ? Helper::getFormattedDateObject($asset->present()->eol_date(), 'date') : null ,
+            'status_label' => ($asset->assetstatus) ? e($asset->assetstatus->name) : null,
+            'status' => ($asset->assetstatus) ?  e($asset->present()->statusMeta) : null,
+            'category' => (($asset->model) && ($asset->model->category)) ? e($asset->model->category->name) : null,
+            'manufacturer' => (($asset->model) && ($asset->model->manufacturer)) ? e($asset->model->manufacturer->name) : null,
+            'supplier' => ($asset->supplier) ? e($asset->supplier->name) : null,
+            'notes' => ($asset->notes) ? e($asset->notes) : null,
+            'order_number' => ($asset->order_number) ? e($asset->order_number) : null,
+            'location' => ($asset->location) ? e($asset->location->name) : null,
+            'warranty_expires' => ($asset->warranty_months > 0) ?  Helper::getFormattedDateObject($asset->warranty_expires, 'date') : null,
+            'currency' => $purchase_cost_currency,
+            'purchase_date' => Helper::getFormattedDateObject($asset->purchase_date, 'date'),
+            'purchase_cost' => Helper::formatCurrencyOutput($asset->purchase_cost),
+            'book_value' => Helper::formatCurrencyOutput($depreciated_value),
+            'monthly_depreciation' => $monthly_depreciation,
+            'checked_out_to' => $checkout_target,
+            'diff' =>  Helper::formatCurrencyOutput($diff),
+            'number_of_months' =>  ($asset->model && $asset->model->depreciation) ? e($asset->model->depreciation->months) : null,
+            'depreciation' => (($asset->model) && ($asset->model->depreciation)) ?  e($asset->model->depreciation->name) : null,
+            
+
+        
+        ];
+
+        return $array;
+    }
+
+    public function transformAssetsDatatable($assets)
+    {
+        return (new DatatablesTransformer)->transformDatatables($assets);
+    }
+
+
+   
+}

app/Http/Transformers/DepreciationsTransformer.php

@@ -24,6 +24,7 @@ class DepreciationsTransformer
             'id' => (int) $depreciation->id,
             'name' => e($depreciation->name),
             'months' => $depreciation->months . ' '. trans('general.months'),
+            'depreciation_min' => $depreciation->depreciation_min,
             'created_at' => Helper::getFormattedDateObject($depreciation->created_at, 'datetime'),
             'updated_at' => Helper::getFormattedDateObject($depreciation->updated_at, 'datetime'),
         ];

app/Http/Transformers/LicensesTransformer.php

@@ -31,7 +31,8 @@ class LicensesTransformer
             'purchase_date' => Helper::getFormattedDateObject($license->purchase_date, 'date'),
             'termination_date' => Helper::getFormattedDateObject($license->termination_date, 'date'),
             'depreciation' => ($license->depreciation) ? ['id' => (int) $license->depreciation->id,'name'=> e($license->depreciation->name)] : null,
-            'purchase_cost' => e($license->purchase_cost),
+            'purchase_cost' => Helper::formatCurrencyOutput($license->purchase_cost),
+            'purchase_cost_numeric' => $license->purchase_cost,
             'notes' => e($license->notes),
             'expiration_date' => Helper::getFormattedDateObject($license->expiration_date, 'date'),
             'seats' => (int) $license->seats,

app/Importer/AccessoryImporter.php

@@ -14,7 +14,7 @@ class AccessoryImporter extends ItemImporter
     protected function handle($row)
     {
         parent::handle($row); // TODO: Change the autogenerated stub
-        $this->createAccessoryIfNotExists();
+        $this->createAccessoryIfNotExists($row);
     }
 
     /**
@@ -23,7 +23,7 @@ class AccessoryImporter extends ItemImporter
      * @author Daniel Melzter
      * @since 3.0
      */
-    public function createAccessoryIfNotExists()
+    public function createAccessoryIfNotExists($row)
     {
         $accessory = Accessory::where('name', $this->item['name'])->first();
         if ($accessory) {
@@ -33,12 +33,14 @@ class AccessoryImporter extends ItemImporter
             }
 
             $this->log('Updating Accessory');
+            $this->item['model_number'] = $this->findCsvMatch($row, "model_number");
             $accessory->update($this->sanitizeItemForUpdating($accessory));
             $accessory->save();
             return;
         }
         $this->log("No Matching Accessory, Creating a new one");
         $accessory = new Accessory();
+        $this->item['model_number'] = $this->findCsvMatch($row, "model_number");
         $accessory->fill($this->sanitizeItemForStoring($accessory));
 
         //FIXME: this disables model validation.  Need to find a way to avoid double-logs without breaking everything.

app/Importer/ConsumableImporter.php

@@ -41,9 +41,12 @@ class ConsumableImporter extends ItemImporter
         $consumable = new Consumable();
         $this->item['model_number'] = $this->findCsvMatch($row, "model_number");;
         $this->item['item_no'] = $this->findCsvMatch($row, "item_number");
+        $this->item['min_amt'] = $this->findCsvMatch($row, "minimum quantity");
+        $this->log("min_amt " . $this->item["min_amt"]);
         $consumable->fill($this->sanitizeItemForStoring($consumable));
         //FIXME: this disables model validation.  Need to find a way to avoid double-logs without breaking everything.
         $consumable->unsetEventDispatcher();
+        $this->log(implode(",", $this->item));
         if ($consumable->save()) {
             $consumable->logCreate('Imported using CSV Importer');
             $this->log("Consumable " . $this->item["name"] . ' was created');

app/Importer/Importer.php

@@ -75,6 +75,7 @@ abstract class Importer
         'department' => 'department',
         'manager_first_name' => 'manager first name',
         'manager_last_name' => 'manager last name',
+        'min_amt' => 'minimum quantity',
     ];
     /**
      * Map of item fields->csv names
@@ -195,11 +196,11 @@ abstract class Importer
         $val = $default;
         $key = $this->lookupCustomKey($key);
 
