Beginning refactor

Signed-off-by: snipe <snipe@snipe.net>

.all-contributorsrc

@@ -2361,6 +2361,15 @@
         "code"
       ]
     },
+    {
+      "login": "Delta5",
+      "name": "Evan Taylor",
+      "avatar_url": "https://avatars.githubusercontent.com/u/1975640?v=4",
+      "profile": "https://github.com/Delta5",
+      "contributions": [
+        "code"
+      ]
+    },
     {
       "login": "PetriAsi",
       "name": "Petri Asikainen",
@@ -2468,6 +2477,114 @@
       "contributions": [
         "code"
       ]
+    },
+    {
+      "login": "leitwerk-ag",
+      "name": "LEITWERK AG",
+      "avatar_url": "https://avatars.githubusercontent.com/u/24418301?v=4",
+      "profile": "https://www.leitwerk.de/",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "adamboutcher",
+      "name": "Adam",
+      "avatar_url": "https://avatars.githubusercontent.com/u/1911435?v=4",
+      "profile": "http://www.aboutcher.co.uk",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "sneak-it",
+      "name": "Ian",
+      "avatar_url": "https://avatars.githubusercontent.com/u/16104273?v=4",
+      "profile": "https://snksrv.com",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "bestlong",
+      "name": "Shao Yu-Lung (Allen)",
+      "avatar_url": "https://avatars.githubusercontent.com/u/4023909?v=4",
+      "profile": "http://blog.bestlong.idv.tw/",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "Haxatron",
+      "name": "Haxatron",
+      "avatar_url": "https://avatars.githubusercontent.com/u/76475453?v=4",
+      "profile": "https://github.com/Haxatron",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "PlaneNuts",
+      "name": "PlaneNuts",
+      "avatar_url": "https://avatars.githubusercontent.com/u/88776392?v=4",
+      "profile": "https://github.com/PlaneNuts",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "exula",
+      "name": "Bradley Coudriet",
+      "avatar_url": "https://avatars.githubusercontent.com/u/3842948?v=4",
+      "profile": "http://bjcpgd.cias.rit.edu",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "UniversalSuperBox",
+      "name": "Dalton Durst",
+      "avatar_url": "https://avatars.githubusercontent.com/u/21966173?v=4",
+      "profile": "https://daltondur.st",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "adagioajanes",
+      "name": "Alex Janes",
+      "avatar_url": "https://avatars.githubusercontent.com/u/38761237?v=4",
+      "profile": "https://adagiohealth.org",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "nuraeil",
+      "name": "Nuraeil",
+      "avatar_url": "https://avatars.githubusercontent.com/u/32387849?v=4",
+      "profile": "https://github.com/nuraeil",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "TenOfTens",
+      "name": "TenOfTens",
+      "avatar_url": "https://avatars.githubusercontent.com/u/48162670?v=4",
+      "profile": "https://github.com/TenOfTens",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "insert-waffle",
+      "name": "waffle",
+      "avatar_url": "https://avatars.githubusercontent.com/u/9415391?v=4",
+      "profile": "https://ditisjens.be/",
+      "contributions": [
+        "code"
+      ]
     }
   ]
 }

.env.dusk.local

@@ -0,0 +1,105 @@
+# --------------------------------------------
+# REQUIRED: BASIC APP SETTINGS
+# --------------------------------------------
+APP_ENV=local
+APP_DEBUG=false
+APP_KEY=base64:hTUIUh9CP6dQx+6EjSlfWTgbaMaaRvlpEwk45vp+xmk=
+APP_URL=http://127.0.0.1:8000
+APP_TIMEZONE='US/Eastern'
+APP_LOCALE=en
+APP_LOCKED=false
+MAX_RESULTS=200
+
+# --------------------------------------------
+# REQUIRED: UPLOADED FILE STORAGE SETTINGS
+# --------------------------------------------
+PRIVATE_FILESYSTEM_DISK=local
+PUBLIC_FILESYSTEM_DISK=local_public
+
+# --------------------------------------------
+# REQUIRED: DATABASE SETTINGS
+# --------------------------------------------
+DB_CONNECTION=mysql
+DB_HOST=localhost
+DB_DATABASE=snipeit-local
+DB_USERNAME=snipeit-local
+DB_PASSWORD=snipeit-local
+DB_PREFIX=null
+DB_DUMP_PATH='/Applications/MAMP/Library/bin'
+
+# --------------------------------------------
+# OPTIONAL: SSL DATABASE SETTINGS
+# --------------------------------------------
+DB_SSL=false
+DB_SSL_KEY_PATH=null
+DB_SSL_CERT_PATH=null
+DB_SSL_CA_PATH=null
+DB_SSL_CIPHER=null
+
+# --------------------------------------------
+# REQUIRED: OUTGOING MAIL SERVER SETTINGS
+# --------------------------------------------
+MAIL_DRIVER="log"
+
+
+# --------------------------------------------
+# REQUIRED: IMAGE LIBRARY
+# This should be gd or imagick
+# --------------------------------------------
+IMAGE_LIB=gd
+
+
+# --------------------------------------------
+# OPTIONAL: SESSION SETTINGS
+# --------------------------------------------
+SESSION_LIFETIME=12000
+EXPIRE_ON_CLOSE=false
+ENCRYPT=true
+COOKIE_NAME=snipeit_v5_local
+SECURE_COOKIES=true
+
+# --------------------------------------------
+# OPTIONAL: SECURITY HEADER SETTINGS
+# --------------------------------------------
+REFERRER_POLICY=same-origin
+ENABLE_CSP=true
+CORS_ALLOWED_ORIGINS="*"
+
+# --------------------------------------------
+# OPTIONAL: CACHE SETTINGS
+# --------------------------------------------
+CACHE_DRIVER=file
+SESSION_DRIVER=file
+QUEUE_DRIVER=sync
+
+# --------------------------------------------
+# OPTIONAL: LOGIN THROTTLING
+# --------------------------------------------
+LOGIN_MAX_ATTEMPTS=50000
+LOGIN_LOCKOUT_DURATION=1000
+RESET_PASSWORD_LINK_EXPIRES=15
+
+# --------------------------------------------
+# OPTIONAL: API
+# --------------------------------------------
+API_MAX_REQUESTS_PER_HOUR=200
+
+# --------------------------------------------
+# OPTIONAL: SAML SETTINGS
+# --------------------------------------------
+DISABLE_NOSAML_LOCAL_LOGIN=true
+
+
+# --------------------------------------------
+# OPTIONAL: MISC
+# --------------------------------------------
+APP_LOG=single
+LOG_LEVEL=debug
+LOG_CHANNEL=stack
+LOG_SLACK_WEBHOOK_URL=null
+APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1
+ALLOW_IFRAMING=true
+ENABLE_HSTS=false
+WARN_DEBUG=false
+APP_CIPHER=AES-256-CBC
+

.env.example

@@ -15,6 +15,10 @@ MAX_RESULTS=500
 PRIVATE_FILESYSTEM_DISK=local
 PUBLIC_FILESYSTEM_DISK=local_public
 
+#PRIVATE_FILESYSTEM_DISK=s3_private
+#PUBLIC_FILESYSTEM_DISK=s3_public
+
+
 # --------------------------------------------
 # REQUIRED: DATABASE SETTINGS
 # --------------------------------------------
@@ -145,10 +149,12 @@ APP_LOG_MAX_FILES=10
 APP_LOCKED=false
 APP_CIPHER=AES-256-CBC
 APP_FORCE_TLS=false
+APP_ALLOW_INSECURE_HOSTS=false
 GOOGLE_MAPS_API=
 LDAP_MEM_LIM=500M
 LDAP_TIME_LIM=600
 IMPORT_TIME_LIMIT=600
 IMPORT_MEMORY_LIMIT=500M
 REPORT_TIME_LIMIT=12000
-
+REQUIRE_SAML=false
+API_THROTTLE_PER_MINUTE=120

.env.testing-ci

@@ -1,10 +1,10 @@
 # --------------------------------------------
 # REQUIRED: BASIC APP SETTINGS
 # --------------------------------------------
-APP_ENV=testing-ci
+APP_ENV='testing-ci'
 APP_DEBUG=false
-APP_KEY=ChangeMe
-APP_URL=http://localhost:8000
+APP_KEY='base64:glJpcM7BYwWiBggp3SQ/+NlRkqsBQMaGEOjemXqJzOU='
+APP_URL='http://localhost:8000'
 APP_TIMEZONE='US/Pacific'
 APP_LOCALE=en
 FILESYSTEM_DISK=local
@@ -12,9 +12,9 @@ FILESYSTEM_DISK=local
 # --------------------------------------------
 # REQUIRED: DATABASE SETTINGS
 # --------------------------------------------
-DB_CONNECTION=mysql
+DB_CONNECTION=sqlite
 DB_HOST=localhost
-DB_DATABASE=snipeit_unit
+DB_DATABASE='sqlite_testing'
 DB_USERNAME=root
 DB_PASSWORD=null
 
@@ -22,13 +22,7 @@ DB_PASSWORD=null
 # REQUIRED: OUTGOING MAIL SERVER SETTINGS
 # --------------------------------------------
 MAIL_DRIVER=log
-MAIL_HOST=email-smtp.us-west-2.amazonaws.com
-MAIL_PORT=587
-MAIL_USERNAME=YOURUSERNAME
-MAIL_PASSWORD=YOURPASSWORD
-MAIL_ENCRYPTION=null
-MAIL_FROM_ADDR=you@example.com
-MAIL_FROM_NAME=Snipe-IT
+
 
 # --------------------------------------------
 # REQUIRED: IMAGE LIBRARY
@@ -37,37 +31,7 @@ MAIL_FROM_NAME=Snipe-IT
 IMAGE_LIB=gd
 
 
-# --------------------------------------------
-# OPTIONAL: AWS S3 SETTINGS
-# --------------------------------------------
-AWS_SECRET_ACCESS_KEY=null
-AWS_ACCESS_KEY_ID=null
-AWS_DEFAULT_REGION=null
-AWS_BUCKET=null
-AWS_BUCKET_ROOT=null
-AWS_URL=null
-
-
-# --------------------------------------------
-# OPTIONAL: CACHE SETTINGS
-# --------------------------------------------
-CACHE_DRIVER=file
-SESSION_DRIVER=file
-QUEUE_DRIVER=sync
-
-
-# --------------------------------------------
-# OPTIONAL: SESSION SETTINGS
-# --------------------------------------------
-SESSION_LIFETIME=12000
-EXPIRE_ON_CLOSE=false
-ENCRYPT=false
-COOKIE_NAME=snipeittest_session
-COOKIE_DOMAIN=null
-SECURE_COOKIES=false
-
-
 # --------------------------------------------
 # OPTIONAL: APP LOG FORMAT
 # --------------------------------------------
-APP_LOG=single
+APP_LOG=single

.github/workflows/docker-alpine.yml

@@ -0,0 +1,82 @@
+# Snipe-IT (Alpine) Docker image build for hub.docker.com
+name: Docker images (Alpine)
+
+# Run this Build for all pushes to 'master' or develop branch, or tagged releases.
+# Also run for PRs to ensure PR doesn't break Docker build process
+on:
+  push:
+    branches:
+      - master
+      - develop
+    tags:
+      - 'v**'
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
+
+  pull_request:
+
+jobs:
+  docker:
+    # Ensure this job never runs on forked repos. It's only executed for 'snipe/snipe-it'
+    if: github.repository == 'snipe/snipe-it'
+    runs-on: ubuntu-latest
+    env:
+      # Define tags to use for Docker images based on Git tags/branches (for docker/metadata-action)
+      # For a new commit on default branch (master), use the literal tag 'latest' on Docker image.
+      # For a new commit on other branches, use the branch name as the tag for Docker image.
+      # For a new tag, copy that tag name as the tag for Docker image.
+      IMAGE_TAGS: |
+        type=raw,value=latest,enable=${{ endsWith(github.ref, github.event.repository.default_branch) }},suffix=-alpine
+        type=ref,event=branch,enable=${{ !endsWith(github.ref, github.event.repository.default_branch) }},suffix=-alpine
+        type=ref,event=tag,suffix=-alpine
+      # Define default tag "flavor" for docker/metadata-action per
+      # https://github.com/docker/metadata-action#flavor-input
+      # We turn off 'latest' tag by default.
+      TAGS_FLAVOR: |
+        latest=false
+
+    steps:
+      # https://github.com/actions/checkout
+      - name: Checkout codebase
+        uses: actions/checkout@v2
+
+      # https://github.com/docker/setup-buildx-action
+      - name: Setup Docker Buildx
+        uses: docker/setup-buildx-action@v1
+
+      # https://github.com/docker/login-action
+      - name: Login to DockerHub
+        # Only login if not a PR, as PRs only trigger a Docker build and not a push
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_ACCESS_TOKEN }}
+
+      ###############################################
+      # Build/Push the 'snipe/snipe-it' image
+      ###############################################
+      # https://github.com/docker/metadata-action
+      # Get Metadata for docker_build step below
+      - name: Sync metadata (tags, labels) from GitHub to Docker for 'snipe-it' image
+        id: meta_build
+        uses: docker/metadata-action@v3
+        with:
+          images: snipe/snipe-it
+          tags: ${{ env.IMAGE_TAGS }}
+          flavor: ${{ env.TAGS_FLAVOR }}
+
+      # https://github.com/docker/build-push-action
+      - name: Build and push 'snipe-it' image
+        id: docker_build
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          file: ./Dockerfile.alpine
+          platforms: linux/amd64
+          # For pull requests, we run the Docker build (to ensure no PR changes break the build),
+          # but we ONLY do an image push to DockerHub if it's NOT a PR
+          push: ${{ github.event_name != 'pull_request' }}
+          # Use tags / labels provided by 'docker/metadata-action' above
+          tags: ${{ steps.meta_build.outputs.tags }}
+          labels: ${{ steps.meta_build.outputs.labels }}

.github/workflows/docker.yml

@@ -0,0 +1,82 @@
+# Snipe-IT Docker image build for hub.docker.com
+name: Docker images
+
+# Run this Build for all pushes to 'master' or develop branch, or tagged releases.
+# Also run for PRs to ensure PR doesn't break Docker build process
+on:
+  push:
+    branches:
+      - master
+      - develop
+    tags:
+      - 'v**'
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
+
+  pull_request:
+
+jobs:
+  docker:
+    # Ensure this job never runs on forked repos. It's only executed for 'snipe/snipe-it'
+    if: github.repository == 'snipe/snipe-it'
+    runs-on: ubuntu-latest
+    env:
+      # Define tags to use for Docker images based on Git tags/branches (for docker/metadata-action)
+      # For a new commit on default branch (master), use the literal tag 'latest' on Docker image.
+      # For a new commit on other branches, use the branch name as the tag for Docker image.
+      # For a new tag, copy that tag name as the tag for Docker image.
+      IMAGE_TAGS: |
+        type=raw,value=latest,enable=${{ endsWith(github.ref, github.event.repository.default_branch) }}
+        type=ref,event=branch,enable=${{ !endsWith(github.ref, github.event.repository.default_branch) }}
+        type=ref,event=tag
+      # Define default tag "flavor" for docker/metadata-action per
+      # https://github.com/docker/metadata-action#flavor-input
+      # We turn off 'latest' tag by default.
+      TAGS_FLAVOR: |
+        latest=false
+
+    steps:
+      # https://github.com/actions/checkout
+      - name: Checkout codebase
+        uses: actions/checkout@v2
+
+      # https://github.com/docker/setup-buildx-action
+      - name: Setup Docker Buildx
+        uses: docker/setup-buildx-action@v1
+
+      # https://github.com/docker/login-action
+      - name: Login to DockerHub
+        # Only login if not a PR, as PRs only trigger a Docker build and not a push
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_ACCESS_TOKEN }}
+
+      ###############################################
+      # Build/Push the 'snipe/snipe-it' image
+      ###############################################
+      # https://github.com/docker/metadata-action
+      # Get Metadata for docker_build step below
+      - name: Sync metadata (tags, labels) from GitHub to Docker for 'snipe-it' image
+        id: meta_build
+        uses: docker/metadata-action@v3
+        with:
+          images: snipe/snipe-it
+          tags: ${{ env.IMAGE_TAGS }}
+          flavor: ${{ env.TAGS_FLAVOR }}
+
+      # https://github.com/docker/build-push-action
+      - name: Build and push 'snipe-it' image
+        id: docker_build
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          file: ./Dockerfile
+          platforms: linux/amd64
+          # For pull requests, we run the Docker build (to ensure no PR changes break the build),
+          # but we ONLY do an image push to DockerHub if it's NOT a PR
+          push: ${{ github.event_name != 'pull_request' }}
+          # Use tags / labels provided by 'docker/metadata-action' above
+          tags: ${{ steps.meta_build.outputs.tags }}
+          labels: ${{ steps.meta_build.outputs.labels }}

.nvmrc

@@ -1 +1 @@
-v10.15.1
+v12.22.1

Dockerfile

@@ -1,5 +1,5 @@
-FROM ubuntu:focal
-LABEL maintainer Brady Wetherington <bwetherington@grokability.com>
+FROM ubuntu:20.04
+LABEL maintainer="Brady Wetherington <bwetherington@grokability.com>"
 
 # No need to add `apt-get clean` here, reference:
 # - https://github.com/snipe/snipe-it/pull/9201
@@ -41,6 +41,7 @@ libmcrypt-dev \
 php7.4-dev \
 ca-certificates \
 unzip \
+dnsutils \
 && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
 
 
@@ -77,6 +78,8 @@ COPY . /var/www/html
 
 RUN a2enmod rewrite
 
+COPY docker/column-statistics.cnf /etc/mysql/conf.d/column-statistics.cnf
+
 ############ INITIAL APPLICATION SETUP #####################
 
 WORKDIR /var/www/html
@@ -135,4 +138,4 @@ RUN chmod +x /startup.sh /usr/bin/supervisor-exit-event-listener
 CMD ["/startup.sh"]
 
 EXPOSE 80
-EXPOSE 443
+EXPOSE 443

Dockerfile.alpine

@@ -1,4 +1,4 @@
-FROM alpine:3
+FROM alpine:3.14.2
 # Apache + PHP
 RUN  apk add --no-cache \
         apache2 \
@@ -25,6 +25,8 @@ RUN  apk add --no-cache \
         php7-session \
         php7-dom \
         php7-xmlwriter \
+        php7-xmlreader \
+        php7-sodium \
         curl \
         wget \
         vim \
@@ -32,6 +34,8 @@ RUN  apk add --no-cache \
         mysql-client \
         tini
 
+COPY docker/column-statistics.cnf /etc/mysql/conf.d/column-statistics.cnf
+
 # Where apache's PID lives
 RUN mkdir -p /run/apache2 && chown apache:apache /run/apache2
 
@@ -80,4 +84,4 @@ ENTRYPOINT ["/sbin/tini", "--"]
 
 CMD ["/entrypoint.sh"]
 
-EXPOSE 80
+EXPOSE 80

Dockerfile.fpm-alpine

@@ -98,5 +98,6 @@ VOLUME [ "/var/lib/snipeit" ]
 
 COPY --chown=www-data:www-data docker/docker-secrets.env /var/www/html/.env
 COPY --chmod=655 docker/docker-entrypoint.sh /usr/local/bin/docker-snipeit-entrypoint
+COPY docker/column-statistics.cnf /etc/mysql/conf.d/column-statistics.cnf
 ENTRYPOINT [ "/usr/local/bin/docker-snipeit-entrypoint" ]
 CMD [ "/usr/local/bin/docker-php-entrypoint", "php-fpm" ]

README.md

@@ -1,5 +1,5 @@
 ![Build Status](https://app.chipperci.com/projects/0e5f8979-31eb-4ee6-9abf-050b76ab0383/status/master) [![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.svg)](https://crowdin.com/project/snipe-it) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeitapp.svg?style=social)](https://twitter.com/snipeitapp)  [![Codacy Badge](https://api.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://www.codacy.com/app/snipe/snipe-it?utm_source=github.com&utm_medium=referral&utm_content=snipe/snipe-it&utm_campaign=Badge_Grade)
-[![All Contributors](https://img.shields.io/badge/all_contributors-271-orange.svg?style=flat-square)](#contributors) [![Discord](https://badgen.net/badge/icon/discord?icon=discord&label)](https://discord.gg/yZFtShAcKk) [![huntr](https://cdn.huntr.dev/huntr_security_badge_mono.svg)](https://huntr.dev)
+[![All Contributors](https://img.shields.io/badge/all_contributors-284-orange.svg?style=flat-square)](#contributors) [![Discord](https://badgen.net/badge/icon/discord?icon=discord&label)](https://discord.gg/yZFtShAcKk) [![huntr](https://cdn.huntr.dev/huntr_security_badge_mono.svg)](https://huntr.dev)
 
 ## Snipe-IT - Open Source Asset Management System
 
@@ -128,8 +128,10 @@ Thanks goes to all of these wonderful people ([emoji key](https://github.com/ken
 | [<img src="https://avatars.githubusercontent.com/u/9255772?v=4" width="110px;"/><br /><sub>Mark Stenglein</sub>](https://markstenglein.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ocelotsloth "Code") | [<img src="https://avatars.githubusercontent.com/u/35658596?v=4" width="110px;"/><br /><sub>ajsy</sub>](https://github.com/ajsy)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ajsy "Code") | [<img src="https://avatars.githubusercontent.com/u/3628035?v=4" width="110px;"/><br /><sub>Jan Kiesewetter</sub>](https://github.com/t3easy)<br />[💻](https://github.com/snipe/snipe-it/commits?author=t3easy "Code") | [<img src="https://avatars.githubusercontent.com/u/79449630?v=4" width="110px;"/><br /><sub>Tetrachloromethane250</sub>](https://github.com/Tetrachloromethane250)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Tetrachloromethane250 "Code") | [<img src="https://avatars.githubusercontent.com/u/22004482?v=4" width="110px;"/><br /><sub>Lars Kajes</sub>](https://www.kajes.se/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=kajes "Code") | [<img src="https://avatars.githubusercontent.com/u/13993216?v=4" width="110px;"/><br /><sub>Joly0</sub>](https://github.com/Joly0)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Joly0 "Code") | [<img src="https://avatars.githubusercontent.com/u/1501022?v=4" width="110px;"/><br /><sub>theburger</sub>](https://github.com/limeless)<br />[💻](https://github.com/snipe/snipe-it/commits?author=limeless "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/36065681?v=4" width="110px;"/><br /><sub>David Valin Alonso</sub>](https://github.com/deivishome)<br />[💻](https://github.com/snipe/snipe-it/commits?author=deivishome "Code") | [<img src="https://avatars.githubusercontent.com/u/8290389?v=4" width="110px;"/><br /><sub>andreaci</sub>](https://github.com/andreaci)<br />[💻](https://github.com/snipe/snipe-it/commits?author=andreaci "Code") | [<img src="https://avatars.githubusercontent.com/u/1828542?v=4" width="110px;"/><br /><sub>Jelle Sebreghts</sub>](http://www.jellesebreghts.be)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Jelle-S "Code") | [<img src="https://avatars.githubusercontent.com/u/11180862?v=4" width="110px;"/><br /><sub>Michael Pietsch</sub>](https://github.com/Skywalker-11)<br /> | [<img src="https://avatars.githubusercontent.com/u/22068886?v=4" width="110px;"/><br /><sub>Masudul Haque Shihab</sub>](https://github.com/sh1hab)<br />[💻](https://github.com/snipe/snipe-it/commits?author=sh1hab "Code") | [<img src="https://avatars.githubusercontent.com/u/16099942?v=4" width="110px;"/><br /><sub>Supapong Areeprasertkul</sub>](http://www.freedomdive.com/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=zybersup "Code") | [<img src="https://avatars.githubusercontent.com/u/207358?v=4" width="110px;"/><br /><sub>Peter Sarossy</sub>](https://github.com/psarossy)<br />[💻](https://github.com/snipe/snipe-it/commits?author=psarossy "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/11823649?v=4" width="110px;"/><br /><sub>Renee Margaret McConahy</sub>](https://github.com/nepella)<br />[💻](https://github.com/snipe/snipe-it/commits?author=nepella "Code") | [<img src="https://avatars.githubusercontent.com/u/5553884?v=4" width="110px;"/><br /><sub>JohnnyPicnic</sub>](https://github.com/JohnnyPicnic)<br />[💻](https://github.com/snipe/snipe-it/commits?author=JohnnyPicnic "Code") | [<img src="https://avatars.githubusercontent.com/u/8799594?v=4" width="110px;"/><br /><sub>markbrule</sub>](https://github.com/markbrule)<br />[💻](https://github.com/snipe/snipe-it/commits?author=markbrule "Code") | [<img src="https://avatars.githubusercontent.com/u/1962801?v=4" width="110px;"/><br /><sub>Mike Campbell</sub>](https://github.com/mikecmpbll)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mikecmpbll "Code") | [<img src="https://avatars.githubusercontent.com/u/11973217?v=4" width="110px;"/><br /><sub>tbrconnect</sub>](https://github.com/tbrconnect)<br />[💻](https://github.com/snipe/snipe-it/commits?author=tbrconnect "Code") | [<img src="https://avatars.githubusercontent.com/u/12447225?v=4" width="110px;"/><br /><sub>kcoyo</sub>](https://github.com/kcoyo)<br />[💻](https://github.com/snipe/snipe-it/commits?author=kcoyo "Code") | [<img src="https://avatars.githubusercontent.com/u/494017?v=4" width="110px;"/><br /><sub>Travis Miller</sub>](https://travismiller.com/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=travismiller "Code") |
-| [<img src="https://avatars.githubusercontent.com/u/8735148?v=4" width="110px;"/><br /><sub>Petri Asikainen</sub>](https://github.com/PetriAsi)<br />[💻](https://github.com/snipe/snipe-it/commits?author=PetriAsi "Code") | [<img src="https://avatars.githubusercontent.com/u/11424540?v=4" width="110px;"/><br /><sub>derdeagle</sub>](https://github.com/derdeagle)<br />[💻](https://github.com/snipe/snipe-it/commits?author=derdeagle "Code") | [<img src="https://avatars.githubusercontent.com/u/176950?v=4" width="110px;"/><br /><sub>Mike Frysinger</sub>](https://wh0rd.org/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=vapier "Code") | [<img src="https://avatars.githubusercontent.com/u/22044358?v=4" width="110px;"/><br /><sub>ALPHA</sub>](https://github.com/AL4AL)<br />[💻](https://github.com/snipe/snipe-it/commits?author=AL4AL "Code") | [<img src="https://avatars.githubusercontent.com/u/1042587?v=4" width="110px;"/><br /><sub>FliegenKLATSCH</sub>](https://www.ifern.de)<br />[💻](https://github.com/snipe/snipe-it/commits?author=FliegenKLATSCH "Code") | [<img src="https://avatars.githubusercontent.com/u/442138?v=4" width="110px;"/><br /><sub>Jeremy Price</sub>](https://github.com/jerm)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jerm "Code") | [<img src="https://avatars.githubusercontent.com/u/84392209?v=4" width="110px;"/><br /><sub>Toreg87</sub>](https://github.com/Toreg87)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Toreg87 "Code") |
-| [<img src="https://avatars.githubusercontent.com/u/67638596?v=4" width="110px;"/><br /><sub>Matthew Nickson</sub>](https://github.com/Computroniks)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Computroniks "Code") | [<img src="https://avatars.githubusercontent.com/u/1646397?v=4" width="110px;"/><br /><sub>Jethro Nederhof</sub>](https://jethron.id.au)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jethron "Code") | [<img src="https://avatars.githubusercontent.com/u/23289826?v=4" width="110px;"/><br /><sub>Oskar Stenberg</sub>](https://github.com/01ste02)<br />[💻](https://github.com/snipe/snipe-it/commits?author=01ste02 "Code") | [<img src="https://avatars.githubusercontent.com/u/82208283?v=4" width="110px;"/><br /><sub>Robert-Azelis</sub>](https://github.com/Robert-Azelis)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Robert-Azelis "Code") | [<img src="https://avatars.githubusercontent.com/u/60648387?v=4" width="110px;"/><br /><sub>Alexander William Smith</sub>](https://github.com/alwism)<br />[💻](https://github.com/snipe/snipe-it/commits?author=alwism "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/1975640?v=4" width="110px;"/><br /><sub>Evan Taylor</sub>](https://github.com/Delta5)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Delta5 "Code") | [<img src="https://avatars.githubusercontent.com/u/8735148?v=4" width="110px;"/><br /><sub>Petri Asikainen</sub>](https://github.com/PetriAsi)<br />[💻](https://github.com/snipe/snipe-it/commits?author=PetriAsi "Code") | [<img src="https://avatars.githubusercontent.com/u/11424540?v=4" width="110px;"/><br /><sub>derdeagle</sub>](https://github.com/derdeagle)<br />[💻](https://github.com/snipe/snipe-it/commits?author=derdeagle "Code") | [<img src="https://avatars.githubusercontent.com/u/176950?v=4" width="110px;"/><br /><sub>Mike Frysinger</sub>](https://wh0rd.org/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=vapier "Code") | [<img src="https://avatars.githubusercontent.com/u/22044358?v=4" width="110px;"/><br /><sub>ALPHA</sub>](https://github.com/AL4AL)<br />[💻](https://github.com/snipe/snipe-it/commits?author=AL4AL "Code") | [<img src="https://avatars.githubusercontent.com/u/1042587?v=4" width="110px;"/><br /><sub>FliegenKLATSCH</sub>](https://www.ifern.de)<br />[💻](https://github.com/snipe/snipe-it/commits?author=FliegenKLATSCH "Code") | [<img src="https://avatars.githubusercontent.com/u/442138?v=4" width="110px;"/><br /><sub>Jeremy Price</sub>](https://github.com/jerm)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jerm "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/84392209?v=4" width="110px;"/><br /><sub>Toreg87</sub>](https://github.com/Toreg87)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Toreg87 "Code") | [<img src="https://avatars.githubusercontent.com/u/67638596?v=4" width="110px;"/><br /><sub>Matthew Nickson</sub>](https://github.com/Computroniks)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Computroniks "Code") | [<img src="https://avatars.githubusercontent.com/u/1646397?v=4" width="110px;"/><br /><sub>Jethro Nederhof</sub>](https://jethron.id.au)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jethron "Code") | [<img src="https://avatars.githubusercontent.com/u/23289826?v=4" width="110px;"/><br /><sub>Oskar Stenberg</sub>](https://github.com/01ste02)<br />[💻](https://github.com/snipe/snipe-it/commits?author=01ste02 "Code") | [<img src="https://avatars.githubusercontent.com/u/82208283?v=4" width="110px;"/><br /><sub>Robert-Azelis</sub>](https://github.com/Robert-Azelis)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Robert-Azelis "Code") | [<img src="https://avatars.githubusercontent.com/u/60648387?v=4" width="110px;"/><br /><sub>Alexander William Smith</sub>](https://github.com/alwism)<br />[💻](https://github.com/snipe/snipe-it/commits?author=alwism "Code") | [<img src="https://avatars.githubusercontent.com/u/24418301?v=4" width="110px;"/><br /><sub>LEITWERK AG</sub>](https://www.leitwerk.de/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=leitwerk-ag "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/1911435?v=4" width="110px;"/><br /><sub>Adam</sub>](http://www.aboutcher.co.uk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=adamboutcher "Code") | [<img src="https://avatars.githubusercontent.com/u/16104273?v=4" width="110px;"/><br /><sub>Ian</sub>](https://snksrv.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=sneak-it "Code") | [<img src="https://avatars.githubusercontent.com/u/4023909?v=4" width="110px;"/><br /><sub>Shao Yu-Lung (Allen)</sub>](http://blog.bestlong.idv.tw/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=bestlong "Code") | [<img src="https://avatars.githubusercontent.com/u/76475453?v=4" width="110px;"/><br /><sub>Haxatron</sub>](https://github.com/Haxatron)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Haxatron "Code") | [<img src="https://avatars.githubusercontent.com/u/88776392?v=4" width="110px;"/><br /><sub>PlaneNuts</sub>](https://github.com/PlaneNuts)<br />[💻](https://github.com/snipe/snipe-it/commits?author=PlaneNuts "Code") | [<img src="https://avatars.githubusercontent.com/u/3842948?v=4" width="110px;"/><br /><sub>Bradley Coudriet</sub>](http://bjcpgd.cias.rit.edu)<br />[💻](https://github.com/snipe/snipe-it/commits?author=exula "Code") | [<img src="https://avatars.githubusercontent.com/u/21966173?v=4" width="110px;"/><br /><sub>Dalton Durst</sub>](https://daltondur.st)<br />[💻](https://github.com/snipe/snipe-it/commits?author=UniversalSuperBox "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/38761237?v=4" width="110px;"/><br /><sub>Alex Janes</sub>](https://adagiohealth.org)<br />[💻](https://github.com/snipe/snipe-it/commits?author=adagioajanes "Code") | [<img src="https://avatars.githubusercontent.com/u/32387849?v=4" width="110px;"/><br /><sub>Nuraeil</sub>](https://github.com/nuraeil)<br />[💻](https://github.com/snipe/snipe-it/commits?author=nuraeil "Code") | [<img src="https://avatars.githubusercontent.com/u/48162670?v=4" width="110px;"/><br /><sub>TenOfTens</sub>](https://github.com/TenOfTens)<br />[💻](https://github.com/snipe/snipe-it/commits?author=TenOfTens "Code") | [<img src="https://avatars.githubusercontent.com/u/9415391?v=4" width="110px;"/><br /><sub>waffle</sub>](https://ditisjens.be/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=insert-waffle "Code") |
 <!-- ALL-CONTRIBUTORS-LIST:END -->
 
 This project follows the [all-contributors](https://github.com/kentcdodds/all-contributors) specification. Contributions of any kind welcome!

app/Console/Commands/CheckinLicensesFromAllUsers.php

@@ -2,10 +2,10 @@
 
 namespace App\Console\Commands;
 
-use App\Models\LicenseSeat;
-use Illuminate\Console\Command;
-use App\Models\User;
 use App\Models\License;
+use App\Models\LicenseSeat;
+use App\Models\User;
+use Illuminate\Console\Command;
 use Illuminate\Database\Eloquent\Model;
 
 class CheckinLicensesFromAllUsers extends Command
@@ -41,55 +41,48 @@ class CheckinLicensesFromAllUsers extends Command
      */
     public function handle()
     {
-
         $license_id = $this->option('license_id');
         $notify = $this->option('notify');
 
-        if (!$license_id) {
+        if (! $license_id) {
             $this->error('ERROR: License ID is required.');
+
             return false;
         }
 
-
-        if (!$license = License::where('id','=',$license_id)->first()) {
+        if (! $license = License::where('id', '=', $license_id)->first()) {
             $this->error('Invalid license ID');
+
             return false;
         }
 
         $this->info('Checking in ALL seats for '.$license->name);
 
-
         $licenseSeats = LicenseSeat::where('license_id', '=', $license_id)
             ->whereNotNull('assigned_to')
             ->with('user')
             ->get();
 
-        $this->info(' There are ' .$licenseSeats->count(). ' seats checked out: ');
+        $this->info(' There are '.$licenseSeats->count().' seats checked out: ');
 
-        if (!$notify) {
+        if (! $notify) {
             $this->info('No mail will be sent.');
         }
 
         foreach ($licenseSeats as $seat) {
-            $this->info($seat->user->username .' has a license seat for '.$license->name);
+            $this->info($seat->user->username.' has a license seat for '.$license->name);
             $seat->assigned_to = null;
 
             if ($seat->save()) {
 
                 // Override the email address so we don't notify on checkin
-                if (!$notify) {
+                if (! $notify) {
                     $seat->user->email = null;
                 }
 
                 // Log the checkin
                 $seat->logCheckin($seat->user, 'Checked in via cli tool');
             }
-
-
-
-
         }
-        
-
     }
 }

app/Console/Commands/CheckoutLicenseToAllUsers.php

@@ -2,10 +2,10 @@
 
 namespace App\Console\Commands;
 
-use App\Models\LicenseSeat;
-use Illuminate\Console\Command;
-use App\Models\User;
 use App\Models\License;
+use App\Models\LicenseSeat;
+use App\Models\User;
+use Illuminate\Console\Command;
 use Illuminate\Database\Eloquent\Model;
 
 class CheckoutLicenseToAllUsers extends Command
@@ -41,18 +41,18 @@ class CheckoutLicenseToAllUsers extends Command
      */
     public function handle()
     {
-
         $license_id = $this->option('license_id');
         $notify = $this->option('notify');
 
-        if (!$license_id) {
-             $this->error('ERROR: License ID is required.');
-             return false;
+        if (! $license_id) {
+            $this->error('ERROR: License ID is required.');
+
+            return false;
         }
 
-
-        if (!$license = License::where('id','=',$license_id)->with('assignedusers')->first()) {
+        if (! $license = License::where('id', '=', $license_id)->with('assignedusers')->first()) {
             $this->error('Invalid license ID');
+
             return false;
         }
 
@@ -64,7 +64,7 @@ class CheckoutLicenseToAllUsers extends Command
 
         $this->info('Checking out '.$users->count().' of '.$license->getAvailSeatsCountAttribute().' seats for '.$license->name);
 
-        if (!$notify) {
+        if (! $notify) {
             $this->info('No mail will be sent.');
         }
 
@@ -74,14 +74,14 @@ class CheckoutLicenseToAllUsers extends Command
             // to them
 
             if ($user->licenses->where('id', '=', $license_id)->count()) {
-                $this->info($user->username .' already has this license checked out to them. Skipping... ');
+                $this->info($user->username.' already has this license checked out to them. Skipping... ');
                 continue;
             }
 
-            
             // If the license is valid, check that there is an available seat
             if ($license->availCount()->count() < 1) {
                 $this->error('ERROR: No available seats');
+
                 return false;
             }
 
@@ -89,13 +89,12 @@ class CheckoutLicenseToAllUsers extends Command
             // Get the seat ID
             $licenseSeat = $license->freeSeat();
 
-
             // Update the seat with checkout info,
-           $licenseSeat->assigned_to = $user->id;
+            $licenseSeat->assigned_to = $user->id;
             if ($licenseSeat->save()) {
 
                 // Temporarily null the user's email address so we don't send mail if we're not supposed to
-                if (!$notify) {
+                if (! $notify) {
                     $user->email = null;
                 }
 
@@ -103,10 +102,6 @@ class CheckoutLicenseToAllUsers extends Command
                 $licenseSeat->logCheckout('Checked out via cli tool', $user);
                 $this->info('License '.$license_id.' seat '.$licenseSeat->id.' checked out to '.$user->username);
             }
-
         }
-
-
-
     }
 }

app/Console/Commands/CreateAdmin.php

@@ -37,7 +37,6 @@ class CreateAdmin extends Command
      */
     public function handle()
     {
-
         $first_name = $this->option('first_name');
         $last_name = $this->option('last_name');
         $username = $this->option('username');
@@ -45,7 +44,7 @@ class CreateAdmin extends Command
         $password = $this->option('password');
         $show_in_list = $this->argument('show_in_list');
 
-        if (($first_name=='') || ($last_name=='') || ($username=='') || ($email=='') || ($password=='')) {
+        if (($first_name == '') || ($last_name == '') || ($username == '') || ($email == '') || ($password == '')) {
             $this->info('ERROR: All fields are required.');
         } else {
             $user = new \App\Models\User;
@@ -68,12 +67,9 @@ class CreateAdmin extends Command
                 $errors = $user->getErrors();
 
                 foreach ($errors->all() as $error) {
-                    $this->info('ERROR:'. $error);
+                    $this->info('ERROR:'.$error);
                 }
-
             }
         }
-
     }
-
 }

app/Console/Commands/DisableLDAP.php

@@ -38,9 +38,7 @@ class DisableLDAP extends Command
      */
     public function handle()
     {
-
         if ($this->confirm("\n****************************************************\nThis will disable LDAP support. You will not be able \nto login with an account that does not exist \nlocally in the Snipe-IT local database. \n****************************************************\n\nDo you wish to continue? [y|N]")) {
-
             $setting = Setting::getSettings();
             $setting->ldap_enabled = 0;
             if ($setting->save()) {
@@ -51,6 +49,5 @@ class DisableLDAP extends Command
         } else {
             $this->info('Canceled. No actions taken.');
         }
-
     }
 }

app/Console/Commands/FixDoubleEscape.php

@@ -37,49 +37,43 @@ class FixDoubleEscape extends Command
      */
     public function handle()
     {
-
         $tables = [
-            '\App\Models\Asset' => ['name'],
-            '\App\Models\License' => ['name'],
-            '\App\Models\Consumable' => ['name'],
-            '\App\Models\Accessory' => ['name'],
-            '\App\Models\Component' => ['name'],
-            '\App\Models\Company' => ['name'],
-            '\App\Models\Manufacturer' => ['name'],
-            '\App\Models\Supplier' => ['name'],
-            '\App\Models\Statuslabel' => ['name'],
-            '\App\Models\Depreciation' => ['name'],
-            '\App\Models\AssetModel' => ['name'],
-            '\App\Models\Group' => ['name'],
-            '\App\Models\Department' => ['name'],
-            '\App\Models\Location' => ['name'],
-            '\App\Models\User' => ['first_name', 'last_name'],
+            \App\Models\Asset::class => ['name'],
+            \App\Models\License::class => ['name'],
+            \App\Models\Consumable::class => ['name'],
+            \App\Models\Accessory::class => ['name'],
+            \App\Models\Component::class => ['name'],
+            \App\Models\Company::class => ['name'],
+            \App\Models\Manufacturer::class => ['name'],
+            \App\Models\Supplier::class => ['name'],
+            \App\Models\Statuslabel::class => ['name'],
+            \App\Models\Depreciation::class => ['name'],
+            \App\Models\AssetModel::class => ['name'],
+            \App\Models\Group::class => ['name'],
+            \App\Models\Department::class => ['name'],
+            \App\Models\Location::class => ['name'],
+            \App\Models\User::class => ['first_name', 'last_name'],
         ];
 
-        $count = array();
+        $count = [];
 
+        foreach ($tables as $classname => $fields) {
+            $count[$classname] = [];
+            $count[$classname]['classname'] = 0;
 
+            foreach ($fields as $field) {
+                $count[$classname]['classname']++;
+                $count[$classname][$field] = 0;
 
-            foreach ($tables as $classname => $fields) {
-                $count[$classname] = array();
-                $count[$classname]['classname'] = 0;
-
-                foreach($fields as $field) {
-
-                    $count[$classname]['classname']++;
-                    $count[$classname][$field] = 0;
-
-                    foreach($classname::where("$field",'LIKE','%&%')->get() as $row) {
-                        $this->info('Updating '.$field.' for '.$classname);
-                        $row->{$field} = html_entity_decode($row->{$field},ENT_QUOTES);
-                        $row->save();
-                        $count[$classname][$field]++;
-
-                    }
+                foreach ($classname::where("$field", 'LIKE', '%&%')->get() as $row) {
+                    $this->info('Updating '.$field.' for '.$classname);
+                    $row->{$field} = html_entity_decode($row->{$field}, ENT_QUOTES);
+                    $row->save();
+                    $count[$classname][$field]++;
                 }
             }
+        }
 
         $this->info('Update complete');
-
     }
 }

app/Console/Commands/FixMismatchedAssetsAndLogs.php

@@ -29,7 +29,6 @@ class FixMismatchedAssetsAndLogs extends Command
      */
     private $dryrun = false;
 
-
     /**
      * Create a new command instance.
      *
@@ -47,30 +46,29 @@ class FixMismatchedAssetsAndLogs extends Command
      */
     public function handle()
     {
-
         if ($this->option('dryrun')) {
             $this->dryrun = true;
         }
 
         if ($this->dryrun) {
-            $this->info('This is a DRY RUN - no changes will be saved.' );
+            $this->info('This is a DRY RUN - no changes will be saved.');
         }
 
         $mismatch_count = 0;
         $assets = Asset::whereNotNull('assigned_to')
-            ->where('assigned_type', '=', 'App\\Models\\User')
+            ->where('assigned_type', '=', \App\Models\User::class)
             ->orderBy('id', 'ASC')->get();
         foreach ($assets as $asset) {
 
             // get the last checkout of the asset
-            if ($checkout_log = Actionlog::where('target_type', '=', 'App\\Models\\User')
+            if ($checkout_log = Actionlog::where('target_type', '=', \App\Models\User::class)
                 ->where('action_type', '=', 'checkout')
                 ->where('item_id', '=', $asset->id)
                 ->orderBy('created_at', 'DESC')
                 ->first()) {
 
                     // Now check for a subsequent checkin log - we want to ignore those
-                    if (!$checkin_log = Actionlog::where('target_type', '=', 'App\\Models\\User')
+                if (! $checkin_log = Actionlog::where('target_type', '=', \App\Models\User::class)
                         ->where('action_type', '=', 'checkin from')
                         ->where('item_id', '=', $asset->id)
                         ->whereDate('created_at', '>', $checkout_log->created_at)
@@ -78,28 +76,24 @@ class FixMismatchedAssetsAndLogs extends Command
                         ->first()) {
 
                         //print_r($asset);
-                        if ($checkout_log->target_id != $asset->assigned_to) {
-                            $this->error('Log ID: '.$checkout_log->id.' -- Asset ID '. $checkout_log->item_id.' SHOULD BE checked out to User '.$checkout_log->target_id.' but its assigned_to is '.$asset->assigned_to );
+                    if ($checkout_log->target_id != $asset->assigned_to) {
+                        $this->error('Log ID: '.$checkout_log->id.' -- Asset ID '.$checkout_log->item_id.' SHOULD BE checked out to User '.$checkout_log->target_id.' but its assigned_to is '.$asset->assigned_to);
 
-                            if (!$this->dryrun) {
-                                $asset->assigned_to = $checkout_log->target_id;
-                                if ($asset->save()) {
-                                    $this->info('Asset record updated.');
-                                } else {
-                                    $this->error('Error updating asset: '.$asset->getErrors());
-                                }
+                        if (! $this->dryrun) {
+                            $asset->assigned_to = $checkout_log->target_id;
+                            if ($asset->save()) {
+                                $this->info('Asset record updated.');
+                            } else {
+                                $this->error('Error updating asset: '.$asset->getErrors());
                             }
-                            $mismatch_count++;
                         }
-                    } else {
-                        //$this->info('Asset ID '.$asset->id.': There is a checkin '.$checkin_log->created_at.' after this checkout '.$checkout_log->created_at);
-
+                        $mismatch_count++;
                     }
-
+                } else {
+                    //$this->info('Asset ID '.$asset->id.': There is a checkin '.$checkin_log->created_at.' after this checkout '.$checkout_log->created_at);
+                }
             }
-
         }
         $this->info($mismatch_count.' mismatched assets.');
-
     }
 }

app/Console/Commands/ImportLocations.php

@@ -2,9 +2,9 @@
 
 namespace App\Console\Commands;
 