-        // $this->log("Custom Key: ${key}");
+        $this->log("Custom Key: ${key}");
         if (array_key_exists($key, $array)) {
             $val = Encoding::toUTF8(trim($array[ $key ]));
         }
-        // $this->log("${key}: ${val}");
+        $this->log("${key}: ${val}");
         return $val;
     }
 

app/Importer/ItemImporter.php

@@ -100,7 +100,7 @@ class ItemImporter extends Importer
             return $this->createOrFetchUser($row);
         }
 
-        if ($this->item['checkout_class'] === 'location') {
+        if (strtolower($this->item['checkout_class']) === 'location') {
             return Location::findOrFail($this->createOrFetchLocation($this->findCsvMatch($row, 'checkout_location')));
         }
 

app/Importer/UserImporter.php

@@ -121,12 +121,15 @@ class UserImporter extends ItemImporter
      */
     public function createOrFetchDepartment($department_name)
     {
+        if (is_null($department_name) || $department_name == ''){
+            return null;
+        }
+
+
         $department = Department::where(['name' => $department_name])->first();
         if ($department) {
             $this->log('A matching department ' . $department_name . ' already exists');
             return $department->id;
-        } else {
-            return null;
         }
 
         $department = new department();

app/Importer/import_mappings.md

@@ -29,6 +29,7 @@
 | serial number       | serial           | Asset, license                            |
 | status              | status           | Asset ? All                               |
 | supplier            | supplier         | Asset ? All                               |
+| minimum quantity    | min_amt          | Consumable                                |
 | termination date    | termination_date | License                                   |
 | warranty months     | warranty_months  | Asset                                     |
 | User Related Fields | assigned_to      | Asset                                     |

app/Listeners/CheckoutableListener.php

@@ -71,20 +71,27 @@ class CheckoutableListener
         /**
          * Send the appropriate notification
          */
+        $acceptances = CheckoutAcceptance::where('checkoutable_id', $event->checkoutable->id)
+                                        ->where('assigned_to_id', $event->checkedOutTo->id)
+                                        ->get();
 
-
+        foreach($acceptances as $acceptance){
+            if($acceptance->isPending()){
+                $acceptance->delete();
+            }
+        }
         \Log::debug('checked out to a user');
         if(!$event->checkedOutTo->locale){
             \Log::debug('Use default settings locale');
             Notification::locale(Setting::getSettings()->locale)->send(
-                $this->getNotifiables($event), 
+                $this->getNotifiables($event),
                 $this->getCheckinNotification($event)
             );
         } else {
             \Log::debug('Use user locale? I do not think this works as expected yet');
             // \Log::debug(print_r($this->getNotifiables($event), true));
             Notification::send(
-                $this->getNotifiables($event), 
+                $this->getNotifiables($event),
                 $this->getCheckinNotification($event)
             );
         }

app/Models/Accessory.php

@@ -378,4 +378,17 @@ class Accessory extends SnipeModel
     {
         return $query->leftJoin('manufacturers', 'accessories.manufacturer_id', '=', 'manufacturers.id')->orderBy('manufacturers.name', $order);
     }
+
+    /**
+    * Query builder scope to order on supplier
+    *
+    * @param  \Illuminate\Database\Query\Builder  $query  Query builder instance
+    * @param  text                              $order       Order
+    *
+    * @return \Illuminate\Database\Query\Builder          Modified query builder
+    */
+    public function scopeOrderSupplier($query, $order)
+    {
+        return $query->leftJoin('suppliers', 'accessories.supplier_id', '=', 'suppliers.id')->orderBy('suppliers.name', $order);
+    }
 }

app/Models/Asset.php

@@ -26,6 +26,7 @@ use Watson\Validating\ValidatingTrait;
 class Asset extends Depreciable
 {
     protected $presenter = 'App\Presenters\AssetPresenter';
+    use CompanyableTrait;
     use Loggable, Requestable, Presentable, SoftDeletes, ValidatingTrait, UniqueUndeletedTrait, UniqueSerialTrait;
 
     const LOCATION = 'location';
@@ -375,7 +376,7 @@ class Asset extends Depreciable
      */
     public function components()
     {
-        return $this->belongsToMany('\App\Models\Component', 'components_assets', 'asset_id', 'component_id')->withPivot('id', 'assigned_qty')->withTrashed();
+        return $this->belongsToMany('\App\Models\Component', 'components_assets', 'asset_id', 'component_id')->withPivot('id', 'assigned_qty', 'created_at')->withTrashed();
     }
 