+use App\Models\Location;
 use Illuminate\Console\Command;
 use League\Csv\Reader;
-use App\Models\Location;
 
 class ImportLocations extends Command
 {
@@ -39,10 +39,8 @@ class ImportLocations extends Command
      */
     public function handle()
     {
-
-
-        if (!ini_get("auto_detect_line_endings")) {
-            ini_set("auto_detect_line_endings", '1');
+        if (! ini_get('auto_detect_line_endings')) {
+            ini_set('auto_detect_line_endings', '1');
         }
 
         $filename = $this->argument('filename');
@@ -53,18 +51,17 @@ class ImportLocations extends Command
 
         // Import parent location names first if they don't exist
         foreach ($results as $parent_index => $parent_row) {
-
             if (array_key_exists('Parent Name', $parent_row)) {
                 $parent_name = trim($parent_row['Parent Name']);
                 if (array_key_exists('Name', $parent_row)) {
-                    $this->info('- Parent: ' . $parent_name . ' in row as: ' . trim($parent_row['Parent Name']));
+                    $this->info('- Parent: '.$parent_name.' in row as: '.trim($parent_row['Parent Name']));
                 }
 
                 // Save parent location name
                 // This creates a sort of name-stub that we'll update later on in this script
-                $parent_location = Location::firstOrCreate(array('name' => $parent_name));
+                $parent_location = Location::firstOrCreate(['name' => $parent_name]);
                 if (array_key_exists('Name', $parent_row)) {
-                    $this->info('Parent for ' . $parent_row['Name'] . ' is ' . $parent_name . '. Attempting to save ' . $parent_name . '.');
+                    $this->info('Parent for '.$parent_row['Name'].' is '.$parent_name.'. Attempting to save '.$parent_name.'.');
                 }
 
                 // Check if the record was updated or created.
@@ -74,18 +71,15 @@ class ImportLocations extends Command
                 } else {
                     $this->info('- Parent location '.$parent_name.' was created.');
                 }
-
             } else {
                 $this->info('- No Parent Name provided, so no parent location will be created.');
             }
-
         }
 
         $this->info('----- Parents Created.... backfilling additional details... --------');
         // Loop through ALL records and add/update them if there are additional fields
         // besides name
         foreach ($results as $index => $row) {
-
             if (array_key_exists('Parent Name', $row)) {
                 $parent_name = trim($row['Parent Name']);
             } else {
@@ -94,11 +88,12 @@ class ImportLocations extends Command
 
             // Set the location attributes to save
             if (array_key_exists('Name', $row)) {
-                $location = Location::firstOrCreate(array('name' => trim($row['Name'])));
+                $location = Location::firstOrCreate(['name' => trim($row['Name'])]);
                 $location->name = trim($row['Name']);
                 $this->info('Checking location: '.$location->name);
             } else {
                 $this->error('Location name is required and is missing from at least one row in this dataset. Check your CSV for extra trailing rows and try again.');
+
                 return false;
             }
             if (array_key_exists('Currency', $row)) {
@@ -126,7 +121,6 @@ class ImportLocations extends Command
                 $location->ldap_ou = trim($row['OU']);
             }
 
-
             // If a parent name is provided, we created it earlier in the script,
             // so let's grab that ID
             if ($parent_name) {
@@ -142,21 +136,15 @@ class ImportLocations extends Command
                 // Check if the record was updated or created.
                 // This is mostly for clearer debugging.
                 if ($location->exists) {
-                    $this->info('Location ' . $location->name . ' already exists. Updating...');
+                    $this->info('Location '.$location->name.' already exists. Updating...');
                 } else {
                     $this->info('- Location '.$location->name.' was created. ');
                 }
 
-            // If there's a validation error, display that
+                // If there's a validation error, display that
             } else {
-                $this->error('- Non-parent Location '.$location->name.' could not be created: '.$location->getErrors() );
+                $this->error('- Non-parent Location '.$location->name.' could not be created: '.$location->getErrors());
             }
-
-
-
-
         }
-
-
     }
 }

app/Console/Commands/KillAllSessions.php

@@ -0,0 +1,59 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+
+class KillAllSessions extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:global-logout  {--force : Skip the danger prompt; assuming you enter "y"} ';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This command will destroy all web sessions on disk and will force a re-login for all users.';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+        if (!$this->option('force') && !$this->confirm("****************************************************\nTHIS WILL FORCE A LOGIN FOR ALL LOGGED IN USERS.\n\nAre you SURE you wish to continue? ")) {
+            return $this->error("Session loss not confirmed");
+        }
+
+        $session_files = glob(storage_path("framework/sessions/*"));
+
+        $count = 0;
+        foreach ($session_files as $file) {
+
+            if (is_file($file))
+                unlink($file);
+                $count++;
+        }
+        \DB::table('users')->update(['remember_token' => null]);
+
+        $this->info($count. ' sessions cleared!');
+
+    }
+}

app/Console/Commands/LdapSync.php

@@ -54,7 +54,7 @@ class LdapSync extends Command
         $ldap_result_email = Setting::getSettings()->ldap_email;
         $ldap_result_phone = Setting::getSettings()->ldap_phone_field;
         $ldap_result_jobtitle = Setting::getSettings()->ldap_jobtitle;
-        $ldap_result_country      = Setting::getSettings()->ldap_country;
+        $ldap_result_country = Setting::getSettings()->ldap_country;
         $ldap_result_dept = Setting::getSettings()->ldap_dept;
 
         try {
@@ -62,14 +62,15 @@ class LdapSync extends Command
             Ldap::bindAdminToLdap($ldapconn);
         } catch (\Exception $e) {
             if ($this->option('json_summary')) {
-                $json_summary = [ "error" => true, "error_message" => $e->getMessage(), "summary" => [] ];
+                $json_summary = ['error' => true, 'error_message' => $e->getMessage(), 'summary' => []];
                 $this->info(json_encode($json_summary));
             }
             LOG::info($e);
+
             return [];
         }
 
-        $summary = array();
+        $summary = [];
 
         try {
             if ($this->option('base_dn') != '') {
@@ -81,78 +82,78 @@ class LdapSync extends Command
             $results = Ldap::findLdapUsers($search_base);
         } catch (\Exception $e) {
             if ($this->option('json_summary')) {
-                $json_summary = [ "error" => true, "error_message" => $e->getMessage(), "summary" => [] ];
+                $json_summary = ['error' => true, 'error_message' => $e->getMessage(), 'summary' => []];
                 $this->info(json_encode($json_summary));
             }
             LOG::info($e);
+
             return [];
         }
 
         /* Determine which location to assign users to by default. */
-        $location = NULL; // FIXME - this would be better called "$default_location", which is more explicit about its purpose
+        $location = null; // TODO - this would be better called "$default_location", which is more explicit about its purpose
 
-        if ($this->option('location')!='') {
+        if ($this->option('location') != '') {
             $location = Location::where('name', '=', $this->option('location'))->first();
             LOG::debug('Location name '.$this->option('location').' passed');
             LOG::debug('Importing to '.$location->name.' ('.$location->id.')');
-        } elseif ($this->option('location_id')!='') {
+        } elseif ($this->option('location_id') != '') {
             $location = Location::where('id', '=', $this->option('location_id'))->first();
             LOG::debug('Location ID '.$this->option('location_id').' passed');
             LOG::debug('Importing to '.$location->name.' ('.$location->id.')');
         }
 
-        if (!isset($location)) {
+        if (! isset($location)) {
             LOG::debug('That location is invalid or a location was not provided, so no location will be assigned by default.');
         }
 
         /* Process locations with explicitly defined OUs, if doing a full import. */
-        if ($this->option('base_dn')=='') {
+        if ($this->option('base_dn') == '') {
             // Retrieve locations with a mapped OU, and sort them from the shallowest to deepest OU (see #3993)
             $ldap_ou_locations = Location::where('ldap_ou', '!=', '')->get()->toArray();
-            $ldap_ou_lengths = array();
+            $ldap_ou_lengths = [];
 
             foreach ($ldap_ou_locations as $ou_loc) {
-                $ldap_ou_lengths[] = strlen($ou_loc["ldap_ou"]);
+                $ldap_ou_lengths[] = strlen($ou_loc['ldap_ou']);
             }
 
             array_multisort($ldap_ou_lengths, SORT_ASC, $ldap_ou_locations);
 
-            if (sizeof($ldap_ou_locations) > 0) {
+            if (count($ldap_ou_locations) > 0) {
                 LOG::debug('Some locations have special OUs set. Locations will be automatically set for users in those OUs.');
             }
 
             // Inject location information fields
-            for ($i = 0; $i < $results["count"]; $i++) {
-                $results[$i]["ldap_location_override"] = false;
-                $results[$i]["location_id"] = 0;
+            for ($i = 0; $i < $results['count']; $i++) {
+                $results[$i]['ldap_location_override'] = false;
+                $results[$i]['location_id'] = 0;
             }
 
             // Grab subsets based on location-specific DNs, and overwrite location for these users.
             foreach ($ldap_ou_locations as $ldap_loc) {
                 try {
-                    $location_users = Ldap::findLdapUsers($ldap_loc["ldap_ou"]);
-                } catch (\Exception $e) { // FIXME: this is stolen from line 77 or so above
+                    $location_users = Ldap::findLdapUsers($ldap_loc['ldap_ou']);
+                } catch (\Exception $e) { // TODO: this is stolen from line 77 or so above
                     if ($this->option('json_summary')) {
-                        $json_summary = [ "error" => true, "error_message" => trans('admin/users/message.error.ldap_could_not_search')." Location: ".$ldap_loc['name']." (ID: ".$ldap_loc['id'].") cannot connect to \"".$ldap_loc["ldap_ou"]."\" - ".$e->getMessage(), "summary" => [] ];
+                        $json_summary = ['error' => true, 'error_message' => trans('admin/users/message.error.ldap_could_not_search').' Location: '.$ldap_loc['name'].' (ID: '.$ldap_loc['id'].') cannot connect to "'.$ldap_loc['ldap_ou'].'" - '.$e->getMessage(), 'summary' => []];
                         $this->info(json_encode($json_summary));
                     }
                     LOG::info($e);
+
                     return [];
                 }
-                $usernames = array();
-                for ($i = 0; $i < $location_users["count"]; $i++) {
-
+                $usernames = [];
+                for ($i = 0; $i < $location_users['count']; $i++) {
                     if (array_key_exists($ldap_result_username, $location_users[$i])) {
-                        $location_users[$i]["ldap_location_override"] = true;
-                        $location_users[$i]["location_id"] = $ldap_loc["id"];
+                        $location_users[$i]['ldap_location_override'] = true;
+                        $location_users[$i]['location_id'] = $ldap_loc['id'];
                         $usernames[] = $location_users[$i][$ldap_result_username][0];
                     }
-
                 }
 
                 // Delete located users from the general group.
                 foreach ($results as $key => $generic_entry) {
-                   if ((is_array($generic_entry)) && (array_key_exists($ldap_result_username, $generic_entry))) {
+                    if ((is_array($generic_entry)) && (array_key_exists($ldap_result_username, $generic_entry))) {
                         if (in_array($generic_entry[$ldap_result_username][0], $usernames)) {
                             unset($results[$key]);
                         }
@@ -166,55 +167,53 @@ class LdapSync extends Command
         }
 
         /* Create user account entries in Snipe-IT */
-        $tmp_pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
+        $tmp_pass = substr(str_shuffle('0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'), 0, 20);
         $pass = bcrypt($tmp_pass);
 
-        for ($i = 0; $i < $results["count"]; $i++) {
-            if (empty($ldap_result_active_flag) || $results[$i][$ldap_result_active_flag][0] == "TRUE") {
-
-                $item = array();
-                $item["username"] = isset($results[$i][$ldap_result_username][0]) ? $results[$i][$ldap_result_username][0] : "";
-                $item["employee_number"] = isset($results[$i][$ldap_result_emp_num][0]) ? $results[$i][$ldap_result_emp_num][0] : "";
-                $item["lastname"] = isset($results[$i][$ldap_result_last_name][0]) ? $results[$i][$ldap_result_last_name][0] : "";
-                $item["firstname"] = isset($results[$i][$ldap_result_first_name][0]) ? $results[$i][$ldap_result_first_name][0] : "";
-                $item["email"] = isset($results[$i][$ldap_result_email][0]) ? $results[$i][$ldap_result_email][0] : "" ;
-                $item["ldap_location_override"] = isset($results[$i]["ldap_location_override"]) ? $results[$i]["ldap_location_override"]:"";
-                $item["location_id"] = isset($results[$i]["location_id"]) ? $results[$i]["location_id"]:"";
-                $item["telephone"] = isset($results[$i][$ldap_result_phone][0]) ? $results[$i][$ldap_result_phone][0] : "";
-                $item["jobtitle"] = isset($results[$i][$ldap_result_jobtitle][0]) ? $results[$i][$ldap_result_jobtitle][0] : "";
-                $item["country"] = isset($results[$i][$ldap_result_country][0]) ? $results[$i][$ldap_result_country][0] : "";
-                $item["department"] = isset($results[$i][$ldap_result_dept][0]) ? $results[$i][$ldap_result_dept][0] : "";
-
+        for ($i = 0; $i < $results['count']; $i++) {
+            if (empty($ldap_result_active_flag) || $results[$i][$ldap_result_active_flag][0] == 'TRUE') {
+                $item = [];
+                $item['username'] = isset($results[$i][$ldap_result_username][0]) ? $results[$i][$ldap_result_username][0] : '';
+                $item['employee_number'] = isset($results[$i][$ldap_result_emp_num][0]) ? $results[$i][$ldap_result_emp_num][0] : '';
+                $item['lastname'] = isset($results[$i][$ldap_result_last_name][0]) ? $results[$i][$ldap_result_last_name][0] : '';
+                $item['firstname'] = isset($results[$i][$ldap_result_first_name][0]) ? $results[$i][$ldap_result_first_name][0] : '';
+                $item['email'] = isset($results[$i][$ldap_result_email][0]) ? $results[$i][$ldap_result_email][0] : '';
+                $item['ldap_location_override'] = isset($results[$i]['ldap_location_override']) ? $results[$i]['ldap_location_override'] : '';
+                $item['location_id'] = isset($results[$i]['location_id']) ? $results[$i]['location_id'] : '';
+                $item['telephone'] = isset($results[$i][$ldap_result_phone][0]) ? $results[$i][$ldap_result_phone][0] : '';
+                $item['jobtitle'] = isset($results[$i][$ldap_result_jobtitle][0]) ? $results[$i][$ldap_result_jobtitle][0] : '';
+                $item['country'] = isset($results[$i][$ldap_result_country][0]) ? $results[$i][$ldap_result_country][0] : '';
+                $item['department'] = isset($results[$i][$ldap_result_dept][0]) ? $results[$i][$ldap_result_dept][0] : '';
 
                 $department = Department::firstOrCreate([
-                    'name' => $item["department"],
+                    'name' => $item['department'],
                 ]);
 
 
-                $user = User::where('username', $item["username"])->first();
+                $user = User::where('username', $item['username'])->first();
                 if ($user) {
                     // Updating an existing user.
-                    $item["createorupdate"] = 'updated';
+                    $item['createorupdate'] = 'updated';
                 } else {
                     // Creating a new user.
                     $user = new User;
                     $user->password = $pass;
                     $user->activated = 0;
-                    $item["createorupdate"] = 'created';
+                    $item['createorupdate'] = 'created';
                 }
 
-                $user->first_name = $item["firstname"];
-                $user->last_name = $item["lastname"];
-                $user->username = $item["username"];
-                $user->email = $item["email"];
-                $user->employee_num = e($item["employee_number"]);
-                $user->phone = $item["telephone"];
-                $user->jobtitle = $item["jobtitle"];
-                $user->country = $item["country"];
+                $user->first_name = $item['firstname'];
+                $user->last_name = $item['lastname'];
+                $user->username = $item['username'];
+                $user->email = $item['email'];
+                $user->employee_num = e($item['employee_number']);
+                $user->phone = $item['telephone'];
+                $user->jobtitle = $item['jobtitle'];
+                $user->country = $item['country'];
                 $user->department_id = $department->id;
 
                 // Sync activated state for Active Directory.
-                if ( array_key_exists('useraccountcontrol', $results[$i]) ) {
+                if (array_key_exists('useraccountcontrol', $results[$i])) {
                     /* The following is _probably_ the correct logic, but we can't use it because
                        some users may have been dependent upon the previous behavior, and this
                        could cause additional access to be available to users they don't want
@@ -231,7 +230,7 @@ class LdapSync extends Command
                     } else {
                         $user->activated = 0;
                     } */
-                  $enabled_accounts = [
+                    $enabled_accounts = [
                     '512',    // 0x200    NORMAL_ACCOUNT
                     '544',    // 0x220    NORMAL_ACCOUNT, PASSWD_NOTREQD
                     '66048',  // 0x10200  NORMAL_ACCOUNT, DONT_EXPIRE_PASSWORD
@@ -240,27 +239,26 @@ class LdapSync extends Command
                     '262688', // 0x40220  NORMAL_ACCOUNT, PASSWD_NOTREQD, SMARTCARD_REQUIRED
                     '328192', // 0x50200  NORMAL_ACCOUNT, SMARTCARD_REQUIRED, DONT_EXPIRE_PASSWORD
                     '328224', // 0x50220  NORMAL_ACCOUNT, PASSWD_NOT_REQD, SMARTCARD_REQUIRED, DONT_EXPIRE_PASSWORD
-                    '4260352',// 0x410200 NORMAL_ACCOUNT, DONT_EXPIRE_PASSWORD, DONT_REQ_PREAUTH
-                    '1049088',// 0x100200 NORMAL_ACCOUNT, NOT_DELEGATED
+                    '4194816',// 0x400200 NORMAL_ACCOUNT, DONT_REQ_PREAUTH
+                    '4260352', // 0x410200 NORMAL_ACCOUNT, DONT_EXPIRE_PASSWORD, DONT_REQ_PREAUTH
+                    '1049088', // 0x100200 NORMAL_ACCOUNT, NOT_DELEGATED
                   ];
-                  $user->activated = ( in_array($results[$i]['useraccountcontrol'][0], $enabled_accounts) ) ? 1 : 0;
+                    $user->activated = (in_array($results[$i]['useraccountcontrol'][0], $enabled_accounts)) ? 1 : 0;
                 }
 
                 // If we're not using AD, and there isn't an activated flag set, activate all users
                 elseif (empty($ldap_result_active_flag)) {
-                  $user->activated = 1;
+                    $user->activated = 1;
                 }
 
                 if ($item['ldap_location_override'] == true) {
                     $user->location_id = $item['location_id'];
-                } elseif ((isset($location)) && (!empty($location))) {
-
+                } elseif ((isset($location)) && (! empty($location))) {
                     if ((is_array($location)) && (array_key_exists('id', $location))) {
                         $user->location_id = $location['id'];
                     } elseif (is_object($location)) {
                         $user->location_id = $location->id;
                     }
-
                 }
 
                 $user->ldap_import = 1;
@@ -268,31 +266,30 @@ class LdapSync extends Command
                 $errors = '';
 
                 if ($user->save()) {
-                    $item["note"] = $item["createorupdate"];
-                    $item["status"]='success';
+                    $item['note'] = $item['createorupdate'];
+                    $item['status'] = 'success';
                 } else {
                     foreach ($user->getErrors()->getMessages() as $key => $err) {
                         $errors .= $err[0];
                     }
-                    $item["note"] = $errors;
-                    $item["status"]='error';
+                    $item['note'] = $errors;
+                    $item['status'] = 'error';
                 }
 
                 array_push($summary, $item);
             }
-
         }
 
         if ($this->option('summary')) {
             for ($x = 0; $x < count($summary); $x++) {
-                if ($summary[$x]['status']=='error') {
+                if ($summary[$x]['status'] == 'error') {
                     $this->error('ERROR: '.$summary[$x]['firstname'].' '.$summary[$x]['lastname'].' (username:  '.$summary[$x]['username'].') was not imported: '.$summary[$x]['note']);
                 } else {
                     $this->info('User '.$summary[$x]['firstname'].' '.$summary[$x]['lastname'].' (username:  '.$summary[$x]['username'].') was '.strtoupper($summary[$x]['createorupdate']).'.');
                 }
             }
-        } else if ($this->option('json_summary')) {
-            $json_summary = [ "error" => false, "error_message" => "", "summary" => $summary ]; // hardcoding the error to false and the error_message to blank seems a bit weird
+        } elseif ($this->option('json_summary')) {
+            $json_summary = ['error' => false, 'error_message' => '', 'summary' => $summary]; // hardcoding the error to false and the error_message to blank seems a bit weird
             $this->info(json_encode($json_summary));
         } else {
             return $summary;

app/Console/Commands/LdapSyncNg.php

@@ -1,399 +0,0 @@
-<?php
-
-declare(strict_types=1);
-
-namespace App\Console\Commands;
-
-use Log;
-use Exception;
-use App\Models\User;
-use App\Services\LdapAd;
-use App\Models\Location;
-use Illuminate\Console\Command;
-use Adldap\Models\User as AdldapUser;
-
-/**
- * LDAP / AD sync command.
- *
- * @author Wes Hulette <jwhulette@gmail.com>
- *
- * @since 5.0.0
- */
-class LdapSyncNg extends Command
-{
-    /**
-     * The name and signature of the console command.
-     *
-     * @var string
-     */
-    protected $signature = 'snipeit:ldap-sync-ng 
-                {--location= : A location name } 
-                {--location_id= : A location id} 
-                {--base_dn= : A diffrent base DN to use } 
-                {--summary : Print summary } 
-                {--json_summary : Print summary in json format } 
-                {--dryrun : Run the sync process but don\'t update the database}';
-
-    /**
-     * The console command description.
-     *
-     * @var string
-     */
-    protected $description = 'Command line LDAP/AD sync';
-
-    /**
-     * An LdapAd instance.
-     *
-     * @var \App\Models\LdapAd
-     */
-    private $ldap;
-
-    /**
-     * LDAP settings collection.
-     *
-     * @var \Illuminate\Support\Collection
-     */
-    private $settings = null;
-
-    /**
-     * A default location collection.
-     *
-     * @var \Illuminate\Support\Collection
-     */
-    private $defaultLocation = null;
-
-    /**
-     * Mapped locations collection.
-     *
-     * @var \Illuminate\Support\Collection
-     */
-    private $mappedLocations = null;
-
-    /**
-     * The summary collection.
-     *
-     * @var \Illuminate\Support\Collection
-     */
-    private $summary;
-
-    /**
-     * Is dry-run?
-     *
-     * @var bool
-     */
-    private $dryrun = false;
-
-    /**
-     * Show users to be imported.
-     *
-     * @var array
-     */
-    private $userlist = [];
-
-    /**
-     * Create a new command instance.
-     */
-    public function __construct(LdapAd $ldap)
-    {
-        parent::__construct();
-        $this->ldap     = $ldap;
-        $this->settings = $this->ldap->ldapSettings;
-        $this->summary  = collect();
-    }
-
-    /**
-     * Execute the console command.
-     *
-     * @return mixed
-     */
-    public function handle()
-    {
-
-        $dispatcher =  \Adldap\Adldap::getEventDispatcher();
-
-        // Listen for all model events.
-        $dispatcher->listen('Adldap\Models\Events\*', function ($eventName, array $data) {
-            echo $eventName; // Returns 'Adldap\Models\Events\Updating'
-            var_dump($data); // Returns [0] => (object) Adldap\Models\Events\Updating;
-            \Log::debug("Event: ".$eventName." data - ".print_r($data, true));
-        });
-        $dispatcher->listen('Adldap\Auth\Events\*', function ($eventName, array $data) {
-            echo $eventName; // Returns 'Adldap\Models\Events\Updating'
-            var_dump($data); // Returns [0] => (object) Adldap\Models\Events\Updating;
-            \Log::debug("Event: ".$eventName." data - ".print_r($data, true));
-        });
-
-        ini_set('max_execution_time', env('LDAP_TIME_LIM', "600")); //600 seconds = 10 minutes
-        ini_set('memory_limit', '500M');
-        $old_error_reporting = error_reporting(); // grab old error_reporting .ini setting, for later re-enablement
-        error_reporting($old_error_reporting & ~E_DEPRECATED); // disable deprecation warnings, for LDAP in PHP 7.4 (and greater)
-
-        if ($this->option('dryrun')) {
-            $this->dryrun = true;
-        }
-        $this->checkIfLdapIsEnabled();
-        $this->checkLdapConnection();
-        $this->setBaseDn();
-        $this->getUserDefaultLocation();
-        /*
-         * Use the default location if set, this is needed for the LDAP users sync page
-         */
-        if (!$this->option('base_dn') && null == $this->defaultLocation) {
-            $this->getMappedLocations();
-        }
-        $this->processLdapUsers();
-        // Print table of users
-        if ($this->dryrun) {
-            $this->info('The following users will be synced!');
-            $headers = ['First Name', 'Last Name', 'Username', 'Email', 'Employee #', 'Location Id', 'Status'];
-            $this->table($headers, $this->summary->toArray());
-        }
-
-        error_reporting($old_error_reporting); // re-enable deprecation warnings.
-        return $this->getSummary();
-    }
-
-    /**
-     * Generate the LDAP sync summary.
-     *
-     * @author Wes Hulette <jwhulette@gmail.com>
-     *
-     * @since 5.0.0
-     *
-     * @return string
-     */
-    private function getSummary(): string
-    {
-        if ($this->option('summary') && null === $this->dryrun) {
-            $this->summary->each(function ($item) {
-                $this->info('USER: '.$item['note']);
-
-                if ('ERROR' === $item['status']) {
-                    $this->error('ERROR: '.$item['note']);
-                }
-            });
-        } elseif ($this->option('json_summary')) {
-            $json_summary = [
-                'error' => false,
-                'error_message' => '',
-                'summary' => $this->summary->toArray(),
-            ];
-            $this->info(json_encode($json_summary));
-        }
-
-        return '';
-    }
-
-    /**
-     * Create a new user or update an existing user.
-     *
-     * @author Wes Hulette <jwhulette@gmail.com>
-     *
-     * @since 5.0.0
-     *
-     * @param \Adldap\Models\User $snipeUser
-     */
-    private function updateCreateUser(AdldapUser $snipeUser): void
-    {
-        $user = $this->ldap->processUser($snipeUser, $this->defaultLocation, $this->mappedLocations);
-        $summary = [
-            'firstname'       => $user->first_name,
-            'lastname'        => $user->last_name,
-            'username'        => $user->username,
-            'employee_number' => $user->employee_num,
-            'email'           => $user->email,
-            'location_id'     => $user->location_id,
-        ];
-        // Only update the database if is not a dry run
-        if (!$this->dryrun) {
-            if ($user->isDirty()) { //if nothing on the user changed, don't bother trying to save anything nor put anything in the summary
-                if ($user->save()) {
-                    $summary['note']   = ($user->wasRecentlyCreated ? 'CREATED' : 'UPDATED');
-                    $summary['status'] = 'SUCCESS';
-                } else {
-                    $errors = '';
-                    foreach ($user->getErrors()->getMessages() as  $error) {
-                        $errors .= implode(", ",$error);
-                    }
-                    $summary['note']   = $snipeUser->getDN().' was not imported. REASON: '.$errors;
-                    $summary['status'] = 'ERROR';
-                }
-            } else {
-                $summary = null;
-            }
-        }
-
-        // $summary['note'] = ($user->getOriginal('username') ? 'UPDATED' : 'CREATED'); // this seems, kinda, like, superfluous, relative to the $summary['note'] thing above, yeah?
-        if($summary) { //if the $user wasn't dirty, $summary was set to null so that we will skip the following push()
-            $this->summary->push($summary);
-        }
-    }
-
-    /**
-     * Process the users to update / create.
-     *
-     * @author Wes Hulette <jwhulette@gmail.com>
-     *
-     * @since 5.0.0
-     *
-     */
-    private function processLdapUsers(): void
-    {
-        try {
-            \Log::debug("CAL:LING GET LDAP SUSERS");
-            $ldapUsers = $this->ldap->getLdapUsers();
-            \Log::debug("END CALLING GET LDAP USERS");
-        } catch (Exception $e) {
-            $this->outputError($e);
-            exit($e->getMessage());
-        }
-
-        if (0 == $ldapUsers->count()) {
-            $msg = 'ERROR: No users found!';
-            Log::error($msg);
-            if ($this->dryrun) {
-                $this->error($msg);
-            }
-            exit($msg);
-        }
-
-        // Process each individual users
-        foreach ($ldapUsers->getResults() as $user) { // AdLdap2's paginate() method is weird, it gets *everything* and ->getResults() returns *everything*
-            $this->updateCreateUser($user);
-        }
-    }
-
-    /**
-     * Get the mapped locations if a base_dn is provided.
-     *
-     * @author Wes Hulette <jwhulette@gmail.com>
-     *
-     * @since 5.0.0
-     */
-    private function getMappedLocations()
-    {
-        $ldapOuLocation = Location::where('ldap_ou', '!=', '')->select(['id', 'ldap_ou'])->get();
-        $locations = $ldapOuLocation->sortBy(function ($ou, $key) {
-            return strlen($ou->ldap_ou);
-        });
-        if ($locations->count() > 0) {
-            $msg = 'Some locations have special OUs set. Locations will be automatically set for users in those OUs.';
-            LOG::debug($msg);
-            if ($this->dryrun) {
-                $this->info($msg);
-            }
-
-            $this->mappedLocations = $locations->pluck('ldap_ou', 'id'); // TODO: this seems ok-ish, but the key-> value is going location_id -> OU name, and the primary action here is the opposite of that - going from OU's to location ID's.
-        }
-    }
-
-    /**
-     * Set the base dn if supplied.
-     *
-     * @author Wes Hulette <jwhulette@gmail.com>
-     *
-     * @since 5.0.0
-     */
-    private function setBaseDn(): void
-    {
-        if ($this->option('base_dn')) {
-            $this->ldap->baseDn = $this->option('base_dn');
-            $msg = sprintf('Importing users from specified base DN: "%s"', $this->ldap->baseDn);
-            LOG::debug($msg);
-            if ($this->dryrun) {
-                $this->info($msg);
-            }
-        }
-    }
-
-    /**
-     * Get a default location id for imported users.
-     *
-     * @author Wes Hulette <jwhulette@gmail.com>
-     *
-     * @since 5.0.0
-     */
-    private function getUserDefaultLocation(): void
-    {
-        $location = $this->option('location_id') ?? $this->option('location');
-        if ($location) {
-            $userLocation = Location::where('name', '=', $location)
-                ->orWhere('id', '=', intval($location))
-                ->select(['name', 'id'])
-                ->first();
-            if ($userLocation) {
-                $msg = 'Importing users with default location: '.$userLocation->name.' ('.$userLocation->id.')';
-                LOG::debug($msg);
-
-                if ($this->dryrun) {
-                    $this->info($msg);
-                }
-
-                $this->defaultLocation = collect([
-                    $userLocation->id => $userLocation->name,
-                ]);
-            } else {
-                $msg = 'The supplied location is invalid!';
-                LOG::error($msg);
-                if ($this->dryrun) {
-                    $this->error($msg);
-                }
-                exit(0);
-            }
-        }
-    }
-
-    /**
-     * Check if LDAP intergration is enabled.
-     *
-     * @author Wes Hulette <jwhulette@gmail.com>
-     *
-     * @since 5.0.0
-     */
-    private function checkIfLdapIsEnabled(): void
-    {
-        if (false === $this->settings['ldap_enabled']) {
-            $msg = 'LDAP intergration is not enabled. Exiting sync process.';
-            $this->info($msg);
-            Log::info($msg);
-            exit(0);
-        }
-    }
-
-    /**
-     * Check to make sure we can access the server.
-     *
-     * @author Wes Hulette <jwhulette@gmail.com>
-     *
-     * @since 5.0.0
-     */
-    private function checkLdapConnection(): void
-    {
-        try {
-            $this->ldap->testLdapAdUserConnection();
-            $this->ldap->testLdapAdBindConnection();
-        } catch (Exception $e) {
-            $this->outputError($e);
-            exit(0);
-        }
-    }
-
-    /**
-     * Output the json summary to the screen if enabled.
-     *
-     * @param Exception $error
-     */
-    private function outputError($error): void
-    {
-        if ($this->option('json_summary')) {
-            $json_summary = [
-                'error' => true,
-                'error_message' => $error->getMessage(),
-                'summary' => [],
-            ];
-            $this->info(json_encode($json_summary));
-        }
-        $this->error($error->getMessage());
-        LOG::error($error);
-    }
-}

app/Console/Commands/LdapTroubleshooter.php

@@ -0,0 +1,503 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+use App\Models\Setting;
+use Exception;
+use Crypt;
+
+/**
+ * Check if a given ip is in a network
+ * @param  string $ip    IP to check in IPV4 format eg. 127.0.0.1
+ * @param  string $range IP/CIDR netmask eg. 127.0.0.0/24, also 127.0.0.1 is accepted and /32 assumed
+ * @return boolean true if the ip is in this range / false if not.
+ */
+function ip_in_range( $ip, $range ) {
+	if ( strpos( $range, '/' ) == false ) {
+		$range .= '/32';
+	}
+	// $range is in IP/CIDR format eg 127.0.0.1/24
+	list( $range, $netmask ) = explode( '/', $range, 2 );
+	$range_decimal = ip2long( $range );
+	$ip_decimal = ip2long( $ip );
+	$wildcard_decimal = pow( 2, ( 32 - $netmask ) ) - 1;
+	$netmask_decimal = ~ $wildcard_decimal;
+	return ( ( $ip_decimal & $netmask_decimal ) == ( $range_decimal & $netmask_decimal ) );
+}
+// NOTE - this function was shamelessly stolen from this gist: https://gist.github.com/tott/7684443
+
+class LdapTroubleshooter extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'ldap:troubleshoot
+                            {--ldap-search : Output an ldapsearch command-line for testing your LDAP config}
+                            {--force : Skip the interactive yes/no prompt for confirmation}
+                            {--debug : Include debugging output (verbose)}
+                            {--trace : Include extremely verbose LDAP trace output}
+                            {--timeout=15 : Timeout for LDAP Bind operations}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Runs a series of non-destructive LDAP commands to help try and determine correct LDAP settings for your environment.';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Output something *only* if debug is enabled
+     * 
+     * @return void
+     */
+    public function debugout($string)
+    {
+        if($this->option('debug')) {
+            $this->line($string);
+        }
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+        if($this->option('trace')) {
+    	    ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7);
+        }
+
+        $settings = Setting::getSettings();
+        $this->settings = $settings;
+        if($this->option('ldap-search')) {
+            if(!$this->option('force')) {
+                $confirmation = $this->confirm('WARNING: This command will display your LDAP password on your terminal. Are you sure this is ok?');
+                if(!$confirmation) {
+                    $this->error('ABORTING');
+                    exit(-1);
+                }
+            }
+            $output = [];
+            if($settings->ldap_server_cert_ignore) {
+                $this->line("# Ignoring server certificate validity");
+                $output[] = "LDAPTLS_REQCERT=never";
+            }
+            if($settings->ldap_client_tls_cert && $settings->ldap_client_tls_key) {
+                $this->line("# Adding LDAP Client Certificate and Key");
+                $output[] = "LDAPTLS_CERT=storage/ldap_client_tls.cert";
+                $output[] = "LDAPTLS_KEY=storage/ldap_client_tls.key";
+            }
+            $output[] = "ldapsearch";
+            $output[] = $settings->ldap_server;
+            $output[] = "-x";
+            $output[] = "-b ".escapeshellarg($settings->ldap_basedn);
+            $output[] = "-D ".escapeshellarg($settings->ldap_uname);
+            $output[] = "-w ".escapeshellarg(\Crypt::Decrypt($settings->ldap_pword));
+            if(substr($settings->ldap_filter,0,1) == "(" ) {
+                $output[] = escapeshellarg($settings->ldap_filter);
+            } else {
+                $output[] = escapeshellarg("(".$settings->ldap_filter.")");
+            }
+            if($settings->ldap_tls) {
+                $this->line("# adding STARTTLS option");
+                $output[] = "-Z";
+            }
+            $output[] = "-v";
+            $this->line("\n");
+            $this->line(implode(" \\\n",$output));
+            exit(0);
+        }
+        if(!$this->option('force')) {
+            $confirmation = $this->confirm('WARNING: This command will make several attempts to connect to your LDAP server. Are you sure this is ok?');
+            if(!$confirmation) {
+                $this->error('ABORTING');
+                exit(-1);
+            }
+        }
+        //$this->line(print_r($settings,true));
+        $this->info("STAGE 1: Checking settings");
+        if(!$settings->ldap_enabled) {
+            $this->error("WARNING: Snipe-IT's LDAP setting is not turned on. (That may be OK if you're still trying to figure out settings)");
+        }
+
+        $ldap_conn = false;
+        try {
+            $ldap_conn = ldap_connect($settings->ldap_server);
+        } catch (Exception $e) {
+            $this->error("WARNING: Exception caught when executing 'ldap_connect()' - ".$e->getMessage().". We will try to guess.");
+        }
+
+        if(!$ldap_conn) {
+            $this->error("WARNING: LDAP Server setting of: ".$settings->ldap_server." cannot be parsed. We will try to guess.");
+            //exit(-1);
+        }
+        //since we never use $ldap_conn again, we don't have to ldap_unbind() it (it's not even connected, tbh - that only happens at bind-time)
+
+        $parsed = parse_url($settings->ldap_server);
+
+        if(@$parsed['scheme'] != 'ldap' && @$parsed['scheme'] != 'ldaps') {
+            $this->error("WARNING: LDAP URL Scheme of '".@$parsed['scheme']."' is probably incorrect; should usually be ldap or ldaps");
+        }
+
+        if(!@$parsed['host']) {
+            $this->error("ERROR: Cannot determine hostname or IP from ldap URL: ".$settings->ldap_server.". ABORTING.");
+            exit(-1);
+        } else {
+            $this->info("Determined LDAP hostname to be: ".$parsed['host']);
+        }
+
+        $this->info("Performing DNS lookup of: ".$parsed['host']);
+        $ips = dns_get_record($parsed['host']);
+        $raw_ips = [];
+
+        //$this->info("Host IP is: ".print_r($ips,true));
+
+        if(!$ips || count($ips) == 0) {
+            $this->error("ERROR: DNS lookup of host: ".$parsed['host']." has failed. ABORTING.");
+            exit(-1);
+        }
+        $this->debugout("IP's? ".print_r($ips,true));
+        foreach($ips as $ip) {
+            if(!isset($ip['ip'])) {
+                continue;
+            }
+            $raw_ips[]=$ip['ip'];
+            if($ip['ip'] == "127.0.0.1") {
+                $this->error("WARNING: Using the localhost IP as the LDAP server. This is usually wrong");
+            }
+            if(ip_in_range($ip['ip'],'10.0.0.0/8') || ip_in_range($ip['ip'],'192.168.0.0/16') || ip_in_range($ip['ip'], '172.16.0.0/12')) {
+                $this->error("WARNING: Using an RFC1918 Private address for LDAP server. This may be correct, but it can be a problem if your Snipe-IT instance is not hosted on your private network");
+            }
+        }
+
+        $this->info("STAGE 2: Checking basic network connectivity");
+        $ports = [389,636];
+        if(@$parsed['port'] && !in_array($parsed['port'],$ports)) {
+            $ports[] = $parsed['port'];
+        }
+
+        $open_ports=[];
+        foreach($ports as $port ) {
+            $errno = 0;
+            $errstr = '';
+            $timeout = 30.0;
+            $result = '';
+            $this->info("Attempting to connect to port: ".$port." - may take up to $timeout seconds");
+            try {
+                $result = fsockopen($parsed['host'], $port, $errno, $errstr, 30.0);
+            } catch(Exception $e) {
+                $this->error("Exception: ".$e->getMessage());
+            }
+            if($result) {
+                $this->info("Success!");
+                $open_ports[] = $port;
+            } else {
+                $this->error("WARNING: Cannot connect to port: $port - $errstr ($errno)");
+            }
+        }
+
+        if(count($open_ports) == 0) {
+            $this->error("ERROR - no open ports. ABORTING.");
+            exit(-1);
+        }
+
+        $this->info("STAGE 3: Determine encryption algorithm, if any");
+
+        $ldap_urls = [];
+        $pretty_ldap_urls = [];
+        foreach($open_ports as $port) {
+            $this->line("Trying TLS first for port $port");
+            $ldap_url = "ldaps://".$parsed['host'].":$port";
+            if($this->test_anonymous_bind($ldap_url)) {
+                $this->info("Anonymous bind succesful to $ldap_url!");
+                $ldap_urls[] = [ $ldap_url, true, false ];
+                $pretty_ldap_urls[] = [ $ldap_url, "YES", "no" ];
+                continue; // TODO - lots of copypasta in these if(test_anonymous_bind()) routines...
+            } else {
+                $this->error("WARNING: Failed to bind to $ldap_url - trying without certificate checks.");
+            }
+
+            if($this->test_anonymous_bind($ldap_url, false)) {
+                $this->info("Anonymous bind succesful to $ldap_url with certifcate-checks disabled");
+                $ldap_urls[] = [ $ldap_url, false, false ]; 
+                $pretty_ldap_urls[] = [ $ldap_url, "no", "no" ]; 
+                continue;
+            } else {
+                $this->error("WARNING: Failed to bind to $ldap_url with certificate checks disabled. Trying unencrypted with STARTTLS");
+            }
+
+            $ldap_url = "ldap://".$parsed['host'].":$port";
+            if($this->test_anonymous_bind($ldap_url, true, true)) {
+                $this->info("Plain connection to $ldap_url with STARTTLS succesful!");
+                $ldap_urls[] = [ $ldap_url, true, true ];
+                $pretty_ldap_urls[] = [ $ldap_url, "YES", "YES" ];
+                continue;
+            } else {
+                $this->error("WARNING: Failed to bind to $ldap_url with STARTTLS enabled. Trying without STARTTLS");
+            }
+
+            if($this->test_anonymous_bind($ldap_url)) {
+                $this->info("Plain connection to $ldap_url succesful!");
+                $ldap_urls[] = [ $ldap_url, true, false ];
+                $pretty_ldap_urls[] = [ $ldap_url, "YES", "no" ];
+                continue;
+            } else {
+                $this->error("WARNING: Failed to bind to $ldap_url. Giving up on port $port");
+            }
+        }
+
+        $this->debugout(print_r($ldap_urls,true));
+
+        if(count($ldap_urls) > 0 ) {
+            $this->info("Found working LDAP URL's: ");
+            foreach($ldap_urls as $ldap_url) { // TODO maybe do this as a $this->table() instead?
+                $this->info("LDAP URL: ".$ldap_url[0]);
+                $this->info($ldap_url[0]. ($ldap_url[1] ? " certificate checks enabled" : " certificate checks disabled"). ($ldap_url[2] ? " STARTTLS Enabled ": " STARTTLS Disabled"));
+            }
+            $this->table(["URL", "Cert Checks Enabled?", "STARTTLS Enabled?"],$pretty_ldap_urls);
+        } else {
+            $this->error("ERROR - no valid LDAP URL's available - ABORTING");
+            exit(1);
+        }
+
+        $this->info("STAGE 4: Test Administrative Bind for LDAP Sync");
+        foreach($ldap_urls AS $ldap_url) {
+            $this->test_authed_bind($ldap_url[0], $ldap_url[1], $ldap_url[2], $settings->ldap_uname, Crypt::decrypt($settings->ldap_pword));
+        }
+
+        $this->info("STAGE 5: Test BaseDN");
+        //grab all LDAP_ constants and fill up a reversed array mapping from weird LDAP dotted-strings to (Constant Name)
+        $all_defined_constants = get_defined_constants();
+        $ldap_constants = [];
+        foreach($all_defined_constants AS $key => $val) {
+            if(starts_with($key,"LDAP_") && is_string($val)) {
+                $ldap_constants[$val] = $key; // INVERT the meaning here!
+            }
+        }
+        $this->debugout("LDAP constants are: ".print_r($ldap_constants,true));
+
+        // recursive function that 'cleans' the returned array from ldap_get_entries which are formatted awfully
+        $cleaner = function ($array) {
+            $cleaned = [];
+            for($i = 0; $i < $array['count']; $i++) {
+                $row = $array[$i];
+                $clean_row = [];
+                foreach($row AS $key => $val ) {
+                    $this->debugout("Key is: ".$key);
+                    if($key == "count" || is_int($key) || $key == "dn") {
+                        $this->debugout(" and we're gonna skip it\n");
+                        continue;
+                    }
+                    $this->debugout(" And that seems fine.\n");
+                    if(array_key_exists('count',$val)) {
+                        if($val['count'] == 1) {
+                            $clean_row[$key] = $val[0];
+                        } else {
+                            unset($val['count']); //these counts are annoying
+                            $elements = [];
+                            foreach($val as $entry) {
+                                if(isset($ldap_constants[$entry])) {
+                                    $elements[] = $ldap_constants[$entry];
+                                } else {
+                                    $elements[] = $entry;
+                                }
+                            }
+                            $clean_row[$key] = $elements;
+                        }
+                    } else {
+                        $clean_row[$key] = $val;
+                    }
+                }
+                $cleaned[$i] = $clean_row;
+            }
+            return $cleaned;
+        };
+        
+        foreach($ldap_urls AS $ldap_url) {
+            if($this->test_informational_bind($ldap_url[0],$ldap_url[1],$ldap_url[2],$settings->ldap_uname,Crypt::decrypt($settings->ldap_pword))) {
+                $this->info("Success getting informational bind!");
+            } else {
+                $this->error("Unable to get information from bind.");
+            }
+        }
+
+        $this->info("STAGE 6: Test LDAP Login to Snipe-IT");
+        foreach($ldap_urls AS $ldap_url) {
+            $this->info("Starting auth to ".$ldap_url[0]);
+            while(true) {
+                $with_tls = $ldap_url[1] ? "with": "without";
+                $with_startssl = $ldap_url[2] ? "using": "not using";
+                if(!$this->confirm('Do you wish to try to authenticate to this directory: '.$ldap_url[0]." $with_tls TLS and $with_startssl STARTSSL?")) {
+                    break;
+                }
+                $username = $this->ask("Username");
+                $password = $this->secret("Password");
+                $this->test_authed_bind($ldap_url[0], $ldap_url[1], $ldap_url[2], $username, $password); // FIXME - should do some other stuff here, maybe with the concatenating or something? maybe? and/or should put up some results?
+            }
+        }
+
+        $this->info("LDAP TROUBLESHOOTING COMPLETE!");
+    }
+
+    public function connect_to_ldap($ldap_url, $check_cert, $start_tls) 
+    {
+        $lconn = ldap_connect($ldap_url);
+        ldap_set_option($lconn, LDAP_OPT_PROTOCOL_VERSION, 3); // should we 'test' different protocol versions here? Does anyone even use anything other than LDAPv3?
+                                                             // no - it's formally deprecated: https://tools.ietf.org/html/rfc3494
+        if(!$check_cert) {
+            putenv('LDAPTLS_REQCERT=never'); // This is horrible; is this *really* the only way to do it?
+        } else {
+            putenv('LDAPTLS_REQCERT'); // have to very explicitly and manually *UN* set the env var here to ensure it works
+        }
+        if($this->settings->ldap_client_tls_cert && $this->settings->ldap_client_tls_key) {
+            // client-side TLS certificate support for LDAP (Google Secure LDAP)
+            putenv('LDAPTLS_CERT=storage/ldap_client_tls.cert');
+            putenv('LDAPTLS_KEY=storage/ldap_client_tls.key');
+        }
+        if($start_tls) {
+            if(!ldap_start_tls($lconn)) {
+                $this->error("WARNING: Unable to start TLS");
+                return false;
+            }
+        }
+        if(!$lconn) {
+            $this->error("WARNING: Failed to generate connection string - using: ".$ldap_url);
+            return false;
+        }
+        $net = ldap_set_option($lconn, LDAP_OPT_NETWORK_TIMEOUT, $this->option('timeout'));
+        $time = ldap_set_option($lconn, LDAP_OPT_TIMELIMIT, $this->option('timeout'));
+        if(!$net || !$time) {
+            $this->error("Unable to set timeouts!");
+        }
+        return $lconn;
+    }
+
+    public function test_anonymous_bind($ldap_url, $check_cert = true, $start_tls = false)
+    {
+        return $this->timed_boolean_execute(function () use ($ldap_url, $check_cert , $start_tls) {
+            try {
+                $lconn = $this->connect_to_ldap($ldap_url, $check_cert, $start_tls);
+                $this->info("gonna try to bind now, this can take a while if we mess it up");
+                $bind_results = ldap_bind($lconn);
+                $this->info("Bind results are: ".$bind_results." which translate into boolean: ".(bool)$bind_results);
+                return (bool)$bind_results;
+            } catch (Exception $e) {
+                $this->error("WARNING: Exception caught during bind - ".$e->getMessage());
+                return false;
+            }
+        });
+    }
+
+    public function test_authed_bind($ldap_url, $check_cert, $start_tls, $username, $password) 
+    {
+        return $this->timed_boolean_execute(function () use ($ldap_url, $check_cert, $start_tls, $username, $password) {
+            try {
+                $lconn = $this->connect_to_ldap($ldap_url, $check_cert, $start_tls);
+                $bind_results = ldap_bind($lconn, $username, $password);
+                if(!$bind_results) {
+                    $this->error("WARNING: Failed to bind to $ldap_url as $username");
+                    return false;
+                } else {
+                    $this->info("SUCCESS - Able to bind to $ldap_url as $username");
+                    return (bool)$lconn;
+                }
+            } catch (Exception $e) {
+                $this->error("WARNING: Exception caught during Authed bind to $username - ".$e->getMessage());
+                return false;
+            }
+        });
+    }
+
+    public function test_informational_bind($ldap_url, $check_cert, $start_tls, $username, $password)
+    {
+        return $this->timed_boolean_execute(function () use ($ldap_url, $check_cert, $start_tls, $username, $password) {
+            try { // TODO - copypasta'ed from test_authed_bind
+                $conn = $this->connect_to_ldap($ldap_url, $check_cert, $start_tls);
+                $bind_results = ldap_bind($conn, $username, $password);
+                if(!$bind_results) {
+                    $this->error("WARNING: Failed to bind to $ldap_url as $username");
+                    return false;
+                }
+                $this->info("SUCCESS - Able to bind to $ldap_url as $username");
+                $result = ldap_read($conn, '', '(objectClass=*)'/* , ['supportedControl']*/);
+                $results = ldap_get_entries($conn, $result);
+                $cleaned_results = $cleaner($results);
+                $this->line(print_r($cleaned_results,true));
+                //okay, great - now how do we display those results? I have no idea.
+                // I don't see why this throws an Exception for Google LDAP, but I guess we ought to try and catch it?
+                $this->comment("I guess we're trying to do the ldap search here, but sometimes it takes too long?");
+                $search_results = ldap_search($conn, $settings->base_dn, $settings->filter);
+                $this->info("Printing first 10 results: ");
+                for($i=0;$i<10;$i++) {
+                    $this->info($search_results[$i]);
+                }
+            } catch (\Exception $e) {
+                $this->error("WARNING: Exception caught during Authed bind to $username - ".$e->getMessage());
+                return false;
+            }
+        });
+    }
+
+    /***********************************************
+     * 
+     * This function executes $function - which is expected to be some kind of executable function - 
+     * with a timeout set. It respects the timeout by forking execution and setting a strict timer
+     * for which to get back a SIGUSR1 or SIGUSR2 signal from the forked process.
+     * 
+     ***********************************************/
+    private function timed_boolean_execute($function)
+    {
+        if(!(function_exists('pcntl_sigtimedwait') && function_exists('posix_getpid') && function_exists('pcntl_fork') && function_exists('posix_kill') && function_exists('pcntl_wifsignaled'))) {
+            // POSIX functions needed for forking aren't present, just run the function inline (ignoring timeout)
+            $this->info('WARNING: Unable to execute POSIX fork() commands, timeout may not be respected');
+            return $function();
+        } else {
+            $parent_pid = posix_getpid();
+            $pid = pcntl_fork();
+            switch($pid) {
+                case 0:
+                    //we're the 'child'
+                    if($function()) {
+                        //SUCCESS = SIGUSR1
+                        posix_kill($parent_pid, SIGUSR1);
+                    } else {
+                        //FAILURE = SIGUSR2
+                        posix_kill($parent_pid, SIGUSR2);
+                    }
+                    exit();
+                    break; //yes I know we don't need it.
+                case -1:
+                    //couldn't fork
+                    $this->error("COULD NOT FORK - assuming failure");
+                    return false;
+                    break; //I still know that we don't need it
+                default:
+                    //we remain the 'parent', $pid is the PID of the forked process.
+                    $siginfo = [];
+                    $exit_status = pcntl_sigtimedwait ([SIGUSR1, SIGUSR2], $siginfo, $this->option('timeout'));
+                    if ($exit_status == SIGUSR1) {
+                        return true;
+                    } else {
+                        posix_kill($pid, SIGKILL); //make sure we don't have processes hanging around that might try and send signals during later executions, confusing us
+                        return false;
+                    }
+                    break; //Yeah I get it already, shush.
+            }
+        }
+
+    }
+}