 
@@ -885,7 +886,7 @@ class Asset extends Depreciable
                 ->orWhere('assets_users.first_name', 'LIKE', '%'.$term.'%')
                 ->orWhere('assets_users.last_name', 'LIKE', '%'.$term.'%')
                 ->orWhere('assets_users.username', 'LIKE', '%'.$term.'%')
-                ->orWhereRaw('CONCAT('.DB::getTablePrefix().'assets_users.first_name," ",'.DB::getTablePrefix().'assets_users.last_name) LIKE ?', ["%$term%", "%$term%"]);
+                ->orWhereRaw('CONCAT('.DB::getTablePrefix().'assets_users.first_name," ",'.DB::getTablePrefix().'assets_users.last_name) LIKE ?', ["%$term%"]);
 
         }
 
@@ -1255,7 +1256,7 @@ class Asset extends Depreciable
                 })->orWhere(function ($query) use ($search) {
                     $query->where('assets_users.first_name', 'LIKE', '%'.$search.'%')
                         ->orWhere('assets_users.last_name', 'LIKE', '%'.$search.'%')
-                        ->orWhereRaw('CONCAT('.DB::getTablePrefix().'assets_users.first_name," ",'.DB::getTablePrefix().'assets_users.last_name) LIKE ?', ["%$search%", "%$search%"])
+                        ->orWhereRaw('CONCAT('.DB::getTablePrefix().'assets_users.first_name," ",'.DB::getTablePrefix().'assets_users.last_name) LIKE ?', ["%$search%"])
                         ->orWhere('assets_users.username', 'LIKE', '%'.$search.'%')
                         ->orWhere('assets_locations.name', 'LIKE', '%'.$search.'%')
                         ->orWhere('assigned_assets.name', 'LIKE', '%'.$search.'%');

app/Models/Company.php

@@ -78,12 +78,12 @@ final class Company extends SnipeModel
             $company_id = null;
         }
 
-        $table = ($table_name) ? $table_name."." : '';
+        $table = ($table_name) ? $table_name."." : $query->getModel()->getTable().".";
 
         if(\Schema::hasColumn($query->getModel()->getTable(), $column)){
-             return $query->where($table.$column, '=', $company_id); 
+             return $query->where($table.$column, '=', $company_id);
         } else {
-            return $query->join('users as users_comp', 'users_comp.id', 'user_id')->where('users_comp.company_id', '=', $company_id); 
+            return $query->join('users as users_comp', 'users_comp.id', 'user_id')->where('users_comp.company_id', '=', $company_id);
         }
     }
 

app/Models/Consumable.php

@@ -68,6 +68,7 @@ class Consumable extends SnipeModel
         'purchase_cost',
         'purchase_date',
         'qty',
+        'min_amt',
         'requestable'
     ];
 
@@ -78,7 +79,7 @@ class Consumable extends SnipeModel
      * 
      * @var array
      */
-    protected $searchableAttributes = ['name', 'order_number', 'purchase_cost', 'purchase_date', 'item_no'];
+    protected $searchableAttributes = ['name', 'order_number', 'purchase_cost', 'purchase_date', 'item_no', 'model_number'];
 
     /**
      * The relations and their attributes that should be included when searching the model.

app/Models/Ldap.php

@@ -27,7 +27,6 @@ class Ldap extends Model
         $ldap_server_cert_ignore = Setting::getSettings()->ldap_server_cert_ignore;
         $ldap_use_tls = Setting::getSettings()->ldap_tls;
 
-
         // If we are ignoring the SSL cert we need to setup the environment variable
         // before we create the connection
         if ($ldap_server_cert_ignore=='1') {
@@ -50,10 +49,16 @@ class Ldap extends Model
         ldap_set_option($connection, LDAP_OPT_PROTOCOL_VERSION, $ldap_version);
         ldap_set_option($connection, LDAP_OPT_NETWORK_TIMEOUT, 20);
 
+        if (Setting::getSettings()->ldap_client_tls_cert && Setting::getSettings()->ldap_client_tls_key) {
+            ldap_set_option($connection, LDAP_OPT_X_TLS_CERTFILE, Setting::get_client_side_cert_path());
+            ldap_set_option($connection, LDAP_OPT_X_TLS_KEYFILE, Setting::get_client_side_key_path());
+        }
+
         if ($ldap_use_tls=='1') {
             ldap_start_tls($connection);
         }
 
+
         return $connection;
     }
 

app/Models/Setting.php

@@ -52,10 +52,7 @@ class Setting extends Model
           'admin_cc_email'                      => 'email|nullable',
           'default_currency'                    => 'required',
           'locale'                              => 'required',
-          'slack_endpoint'                      => 'url|required_with:slack_channel|nullable',
           'labels_per_page'                     => 'numeric',
-          'slack_channel'                       => 'regex:/^[\#\@]?\w+/|required_with:slack_endpoint|nullable',
-          'slack_botname'                       => 'string|nullable',
           'labels_width'                        => 'numeric',
           'labels_height'                       => 'numeric',
           'labels_pmargin_left'                 => 'numeric|nullable',
@@ -342,8 +339,60 @@ class Setting extends Model
             'is_ad',
             'ad_domain',
             'ad_append_domain',
+            'ldap_client_tls_key',
+            'ldap_client_tls_cert'
             ])->first()->getAttributes();
 