app/Console/Commands/MergeUsersByUsername.php

@@ -2,10 +2,9 @@
 
 namespace App\Console\Commands;
 
-use Illuminate\Console\Command;
 use App\Models\User;
 use Carbon\Carbon;
-
+use Illuminate\Console\Command;
 
 class MergeUsersByUsername extends Command
 {
@@ -44,7 +43,7 @@ class MergeUsersByUsername extends Command
         $users = User::where('username', 'LIKE', '%@%')->whereNull('deleted_at')->get();
 
         foreach ($users as $user) {
-            $parts = explode("@", $user->username);
+            $parts = explode('@', $user->username);
             $bad_users = User::where('username', '=', $parts[0])->whereNull('deleted_at')->with('assets', 'manager', 'userlog', 'licenses', 'consumables', 'accessories', 'managedLocations')->get();
 
             foreach ($bad_users as $bad_user) {
@@ -52,61 +51,55 @@ class MergeUsersByUsername extends Command
 
                 // Walk the list of assets
                 foreach ($bad_user->assets as $asset) {
-                    $this->info( 'Updating asset '.$asset->asset_tag.' '.$asset->id.' to user '.$user->id);
+                    $this->info('Updating asset '.$asset->asset_tag.' '.$asset->id.' to user '.$user->id);
                     $asset->assigned_to = $user->id;
-                    if (!$asset->save()) {
-                        $this->error( 'Could not update assigned_to field on asset '.$asset->asset_tag.' '.$asset->id.' to user '.$user->id);
-                        $this->error( 'Error saving: '.$asset->getErrors());
+                    if (! $asset->save()) {
+                        $this->error('Could not update assigned_to field on asset '.$asset->asset_tag.' '.$asset->id.' to user '.$user->id);
+                        $this->error('Error saving: '.$asset->getErrors());
                     }
                 }
 
                 // Walk the list of licenses
                 foreach ($bad_user->licenses as $license) {
-                    $this->info( 'Updating license '.$license->name.' '.$license->id.' to user '.$user->id);
+                    $this->info('Updating license '.$license->name.' '.$license->id.' to user '.$user->id);
                     $bad_user->licenses()->updateExistingPivot($license->id, ['assigned_to' => $user->id]);
                 }
 
                 // Walk the list of consumables
                 foreach ($bad_user->consumables as $consumable) {
-                    $this->info( 'Updating consumable '.$consumable->id.' to user '.$user->id);
+                    $this->info('Updating consumable '.$consumable->id.' to user '.$user->id);
                     $bad_user->consumables()->updateExistingPivot($consumable->id, ['assigned_to' => $user->id]);
                 }
 
                 // Walk the list of accessories
                 foreach ($bad_user->accessories as $accessory) {
-                    $this->info( 'Updating accessory '.$accessory->id.' to user '.$user->id);
+                    $this->info('Updating accessory '.$accessory->id.' to user '.$user->id);
                     $bad_user->accessories()->updateExistingPivot($accessory->id, ['assigned_to' => $user->id]);
                 }
 
                 // Walk the list of logs
                 foreach ($bad_user->userlog as $log) {
-                    $this->info( 'Updating action log record '.$log->id.' to user '.$user->id);
+                    $this->info('Updating action log record '.$log->id.' to user '.$user->id);
                     $log->target_id = $user->id;
                     $log->save();
                 }
 
                 // Update any manager IDs
-                $this->info( 'Updating managed user records to user '.$user->id);
+                $this->info('Updating managed user records to user '.$user->id);
                 User::where('manager_id', '=', $bad_user->id)->update(['manager_id' => $user->id]);
 
-
                 // Update location manager IDs
                 foreach ($bad_user->managedLocations as $managedLocation) {
-                    $this->info( 'Updating managed location record '.$managedLocation->name.' to manager '.$user->id);
+                    $this->info('Updating managed location record '.$managedLocation->name.' to manager '.$user->id);
                     $managedLocation->manager_id = $user->id;
                     $managedLocation->save();
                 }
 
                 // Mark the user as deleted
-                $this->info( 'Marking the user as deleted');
+                $this->info('Marking the user as deleted');
                 $bad_user->deleted_at = Carbon::now()->timestamp;
                 $bad_user->save();
-
-
             }
-
         }
-
-
     }
 }

app/Console/Commands/MoveUploadsToNewDisk.php

@@ -2,7 +2,6 @@
 
 namespace App\Console\Commands;
 
-
 use Illuminate\Console\Command;
 use Illuminate\Support\Facades\Storage;
 
@@ -39,39 +38,37 @@ class MoveUploadsToNewDisk extends Command
      */
     public function handle()
     {
-
-        if (config('filesystems.default')=='local') {
+        if (config('filesystems.default') == 'local') {
             $this->error('Your current disk is set to local so we cannot proceed.');
             $this->warn("Please configure your .env settings for S3. \nChange your PUBLIC_FILESYSTEM_DISK value to 's3_public' and your PRIVATE_FILESYSTEM_DISK to s3_private.");
+
             return false;
         }
         $delete_local = $this->argument('delete_local');
 
-        $public_uploads['accessories'] = glob('public/accessories'."/*.*");
-        $public_uploads['assets'] = glob('public/assets'."/*.*");
-        $public_uploads['avatars'] = glob('public/avatars'."/*.*");
-        $public_uploads['categories'] = glob('public/categories'."/*.*");
-        $public_uploads['companies'] = glob('public/companies'."/*.*");
-        $public_uploads['components'] = glob('public/components'."/*.*");
-        $public_uploads['consumables'] = glob('public/consumables'."/*.*");
-        $public_uploads['departments'] = glob('public/departments'."/*.*");
-        $public_uploads['locations'] = glob('public/locations'."/*.*");
-        $public_uploads['manufacturers'] = glob('public/manufacturers'."/*.*");
-        $public_uploads['suppliers'] = glob('public/suppliers'."/*.*");
-        $public_uploads['assetmodels'] = glob('public/models'."/*.*");
-
+        $public_uploads['accessories'] = glob('public/accessories'.'/*.*');
+        $public_uploads['assets'] = glob('public/assets'.'/*.*');
+        $public_uploads['avatars'] = glob('public/avatars'.'/*.*');
+        $public_uploads['categories'] = glob('public/categories'.'/*.*');
+        $public_uploads['companies'] = glob('public/companies'.'/*.*');
+        $public_uploads['components'] = glob('public/components'.'/*.*');
+        $public_uploads['consumables'] = glob('public/consumables'.'/*.*');
+        $public_uploads['departments'] = glob('public/departments'.'/*.*');
+        $public_uploads['locations'] = glob('public/locations'.'/*.*');
+        $public_uploads['manufacturers'] = glob('public/manufacturers'.'/*.*');
+        $public_uploads['suppliers'] = glob('public/suppliers'.'/*.*');
+        $public_uploads['assetmodels'] = glob('public/models'.'/*.*');
 
         // iterate files
-        foreach($public_uploads as $public_type => $public_upload)
-        {
+        foreach ($public_uploads as $public_type => $public_upload) {
             $type_count = 0;
-            $this->info("- There are ".count($public_upload).' PUBLIC '.$public_type.' files.');
+            $this->info('- There are '.count($public_upload).' PUBLIC '.$public_type.' files.');
 
             for ($i = 0; $i < count($public_upload); $i++) {
                 $type_count++;
                 $filename = basename($public_upload[$i]);
 
-                try  {
+                try {
                     Storage::disk('public')->put('uploads/'.public_type.'/'.$filename, file_get_contents($public_upload[$i]));
                     $new_url = Storage::disk('public')->url('uploads/'.$public_type.'/'.$filename, $filename);
                     $this->info($type_count.'. PUBLIC: '.$filename.' was copied to '.$new_url);
@@ -79,13 +76,11 @@ class MoveUploadsToNewDisk extends Command
                     \Log::debug($e);
                     $this->error($e);
                 }
-
             }
-
         }
 
-        $logos = glob("public/uploads/setting*.*");
-        $this->info("- There are ".count($logos).' files that might be logos.');
+        $logos = glob('public/uploads/setting*.*');
+        $this->info('- There are '.count($logos).' files that might be logos.');
         $type_count = 0;
 
         foreach ($logos as $logo) {
@@ -96,41 +91,35 @@ class MoveUploadsToNewDisk extends Command
             $this->info($type_count.'. LOGO: '.$filename.' was copied to '.env('PUBLIC_AWS_URL').'/uploads/'.$filename);
         }
 
-        $private_uploads['assets'] = glob('storage/private_uploads/assets'."/*.*");
-        $private_uploads['signatures'] = glob('storage/private_uploads/signatures'."/*.*");
-        $private_uploads['audits'] = glob('storage/private_uploads/audits'."/*.*");
-        $private_uploads['assetmodels'] = glob('storage/private_uploads/assetmodels'."/*.*");
-        $private_uploads['imports'] = glob('storage/private_uploads/imports'."/*.*");
-        $private_uploads['licenses'] = glob('storage/private_uploads/licenses'."/*.*");
-        $private_uploads['users'] = glob('storage/private_uploads/users'."/*.*");
-        $private_uploads['backups'] = glob('storage/private_uploads/users'."/*.*");
+        $private_uploads['assets'] = glob('storage/private_uploads/assets'.'/*.*');
+        $private_uploads['signatures'] = glob('storage/private_uploads/signatures'.'/*.*');
+        $private_uploads['audits'] = glob('storage/private_uploads/audits'.'/*.*');
+        $private_uploads['assetmodels'] = glob('storage/private_uploads/assetmodels'.'/*.*');
+        $private_uploads['imports'] = glob('storage/private_uploads/imports'.'/*.*');
+        $private_uploads['licenses'] = glob('storage/private_uploads/licenses'.'/*.*');
+        $private_uploads['users'] = glob('storage/private_uploads/users'.'/*.*');
+        $private_uploads['backups'] = glob('storage/private_uploads/users'.'/*.*');
 
-
-        foreach($private_uploads as $private_type => $private_upload)
-        {
-            $this->info("- There are ".count($private_upload).' PRIVATE '.$private_type.' files.');
+        foreach ($private_uploads as $private_type => $private_upload) {
+            $this->info('- There are '.count($private_upload).' PRIVATE '.$private_type.' files.');
 
             $type_count = 0;
             for ($x = 0; $x < count($private_upload); $x++) {
                 $type_count++;
                 $filename = basename($private_upload[$x]);
 
-                try  {
+                try {
                     Storage::put($private_type.'/'.$filename, file_get_contents($private_upload[$i]));
                     $new_url = Storage::url($private_type.'/'.$filename, $filename);
                     $this->info($type_count.'. PRIVATE: '.$filename.' was copied to '.$new_url);
-
                 } catch (\Exception $e) {
                     \Log::debug($e);
                     $this->error($e);
                 }
-
             }
-
         }
 
-
-        if ($delete_local=='true') {
+        if ($delete_local == 'true') {
             $public_delete_count = 0;
             $private_delete_count = 0;
 
@@ -139,10 +128,8 @@ class MoveUploadsToNewDisk extends Command
             $this->warn("\nTHIS WILL DELETE ALL OF YOUR LOCAL UPLOADED FILES. \n\nThis cannot be undone, so you should take a backup of your system before you proceed.\n");
             $this->error('!!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!');
 
-            if ($this->confirm("Do you wish to continue?")) {
-
-                foreach($public_uploads as $public_type => $public_upload) {
-
+            if ($this->confirm('Do you wish to continue?')) {
+                foreach ($public_uploads as $public_type => $public_upload) {
                     for ($i = 0; $i < count($public_upload); $i++) {
                         $filename = $public_upload[$i];
                         try {
@@ -152,13 +139,10 @@ class MoveUploadsToNewDisk extends Command
                             \Log::debug($e);
                             $this->error($e);
                         }
-
                     }
                 }
 
-                foreach($private_uploads as $private_type => $private_upload)
-                {
-
+                foreach ($private_uploads as $private_type => $private_upload) {
                     for ($i = 0; $i < count($private_upload); $i++) {
                         $filename = $private_upload[$i];
                         try {
@@ -168,16 +152,11 @@ class MoveUploadsToNewDisk extends Command
                             \Log::debug($e);
                             $this->error($e);
                         }
-
                     }
                 }
 
-                $this->info($public_delete_count." PUBLIC local files and ".$private_delete_count." PRIVATE local files were deleted from your filesystem.");
+                $this->info($public_delete_count.' PUBLIC local files and '.$private_delete_count.' PRIVATE local files were deleted from your filesystem.');
             }
         }
-
-
-
-
     }
 }

app/Console/Commands/ObjectImportCommand.php

@@ -1,4 +1,5 @@
 <?php
+
 namespace App\Console\Commands;
 
 use Illuminate\Console\Command;
@@ -13,7 +14,6 @@ ini_set('memory_limit', env('IMPORT_MEMORY_LIMIT', '500M'));
  */
 class ObjectImportCommand extends Command
 {
-
     /**
      * The console command name.
      *
@@ -37,7 +37,9 @@ class ObjectImportCommand extends Command
     {
         parent::__construct();
     }
+
     private $bar;
+
     /**
      * Execute the console command.
      *
@@ -55,7 +57,6 @@ class ObjectImportCommand extends Command
                  ->setShouldNotify($this->option('send-welcome'))
                  ->setUsernameFormat($this->option('username_format'));
 
-
         // This $logFile/useFiles() bit is currently broken, so commenting it out for now
         // $logFile = $this->option('logfile');
         // \Log::useFiles($logFile);
@@ -64,29 +65,28 @@ class ObjectImportCommand extends Command
 
         $this->bar = null;
 
-        if (!empty($this->errors)) {
-            $this->comment("The following Errors were encountered.");
+        if (! empty($this->errors)) {
+            $this->comment('The following Errors were encountered.');
             foreach ($this->errors as $asset => $error) {
-                $this->comment('Error: Item: ' . $asset . ' failed validation: ' . json_encode($error));
+                $this->comment('Error: Item: '.$asset.' failed validation: '.json_encode($error));
             }
         } else {
-            $this->comment("All Items imported successfully!");
+            $this->comment('All Items imported successfully!');
         }
-        $this->comment("");
-
-        return;
+        $this->comment('');
     }
 
     public function errorCallback($item, $field, $errorString)
     {
         $this->errors[$item->name][$field] = $errorString;
     }
+
     public function progress($count)
     {
-        if (!$this->bar) {
+        if (! $this->bar) {
             $this->bar = $this->output->createProgressBar($count);
         }
-        static $index =0;
+        static $index = 0;
         $index++;
         if ($index < $count) {
             $this->bar->advance();
@@ -94,12 +94,12 @@ class ObjectImportCommand extends Command
             $this->bar->finish();
         }
     }
+
     // Tracks the current item for error messages
     private $updating;
     // An array of errors encountered while parsing
     private $errors;
 
-
     /**
      * Log a message to file, configurable by the --log-file parameter.
      * If a warning message is passed, we'll spit it to the console as well.
@@ -108,7 +108,7 @@ class ObjectImportCommand extends Command
      * @since 3.0
      * @param string $string
      * @param string $level
-    */
+     */
     public function log($string, $level = 'info')
     {
         if ($level === 'warning') {
@@ -121,6 +121,7 @@ class ObjectImportCommand extends Command
             }
         }
     }
+
     /**
      * Get the console command arguments.
      *
@@ -130,12 +131,11 @@ class ObjectImportCommand extends Command
      */
     protected function getArguments()
     {
-        return array(
-            array('filename', InputArgument::REQUIRED, 'File for the CSV import.'),
-        );
+        return [
+            ['filename', InputArgument::REQUIRED, 'File for the CSV import.'],
+        ];
     }
 
-
     /**
      * Get the console command options.
      *
@@ -145,16 +145,15 @@ class ObjectImportCommand extends Command
      */
     protected function getOptions()
     {
-        return array(
-        array('email_format', null, InputOption::VALUE_REQUIRED, 'The format of the email addresses that should be generated. Options are firstname.lastname, firstname, filastname', null),
-        array('username_format', null, InputOption::VALUE_REQUIRED, 'The format of the username that should be generated. Options are firstname.lastname, firstname, filastname, email', null),
-        array('logfile', null, InputOption::VALUE_REQUIRED, 'The path to log output to.  storage/logs/importer.log by default', storage_path('logs/importer.log') ),
-        array('item-type', null, InputOption::VALUE_REQUIRED, 'Item Type To import.  Valid Options are Asset, Consumable, Accessory, License, or User', 'Asset'),
-        array('web-importer', null, InputOption::VALUE_NONE, 'Internal: packages output for use with the web importer'),
-        array('user_id', null, InputOption::VALUE_REQUIRED, 'ID of user creating items', 1),
-        array('update', null, InputOption::VALUE_NONE, 'If a matching item is found, update item information'),
-        array('send-welcome', null, InputOption::VALUE_NONE, 'Whether to send a welcome email to any new users that are created.'),
-        );
-
+        return [
+        ['email_format', null, InputOption::VALUE_REQUIRED, 'The format of the email addresses that should be generated. Options are firstname.lastname, firstname, filastname', null],
+        ['username_format', null, InputOption::VALUE_REQUIRED, 'The format of the username that should be generated. Options are firstname.lastname, firstname, filastname, email', null],
+        ['logfile', null, InputOption::VALUE_REQUIRED, 'The path to log output to.  storage/logs/importer.log by default', storage_path('logs/importer.log')],
+        ['item-type', null, InputOption::VALUE_REQUIRED, 'Item Type To import.  Valid Options are Asset, Consumable, Accessory, License, or User', 'Asset'],
+        ['web-importer', null, InputOption::VALUE_NONE, 'Internal: packages output for use with the web importer'],
+        ['user_id', null, InputOption::VALUE_REQUIRED, 'ID of user creating items', 1],
+        ['update', null, InputOption::VALUE_NONE, 'If a matching item is found, update item information'],
+        ['send-welcome', null, InputOption::VALUE_NONE, 'Whether to send a welcome email to any new users that are created.'],
+        ];
     }
 }

app/Console/Commands/Purge.php

@@ -50,7 +50,7 @@ class Purge extends Command
     public function handle()
     {
         $force = $this->option('force');
-        if (($this->confirm("\n****************************************************\nTHIS WILL PURGE ALL SOFT-DELETED ITEMS IN YOUR SYSTEM. \nThere is NO undo. This WILL permanently destroy \nALL of your deleted data. \n****************************************************\n\nDo you wish to continue? No backsies! [y|N]")) ||  $force == 'true') {
+        if (($this->confirm("\n****************************************************\nTHIS WILL PURGE ALL SOFT-DELETED ITEMS IN YOUR SYSTEM. \nThere is NO undo. This WILL permanently destroy \nALL of your deleted data. \n****************************************************\n\nDo you wish to continue? No backsies! [y|N]")) || $force == 'true') {
 
             /**
              * Delete assets
@@ -80,9 +80,8 @@ class Purge extends Command
                 $location->forceDelete();
             }
 
-
             $accessories = Accessory::whereNotNull('deleted_at')->withTrashed()->get();
-            $accessory_assoc=0;
+            $accessory_assoc = 0;
             $this->info($accessories->count().' accessories purged.');
             foreach ($accessories as $accessory) {
                 $this->info('- Accessory "'.$accessory->name.'" deleted.');
@@ -92,7 +91,6 @@ class Purge extends Command
             }
             $this->info($accessory_assoc.' corresponding log records purged.');
 
-
             $consumables = Consumable::whereNotNull('deleted_at')->withTrashed()->get();
             $this->info($consumables->count().' consumables purged.');
             foreach ($consumables as $consumable) {
@@ -101,7 +99,6 @@ class Purge extends Command
                 $consumable->forceDelete();
             }
 
-
             $components = Component::whereNotNull('deleted_at')->withTrashed()->get();
             $this->info($components->count().' components purged.');
             foreach ($components as $component) {
@@ -126,7 +123,6 @@ class Purge extends Command
                 $model->forceDelete();
             }
 
-
             $categories = Category::whereNotNull('deleted_at')->withTrashed()->get();
             $this->info($categories->count().' categories purged.');
             foreach ($categories as $category) {
@@ -165,11 +161,8 @@ class Purge extends Command
                 $this->info('- Status Label "'.$status_label->name.'" deleted.');
                 $status_label->forceDelete();
             }
-
-
         } else {
             $this->info('Action canceled. Nothing was purged.');
         }
-
     }
 }

app/Console/Commands/PurgeLoginAttempts.php

@@ -38,7 +38,7 @@ class PurgeLoginAttempts extends Command
     public function handle()
     {
         if ($this->confirm("\n****************************************************\nTHIS WILL DELETE ALL OF THE YOUR LOGIN ATTEMPT RECORDS. \nThere is NO undo! \n****************************************************\n\nDo you wish to continue? No backsies! [y|N]")) {
-                \DB::statement('delete from login_attempts');
+            \DB::statement('delete from login_attempts');
         }
     }
 }

app/Console/Commands/ReEncodeCustomFieldNames.php

@@ -48,15 +48,13 @@ class ReEncodeCustomFieldNames extends Command
      */
     public function handle()
     {
-
-        if ($this->confirm('This will regenerate all of the custom field database fieldnames in your database. THIS WILL CHANGE YOUR SCHEMA AND SHOULD NOT BE DONE WITHOUT MAKING A BACKUP FIRST. Do you wish to continue?'))
-        {
+        if ($this->confirm('This will regenerate all of the custom field database fieldnames in your database. THIS WILL CHANGE YOUR SCHEMA AND SHOULD NOT BE DONE WITHOUT MAKING A BACKUP FIRST. Do you wish to continue?')) {
 
             /** Get all of the custom fields */
             $fields = CustomField::get();
 
             $asset_columns = \DB::getSchemaBuilder()->getColumnListing('assets');
-            $custom_field_columns = array();
+            $custom_field_columns = [];
 
             /** Loop through the columns on the assets table */
             foreach ($asset_columns as $asset_column) {
@@ -71,18 +69,16 @@ class ReEncodeCustomFieldNames extends Command
                      * Then use that ID as the array key for use comparing the actual assets field name
                      * and the db_column value from the custom fields table.
                      */
-                    $last_part = substr(strrchr($asset_column, "_snipeit_"), 1);
+                    $last_part = substr(strrchr($asset_column, '_snipeit_'), 1);
                     $custom_field_columns[$last_part] = $asset_column;
                 }
             }
 
             foreach ($fields as $field) {
-
-                $this->info($field->name .' ('.$field->id.') column should be '. $field->convertUnicodeDbSlug().'');
+                $this->info($field->name.' ('.$field->id.') column should be '.$field->convertUnicodeDbSlug().'');
 
                 /** The assets table has the column it should have, all is well */
-                if (\Schema::hasColumn('assets', $field->convertUnicodeDbSlug()))
-                {
+                if (\Schema::hasColumn('assets', $field->convertUnicodeDbSlug())) {
                     $this->info('-- ✓ This field exists - all good');
 
                 /**
@@ -90,24 +86,23 @@ class ReEncodeCustomFieldNames extends Command
                  * what $field->convertUnicodeDbSlug() is *now* expecting.
                  */
                 } else {
-                        $this->warn('-- X Field mismatch: updating... ');
+                    $this->warn('-- X Field mismatch: updating... ');
 
-                        /** Make sure the custom_field_columns array has the ID */
-                        if (array_key_exists($field->id, $custom_field_columns)) {
+                    /** Make sure the custom_field_columns array has the ID */
+                    if (array_key_exists($field->id, $custom_field_columns)) {
 
-                            /**
-                             * Update the asset schema to the corrected fieldname that will be recognized by the
-                             *  system elsewhere that we use $field->convertUnicodeDbSlug()
-                             */
-                            \Schema::table('assets', function($table) use ($custom_field_columns, $field) {
-                                $table->renameColumn($custom_field_columns[$field->id], $field->convertUnicodeDbSlug());
-                            });
+                        /**
+                         * Update the asset schema to the corrected fieldname that will be recognized by the
+                         *  system elsewhere that we use $field->convertUnicodeDbSlug()
+                         */
+                        \Schema::table('assets', function ($table) use ($custom_field_columns, $field) {
+                            $table->renameColumn($custom_field_columns[$field->id], $field->convertUnicodeDbSlug());
+                        });
 
-                            $this->warn('-- ✓ Field updated from '.$custom_field_columns[$field->id].' to '.$field->convertUnicodeDbSlug());
-
-                        } else {
-                            $this->warn('-- X WARNING: There is no field on the assets table ending in  '.$field->id.'. This may require more in-depth investigation and may mean the schema was altered manually.');
-                        }
+                        $this->warn('-- ✓ Field updated from '.$custom_field_columns[$field->id].' to '.$field->convertUnicodeDbSlug());
+                    } else {
+                        $this->warn('-- X WARNING: There is no field on the assets table ending in  '.$field->id.'. This may require more in-depth investigation and may mean the schema was altered manually.');
+                    }
                 }
 
                 /** Update the db_column property in the custom fields table, just in case it doesn't match the other
@@ -115,12 +110,7 @@ class ReEncodeCustomFieldNames extends Command
                  */
                 $field->db_column = $field->convertUnicodeDbSlug();
                 $field->save();
-
-
             }
-
         }
-
-
     }
 }

app/Console/Commands/RecryptFromMcrypt.php

@@ -44,37 +44,35 @@ class RecryptFromMcrypt extends Command
     public function handle()
     {
 
-
         // Check and see if they have a legacy app key listed in their .env
         // If not, we can try to use the current APP_KEY if looks like it's old
         $legacy_key = env('LEGACY_APP_KEY');
         $key_parts = explode(':', $legacy_key);
         $legacy_cipher = env('LEGACY_CIPHER', 'rijndael-256');
-        $errors = array();
+        $errors = [];
 
-        if (!$legacy_key) {
+        if (! $legacy_key) {
             $this->error('ERROR: You do not have a LEGACY_APP_KEY set in your .env file. Please locate your old APP_KEY and ADD a line to your .env file like: LEGACY_APP_KEY=YOUR_OLD_APP_KEY');
+
             return false;
         }
 
-
         // Do some basic legacy app key length checks
         if (strlen($legacy_key) == 32) {
             $legacy_length_check = true;
-        } elseif (array_key_exists('1', $key_parts) && (strlen($key_parts[1])==44)) {
-            $legacy_key = base64_decode($key_parts[1],true);
+        } elseif (array_key_exists('1', $key_parts) && (strlen($key_parts[1]) == 44)) {
+            $legacy_key = base64_decode($key_parts[1], true);
             $legacy_length_check = true;
         } else {
             $legacy_length_check = false;
         }
-   
-
 
         // Check that the app key is 32 characters
         if ($legacy_length_check === true) {
             $this->comment('INFO: Your LEGACY_APP_KEY looks correct. Okay to continue.');
         } else {
             $this->error('ERROR: Your LEGACY_APP_KEY is not the correct length (32 characters or base64 followed by 44 characters for later versions). Please locate your old APP_KEY and use that as your LEGACY_APP_KEY in your .env file to continue.');
+
             return false;
         }
 
@@ -84,8 +82,7 @@ class RecryptFromMcrypt extends Command
 
         $force = ($this->option('force')) ? true : false;
 
-        if ($force || ($this->confirm("Are you SURE you wish to continue?"))) {
-
+        if ($force || ($this->confirm('Are you SURE you wish to continue?'))) {
             $backup_file = 'backups/env-backups/'.'app_key-'.date('Y-m-d-gis');
 
             try {
@@ -95,15 +92,14 @@ class RecryptFromMcrypt extends Command
                 $this->info('WARNING: Could not backup app keys');
             }
 
-
-            if ($legacy_cipher){
-                $mcrypter = new McryptEncrypter($legacy_key,$legacy_cipher);
-            }else{
+            if ($legacy_cipher) {
+                $mcrypter = new McryptEncrypter($legacy_key, $legacy_cipher);
+            } else {
                 $mcrypter = new McryptEncrypter($legacy_key);
             }
             $settings = Setting::getSettings();
 
-            if ($settings->ldap_pword=='') {
+            if ($settings->ldap_pword == '') {
                 $this->comment('INFO: No LDAP password found. Skipping... ');
             } else {
                 $decrypted_ldap_pword = $mcrypter->decrypt($settings->ldap_pword);
@@ -111,30 +107,28 @@ class RecryptFromMcrypt extends Command
                 $settings->save();
             }
             /** @var CustomField[] $custom_fields */
-            $custom_fields = CustomField::where('field_encrypted','=', 1)->get();
+            $custom_fields = CustomField::where('field_encrypted', '=', 1)->get();
             $this->comment('INFO: Retrieving encrypted custom fields...');
 
             $query = Asset::withTrashed();
 
             foreach ($custom_fields as $custom_field) {
-                $this->comment('FIELD TO RECRYPT:  '.$custom_field->name .' ('.$custom_field->db_column.')');
+                $this->comment('FIELD TO RECRYPT:  '.$custom_field->name.' ('.$custom_field->db_column.')');
                 $query->orWhereNotNull($custom_field->db_column);
             }
 
-
             // Get all assets with a value in any of the fields that were encrypted
             /** @var Asset[] $assets */
             $assets = $query->get();
 
             $bar = $this->output->createProgressBar(count($assets));
 
-
             foreach ($assets as $asset) {
                 foreach ($custom_fields as $encrypted_field) {
                     $columnName = $encrypted_field->db_column;
 
                     // Make sure the value isn't null
-                    if ($asset->{$columnName}!='') {
+                    if ($asset->{$columnName} != '') {
                         // Try to decrypt the payload using the legacy app key
                         try {
                             $decrypted_field = $mcrypter->decrypt($asset->{$columnName});
@@ -144,14 +138,11 @@ class RecryptFromMcrypt extends Command
                             $errors[] = ' - ERROR: Could not decrypt field ['.$encrypted_field->name.']: '.$e->getMessage();
                         }
                     }
-
                 }
                 $asset->save();
                 $bar->advance();
             }
 
-
-
             $bar->finish();
 
             if (count($errors) > 0) {
@@ -162,6 +153,5 @@ class RecryptFromMcrypt extends Command
                 }
             }
         }
-
     }
 }

app/Console/Commands/RegenerateAssetTags.php

@@ -40,30 +40,26 @@ class RegenerateAssetTags extends Command
      */
     public function handle()
     {
-
-        if ($this->confirm('This will regenerate all of the asset tags within your system. This action is data-destructive and should be used with caution. Do you wish to continue?'))
-        {
-
+        if ($this->confirm('This will regenerate all of the asset tags within your system. This action is data-destructive and should be used with caution. Do you wish to continue?')) {
             $output['info'] = [];
             $output['warn'] = [];
             $output['error'] = [];
             $settings = Setting::getSettings();
 
-            $start_tag = ($this->option('start')) ? $this->option('start') : (($settings->next_auto_tag_base) ? Setting::getSettings()->next_auto_tag_base : 1) ;
+            $start_tag = ($this->option('start')) ? $this->option('start') : (($settings->next_auto_tag_base) ? Setting::getSettings()->next_auto_tag_base : 1);
 
             $this->info('Starting at '.$start_tag);
 
-            $total_assets = Asset::orderBy('id','asc')->get();
+            $total_assets = Asset::orderBy('id', 'asc')->get();
             $bar = $this->output->createProgressBar(count($total_assets));
 
-            try  {
+            try {
                 Artisan::call('backup:run');
             } catch (\Exception $e) {
                 $output['error'][] = $e;
             }
 
             foreach ($total_assets as $asset) {
-                
                 $start_tag++;
                 $output['info'][] = 'Asset tag:'.$asset->asset_tag;
                 $asset->asset_tag = $settings->auto_increment_prefix.$settings->auto_increment_prefix.$start_tag;
@@ -81,24 +77,21 @@ class RegenerateAssetTags extends Command
             $bar->finish();
             $this->info("\n");
 
-
-            if (($this->option('output')=='all') || ($this->option('output')=='info')) {
+            if (($this->option('output') == 'all') || ($this->option('output') == 'info')) {
                 foreach ($output['info'] as $key => $output_text) {
                     $this->info($output_text);
                 }
             }
-            if (($this->option('output')=='all') || ($this->option('output')=='warn')) {
+            if (($this->option('output') == 'all') || ($this->option('output') == 'warn')) {
                 foreach ($output['warn'] as $key => $output_text) {
                     $this->warn($output_text);
                 }
             }
-            if (($this->option('output')=='all') || ($this->option('output')=='error')) {
+            if (($this->option('output') == 'all') || ($this->option('output') == 'error')) {
                 foreach ($output['error'] as $key => $output_text) {
                     $this->error($output_text);
                 }
             }
         }
-
-
     }
 }

app/Console/Commands/RestoreDeletedUsers.php

@@ -43,16 +43,15 @@ class RestoreDeletedUsers extends Command
      */
     public function handle()
     {
-
         $start_date = $this->option('start_date');
         $end_date = $this->option('end_date');
         $asset_totals = 0;
         $license_totals = 0;
         $user_count = 0;
 
-
-        if (($start_date=='') || ($end_date=='')) {
+        if (($start_date == '') || ($end_date == '')) {
             $this->info('ERROR: All fields are required.');
+
             return false;
         }
 
@@ -63,15 +62,15 @@ class RestoreDeletedUsers extends Command
 
         foreach ($users as $user) {
             $user_count++;
-            $user_logs = Actionlog::where('target_id', $user->id)->where('target_type',User::class)
-                ->where('action_type','checkout')->with('item')->get();
+            $user_logs = Actionlog::where('target_id', $user->id)->where('target_type', User::class)
+                ->where('action_type', 'checkout')->with('item')->get();
 
-            $this->info($user_count.'. '.$user->username.' ('.$user->id.') was deleted at '.$user->deleted_at. ' and has '.$user_logs->count().' checkouts associated.');
+            $this->info($user_count.'. '.$user->username.' ('.$user->id.') was deleted at '.$user->deleted_at.' and has '.$user_logs->count().' checkouts associated.');
 
             foreach ($user_logs as $user_log) {
                 $this->info('  * '.$user_log->item_type.': '.$user_log->item->name.' - item_id: '.$user_log->item_id);
 
-                if ($user_log->item_type==Asset::class) {
+                if ($user_log->item_type == Asset::class) {
                     $asset_totals++;
 
                     DB::table('assets')
@@ -79,11 +78,10 @@ class RestoreDeletedUsers extends Command
                         ->update(['assigned_to' => $user->id, 'assigned_type'=> User::class]);
 
                     $this->info('      ** Asset '.$user_log->item->id.' ('.$user_log->item->asset_tag.') restored to user '.$user->id.'');
-
-                } elseif ($user_log->item_type==License::class) {
+                } elseif ($user_log->item_type == License::class) {
                     $license_totals++;
 
-                    $avail_seat = DB::table('license_seats')->where('license_id','=',$user_log->item->id)
+                    $avail_seat = DB::table('license_seats')->where('license_id', '=', $user_log->item->id)
                         ->whereNull('assigned_to')->whereNull('asset_id')->whereBetween('updated_at', [$start_date, $end_date])->first();
                     if ($avail_seat) {
                         $this->info('      ** Allocating seat '.$avail_seat->id.' for this License');
@@ -91,27 +89,17 @@ class RestoreDeletedUsers extends Command
                         DB::table('license_seats')
                             ->where('id', $avail_seat->id)
                             ->update(['assigned_to' => $user->id]);
-
                     } else {
                         $this->warn('ERROR: No available seats for '.$user_log->item->name);
                     }
-
                 }
-
             }
 
             $this->warn('Restoring user '.$user->username.'!');
             $user->restore();
-
-
         }
 
         $this->info($asset_totals.' assets affected');
         $this->info($license_totals.' licenses affected');
-
-
-
     }
-
-
 }

app/Console/Commands/RestoreFromBackup.php

@@ -3,7 +3,6 @@
 namespace App\Console\Commands;
 
 use Illuminate\Console\Command;
-
 use ZipArchive;
 
 class RestoreFromBackup extends Command
@@ -15,7 +14,7 @@ class RestoreFromBackup extends Command
      */
     protected $signature = 'snipeit:restore 
                                             {--force : Skip the danger prompt; assuming you hit "y"} 
-                                            {filename : The zip file to be migrated}
+                                            {filename : The full path of the .zip file to be migrated}
                                             {--no-progress : Don\'t show a progress bar}';
 
     /**
@@ -23,7 +22,7 @@ class RestoreFromBackup extends Command
      *
      * @var string
      */
-    protected $description = 'Restore from a previously created backup';
+    protected $description = 'Restore from a previously created Snipe-IT backup file';
 
     /**
      * Create a new command instance.
@@ -35,6 +34,8 @@ class RestoreFromBackup extends Command
         parent::__construct();
     }
 
+    public static $buffer_size = 1024 * 1024;  // use a 1MB buffer, ought to work fine for most cases?
+
     /**
      * Execute the console command.
      *
@@ -43,20 +44,23 @@ class RestoreFromBackup extends Command
     public function handle()
     {
         $dir = getcwd();
-        print "Current working directory is: $dir\n";
+        if( $dir != base_path() ) { // usually only the case when running via webserver, not via command-line
+            \Log::debug("Current working directory is: $dir, changing directory to: ".base_path());
+            chdir(base_path()); // TODO - is this *safe* to change on a running script?!
+        }
         //
         $filename = $this->argument('filename');
 
-        if (!$filename) {
-            return $this->error("Missing required filename");
+        if (! $filename) {
+            return $this->error('Missing required filename');
         }
 
-        if (!$this->option('force') && !$this->confirm('Are you sure you wish to restore from the given backup file? This can lead to MASSIVE DATA LOSS!')) {
-            return $this->error("Data loss not confirmed");
+        if (! $this->option('force') && ! $this->confirm('Are you sure you wish to restore from the given backup file? This can lead to MASSIVE DATA LOSS!')) {
+            return $this->error('Data loss not confirmed');
         }
 
         if (config('database.default') != 'mysql') {
-            return $this->error("DB_CONNECTION must be MySQL in order to perform a restore. Detected: ".config('database.default'));
+            return $this->error('DB_CONNECTION must be MySQL in order to perform a restore. Detected: '.config('database.default'));
         }
 
         $za = new ZipArchive();
@@ -64,18 +68,18 @@ class RestoreFromBackup extends Command
         $errcode = $za->open($filename/* , ZipArchive::RDONLY */); // that constant only exists in PHP 7.4 and higher
         if ($errcode !== true) {
             $errors = [
-                ZipArchive::ER_EXISTS => "File already exists.",
-                ZipArchive::ER_INCONS => "Zip archive inconsistent.",
-                ZipArchive::ER_INVAL => "Invalid argument.",
-                ZipArchive::ER_MEMORY => "Malloc failure.",
-                ZipArchive::ER_NOENT => "No such file.",
-                ZipArchive::ER_NOZIP => "Not a zip archive.",
+                ZipArchive::ER_EXISTS => 'File already exists.',
+                ZipArchive::ER_INCONS => 'Zip archive inconsistent.',
+                ZipArchive::ER_INVAL => 'Invalid argument.',
+                ZipArchive::ER_MEMORY => 'Malloc failure.',
+                ZipArchive::ER_NOENT => 'No such file ('.$filename.') in directory '.$dir.'.',
+                ZipArchive::ER_NOZIP => 'Not a zip archive.',
                 ZipArchive::ER_OPEN => "Can't open file.",
-                ZipArchive::ER_READ => "Read error.",
-                ZipArchive::ER_SEEK => "Seek error."
+                ZipArchive::ER_READ => 'Read error.',
+                ZipArchive::ER_SEEK => 'Seek error.',
             ];
 
-            return $this->error("Could not access file: ".$filename." - ".array_key_exists($errcode,$errors) ? $errors[$errcode] : " Unknown reason: $errcode");
+            return $this->error('Could not access file: '.$filename.' - '.array_key_exists($errcode, $errors) ? $errors[$errcode] : " Unknown reason: $errcode");
         }
 
 
@@ -86,11 +90,11 @@ class RestoreFromBackup extends Command
             'storage/private_uploads/assetmodels',
             'storage/private_uploads/users',
             'storage/private_uploads/licenses',
-            'storage/private_uploads/signatures'
+            'storage/private_uploads/signatures',
         ];
         $private_files = [
             'storage/oauth-private.key',
-            'storage/oauth-public.key'
+            'storage/oauth-public.key',
         ];
         $public_dirs = [
             'public/uploads/companies',
@@ -108,16 +112,16 @@ class RestoreFromBackup extends Command
             'public/uploads/models',
             'public/uploads/categories',
             'public/uploads/avatars',
-            'public/uploads/manufacturers'
+            'public/uploads/manufacturers',
         ];
-        
+
         $public_files = [
             'public/uploads/logo.*',
             'public/uploads/setting-email_logo*',
             'public/uploads/setting-label_logo*',
             'public/uploads/setting-logo*',
             'public/uploads/favicon.*',
-            'public/uploads/favicon-uploaded.*'
+            'public/uploads/favicon-uploaded.*',
         ];
 
         $all_files = $private_dirs + $public_dirs;
@@ -127,64 +131,64 @@ class RestoreFromBackup extends Command
 
         $interesting_files = [];
         $boring_files = [];
-        
-        for ($i=0; $i<$za->numFiles;$i++) {
+
+        for ($i = 0; $i < $za->numFiles; $i++) {
             $stat_results = $za->statIndex($i);
             // echo "index: $i\n";
             // print_r($stat_results);
-        
+
             $raw_path = $stat_results['name'];
-            if(strpos($raw_path,'\\')!==false) { //found a backslash, swap it to forward-slash
-                $raw_path = strtr($raw_path,'\\','/');
+            if (strpos($raw_path, '\\') !== false) { //found a backslash, swap it to forward-slash
+                $raw_path = strtr($raw_path, '\\', '/');
                 //print "Translating file: ".$stat_results['name']." to: ".$raw_path."\n";
             }
-        
+
             // skip macOS resource fork files (?!?!?!)
-            if(strpos($raw_path,"__MACOSX")!==false && strpos($raw_path,"._") !== false) {
+            if (strpos($raw_path, '__MACOSX') !== false && strpos($raw_path, '._') !== false) {
                 //print "SKIPPING macOS Resource fork file: $raw_path\n";
                 $boring_files[] = $raw_path;
                 continue;
             }
-            if(@pathinfo($raw_path)['extension'] == "sql") {
-                print "Found a sql file!\n";
+            if (@pathinfo($raw_path)['extension'] == 'sql') {
+                \Log::debug("Found a sql file!");
                 $sqlfiles[] = $raw_path;
                 $sqlfile_indices[] = $i;
                 continue;
             }
-        
-            foreach(array_merge($private_dirs,$public_dirs) as $dir) {
-                $last_pos = strrpos($raw_path,$dir.'/');
-                if($last_pos !== false ) {
+
+            foreach (array_merge($private_dirs, $public_dirs) as $dir) {
+                $last_pos = strrpos($raw_path, $dir.'/');
+                if ($last_pos !== false) {
                     //print("INTERESTING - last_pos is $last_pos when searching $raw_path for $dir - last_pos+strlen(\$dir) is: ".($last_pos+strlen($dir))." and strlen(\$rawpath) is: ".strlen($raw_path)."\n");
                     //print("We would copy $raw_path to $dir.\n"); //FIXME append to a path?
                     $interesting_files[$raw_path] = ['dest' =>$dir, 'index' => $i];
                     continue 2;
-                    if($last_pos + strlen($dir) +1 == strlen($raw_path)) {
+                    if ($last_pos + strlen($dir) + 1 == strlen($raw_path)) {
                         // we don't care about that; we just want files with the appropriate prefix
                         //print("FOUND THE EXACT DIRECTORY: $dir AT: $raw_path!!!\n");
                     }
                 }
             }
-            $good_extensions = ["png","gif","jpg","svg","jpeg","doc","docx","pdf","txt",
-                                "zip","rar","xls","xlsx","lic","xml","rtf", "webp","key","ico"];
-            foreach(array_merge($private_files, $public_files) as $file) {
-                $has_wildcard = (strpos($file,"*") !== false);
-                if($has_wildcard) {
-                    $file = substr($file,0,-1); //trim last character (which should be the wildcard)
+            $good_extensions = ['png', 'gif', 'jpg', 'svg', 'jpeg', 'doc', 'docx', 'pdf', 'txt',
+                                'zip', 'rar', 'xls', 'xlsx', 'lic', 'xml', 'rtf', 'webp', 'key', 'ico', ];
+            foreach (array_merge($private_files, $public_files) as $file) {
+                $has_wildcard = (strpos($file, '*') !== false);
+                if ($has_wildcard) {
+                    $file = substr($file, 0, -1); //trim last character (which should be the wildcard)
                 }
-                $last_pos = strrpos($raw_path,$file); // no trailing slash!
-                if($last_pos !== false ) {
+                $last_pos = strrpos($raw_path, $file); // no trailing slash!
+                if ($last_pos !== false) {
                     $extension = strtolower(pathinfo($raw_path, PATHINFO_EXTENSION));
-                    if(!in_array($extension, $good_extensions)) {
-                        $this->warn("Potentially unsafe file ".$raw_path." is being skipped");
+                    if (! in_array($extension, $good_extensions)) {
+                        $this->warn('Potentially unsafe file '.$raw_path.' is being skipped');
                         $boring_files[] = $raw_path;
                         continue 2;
                     }
                     //print("INTERESTING - last_pos is $last_pos when searching $raw_path for $file - last_pos+strlen(\$file) is: ".($last_pos+strlen($file))." and strlen(\$rawpath) is: ".strlen($raw_path)."\n");
                     //no wildcards found in $file, process 'normally'
-                    if($last_pos + strlen($file) == strlen($raw_path) || $has_wildcard) { //again, no trailing slash. or this is a wildcard and we just take it.
+                    if ($last_pos + strlen($file) == strlen($raw_path) || $has_wildcard) { //again, no trailing slash. or this is a wildcard and we just take it.
                         // print("FOUND THE EXACT FILE: $file AT: $raw_path!!!\n"); //we *do* care about this, though.
-                        $interesting_files[$raw_path] = ['dest' => dirname($file),'index' => $i];
+                        $interesting_files[$raw_path] = ['dest' => dirname($file), 'index' => $i];
                         continue 2;
                     }
                 }
@@ -194,11 +198,11 @@ class RestoreFromBackup extends Command
 
         // print_r($interesting_files);exit(-1);
 
-        if( count($sqlfiles) != 1) {
-            return $this->error("There should be exactly *one* sql backup file found, found: ".( count($sqlfiles) == 0 ? "None" : implode(", ",$sqlfiles)));
+        if (count($sqlfiles) != 1) {
+            return $this->error('There should be exactly *one* sql backup file found, found: '.(count($sqlfiles) == 0 ? 'None' : implode(', ', $sqlfiles)));
         }
 
-        if( strpos($sqlfiles[0], "db-dumps") === false ) {
+        if (strpos($sqlfiles[0], 'db-dumps') === false) {
             //return $this->error("SQL backup file is missing 'db-dumps' component of full pathname: ".$sqlfiles[0]);
             //older Snipe-IT installs don't have the db-dumps subdirectory component
         }
@@ -207,14 +211,20 @@ class RestoreFromBackup extends Command
         $pipes = [];
 
         $env_vars = getenv();
-        $env_vars['MYSQL_PWD'] = config("database.connections.mysql.password");
-        $proc_results = proc_open("mysql -h ".escapeshellarg(config('database.connections.mysql.host'))." -u ".escapeshellarg(config('database.connections.mysql.username'))." ".escapeshellarg(config('database.connections.mysql.database')), // yanked -p since we pass via ENV
-                                  [0 => ['pipe','r'],1 => ['pipe','w'],2 => ['pipe','w']],
+        $env_vars['MYSQL_PWD'] = config('database.connections.mysql.password');
+        // TODO notes: we are stealing the dump_binary_path (which *probably* also has your copy of the mysql binary in it. But it might not, so we might need to extend this)
+        //             we unilaterally prepend a slash to the `mysql` command. This might mean your path could look like /blah/blah/blah//mysql - which should be fine. But maybe in some environments it isn't?
+        $mysql_binary = config('database.connections.mysql.dump.dump_binary_path').'/mysql';
+        if( ! file_exists($mysql_binary) ) {
+            return $this->error("mysql tool at: '$mysql_binary' does not exist, cannot restore. Please edit DB_DUMP_PATH in your .env to point to a directory that contains the mysqldump and mysql binary");
+        }
+        $proc_results = proc_open("$mysql_binary -h ".escapeshellarg(config('database.connections.mysql.host')).' -u '.escapeshellarg(config('database.connections.mysql.username')).' '.escapeshellarg(config('database.connections.mysql.database')), // yanked -p since we pass via ENV
+                                  [0 => ['pipe', 'r'], 1 => ['pipe', 'w'], 2 => ['pipe', 'w']],
                                   $pipes,
                                   null,
                                   $env_vars); // this is not super-duper awesome-secure, but definitely more secure than showing it on the CLI, or dropping temporary files with passwords in them.
-        if($proc_results === false) {
-            return $this->error("Unable to invoke mysql via CLI");
+        if ($proc_results === false) {
+            return $this->error('Unable to invoke mysql via CLI');
         }
 
         // $this->info("Stdout says? ".fgets($pipes[1])); //FIXME: I think we might need to set non-blocking mode to use this properly?
@@ -232,13 +242,17 @@ class RestoreFromBackup extends Command
             $this->info($stdout);
             $stderr = fgets($pipes[2]);
             $this->info($stderr);
+
             return false;
         }
+        $bytes_read = 0;
 
-        while(($buffer = fgets($sql_contents)) !== false ) {
-            //$this->info("Buffer is: '$buffer'");
-            $bytes_written = fwrite($pipes[0],$buffer);
-            if($bytes_written === false) {
+        while (($buffer = fgets($sql_contents, self::$buffer_size)) !== false) {
+            $bytes_read += strlen($buffer);
+            // \Log::debug("Buffer is: '$buffer'");
+            $bytes_written = fwrite($pipes[0], $buffer);
+
+            if ($bytes_written === false) {
                 $stdout = fgets($pipes[1]);
                 $this->info($stdout);
                 $stderr = fgets($pipes[2]);
@@ -246,6 +260,11 @@ class RestoreFromBackup extends Command
                 return false;
             }
         }
+        
+        if (!feof($sql_contents) || $bytes_read == 0) {
+            return $this->error("Not at end of file for sql file, or zero bytes read. aborting!");
+        }
+    
         fclose($pipes[0]);
         fclose($sql_contents);
         
@@ -257,41 +276,40 @@ class RestoreFromBackup extends Command
 
         //wait, have to do fclose() on all pipes first?
         $close_results = proc_close($proc_results);
-        if($close_results != 0) {
-            return $this->error("There may have been a problem with the database import: Error number ".$close_results);
+        if ($close_results != 0) {
+            return $this->error('There may have been a problem with the database import: Error number '.$close_results);
         }
-        
+
         //and now copy the files over too (right?)
         //FIXME - we don't prune the filesystem space yet!!!!
-        if($this->option('no-progress')) {
+        if ($this->option('no-progress')) {
             $bar = null;
         } else {
             $bar = $this->output->createProgressBar(count($interesting_files));
         }
-        foreach($interesting_files AS $pretty_file_name => $file_details) {
+        foreach ($interesting_files as $pretty_file_name => $file_details) {
             $ugly_file_name = $za->statIndex($file_details['index'])['name'];
             $fp = $za->getStream($ugly_file_name);
             //$this->info("Weird problem, here are file details? ".print_r($file_details,true));
-            $migrated_file = fopen($file_details['dest']."/".basename($pretty_file_name),"w");
-            while(($buffer = fgets($fp))!== false) {
-                fwrite($migrated_file,$buffer);
+            $migrated_file = fopen($file_details['dest'].'/'.basename($pretty_file_name), 'w');
+            while (($buffer = fgets($fp, self::$buffer_size)) !== false) {
+                fwrite($migrated_file, $buffer);
             }
             fclose($migrated_file);
             fclose($fp);
             //$this->info("Wrote $ugly_file_name to $pretty_file_name");
-            if($bar) {
+            if ($bar) {
                 $bar->advance();
             }
         }
-        if($bar) {
+        if ($bar) {
             $bar->finish();
-            $this->line("");
+            $this->line('');
         } else {
-            $this->info(count($interesting_files)." files were succesfully transferred");
+            $this->info(count($interesting_files).' files were succesfully transferred');
         }
-        foreach($boring_files as $boring_file) {
-            $this->warn($boring_file." was skipped.");
+        foreach ($boring_files as $boring_file) {
+            $this->warn($boring_file.' was skipped.');
         }
-        
     }
 }

app/Console/Commands/RotateAppKey.php

@@ -2,12 +2,12 @@
 
 namespace App\Console\Commands;
 
-use Illuminate\Console\Command;
-use Artisan;
-use App\Models\CustomField;
 use App\Models\Asset;
+use App\Models\CustomField;
 use App\Models\Setting;
-use \Illuminate\Encryption\Encrypter;
+use Artisan;
+use Illuminate\Console\Command;
+use Illuminate\Encryption\Encrypter;
 
 class RotateAppKey extends Command
 {
@@ -42,9 +42,7 @@ class RotateAppKey extends Command
      */
     public function handle()
     {
-        if ($this->confirm("\n****************************************************\nTHIS WILL MODIFY YOUR APP_KEY AND DE-CRYPT YOUR ENCRYPTED CUSTOM FIELDS AND \nRE-ENCRYPT THEM WITH A NEWLY GENERATED KEY. \n\nThere is NO undo. \n\nMake SURE you have a database backup and a backup of your .env generated BEFORE running this command. \n\nIf you do not save the newly generated APP_KEY to your .env in this process, \nyour encrypted data will no longer be decryptable. \n\nAre you SURE you wish to continue, and have confirmed you have a database backup and an .env backup? "))  {
-
-
+        if ($this->confirm("\n****************************************************\nTHIS WILL MODIFY YOUR APP_KEY AND DE-CRYPT YOUR ENCRYPTED CUSTOM FIELDS AND \nRE-ENCRYPT THEM WITH A NEWLY GENERATED KEY. \n\nThere is NO undo. \n\nMake SURE you have a database backup and a backup of your .env generated BEFORE running this command. \n\nIf you do not save the newly generated APP_KEY to your .env in this process, \nyour encrypted data will no longer be decryptable. \n\nAre you SURE you wish to continue, and have confirmed you have a database backup and an .env backup? ")) {
 
             // Get the existing app_key and ciphers
             // We put them in a variable since we clear the cache partway through here.
@@ -73,33 +71,26 @@ class RotateAppKey extends Command
 
             $fields = CustomField::where('field_encrypted', '1')->get();
 
-
             foreach ($fields as $field) {
-
                 $assets = Asset::whereNotNull($field->db_column)->get();
 
                 foreach ($assets as $asset) {
-
                     $asset->{$field->db_column} = $oldEncrypter->decrypt($asset->{$field->db_column});
-                    $this->line('DECRYPTED: '. $field->db_column);
+                    $this->line('DECRYPTED: '.$field->db_column);
                     $asset->{$field->db_column} = $newEncrypter->encrypt($asset->{$field->db_column});
                     $this->line('ENCRYPTED: '.$field->db_column);
                     $asset->save();
-
                 }
-
             }
 
             // Handle the LDAP password if one is provided
             $setting = Setting::first();
-            if ($setting->ldap_pword!='') {
-                $setting->ldap_pword =  $oldEncrypter->decrypt($setting->ldap_pword);
-                $setting->ldap_pword =  $newEncrypter->encrypt($setting->ldap_pword);
+            if ($setting->ldap_pword != '') {
+                $setting->ldap_pword = $oldEncrypter->decrypt($setting->ldap_pword);
+                $setting->ldap_pword = $newEncrypter->encrypt($setting->ldap_pword);
                 $setting->save();
                 $this->warn('LDAP password has been re-encrypted.');
             }
-
-
         } else {
             $this->info('This operation has been canceled. No changes have been made.');
         }
@@ -113,7 +104,6 @@ class RotateAppKey extends Command
      */
     protected function writeNewEnvironmentFileWith($key)
     {
-
         file_put_contents($this->laravel->environmentFilePath(), preg_replace(
             $this->keyReplacementPattern(),
             'APP_KEY='.$key,
@@ -129,7 +119,7 @@ class RotateAppKey extends Command
     protected function keyReplacementPattern()
     {
         $escaped = preg_quote('='.$this->laravel['config']['app.key'], '/');
+
         return "/^APP_KEY{$escaped}/m";
     }
-
 }

app/Console/Commands/SendCurrentInventoryToUsers.php

@@ -39,22 +39,16 @@ class SendCurrentInventoryToUsers extends Command
      */
     public function handle()
     {
-
         $users = User::whereNull('deleted_at')->whereNotNull('email')->with('assets', 'accessories', 'licenses')->get();
 
         $count = 0;
         foreach ($users as $user) {
-
-            if (($user->assets->count() > 0) || ($user->accessories->count() > 0) || ($user->licenses->count() > 0))
-            {
+            if (($user->assets->count() > 0) || ($user->accessories->count() > 0) || ($user->licenses->count() > 0)) {
                 $count++;
                 $user->notify((new CurrentInventory($user)));
             }
-
         }
 
         $this->info($count.' users notified.');
-
-
     }
 }

app/Console/Commands/SendExpectedCheckinAlerts.php

@@ -3,12 +3,12 @@
 namespace App\Console\Commands;
 
 use App\Models\Asset;
+use App\Models\Recipients\AlertRecipient;
 use App\Models\Setting;
 use App\Notifications\ExpectedCheckinAdminNotification;
 use App\Notifications\ExpectedCheckinNotification;
 use Carbon\Carbon;
 use Illuminate\Console\Command;
-use App\Models\Recipients\AlertRecipient;
 
 class SendExpectedCheckinAlerts extends Command
 {
@@ -41,12 +41,12 @@ class SendExpectedCheckinAlerts extends Command
      */
     public function handle()
     {
-        $settings   = Setting::getSettings();
+        $settings = Setting::getSettings();
         $whenNotify = Carbon::now()->addDays(7);
-        $assets     = Asset::with('assignedTo')->whereNotNull('assigned_to')->whereNotNull('expected_checkin')->where('expected_checkin', '<=', $whenNotify)->get();
+        $assets = Asset::with('assignedTo')->whereNotNull('assigned_to')->whereNotNull('expected_checkin')->where('expected_checkin', '<=', $whenNotify)->get();
 
-        $this->info($whenNotify . ' is deadline');
-        $this->info($assets->count() . ' assets');
+        $this->info($whenNotify.' is deadline');
+        $this->info($assets->count().' assets');
 
         foreach ($assets as $asset) {
             if ($asset->assigned && $asset->checkedOutToUser()) {

app/Console/Commands/SendExpirationAlerts.php

@@ -41,7 +41,7 @@ class SendExpirationAlerts extends Command
      */
     public function handle()
     {
-        $settings  = Setting::getSettings();
+        $settings = Setting::getSettings();
         $threshold = $settings->alert_interval;
 
         if (($settings->alert_email != '') && ($settings->alerts_enabled == 1)) {

app/Console/Commands/SendUpcomingAuditReport.php

@@ -4,13 +4,13 @@ namespace App\Console\Commands;
 
 use App\Models\Asset;
 use App\Models\License;
+use App\Models\Recipients;
 use App\Models\Setting;
 use App\Notifications\ExpiringAssetsNotification;
-use App\Models\Recipients;
-use DB;
-use Illuminate\Console\Command;
 use App\Notifications\SendUpcomingAuditNotification;
 use Carbon\Carbon;
+use DB;
+use Illuminate\Console\Command;
 
 class SendUpcomingAuditReport extends Command
 {
@@ -54,7 +54,6 @@ class SendUpcomingAuditReport extends Command
                 return new \App\Models\Recipients\AlertRecipient($item);
             });
 
-
             // Assets due for auditing
 
             $assets = Asset::whereNotNull('next_audit_date')
@@ -62,7 +61,6 @@ class SendUpcomingAuditReport extends Command
                     ->orderBy('last_audit_date', 'asc')->get();
 
             if ($assets->count() > 0) {
-
                 $this->info(trans_choice('mail.upcoming-audits', $assets->count(),
                     ['count' => $assets->count(), 'threshold' => $settings->audit_warning_days]));
                 \Notification::send($recipients, new SendUpcomingAuditNotification($assets, $settings->audit_warning_days));
@@ -70,14 +68,11 @@ class SendUpcomingAuditReport extends Command
             } else {
                 $this->info('No assets to be audited. No report sent.');
             }
-
-
-
-        } elseif ($settings->alert_email=='') {
+        } elseif ($settings->alert_email == '') {
             $this->error('Could not send email. No alert email configured in settings');
-        } elseif (!$settings->audit_warning_days) {
+        } elseif (! $settings->audit_warning_days) {
             $this->error('No audit warning days set in Admin Notifications. No mail will be sent.');
-        } elseif ($settings->alerts_enabled!=1) {
+        } elseif ($settings->alerts_enabled != 1) {
             $this->info('Alerts are disabled in the settings. No mail will be sent');
         } else {
             $this->error('Something went wrong. :( ');
@@ -85,7 +80,5 @@ class SendUpcomingAuditReport extends Command
             $this->error('Admin Audit Warning Setting: '.$settings->audit_warning_days);
             $this->error('Admin Alerts Emnabled: '.$settings->alerts_enabled);
         }
-
-
     }
 }

app/Console/Commands/SyncAssetCounters.php

@@ -45,14 +45,14 @@ class SyncAssetCounters extends Command
         if ($assets) {
             if ($assets->count() > 0) {
                 $bar = $this->output->createProgressBar($assets->count());
-                
+
                 foreach ($assets as $asset) {
                     $asset->checkin_counter = (int) $asset->checkins_count;
                     $asset->checkout_counter = (int) $asset->checkouts_count;
                     $asset->requests_counter = (int) $asset->user_requests_count;
                     $asset->unsetEventDispatcher();
                     $asset->save();
-                    $output['info'][] = 'Asset: ' . $asset->id . ' has ' . $asset->checkin_counter . ' checkins, ' . $asset->checkout_counter . ' checkouts, and ' . $asset->requests_counter . ' requests';
+                    $output['info'][] = 'Asset: '.$asset->id.' has '.$asset->checkin_counter.' checkins, '.$asset->checkout_counter.' checkouts, and '.$asset->requests_counter.' requests';
                     $bar->advance();
                 }
                 $bar->finish();
@@ -62,15 +62,10 @@ class SyncAssetCounters extends Command
                 }
 
                 $time_elapsed_secs = microtime(true) - $start;
-                $this->info('Sync executed in ' . $time_elapsed_secs . ' seconds');
-
+                $this->info('Sync executed in '.$time_elapsed_secs.' seconds');
             } else {
                 $this->info('No assets to sync');
             }
-
         }
-
-
-
     }
 }

app/Console/Commands/SyncAssetLocations.php

@@ -38,7 +38,6 @@ class SyncAssetLocations extends Command
      */
     public function handle()
     {
-
         $output['info'] = [];
         $output['warn'] = [];
         $output['error'] = [];
@@ -51,96 +50,89 @@ class SyncAssetLocations extends Command
         $output['info'][] = 'There are '.$rtd_assets->count().' unassigned assets.';
 
         foreach ($rtd_assets as $rtd_asset) {
-             $output['info'][] = 'Setting Unassigned Asset ' . $rtd_asset->id . ' ('.$rtd_asset->asset_tag.') to  location: ' . $rtd_asset->rtd_location_id . " because their default location is: " . $rtd_asset->rtd_location_id;
-            $rtd_asset->location_id=$rtd_asset->rtd_location_id;
+            $output['info'][] = 'Setting Unassigned Asset '.$rtd_asset->id.' ('.$rtd_asset->asset_tag.') to  location: '.$rtd_asset->rtd_location_id.' because their default location is: '.$rtd_asset->rtd_location_id;
+            $rtd_asset->location_id = $rtd_asset->rtd_location_id;
             $rtd_asset->unsetEventDispatcher();
             $rtd_asset->save();
             $bar->advance();
         }
 
-        $assigned_user_assets = Asset::where('assigned_type','App\Models\User')->whereNotNull('assigned_to')->whereNull('deleted_at')->get();
+        $assigned_user_assets = Asset::where('assigned_type', \App\Models\User::class)->whereNotNull('assigned_to')->whereNull('deleted_at')->get();
         $output['info'][] = 'There are '.$assigned_user_assets->count().' assets checked out to users.';
         foreach ($assigned_user_assets as $assigned_user_asset) {
             if (($assigned_user_asset->assignedTo) && ($assigned_user_asset->assignedTo->userLoc)) {
                 $new_location = $assigned_user_asset->assignedTo->userLoc->id;
-                $output['info'][] ='Setting User Asset ' . $assigned_user_asset->id . ' ('.$assigned_user_asset->asset_tag.') to  ' . $assigned_user_asset->assignedTo->userLoc->name . ' which is id: ' . $new_location;
+                $output['info'][] = 'Setting User Asset '.$assigned_user_asset->id.' ('.$assigned_user_asset->asset_tag.') to  '.$assigned_user_asset->assignedTo->userLoc->name.' which is id: '.$new_location;
             } else {
-                $output['warn'][] ='Asset ' . $assigned_user_asset->id . ' ('.$assigned_user_asset->asset_tag.') still has no location! ';
+                $output['warn'][] = 'Asset '.$assigned_user_asset->id.' ('.$assigned_user_asset->asset_tag.') still has no location! ';
                 $new_location = $assigned_user_asset->rtd_location_id;
             }
-            $assigned_user_asset->location_id=$new_location;
+            $assigned_user_asset->location_id = $new_location;
             $assigned_user_asset->unsetEventDispatcher();
             $assigned_user_asset->save();
             $bar->advance();
-
         }
 
-        $assigned_location_assets = Asset::where('assigned_type','App\Models\Location')
+        $assigned_location_assets = Asset::where('assigned_type', \App\Models\Location::class)
             ->whereNotNull('assigned_to')->whereNull('deleted_at')->get();
         $output['info'][] = 'There are '.$assigned_location_assets->count().' assets checked out to locations.';
 
         foreach ($assigned_location_assets as $assigned_location_asset) {
             if ($assigned_location_asset->assignedTo) {
                 $assigned_location_asset->location_id = $assigned_location_asset->assignedTo->id;
-                $output['info'][] ='Setting Location Assigned  asset ' . $assigned_location_asset->id . ' ('.$assigned_location_asset->asset_tag.') that is checked out to '.$assigned_location_asset->assignedTo->name.' (#'.$assigned_location_asset->assignedTo->id.') to location: ' . $assigned_location_asset->assetLoc()->id;
+                $output['info'][] = 'Setting Location Assigned  asset '.$assigned_location_asset->id.' ('.$assigned_location_asset->asset_tag.') that is checked out to '.$assigned_location_asset->assignedTo->name.' (#'.$assigned_location_asset->assignedTo->id.') to location: '.$assigned_location_asset->assetLoc()->id;
                 $assigned_location_asset->unsetEventDispatcher();
                 $assigned_location_asset->save();
             } else {
-                $output['warn'][] ='Asset ' . $assigned_location_asset->id . ' ('.$assigned_location_asset->asset_tag.') did not return a valid associated location - perhaps it was deleted?';
+                $output['warn'][] = 'Asset '.$assigned_location_asset->id.' ('.$assigned_location_asset->asset_tag.') did not return a valid associated location - perhaps it was deleted?';
             }
             $bar->advance();
-
         }
 
-
         // Assigned to assets
-        $assigned_asset_assets = Asset::where('assigned_type','App\Models\Asset')
+        $assigned_asset_assets = Asset::where('assigned_type', \App\Models\Asset::class)
             ->whereNotNull('assigned_to')->whereNull('deleted_at')->get();
-            $output['info'][] ='Asset-assigned assets: '.$assigned_asset_assets->count();
+        $output['info'][] = 'Asset-assigned assets: '.$assigned_asset_assets->count();
 
-            foreach ($assigned_asset_assets as $assigned_asset_asset) {
+        foreach ($assigned_asset_assets as $assigned_asset_asset) {
 
                 // Check to make sure there aren't any invalid relationships
-                if ($assigned_asset_asset->assetLoc()) {
-                    $assigned_asset_asset->location_id = $assigned_asset_asset->assetLoc()->id;
-                    $output['info'][] ='Setting Asset Assigned asset ' . $assigned_asset_asset->assetLoc()->id. ' ('.$assigned_asset_asset->asset_tag.') location to: ' . $assigned_asset_asset->assetLoc()->id;
-                    $assigned_asset_asset->unsetEventDispatcher();
-                    $assigned_asset_asset->save();
-                } else {
-                    $output['warn'][] ='Asset Assigned asset ' . $assigned_asset_asset->id. ' ('.$assigned_asset_asset->asset_tag.') does not seem to have a valid location';
-                }
-
-                $bar->advance();
-
+            if ($assigned_asset_asset->assetLoc()) {
+                $assigned_asset_asset->location_id = $assigned_asset_asset->assetLoc()->id;
+                $output['info'][] = 'Setting Asset Assigned asset '.$assigned_asset_asset->assetLoc()->id.' ('.$assigned_asset_asset->asset_tag.') location to: '.$assigned_asset_asset->assetLoc()->id;
+                $assigned_asset_asset->unsetEventDispatcher();
+                $assigned_asset_asset->save();
+            } else {
+                $output['warn'][] = 'Asset Assigned asset '.$assigned_asset_asset->id.' ('.$assigned_asset_asset->asset_tag.') does not seem to have a valid location';
             }
 
-        $unlocated_assets = Asset::whereNull("location_id")->whereNull('deleted_at')->get();
-        $output['info'][] ='Assets still without a location: '.$unlocated_assets->count();
-        foreach($unlocated_assets as $unlocated_asset) {
-            $output['warn'][] ='Asset: '.$unlocated_asset->id.' still has no location. ';
+            $bar->advance();
+        }
+
+        $unlocated_assets = Asset::whereNull('location_id')->whereNull('deleted_at')->get();
+        $output['info'][] = 'Assets still without a location: '.$unlocated_assets->count();
+        foreach ($unlocated_assets as $unlocated_asset) {
+            $output['warn'][] = 'Asset: '.$unlocated_asset->id.' still has no location. ';
             $bar->advance();
         }
 
         $bar->finish();
         $this->info("\n");
 
-
-        if (($this->option('output')=='all') || ($this->option('output')=='info')) {
+        if (($this->option('output') == 'all') || ($this->option('output') == 'info')) {
             foreach ($output['info'] as $key => $output_text) {
                 $this->info($output_text);
             }
         }
-        if (($this->option('output')=='all') || ($this->option('output')=='warn')) {
+        if (($this->option('output') == 'all') || ($this->option('output') == 'warn')) {
             foreach ($output['warn'] as $key => $output_text) {
                 $this->warn($output_text);
             }
         }
-        if (($this->option('output')=='all') || ($this->option('output')=='error')) {
+        if (($this->option('output') == 'all') || ($this->option('output') == 'error')) {
             foreach ($output['error'] as $key => $output_text) {
                 $this->error($output_text);
             }
         }
-
-
     }
 }

app/Console/Commands/SystemBackup.php

@@ -6,7 +6,6 @@ use Illuminate\Console\Command;
 
 class SystemBackup extends Command
 {
-
     /**
      * The console command name.
      *
@@ -40,6 +39,5 @@ class SystemBackup extends Command
     {
         //
         $this->call('backup:run');
-
     }
 }

app/Console/Commands/Version.php

@@ -37,7 +37,6 @@ class Version extends Command
      */
     public function handle()
     {
-
         $use_branch = $this->option('branch');
         $use_type = $this->option('type');
         $git_branch = trim(shell_exec('git rev-parse --abbrev-ref HEAD'));
@@ -54,72 +53,66 @@ class Version extends Command
         $this->line('Type is: '.$use_type);
         $this->line('Current version is: '.$full_hash_version);
 
-        if (count($version)==3) {
+        if (count($version) == 3) {
             $this->line('This does not look like an alpha/beta release.');
         } else {
-            if (array_key_exists('3',$version)) {
+            if (array_key_exists('3', $version)) {
                 $this->line('The current version looks like a beta release.');
                 $prerelease_version = $version[1];
                 $hash_version = $version[3];
             }
         }
 
-
         $app_version_raw = explode('.', $app_version);
 
         $maj = str_replace('v', '', $app_version_raw[0]);
         $min = $app_version_raw[1];
         $patch = '';
 
-
-
         // This is a major release that might not have a third .0
         if (array_key_exists(2, $app_version_raw)) {
             $patch = $app_version_raw[2];
         }
 
-        if ($use_type=='major') {
-            $app_version = "v".($maj + 1).".$min.$patch";
-        } elseif ($use_type=='minor') {
-            $app_version = "v"."$maj.".($min + 1).".$patch";
-        } elseif ($use_type=='pre') {
-            $pre_raw = str_replace('beta','', $prerelease_version);
-            $pre_raw = str_replace('alpha','', $pre_raw);
-            $pre_raw = str_ireplace('rc','', $pre_raw);
+        if ($use_type == 'major') {
+            $app_version = 'v'.($maj + 1).".$min.$patch";
+        } elseif ($use_type == 'minor') {
+            $app_version = 'v'."$maj.".($min + 1).".$patch";
+        } elseif ($use_type == 'pre') {
+            $pre_raw = str_replace('beta', '', $prerelease_version);
+            $pre_raw = str_replace('alpha', '', $pre_raw);
+            $pre_raw = str_ireplace('rc', '', $pre_raw);
             $pre_raw = $pre_raw++;
-            $this->line('Setting the pre-release to '. $prerelease_version.'-'.$pre_raw);
-            $app_version = "v"."$maj.".($min + 1).".$patch";
-        } elseif ($use_type=='patch') {
-            $app_version = "v" . "$maj.$min." . ($patch + 1);
+            $this->line('Setting the pre-release to '.$prerelease_version.'-'.$pre_raw);
+            $app_version = 'v'."$maj.".($min + 1).".$patch";
+        } elseif ($use_type == 'patch') {
+            $app_version = 'v'."$maj.$min.".($patch + 1);
         // If nothing is passed, leave the version as it is, just increment the build
         } else {
-            $app_version = "v" . "$maj.$min." . $patch;
+            $app_version = 'v'."$maj.$min.".$patch;
         }
 
         // Determine if this tag already exists, or if this prior to a release
         $this->line('Running: git rev-parse master '.$current_app_version);
         // $pre_release = trim(shell_exec('git rev-parse '.$use_branch.' '.$current_app_version.' 2>&1 1> /dev/null'));
 
-        if ($use_branch=='develop') {
+        if ($use_branch == 'develop') {
             $app_version = $app_version.'-pre';
         }
 
         $full_app_version = $app_version.' - build '.$build_version.'-'.$hash_version;
 
-
         $array = var_export(
-            array(
+            [
                 'app_version' => $app_version,
                 'full_app_version' => $full_app_version,
                 'build_version' => $build_version,
                 'prerelease_version' => $prerelease_version,
                 'hash_version' => $hash_version,
                 'full_hash' => $full_hash_version,
-                'branch' => $git_branch),
+                'branch' => $git_branch, ],
             true
         );
-        
-
 
         // Construct our file content
         $content = <<<CON
@@ -129,7 +122,6 @@ CON;
 
         // And finally write the file and output the current version
         \File::put($versionFile, $content);
-        $this->info('Setting NEW version: '. $full_app_version.' ('.$git_branch.')');
+        $this->info('Setting NEW version: '.$full_app_version.' ('.$git_branch.')');
     }
-
 }

app/Console/Kernel.php

@@ -10,7 +10,6 @@ use Illuminate\Foundation\Console\Kernel as ConsoleKernel;
 
 class Kernel extends ConsoleKernel
 {
-
     /**
      * Define the application's command schedule.
      *

app/Events/CheckoutAccepted.php

@@ -18,6 +18,6 @@ class CheckoutAccepted
      */
     public function __construct(CheckoutAcceptance $acceptance)
     {
-        $this->acceptance       = $acceptance;
+        $this->acceptance = $acceptance;
     }
 }

app/Events/CheckoutDeclined.php

@@ -10,7 +10,7 @@ use Illuminate\Queue\SerializesModels;
 class CheckoutDeclined
 {
     use Dispatchable, SerializesModels;
-    
+
     /**
      * Create a new event instance.
      *
@@ -18,6 +18,6 @@ class CheckoutDeclined
      */
     public function __construct(CheckoutAcceptance $acceptance)
     {
-        $this->acceptance       = $acceptance;
+        $this->acceptance = $acceptance;
     }
 }

app/Events/CheckoutableCheckedIn.php

@@ -25,8 +25,8 @@ class CheckoutableCheckedIn
     {
         $this->checkoutable = $checkoutable;
         $this->checkedOutTo = $checkedOutTo;
-        $this->checkedInBy  = $checkedInBy;
-        $this->note         = $note;
-        $this->action_date  = $action_date ?? date('Y-m-d');
+        $this->checkedInBy = $checkedInBy;
+        $this->note = $note;
+        $this->action_date = $action_date ?? date('Y-m-d');
     }
 }

app/Events/CheckoutableCheckedOut.php

@@ -25,6 +25,6 @@ class CheckoutableCheckedOut
         $this->checkoutable = $checkoutable;
         $this->checkedOutTo = $checkedOutTo;
         $this->checkedOutBy = $checkedOutBy;
-        $this->note         = $note;
+        $this->note = $note;
     }
 }

app/Exceptions/CheckoutNotAllowed.php

@@ -6,17 +6,17 @@ use Exception;
 
 class CheckoutNotAllowed extends Exception
 {
-
     private $errorMessage;
 
-    function __construct($errorMessage = null)
+    public function __construct($errorMessage = null)
     {
         $this->errorMessage = $errorMessage;
 
         parent::__construct($errorMessage);
     }
+
     public function __toString()
     {
-       return is_null($this->errorMessage) ? "A checkout is not allowed under these circumstances" : $this->errorMessage;
+        return is_null($this->errorMessage) ? 'A checkout is not allowed under these circumstances' : $this->errorMessage;
     }
 }

app/Exceptions/Handler.php

@@ -2,18 +2,19 @@
 
 namespace App\Exceptions;
 
-use Exception;
-use Illuminate\Auth\AuthenticationException;
 use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
 use App\Helpers\Helper;
 use Illuminate\Validation\ValidationException;
+use Illuminate\Auth\AuthenticationException;
 use Log;
+use Throwable;
+use JsonException;
 
 
 class Handler extends ExceptionHandler
 {
     /**
-     * A list of the exception types that should not be reported.
+     * A list of the exception types that are not reported.
      *
      * @var array
      */
@@ -26,6 +27,7 @@ class Handler extends ExceptionHandler
         \Illuminate\Validation\ValidationException::class,
         \Intervention\Image\Exception\NotSupportedException::class,
         \League\OAuth2\Server\Exception\OAuthServerException::class,
+        JsonException::class,
     ];
 
     /**
@@ -33,25 +35,25 @@ class Handler extends ExceptionHandler
      *
      * This is a great spot to send exceptions to Sentry, Bugsnag, etc.
      *
-     * @param  \Exception  $exception
+     * @param  \Throwable  $exception
      * @return void
      */
-    public function report(Exception $exception)
+    public function report(Throwable $exception)
     {
         if ($this->shouldReport($exception)) {
-            \Log::error($exception);
+            Log::error($exception);
             return parent::report($exception);
         }
     }
 
     /**
      * Render an exception into an HTTP response.
-     *
+     * 
      * @param  \Illuminate\Http\Request  $request
      * @param  \Exception  $e
      * @return \Illuminate\Http\Response
      */
-    public function render($request, Exception $e)
+    public function render($request, Throwable $e)
     {
 
 
@@ -60,6 +62,12 @@ class Handler extends ExceptionHandler
             return redirect()->back()->with('error', trans('general.token_expired'));
         }
 
+        // Invalid JSON exception
+        // TODO: don't understand why we have to do this when we have the invalidJson() method, below, but, well, whatever
+        if ($e instanceof JsonException) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'invalid JSON'), 422);
+        }
+
 
         // Handle Ajax requests that fail because the model doesn't exist
         if ($request->ajax() || $request->wantsJson()) {
@@ -76,10 +84,12 @@ class Handler extends ExceptionHandler
                 switch ($e->getStatusCode()) {
                     case '404':
                        return response()->json(Helper::formatStandardApiResponse('error', null, $statusCode . ' endpoint not found'), 404);
-                    case '405':
+                    case '429':
+                        return response()->json(Helper::formatStandardApiResponse('error', null, 'Too many requests'), 429);
+                     case '405':
                         return response()->json(Helper::formatStandardApiResponse('error', null, 'Method not allowed'), 405);
                     default:
-                        return response()->json(Helper::formatStandardApiResponse('error', null, $statusCode), 405);
+                        return response()->json(Helper::formatStandardApiResponse('error', null, $statusCode), $statusCode);
 
                 }
             }
@@ -96,7 +106,7 @@ class Handler extends ExceptionHandler
 
     }
 
-    /**
+ /**
      * Convert an authentication exception into an unauthenticated response.
      *
      * @param  \Illuminate\Http\Request  $request
@@ -112,15 +122,27 @@ class Handler extends ExceptionHandler
         return redirect()->guest('login');
     }
 
-    /**
-     * Convert a validation exception into a JSON response.
+
+    /** 
+     * A list of the inputs that are never flashed for validation exceptions.
      *
-     * @param  \Illuminate\Http\Request  $request
-     * @param  \Illuminate\Validation\ValidationException  $exception
-     * @return \Illuminate\Http\JsonResponse
+     * @var array
      */
-    protected function invalidJson($request, ValidationException $exception)
+    protected $dontFlash = [
+        'current_password',
+        'password',
+        'password_confirmation',
+    ];
+
+    /**
+     * Register the exception handling callbacks for the application.
+     *
+     * @return void
+     */
+    public function register()
     {
-        return response()->json(Helper::formatStandardApiResponse('error', null, $exception->errors(), 400));
+        $this->reportable(function (Throwable $e) {
+            //
+        });
     }
-}
+}

app/Helpers/StorageHelper.php

@@ -1,15 +1,17 @@
 <?php
 
 namespace App\Helpers;
+
 use Illuminate\Support\Facades\Storage;
 
 class StorageHelper
 {
-    static function downloader($filename, $disk = 'default') {
-        if($disk == 'default') {
+    public static function downloader($filename, $disk = 'default')
+    {
+        if ($disk == 'default') {
             $disk = config('filesystems.default');
         }
-        switch(config("filesystems.disks.$disk.driver")) {
+        switch (config("filesystems.disks.$disk.driver")) {
             case 'local':
                 return response()->download(Storage::disk($disk)->path($filename)); //works for PRIVATE or public?!
 