         return collect($ldapSettings);
     }
+
+    /**
+     * Return the filename for the client-side SSL cert
+     *
+     * @var string
+     */
+    public static function get_client_side_cert_path()
+    {
+        return storage_path().'/ldap_client_tls.cert';
+    }
+
+    /**
+     * Return the filename for the client-side SSL key
+     *
+     * @var string
+     */
+    public static function get_client_side_key_path()
+    {
+        return storage_path().'/ldap_client_tls.key';
+    }
+
+    public function update_client_side_cert_files()
+    {
+        /**
+         * I'm not sure if it makes sense to have a cert but no key
+         * nor vice versa, but for now I'm just leaving it like this.
+         *
+         * Also, we could easily set this up with an event handler and
+         * self::saved() or something like that but there's literally only
+         * one place where we will do that, so I'll just explicitly call
+         * this method at that spot instead. It'll be easier to debug and understand.
+         */
+        if ($this->ldap_client_tls_cert) {
+            file_put_contents(self::get_client_side_cert_path(), $this->ldap_client_tls_cert);
+        } else {
+            if (file_exists(self::get_client_side_cert_path())) {
+                unlink(self::get_client_side_cert_path());
+            }
+        }
+
+        if ($this->ldap_client_tls_key) {
+            file_put_contents(self::get_client_side_key_path(), $this->ldap_client_tls_key);
+        } else {
+            if (file_exists(self::get_client_side_key_path())) {
+                unlink(self::get_client_side_key_path());
+            }
+        }
+    }
+
+
 }

app/Models/Statuslabel.php

@@ -41,7 +41,7 @@ class Statuslabel extends SnipeModel
      * 
      * @var array
      */
-    protected $searchableAttributes = ['name'];
+    protected $searchableAttributes = ['name', 'notes'];
 
     /**
      * The relations and their attributes that should be included when searching the model.

app/Models/User.php

@@ -619,7 +619,7 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
 
            $query = $query->where('first_name', 'LIKE', '%'.$search.'%')
                ->orWhere('last_name', 'LIKE', '%'.$search.'%')
-               ->orWhereRaw('CONCAT('.DB::getTablePrefix().'users.first_name," ",'.DB::getTablePrefix().'users.last_name) LIKE ?', ["%$search%", "%$search%"]);
+               ->orWhereRaw('CONCAT('.DB::getTablePrefix().'users.first_name," ",'.DB::getTablePrefix().'users.last_name) LIKE ?', ["%$search%"]);
         return $query;
     }
 
@@ -635,7 +635,7 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
     public function advancedTextSearch(Builder $query, array $terms) {
 
         foreach($terms as $term) {
-            $query = $query->orWhereRaw('CONCAT('.DB::getTablePrefix().'users.first_name," ",'.DB::getTablePrefix().'users.last_name) LIKE ?', ["%$term%", "%$term%"]);
+            $query = $query->orWhereRaw('CONCAT('.DB::getTablePrefix().'users.first_name," ",'.DB::getTablePrefix().'users.last_name) LIKE ?', ["%$term%"]);
         }
 
         return $query;

app/Presenters/AssetPresenter.php

@@ -146,7 +146,6 @@ class AssetPresenter extends Presenter
                 "searchable" => true,
                 "sortable" => true,
                 "title" => trans('general.purchase_cost'),
-                "formatter" => 'numberWithCommas',
                 "footerFormatter" => 'sumFormatter',
             ], [
                 "field" => "order_number",

app/Presenters/CategoryPresenter.php

@@ -56,6 +56,13 @@ class CategoryPresenter extends Presenter
                 "title" => trans('admin/categories/table.eula_text'),
                 "visible" => false,
                 "formatter" => 'trueFalseFormatter',
+            ],[
+                "field" => "use_default_eula",
+                "searchable" => false,
+                "sortable" => true,
+                "title" => trans('admin/categories/general.use_default_eula_column'),
+                "visible" => false,
+                "formatter" => 'trueFalseFormatter',
             ],[
                 "field" => "checkin_email",
                 "searchable" => false,

app/Presenters/DepreciationReportPresenter.php

@@ -0,0 +1,401 @@
+<?php
+namespace App\Presenters;
+
+use DateTime;
+
+/**
+ * Class DepreciationReportPresenter
+ * @package App\Presenters
+ */
+class DepreciationReportPresenter extends Presenter
+{
+
+    /**
+     * Json Column Layout for bootstrap table
+     * @return string
+     */
+    public static function dataTableLayout()
+    {
+        $layout = [
+           [
+                "field" => "company",
+                "searchable" => true,
+                "sortable" => true,
+                "switchable" => true,
+                "title" => trans('general.company'),
+                "visible" => false,
+            ], [
+                "field" => "category",
+                "searchable" => true,
+                "sortable" => true,
+                "title" => trans('general.category'),
+                "visible" => true,
+            ], [
+                "field" => "name",
+                "searchable" => true,
+                "sortable" => true,
+                "title" => trans('admin/hardware/form.name'),
+                "visible" => false,
+            ], [
+                "field" => "asset_tag",
+                "searchable" => true,
+                "sortable" => true,
+                "title" => trans('general.asset_tag'),
+                "visible" => true,
+            ],[
+                "field" => "model",
+                "searchable" => true,
+                "sortable" => true,
+                "title" => trans('general.asset_model'),
+                "visible" => true,
+            ], [
+                "field" => "model",
+                "searchable" => true,
+                "sortable" => true,
+                "title" => trans('admin/hardware/form.model'),
+                "visible" => true,
+            ], [
+                "field" => "model_number",
+                "searchable" => true,
+                "sortable" => true,
+                "title" => trans('admin/models/table.modelnumber'),
+                "visible" => false
+            ], [
+                "field" => "serial",
+                "searchable" => true,
+                "sortable" => true,
+                "title" => trans('admin/hardware/form.serial'),
+                "visible" => true,
+            ], [
+                "field" => "depreciation",
+                "searchable" => true,
+                "sortable" => true,
+                "title" => trans('general.depreciation'),
+                "visible" => true,
+            ], [
+                "field" => "number_of_months",
+                "searchable" => true,
+                "sortable" => true,
+                "title" => trans('admin/depreciations/general.number_of_months'),
+                "visible" => true,
+            ],  [
+                "field" => "status",
+                "searchable" => true,
+                "sortable" => true,
+                "title" => trans('admin/hardware/table.status'),
+                "visible" => true,
+            ], [
+                "field" => "checked_out_to",
+                "searchable" => true,
+                "sortable" => true,
+                "title" => trans('admin/hardware/table.checkoutto'),
+                "visible" => false,
+            ], [
+                "field" => "location",
+                "searchable" => true,
+                "sortable" => true,
+                "title" => trans('admin/hardware/table.location'),
+                "visible" => true,
+            ],  [
+                "field" => "manufacturer",
+                "searchable" => true,
+                "sortable" => true,
+                "title" => trans('general.manufacturer'),
+                "visible" => false,
+            ],[
+                "field" => "supplier",
+                "searchable" => true,
+                "sortable" => true,
+                "title" => trans('general.supplier'),
+                "visible" => false,
+            ], [
+                "field" => "purchase_date",
+                "searchable" => true,
+                "sortable" => true,
+                "visible" => true,
+                "title" => trans('general.purchase_date'),
+                "formatter" => "dateDisplayFormatter"
+            ], [
+                "field" => "currency",
+                "searchable" => false,
+                "sortable" => false,
+                "visible" => false,
+                "title" =>  'Currency',
+            ], [
+                "field" => "purchase_cost",
+                "searchable" => true,
+                "sortable" => true,
+                "visible" => true,
+                "title" => trans('general.purchase_cost'),
+                "footerFormatter" => 'sumFormatter',
+            ], [
+                "field" => "order_number",
+                "searchable" => true,
+                "sortable" => true,
+                "visible" => false,
+                "title" => trans('general.order_number'),
+            ],  [
+                "field" => "eol",
+                "searchable" => false,
+                "sortable" => false,
+                "visible" => false,
+                "title" => trans('general.eol'),
+                "formatter" => "dateDisplayFormatter"
+            ], [
+                "field" => "book_value",
+                "searchable" => true,
+                "sortable" => true,
+                "visible" => true,
+                "title" => trans('admin/hardware/table.book_value'),
+                "footerFormatter" => 'sumFormatter',
+            ], [
+                "field" => "monthly_depreciation",
+                "searchable" => true,
+                "sortable" => true,
+                "visible" => true,
+                "title" => trans('admin/hardware/table.monthly_depreciation')
+            ],[
+                "field" => "diff",
+                "searchable" => false,
+                "sortable" => false,
+                "visible" => true,
+                "title" => trans('admin/hardware/table.diff'),
+                "footerFormatter" => 'sumFormatter',
+            ],[
+                "field" => "warranty_expires",
+                "searchable" => false,
+                "sortable" => false,
+                "visible" => false,
+                "title" => trans('admin/hardware/form.warranty_expires'),
+                "formatter" => "dateDisplayFormatter"
+            ], 
+        ];
+
+        return json_encode($layout);
+    }
+
+
+
+    /**
+     * Generate html link to this items name.
+     * @return string
+     */
+    public function nameUrl()
+    {
+        return (string) link_to_route('hardware.show', e($this->name), $this->id);
+    }
+
+    public function modelUrl()
+    {
+        if ($this->model->model) {
+            return $this->model->model->present()->nameUrl();
+        }
+        return '';
+    }
+
+    /**
+     * Generate img tag to this items image.
+     * @return mixed|string
+     */
+    public function imageUrl()
+    {
+        $imagePath = '';
+        if ($this->image && !empty($this->image)) {
+            $imagePath = $this->image;
+            $imageAlt = $this->name;
+        } elseif ($this->model && !empty($this->model->image)) {
+            $imagePath = $this->model->image;
+            $imageAlt = $this->model->name;
+        }
+        $url = config('app.url');
+        if (!empty($imagePath)) {
+            $imagePath = '<img src="'.$url.'/uploads/assets/'.$imagePath.' height="50" width="50" alt="'.$imageAlt.'">';
+        }
+        return $imagePath;
+    }
+
+    /**
+     * Generate img tag to this items image.
+     * @return mixed|string
+     */
+    public function imageSrc()
+    {
+        $imagePath = '';
+        if ($this->image && !empty($this->image)) {
+            $imagePath = $this->image;
+        } elseif ($this->model && !empty($this->model->image)) {
+            $imagePath = $this->model->image;
+        }
+        if (!empty($imagePath)) {
+            return config('app.url').'/uploads/assets/'.$imagePath;
+        }
+        return $imagePath;
+    }
+
+    /**
+     * Get Displayable Name
+     * @return string
+     *
+     * @todo this should be factored out - it should be subsumed by fullName (below)
+     *
+     **/
+    public function name()
+    {
+        return $this->fullName;
+    }
+
+    /**
+     * Helper for notification polymorphism.
+     * @return mixed
+     */
+    public function fullName()
+    {
+        $str = '';
+
+        // Asset name
+        if ($this->model->name) {
+            $str .= $this->model->name;
+        }
+
+        // Asset tag
+        if ($this->asset_tag) {
+            $str .= ' ('.$this->model->asset_tag.')';
+        }
+
+        // Asset Model name
+        if ($this->model->model) {
+            $str .= ' - '.$this->model->model->name;
+        }
+        return $str;
+    }
+    /**
+     * Returns the date this item hits EOL.
+     * @return false|string
+     */
+    public function eol_date()
+    {
+
+        if (( $this->purchase_date ) && ( $this->model->model ) && ($this->model->model->eol) ) {
+            $date = date_create($this->purchase_date);
+            date_add($date, date_interval_create_from_date_string($this->model->model->eol . ' months'));
+            return date_format($date, 'Y-m-d');
+        }
+
+    }
+
+    /**
+     * How many months until this asset hits EOL.
+     * @return null
+     */
+    public function months_until_eol()
+    {
+
+        $today = date("Y-m-d");
+        $d1    = new DateTime($today);
+        $d2    = new DateTime($this->eol_date());
+
+        if ($this->eol_date() > $today) {
+            $interval = $d2->diff($d1);
+        } else {
+            $interval = null;
+        }
+
+        return $interval;
+    }
+
+    /**
+     * @return string
+     * This handles the status label "meta" status of "deployed" if
+     * it's assigned. Should maybe deprecate.
+     */
+    public function statusMeta()
+    {
+        if ($this->model->assigned) {
+            return 'deployed';
+        }
+        return $this->model->assetstatus->getStatuslabelType();
+    }
+
+    /**
+     * @return string
+     * This handles the status label "meta" status of "deployed" if
+     * it's assigned. Should maybe deprecate.
+     */
+    public function statusText()
+    {
+        if ($this->model->assigned) {
+            return trans('general.deployed');
+        }
+        return $this->model->assetstatus->name;
+    }
+
+    /**
+     * @return string
+     * This handles the status label "meta" status of "deployed" if
+     * it's assigned. Results look like:
+     *
+     * (if assigned and the status label is "Ready to Deploy"):
+     * (Deployed)
+     *
+     * (f assigned and status label is not "Ready to Deploy":)
+     * Deployed (Another Status Label)
+     *
+     * (if not deployed:)
+     * Another Status Label
+     */
+    public function fullStatusText() {
+        // Make sure the status is valid
+        if ($this->assetstatus) {
+
+            // If the status is assigned to someone or something...
+            if ($this->model->assigned) {
+
+                // If it's assigned and not set to the default "ready to deploy" status
+                if ($this->assetstatus->name != trans('general.ready_to_deploy')) {
+                    return trans('general.deployed'). ' (' . $this->model->assetstatus->name.')';
+                }
+
+                // If it's assigned to the default "ready to deploy" status, just
+                // say it's deployed - otherwise it's confusing to have a status that is
+                // both "ready to deploy" and deployed at the same time.
+                return trans('general.deployed');
+            }
+
+            // Return just the status name
+            return $this->model->assetstatus->name;
+        }
+
+        // This status doesn't seem valid - either data has been manually edited or
+        // the status label was deleted.
+        return 'Invalid status';
+    }
+
+    /**
+     * Date the warantee expires.
+     * @return false|string
+     */
+    public function warrantee_expires()
+    {
+        if (($this->purchase_date) && ($this->warranty_months)) {
+            $date = date_create($this->purchase_date);
+            date_add($date, date_interval_create_from_date_string($this->warranty_months . ' months'));
+            return date_format($date, 'Y-m-d');
+        }
+
+        return false;
+    }
+
+    /**
+     * Url to view this item.
+     * @return string
+     */
+    public function viewUrl()
+    {
+        return route('hardware.show', $this->id);
+    }
+
+    public function glyph()
+    {
+        return '<i class="fa fa-barcode" aria-hidden="true"></i>';
+    }
+}