@@ -20,4 +22,4 @@ class StorageHelper
                 return Storage::disk($disk)->download($filename);
         }
     }
-}
+}

app/Http/Controllers/Accessories/AccessoriesController.php

@@ -1,4 +1,5 @@
 <?php
+
 namespace App\Http\Controllers\Accessories;
 
 use App\Helpers\Helper;
@@ -30,10 +31,10 @@ class AccessoriesController extends Controller
     public function index()
     {
         $this->authorize('index', Accessory::class);
+
         return view('accessories/index');
     }
 
-
     /**
      * Returns a view with a form to create a new Accessory.
      *
@@ -45,11 +46,11 @@ class AccessoriesController extends Controller
     {
         $this->authorize('create', Accessory::class);
         $category_type = 'accessory';
+
         return view('accessories/edit')->with('category_type', $category_type)
           ->with('item', new Accessory);
     }
 
-
     /**
      * Validate and save new Accessory from form post
      *
@@ -78,14 +79,17 @@ class AccessoriesController extends Controller
         $accessory->qty                     = request('qty');
         $accessory->user_id                 = Auth::user()->id;
         $accessory->supplier_id             = request('supplier_id');
+        $accessory->notes                   = request('notes');
+
 
         $accessory = $request->handleImages($accessory);
-        
+
         // Was the accessory created?
         if ($accessory->save()) {
             // Redirect to the new accessory  page
             return redirect()->route('accessories.index')->with('success', trans('admin/accessories/message.create.success'));
         }
+
         return redirect()->back()->withInput()->withErrors($accessory->getErrors());
     }
 
@@ -102,6 +106,7 @@ class AccessoriesController extends Controller
 
         if ($item = Accessory::find($accessoryId)) {
             $this->authorize($item);
+
             return view('accessories/edit', compact('item'))->with('category_type', 'accessory');
         }
 
@@ -140,6 +145,7 @@ class AccessoriesController extends Controller
         $accessory->purchase_cost           = Helper::ParseCurrency(request('purchase_cost'));
         $accessory->qty                     = request('qty');
         $accessory->supplier_id             = request('supplier_id');
+        $accessory->notes                   = request('notes');
 
         $accessory = $request->handleImages($accessory);
 
@@ -147,6 +153,7 @@ class AccessoriesController extends Controller
         if ($accessory->save()) {
             return redirect()->route('accessories.index')->with('success', trans('admin/accessories/message.update.success'));
         }
+
         return redirect()->back()->withInput()->withErrors($accessory->getErrors());
     }
 
@@ -168,11 +175,11 @@ class AccessoriesController extends Controller
 
 
         if ($accessory->hasUsers() > 0) {
-             return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.assoc_users', array('count'=> $accessory->hasUsers())));
+            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.assoc_users', ['count'=> $accessory->hasUsers()]));
         }
 
         if ($accessory->image) {
-            try  {
+            try {
                 Storage::disk('public')->delete('accessories'.'/'.$accessory->image);
             } catch (\Exception $e) {
                 \Log::debug($e);
@@ -180,6 +187,7 @@ class AccessoriesController extends Controller
         }
 
         $accessory->delete();
+
         return redirect()->route('accessories.index')->with('success', trans('admin/accessories/message.delete.success'));
     }
 
@@ -202,6 +210,7 @@ class AccessoriesController extends Controller
         if (isset($accessory->id)) {
             return view('accessories/view', compact('accessory'));
         }
+
         return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist', ['id' => $accessoryID]));
     }
 }

app/Http/Controllers/Accessories/AccessoryCheckinController.php

@@ -17,7 +17,7 @@ class AccessoryCheckinController extends Controller
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @param Request $request
-     * @param integer $accessoryUserId
+     * @param int $accessoryUserId
      * @param string $backto
      * @return View
      * @internal param int $accessoryId
@@ -33,6 +33,7 @@ class AccessoryCheckinController extends Controller
 
         $accessory = Accessory::find($accessory_user->accessory_id);
         $this->authorize('checkin', $accessory);
+
         return view('accessories/checkin', compact('accessory'))->with('backto', $backto);
     }
 
@@ -49,7 +50,7 @@ class AccessoryCheckinController extends Controller
      */
     public function store(Request $request, $accessoryUserId = null, $backto = null)
     {
-      // Check if the accessory exists
+        // Check if the accessory exists
         if (is_null($accessory_user = DB::table('accessories_users')->find($accessoryUserId))) {
             // Redirect to the accessory management page with error
             return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist'));
@@ -60,7 +61,7 @@ class AccessoryCheckinController extends Controller
         $this->authorize('checkin', $accessory);
 
         $checkin_at = date('Y-m-d');
-        if($request->filled('checkin_at')){
+        if ($request->filled('checkin_at')) {
             $checkin_at = $request->input('checkin_at');
         }
 
@@ -70,7 +71,7 @@ class AccessoryCheckinController extends Controller
 
             event(new CheckoutableCheckedIn($accessory, User::find($return_to), Auth::user(), $request->input('note'), $checkin_at));
 
-            return redirect()->route("accessories.show", $accessory->id)->with('success', trans('admin/accessories/message.checkin.success'));
+            return redirect()->route('accessories.show', $accessory->id)->with('success', trans('admin/accessories/message.checkin.success'));
         }
         // Redirect to the accessory management page with error
         return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.checkin.error'));

app/Http/Controllers/Accessories/AccessoryCheckoutController.php

@@ -14,7 +14,6 @@ use Illuminate\Support\Facades\Input;
 
 class AccessoryCheckoutController extends Controller
 {
-
     /**
      * Return the form to checkout an Accessory to a user.
      *
@@ -32,7 +31,6 @@ class AccessoryCheckoutController extends Controller
         }
 
         if ($accessory->category) {
-
             $this->authorize('checkout', $accessory);
 
             // Get the dropdown of users and then pass it to the checkout view
@@ -56,7 +54,7 @@ class AccessoryCheckoutController extends Controller
      */
     public function store(Request $request, $accessoryId)
     {
-      // Check if the accessory exists
+        // Check if the accessory exists
         if (is_null($accessory = Accessory::find($accessoryId))) {
             // Redirect to the accessory management page with error
             return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.user_not_found'));
@@ -64,11 +62,11 @@ class AccessoryCheckoutController extends Controller
 
         $this->authorize('checkout', $accessory);
 
-        if (!$user = User::find($request->input('assigned_to'))) {
+        if (! $user = User::find($request->input('assigned_to'))) {
             return redirect()->route('checkout/accessory', $accessory->id)->with('error', trans('admin/accessories/message.checkout.user_does_not_exist'));
         }
 
-      // Update the accessory data
+        // Update the accessory data
         $accessory->assigned_to = e($request->input('assigned_to'));
 
         $accessory->users()->attach($accessory->id, [
@@ -76,14 +74,14 @@ class AccessoryCheckoutController extends Controller
             'created_at' => Carbon::now(),
             'user_id' => Auth::id(),
             'assigned_to' => $request->get('assigned_to'),
-            'note' => $request->input('note')
+            'note' => $request->input('note'),
         ]);
 
         DB::table('accessories_users')->where('assigned_to', '=', $accessory->assigned_to)->where('accessory_id', '=', $accessory->id)->first();
 
         event(new CheckoutableCheckedOut($accessory, $user, Auth::user(), $request->input('note')));
 
-      // Redirect to the new accessory page
+        // Redirect to the new accessory page
         return redirect()->route('accessories.index')->with('success', trans('admin/accessories/message.checkout.success'));
     }
 }

app/Http/Controllers/Account/AcceptanceController.php

@@ -1,4 +1,5 @@
-<?php 
+<?php
+
 namespace App\Http\Controllers\Account;
 
 use App\Events\CheckoutAccepted;
@@ -14,14 +15,15 @@ use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Str;
 
-class AcceptanceController extends Controller {
-	
+class AcceptanceController extends Controller
+{
     /**
      * Show a listing of pending checkout acceptances for the current user
-     * 
+     *
      * @return View
      */
-    public function index() {
+    public function index()
+    {
         $acceptances = CheckoutAcceptance::forUser(Auth::user())->pending()->get();
 
         return view('account/accept.index', compact('acceptances'));
@@ -29,12 +31,12 @@ class AcceptanceController extends Controller {
 
     /**
      * Shows a form to either accept or decline the checkout acceptance
-     * 
+     *
      * @param  int  $id
      * @return mixed
      */
-	public function create($id) {
-
+    public function create($id)
+    {
         $acceptance = CheckoutAcceptance::find($id);
 
         if (is_null($acceptance)) {
@@ -43,28 +45,28 @@ class AcceptanceController extends Controller {
 
         if (! $acceptance->isPending()) {
             return redirect()->route('account.accept')->with('error', trans('admin/users/message.error.asset_already_accepted'));
-        }        
+        }
 
         if (! $acceptance->isCheckedOutTo(Auth::user())) {
             return redirect()->route('account.accept')->with('error', trans('admin/users/message.error.incorrect_user_accepted'));
         }
 
-        if (!Company::isCurrentUserHasAccess($acceptance->checkoutable)) {
+        if (! Company::isCurrentUserHasAccess($acceptance->checkoutable)) {
             return redirect()->route('account.accept')->with('error', trans('general.insufficient_permissions'));
-        }        
+        }
 
         return view('account/accept.create', compact('acceptance'));
-	}
+    }
 
     /**
      * Stores the accept/decline of the checkout acceptance
-     * 
+     *
      * @param  Request $request
      * @param  int  $id
      * @return Redirect
      */
-    public function store(Request $request, $id) {
-        
+    public function store(Request $request, $id)
+    {
         $acceptance = CheckoutAcceptance::find($id);
 
         if (is_null($acceptance)) {
@@ -73,55 +75,50 @@ class AcceptanceController extends Controller {
 
         if (! $acceptance->isPending()) {
             return redirect()->route('account.accept')->with('error', trans('admin/users/message.error.asset_already_accepted'));
-        }        
+        }
 
         if (! $acceptance->isCheckedOutTo(Auth::user())) {
             return redirect()->route('account.accept')->with('error', trans('admin/users/message.error.incorrect_user_accepted'));
         }
 
-        if (!Company::isCurrentUserHasAccess($acceptance->checkoutable)) {
+        if (! Company::isCurrentUserHasAccess($acceptance->checkoutable)) {
             return redirect()->route('account.accept')->with('error', trans('general.insufficient_permissions'));
-        }   
+        }
 
-        if (!$request->filled('asset_acceptance')) {
+        if (! $request->filled('asset_acceptance')) {
             return redirect()->back()->with('error', trans('admin/users/message.error.accept_or_decline'));
         }
 
         /**
          * Get the signature and save it
          */
-
-        if (!Storage::exists('private_uploads/signatures'))  Storage::makeDirectory('private_uploads/signatures', 775);
-
+        if (! Storage::exists('private_uploads/signatures')) {
+            Storage::makeDirectory('private_uploads/signatures', 775);
+        }
 
         $sig_filename = '';
         if ($request->filled('signature_output')) {
-            $sig_filename = "siglog-" .Str::uuid() . '-'.date('Y-m-d-his').".png";
+            $sig_filename = 'siglog-'.Str::uuid().'-'.date('Y-m-d-his').'.png';
             $data_uri = e($request->input('signature_output'));
-            $encoded_image = explode(",", $data_uri);
+            $encoded_image = explode(',', $data_uri);
             $decoded_image = base64_decode($encoded_image[1]);
-            Storage::put('private_uploads/signatures/'.$sig_filename, (string)$decoded_image);
+            Storage::put('private_uploads/signatures/'.$sig_filename, (string) $decoded_image);
         }
 
-
         if ($request->input('asset_acceptance') == 'accepted') {
-
             $acceptance->accept($sig_filename);
 
             event(new CheckoutAccepted($acceptance));
 
             $return_msg = trans('admin/users/message.accepted');
-
         } else {
-
-            $acceptance->decline($sig_filename);         
+            $acceptance->decline($sig_filename);
 
             event(new CheckoutDeclined($acceptance));
 
             $return_msg = trans('admin/users/message.declined');
-
         }
 
         return redirect()->to('account/accept')->with('success', $return_msg);
-    }	
+    }
 }

app/Http/Controllers/ActionlogController.php

@@ -9,10 +9,21 @@ class ActionlogController extends Controller
 {
     public function displaySig($filename)
     {
+        // PHP doesn't let you handle file not found errors well with 
+        // file_get_contents, so we set the error reporting for just this class
+        error_reporting(0);
+
         $this->authorize('view', \App\Models\Asset::class);
-        $file = config('app.private_uploads') . '/signatures/' . $filename;
+        $file = config('app.private_uploads').'/signatures/'.$filename;
         $filetype = Helper::checkUploadIsImage($file);
-        $contents = file_get_contents($file);
-        return Response::make($contents)->header('Content-Type', $filetype);
+
+        $contents = file_get_contents($file, false, stream_context_create(['http' => ['ignore_errors' => true]]));
+        if ($contents === false) {
+            \Log::warn('File '.$file.' not found');
+            return false;
+        } else {
+            return Response::make($contents)->header('Content-Type', $filetype);
+        }
+       
     }
 }

app/Http/Controllers/Api/AccessoriesController.php

@@ -9,8 +9,8 @@ use App\Http\Transformers\SelectlistTransformer;
 use App\Models\Accessory;
 use App\Models\Company;
 use App\Models\User;
-use Carbon\Carbon;
 use Auth;
+use Carbon\Carbon;
 use DB;
 use Illuminate\Http\Request;
 use App\Http\Requests\ImageUploadRequest;
@@ -27,6 +27,7 @@ class AccessoriesController extends Controller
     public function index(Request $request)
     {
         $this->authorize('view', Accessory::class);
+        $allowed_columns = ['id', 'name', 'model_number', 'eol', 'notes', 'created_at', 'min_amt', 'company_id'];
         
         // This array is what determines which fields should be allowed to be sorted on ON the table itself, no relations
         // Relations will be handled in query scopes a little further down.
@@ -39,7 +40,8 @@ class AccessoriesController extends Controller
                 'notes',
                 'created_at',
                 'min_amt',
-                'company_id'
+                'company_id',
+                'notes',
             ];
 
 
@@ -50,25 +52,29 @@ class AccessoriesController extends Controller
         }
 
         if ($request->filled('company_id')) {
-            $accessories->where('company_id','=',$request->input('company_id'));
+            $accessories->where('company_id', '=', $request->input('company_id'));
         }
 
         if ($request->filled('category_id')) {
-            $accessories->where('category_id','=',$request->input('category_id'));
+            $accessories->where('category_id', '=', $request->input('category_id'));
         }
 
         if ($request->filled('manufacturer_id')) {
-            $accessories->where('manufacturer_id','=',$request->input('manufacturer_id'));
+            $accessories->where('manufacturer_id', '=', $request->input('manufacturer_id'));
         }
 
         if ($request->filled('supplier_id')) {
-            $accessories->where('supplier_id','=',$request->input('supplier_id'));
+            $accessories->where('supplier_id', '=', $request->input('supplier_id'));
         }
 
         if ($request->filled('location_id')) {
             $accessories->where('location_id','=',$request->input('location_id'));
         }
 
+        if ($request->filled('notes')) {
+            $accessories->where('notes','=',$request->input('notes'));
+        }
+
         // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
         // case we override with the actual count, so we should return 0 items.
         $offset = (($accessories) && ($request->get('offset') > $accessories->count())) ? $accessories->count() : $request->get('offset', 0);
@@ -100,10 +106,10 @@ class AccessoriesController extends Controller
                 $accessories = $accessories->orderBy($column_sort, $order);
                 break;
         }
-
-    
+ 
         $total = $accessories->count();
         $accessories = $accessories->skip($offset)->take($limit)->get();
+
         return (new AccessoriesTransformer)->transformAccessories($accessories, $total);
     }
 
@@ -126,6 +132,7 @@ class AccessoriesController extends Controller
         if ($accessory->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', $accessory, trans('admin/accessories/message.create.success')));
         }
+
         return response()->json(Helper::formatStandardApiResponse('error', null, $accessory->getErrors()));
 
     }
@@ -142,6 +149,7 @@ class AccessoriesController extends Controller
     {
         $this->authorize('view', Accessory::class);
         $accessory = Accessory::findOrFail($id);
+
         return (new AccessoriesTransformer)->transformAccessory($accessory);
     }
 
@@ -158,6 +166,7 @@ class AccessoriesController extends Controller
     {
         $this->authorize('view', Accessory::class);
         $accessory = Accessory::findOrFail($id);
+
         return (new AccessoriesTransformer)->transformAccessory($accessory);
     }
 
@@ -175,7 +184,7 @@ class AccessoriesController extends Controller
         $this->authorize('view', Accessory::class);
 
         $accessory = Accessory::with('lastCheckout')->findOrFail($id);
-        if (!Company::isCurrentUserHasAccess($accessory)) {
+        if (! Company::isCurrentUserHasAccess($accessory)) {
             return ['total' => 0, 'rows' => []];
         }
 
@@ -185,7 +194,7 @@ class AccessoriesController extends Controller
         $accessory_users = $accessory->users;
         $total = $accessory_users->count();
 
-        if($total < $offset){
+        if ($total < $offset) {
             $offset = 0;
         }
 
@@ -245,12 +254,12 @@ class AccessoriesController extends Controller
         $this->authorize($accessory);
 
         if ($accessory->hasUsers() > 0) {
-            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/accessories/message.assoc_users', array('count'=> $accessory->hasUsers()))));
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/accessories/message.assoc_users', ['count'=> $accessory->hasUsers()])));
         }
 
         $accessory->delete();
-        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/accessories/message.delete.success')));
 
+        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/accessories/message.delete.success')));
     }
 
 
@@ -276,7 +285,7 @@ class AccessoriesController extends Controller
 
         if ($accessory->numRemaining() > 0) {
 
-            if (!$user = User::find($request->input('assigned_to'))) {
+            if (! $user = User::find($request->input('assigned_to'))) {
                 return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/accessories/message.checkout.user_does_not_exist')));
             }
 
@@ -288,12 +297,12 @@ class AccessoriesController extends Controller
                 'created_at' => Carbon::now(),
                 'user_id' => Auth::id(),
                 'assigned_to' => $request->get('assigned_to'),
-                'note' => $request->get('note')
+                'note' => $request->get('note'),
             ]);
 
             $accessory->logCheckout($request->input('note'), $user);
 
-            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/accessories/message.checkout.success')));
+            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/accessories/message.checkout.success')));
         }
 
         return response()->json(Helper::formatStandardApiResponse('error', null, 'No accessories remaining'));
@@ -306,7 +315,7 @@ class AccessoriesController extends Controller
      * @uses Accessory::checkin_email() to determine if an email can and should be sent
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @param Request $request
-     * @param integer $accessoryUserId
+     * @param int $accessoryUserId
      * @param string $backto
      * @return Redirect
      * @internal param int $accessoryId
@@ -324,7 +333,7 @@ class AccessoriesController extends Controller
 
         // Was the accessory updated?
         if (DB::table('accessories_users')->where('id', '=', $accessory_user->id)->delete()) {
-            if (!is_null($accessory_user->assigned_to)) {
+            if (! is_null($accessory_user->assigned_to)) {
                 $user = User::find($accessory_user->assigned_to);
             }
 
@@ -339,7 +348,7 @@ class AccessoriesController extends Controller
             return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/accessories/message.checkin.success')));
         }
 
-        return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/accessories/message.checkin.error')));
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/accessories/message.checkin.error')));
 
     }
 
@@ -355,7 +364,7 @@ class AccessoriesController extends Controller
 
         $accessories = Accessory::select([
             'accessories.id',
-            'accessories.name'
+            'accessories.name',
         ]);
 
         if ($request->filled('search')) {
@@ -364,10 +373,7 @@ class AccessoriesController extends Controller
 
         $accessories = $accessories->orderBy('name', 'ASC')->paginate(50);
 
-
         return (new SelectlistTransformer)->transformSelectlist($accessories);
     }
 
-
-
 }

app/Http/Controllers/Api/AssetMaintenancesController.php

@@ -1,4 +1,5 @@
 <?php
+
 namespace App\Http\Controllers\Api;
 
 use App\Helpers\Helper;
@@ -29,11 +30,12 @@ class AssetMaintenancesController extends Controller
      * @author  Vincent Sposato <vincent.sposato@gmail.com>
      * @version v1.0
      * @since [v1.8]
-     * @return String JSON
+     * @return string JSON
      */
     public function index(Request $request)
     {
-        $maintenances = AssetMaintenance::with('asset', 'asset.model','asset.location', 'supplier', 'asset.company', 'admin');
+        $this->authorize('view', Asset::class);
+        $maintenances = AssetMaintenance::with('asset', 'asset.model', 'asset.location', 'supplier', 'asset.company', 'admin');
 
         if ($request->filled('search')) {
             $maintenances = $maintenances->TextSearch($request->input('search'));
@@ -50,7 +52,6 @@ class AssetMaintenancesController extends Controller
         // Check to make sure the limit is not higher than the max allowed
         ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');
 
-
         $allowed_columns = [
                                 'id',
                                 'title',
@@ -62,7 +63,7 @@ class AssetMaintenancesController extends Controller
                                 'notes',
                                 'asset_tag',
                                 'asset_name',
-                                'user_id'
+                                'user_id',
                             ];
         $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
         $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
@@ -97,10 +98,11 @@ class AssetMaintenancesController extends Controller
      * @author  Vincent Sposato <vincent.sposato@gmail.com>
      * @version v1.0
      * @since [v1.8]
-     * @return String JSON
+     * @return string JSON
      */
     public function store(Request $request)
     {
+        $this->authorize('update', Asset::class);
         // create a new model instance
         $assetMaintenance = new AssetMaintenance();
         $assetMaintenance->supplier_id = $request->input('supplier_id');
@@ -109,24 +111,24 @@ class AssetMaintenancesController extends Controller
         $assetMaintenance->notes = e($request->input('notes'));
         $asset = Asset::find(e($request->input('asset_id')));
 
-        if (!Company::isCurrentUserHasAccess($asset)) {
+        if (! Company::isCurrentUserHasAccess($asset)) {
             return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot add a maintenance for that asset'));
         }
 
         // Save the asset maintenance data
-        $assetMaintenance->asset_id               = $request->input('asset_id');
+        $assetMaintenance->asset_id = $request->input('asset_id');
         $assetMaintenance->asset_maintenance_type = $request->input('asset_maintenance_type');
-        $assetMaintenance->title                  = $request->input('title');
-        $assetMaintenance->start_date             = $request->input('start_date');
-        $assetMaintenance->completion_date        = $request->input('completion_date');
-        $assetMaintenance->user_id                = Auth::id();
+        $assetMaintenance->title = $request->input('title');
+        $assetMaintenance->start_date = $request->input('start_date');
+        $assetMaintenance->completion_date = $request->input('completion_date');
+        $assetMaintenance->user_id = Auth::id();
 
-        if (( $assetMaintenance->completion_date !== null )
-            && ( $assetMaintenance->start_date !== "" )
-            && ( $assetMaintenance->start_date !== "0000-00-00" )
+        if (($assetMaintenance->completion_date !== null)
+            && ($assetMaintenance->start_date !== '')
+            && ($assetMaintenance->start_date !== '0000-00-00')
         ) {
-            $startDate                                = Carbon::parse($assetMaintenance->start_date);
-            $completionDate                           = Carbon::parse($assetMaintenance->completion_date);
+            $startDate = Carbon::parse($assetMaintenance->start_date);
+            $completionDate = Carbon::parse($assetMaintenance->completion_date);
             $assetMaintenance->asset_maintenance_time = $completionDate->diffInDays($startDate);
         }
 
@@ -140,7 +142,6 @@ class AssetMaintenancesController extends Controller
 
     }
 
-
     /**
      *  Validates and stores an update to an asset maintenance
      *
@@ -149,14 +150,15 @@ class AssetMaintenancesController extends Controller
      * @param int $request
      * @version v1.0
      * @since [v4.0]
-     * @return String JSON
+     * @return string JSON
      */
     public function update(Request $request, $assetMaintenanceId = null)
     {
+        $this->authorize('update', Asset::class);
         // Check if the asset maintenance exists
         $assetMaintenance = AssetMaintenance::findOrFail($assetMaintenanceId);
 
-        if (!Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
+        if (! Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
             return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot edit a maintenance for that asset'));
         }
 
@@ -167,41 +169,41 @@ class AssetMaintenancesController extends Controller
 
         $asset = Asset::find(request('asset_id'));
 
-        if (!Company::isCurrentUserHasAccess($asset)) {
+        if (! Company::isCurrentUserHasAccess($asset)) {
             return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot edit a maintenance for that asset'));
         }
 
         // Save the asset maintenance data
-        $assetMaintenance->asset_id               = $request->input('asset_id');
+        $assetMaintenance->asset_id = $request->input('asset_id');
         $assetMaintenance->asset_maintenance_type = $request->input('asset_maintenance_type');
-        $assetMaintenance->title                  = $request->input('title');
-        $assetMaintenance->start_date             = $request->input('start_date');
-        $assetMaintenance->completion_date        = $request->input('completion_date');
+        $assetMaintenance->title = $request->input('title');
+        $assetMaintenance->start_date = $request->input('start_date');
+        $assetMaintenance->completion_date = $request->input('completion_date');
 
-        if (( $assetMaintenance->completion_date == null )
+        if (($assetMaintenance->completion_date == null)
         ) {
-            if (( $assetMaintenance->asset_maintenance_time !== 0 )
-                || ( !is_null($assetMaintenance->asset_maintenance_time) )
+            if (($assetMaintenance->asset_maintenance_time !== 0)
+                || (! is_null($assetMaintenance->asset_maintenance_time))
             ) {
                 $assetMaintenance->asset_maintenance_time = null;
             }
         }
 
-        if (( $assetMaintenance->completion_date !== null )
-            && ( $assetMaintenance->start_date !== "" )
-            && ( $assetMaintenance->start_date !== "0000-00-00" )
+        if (($assetMaintenance->completion_date !== null)
+            && ($assetMaintenance->start_date !== '')
+            && ($assetMaintenance->start_date !== '0000-00-00')
         ) {
-            $startDate                                = Carbon::parse($assetMaintenance->start_date);
-            $completionDate                           = Carbon::parse($assetMaintenance->completion_date);
+            $startDate = Carbon::parse($assetMaintenance->start_date);
+            $completionDate = Carbon::parse($assetMaintenance->completion_date);
             $assetMaintenance->asset_maintenance_time = $completionDate->diffInDays($startDate);
         }
 
         // Was the asset maintenance created?
         if ($assetMaintenance->save()) {
-
             return response()->json(Helper::formatStandardApiResponse('success', $assetMaintenance, trans('admin/asset_maintenances/message.edit.success')));
 
         }
+
         return response()->json(Helper::formatStandardApiResponse('error', null, $assetMaintenance->getErrors()));
     }
 
@@ -212,14 +214,15 @@ class AssetMaintenancesController extends Controller
      * @param int $assetMaintenanceId
      * @version v1.0
      * @since [v4.0]
-     * @return String JSON
+     * @return string JSON
      */
     public function destroy($assetMaintenanceId)
     {
+        $this->authorize('update', Asset::class);
         // Check if the asset maintenance exists
         $assetMaintenance = AssetMaintenance::findOrFail($assetMaintenanceId);
 
-        if (!Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
+        if (! Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
             return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot delete a maintenance for that asset'));
         }
 
@@ -237,14 +240,16 @@ class AssetMaintenancesController extends Controller
      * @param int $assetMaintenanceId
      * @version v1.0
      * @since [v4.0]
-     * @return String JSON
+     * @return string JSON
      */
     public function show($assetMaintenanceId)
     {
+        $this->authorize('view', Asset::class);
         $assetMaintenance = AssetMaintenance::findOrFail($assetMaintenanceId);
-        if (!Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
+        if (! Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
             return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot view a maintenance for that asset'));
         }
+
         return (new AssetMaintenancesTransformer())->transformAssetMaintenance($assetMaintenance);
 
     }

app/Http/Controllers/Api/AssetModelsController.php

@@ -1,4 +1,5 @@
 <?php
+
 namespace App\Http\Controllers\Api;
 
 use App\Helpers\Helper;
@@ -43,7 +44,7 @@ class AssetModelsController extends Controller
                 'manufacturer',
                 'requestable',
                 'assets_count',
-                'category'
+                'category',
             ];
 
         $assetmodels = AssetModel::select([
@@ -62,11 +63,9 @@ class AssetModelsController extends Controller
             'models.deleted_at',
             'models.updated_at',
          ])
-            ->with('category','depreciation', 'manufacturer','fieldset')
+            ->with('category', 'depreciation', 'manufacturer', 'fieldset')
             ->withCount('assets as assets_count');
 
-
-
         if ($request->input('status')=='deleted') {
             $assetmodels->onlyTrashed();
         }
@@ -99,6 +98,7 @@ class AssetModelsController extends Controller
 
         $total = $assetmodels->count();
         $assetmodels = $assetmodels->skip($offset)->take($limit)->get();
+
         return (new AssetModelsTransformer)->transformAssetModels($assetmodels, $total);
     }
 
@@ -123,6 +123,7 @@ class AssetModelsController extends Controller
         }
         return response()->json(Helper::formatStandardApiResponse('error', null, $assetmodel->getErrors()));
 
+
     }
 
     /**
@@ -137,6 +138,7 @@ class AssetModelsController extends Controller
     {
         $this->authorize('view', AssetModel::class);
         $assetmodel = AssetModel::withCount('assets as assets_count')->findOrFail($id);
+
         return (new AssetModelsTransformer)->transformAssetModel($assetmodel);
     }
 
@@ -151,7 +153,8 @@ class AssetModelsController extends Controller
     public function assets($id)
     {
         $this->authorize('view', AssetModel::class);
-        $assets = Asset::where('model_id','=',$id)->get();
+        $assets = Asset::where('model_id', '=', $id)->get();
+
         return (new AssetsTransformer)->transformAssets($assets, $assets->count());
     }
 
@@ -181,7 +184,7 @@ class AssetModelsController extends Controller
          * it, but I'll be damned if I can think of one. - snipe
          */
         if ($request->filled('custom_fieldset_id')) {
-            $assetmodel->fieldset_id = $request->get("custom_fieldset_id");
+            $assetmodel->fieldset_id = $request->get('custom_fieldset_id');
         }
 
 
@@ -207,11 +210,11 @@ class AssetModelsController extends Controller
         $this->authorize('delete', $assetmodel);
 
         if ($assetmodel->assets()->count() > 0) {
-            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/models/message.assoc_users')));
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/models/message.assoc_users')));
         }
 
         if ($assetmodel->image) {
-            try  {
+            try {
                 Storage::disk('public')->delete('assetmodels/'.$assetmodel->image);
             } catch (\Exception $e) {
                 \Log::info($e);
@@ -219,8 +222,8 @@ class AssetModelsController extends Controller
         }
 
         $assetmodel->delete();
-        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/models/message.delete.success')));
 
+        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/models/message.delete.success')));
     }
 
     /**
@@ -229,11 +232,11 @@ class AssetModelsController extends Controller
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0.16]
      * @see \App\Http\Transformers\SelectlistTransformer
-     *
      */
     public function selectlist(Request $request)
     {
 
+        $this->authorize('view.selectlists');
         $assetmodels = AssetModel::select([
             'models.id',
             'models.name',
@@ -241,7 +244,7 @@ class AssetModelsController extends Controller
             'models.model_number',
             'models.manufacturer_id',
             'models.category_id',
-        ])->with('manufacturer','category');
+        ])->with('manufacturer', 'category');
 
         $settings = \App\Models\Setting::getSettings();
 
@@ -252,7 +255,6 @@ class AssetModelsController extends Controller
         $assetmodels = $assetmodels->OrderCategory('ASC')->OrderManufacturer('ASC')->orderby('models.name', 'asc')->orderby('models.model_number', 'asc')->paginate(50);
 
         foreach ($assetmodels as $assetmodel) {
-
             $assetmodel->use_text = '';
 
             if ($settings->modellistCheckedValue('category')) {
@@ -263,10 +265,10 @@ class AssetModelsController extends Controller
                 $assetmodel->use_text .= (($assetmodel->manufacturer) ? $assetmodel->manufacturer->name.' ' : '');
             }
 
-            $assetmodel->use_text .=  $assetmodel->name;
+            $assetmodel->use_text .= $assetmodel->name;
 
-            if (($settings->modellistCheckedValue('model_number')) && ($assetmodel->model_number!='')) {
-                $assetmodel->use_text .=  ' (#'.$assetmodel->model_number.')';
+            if (($settings->modellistCheckedValue('model_number')) && ($assetmodel->model_number != '')) {
+                $assetmodel->use_text .= ' (#'.$assetmodel->model_number.')';
             }
 
             $assetmodel->use_image = ($settings->modellistCheckedValue('image') && ($assetmodel->image)) ? Storage::disk('public')->url('models/'.e($assetmodel->image)) : null;
@@ -274,5 +276,4 @@ class AssetModelsController extends Controller
 
         return (new SelectlistTransformer)->transformSelectlist($assetmodels);
     }
-
 }

app/Http/Controllers/Api/AssetsController.php

@@ -1,4 +1,5 @@
 <?php
+
 namespace App\Http\Controllers\Api;
 
 use App\Events\CheckoutableCheckedIn;
@@ -32,7 +33,6 @@ use TCPDF;
 use Validator;
 use Route;
 
-
 /**
  * This class controls all actions related to assets for
  * the Snipe-IT Asset Management application.
@@ -42,7 +42,6 @@ use Route;
  */
 class AssetsController extends Controller
 {
-
     /**
      * Returns JSON listing of all assets
      *
@@ -53,9 +52,8 @@ class AssetsController extends Controller
      */
     public function index(Request $request, $audit = null) 
     {
-
         \Log::debug(Route::currentRouteName());
-        
+        $filter_non_deprecable_assets = false;
 
         /**
          * This looks MAD janky (and it is), but the AssetsController@index does a LOT of heavy lifting throughout the 
@@ -69,6 +67,7 @@ class AssetsController extends Controller
          * which would have been far worse of a mess. *sad face*  - snipe (Sept 1, 2021)
          */
         if (Route::currentRouteName()=='api.depreciation-report.index') {
+            $filter_non_deprecable_assets = true;
             $transformer = 'App\Http\Transformers\DepreciationReportTransformer';
             $this->authorize('reports.view');
         } else {
@@ -103,7 +102,7 @@ class AssetsController extends Controller
             'requests_counter',
         ];
 
-        $filter = array();
+        $filter = [];
 
         if ($request->filled('filter')) {
             $filter = json_decode($request->input('filter'), true);
@@ -111,22 +110,38 @@ class AssetsController extends Controller
 
         $all_custom_fields = CustomField::all(); //used as a 'cache' of custom fields throughout this page load
         foreach ($all_custom_fields as $field) {
-            $allowed_columns[]=$field->db_column_name();
+            $allowed_columns[] = $field->db_column_name();
         }
 
-        $assets = Company::scopeCompanyables(Asset::select('assets.*'),"company_id","assets")
-            ->with('location', 'assetstatus', 'assetlog', 'company', 'defaultLoc','assignedTo',
-                'model.category', 'model.manufacturer', 'model.fieldset','supplier');
+        $assets = Company::scopeCompanyables(Asset::select('assets.*'), 'company_id', 'assets')
+            ->with('location', 'assetstatus', 'company', 'defaultLoc','assignedTo',
+                'model.category', 'model.manufacturer', 'model.fieldset','supplier'); //it might be tempting to add 'assetlog' here, but don't. It blows up update-heavy users.
+
+
+        if ($filter_non_deprecable_assets) {
+            $non_deprecable_models = AssetModel::select('id')->whereNotNull('depreciation_id')->get();
+
+            $assets->InModelList($non_deprecable_models->toArray());
+        }
 
-        
         // These are used by the API to query against specific ID numbers.
         // They are also used by the individual searches on detail pages like
         // locations, etc.
+
+
+        // Search custom fields by column name
+        foreach ($all_custom_fields as $field) {
+            if ($request->filled($field->db_column_name())) {
+                $assets->where($field->db_column_name(), '=', $request->input($field->db_column_name()));
+            }
+        }
+
+
         if ($request->filled('status_id')) {
             $assets->where('assets.status_id', '=', $request->input('status_id'));
         }
 
-        if ($request->input('requestable')=='true') {
+        if ($request->input('requestable') == 'true') {
             $assets->where('assets.requestable', '=', '1');
         }
 
@@ -181,7 +196,6 @@ class AssetsController extends Controller
 
         // This is used by the audit reporting routes
         if (Gate::allows('audit', Asset::class)) {
-
             switch ($audit) {
                 case 'due':
                     $assets->DueOrOverdueForAudit($settings);
@@ -204,19 +218,19 @@ class AssetsController extends Controller
                 $assets->onlyTrashed();
                 break;
             case 'Pending':
-                $assets->join('status_labels AS status_alias',function ($join) {
-                    $join->on('status_alias.id', "=", "assets.status_id")
-                        ->where('status_alias.deployable','=',0)
-                        ->where('status_alias.pending','=',1)
+                $assets->join('status_labels AS status_alias', function ($join) {
+                    $join->on('status_alias.id', '=', 'assets.status_id')
+                        ->where('status_alias.deployable', '=', 0)
+                        ->where('status_alias.pending', '=', 1)
                         ->where('status_alias.archived', '=', 0);
                 });
                 break;
             case 'RTD':
                 $assets->whereNull('assets.assigned_to')
-                    ->join('status_labels AS status_alias',function ($join) {
-                        $join->on('status_alias.id', "=", "assets.status_id")
-                            ->where('status_alias.deployable','=',1)
-                            ->where('status_alias.pending','=',0)
+                    ->join('status_labels AS status_alias', function ($join) {
+                        $join->on('status_alias.id', '=', 'assets.status_id')
+                            ->where('status_alias.deployable', '=', 1)
+                            ->where('status_alias.pending', '=', 0)
                             ->where('status_alias.archived', '=', 0);
                     });
                 break;
@@ -224,19 +238,19 @@ class AssetsController extends Controller
                 $assets->Undeployable();
                 break;
             case 'Archived':
-                $assets->join('status_labels AS status_alias',function ($join) {
-                    $join->on('status_alias.id', "=", "assets.status_id")
-                        ->where('status_alias.deployable','=',0)
-                        ->where('status_alias.pending','=',0)
+                $assets->join('status_labels AS status_alias', function ($join) {
+                    $join->on('status_alias.id', '=', 'assets.status_id')
+                        ->where('status_alias.deployable', '=', 0)
+                        ->where('status_alias.pending', '=', 0)
                         ->where('status_alias.archived', '=', 1);
                 });
                 break;
             case 'Requestable':
                 $assets->where('assets.requestable', '=', 1)
-                    ->join('status_labels AS status_alias',function ($join) {
-                        $join->on('status_alias.id', "=", "assets.status_id")
-                            ->where('status_alias.deployable','=',1)
-                            ->where('status_alias.pending','=',0)
+                    ->join('status_labels AS status_alias', function ($join) {
+                        $join->on('status_alias.id', '=', 'assets.status_id')
+                            ->where('status_alias.deployable', '=', 1)
+                            ->where('status_alias.pending', '=', 0)
                             ->where('status_alias.archived', '=', 0);
                     });
 
@@ -247,34 +261,34 @@ class AssetsController extends Controller
                 break;
             default:
 
-                if ((!$request->filled('status_id')) && ($settings->show_archived_in_list!='1')) {
+                if ((! $request->filled('status_id')) && ($settings->show_archived_in_list != '1')) {
                     // terrible workaround for complex-query Laravel bug in fulltext
-                    $assets->join('status_labels AS status_alias',function ($join) {
-                        $join->on('status_alias.id', "=", "assets.status_id")
+                    $assets->join('status_labels AS status_alias', function ($join) {
+                        $join->on('status_alias.id', '=', 'assets.status_id')
                             ->where('status_alias.archived', '=', 0);
                     });
 
                     // If there is a status ID, don't take show_archived_in_list into consideration
                 } else {
-                    $assets->join('status_labels AS status_alias',function ($join) {
-                        $join->on('status_alias.id', "=", "assets.status_id");
+                    $assets->join('status_labels AS status_alias', function ($join) {
+                        $join->on('status_alias.id', '=', 'assets.status_id');
                     });
                 }
 
         }
 
 
-        if ((!is_null($filter)) && (count($filter)) > 0) {
+        if ((! is_null($filter)) && (count($filter)) > 0) {
             $assets->ByFilter($filter);
         } elseif ($request->filled('search')) {
             $assets->TextSearch($request->input('search'));
         }
 
-        
+
         // This is kinda gross, but we need to do this because the Bootstrap Tables
         // API passes custom field ordering as custom_fields.fieldname, and we have to strip
         // that out to let the default sorter below order them correctly on the assets table.
-        $sort_override = str_replace('custom_fields.','', $request->input('sort')) ;
+        $sort_override = str_replace('custom_fields.', '', $request->input('sort'));
 
         // This handles all of the pivot sorting (versus the assets.* fields
         // in the allowed_columns array)
@@ -320,7 +334,7 @@ class AssetsController extends Controller
         $total = $assets->count();
         $assets = $assets->skip($offset)->take($limit)->get();
         
-    
+
         /**
          * Include additional associated relationships
          */  
@@ -330,8 +344,6 @@ class AssetsController extends Controller
             }]);
         }
 
-        
-
 
         /**
          * Here we're just determining which Transformer (via $transformer) to use based on the 
@@ -351,8 +363,9 @@ class AssetsController extends Controller
      */
     public function showByTag(Request $request, $tag)
     {
-        if ($asset = Asset::with('assetstatus')->with('assignedTo')->where('asset_tag',$tag)->first()) {
+        if ($asset = Asset::with('assetstatus')->with('assignedTo')->where('asset_tag', $tag)->first()) {
             $this->authorize('view', $asset);
+
             return (new AssetsTransformer)->transformAsset($asset, $request);
         }
         return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 200);
@@ -370,12 +383,17 @@ class AssetsController extends Controller
     public function showBySerial(Request $request, $serial)
     {
         $this->authorize('index', Asset::class);
+        if ($assets = Asset::with('assetstatus')->with('assignedTo')
+            ->withTrashed()->where('serial', $serial)->get()) {
+                return (new AssetsTransformer)->transformAssets($assets, $assets->count());
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 200);
 
         $assets = Asset::with('assetstatus')->with('assignedTo');
 
         if ($request->input('deleted', 'false') === 'true') {
             $assets = $assets->withTrashed();
-        }
+    }
 
         $assets = $assets->where('serial', $serial)->get();
         if ($assets) {
@@ -398,17 +416,20 @@ class AssetsController extends Controller
         if ($asset = Asset::with('assetstatus')->with('assignedTo')->withTrashed()
             ->withCount('checkins as checkins_count', 'checkouts as checkouts_count', 'userRequests as user_requests_count')->findOrFail($id)) {
             $this->authorize('view', $asset);
+
             return (new AssetsTransformer)->transformAsset($asset, $request->input('components') );
         }
 
 
     }
+
     public function licenses(Request $request, $id)
     {
         $this->authorize('view', Asset::class);
         $this->authorize('view', License::class);
         $asset = Asset::where('id', $id)->withTrashed()->first();
         $licenses = $asset->licenses()->get();
+
         return (new LicensesTransformer())->transformLicenses($licenses, $licenses->count());
      }
 
@@ -431,7 +452,7 @@ class AssetsController extends Controller
             'assets.model_id',
             'assets.assigned_to',
             'assets.assigned_type',
-            'assets.status_id'
+            'assets.status_id',
             ])->with('model', 'assetstatus', 'assignedTo')->NotArchived(), 'company_id', 'assets');
 
         if ($request->filled('assetStatusType') && $request->input('assetStatusType') === 'RTD') {
@@ -458,15 +479,14 @@ class AssetsController extends Controller
             }
 
 
-            if ($asset->assetstatus->getStatuslabelType()=='pending') {
-                $asset->use_text .=  '('.$asset->assetstatus->getStatuslabelType().')';
+            if ($asset->assetstatus->getStatuslabelType() == 'pending') {
+                $asset->use_text .= '('.$asset->assetstatus->getStatuslabelType().')';
             }
 
             $asset->use_image = ($asset->getImageUrl()) ? $asset->getImageUrl() : null;
         }
 
         return (new SelectlistTransformer)->transformSelectlist($assets);
-
     }
 
 
@@ -480,7 +500,6 @@ class AssetsController extends Controller
      */
     public function store(ImageUploadRequest $request)
     {
-
         $this->authorize('create', Asset::class);
 
         $asset = new Asset();
@@ -535,13 +554,12 @@ class AssetsController extends Controller
 
                 // if the field is set to encrypted, make sure we encrypt the value
                 if ($field->field_encrypted == '1') {
-
                     \Log::debug('This model field is encrypted in this fieldset.');
 
                     if (Gate::allows('admin')) {
 
                         // If input value is null, use custom field's default value
-                        if (($field_val == null) && ($request->has('model_id')!='')){
+                        if (($field_val == null) && ($request->has('model_id') != '')) {
                             $field_val = \Crypt::encrypt($field->defaultValue($request->get('model_id')));
                         } else {
                             $field_val = \Crypt::encrypt($request->input($field->convertUnicodeDbSlug()));
@@ -551,12 +569,10 @@ class AssetsController extends Controller
 
 
                 $asset->{$field->convertUnicodeDbSlug()} = $field_val;
-
             }
         }
 
         if ($asset->save()) {
-
             if ($request->get('assigned_user')) {
                 $target = User::find(request('assigned_user'));
             } elseif ($request->get('assigned_asset')) {
@@ -618,7 +634,7 @@ class AssetsController extends Controller
             if (($model = AssetModel::find($asset->model_id)) && (isset($model->fieldset))) {
                 foreach ($model->fieldset->fields as $field) {
                     if ($request->has($field->convertUnicodeDbSlug())) {
-                        if ($field->field_encrypted=='1') {
+                        if ($field->field_encrypted == '1') {
                             if (Gate::allows('admin')) {
                                 $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt($request->input($field->convertUnicodeDbSlug()));
                             }
@@ -631,15 +647,13 @@ class AssetsController extends Controller
 
 
             if ($asset->save()) {
-
                 if (($request->filled('assigned_user')) && ($target = User::find($request->get('assigned_user')))) {
                         $location = $target->location_id;
                 } elseif (($request->filled('assigned_asset')) && ($target = Asset::find($request->get('assigned_asset')))) {
                     $location = $target->location_id;
 
-                    Asset::where('assigned_type', '\\App\\Models\\Asset')->where('assigned_to', $id)
+                    Asset::where('assigned_type', \App\Models\Asset::class)->where('assigned_to', $id)
                         ->update(['location_id' => $target->location_id]);
-
                 } elseif (($request->filled('assigned_location')) && ($target = Location::find($request->get('assigned_location')))) {
                     $location = $target->id;
                 }
@@ -654,8 +668,10 @@ class AssetsController extends Controller
 
                 return response()->json(Helper::formatStandardApiResponse('success', $asset, trans('admin/hardware/message.update.success')));
             }
+
             return response()->json(Helper::formatStandardApiResponse('error', null, $asset->getErrors()), 200);
         }
+
         return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 200);
     }
 
@@ -673,12 +689,11 @@ class AssetsController extends Controller
         $this->authorize('delete', Asset::class);
 
         if ($asset = Asset::find($id)) {
-
             $this->authorize('delete', $asset);
 
             DB::table('assets')
                 ->where('id', $asset->id)
-                ->update(array('assigned_to' => null));
+                ->update(['assigned_to' => null]);
 
             $asset->delete();
 
@@ -715,7 +730,6 @@ class AssetsController extends Controller
             $logaction->logaction('restored');
 
             return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/hardware/message.restore.success')));
-        
 
         }
         return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 200);
@@ -736,7 +750,7 @@ class AssetsController extends Controller
         $this->authorize('checkout', Asset::class);
         $asset = Asset::findOrFail($asset_id);
 
-        if (!$asset->availableForCheckout()) {
+        if (! $asset->availableForCheckout()) {
             return response()->json(Helper::formatStandardApiResponse('error', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkout.not_available')));
         }
 
@@ -750,21 +764,21 @@ class AssetsController extends Controller
 
 
         // This item is checked out to a location
-        if (request('checkout_to_type')=='location') {
+        if (request('checkout_to_type') == 'location') {
             $target = Location::find(request('assigned_location'));
             $asset->location_id = ($target) ? $target->id : '';
             $error_payload['target_id'] = $request->input('assigned_location');
             $error_payload['target_type'] = 'location';
 
-        } elseif (request('checkout_to_type')=='asset') {
-            $target = Asset::where('id','!=',$asset_id)->find(request('assigned_asset'));
+        } elseif (request('checkout_to_type') == 'asset') {
+            $target = Asset::where('id', '!=', $asset_id)->find(request('assigned_asset'));
             $asset->location_id = $target->rtd_location_id;
             // Override with the asset's location_id if it has one
             $asset->location_id = (($target) && (isset($target->location_id))) ? $target->location_id : '';
             $error_payload['target_id'] = $request->input('assigned_asset');
             $error_payload['target_type'] = 'asset';
 
-        } elseif (request('checkout_to_type')=='user') {
+        } elseif (request('checkout_to_type') == 'user') {
             // Fetch the target and set the asset's new location_id
             $target = User::find(request('assigned_user'));
             $asset->location_id = (($target) && (isset($target->location_id))) ? $target->location_id : '';
@@ -774,13 +788,13 @@ class AssetsController extends Controller
 
 
 
-        if (!isset($target)) {
+        if (! isset($target)) {
             return response()->json(Helper::formatStandardApiResponse('error', $error_payload, 'Checkout target for asset '.e($asset->asset_tag).' is invalid - '.$error_payload['target_type'].' does not exist.'));
         }
 
 
 
-        $checkout_at = request('checkout_at', date("Y-m-d H:i:s"));
+        $checkout_at = request('checkout_at', date('Y-m-d H:i:s'));
         $expected_checkin = request('expected_checkin', null);
         $note = request('note', null);
         $asset_name = request('name', null);
@@ -819,8 +833,8 @@ class AssetsController extends Controller
         $this->authorize('checkin', $asset);
 
 
-        $user = $asset->assignedUser;
-        if (is_null($target = $asset->assignedTo)) {
+        $target = $asset->assignedTo;
+        if (is_null($target)) {
             return response()->json(Helper::formatStandardApiResponse('error', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkin.already_checked_in')));
         }
 
@@ -833,24 +847,50 @@ class AssetsController extends Controller
         if ($request->filled('name')) {
             $asset->name = $request->input('name');
         }
-        
-        $asset->location_id =  $asset->rtd_location_id;
+
+        $asset->location_id = $asset->rtd_location_id;
 
         if ($request->filled('location_id')) {
-            $asset->location_id =  $request->input('location_id');
+            $asset->location_id = $request->input('location_id');
         }
 
         if ($request->has('status_id')) {
-            $asset->status_id =  $request->input('status_id');
+            $asset->status_id = $request->input('status_id');
+        }
+
+        $checkin_at = null;
+        if ($request->filled('checkin_at')) {
+            $checkin_at = $request->input('checkin_at');
         }
 
         if ($asset->save()) {
-            event(new CheckoutableCheckedIn($asset, $target, Auth::user(), $request->input('note')));
+            event(new CheckoutableCheckedIn($asset, $target, Auth::user(), $request->input('note'), $checkin_at));
 
             return response()->json(Helper::formatStandardApiResponse('success', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkin.success')));
         }
 
-        return response()->json(Helper::formatStandardApiResponse('success', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkin.error')));
+        return response()->json(Helper::formatStandardApiResponse('error', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkin.error')));
+    }
+
+    /**
+     * Checkin an asset by asset tag
+     *
+     * @author [A. Janes] [<ajanes@adagiohealth.org>]
+     * @since [v6.0]
+     * @return JsonResponse
+     */
+    public function checkinByTag(Request $request)
+    {
+        $this->authorize('checkin', Asset::class);
+        $asset = Asset::where('asset_tag', $request->input('asset_tag'))->first();
+
+        if($asset) {
+            return $this->checkin($request, $asset->id);
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', [
+            'asset'=> e($request->input('asset_tag'))
+        ], 'Asset with tag '.e($request->input('asset_tag')).' not found'));
     }
 
 
@@ -862,15 +902,15 @@ class AssetsController extends Controller
      * @since [v4.0]
      * @return JsonResponse
      */
-    public function audit(Request $request) {
-
+    public function audit(Request $request)
 
+    {
         $this->authorize('audit', Asset::class);
-        $rules = array(
+        $rules = [
             'asset_tag' => 'required',
             'location_id' => 'exists:locations,id|nullable|numeric',
-            'next_audit_date' => 'date|nullable'
-        );
+            'next_audit_date' => 'date|nullable',
+        ];
 
         $validator = Validator::make($request->all(), $rules);
         if ($validator->fails()) {
@@ -880,7 +920,7 @@ class AssetsController extends Controller
         $settings = Setting::getSettings();
         $dt = Carbon::now()->addMonths($settings->audit_interval)->toDateString();
 
-        $asset = Asset::where('asset_tag','=', $request->input('asset_tag'))->first();
+        $asset = Asset::where('asset_tag', '=', $request->input('asset_tag'))->first();
 
 
         if ($asset) {
@@ -894,28 +934,24 @@ class AssetsController extends Controller
 
             // Check to see if they checked the box to update the physical location,
             // not just note it in the audit notes
-            if ($request->input('update_location')=='1') {
+            if ($request->input('update_location') == '1') {
                 $asset->location_id = $request->input('location_id');
             }
 
             $asset->last_audit_date = date('Y-m-d H:i:s');
 
             if ($asset->save()) {
-                $log = $asset->logAudit(request('note'),request('location_id'));
+                $log = $asset->logAudit(request('note'), request('location_id'));
+
                 return response()->json(Helper::formatStandardApiResponse('success', [
                     'asset_tag'=> e($asset->asset_tag),
                     'note'=> e($request->input('note')),
-                    'next_audit_date' => Helper::getFormattedDateObject($asset->next_audit_date)
+                    'next_audit_date' => Helper::getFormattedDateObject($asset->next_audit_date),
                 ], trans('admin/hardware/message.audit.success')));
             }
         }
 
         return response()->json(Helper::formatStandardApiResponse('error', ['asset_tag'=> e($request->input('asset_tag'))], 'Asset with tag '.e($request->input('asset_tag')).' not found'));
-
-
-
-
-
     }
 
 
@@ -931,14 +967,16 @@ class AssetsController extends Controller
     {
         $this->authorize('viewRequestable', Asset::class);
 
-        $assets = Company::scopeCompanyables(Asset::select('assets.*'),"company_id","assets")
+        $assets = Company::scopeCompanyables(Asset::select('assets.*'), 'company_id', 'assets')
             ->with('location', 'assetstatus', 'assetlog', 'company', 'defaultLoc','assignedTo',
-                'model.category', 'model.manufacturer', 'model.fieldset','supplier')->where('assets.requestable', '=', '1');
+                'model.category', 'model.manufacturer', 'model.fieldset', 'supplier')->requestableAssets();
 
         $offset = request('offset', 0);
         $limit = $request->input('limit', 50);
         $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
-        $assets->TextSearch($request->input('search'));
+        if ($request->filled('search')) {
+            $assets->TextSearch($request->input('search'));
+        }
 
         switch ($request->input('sort')) {
             case 'model':
@@ -958,9 +996,9 @@ class AssetsController extends Controller
                 break;
         }
 
-
         $total = $assets->count();
         $assets = $assets->skip($offset)->take($limit)->get();
+
         return (new AssetsTransformer)->transformRequestedAssets($assets, $total);
     }
 }

app/Http/Controllers/Api/CategoriesController.php

@@ -23,10 +23,10 @@ class CategoriesController extends Controller
     public function index(Request $request)
     {
         $this->authorize('view', Category::class);
-        $allowed_columns = ['id', 'name','category_type', 'category_type','use_default_eula','eula_text', 'require_acceptance','checkin_email', 'assets_count', 'accessories_count', 'consumables_count', 'components_count','licenses_count', 'image'];
+        $allowed_columns = ['id', 'name', 'category_type', 'category_type', 'use_default_eula', 'eula_text', 'require_acceptance', 'checkin_email', 'assets_count', 'accessories_count', 'consumables_count', 'components_count', 'licenses_count', 'image'];
 
-        $categories = Category::select(['id', 'created_at', 'updated_at', 'name','category_type','use_default_eula','eula_text', 'require_acceptance','checkin_email','image'])
-            ->withCount('assets as assets_count', 'accessories as accessories_count', 'consumables as consumables_count', 'components as components_count','licenses as licenses_count');
+        $categories = Category::select(['id', 'created_at', 'updated_at', 'name', 'category_type', 'use_default_eula', 'eula_text', 'require_acceptance', 'checkin_email', 'image'])
+            ->withCount('assets as assets_count', 'accessories as accessories_count', 'consumables as consumables_count', 'components as components_count', 'licenses as licenses_count');
 
         if ($request->filled('search')) {
             $categories = $categories->TextSearch($request->input('search'));
@@ -45,6 +45,7 @@ class CategoriesController extends Controller
 
         $total = $categories->count();
         $categories = $categories->skip($offset)->take($limit)->get();
+
         return (new CategoriesTransformer)->transformCategories($categories, $total);
 
     }
@@ -127,14 +128,14 @@ class CategoriesController extends Controller
         $this->authorize('delete', Category::class);
         $category = Category::findOrFail($id);
 
-        if (!$category->isDeletable()) {
+        if (! $category->isDeletable()) {
             return response()->json(
-                Helper::formatStandardApiResponse('error', null,  trans('admin/categories/message.assoc_items', ['asset_type'=>$category->category_type]))
+                Helper::formatStandardApiResponse('error', null, trans('admin/categories/message.assoc_items', ['asset_type'=>$category->category_type]))
             );
         }
         $category->delete();
-        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/categories/message.delete.success')));
 
+        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/categories/message.delete.success')));
     }
 
 
@@ -144,11 +145,10 @@ class CategoriesController extends Controller
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0.16]
      * @see \App\Http\Transformers\SelectlistTransformer
-     *
      */
     public function selectlist(Request $request, $category_type = 'asset')
     {
-
+        $this->authorize('view.selectlists');
         $categories = Category::select([
             'id',
             'name',
@@ -169,7 +169,5 @@ class CategoriesController extends Controller
         }
 
         return (new SelectlistTransformer)->transformSelectlist($categories);
-
     }
-
 }

app/Http/Controllers/Api/CompaniesController.php

@@ -37,7 +37,7 @@ class CompaniesController extends Controller
             'components_count',
         ];
 
-        $companies = Company::withCount('assets as assets_count','licenses as licenses_count','accessories as accessories_count','consumables as consumables_count','components as components_count','users as users_count');
+        $companies = Company::withCount('assets as assets_count', 'licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count', 'components as components_count', 'users as users_count');
 
         if ($request->filled('search')) {
             $companies->TextSearch($request->input('search'));
@@ -79,9 +79,9 @@ class CompaniesController extends Controller
         if ($company->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', (new CompaniesTransformer)->transformCompany($company), trans('admin/companies/message.create.success')));
         }
+
         return response()
             ->json(Helper::formatStandardApiResponse('error', null, $company->getErrors()));
-
     }
 
     /**
@@ -140,13 +140,14 @@ class CompaniesController extends Controller
         $company = Company::findOrFail($id);
         $this->authorize('delete', $company);
 
-        if ( !$company->isDeletable() ) {
+        if (! $company->isDeletable()) {
             return response()
-                    ->json(Helper::formatStandardApiResponse('error', null,  trans('admin/companies/message.assoc_users')));
+                    ->json(Helper::formatStandardApiResponse('error', null, trans('admin/companies/message.assoc_users')));
         }
         $company->delete();
+
         return response()
-            ->json(Helper::formatStandardApiResponse('success', null,  trans('admin/companies/message.delete.success')));
+            ->json(Helper::formatStandardApiResponse('success', null, trans('admin/companies/message.delete.success')));
     }
 
     /**
@@ -155,11 +156,10 @@ class CompaniesController extends Controller
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0.16]
      * @see \App\Http\Transformers\SelectlistTransformer
-     *
      */
     public function selectlist(Request $request)
     {
-
+        $this->authorize('view.selectlists');
         $companies = Company::select([
             'companies.id',
             'companies.name',

app/Http/Controllers/Api/ComponentsController.php

@@ -40,6 +40,7 @@ class ComponentsController extends Controller
                 'purchase_cost',
                 'qty',
                 'image',
+                'notes',
             ];
 
 
@@ -51,15 +52,19 @@ class ComponentsController extends Controller
         }
 
         if ($request->filled('company_id')) {
-            $components->where('company_id','=',$request->input('company_id'));
+            $components->where('company_id', '=', $request->input('company_id'));
         }
 
         if ($request->filled('category_id')) {
-            $components->where('category_id','=',$request->input('category_id'));
+            $components->where('category_id', '=', $request->input('category_id'));
         }
 
         if ($request->filled('location_id')) {
-            $components->where('location_id','=',$request->input('location_id'));
+            $components->where('location_id', '=', $request->input('location_id'));
+        }
+
+        if ($request->filled('notes')) {
+            $components->where('notes','=',$request->input('notes'));
         }
 
         // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
@@ -91,6 +96,7 @@ class ComponentsController extends Controller
 
         $total = $components->count();
         $components = $components->skip($offset)->take($limit)->get();
+
         return (new ComponentsTransformer)->transformComponents($components, $total);
     }
 
@@ -113,6 +119,7 @@ class ComponentsController extends Controller
         if ($component->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', $component, trans('admin/components/message.create.success')));
         }
+
         return response()->json(Helper::formatStandardApiResponse('error', null, $component->getErrors()));
     }
 
@@ -133,7 +140,6 @@ class ComponentsController extends Controller
         }
     }
 
-
     /**
      * Update the specified resource in storage.
      *
@@ -172,6 +178,7 @@ class ComponentsController extends Controller
         $component = Component::findOrFail($id);
         $this->authorize('delete', $component);
         $component->delete();
+
         return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/components/message.delete.success')));
     }
 
@@ -195,6 +202,7 @@ class ComponentsController extends Controller
         $limit = $request->input('limit', 50);
         $total = $assets->count();
         $assets = $assets->skip($offset)->take($limit)->get();
+
         return (new ComponentsTransformer)->transformCheckedoutComponents($assets, $total);
     }
 

app/Http/Controllers/Api/ConsumablesController.php

@@ -42,6 +42,7 @@ class ConsumablesController extends Controller
                 'item_no', 
                 'qty',
                 'image',
+                'notes',
                 ];
 
 
@@ -55,11 +56,11 @@ class ConsumablesController extends Controller
         }
 
         if ($request->filled('company_id')) {
-            $consumables->where('company_id','=',$request->input('company_id'));
+            $consumables->where('company_id', '=', $request->input('company_id'));
         }
 
         if ($request->filled('category_id')) {
-            $consumables->where('category_id','=',$request->input('category_id'));
+            $consumables->where('category_id', '=', $request->input('category_id'));
         }
 
         if ($request->filled('model_number')) {
@@ -67,13 +68,17 @@ class ConsumablesController extends Controller
         }
 
         if ($request->filled('manufacturer_id')) {
-            $consumables->where('manufacturer_id','=',$request->input('manufacturer_id'));
+            $consumables->where('manufacturer_id', '=', $request->input('manufacturer_id'));
         }
 
         if ($request->filled('location_id')) {
             $consumables->where('location_id','=',$request->input('location_id'));
         }
 
+        if ($request->filled('notes')) {
+            $consumables->where('notes','=',$request->input('notes'));
+        }
+
 
         // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
         // case we override with the actual count, so we should return 0 items.
@@ -82,7 +87,7 @@ class ConsumablesController extends Controller
         // Check to make sure the limit is not higher than the max allowed
         ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');
 
-        
+        $allowed_columns = ['id', 'name', 'order_number', 'min_amt', 'purchase_date', 'purchase_cost', 'company', 'category', 'model_number', 'item_no', 'manufacturer', 'location', 'qty', 'image'];
         $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
 
         $sort_override =  $request->input('sort');
@@ -107,15 +112,12 @@ class ConsumablesController extends Controller
                 break;
         }
 
-
-
         $total = $consumables->count();
         $consumables = $consumables->skip($offset)->take($limit)->get();
+
         return (new ConsumablesTransformer)->transformConsumables($consumables, $total);
-
     }
 
-
     /**
      * Store a newly created resource in storage.
      *
@@ -134,6 +136,7 @@ class ConsumablesController extends Controller
         if ($consumable->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', $consumable, trans('admin/consumables/message.create.success')));
         }
+
         return response()->json(Helper::formatStandardApiResponse('error', null, $consumable->getErrors()));
     }
 
@@ -148,10 +151,10 @@ class ConsumablesController extends Controller
     {
         $this->authorize('view', Consumable::class);
         $consumable = Consumable::findOrFail($id);
+
         return (new ConsumablesTransformer)->transformConsumable($consumable);
     }
 
-
     /**
      * Update the specified resource in storage.
      *
@@ -189,7 +192,8 @@ class ConsumablesController extends Controller
         $consumable = Consumable::findOrFail($id);
         $this->authorize('delete', $consumable);
         $consumable->delete();
-        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/consumables/message.delete.success')));
+
+        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/consumables/message.delete.success')));
     }
 
     /**
@@ -203,21 +207,20 @@ class ConsumablesController extends Controller
      */
     public function getDataView($consumableId)
     {
-        $consumable = Consumable::with(array('consumableAssignments'=>
-        function ($query) {
+        $consumable = Consumable::with(['consumableAssignments'=> function ($query) {
             $query->orderBy($query->getModel()->getTable().'.created_at', 'DESC');
         },
         'consumableAssignments.admin'=> function ($query) {
         },
         'consumableAssignments.user'=> function ($query) {
         },
-        ))->find($consumableId);
+        ])->find($consumableId);
 
-        if (!Company::isCurrentUserHasAccess($consumable)) {
+        if (! Company::isCurrentUserHasAccess($consumable)) {
             return ['total' => 0, 'rows' => []];
         }
         $this->authorize('view', Consumable::class);
-        $rows = array();
+        $rows = [];
 
         foreach ($consumable->consumableAssignments as $consumable_assignment) {
             $rows[] = [
@@ -228,7 +231,8 @@ class ConsumablesController extends Controller
         }
 
         $consumableCount = $consumable->users->count();
-        $data = array('total' => $consumableCount, 'rows' => $rows);
+        $data = ['total' => $consumableCount, 'rows' => $rows];
+
         return $data;
     }
 
@@ -264,7 +268,7 @@ class ConsumablesController extends Controller
             $consumable->users()->attach($consumable->id, [
                 'consumable_id' => $consumable->id,
                 'user_id' => $user->id,
-                'assigned_to' => $assigned_to
+                'assigned_to' => $assigned_to,
             ]);
 
             // Log checkout event
@@ -277,7 +281,7 @@ class ConsumablesController extends Controller
             $data['note'] = $logaction->note;
             $data['require_acceptance'] = $consumable->requireAcceptance();
 
-            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/consumables/message.checkout.success')));
+            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/consumables/message.checkout.success')));
         }
 
         return response()->json(Helper::formatStandardApiResponse('error', null, 'No consumables remaining'));
@@ -287,14 +291,12 @@ class ConsumablesController extends Controller
     * Gets a paginated collection for the select2 menus
     *
     * @see \App\Http\Transformers\SelectlistTransformer
-    *
     */
     public function selectlist(Request $request)
     {
-
         $consumables = Consumable::select([
             'consumables.id',
-            'consumables.name'
+            'consumables.name',
         ]);
 
         if ($request->filled('search')) {
@@ -303,7 +305,6 @@ class ConsumablesController extends Controller
 
         $consumables = $consumables->orderBy('name', 'ASC')->paginate(50);
 
-
         return (new SelectlistTransformer)->transformSelectlist($consumables);
     }
 }

app/Http/Controllers/Api/CustomFieldsController.php

@@ -18,26 +18,26 @@ class CustomFieldsController extends Controller
      * @author [Brady Wetherington] [<uberbrady@gmail.com>]
      * @param  int  $id
      * @since [v3.0]
-     * @return Array
+     * @return array
      */
-
     public function index()
     {
         $this->authorize('index', CustomField::class);
         $fields = CustomField::get();
+
         return (new CustomFieldsTransformer)->transformCustomFields($fields, $fields->count());
     }
 
     /**
-    * Shows the given field
-    * @author [V. Cordes] [<volker@fdatek.de>]
-    * @param int $id
-    * @since [v4.1.10]
-    * @return View
-    */
+     * Shows the given field
+     * @author [V. Cordes] [<volker@fdatek.de>]
+     * @param int $id
+     * @since [v4.1.10]
+     * @return View
+     */
     public function show($id)
     {
-      $this->authorize('view', CustomField::class);
+        $this->authorize('view', CustomField::class);
         if ($field = CustomField::find($id)) {
             return (new CustomFieldsTransformer)->transformCustomField($field);
         }
@@ -45,7 +45,7 @@ class CustomFieldsController extends Controller
         return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/custom_fields/message.field.invalid')), 200);
     }
 
-     /**
+    /**
      * Update the specified field
      *
      * @author [V. Cordes] [<volker@fdatek.de>]
@@ -80,7 +80,6 @@ class CustomFieldsController extends Controller
         return response()->json(Helper::formatStandardApiResponse('error', null, $field->getErrors()));
     }
 
-
     /**
      * Store a newly created field.
      *
@@ -96,9 +95,9 @@ class CustomFieldsController extends Controller
 
         $data = $request->all();
         $regex_format = null;
-        
-        if (str_contains($data["format"], "regex:")){
-            $regex_format = $data["format"];
+
+        if (str_contains($data['format'], 'regex:')) {
+            $regex_format = $data['format'];
         }
 
         $validator = Validator::make($data, $field->validationRules($regex_format));
@@ -111,8 +110,8 @@ class CustomFieldsController extends Controller
         if ($field->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', $field, trans('admin/custom_fields/message.field.create.success')));
         }
-        return response()->json(Helper::formatStandardApiResponse('error', null, $field->getErrors()));
 
+        return response()->json(Helper::formatStandardApiResponse('error', null, $field->getErrors()));
     }
 
     public function postReorder(Request $request, $id)
@@ -121,8 +120,8 @@ class CustomFieldsController extends Controller
 
         $this->authorize('update', $fieldset);
 
-        $fields = array();
-        $order_array = array();
+        $fields = [];
+        $order_array = [];
 
         $items = $request->input('item');
 
@@ -135,7 +134,6 @@ class CustomFieldsController extends Controller
         }
 
         return $fieldset->fields()->sync($fields);
-
     }
 
     public function associate(Request $request, $field_id)
@@ -152,7 +150,8 @@ class CustomFieldsController extends Controller
         }
 
         $fieldset = CustomFieldset::findOrFail($fieldset_id);
-        $fieldset->fields()->attach($field->id, ["required" => ($request->input('required') == "on"), "order" => $request->input('order', $fieldset->fields->count())]);
+        $fieldset->fields()->attach($field->id, ['required' => ($request->input('required') == 'on'), 'order' => $request->input('order', $fieldset->fields->count())]);
+
         return response()->json(Helper::formatStandardApiResponse('success', $fieldset, trans('admin/custom_fields/message.fieldset.update.success')));
     }
 
@@ -166,10 +165,12 @@ class CustomFieldsController extends Controller
         foreach ($field->fieldset as $fieldset) {
             if ($fieldset->id == $fieldset_id) {
                 $fieldset->fields()->detach($field->id);
+
                 return response()->json(Helper::formatStandardApiResponse('success', $fieldset, trans('admin/custom_fields/message.fieldset.update.success')));
             }
         }
         $fieldset = CustomFieldset::findOrFail($fieldset_id);
+
         return response()->json(Helper::formatStandardApiResponse('success', $fieldset, trans('admin/custom_fields/message.fieldset.update.success')));
     }
 
@@ -186,13 +187,12 @@ class CustomFieldsController extends Controller
 
         $this->authorize('delete', $field);
 
-        if ($field->fieldset->count() >0) {
+        if ($field->fieldset->count() > 0) {
             return response()->json(Helper::formatStandardApiResponse('error', null, 'Field is in use.'));
         }
 
         $field->delete();
-        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/custom_fields/message.field.delete.success')));
 
+        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/custom_fields/message.field.delete.success')));
     }
-
 }

app/Http/Controllers/Api/CustomFieldsetsController.php

@@ -1,4 +1,5 @@
 <?php
+
 namespace App\Http\Controllers\Api;
 
 use App\Helpers\Helper;
@@ -20,47 +21,43 @@ use View;
  * @author [Brady Wetherington] [<uberbrady@gmail.com>]
  * @author [Josh Gibson]
  */
-
 class CustomFieldsetsController extends Controller
 {
-
     /**
-    * Shows the given fieldset and its fields
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @author [Josh Gibson]
-    * @param int $id
-    * @since [v1.8]
-    * @return View
-    */
+     * Shows the given fieldset and its fields
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @author [Josh Gibson]
+     * @param int $id
+     * @since [v1.8]
+     * @return View
+     */
     public function index()
     {
         $this->authorize('index', CustomFieldset::class);
         $fieldsets = CustomFieldset::withCount('fields as fields_count', 'models as models_count')->get();
-        return (new CustomFieldsetsTransformer)->transformCustomFieldsets($fieldsets, $fieldsets->count());
 
+        return (new CustomFieldsetsTransformer)->transformCustomFieldsets($fieldsets, $fieldsets->count());
     }
 
     /**
-    * Shows the given fieldset and its fields
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @author [Josh Gibson]
-    * @param int $id
-    * @since [v1.8]
-    * @return View
-    */
+     * Shows the given fieldset and its fields
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @author [Josh Gibson]
+     * @param int $id
+     * @since [v1.8]
+     * @return View
+     */
     public function show($id)
     {
-      $this->authorize('view', CustomFieldset::class);
+        $this->authorize('view', CustomFieldset::class);
         if ($fieldset = CustomFieldset::find($id)) {
             return (new CustomFieldsetsTransformer)->transformCustomFieldset($fieldset);
         }
 
         return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/custom_fields/message.fieldset.does_not_exist')), 200);
-
     }
 
-
-     /**
+    /**
      * Update the specified resource in storage.
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
@@ -82,7 +79,6 @@ class CustomFieldsetsController extends Controller
         return response()->json(Helper::formatStandardApiResponse('error', null, $fieldset->getErrors()));
     }
 
-
     /**
      * Store a newly created resource in storage.
      *
@@ -100,11 +96,10 @@ class CustomFieldsetsController extends Controller
         if ($fieldset->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', $fieldset, trans('admin/custom_fields/message.fieldset.create.success')));
         }
+
         return response()->json(Helper::formatStandardApiResponse('error', null, $fieldset->getErrors()));
-
     }
 
-
     /**
      * Delete a custom fieldset.
      *
@@ -120,18 +115,15 @@ class CustomFieldsetsController extends Controller
         $modelsCount = $fieldset->models->count();
         $fieldsCount = $fieldset->fields->count();
 
-        if (($modelsCount > 0) || ($fieldsCount > 0) ){
+        if (($modelsCount > 0) || ($fieldsCount > 0)) {
             return response()->json(Helper::formatStandardApiResponse('error', null, 'Fieldset is in use.'));
         }
 
-         if ($fieldset->delete()) {
-             return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/custom_fields/message.fieldset.delete.success')));
-         }
+        if ($fieldset->delete()) {
+            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/custom_fields/message.fieldset.delete.success')));
+        }
 
         return response()->json(Helper::formatStandardApiResponse('error', null, 'Unspecified error'));
-
-
-
     }
 
     /**
@@ -147,6 +139,7 @@ class CustomFieldsetsController extends Controller
         $this->authorize('view', CustomFieldset::class);
         $set = CustomFieldset::findOrFail($id);
         $fields = $set->fields;
+
         return (new CustomFieldsTransformer)->transformCustomFields($fields, $fields->count());
     }
 

app/Http/Controllers/Api/DepartmentsController.php

@@ -6,6 +6,7 @@ use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Http\Transformers\DepartmentsTransformer;
 use App\Http\Transformers\SelectlistTransformer;
+use App\Models\Company;
 use App\Models\Department;
 use Auth;
 use Illuminate\Http\Request;
@@ -24,9 +25,9 @@ class DepartmentsController extends Controller
     public function index(Request $request)
     {
         $this->authorize('view', Department::class);
-        $allowed_columns = ['id','name','image','users_count'];
+        $allowed_columns = ['id', 'name', 'image', 'users_count'];
 
-        $departments = Department::select([
+        $departments = Company::scopeCompanyables(Department::select(
             'departments.id',
             'departments.name',
             'departments.location_id',
@@ -34,8 +35,8 @@ class DepartmentsController extends Controller
             'departments.manager_id',
             'departments.created_at',
             'departments.updated_at',
-            'departments.image'
-        ])->with('users')->with('location')->with('manager')->with('company')->withCount('users as users_count');
+            'departments.image'),
+             "company_id", "departments")->with('users')->with('location')->with('manager')->with('company')->withCount('users as users_count');
 
         if ($request->filled('search')) {
             $departments = $departments->TextSearch($request->input('search'));
@@ -85,7 +86,7 @@ class DepartmentsController extends Controller
         $department = $request->handleImages($department);
 
         $department->user_id = Auth::user()->id;
-        $department->manager_id = ($request->filled('manager_id' ) ? $request->input('manager_id') : null);
+        $department->manager_id = ($request->filled('manager_id') ? $request->input('manager_id') : null);
 
         if ($department->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', $department, trans('admin/departments/message.create.success')));
@@ -106,6 +107,7 @@ class DepartmentsController extends Controller
     {
         $this->authorize('view', Department::class);
         $department = Department::findOrFail($id);
+
         return (new DepartmentsTransformer)->transformDepartment($department);
     }
 
@@ -133,7 +135,6 @@ class DepartmentsController extends Controller
     }
 
 
-
     /**
      * Validates and deletes selected department.
      *
@@ -163,11 +164,11 @@ class DepartmentsController extends Controller
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0.16]
      * @see \App\Http\Transformers\SelectlistTransformer
-     *
      */
     public function selectlist(Request $request)
     {
 
+        $this->authorize('view.selectlists');
         $departments = Department::select([
             'id',
             'name',
@@ -188,7 +189,5 @@ class DepartmentsController extends Controller
         }
 
         return (new SelectlistTransformer)->transformSelectlist($departments);
-
     }
-
 }

app/Http/Controllers/Api/DepreciationsController.php

@@ -41,10 +41,10 @@ class DepreciationsController extends Controller
 
         $total = $depreciations->count();
         $depreciations = $depreciations->skip($offset)->take($limit)->get();
+
         return (new DepreciationsTransformer)->transformDepreciations($depreciations, $total);
     }
 
-
     /**
      * Store a newly created resource in storage.
      *
@@ -62,8 +62,8 @@ class DepreciationsController extends Controller
         if ($depreciation->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', $depreciation, trans('admin/depreciations/message.create.success')));
         }
-        return response()->json(Helper::formatStandardApiResponse('error', null, $depreciation->getErrors()));
 
+        return response()->json(Helper::formatStandardApiResponse('error', null, $depreciation->getErrors()));
     }
 
     /**
@@ -78,10 +78,10 @@ class DepreciationsController extends Controller
     {
         $this->authorize('view', Depreciation::class);
         $depreciation = Depreciation::findOrFail($id);
+
         return (new DepreciationsTransformer)->transformDepreciation($depreciation);
     }
 
-
     /**
      * Update the specified resource in storage.
      *
@@ -123,10 +123,7 @@ class DepreciationsController extends Controller
         }
 
         $depreciation->delete();
-        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/depreciations/message.delete.success')));
 
+        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/depreciations/message.delete.success')));
     }
-
-
-
 }

app/Http/Controllers/Api/GroupsController.php

@@ -20,9 +20,9 @@ class GroupsController extends Controller
     public function index(Request $request)
     {
         $this->authorize('view', Group::class);
-        $allowed_columns = ['id','name','created_at', 'users_count'];
+        $allowed_columns = ['id', 'name', 'created_at', 'users_count'];
 
-        $groups = Group::select('id','name','permissions','created_at','updated_at')->withCount('users as users_count');
+        $groups = Group::select('id', 'name', 'permissions', 'created_at', 'updated_at')->withCount('users as users_count');
 
         if ($request->filled('search')) {
             $groups = $groups->TextSearch($request->input('search'));
@@ -41,10 +41,10 @@ class GroupsController extends Controller
 
         $total = $groups->count();
         $groups = $groups->skip($offset)->take($limit)->get();
+
         return (new GroupsTransformer)->transformGroups($groups, $total);
     }
 
-
     /**
      * Store a newly created resource in storage.
      *
@@ -62,8 +62,8 @@ class GroupsController extends Controller
         if ($group->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', $group, trans('admin/groups/message.create.success')));
         }
-        return response()->json(Helper::formatStandardApiResponse('error', null, $group->getErrors()));
 
+        return response()->json(Helper::formatStandardApiResponse('error', null, $group->getErrors()));
     }
 
     /**
@@ -78,10 +78,10 @@ class GroupsController extends Controller
     {
         $this->authorize('view', Group::class);
         $group = Group::findOrFail($id);
+
         return (new GroupsTransformer)->transformGroup($group);
     }
 
-
     /**
      * Update the specified resource in storage.
      *
@@ -118,9 +118,7 @@ class GroupsController extends Controller
         $group = Group::findOrFail($id);
         $this->authorize('delete', $group);
         $group->delete();
-        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/groups/message.delete.success')));
 
+        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/groups/message.delete.success')));
     }
-
-
 }

app/Http/Controllers/Api/ImportController.php

@@ -27,8 +27,8 @@ class ImportController extends Controller
     {
         $this->authorize('import');
         $imports = Import::latest()->get();
-        return (new ImportsTransformer)->transformImports($imports);
 
+        return (new ImportsTransformer)->transformImports($imports);
     }
 
     /**
@@ -40,27 +40,28 @@ class ImportController extends Controller
     public function store()
     {
         $this->authorize('import');
-        if (!config('app.lock_passwords')) {
+        if (! config('app.lock_passwords')) {
             $files = Request::file('files');
             $path = config('app.private_uploads').'/imports';
             $results = [];
             $import = new Import;
             foreach ($files as $file) {
-                if (!in_array($file->getMimeType(), array(
+                if (! in_array($file->getMimeType(), [
                     'application/vnd.ms-excel',
                     'text/csv',
                     'application/csv',
                     'text/x-Algol68', // because wtf CSV files?
                     'text/plain',
                     'text/comma-separated-values',
-                    'text/tsv'))) {
-                    $results['error']='File type must be CSV. Uploaded file is '.$file->getMimeType();
+                    'text/tsv', ])) {
+                    $results['error'] = 'File type must be CSV. Uploaded file is '.$file->getMimeType();
+
                     return response()->json(Helper::formatStandardApiResponse('error', null, $results['error']), 500);
                 }
 
                 //TODO: is there a lighter way to do this?
-                if (! ini_get("auto_detect_line_endings")) {
-                    ini_set("auto_detect_line_endings", '1');
+                if (! ini_get('auto_detect_line_endings')) {
+                    ini_set('auto_detect_line_endings', '1');
                 }
                 $reader = Reader::createFromFileObject($file->openFile('r')); //file pointer leak?
                 $import->header_row = $reader->fetchOne(0);
@@ -68,20 +69,20 @@ class ImportController extends Controller
                 //duplicate headers check
                 $duplicate_headers = [];
 
-                for($i = 0; $i<count($import->header_row); $i++) {
+                for ($i = 0; $i < count($import->header_row); $i++) {
                     $header = $import->header_row[$i];
-                    if(in_array($header, $import->header_row)) {
+                    if (in_array($header, $import->header_row)) {
                         $found_at = array_search($header, $import->header_row);
-                        if($i > $found_at) {
+                        if ($i > $found_at) {
                             //avoid reporting duplicates twice, e.g. "1 is same as 17! 17 is same as 1!!!"
                             //as well as "1 is same as 1!!!" (which is always true)
                             //has to be > because otherwise the first result of array_search will always be $i itself(!)
-                            array_push($duplicate_headers,"Duplicate header '$header' detected, first at column: ".($found_at+1).", repeats at column: ".($i+1));
+                            array_push($duplicate_headers, "Duplicate header '$header' detected, first at column: ".($found_at + 1).', repeats at column: '.($i + 1));
                         }
                     }
                 }
-                if(count($duplicate_headers) > 0) {
-                    return response()->json(Helper::formatStandardApiResponse('error',null, implode("; ",$duplicate_headers)), 500); //should this be '4xx'?
+                if (count($duplicate_headers) > 0) {
+                    return response()->json(Helper::formatStandardApiResponse('error', null, implode('; ', $duplicate_headers)), 500); //should this be '4xx'?
                 }
 
                 // Grab the first row to display via ajax as the user picks fields
@@ -92,10 +93,11 @@ class ImportController extends Controller
                 try {
                     $file->move($path, $date.'-'.$fixed_filename);
                 } catch (FileException $exception) {
-                    $results['error']=trans('admin/hardware/message.upload.error');
+                    $results['error'] = trans('admin/hardware/message.upload.error');
                     if (config('app.debug')) {
-                        $results['error'].= ' ' . $exception->getMessage();
+                        $results['error'] .= ' '.$exception->getMessage();
                     }
+
                     return response()->json(Helper::formatStandardApiResponse('error', null, $results['error']), 500);
                 }
                 $file_name = date('Y-m-d-his').'-'.$fixed_filename;
@@ -105,12 +107,15 @@ class ImportController extends Controller
                 $results[] = $import;
             }
             $results = (new ImportsTransformer)->transformImports($results);
+
             return [
                 'files' => $results,
             ];
         }
+
         return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.feature_disabled')), 500);
     }
+
     /**
      * Processes the specified Import.
      *
@@ -130,25 +135,25 @@ class ImportController extends Controller
         }
 
         $errors = $request->import(Import::find($import_id));
-        $redirectTo = "hardware.index";
+        $redirectTo = 'hardware.index';
         switch ($request->get('import-type')) {
-            case "asset":
-                $redirectTo = "hardware.index";
+            case 'asset':
+                $redirectTo = 'hardware.index';
                 break;
-            case "accessory":
-                $redirectTo = "accessories.index";
+            case 'accessory':
+                $redirectTo = 'accessories.index';
                 break;
-            case "consumable":
-                $redirectTo = "consumables.index";
+            case 'consumable':
+                $redirectTo = 'consumables.index';
                 break;
-            case "component":
-                $redirectTo = "components.index";
+            case 'component':
+                $redirectTo = 'components.index';
                 break;
-            case "license":
-                $redirectTo = "licenses.index";
+            case 'license':
+                $redirectTo = 'licenses.index';
                 break;
-            case "user":
-                $redirectTo = "users.index";
+            case 'user':
+                $redirectTo = 'users.index';
                 break;
         }
 
@@ -157,8 +162,8 @@ class ImportController extends Controller
         }
         //Flash message before the redirect
         Session::flash('success', trans('admin/hardware/message.import.success'));
-        return response()->json(Helper::formatStandardApiResponse('success', null, ['redirect_url' => route($redirectTo)]));
 
+        return response()->json(Helper::formatStandardApiResponse('success', null, ['redirect_url' => route($redirectTo)]));
     }
 
     /**
@@ -170,20 +175,20 @@ class ImportController extends Controller
     public function destroy($import_id)
     {
         $this->authorize('create', Asset::class);
-        
+
         if ($import = Import::find($import_id)) {
             try {
                 // Try to delete the file
                 Storage::delete('imports/'.$import->file_path);
                 $import->delete();
-                return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/hardware/message.import.file_delete_success')));
 
+                return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/hardware/message.import.file_delete_success')));
             } catch (\Exception $e) {
                 // If the file delete didn't work, remove it from the database anyway and return a warning
                 $import->delete();
+
                 return response()->json(Helper::formatStandardApiResponse('warning', null, trans('admin/hardware/message.import.file_not_deleted_warning')));
             }
         }
-
     }
 }

app/Http/Controllers/Api/LicenseSeatsController.php

@@ -32,7 +32,7 @@ class LicenseSeatsController extends Controller
 
             $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
 
-            if ($request->input('sort')=='department') {
+            if ($request->input('sort') == 'department') {
                 $seats->OrderDepartments($order);
             } else {
                 $seats->orderBy('id', $order);
@@ -41,7 +41,7 @@ class LicenseSeatsController extends Controller
             $total = $seats->count();
             $offset = (($seats) && (request('offset') > $total)) ? 0 : request('offset', 0);
             $limit = request('limit', 50);
-            
+
             $seats = $seats->skip($offset)->take($limit)->get();
 
             if ($seats) {
@@ -65,13 +65,14 @@ class LicenseSeatsController extends Controller
         $this->authorize('view', License::class);
         // sanity checks:
         // 1. does the license seat exist?
-        if (!$licenseSeat = LicenseSeat::find($seatId)) {
+        if (! $licenseSeat = LicenseSeat::find($seatId)) {
             return response()->json(Helper::formatStandardApiResponse('error', null, 'Seat not found'));
         }
         // 2. does the seat belong to the specified license?
-        if (!$license = $licenseSeat->license()->first() || $license->id != intval($licenseId)) {
+        if (! $license = $licenseSeat->license()->first() || $license->id != intval($licenseId)) {
             return response()->json(Helper::formatStandardApiResponse('error', null, 'Seat does not belong to the specified license'));
         }
+
         return (new LicenseSeatsTransformer)->transformLicenseSeat($licenseSeat);
     }
 
@@ -89,11 +90,11 @@ class LicenseSeatsController extends Controller
 
         // sanity checks:
         // 1. does the license seat exist?
-        if (!$licenseSeat = LicenseSeat::find($seatId)) {
+        if (! $licenseSeat = LicenseSeat::find($seatId)) {
             return response()->json(Helper::formatStandardApiResponse('error', null, 'Seat not found'));
         }
         // 2. does the seat belong to the specified license?
-        if (!$license = $licenseSeat->license()->first() || $license->id != intval($licenseId)) {
+        if (! $license = $licenseSeat->license()->first() || $license->id != intval($licenseId)) {
             return response()->json(Helper::formatStandardApiResponse('error', null, 'Seat does not belong to the specified license'));
         }
 
@@ -103,14 +104,14 @@ class LicenseSeatsController extends Controller
         // attempt to update the license seat
         $licenseSeat->fill($request->all());
         $licenseSeat->user_id = Auth::user()->id;
-        
+
         // check if this update is a checkin operation
         // 1. are relevant fields touched at all?
         $touched = $licenseSeat->isDirty('assigned_to') || $licenseSeat->isDirty('asset_id');
         // 2. are they cleared? if yes then this is a checkin operation
         $is_checkin = ($touched && $licenseSeat->assigned_to === null && $licenseSeat->asset_id === null);
 
-        if (!$touched) {
+        if (! $touched) {
             // nothing to update
             return response()->json(Helper::formatStandardApiResponse('success', $licenseSeat, trans('admin/licenses/message.update.success')));
         }
@@ -128,11 +129,13 @@ class LicenseSeatsController extends Controller
 
             if ($is_checkin) {
                 $licenseSeat->logCheckin($target, $request->input('note'));
+
                 return response()->json(Helper::formatStandardApiResponse('success', $licenseSeat, trans('admin/licenses/message.update.success')));
             }
 
             // in this case, relevant fields are touched but it's not a checkin operation. so it must be a checkout operation.
             $licenseSeat->logCheckout($request->input('note'), $target);
+
             return response()->json(Helper::formatStandardApiResponse('success', $licenseSeat, trans('admin/licenses/message.update.success')));
         }
 

app/Http/Controllers/Api/LicensesController.php

@@ -26,62 +26,75 @@ class LicensesController extends Controller
     public function index(Request $request)
     {
         $this->authorize('view', License::class);
-        $licenses = Company::scopeCompanyables(License::with('company', 'manufacturer', 'freeSeats', 'supplier','category')->withCount('freeSeats as free_seats_count'));
-
+        $licenses = Company::scopeCompanyables(License::with('company', 'manufacturer', 'supplier', 'category')->withCount('freeSeats as free_seats_count'));
 
         if ($request->filled('company_id')) {
-            $licenses->where('company_id','=',$request->input('company_id'));
+            $licenses->where('company_id', '=', $request->input('company_id'));
         }
 
         if ($request->filled('name')) {
-            $licenses->where('licenses.name','=',$request->input('name'));
+            $licenses->where('licenses.name', '=', $request->input('name'));
         }
 
         if ($request->filled('product_key')) {
-            $licenses->where('licenses.serial','=',$request->input('product_key'));
+            $licenses->where('licenses.serial', '=', $request->input('product_key'));
         }
 
         if ($request->filled('order_number')) {
-            $licenses->where('order_number','=',$request->input('order_number'));
+            $licenses->where('order_number', '=', $request->input('order_number'));
         }
 
         if ($request->filled('purchase_order')) {
-            $licenses->where('purchase_order','=',$request->input('purchase_order'));
+            $licenses->where('purchase_order', '=', $request->input('purchase_order'));
         }
 
         if ($request->filled('license_name')) {
-            $licenses->where('license_name','=',$request->input('license_name'));
+            $licenses->where('license_name', '=', $request->input('license_name'));
         }
 
         if ($request->filled('license_email')) {
-            $licenses->where('license_email','=',$request->input('license_email'));
+            $licenses->where('license_email', '=', $request->input('license_email'));
         }
 
         if ($request->filled('manufacturer_id')) {
-            $licenses->where('manufacturer_id','=',$request->input('manufacturer_id'));
+            $licenses->where('manufacturer_id', '=', $request->input('manufacturer_id'));
         }
 
         if ($request->filled('supplier_id')) {
-            $licenses->where('supplier_id','=',$request->input('supplier_id'));
+            $licenses->where('supplier_id', '=', $request->input('supplier_id'));
         }
 
         if ($request->filled('category_id')) {
-            $licenses->where('category_id','=',$request->input('category_id'));
+            $licenses->where('category_id', '=', $request->input('category_id'));
         }
 
         if ($request->filled('depreciation_id')) {
-            $licenses->where('depreciation_id','=',$request->input('depreciation_id'));
+            $licenses->where('depreciation_id', '=', $request->input('depreciation_id'));
         }
 
         if ($request->filled('supplier_id')) {
-            $licenses->where('supplier_id','=',$request->input('supplier_id'));
+            $licenses->where('supplier_id', '=', $request->input('supplier_id'));
         }
 
+        if (($request->filled('maintained')) && ($request->input('maintained')=='true')) {
+            $licenses->where('maintained','=',1);
+        } elseif (($request->filled('maintained')) && ($request->input('maintained')=='false')) {
+            $licenses->where('maintained','=',0);
+        }
+
+        if (($request->filled('expires')) && ($request->input('expires')=='true')) {
+            $licenses->whereNotNull('expiration_date');
+        } elseif (($request->filled('expires')) && ($request->input('expires')=='false')) {
+            $licenses->whereNull('expiration_date');
+        }
 
         if ($request->filled('search')) {
             $licenses = $licenses->TextSearch($request->input('search'));
         }
 
+        if ($request->input('deleted')=='true') {
+            $licenses->onlyTrashed();
+        }
 
         // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
         // case we override with the actual count, so we should return 0 items.
@@ -92,7 +105,6 @@ class LicensesController extends Controller
 