app/Services/LdapAdConfiguration.php

@@ -156,7 +156,7 @@ class LdapAdConfiguration
     private function setLdapConnectionConfiguration(): array
     {
         // Create the configuration array.
-        return [
+        $ldap_settings =  [
             // Mandatory Configuration Options
             'hosts'            => $this->getServerUrlBase(),
             'base_dn'          => $this->ldapSettings['ldap_basedn'],
@@ -180,6 +180,14 @@ class LdapAdConfiguration
                 // LDAP_OPT_X_TLS_REQUIRE_CERT => LDAP_OPT_X_TLS_HARD,
             ],
         ];
+
+        if($this->ldapSettings['ldap_client_tls_cert'] || $this->ldapSettings['ldap_client_tls_key']) {
+            $ldap_settings['custom_options'] = [
+                LDAP_OPT_X_TLS_CERTFILE => Setting::get_client_side_cert_path(),
+                LDAP_OPT_X_TLS_KEYFILE => Setting::get_client_side_key_path()
+            ];
+        }
+        return $ldap_settings;
     }
 
     /**

config/app.php

@@ -407,6 +407,7 @@ return [
         'Google2FA' => PragmaRX\Google2FALaravel\Facade::class,
         'Image'     => Intervention\Image\ImageServiceProvider::class,
         'Carbon' => Carbon\Carbon::class,
+        'Helper' => App\Helpers\Helper::class, // makes it much easier to use 'Helper::blah' in blades (which is where we usually use this)
 