         $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
 
-
         switch ($request->input('sort')) {
                 case 'manufacturer':
                     $licenses = $licenses->leftJoin('manufacturers', 'licenses.manufacturer_id', '=', 'manufacturers.id')->orderBy('manufacturers.name', $order);
@@ -128,25 +140,19 @@ class LicensesController extends Controller
                         'free_seats_count',
                         'seats',
                         'termination_date',
-                        'depreciation_id'
+                        'depreciation_id',
                     ];
                 $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
                 $licenses = $licenses->orderBy($sort, $order);
                 break;
         }
 
-
-
         $total = $licenses->count();
-
         $licenses = $licenses->skip($offset)->take($limit)->get();
+
         return (new LicensesTransformer)->transformLicenses($licenses, $total);
-
     }
 
-
-
-
     /**
      * Store a newly created resource in storage.
      *
@@ -162,9 +168,10 @@ class LicensesController extends Controller
         $license = new License;
         $license->fill($request->all());
 
-        if($license->save()) {
+        if ($license->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', $license, trans('admin/licenses/message.create.success')));
         }
+
         return response()->json(Helper::formatStandardApiResponse('error', null, $license->getErrors()));
     }
 
@@ -180,10 +187,10 @@ class LicensesController extends Controller
         $this->authorize('view', License::class);
         $license = License::withCount('freeSeats')->findOrFail($id);
         $license = $license->load('assignedusers', 'licenseSeats.user', 'licenseSeats.asset');
+
         return (new LicensesTransformer)->transformLicense($license);
     }
 
-
     /**
      * Update the specified resource in storage.
      *
@@ -222,22 +229,23 @@ class LicensesController extends Controller
         $license = License::findOrFail($id);
         $this->authorize('delete', $license);
 
-        if($license->assigned_seats_count == 0) {
+        if ($license->assigned_seats_count == 0) {
             // Delete the license and the associated license seats
             DB::table('license_seats')
                 ->where('id', $license->id)
-                ->update(array('assigned_to' => null,'asset_id' => null));
+                ->update(['assigned_to' => null, 'asset_id' => null]);
 
             $licenseSeats = $license->licenseseats();
             $licenseSeats->delete();
             $license->delete();
 
             // Redirect to the licenses management page
-            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/licenses/message.delete.success')));
+            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/licenses/message.delete.success')));
         }
+
         return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/licenses/message.assoc_users')));
     }
-    
+
     /**
      * Gets a paginated collection for the select2 menus
      *
@@ -245,10 +253,9 @@ class LicensesController extends Controller
      */
     public function selectlist(Request $request)
     {
-
         $licenses = License::select([
             'licenses.id',
-            'licenses.name'
+            'licenses.name',
         ]);
 
         if ($request->filled('search')) {
@@ -257,9 +264,6 @@ class LicensesController extends Controller
 
         $licenses = $licenses->orderBy('name', 'ASC')->paginate(50);
 
-
         return (new SelectlistTransformer)->transformSelectlist($licenses);
     }
-
-
 }

app/Http/Controllers/Api/LocationsController.php

@@ -2,13 +2,13 @@
 
 namespace App\Http\Controllers\Api;
 
-use Illuminate\Http\Request;
+use App\Helpers\Helper;
 use App\Http\Requests\ImageUploadRequest;
 use App\Http\Controllers\Controller;
-use App\Helpers\Helper;
-use App\Models\Location;
 use App\Http\Transformers\LocationsTransformer;
 use App\Http\Transformers\SelectlistTransformer;
+use App\Models\Location;
+use Illuminate\Http\Request;
 use Illuminate\Pagination\LengthAwarePaginator;
 use Illuminate\Support\Collection;
 
@@ -25,9 +25,9 @@ class LocationsController extends Controller
     {
         $this->authorize('view', Location::class);
         $allowed_columns = [
-            'id','name','address','address2','city','state','country','zip','created_at',
-            'updated_at','manager_id','image',
-            'assigned_assets_count','users_count','assets_count','currency','ldap_ou'];
+            'id', 'name', 'address', 'address2', 'city', 'state', 'country', 'zip', 'created_at',
+            'updated_at', 'manager_id', 'image',
+            'assigned_assets_count', 'users_count', 'assets_count', 'currency', 'ldap_ou', ];
 
         $locations = Location::with('parent', 'manager', 'children')->select([
             'locations.id',
@@ -44,7 +44,7 @@ class LocationsController extends Controller
             'locations.updated_at',
             'locations.image',
             'locations.ldap_ou',
-            'locations.currency'
+            'locations.currency',
         ])->withCount('assignedAssets as assigned_assets_count')
             ->withCount('assets as assets_count')
             ->withCount('users as users_count');
@@ -53,8 +53,6 @@ class LocationsController extends Controller
             $locations = $locations->TextSearch($request->input('search'));
         }
 
-
-
         $offset = (($locations) && (request('offset') > $locations->count())) ? $locations->count() : request('offset', 0);
 
         // Check to make sure the limit is not higher than the max allowed
@@ -78,6 +76,7 @@ class LocationsController extends Controller
 
         $total = $locations->count();
         $locations = $locations->skip($offset)->take($limit)->get();
+
         return (new LocationsTransformer)->transformLocations($locations, $total);
     }
 
@@ -100,6 +99,7 @@ class LocationsController extends Controller
         if ($location->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', (new LocationsTransformer)->transformLocation($location), trans('admin/locations/message.create.success')));
         }
+
         return response()->json(Helper::formatStandardApiResponse('error', null, $location->getErrors()));
     }
 
@@ -129,11 +129,12 @@ class LocationsController extends Controller
                 'locations.created_at',
                 'locations.updated_at',
                 'locations.image',
-                'locations.currency'
+                'locations.currency',
             ])
             ->withCount('assignedAssets as assigned_assets_count')
             ->withCount('assets as assets_count')
             ->withCount('users as users_count')->findOrFail($id);
+
         return (new LocationsTransformer)->transformLocation($location);
     }
 
@@ -182,12 +183,13 @@ class LocationsController extends Controller
     {
         $this->authorize('delete', Location::class);
         $location = Location::findOrFail($id);
-        if(!$location->isDeletable()) {
+        if (! $location->isDeletable()) {
             return response()
-                    ->json(Helper::formatStandardApiResponse('error', null,  trans('admin/companies/message.assoc_users')));
+                    ->json(Helper::formatStandardApiResponse('error', null, trans('admin/companies/message.assoc_users')));
         }
         $this->authorize('delete', $location);
         $location->delete();
+
         return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/locations/message.delete.success')));
     }
 
@@ -218,11 +220,12 @@ class LocationsController extends Controller
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0.16]
      * @see \App\Http\Transformers\SelectlistTransformer
-     *
      */
     public function selectlist(Request $request)
     {
 
+        $this->authorize('view.selectlists');
+
         $locations = Location::select([
             'locations.id',
             'locations.name',
@@ -244,26 +247,22 @@ class LocationsController extends Controller
         $locations_with_children = [];
 
         foreach ($locations as $location) {
-            if (!array_key_exists($location->parent_id, $locations_with_children)) {
+            if (! array_key_exists($location->parent_id, $locations_with_children)) {
                 $locations_with_children[$location->parent_id] = [];
             }
             $locations_with_children[$location->parent_id][] = $location;
         }
 
         if ($request->filled('search')) {
-            $locations_formatted =  $locations;
+            $locations_formatted = $locations;
         } else {
             $location_options = Location::indenter($locations_with_children);
             $locations_formatted = new Collection($location_options);
-
         }
 
-        $paginated_results =  new LengthAwarePaginator($locations_formatted->forPage($page, 500), $locations_formatted->count(), 500, $page, []);
+        $paginated_results = new LengthAwarePaginator($locations_formatted->forPage($page, 500), $locations_formatted->count(), 500, $page, []);
 
         //return [];
         return (new SelectlistTransformer)->transformSelectlist($paginated_results);
-
     }
-
-
 }

app/Http/Controllers/Api/ManufacturersController.php

@@ -23,13 +23,13 @@ class ManufacturersController extends Controller
     public function index(Request $request)
     {
         $this->authorize('view', Manufacturer::class);
-        $allowed_columns = ['id','name','url','support_url','support_email','support_phone','created_at','updated_at','image', 'assets_count', 'consumables_count', 'components_count', 'licenses_count'];
+        $allowed_columns = ['id', 'name', 'url', 'support_url', 'support_email', 'support_phone', 'created_at', 'updated_at', 'image', 'assets_count', 'consumables_count', 'components_count', 'licenses_count'];
 
         $manufacturers = Manufacturer::select(
-            array('id','name','url','support_url','support_email','support_phone','created_at','updated_at','image', 'deleted_at')
+            ['id', 'name', 'url', 'support_url', 'support_email', 'support_phone', 'created_at', 'updated_at', 'image', 'deleted_at']
         )->withCount('assets as assets_count')->withCount('licenses as licenses_count')->withCount('consumables as consumables_count')->withCount('accessories as accessories_count');
 
-        if ($request->input('deleted')=='true') {
+        if ($request->input('deleted') == 'true') {
             $manufacturers->onlyTrashed();
         }
 
@@ -37,7 +37,6 @@ class ManufacturersController extends Controller
             $manufacturers = $manufacturers->TextSearch($request->input('search'));
         }
 
-
         // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
         // case we override with the actual count, so we should return 0 items.
         $offset = (($manufacturers) && ($request->get('offset') > $manufacturers->count())) ? $manufacturers->count() : $request->get('offset', 0);
@@ -51,10 +50,10 @@ class ManufacturersController extends Controller
 
         $total = $manufacturers->count();
         $manufacturers = $manufacturers->skip($offset)->take($limit)->get();
+
         return (new ManufacturersTransformer)->transformManufacturers($manufacturers, $total);
     }
 
-
     /**
      * Store a newly created resource in storage.
      *
@@ -89,10 +88,10 @@ class ManufacturersController extends Controller
     {
         $this->authorize('view', Manufacturer::class);
         $manufacturer = Manufacturer::withCount('assets as assets_count')->withCount('licenses as licenses_count')->withCount('consumables as consumables_count')->withCount('accessories as accessories_count')->findOrFail($id);
+
         return (new ManufacturersTransformer)->transformManufacturer($manufacturer);
     }
 
-
     /**
      * Update the specified resource in storage.
      *
@@ -126,7 +125,6 @@ class ManufacturersController extends Controller
      */
     public function destroy($id)
     {
-
         $this->authorize('delete', Manufacturer::class);
         $manufacturer = Manufacturer::findOrFail($id);
         $this->authorize('delete', $manufacturer);
@@ -138,10 +136,6 @@ class ManufacturersController extends Controller
 
         return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/manufacturers/message.assoc_users')));
 
-
-
-
-
     }
 
     /**
@@ -150,11 +144,11 @@ class ManufacturersController extends Controller
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0.16]
      * @see \App\Http\Transformers\SelectlistTransformer
-     *
      */
     public function selectlist(Request $request)
     {
 
+        $this->authorize('view.selectlists');
         $manufacturers = Manufacturer::select([
             'id',
             'name',
@@ -176,6 +170,5 @@ class ManufacturersController extends Controller
         }
 
         return (new SelectlistTransformer)->transformSelectlist($manufacturers);
-
     }
 }

app/Http/Controllers/Api/PredefinedKitsController.php

@@ -31,17 +31,16 @@ class PredefinedKitsController extends Controller
 
         $offset = $request->input('offset', 0);
         $limit = $request->input('limit', 50);
-        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'assets_count';
+        $order = $request->input('order') === 'desc' ? 'desc' : 'asc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'name';
         $kits->orderBy($sort, $order);
 
         $total = $kits->count();
         $kits = $kits->skip($offset)->take($limit)->get();
+
         return (new PredefinedKitsTransformer)->transformPredefinedKits($kits, $total);
-
     }
 
-
     /**
      * Store a newly created resource in storage.
      *
@@ -57,8 +56,8 @@ class PredefinedKitsController extends Controller
         if ($kit->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', $kit, trans('admin/kits/general.create_success')));
         }
-        return response()->json(Helper::formatStandardApiResponse('error', null, $kit->getErrors()));
 
+        return response()->json(Helper::formatStandardApiResponse('error', null, $kit->getErrors()));
     }
 
     /**
@@ -71,10 +70,10 @@ class PredefinedKitsController extends Controller
     {
         $this->authorize('view', PredefinedKit::class);
         $kit = PredefinedKit::findOrFail($id);
+
         return (new PredefinedKitsTransformer)->transformPredefinedKit($kit);
     }
 
-
     /**
      * Update the specified resource in storage.
      *
@@ -89,7 +88,7 @@ class PredefinedKitsController extends Controller
         $kit->fill($request->all());
 
         if ($kit->save()) {
-            return response()->json(Helper::formatStandardApiResponse('success', $kit, trans('admin/kits/general.update_success')));      // TODO: trans
+            return response()->json(Helper::formatStandardApiResponse('success', $kit, trans('admin/kits/general.update_success')));
         }
 
         return response()->json(Helper::formatStandardApiResponse('error', null, $kit->getErrors()));
@@ -113,23 +112,20 @@ class PredefinedKitsController extends Controller
         $kit->accessories()->detach();
 
         $kit->delete();
-        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/kits/general.delete_success')));     // TODO: trans
 
+        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/kits/general.delete_success')));
     }
 
-
     /**
      * Gets a paginated collection for the select2 menus
      *
      * @see \App\Http\Transformers\SelectlistTransformer
-     *
      */
     public function selectlist(Request $request)
     {
-
         $kits = PredefinedKit::select([
             'id',
-            'name'
+            'name',
         ]);
 
         if ($request->filled('search')) {
@@ -139,7 +135,6 @@ class PredefinedKitsController extends Controller
         $kits = $kits->orderBy('name', 'ASC')->paginate(50);
 
         return (new SelectlistTransformer)->transformSelectlist($kits);
-
     }
 
     /**
@@ -148,38 +143,40 @@ class PredefinedKitsController extends Controller
      * @param  int  $id
      * @return \Illuminate\Http\Response
      */
-    public function indexLicenses($kit_id) {
+    public function indexLicenses($kit_id)
+    {
         $this->authorize('view', PredefinedKit::class);
         $kit = PredefinedKit::findOrFail($kit_id);
         $licenses = $kit->licenses;
+
         return (new PredefinedKitsTransformer)->transformElements($licenses, $licenses->count());
     }
 
-    
     /**
      * Store the specified resource.
      *
      * @param  int  $id
      * @return \Illuminate\Http\Response
      */
-     public function storeLicense(Request $request, $kit_id)
-     {
-         $this->authorize('update', PredefinedKit::class);
-         
-         $kit = PredefinedKit::findOrFail($kit_id);        
-         $quantity = $request->input('quantity', 1);
-         if( $quantity < 1) {
-             $quantity = 1;
-         }
+    public function storeLicense(Request $request, $kit_id)
+    {
+        $this->authorize('update', PredefinedKit::class);
 
-         $license_id = $request->get('license');
-         $relation = $kit->licenses();
-         if( $relation->find($license_id) ) {
-             return response()->json(Helper::formatStandardApiResponse('error', null, ['license' => 'License already attached to kit']));
-         }
+        $kit = PredefinedKit::findOrFail($kit_id);
+        $quantity = $request->input('quantity', 1);
+        if ($quantity < 1) {
+            $quantity = 1;
+        }
 
-         $relation->attach( $license_id, ['quantity' => $quantity]);
-         return response()->json(Helper::formatStandardApiResponse('success', $kit, 'License added successfull'));     // TODO: trans
+        $license_id = $request->get('license');
+        $relation = $kit->licenses();
+        if ($relation->find($license_id)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, ['license' => trans('admin/kits/general.license_error')]));
+        }
+
+        $relation->attach($license_id, ['quantity' => $quantity]);
+
+        return response()->json(Helper::formatStandardApiResponse('success', $kit, trans('admin/kits/general.license_added_success')));
     }
 
     /**
@@ -189,20 +186,20 @@ class PredefinedKitsController extends Controller
      * @param  int  $kit_id
      * @return \Illuminate\Http\Response
      */
-     public function updateLicense(Request $request, $kit_id, $license_id)
-     {
-         $this->authorize('update', PredefinedKit::class);
-         $kit = PredefinedKit::findOrFail($kit_id);
-         $quantity = $request->input('quantity', 1);
-         if( $quantity < 1) {
-             $quantity = 1;
-         }
-         $kit->licenses()->syncWithoutDetaching([$license_id => ['quantity' =>  $quantity]]);
- 
-         return response()->json(Helper::formatStandardApiResponse('success', $kit, 'License updated'));  // TODO: trans
-     }
+    public function updateLicense(Request $request, $kit_id, $license_id)
+    {
+        $this->authorize('update', PredefinedKit::class);
+        $kit = PredefinedKit::findOrFail($kit_id);
+        $quantity = $request->input('quantity', 1);
+        if ($quantity < 1) {
+            $quantity = 1;
+        }
+        $kit->licenses()->syncWithoutDetaching([$license_id => ['quantity' =>  $quantity]]);
 
-     /**
+        return response()->json(Helper::formatStandardApiResponse('success', $kit, trans('admin/kits/general.license_updated')));
+    }
+
+    /**
      * Remove the specified resource from storage.
      *
      * @param  int  $kit_id
@@ -214,48 +211,49 @@ class PredefinedKitsController extends Controller
         $kit = PredefinedKit::findOrFail($kit_id);
 
         $kit->licenses()->detach($license_id);
-        return response()->json(Helper::formatStandardApiResponse('success', $kit,  trans('admin/kits/general.delete_success')));
+
+        return response()->json(Helper::formatStandardApiResponse('success', $kit, trans('admin/kits/general.delete_success')));
     }
-    
+
     /**
      * Display the specified resource.
      *
      * @param  int  $kit_id
      * @return \Illuminate\Http\Response
      */
-     public function indexModels($kit_id) {
+    public function indexModels($kit_id)
+    {
         $this->authorize('view', PredefinedKit::class);
         $kit = PredefinedKit::findOrFail($kit_id);
         $models = $kit->models;
+
         return (new PredefinedKitsTransformer)->transformElements($models, $models->count());
     }
-    
+
     /**
      * Store the specified resource.
      *
      * @param  int  $id
      * @return \Illuminate\Http\Response
      */
-     public function storeModel(Request $request, $kit_id)
-     {
-
-
+    public function storeModel(Request $request, $kit_id)
+    {
         $this->authorize('update', PredefinedKit::class);
-        
-        $kit = PredefinedKit::findOrFail($kit_id);        
-        
+
+        $kit = PredefinedKit::findOrFail($kit_id);
+
         $model_id = $request->get('model');
         $quantity = $request->input('quantity', 1);
-        if( $quantity < 1) {
+        if ($quantity < 1) {
             $quantity = 1;
         }
-        
+
         $relation = $kit->models();
-        if( $relation->find($model_id) ) {
+        if ($relation->find($model_id)) {
             return response()->json(Helper::formatStandardApiResponse('error', null, ['model' => 'Model already attached to kit']));
         }
         $relation->attach($model_id, ['quantity' => $quantity]);
-        
+
         return response()->json(Helper::formatStandardApiResponse('success', $kit, 'Model added successfull'));
     }
 
@@ -266,20 +264,20 @@ class PredefinedKitsController extends Controller
      * @param  int  $kit_id
      * @return \Illuminate\Http\Response
      */
-     public function updateModel(Request $request, $kit_id, $model_id)
-     {
-         $this->authorize('update', PredefinedKit::class);
-         $kit = PredefinedKit::findOrFail($kit_id);
-         $quantity = $request->input('quantity', 1);
-         if( $quantity < 1) {
-             $quantity = 1;
-         }
-         $kit->models()->syncWithoutDetaching([$model_id => ['quantity' =>  $quantity]]);
- 
-         return response()->json(Helper::formatStandardApiResponse('success', $kit, 'License updated'));  // TODO: trans
-     }
+    public function updateModel(Request $request, $kit_id, $model_id)
+    {
+        $this->authorize('update', PredefinedKit::class);
+        $kit = PredefinedKit::findOrFail($kit_id);
+        $quantity = $request->input('quantity', 1);
+        if ($quantity < 1) {
+            $quantity = 1;
+        }
+        $kit->models()->syncWithoutDetaching([$model_id => ['quantity' =>  $quantity]]);
 
-     /**
+        return response()->json(Helper::formatStandardApiResponse('success', $kit, trans('admin/kits/general.license_updated')));
+    }
+
+    /**
      * Remove the specified resource from storage.
      *
      * @param  int  $kit_id
@@ -291,49 +289,50 @@ class PredefinedKitsController extends Controller
         $kit = PredefinedKit::findOrFail($kit_id);
 
         $kit->models()->detach($model_id);
-        return response()->json(Helper::formatStandardApiResponse('success', $kit,  trans('admin/kits/general.model_removed_success')));
+
+        return response()->json(Helper::formatStandardApiResponse('success', $kit, trans('admin/kits/general.model_removed_success')));
     }
 
-
-    
     /**
      * Display the specified resource.
      *
      * @param  int  $kit_id
      * @return \Illuminate\Http\Response
      */
-    public function indexConsumables($kit_id) {
+    public function indexConsumables($kit_id)
+    {
         $this->authorize('view', PredefinedKit::class);
         $kit = PredefinedKit::findOrFail($kit_id);
         $consumables = $kit->consumables;
+
         return (new PredefinedKitsTransformer)->transformElements($consumables, $consumables->count());
     }
 
-    
     /**
      * Store the specified resource.
      *
      * @param  int  $id
      * @return \Illuminate\Http\Response
      */
-     public function storeConsumable(Request $request, $kit_id)
-     {
-         $this->authorize('update', PredefinedKit::class);
-         
-         $kit = PredefinedKit::findOrFail($kit_id);        
-         $quantity = $request->input('quantity', 1);
-         if( $quantity < 1) {
-             $quantity = 1;
-         }
+    public function storeConsumable(Request $request, $kit_id)
+    {
+        $this->authorize('update', PredefinedKit::class);
 
-         $consumable_id = $request->get('consumable');
-         $relation = $kit->consumables();
-         if( $relation->find($consumable_id) ) {
-             return response()->json(Helper::formatStandardApiResponse('error', null, ['consumable' => 'Consumable already attached to kit']));
-         }
+        $kit = PredefinedKit::findOrFail($kit_id);
+        $quantity = $request->input('quantity', 1);
+        if ($quantity < 1) {
+            $quantity = 1;
+        }
 
-         $relation->attach( $consumable_id, ['quantity' => $quantity]);
-         return response()->json(Helper::formatStandardApiResponse('success', $kit, 'Consumable added successfull'));     // TODO: trans
+        $consumable_id = $request->get('consumable');
+        $relation = $kit->consumables();
+        if ($relation->find($consumable_id)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, ['consumable' => trans('admin/kits/general.consumable_error')]));
+        }
+
+        $relation->attach($consumable_id, ['quantity' => $quantity]);
+
+        return response()->json(Helper::formatStandardApiResponse('success', $kit, trans('admin/kits/general.consumable_added_success')));
     }
 
     /**
@@ -343,20 +342,20 @@ class PredefinedKitsController extends Controller
      * @param  int  $kit_id
      * @return \Illuminate\Http\Response
      */
-     public function updateConsumable(Request $request, $kit_id, $consumable_id)
-     {
-         $this->authorize('update', PredefinedKit::class);
-         $kit = PredefinedKit::findOrFail($kit_id);
-         $quantity = $request->input('quantity', 1);
-         if( $quantity < 1) {
-             $quantity = 1;
-         }
-         $kit->consumables()->syncWithoutDetaching([$consumable_id => ['quantity' =>  $quantity]]);
- 
-         return response()->json(Helper::formatStandardApiResponse('success', $kit, 'Consumable updated'));  // TODO: trans
-     }
+    public function updateConsumable(Request $request, $kit_id, $consumable_id)
+    {
+        $this->authorize('update', PredefinedKit::class);
+        $kit = PredefinedKit::findOrFail($kit_id);
+        $quantity = $request->input('quantity', 1);
+        if ($quantity < 1) {
+            $quantity = 1;
+        }
+        $kit->consumables()->syncWithoutDetaching([$consumable_id => ['quantity' =>  $quantity]]);
 
-     /**
+        return response()->json(Helper::formatStandardApiResponse('success', $kit, trans('admin/kits/general.consumable_updated')));
+    }
+
+    /**
      * Remove the specified resource from storage.
      *
      * @param  int  $kit_id
@@ -368,48 +367,50 @@ class PredefinedKitsController extends Controller
         $kit = PredefinedKit::findOrFail($kit_id);
 
         $kit->consumables()->detach($consumable_id);
-        return response()->json(Helper::formatStandardApiResponse('success', $kit,  'Delete was successfull'));     // TODO: trans
+
+        return response()->json(Helper::formatStandardApiResponse('success', $kit, trans('admin/kits/general.consumable_deleted')));
     }
 
-    
     /**
      * Display the specified resource.
      *
      * @param  int  $kit_id
      * @return \Illuminate\Http\Response
      */
-    public function indexAccessories($kit_id) {
+    public function indexAccessories($kit_id)
+    {
         $this->authorize('view', PredefinedKit::class);
         $kit = PredefinedKit::findOrFail($kit_id);
         $accessories = $kit->accessories;
+
         return (new PredefinedKitsTransformer)->transformElements($accessories, $accessories->count());
     }
 
-    
     /**
      * Store the specified resource.
      *
      * @param  int  $kit_id
      * @return \Illuminate\Http\Response
      */
-     public function storeAccessory(Request $request, $kit_id)
-     {
-         $this->authorize('update', PredefinedKit::class);
-         
-         $kit = PredefinedKit::findOrFail($kit_id);        
-         $quantity = $request->input('quantity', 1);
-         if( $quantity < 1) {
-             $quantity = 1;
-         }
+    public function storeAccessory(Request $request, $kit_id)
+    {
+        $this->authorize('update', PredefinedKit::class);
 
-         $accessory_id = $request->get('accessory');
-         $relation = $kit->accessories();
-         if( $relation->find($accessory_id) ) {
-             return response()->json(Helper::formatStandardApiResponse('error', null, ['accessory' => 'Accessory already attached to kit']));
-         }
+        $kit = PredefinedKit::findOrFail($kit_id);
+        $quantity = $request->input('quantity', 1);
+        if ($quantity < 1) {
+            $quantity = 1;
+        }
 
-         $relation->attach( $accessory_id, ['quantity' => $quantity]);
-         return response()->json(Helper::formatStandardApiResponse('success', $kit, 'Accessory added successfull'));     // TODO: trans
+        $accessory_id = $request->get('accessory');
+        $relation = $kit->accessories();
+        if ($relation->find($accessory_id)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, ['accessory' => trans('admin/kits/general.accessory_error')]));
+        }
+
+        $relation->attach($accessory_id, ['quantity' => $quantity]);
+
+        return response()->json(Helper::formatStandardApiResponse('success', $kit, trans('admin/kits/general.accessory_added_success')));
     }
 
     /**
@@ -419,20 +420,20 @@ class PredefinedKitsController extends Controller
      * @param  int  $kit_id
      * @return \Illuminate\Http\Response
      */
-     public function updateAccessory(Request $request, $kit_id, $accessory_id)
-     {
-         $this->authorize('update', PredefinedKit::class);
-         $kit = PredefinedKit::findOrFail($kit_id);
-         $quantity = $request->input('quantity', 1);
-         if( $quantity < 1) {
-             $quantity = 1;
-         }
-         $kit->accessories()->syncWithoutDetaching([$accessory_id => ['quantity' =>  $quantity]]);
- 
-         return response()->json(Helper::formatStandardApiResponse('success', $kit, 'Accessory updated'));  // TODO: trans
-     }
+    public function updateAccessory(Request $request, $kit_id, $accessory_id)
+    {
+        $this->authorize('update', PredefinedKit::class);
+        $kit = PredefinedKit::findOrFail($kit_id);
+        $quantity = $request->input('quantity', 1);
+        if ($quantity < 1) {
+            $quantity = 1;
+        }
+        $kit->accessories()->syncWithoutDetaching([$accessory_id => ['quantity' =>  $quantity]]);
 
-     /**
+        return response()->json(Helper::formatStandardApiResponse('success', $kit, trans('admin/kits/general.accessory_updated')));
+    }
+
+    /**
      * Remove the specified resource from storage.
      *
      * @param  int  $kit_id
@@ -444,6 +445,7 @@ class PredefinedKitsController extends Controller
         $kit = PredefinedKit::findOrFail($kit_id);
 
         $kit->accessories()->detach($accessory_id);
-        return response()->json(Helper::formatStandardApiResponse('success', $kit,  'Delete was successfull'));     // TODO: trans
+
+        return response()->json(Helper::formatStandardApiResponse('success', $kit, trans('admin/kits/general.accessory_deleted')));
     }
 }

app/Http/Controllers/Api/ProfileController.php

@@ -15,7 +15,7 @@ class ProfileController extends Controller
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.3.0]
      *
-     * @return Array
+     * @return array
      */
     public function requestedAssets()
     {
@@ -24,7 +24,6 @@ class ProfileController extends Controller
         $results = [];
         $results['total'] = $checkoutRequests->count();
 
-
         foreach ($checkoutRequests as $checkoutRequest) {
 
             // Make sure the asset and request still exist
@@ -39,10 +38,8 @@ class ProfileController extends Controller
                     'request_date' => Helper::getFormattedDateObject($checkoutRequest->created_at, 'datetime'),
                 ];
             }
-
         }
+
         return $results;
     }
-
-
 }

app/Http/Controllers/Api/ReportsController.php

@@ -19,25 +19,25 @@ class ReportsController extends Controller
     public function index(Request $request)
     {
         $this->authorize('reports.view');
-        
-        $actionlogs = Actionlog::with('item', 'user', 'target','location');
+
+        $actionlogs = Actionlog::with('item', 'user', 'target', 'location');
 
         if ($request->filled('search')) {
             $actionlogs = $actionlogs->TextSearch(e($request->input('search')));
         }
 
-        if (($request->filled('target_type'))  && ($request->filled('target_id'))) {
-            $actionlogs = $actionlogs->where('target_id','=',$request->input('target_id'))
-                ->where('target_type','=',"App\\Models\\".ucwords($request->input('target_type')));
+        if (($request->filled('target_type')) && ($request->filled('target_id'))) {
+            $actionlogs = $actionlogs->where('target_id', '=', $request->input('target_id'))
+                ->where('target_type', '=', 'App\\Models\\'.ucwords($request->input('target_type')));
         }
 
-        if (($request->filled('item_type'))  && ($request->filled('item_id'))) {
-            $actionlogs = $actionlogs->where('item_id','=',$request->input('item_id'))
-                ->where('item_type','=',"App\\Models\\".ucwords($request->input('item_type')));
+        if (($request->filled('item_type')) && ($request->filled('item_id'))) {
+            $actionlogs = $actionlogs->where('item_id', '=', $request->input('item_id'))
+                ->where('item_type', '=', 'App\\Models\\'.ucwords($request->input('item_type')));
         }
 
         if ($request->filled('action_type')) {
-            $actionlogs = $actionlogs->where('action_type','=',$request->input('action_type'))->orderBy('created_at', 'desc');
+            $actionlogs = $actionlogs->where('action_type', '=', $request->input('action_type'))->orderBy('created_at', 'desc');
         }
 
         if ($request->filled('uploads')) {
@@ -51,9 +51,9 @@ class ReportsController extends Controller
             'user_id',
             'accept_signature',
             'action_type',
-            'note'
+            'note',
         ];
-        
+
         $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
         $order = ($request->input('order') == 'asc') ? 'asc' : 'desc';
         $offset = request('offset', 0);
@@ -62,6 +62,5 @@ class ReportsController extends Controller
         $actionlogs = $actionlogs->orderBy($sort, $order)->skip($offset)->take($limit)->get();
 
         return response()->json((new ActionlogsTransformer)->transformActionlogs($actionlogs, $total), 200, ['Content-Type' => 'application/json;charset=utf8'], JSON_UNESCAPED_UNICODE);
-
     }
 }

app/Http/Controllers/Api/SettingsController.php

@@ -2,125 +2,92 @@
 
 namespace App\Http\Controllers\Api;
 
-use App\Http\Controllers\Controller;
-use App\Http\Transformers\LoginAttemptsTransformer;
-use App\Models\Setting;
-use App\Notifications\MailTest;
-use App\Services\LdapAd;
-use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Models\Ldap;
+use App\Models\Setting;
+use Mail;
+use App\Notifications\SlackTest;
+use App\Notifications\MailTest;
+use GuzzleHttp\Client;
+use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Response;
 use Illuminate\Support\Facades\DB;
 use Illuminate\Support\Facades\Log;
 use Illuminate\Support\Facades\Notification;
-use GuzzleHttp\Client;
 use Illuminate\Support\Facades\Storage;
-use Illuminate\Support\Facades\Validator;
-use App\Models\Ldap; // forward-port of v4 LDAP model for Sync
+use Illuminate\Support\Facades\Validator; 
+use App\Http\Requests\SlackSettingsRequest;
 
 
 class SettingsController extends Controller
 {
 
-    /**
-     * Test the ldap settings
-     * 
-     * @author Wes Hulette <jwhulette@gmail.com>
-     * 
-     * @since 5.0.0
-     * 
-     * @param App\Models\LdapAd $ldap
-     * 
-     * @return \Illuminate\Http\JsonResponse
-     */
-    public function ldapAdSettingsTest(LdapAd $ldap): JsonResponse
+
+    public function ldaptest()
     {
-        if(!$ldap->init()) {
-            Log::info('LDAP is not enabled so we cannot test.');
+        $settings = Setting::getSettings();
+
+        if ($settings->ldap_enabled!='1') {
+            \Log::debug('LDAP is not enabled cannot test.');
             return response()->json(['message' => 'LDAP is not enabled, cannot test.'], 400);
         }
 
-        // The connect, bind and resulting users message
-        $message = [];
+        \Log::debug('Preparing to test LDAP connection');
 
-        
-        // This is all kinda fucked right now. The connection test doesn't actually do what you think,
-        // // and the way we parse the errors
-        // on the JS side is horrible. 
-        Log::info('Preparing to test LDAP user login');
-        // Test user can connect to the LDAP server
+        $message = []; //where we collect together test messages
         try {
-            $ldap->testLdapAdUserConnection();
-            $message['login'] = [
-                'message' => 'Successfully connected to LDAP server.'
-            ];
-        } catch (\Exception $ex) {
-                \Log::debug('Connection to LDAP server '.Setting::getSettings()->ldap_server.' failed. Please check your LDAP settings and try again. Server Responded with error: ' . $ex->getMessage());
-            return response()->json(
-                ['message' => 'Connection to LDAP server '.Setting::getSettings()->ldap_server." failed. Verify that the LDAP hostname is entered correctly and that it can be reached from this web server. \n\nServer Responded with error: " . $ex->getMessage()
-
-                ], 400);
-        }
-
-        Log::info('Preparing to test LDAP bind connection');
-        // Test user can bind to the LDAP server
-        try {
-            Log::info('Testing Bind');
-            $ldap->testLdapAdBindConnection();
-            $message['bind'] = [
-                'message' => 'Successfully bound to LDAP server.'
-            ];
-        } catch (\Exception $ex) {
-            Log::info('LDAP Bind failed');
-            return response()->json(['message' => 'Connection to LDAP successful, but we were unable to Bind the LDAP user '.Setting::getSettings()->ldap_uname.". Verify your that your LDAP Bind username and password are correct. \n\nServer Responded with error: " . $ex->getMessage()
-            ], 400);
-        }
-
-
-        Log::info('Preparing to get sample user set from LDAP directory');
-        // Get a sample of 10 users so user can verify the data is correct
-        $settings = Setting::getSettings();
-        try {
-            Log::info('Testing LDAP sync');
-            error_reporting(E_ALL & ~E_DEPRECATED); // workaround for php7.4, which deprecates ldap_control_paged_result
-            // $users = $ldap->testUserImportSync(); // from AdLdap2 from v5, disabling and falling back to v4's sync code
-            $users = collect(Ldap::findLdapUsers())->slice(0, 11)->filter(function ($value, $key) { //choosing ELEVEN because one is going to be the count, which we're about to filter out in the next line
-                return is_int($key);
-            })->map(function ($item) use ($settings) {
-                return (object) [
-                    'username'        => $item[$settings['ldap_username_field']][0] ?? null,
-                    'employee_number' => $item[$settings['ldap_emp_num']][0] ?? null,
-                    'lastname'        => $item[$settings['ldap_lname_field']][0] ?? null,
-                    'firstname'       => $item[$settings['ldap_fname_field']][0] ?? null,
-                    'email'           => $item[$settings['ldap_email']][0] ?? null,
+            $connection = Ldap::connectToLdap();
+            try {
+                $message['bind'] = ['message' => 'Successfully bound to LDAP server.'];
+                \Log::debug('attempting to bind to LDAP for LDAP test');
+                Ldap::bindAdminToLdap($connection);
+                $message['login'] = [
+                    'message' => 'Successfully connected to LDAP server.',
                 ];
-            });
-            if ($users->count() > 0) {
-                $message['user_sync']  = [
-                    'users' => $users
-                ];
-            } else {
-                $message['user_sync']  = [
-                    'message' => 'Connection to LDAP was successful, however there were no users returned from your query. You should confirm the Base Bind DN above.'
-                ];
-                return response()->json($message, 400);
+
+                $users = collect(Ldap::findLdapUsers(null,10))->filter(function ($value, $key) {
+                    return is_int($key);
+                })->slice(0, 10)->map(function ($item) use ($settings) {
+                    return (object) [
+                        'username'        => $item[$settings['ldap_username_field']][0] ?? null,
+                        'employee_number' => $item[$settings['ldap_emp_num']][0] ?? null,
+                        'lastname'        => $item[$settings['ldap_lname_field']][0] ?? null,
+                        'firstname'       => $item[$settings['ldap_fname_field']][0] ?? null,
+                        'email'           => $item[$settings['ldap_email']][0] ?? null,
+                    ];
+                });
+                if ($users->count() > 0) {
+                    $message['user_sync'] = [
+                        'users' => $users,
+                    ];
+                } else {
+                    $message['user_sync'] = [
+                        'message' => 'Connection to LDAP was successful, however there were no users returned from your query. You should confirm the Base Bind DN above.',
+                    ];
+    
+                    return response()->json($message, 400);
+                }
+
+                return response()->json($message, 200);
+            } catch (\Exception $e) {
+                \Log::debug('Bind failed');
+                \Log::debug("Exception was: ".$e->getMessage());
+                return response()->json(['message' => $e->getMessage()], 400);
+                //return response()->json(['message' => $e->getMessage()], 500);
             }
-            
-        } catch (\Exception $ex) {
-            Log::info('LDAP sync failed');
-            $message['user_sync']  = [
-                'message' => 'Error getting users from LDAP directory, error: ' . $ex->getMessage()
-            ];
-            return response()->json($message, 400);
+        } catch (\Exception $e) {
+            \Log::debug('Connection failed but we cannot debug it any further on our end.');
+            return response()->json(['message' => $e->getMessage()], 500);
         }
 
-        return response()->json($message, 200);
+
     }
 
-    public function ldaptestlogin(Request $request, LdapAd $ldap)
+    public function ldaptestlogin(Request $request)
     {
 
-        if (Setting::getSettings()->ldap_enabled!='1') {
+        if (Setting::getSettings()->ldap_enabled != '1') {
             \Log::debug('LDAP is not enabled. Cannot test.');
             return response()->json(['message' => 'LDAP is not enabled, cannot test.'], 400);
         }
@@ -139,57 +106,77 @@ class SettingsController extends Controller
         }
         
 
+
         \Log::debug('Preparing to test LDAP login');
         try {
-            DB::beginTransaction(); //this was the easiest way to invoke a full test of an LDAP login without adding new users to the DB (which may not be desired)
+            $connection = Ldap::connectToLdap();
+            try {
+                Ldap::bindAdminToLdap($connection);
+                \Log::debug('Attempting to bind to LDAP for LDAP test');
+                try {
+                    $ldap_user = Ldap::findAndBindUserLdap($request->input('ldaptest_user'), $request->input('ldaptest_password'));
+                    if ($ldap_user) {
+                        \Log::debug('It worked! '. $request->input('ldaptest_user').' successfully binded to LDAP.');
+                        return response()->json(['message' => 'It worked! '. $request->input('ldaptest_user').' successfully binded to LDAP.'], 200);
+                    }
+                    return response()->json(['message' => 'Login Failed. '. $request->input('ldaptest_user').' did not successfully bind to LDAP.'], 400);
 
-            // $results = $ldap->ldap->auth()->attempt($request->input('ldaptest_username'), $request->input('ldaptest_password'), true);
-            // can't do this because that's a protected property.
+                } catch (\Exception $e) {
+                    \Log::debug('LDAP login failed');
+                    return response()->json(['message' => $e->getMessage()], 400);
+                }
 
-            $results = $ldap->ldapLogin($request->input('ldaptest_user'), $request->input('ldaptest_password')); // this would normally create a user on success (if they didn't already exist), but for the transaction
-            if($results) {
-                return response()->json(['message' => 'It worked! '. $request->input('ldaptest_user').' successfully binded to LDAP.'], 200);
-            } else {
-                return response()->json(['message' => 'Login Failed. '. $request->input('ldaptest_user').' did not successfully bind to LDAP.'], 400);
+            } catch (\Exception $e) {
+                \Log::debug('Bind failed');
+                return response()->json(['message' => $e->getMessage()], 400);
+                //return response()->json(['message' => $e->getMessage()], 500);
             }
         } catch (\Exception $e) {
             \Log::debug('Connection failed');
-            return response()->json(['message' => $e->getMessage()], 400);
-        } finally {
-            DB::rollBack(); // ALWAYS rollback, whether success or failure
+            return response()->json(['message' => $e->getMessage()], 500);
         }
 
 
     }
 
-    public function slacktest(Request $request)
+    public function slacktest(SlackSettingsRequest $request)
     {
 
-        $slack = new Client([
-            'base_url' => e($request->input('slack_endpoint')),
-            'defaults' => [
-                'exceptions' => false
-            ]
+        $validator = Validator::make($request->all(), [
+            'slack_endpoint'                      => 'url|required_with:slack_channel|starts_with:https://hooks.slack.com/|nullable',
+            'slack_channel'                       => 'required_with:slack_endpoint|starts_with:#|nullable',
         ]);
 
-
-        $payload = json_encode(
-            [
-                'channel'    => e($request->input('slack_channel')),
-                'text'       => trans('general.slack_test_msg'),
-                'username'    => e($request->input('slack_botname')),
-                'icon_emoji' => ':heart:'
-            ]);
-
-        try {
-            $slack->post($request->input('slack_endpoint'),['body' => $payload]);
-            return response()->json(['message' => 'Success'], 200);
-        } catch (\Exception $e) {
-            return response()->json(['message' => 'Oops! Please check the channel name and webhook endpoint URL. Slack responded with: '.$e->getMessage()], 400);
+        if ($validator->fails()) {
+            return response()->json(['message' => 'Validation failed', 'errors' => $validator->errors()], 422);
         }
 
-        return response()->json(['message' => 'Something went wrong :( '], 400);
+        // If validation passes, continue to the curl request
+            $slack = new Client([
+                'base_url' => e($request->input('slack_endpoint')),
+                'defaults' => [
+                    'exceptions' => false,
+                ],
+            ]);
 
+            $payload = json_encode(
+                [
+                    'channel'    => e($request->input('slack_channel')),
+                    'text'       => trans('general.slack_test_msg'),
+                    'username'    => e($request->input('slack_botname')),
+                    'icon_emoji' => ':heart:',
+                ]);
+
+            try {
+                $slack->post($request->input('slack_endpoint'), ['body' => $payload]);
+                return response()->json(['message' => 'Success'], 200);
+
+            } catch (\Exception $e) {
+                return response()->json(['message' => 'Please check the channel name and webhook endpoint URL ('.e($request->input('slack_endpoint')).'). Slack responded with: '.$e->getMessage()], 400);
+            }
+
+        //} 
+        return response()->json(['message' => 'Something went wrong :( '], 400);
     }
 
 
@@ -224,23 +211,21 @@ class SettingsController extends Controller
      */
     public function purgeBarcodes()
     {
-
         $file_count = 0;
         $files = Storage::disk('public')->files('barcodes');
 
         foreach ($files as $file) { // iterate files
 
-            $file_parts = explode(".", $file);
+            $file_parts = explode('.', $file);
             $extension = end($file_parts);
             \Log::debug($extension);
 
             // Only generated barcodes would have a .png file extension
-            if ($extension =='png') {
-
+            if ($extension == 'png') {
                 \Log::debug('Deleting: '.$file);
 
 
-                try  {
+                try {
                     Storage::disk('public')->delete($file);
                     \Log::debug('Deleting: '.$file);
                     $file_count++;
@@ -248,11 +233,9 @@ class SettingsController extends Controller
                     \Log::debug($e);
                 }
             }
-
         }
 
         return response()->json(['message' => 'Deleted '.$file_count.' barcodes'], 200);
-
     }
 
 
@@ -269,20 +252,16 @@ class SettingsController extends Controller
      */
     public function showLoginAttempts(Request $request)
     {
-        $allowed_columns = ['id', 'username', 'remote_ip', 'user_agent','successful','created_at'];
+        $allowed_columns = ['id', 'username', 'remote_ip', 'user_agent', 'successful', 'created_at'];
 
-        $login_attempts =  DB::table('login_attempts');
+        $login_attempts = DB::table('login_attempts');
         $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
         $sort = in_array($request->get('sort'), $allowed_columns) ? $request->get('sort') : 'created_at';
 
         $total = $login_attempts->count();
         $login_attempts->orderBy($sort, $order);
-        $login_attempt_results = $login_attempts->skip(request('offset', 0))->take(request('limit',  20))->get();
+        $login_attempt_results = $login_attempts->skip(request('offset', 0))->take(request('limit', 20))->get();
 
         return (new LoginAttemptsTransformer)->transformLoginAttempts($login_attempt_results, $total);
-
     }
-
-
-
-}
+}

app/Http/Controllers/Api/StatuslabelsController.php

@@ -22,7 +22,7 @@ class StatuslabelsController extends Controller
     public function index(Request $request)
     {
         $this->authorize('view', Statuslabel::class);
-        $allowed_columns = ['id','name','created_at', 'assets_count','color', 'notes','default_label'];
+        $allowed_columns = ['id', 'name', 'created_at', 'assets_count', 'color', 'notes', 'default_label'];
 
         $statuslabels = Statuslabel::withCount('assets as assets_count');
 