 
     ],

config/version.php

@@ -1,10 +1,10 @@
 <?php
 return array (
-  'app_version' => 'v5.1.8',
-  'full_app_version' => 'v5.1.8 - build 6148-g3ca3de9e4',
-  'build_version' => '6148',
+  'app_version' => 'v5.3.4',
+  'full_app_version' => 'v5.3.4 - build 6550-g39b0dc136',
+  'build_version' => '6550',
   'prerelease_version' => '',
-  'hash_version' => 'g3ca3de9e4',
-  'full_hash' => '5.1.8-8-g3ca3de9e4',
+  'hash_version' => 'g39b0dc136',
+  'full_hash' => 'v5.3.4-17-g39b0dc136',
   'branch' => 'master',
 );

database/factories/AssetModelFactory.php

@@ -226,26 +226,26 @@ $factory->state(App\Models\AssetModel::class, 'tab3-model', function ($faker) {
 |--------------------------------------------------------------------------
 */
 
-$factory->state(App\Models\AssetModel::class, 'iphone6s-model', function ($faker) {
+$factory->state(App\Models\AssetModel::class, 'iphone11-model', function ($faker) {
     return [
-        'name' => 'iPhone 6s',
+        'name' => 'iPhone 11',
         'category_id' => 4,
         'manufacturer_id' => 1,
         'eol' => '12',
         'depreciation_id' => 3,
-        'image' => 'iphone6.jpg',
+        'image' => 'iphone11.jpeg',
         'fieldset_id' => 1,
     ];
 });
 
-$factory->state(App\Models\AssetModel::class, 'iphone7-model', function ($faker) {
+$factory->state(App\Models\AssetModel::class, 'iphone12-model', function ($faker) {
     return [
-        'name' => 'iPhone 7',
+        'name' => 'iPhone 12',
         'category_id' => 4,
         'manufacturer_id' => 1,
         'eol' => '12',
         'depreciation_id' => 1,
-        'image' => 'iphone7.jpg',
+        'image' => 'iphone12.jpeg',
         'fieldset_id' => 1,
     ];
 });

database/migrations/2020_12_14_233815_add_digit_separator_to_settings.php

@@ -14,7 +14,7 @@ class AddDigitSeparatorToSettings extends Migration
     public function up()
     {
         Schema::table('settings', function (Blueprint $table) {
-            $table->char('digit_separator')->nullable()->default('1234.56');
+            $table->char('digit_separator')->nullable()->default('1,234.56');
         });
     }
 

database/migrations/2021_07_28_031345_add_client_side_l_d_a_p_cert_to_settings.php

@@ -0,0 +1,32 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+class AddClientSideLDAPCertToSettings extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('settings', function (Blueprint $table) {
+            $table->text('ldap_client_tls_cert')->nullable()->default(null);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('settings', function (Blueprint $table) {
+            $table->dropColumn('ldap_client_tls_cert');
+        });
+    }
+}

database/migrations/2021_07_28_040554_add_client_side_l_d_a_p_key_to_settings.php

@@ -0,0 +1,32 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+class AddClientSideLDAPKeyToSettings extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('settings', function (Blueprint $table) {
+            $table->text("ldap_client_tls_key")->nullable()->default(null);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('settings', function (Blueprint $table) {
+            $table->dropColumn("ldap_client_tls_key");
+        });
+    }
+}

database/migrations/2021_08_11_005206_add_depreciation_minimum_value.php

@@ -0,0 +1,32 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+class AddDepreciationMinimumValue extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('depreciations', function (Blueprint $table) {
+            $table->decimal('depreciation_min', 8,2)->after('months')->nullable();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('depreciations', function (Blueprint $table) {
+            $table->dropColumn('depreciation_min');
+        });
+    }
+}

database/migrations/2021_08_24_124354_make_ldap_client_certs_nullable.php

@@ -0,0 +1,34 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+class MakeLdapClientCertsNullable extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('settings', function (Blueprint $table) {
+            //
+            $table->text('ldap_client_tls_cert')->nullable()->change();
+            $table->text('ldap_client_tls_key')->nullable()->change();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('settings', function (Blueprint $table) {
+            //
+        });
+    }
+}

database/seeds/AssetModelSeeder.php

@@ -33,8 +33,8 @@ class AssetModelSeeder extends Seeder
         factory(AssetModel::class, 1)->states('tab3-model')->create(); // 14
 
         // Phones
-        factory(AssetModel::class, 1)->states('iphone6s-model')->create(); // 15
-        factory(AssetModel::class, 1)->states('iphone7-model')->create(); // 16
+        factory(AssetModel::class, 1)->states('iphone11-model')->create(); // 15
+        factory(AssetModel::class, 1)->states('iphone12-model')->create(); // 16
 
         // Displays
         factory(AssetModel::class, 1)->states('ultrafine')->create(); // 17

docker/startup.sh

@@ -40,6 +40,7 @@ done
 chown -R docker:root /var/lib/snipeit/data/*
 chown -R docker:root /var/lib/snipeit/dumps
 chown -R docker:root /var/lib/snipeit/keys
+chown -R docker:root /var/www/html/storage/framework/cache
 
 # Fix php settings
 if [ -v "PHP_UPLOAD_LIMIT" ]

docker/supervisor-exit-event-listener

@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/env python3
 # A supervisor event listener which terminates supervisord if any of its child
 # processes enter the FATAL state.
 # https://stackoverflow.com/a/37527488/119527

heroku/startup.php

@@ -0,0 +1,51 @@
+<?php
+// Snipe-IT Heroku Startup Script
+
+// If DB_<value> values are set, ignore parser.
+if (getenv("DB_DATABASE") || getenv("DB_HOST") || getenv("DB_USERNAME")) {
+  echo "Database Environment variables are manually set. Ignoring add-ins.";
+} else if (getenv("CLEARDB_DATABASE_URL")) {  // ClearDB Add-in
+  echo "Using ClearDB Heroku add-in." . PHP_EOL;
+  set_db(getenv('CLEARDB_DATABASE_URL'));
+} else if (getenv("JAWSDB_MARIA_URL")) {      // JawsDB Maria Add-in
+  echo "Using JawsDB Maria Heroku add-in." . PHP_EOL;
+  set_db(getenv("JAWSDB_MARIA_URL"));
+} else if (getenv("JAWSDB_MYSQL_URL")) {      // JawsDB MySQL Add-in
+  echo "Using JawsDB MySQL Heroku add-in." . PHP_EOL;
+  set_db(getenv("JAWSDB_MYSQL_URL"));
+}
+
+function set_db($uri) {
+  file_put_contents('./.env', 'DB_HOST='     . parse_url($uri, PHP_URL_HOST). PHP_EOL, FILE_APPEND);
+  file_put_contents('./.env', 'DB_USERNAME=' . parse_url($uri, PHP_URL_USER). PHP_EOL, FILE_APPEND);
+  file_put_contents('./.env', 'DB_PASSWORD=' . parse_url($uri, PHP_URL_PASS). PHP_EOL, FILE_APPEND);
+  file_put_contents('./.env', 'DB_DATABASE=' . ltrim(parse_url($uri, PHP_URL_PATH), '/'). PHP_EOL, FILE_APPEND);
+  file_put_contents('./.env', 'DB_PREFIX=' . 'null' . PHP_EOL, FILE_APPEND);
+  file_put_contents('./.env', 'DB_DUMP_PATH=' . 'null' . PHP_EOL, FILE_APPEND);
+
+}
+
+// If Heroku Redis is setup, let's get it working.
+if (getenv("REDIS_URL")) {                    // Heroku Redis
+  echo "Setting up Heroku Redis." . PHP_EOL;
+  $url = getenv("REDIS_URL");
+  file_put_contents('./.env', 'REDIS_HOST='     . parse_url($url, PHP_URL_HOST). PHP_EOL, FILE_APPEND);
+  file_put_contents('./.env', 'REDIS_PASSWORD=' . parse_url($url, PHP_URL_PASS). PHP_EOL, FILE_APPEND);
+  file_put_contents('./.env', 'REDIS_PORT='     . parse_url($url, PHP_URL_PORT). PHP_EOL, FILE_APPEND);
+}
+
+// Set up APP_TRUSTED_PROXIES to allow for the Heroku Router
+// https://devcenter.heroku.com/articles/deploying-symfony4#trusting-the-heroku-router
+file_put_contents('./.env', 'APP_TRUSTED_PROXIES=10.0.0.0/8' . PHP_EOL, FILE_APPEND); 
+
+// Set up GD
+file_put_contents('./.env', 'IMAGE_LIB=gd' . PHP_EOL, FILE_APPEND); 
+
+// Set local FILESYSTEM_DISK and PUBLIC_FILESYSTEM_DISK
+file_put_contents('./.env', 'FILESYSTEM_DISK=local' . PHP_EOL, FILE_APPEND); 
+file_put_contents('./.env', 'PUBLIC_FILESYSTEM_DISK=local_public' . PHP_EOL, FILE_APPEND);
+
+// Set APP_CIPHER
+file_put_contents('./.env', 'APP_CIPHER=AES-256-CBC' . PHP_EOL, FILE_APPEND); 
+
+?>

package.json

@@ -32,7 +32,7 @@
     "bootstrap-colorpicker": "^2.5.3",
     "bootstrap-datepicker": "^1.9.0",
     "bootstrap-less": "^3.3.8",
-    "bootstrap-table": "^1.18.0",
+    "bootstrap-table": "^1.19.1",
     "chart.js": "^2.9.4",
     "css-loader": "^3.6.0",
     "ekko-lightbox": "^5.1.1",
@@ -41,7 +41,7 @@
     "imagemin": "^5.3.1",
     "jquery-form-validator": "^2.3.79",
     "jquery-slimscroll": "^1.3.8",
-    "jquery-ui": "^1.12.1",
+    "jquery-ui": "^1.13.0",
     "jquery-ui-bundle": "^1.12.1",
     "jquery.iframe-transport": "^1.0.0",
     "less": "^3.13.1",
@@ -51,7 +51,7 @@
     "phantomjs": "^2.1.7",
     "select2": "4.0.13",
     "sheetjs": "^2.0.0",
-    "tableexport.jquery.plugin": "^1.10.20",
+    "tableexport.jquery.plugin": "=1.10.21",
     "tether": "^1.4.0",
     "vue-resource": "^1.3.3"
   }

public/.htaccess

@@ -5,6 +5,9 @@
 
     RewriteEngine On
 
+    # Needed for https://letsencrypt.org/ certificates.
+    RewriteRule ^\.well-known/acme-challenge/ - [L]
+
     # Uncomment these two lines to force SSL redirect in Apache
     # RewriteCond %{HTTPS} off
     # RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]