@@ -30,6 +30,20 @@ class StatuslabelsController extends Controller
             $statuslabels = $statuslabels->TextSearch($request->input('search'));
         }
 
+
+        // if a status_type is passed, filter by that
+        if ($request->filled('status_type')) {
+            if (strtolower($request->input('status_type'))== 'pending') {
+                $statuslabels = $statuslabels->Pending();
+            } elseif (strtolower($request->input('status_type'))== 'archived') {
+                $statuslabels = $statuslabels->Archived();
+            } elseif (strtolower($request->input('status_type'))== 'deployable') {
+                $statuslabels = $statuslabels->Deployable();
+            } elseif (strtolower($request->input('status_type'))== 'undeployable') {
+                $statuslabels = $statuslabels->Undeployable();
+            }
+        }
+
         // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
         // case we override with the actual count, so we should return 0 items.
         $offset = (($statuslabels) && ($request->get('offset') > $statuslabels->count())) ? $statuslabels->count() : $request->get('offset', 0);
@@ -43,6 +57,7 @@ class StatuslabelsController extends Controller
 
         $total = $statuslabels->count();
         $statuslabels = $statuslabels->skip($offset)->take($limit)->get();
+
         return (new StatuslabelsTransformer)->transformStatuslabels($statuslabels, $total);
     }
 
@@ -58,19 +73,19 @@ class StatuslabelsController extends Controller
     public function store(Request $request)
     {
         $this->authorize('create', Statuslabel::class);
-        $request->except('deployable', 'pending','archived');
+        $request->except('deployable', 'pending', 'archived');
 
-        if (!$request->filled('type')) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, ["type" => ["Status label type is required."]]),500);
+        if (! $request->filled('type')) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, ['type' => ['Status label type is required.']]), 500);
         }
 
         $statuslabel = new Statuslabel;
         $statuslabel->fill($request->all());
 
         $statusType = Statuslabel::getStatuslabelTypesForDB($request->input('type'));
-        $statuslabel->deployable        =  $statusType['deployable'];
-        $statuslabel->pending           =  $statusType['pending'];
-        $statuslabel->archived          =  $statusType['archived'];
+        $statuslabel->deployable = $statusType['deployable'];
+        $statuslabel->pending = $statusType['pending'];
+        $statuslabel->archived = $statusType['archived'];
         $statuslabel->color             =  $request->input('color');
         $statuslabel->show_in_nav       =  $request->input('show_in_nav', 0);
         $statuslabel->default_label     =  $request->input('default_label', 0);
@@ -79,8 +94,8 @@ class StatuslabelsController extends Controller
         if ($statuslabel->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', $statuslabel, trans('admin/statuslabels/message.create.success')));
         }
-        return response()->json(Helper::formatStandardApiResponse('error', null, $statuslabel->getErrors()));
 
+        return response()->json(Helper::formatStandardApiResponse('error', null, $statuslabel->getErrors()));
     }
 
     /**
@@ -95,10 +110,10 @@ class StatuslabelsController extends Controller
     {
         $this->authorize('view', Statuslabel::class);
         $statuslabel = Statuslabel::findOrFail($id);
+
         return (new StatuslabelsTransformer)->transformStatuslabel($statuslabel);
     }
 
-
     /**
      * Update the specified resource in storage.
      *
@@ -113,19 +128,21 @@ class StatuslabelsController extends Controller
         $this->authorize('update', Statuslabel::class);
         $statuslabel = Statuslabel::findOrFail($id);
         
-        $request->except('deployable', 'pending','archived');
-
+        $request->except('deployable', 'pending', 'archived');
 
+        if (! $request->filled('type')) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'Status label type is required.'));
+        }
 
         $statuslabel->fill($request->all());
 
         $statusType = Statuslabel::getStatuslabelTypesForDB($request->input('type'));
-        $statuslabel->deployable        =  $statusType['deployable'];
-        $statuslabel->pending           =  $statusType['pending'];
-        $statuslabel->archived          =  $statusType['archived'];
+        $statuslabel->deployable = $statusType['deployable'];
+        $statuslabel->pending = $statusType['pending'];
+        $statuslabel->archived = $statusType['archived'];
         $statuslabel->color             =  $request->input('color');
-        $statuslabel->show_in_nav       =  $request->input('show_in_nav');
-        $statuslabel->default_label     =  $request->input('default_label');
+        $statuslabel->show_in_nav       =  $request->input('show_in_nav', 0);
+        $statuslabel->default_label     =  $request->input('default_label', 0);
 
         if ($statuslabel->save()) {
             return response()->json(Helper::formatStandardApiResponse('success', $statuslabel, trans('admin/statuslabels/message.update.success')));
@@ -151,15 +168,13 @@ class StatuslabelsController extends Controller
         // Check that there are no assets associated
         if ($statuslabel->assets()->count() == 0) {
             $statuslabel->delete();
-            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/statuslabels/message.delete.success')));
+
+            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/statuslabels/message.delete.success')));
         }
 
         return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/statuslabels/message.assoc_assets')));
-
     }
 
-
-
      /**
      * Show a count of assets by status label for pie chart
      *
@@ -167,24 +182,23 @@ class StatuslabelsController extends Controller
      * @since [v3.0]
      * @return \Illuminate\Http\Response
      */
-
     public function getAssetCountByStatuslabel()
     {
         $this->authorize('view', Statuslabel::class);
 
         $statuslabels = Statuslabel::withCount('assets')->get();
 
-        $labels=[];
-        $points=[];
+        $labels = [];
+        $points = [];
         $default_color_count = 0;
-        $colors_array = array();
+        $colors_array = [];
 
         foreach ($statuslabels as $statuslabel) {
             if ($statuslabel->assets_count > 0) {
-                $labels[]=$statuslabel->name. ' ('.number_format($statuslabel->assets_count).')';
-                $points[]=$statuslabel->assets_count;
+                $labels[] = $statuslabel->name.' ('.number_format($statuslabel->assets_count).')';
+                $points[] = $statuslabel->assets_count;
 
-                if ($statuslabel->color!='') {
+                if ($statuslabel->color != '') {
                     $colors_array[] = $statuslabel->color;
                 } else {
                     $colors_array[] = Helper::defaultChartColors($default_color_count);
@@ -193,14 +207,15 @@ class StatuslabelsController extends Controller
             }
         }
 
-        $result= [
-            "labels" => $labels,
-            "datasets" => [ [
-                "data" => $points,
-                "backgroundColor" => $colors_array,
-                "hoverBackgroundColor" =>  $colors_array
-            ]]
+        $result = [
+            'labels' => $labels,
+            'datasets' => [[
+                'data' => $points,
+                'backgroundColor' => $colors_array,
+                'hoverBackgroundColor' =>  $colors_array,
+            ]],
         ];
+
         return $result;
     }
 
@@ -216,7 +231,7 @@ class StatuslabelsController extends Controller
     {
         $this->authorize('view', Statuslabel::class);
         $this->authorize('index', Asset::class);
-        $assets = Asset::where('status_id','=',$id)->with('assignedTo');
+        $assets = Asset::where('status_id', '=', $id)->with('assignedTo');
 
         $allowed_columns = [
             'id',
@@ -246,11 +261,12 @@ class StatuslabelsController extends Controller
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0]
-     * @return Bool
+     * @return bool
      */
-    public function checkIfDeployable($id) {
+    public function checkIfDeployable($id)
+    {
         $statuslabel = Statuslabel::findOrFail($id);
-        if ($statuslabel->getStatuslabelType()=='deployable') {
+        if ($statuslabel->getStatuslabelType() == 'deployable') {
             return '1';
         }
 

app/Http/Controllers/Api/SuppliersController.php

@@ -23,10 +23,10 @@ class SuppliersController extends Controller
     public function index(Request $request)
     {
         $this->authorize('view', Supplier::class);
-        $allowed_columns = ['id','name','address','phone','contact','fax','email','image','assets_count','licenses_count', 'accessories_count','url'];
+        $allowed_columns = ['id', 'name', 'address', 'phone', 'contact', 'fax', 'email', 'image', 'assets_count', 'licenses_count', 'accessories_count', 'url'];
         
         $suppliers = Supplier::select(
-                array('id','name','address','address2','city','state','country','fax', 'phone','email','contact','created_at','updated_at','deleted_at','image','notes')
+                ['id', 'name', 'address', 'address2', 'city', 'state', 'country', 'fax', 'phone', 'email', 'contact', 'created_at', 'updated_at', 'deleted_at', 'image', 'notes']
             )->withCount('assets as assets_count')->withCount('licenses as licenses_count')->withCount('accessories as accessories_count');
 
 
@@ -47,6 +47,7 @@ class SuppliersController extends Controller
 
         $total = $suppliers->count();
         $suppliers = $suppliers->skip($offset)->take($limit)->get();
+
         return (new SuppliersTransformer)->transformSuppliers($suppliers, $total);
     }
 
@@ -85,6 +86,7 @@ class SuppliersController extends Controller
     {
         $this->authorize('view', Supplier::class);
         $supplier = Supplier::findOrFail($id);
+
         return (new SuppliersTransformer)->transformSupplier($supplier);
     }
 
@@ -123,16 +125,16 @@ class SuppliersController extends Controller
     public function destroy($id)
     {
         $this->authorize('delete', Supplier::class);
-        $supplier = Supplier::with('asset_maintenances', 'assets', 'licenses')->withCount('asset_maintenances as asset_maintenances_count','assets as assets_count', 'licenses as licenses_count')->findOrFail($id);
+        $supplier = Supplier::with('asset_maintenances', 'assets', 'licenses')->withCount('asset_maintenances as asset_maintenances_count', 'assets as assets_count', 'licenses as licenses_count')->findOrFail($id);
         $this->authorize('delete', $supplier);
 
 
         if ($supplier->assets_count > 0) {
-            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/suppliers/message.delete.assoc_assets', ['asset_count' => (int) $supplier->assets_count])));
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/suppliers/message.delete.assoc_assets', ['asset_count' => (int) $supplier->assets_count])));
         }
 
         if ($supplier->asset_maintenances_count > 0) {
-            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/suppliers/message.delete.assoc_maintenances', ['asset_maintenances_count' => $supplier->asset_maintenances_count])));
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/suppliers/message.delete.assoc_maintenances', ['asset_maintenances_count' => $supplier->asset_maintenances_count])));
         }
 
         if ($supplier->licenses_count > 0) {
@@ -140,8 +142,8 @@ class SuppliersController extends Controller
         }
 
         $supplier->delete();
-        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/suppliers/message.delete.success')));
 
+        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/suppliers/message.delete.success')));
     }
 
     /**
@@ -150,11 +152,12 @@ class SuppliersController extends Controller
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0.16]
      * @see \App\Http\Transformers\SelectlistTransformer
-     *
      */
     public function selectlist(Request $request)
     {
 
+        $this->authorize('view.selectlists');
+
         $suppliers = Supplier::select([
             'id',
             'name',
@@ -176,7 +179,5 @@ class SuppliersController extends Controller
         }
 
         return (new SelectlistTransformer)->transformSelectlist($suppliers);
-
     }
-
 }

app/Http/Controllers/Api/UsersController.php

@@ -7,6 +7,7 @@ use App\Http\Controllers\Controller;
 use App\Http\Requests\SaveUserRequest;
 use App\Http\Transformers\AccessoriesTransformer;
 use App\Http\Transformers\AssetsTransformer;
+use App\Http\Transformers\ConsumablesTransformer;
 use App\Http\Transformers\LicensesTransformer;
 use App\Http\Transformers\SelectlistTransformer;
 use App\Http\Transformers\UsersTransformer;
@@ -62,16 +63,17 @@ class UsersController extends Controller
             'users.updated_at',
             'users.username',
             'users.zip',
+            'users.remote',
             'users.ldap_import',
 
-        ])->with('manager', 'groups', 'userloc', 'company', 'department','assets','licenses','accessories','consumables')
-            ->withCount('assets as assets_count','licenses as licenses_count','accessories as accessories_count','consumables as consumables_count');
+        ])->with('manager', 'groups', 'userloc', 'company', 'department', 'assets', 'licenses', 'accessories', 'consumables')
+            ->withCount('assets as assets_count', 'licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count');
         $users = Company::scopeCompanyables($users);
 
 
-        if (($request->filled('deleted')) && ($request->input('deleted')=='true')) {
+        if (($request->filled('deleted')) && ($request->input('deleted') == 'true')) {
             $users = $users->onlyTrashed();
-        } elseif (($request->filled('all')) && ($request->input('all')=='true')) {
+        } elseif (($request->filled('all')) && ($request->input('all') == 'true')) {
             $users = $users->withTrashed();
         }
 
@@ -124,13 +126,37 @@ class UsersController extends Controller
         }
 
         if ($request->filled('department_id')) {
-            $users = $users->where('users.department_id','=',$request->input('department_id'));
+            $users = $users->where('users.department_id', '=', $request->input('department_id'));
         }
 
         if ($request->filled('manager_id')) {
             $users = $users->where('users.manager_id','=',$request->input('manager_id'));
         }
 
+        if ($request->filled('ldap_import')) {
+            $users = $users->where('ldap_import', '=', $request->input('ldap_import'));
+        }
+
+        if ($request->filled('remote')) {
+            $users = $users->where('remote', '=', $request->input('remote'));
+        }
+
+        if ($request->filled('assets_count')) {
+           $users->has('assets', '=', $request->input('assets_count'));
+        }
+
+        if ($request->filled('consumables_count')) {
+            $users->has('consumables', '=', $request->input('consumables_count'));
+        }
+
+        if ($request->filled('licenses_count')) {
+            $users->has('licenses', '=', $request->input('licenses_count'));
+        }
+
+        if ($request->filled('accessories_count')) {
+            $users->has('accessories', '=', $request->input('accessories_count'));
+        }
+
         if ($request->filled('search')) {
             $users = $users->TextSearch($request->input('search'));
         }
@@ -162,11 +188,11 @@ class UsersController extends Controller
             default:
                 $allowed_columns =
                     [
-                        'last_name','first_name','email','jobtitle','username','employee_num',
-                        'assets','accessories', 'consumables','licenses','groups','activated','created_at',
-                        'two_factor_enrolled','two_factor_optin','last_login', 'assets_count', 'licenses_count',
+                        'last_name', 'first_name', 'email', 'jobtitle', 'username', 'employee_num',
+                        'assets', 'accessories', 'consumables', 'licenses', 'groups', 'activated', 'created_at',
+                        'two_factor_enrolled', 'two_factor_optin', 'last_login', 'assets_count', 'licenses_count',
                         'consumables_count', 'accessories_count', 'phone', 'address', 'city', 'state',
-                        'country', 'zip', 'id', 'ldap_import'
+                        'country', 'zip', 'id', 'ldap_import', 'remote',
                     ];
 
                 $sort = in_array($request->get('sort'), $allowed_columns) ? $request->get('sort') : 'first_name';
@@ -174,24 +200,21 @@ class UsersController extends Controller
                 break;
         }
 
-
         $total = $users->count();
         $users = $users->skip($offset)->take($limit)->get();
+
         return (new UsersTransformer)->transformUsers($users, $total);
     }
 
-
     /**
      * Gets a paginated collection for the select2 menus
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v4.0.16]
      * @see \App\Http\Transformers\SelectlistTransformer
-     *
      */
     public function selectlist(Request $request)
     {
-
         $users = User::select(
             [
                 'users.id',
@@ -218,16 +241,16 @@ class UsersController extends Controller
 
         foreach ($users as $user) {
             $name_str = '';
-            if ($user->last_name!='') {
+            if ($user->last_name != '') {
                 $name_str .= $user->last_name.', ';
             }
             $name_str .= $user->first_name;
 
-            if ($user->username!='') {
+            if ($user->username != '') {
                 $name_str .= ' ('.$user->username.')';
             }
 
-            if ($user->employee_num!='') {
+            if ($user->employee_num != '') {
                 $name_str .= ' - #'.$user->employee_num;
             }
 
@@ -236,7 +259,6 @@ class UsersController extends Controller
         }
 
         return (new SelectlistTransformer)->transformSelectlist($users);
-
     }
 
 
@@ -257,17 +279,16 @@ class UsersController extends Controller
         $user->fill($request->all());
 
         if ($request->has('permissions')) {
-
             $permissions_array = $request->input('permissions');
 
             // Strip out the superuser permission if the API user isn't a superadmin
-            if (!Auth::user()->isSuperUser()) {
+            if (! Auth::user()->isSuperUser()) {
                 unset($permissions_array['superuser']);
             }
-            $user->permissions =  $permissions_array;
+            $user->permissions = $permissions_array;
         }
 
-        $tmp_pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
+        $tmp_pass = substr(str_shuffle('0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'), 0, 20);
         $user->password = bcrypt($request->get('password', $tmp_pass));
 
         app('App\Http\Requests\ImageUploadRequest')->handleImages($user, 600, 'image', 'avatars', 'avatar');
@@ -276,11 +297,12 @@ class UsersController extends Controller
             if ($request->filled('groups')) {
                 $user->groups()->sync($request->input('groups'));
             } else {
-                $user->groups()->sync(array());
+                $user->groups()->sync([]);
             }
-            
+
             return response()->json(Helper::formatStandardApiResponse('success', (new UsersTransformer)->transformUser($user), trans('admin/users/message.success.create')));
         }
+
         return response()->json(Helper::formatStandardApiResponse('error', null, $user->getErrors()));
     }
 
@@ -294,7 +316,8 @@ class UsersController extends Controller
     public function show($id)
     {
         $this->authorize('view', User::class);
-        $user = User::withCount('assets as assets_count','licenses as licenses_count','accessories as accessories_count','consumables as consumables_count')->findOrFail($id);
+        $user = User::withCount('assets as assets_count', 'licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count')->findOrFail($id);
+
         return (new UsersTransformer)->transformUser($user);
     }
 
@@ -343,19 +366,17 @@ class UsersController extends Controller
         // here because we need to overwrite permissions
         // if someone needs to null them out
         if ($request->has('permissions')) {
-
             $permissions_array = $request->input('permissions');
 
             // Strip out the superuser permission if the API user isn't a superadmin
-            if (!Auth::user()->isSuperUser()) {
+            if (! Auth::user()->isSuperUser()) {
                 unset($permissions_array['superuser']);
             }
-            $user->permissions =  $permissions_array;
+            $user->permissions = $permissions_array;
         }
 
 
 
-
         // Update the location of any assets checked out to this user
         Asset::where('assigned_type', User::class)
             ->where('assigned_to', $user->id)->update(['location_id' => $request->input('location_id', null)]);
@@ -375,8 +396,8 @@ class UsersController extends Controller
             if ($request->filled('groups')) {
                 $user->groups()->sync($request->input('groups'));
             // The groups field has been passed but it is null, so we should blank it out
-            } elseif ($request->has('groups'))  {
-                $user->groups()->sync(array());
+            } elseif ($request->has('groups')) {
+                $user->groups()->sync([]);
             }
 
 
@@ -400,36 +421,37 @@ class UsersController extends Controller
         $user = User::findOrFail($id);
         $this->authorize('delete', $user);
 
-
         if (($user->assets) && ($user->assets->count() > 0)) {
-            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/users/message.error.delete_has_assets')));
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.error.delete_has_assets')));
         }
 
         if (($user->licenses) && ($user->licenses->count() > 0)) {
-            return response()->json(Helper::formatStandardApiResponse('error', null,  'This user still has ' . $user->licenses->count() . ' license(s) associated with them and cannot be deleted.'));
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'This user still has '.$user->licenses->count().' license(s) associated with them and cannot be deleted.'));
         }
 
         if (($user->accessories) && ($user->accessories->count() > 0)) {
-            return response()->json(Helper::formatStandardApiResponse('error', null,  'This user still has ' . $user->accessories->count() . ' accessories associated with them.'));
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'This user still has '.$user->accessories->count().' accessories associated with them.'));
         }
 
         if (($user->managedLocations()) && ($user->managedLocations()->count() > 0)) {
-            return response()->json(Helper::formatStandardApiResponse('error', null,  'This user still has ' . $user->managedLocations()->count() . ' locations that they manage.'));
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'This user still has '.$user->managedLocations()->count().' locations that they manage.'));
         }
 
         if ($user->delete()) {
 
             // Remove the user's avatar if they have one
             if (Storage::disk('public')->exists('avatars/'.$user->avatar)) {
-                try  {
+                try {
                     Storage::disk('public')->delete('avatars/'.$user->avatar);
                 } catch (\Exception $e) {
                     \Log::debug($e);
-               }
+                }
             }
-            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/users/message.success.delete')));
+
+            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/users/message.success.delete')));
         }
-        return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/users/message.error.delete')));
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.error.delete')));
     }
 
     /**
@@ -445,9 +467,28 @@ class UsersController extends Controller
         $this->authorize('view', User::class);
         $this->authorize('view', Asset::class);
         $assets = Asset::where('assigned_to', '=', $id)->where('assigned_type', '=', User::class)->with('model')->get();
+
         return (new AssetsTransformer)->transformAssets($assets, $assets->count(), $request);
     }
 
+
+    /**
+     * Return JSON containing a list of consumables assigned to a user.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @param $userId
+     * @return string JSON
+     */
+    public function consumables(Request $request, $id)
+    {
+        $this->authorize('view', User::class);
+        $this->authorize('view', Consumable::class);
+        $user = User::findOrFail($id);
+        $consumables = $user->consumables;
+        return (new ConsumablesTransformer)->transformConsumables($consumables, $consumables->count(), $request);
+    }
+
     /**
      * Return JSON containing a list of accessories assigned to a user.
      *
@@ -462,6 +503,7 @@ class UsersController extends Controller
         $user = User::findOrFail($id);
         $this->authorize('view', Accessory::class);
         $accessories = $user->accessories;
+
         return (new AccessoriesTransformer)->transformAccessories($accessories, $accessories->count());
     }
 
@@ -479,12 +521,11 @@ class UsersController extends Controller
         $this->authorize('view', License::class);
         $user = User::where('id', $id)->withTrashed()->first();
         $licenses = $user->licenses()->get();
+
         return (new LicensesTransformer())->transformLicenses($licenses, $licenses->count());
     }
 
     /**
-
-
      * Reset the user's two-factor status
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
@@ -494,7 +535,6 @@ class UsersController extends Controller
      */
     public function postTwoFactorReset(Request $request)
     {
-
         $this->authorize('update', User::class);
 
         if ($request->filled('id')) {
@@ -503,6 +543,7 @@ class UsersController extends Controller
                 $user->two_factor_secret = null;
                 $user->two_factor_enrolled = 0;
                 $user->save();
+
                 return response()->json(['message' => trans('admin/settings/general.two_factor_reset_success')], 200);
             } catch (\Exception $e) {
                 return response()->json(['message' => trans('admin/settings/general.two_factor_reset_error')], 500);
@@ -510,6 +551,7 @@ class UsersController extends Controller
         }
         return response()->json(['message' => 'No ID provided'], 500);
 
+
     }
 
     /**
@@ -524,4 +566,28 @@ class UsersController extends Controller
     {
         return (new UsersTransformer)->transformUser($request->user());
     }
+
+    /**
+     * Restore a soft-deleted user.
+     *
+     * @author [E. Taylor] [<dev@evantaylor.name>]
+     * @param int $userId
+     * @since [v6.0.0]
+     * @return JsonResponse
+     */
+    public function restore($userId = null)
+    {
+        // Get asset information
+        $user = User::withTrashed()->find($userId);
+        $this->authorize('delete', $user);
+        if (isset($user->id)) {
+            // Restore the user
+            User::withTrashed()->where('id', $userId)->restore();
+
+            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/users/message.success.restored')));
+        }
+        
+        $id = $userId;
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.user_not_found', compact('id'))), 200);
+    }
 }

app/Http/Controllers/AssetMaintenancesController.php

@@ -1,4 +1,5 @@
 <?php
+
 namespace App\Http\Controllers;
 
 use App\Helpers\Helper;
@@ -21,7 +22,6 @@ use View;
  */
 class AssetMaintenancesController extends Controller
 {
-
     /**
     * Checks for permissions for this action.
     *
@@ -50,11 +50,10 @@ class AssetMaintenancesController extends Controller
     */
     public function index()
     {
+        $this->authorize('view', Asset::class);
         return view('asset_maintenances/index');
     }
 
-
-
     /**
      *  Returns a form view to create a new asset maintenance.
      *
@@ -66,6 +65,7 @@ class AssetMaintenancesController extends Controller
      */
     public function create()
     {
+        $this->authorize('update', Asset::class);
         $asset = null;
 
         if ($asset = Asset::find(request('asset_id'))) {
@@ -96,6 +96,7 @@ class AssetMaintenancesController extends Controller
     */
     public function store(Request $request)
     {
+        $this->authorize('update', Asset::class);
         // create a new model instance
         $assetMaintenance = new AssetMaintenance();
         $assetMaintenance->supplier_id = $request->input('supplier_id');
@@ -104,24 +105,24 @@ class AssetMaintenancesController extends Controller
         $assetMaintenance->notes = $request->input('notes');
         $asset = Asset::find($request->input('asset_id'));
 
-        if ((!Company::isCurrentUserHasAccess($asset)) && ($asset!=null)) {
+        if ((! Company::isCurrentUserHasAccess($asset)) && ($asset != null)) {
             return static::getInsufficientPermissionsRedirect();
         }
 
         // Save the asset maintenance data
-        $assetMaintenance->asset_id               = $request->input('asset_id');
+        $assetMaintenance->asset_id = $request->input('asset_id');
         $assetMaintenance->asset_maintenance_type = $request->input('asset_maintenance_type');
-        $assetMaintenance->title                  = $request->input('title');
-        $assetMaintenance->start_date             = $request->input('start_date');
-        $assetMaintenance->completion_date        = $request->input('completion_date');
-        $assetMaintenance->user_id                = Auth::id();
+        $assetMaintenance->title = $request->input('title');
+        $assetMaintenance->start_date = $request->input('start_date');
+        $assetMaintenance->completion_date = $request->input('completion_date');
+        $assetMaintenance->user_id = Auth::id();
 
-        if (( $assetMaintenance->completion_date !== null )
-            && ( $assetMaintenance->start_date !== "" )
-            && ( $assetMaintenance->start_date !== "0000-00-00" )
+        if (($assetMaintenance->completion_date !== null)
+            && ($assetMaintenance->start_date !== '')
+            && ($assetMaintenance->start_date !== '0000-00-00')
         ) {
-            $startDate                                = Carbon::parse($assetMaintenance->start_date);
-            $completionDate                           = Carbon::parse($assetMaintenance->completion_date);
+            $startDate = Carbon::parse($assetMaintenance->start_date);
+            $completionDate = Carbon::parse($assetMaintenance->completion_date);
             $assetMaintenance->asset_maintenance_time = $completionDate->diffInDays($startDate);
         }
 
@@ -133,7 +134,6 @@ class AssetMaintenancesController extends Controller
         }
 
         return redirect()->back()->withInput()->withErrors($assetMaintenance->getErrors());
-
     }
 
     /**
@@ -148,16 +148,16 @@ class AssetMaintenancesController extends Controller
     */
     public function edit($assetMaintenanceId = null)
     {
+        $this->authorize('update', Asset::class);
         // Check if the asset maintenance exists
         if (is_null($assetMaintenance = AssetMaintenance::find($assetMaintenanceId))) {
             // Redirect to the improvement management page
             return redirect()->route('maintenances.index')
                            ->with('error', trans('admin/asset_maintenances/message.not_found'));
-        } elseif (!$assetMaintenance->asset) {
+        } elseif (! $assetMaintenance->asset) {
             return redirect()->route('maintenances.index')
                 ->with('error', 'The asset associated with this maintenance does not exist.');
-
-        } elseif (!Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
+        } elseif (! Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
             return static::getInsufficientPermissionsRedirect();
         }
 
@@ -184,7 +184,6 @@ class AssetMaintenancesController extends Controller
                    ->with('selectedAsset', null)
                    ->with('assetMaintenanceType', $assetMaintenanceType)
                    ->with('item', $assetMaintenance);
-
     }
 
     /**
@@ -200,12 +199,13 @@ class AssetMaintenancesController extends Controller
      */
     public function update(Request $request, $assetMaintenanceId = null)
     {
+        $this->authorize('update', Asset::class);
         // Check if the asset maintenance exists
         if (is_null($assetMaintenance = AssetMaintenance::find($assetMaintenanceId))) {
             // Redirect to the asset maintenance management page
             return redirect()->route('maintenances.index')
                            ->with('error', trans('admin/asset_maintenances/message.not_found'));
-        } elseif (!Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
+        } elseif (! Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
             return static::getInsufficientPermissionsRedirect();
         }
 
@@ -216,32 +216,32 @@ class AssetMaintenancesController extends Controller
 
         $asset = Asset::find(request('asset_id'));
 
-        if (!Company::isCurrentUserHasAccess($asset)) {
+        if (! Company::isCurrentUserHasAccess($asset)) {
             return static::getInsufficientPermissionsRedirect();
         }
 
         // Save the asset maintenance data
-        $assetMaintenance->asset_id               = $request->input('asset_id');
+        $assetMaintenance->asset_id = $request->input('asset_id');
         $assetMaintenance->asset_maintenance_type = $request->input('asset_maintenance_type');
-        $assetMaintenance->title                  = $request->input('title');
-        $assetMaintenance->start_date             = $request->input('start_date');
-        $assetMaintenance->completion_date        = $request->input('completion_date');
+        $assetMaintenance->title = $request->input('title');
+        $assetMaintenance->start_date = $request->input('start_date');
+        $assetMaintenance->completion_date = $request->input('completion_date');
 
-        if (( $assetMaintenance->completion_date == null )
+        if (($assetMaintenance->completion_date == null)
         ) {
-            if (( $assetMaintenance->asset_maintenance_time !== 0 )
-              || ( !is_null($assetMaintenance->asset_maintenance_time) )
+            if (($assetMaintenance->asset_maintenance_time !== 0)
+              || (! is_null($assetMaintenance->asset_maintenance_time))
             ) {
                 $assetMaintenance->asset_maintenance_time = null;
             }
         }
 
-        if (( $assetMaintenance->completion_date !== null )
-          && ( $assetMaintenance->start_date !== "" )
-          && ( $assetMaintenance->start_date !== "0000-00-00" )
+        if (($assetMaintenance->completion_date !== null)
+          && ($assetMaintenance->start_date !== '')
+          && ($assetMaintenance->start_date !== '0000-00-00')
         ) {
-            $startDate                                = Carbon::parse($assetMaintenance->start_date);
-            $completionDate                           = Carbon::parse($assetMaintenance->completion_date);
+            $startDate = Carbon::parse($assetMaintenance->start_date);
+            $completionDate = Carbon::parse($assetMaintenance->completion_date);
             $assetMaintenance->asset_maintenance_time = $completionDate->diffInDays($startDate);
         }
 
@@ -252,6 +252,7 @@ class AssetMaintenancesController extends Controller
             return redirect()->route('maintenances.index')
                          ->with('success', trans('admin/asset_maintenances/message.edit.success'));
         }
+
         return redirect()->back()->withInput()->withErrors($assetMaintenance->getErrors());
     }
 
@@ -266,12 +267,13 @@ class AssetMaintenancesController extends Controller
     */
     public function destroy($assetMaintenanceId)
     {
+        $this->authorize('update', Asset::class);
         // Check if the asset maintenance exists
         if (is_null($assetMaintenance = AssetMaintenance::find($assetMaintenanceId))) {
             // Redirect to the asset maintenance management page
             return redirect()->route('maintenances.index')
                            ->with('error', trans('admin/asset_maintenances/message.not_found'));
-        } elseif (!Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
+        } elseif (! Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
             return static::getInsufficientPermissionsRedirect();
         }
 
@@ -294,12 +296,14 @@ class AssetMaintenancesController extends Controller
     */
     public function show($assetMaintenanceId)
     {
+        $this->authorize('view', Asset::class);
+
         // Check if the asset maintenance exists
         if (is_null($assetMaintenance = AssetMaintenance::find($assetMaintenanceId))) {
             // Redirect to the asset maintenance management page
             return redirect()->route('maintenances.index')
                            ->with('error', trans('admin/asset_maintenances/message.not_found'));
-        } elseif (!Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
+        } elseif (! Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
             return static::getInsufficientPermissionsRedirect();
         }
 

app/Http/Controllers/AssetModelsController.php

@@ -1,4 +1,5 @@
 <?php
+
 namespace App\Http\Controllers;
 
 use App\Helpers\Helper;
@@ -10,7 +11,6 @@ use Illuminate\Support\Facades\View;
 use Redirect;
 use Request;
 use Storage;
-
 use Symfony\Component\HttpFoundation\JsonResponse;
 
 /**
@@ -34,6 +34,7 @@ class AssetModelsController extends Controller
     public function index()
     {
         $this->authorize('index', AssetModel::class);
+
         return view('models/index');
     }
 
@@ -48,12 +49,12 @@ class AssetModelsController extends Controller
     public function create()
     {
         $this->authorize('create', AssetModel::class);
+
         return view('models/edit')->with('category_type', 'asset')
             ->with('depreciation_list', Helper::depreciationList())
             ->with('item', new AssetModel);
     }
 
-
     /**
      * Validate and process the new Asset Model data.
      *
@@ -65,7 +66,6 @@ class AssetModelsController extends Controller
      */
     public function store(ImageUploadRequest $request)
     {
-
         $this->authorize('create', AssetModel::class);
         // Create a new asset model
         $model = new AssetModel;
@@ -73,29 +73,30 @@ class AssetModelsController extends Controller
         // Save the model data
         $model->eol = $request->input('eol');
         $model->depreciation_id = $request->input('depreciation_id');
-        $model->name                = $request->input('name');
-        $model->model_number        = $request->input('model_number');
-        $model->manufacturer_id     = $request->input('manufacturer_id');
-        $model->category_id         = $request->input('category_id');
-        $model->notes               = $request->input('notes');
-        $model->user_id             = Auth::id();
-        $model->requestable         = Request::has('requestable');
+        $model->name = $request->input('name');
+        $model->model_number = $request->input('model_number');
+        $model->manufacturer_id = $request->input('manufacturer_id');
+        $model->category_id = $request->input('category_id');
+        $model->notes = $request->input('notes');
+        $model->user_id = Auth::id();
+        $model->requestable = Request::has('requestable');
 
-        if ($request->input('custom_fieldset')!='') {
+        if ($request->input('custom_fieldset') != '') {
             $model->fieldset_id = e($request->input('custom_fieldset'));
         }
 
         $model = $request->handleImages($model);
 
-            // Was it created?
+        // Was it created?
         if ($model->save()) {
             if ($this->shouldAddDefaultValues($request->input())) {
                 $this->assignCustomFieldsDefaultValues($model, $request->input('default_values'));
             }
 
             // Redirect to the new model  page
-            return redirect()->route("models.index")->with('success', trans('admin/models/message.create.success'));
+            return redirect()->route('models.index')->with('success', trans('admin/models/message.create.success'));
         }
+
         return redirect()->back()->withInput()->withErrors($model->getErrors());
     }
 
@@ -113,13 +114,13 @@ class AssetModelsController extends Controller
         $this->authorize('update', AssetModel::class);
         if ($item = AssetModel::find($modelId)) {
             $category_type = 'asset';
-            $view = View::make('models/edit', compact('item','category_type'));
+            $view = View::make('models/edit', compact('item', 'category_type'));
             $view->with('depreciation_list', Helper::depreciationList());
+
             return $view;
         }
 
         return redirect()->route('models.index')->with('error', trans('admin/models/message.does_not_exist'));
-
     }
 
 
@@ -145,20 +146,18 @@ class AssetModelsController extends Controller
 
         $model = $request->handleImages($model);
 
-        $model->depreciation_id     = $request->input('depreciation_id');
-        $model->eol                 = $request->input('eol');
-        $model->name                = $request->input('name');
-        $model->model_number        = $request->input('model_number');
-        $model->manufacturer_id     = $request->input('manufacturer_id');
-        $model->category_id         = $request->input('category_id');
-        $model->notes               = $request->input('notes');
-        $model->requestable         = $request->input('requestable', '0');
-
-
+        $model->depreciation_id = $request->input('depreciation_id');
+        $model->eol = $request->input('eol');
+        $model->name = $request->input('name');
+        $model->model_number = $request->input('model_number');
+        $model->manufacturer_id = $request->input('manufacturer_id');
+        $model->category_id = $request->input('category_id');
+        $model->notes = $request->input('notes');
+        $model->requestable = $request->input('requestable', '0');
 
         $this->removeCustomFieldsDefaultValues($model);
 
-        if ($request->input('custom_fieldset')=='') {
+        if ($request->input('custom_fieldset') == '') {
             $model->fieldset_id = null;
         } else {
             $model->fieldset_id = $request->input('custom_fieldset');
@@ -168,10 +167,10 @@ class AssetModelsController extends Controller
             }
         }
 
-
         if ($model->save()) {
-            return redirect()->route("models.index")->with('success', trans('admin/models/message.update.success'));
+            return redirect()->route('models.index')->with('success', trans('admin/models/message.update.success'));
         }
+
         return redirect()->back()->withInput()->withErrors($model->getErrors());
     }
 
@@ -199,7 +198,7 @@ class AssetModelsController extends Controller
         }
 
         if ($model->image) {
-            try  {
+            try {
                 Storage::disk('public')->delete('models/'.$model->image);
             } catch (\Exception $e) {
                 \Log::info($e);
@@ -213,7 +212,6 @@ class AssetModelsController extends Controller
         return redirect()->route('models.index')->with('success', trans('admin/models/message.delete.success'));
     }
 
-
     /**
      * Restore a given Asset Model (mark as un-deleted)
      *
@@ -231,6 +229,7 @@ class AssetModelsController extends Controller
 
         if (isset($model->id)) {
             $model->restore();
+
             return redirect()->route('models.index')->with('success', trans('admin/models/message.restore.success'));
         }
         return redirect()->back()->with('error', trans('admin/models/message.not_found'));
@@ -260,15 +259,16 @@ class AssetModelsController extends Controller
     }
 
     /**
-    * Get the clone page to clone a model
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @since [v1.0]
-    * @param int $modelId
-    * @return View
-    */
+     * Get the clone page to clone a model
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @param int $modelId
+     * @return View
+     */
     public function getClone($modelId = null)
     {
+        $this->authorize('create', AssetModel::class);
         // Check if the model exists
         if (is_null($model_to_clone = AssetModel::find($modelId))) {
             return redirect()->route('models.index')->with('error', trans('admin/models/message.does_not_exist'));
@@ -286,21 +286,20 @@ class AssetModelsController extends Controller
 
 
     /**
-    * Get the custom fields form
-    *
-    * @author [B. Wetherington] [<uberbrady@gmail.com>]
-    * @since [v2.0]
-    * @param int $modelId
-    * @return View
-    */
+     * Get the custom fields form
+     *
+     * @author [B. Wetherington] [<uberbrady@gmail.com>]
+     * @since [v2.0]
+     * @param int $modelId
+     * @return View
+     */
     public function getCustomFields($modelId)
     {
-        return view("models.custom_fields_form")->with("model", AssetModel::find($modelId));
+        return view('models.custom_fields_form')->with('model', AssetModel::find($modelId));
     }
 
 
 
-
     /**
      * Returns a view that allows the user to bulk edit model attrbutes
      *
@@ -310,28 +309,25 @@ class AssetModelsController extends Controller
      */
     public function postBulkEdit(Request $request)
     {
-
         $models_raw_array = $request->input('ids');
 
         // Make sure some IDs have been selected
         if ((is_array($models_raw_array)) && (count($models_raw_array) > 0)) {
-
-
             $models = AssetModel::whereIn('id', $models_raw_array)->withCount('assets as assets_count')->orderBy('assets_count', 'ASC')->get();
 
             // If deleting....
-            if ($request->input('bulk_actions')=='delete') {
+            if ($request->input('bulk_actions') == 'delete') {
                 $valid_count = 0;
                 foreach ($models as $model) {
                     if ($model->assets_count == 0) {
                         $valid_count++;
                     }
                 }
+
                 return view('models/bulk-delete', compact('models'))->with('valid_count', $valid_count);
 
             // Otherwise display the bulk edit screen
             } else {
-
                 $nochange = ['NC' => 'No Change'];
                 $fieldset_list = $nochange + Helper::customFieldsetList();
                 $depreciation_list = $nochange + Helper::depreciationList();
@@ -340,12 +336,10 @@ class AssetModelsController extends Controller
                     ->with('fieldset_list', $fieldset_list)
                     ->with('depreciation_list', $depreciation_list);
             }
-
         }
 
         return redirect()->route('models.index')
             ->with('error', 'You must select at least one model to edit.');
-
     }
 
 
@@ -359,35 +353,33 @@ class AssetModelsController extends Controller
      */
     public function postBulkEditSave(Request $request)
     {
-
         $models_raw_array = $request->input('ids');
-        $update_array = array();
+        $update_array = [];
 
 
-        if (($request->filled('manufacturer_id') && ($request->input('manufacturer_id')!='NC'))) {
+        if (($request->filled('manufacturer_id') && ($request->input('manufacturer_id') != 'NC'))) {
             $update_array['manufacturer_id'] = $request->input('manufacturer_id');
         }
-        if (($request->filled('category_id') && ($request->input('category_id')!='NC'))) {
+        if (($request->filled('category_id') && ($request->input('category_id') != 'NC'))) {
             $update_array['category_id'] = $request->input('category_id');
         }
-        if ($request->input('fieldset_id')!='NC') {
+        if ($request->input('fieldset_id') != 'NC') {
             $update_array['fieldset_id'] = $request->input('fieldset_id');
         }
-        if ($request->input('depreciation_id')!='NC') {
+        if ($request->input('depreciation_id') != 'NC') {
             $update_array['depreciation_id'] = $request->input('depreciation_id');
         }
 
-
         
         if (count($update_array) > 0) {
             AssetModel::whereIn('id', $models_raw_array)->update($update_array);
+
             return redirect()->route('models.index')
                 ->with('success', trans('admin/models/message.bulkedit.success'));
         }
 
         return redirect()->route('models.index')
             ->with('warning', trans('admin/models/message.bulkedit.error'));
-
     }
 
     /**
@@ -404,7 +396,6 @@ class AssetModelsController extends Controller
         $models_raw_array = $request->input('ids');
 
         if ((is_array($models_raw_array)) && (count($models_raw_array) > 0)) {
-
             $models = AssetModel::whereIn('id', $models_raw_array)->withCount('assets as assets_count')->get();
 
             $del_error_count = 0;
@@ -426,7 +417,7 @@ class AssetModelsController extends Controller
 
             if ($del_error_count == 0) {
                 return redirect()->route('models.index')
-                    ->with('success', trans('admin/models/message.bulkdelete.success',['success_count'=> $del_count] ));
+                    ->with('success', trans('admin/models/message.bulkdelete.success', ['success_count'=> $del_count]));
             }
 
             return redirect()->route('models.index')
@@ -435,7 +426,6 @@ class AssetModelsController extends Controller
 
         return redirect()->route('models.index')
             ->with('error', trans('admin/models/message.bulkdelete.error'));
-
     }
 
     /**
@@ -443,13 +433,13 @@ class AssetModelsController extends Controller
      * any default values were entered into the form.
      *
      * @param  array  $input
-     * @return boolean
+     * @return bool
      */
     private function shouldAddDefaultValues(array $input)
     {
-        return !empty($input['add_default_values'])
-            && !empty($input['default_values'])
-            && !empty($input['custom_fieldset']);
+        return ! empty($input['add_default_values'])
+            && ! empty($input['default_values'])
+            && ! empty($input['custom_fieldset']);
     }
 
     /**
@@ -462,7 +452,9 @@ class AssetModelsController extends Controller
     private function assignCustomFieldsDefaultValues(AssetModel $model, array $defaultValues)
     {
         foreach ($defaultValues as $customFieldId => $defaultValue) {
-            if ($defaultValue) {
+            if(is_array($defaultValue)){
+                $model->defaultValues()->attach($customFieldId, ['default_value' => implode(', ', $defaultValue)]);
+            }elseif ($defaultValue) {
                 $model->defaultValues()->attach($customFieldId, ['default_value' => $defaultValue]);
             }
         }

app/Http/Controllers/Assets/AssetCheckinController.php

@@ -7,13 +7,14 @@ use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Http\Requests\AssetCheckinRequest;
 use App\Models\Asset;
+use App\Models\CheckoutAcceptance;
+use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Redirect;
 use Illuminate\Support\Facades\View;
 
 class AssetCheckinController extends Controller
 {
-
     /**
      * Returns a view that presents a form to check an asset back into inventory.
      *
@@ -33,6 +34,7 @@ class AssetCheckinController extends Controller
         }
 
         $this->authorize('checkin', $asset);
+
         return view('hardware/checkin', compact('asset'))->with('statusLabel_list', Helper::statusLabelList())->with('backto', $backto);
     }
 
@@ -73,7 +75,7 @@ class AssetCheckinController extends Controller
         $asset->name = $request->get('name');
 
         if ($request->filled('status_id')) {
-            $asset->status_id =  e($request->get('status_id'));
+            $asset->status_id = e($request->get('status_id'));
         }
 
         // This is just meant to correct legacy issues where some user data would have 0
@@ -81,14 +83,14 @@ class AssetCheckinController extends Controller
         // rules, so it's necessary to fix this for long-time users. It's kinda gross, but will help
         // people (and their data) in the long run
 
-        if ($asset->rtd_location_id=='0') {
+        if ($asset->rtd_location_id == '0') {
             \Log::debug('Manually override the RTD location IDs');
             \Log::debug('Original RTD Location ID: '.$asset->rtd_location_id);
             $asset->rtd_location_id = '';
             \Log::debug('New RTD Location ID: '.$asset->rtd_location_id);
         }
 
-        if ($asset->location_id=='0') {
+        if ($asset->location_id == '0') {
             \Log::debug('Manually override the location IDs');
             \Log::debug('Original Location ID: '.$asset->location_id);
             $asset->location_id = '';
@@ -99,27 +101,37 @@ class AssetCheckinController extends Controller
         \Log::debug('After Location ID: '.$asset->location_id);
         \Log::debug('After RTD Location ID: '.$asset->rtd_location_id);
 
-
         if ($request->filled('location_id')) {
             \Log::debug('NEW Location ID: '.$request->get('location_id'));
-            $asset->location_id =  e($request->get('location_id'));
+            $asset->location_id = e($request->get('location_id'));
         }
 
         $checkin_at = date('Y-m-d');
-        if($request->filled('checkin_at')){
+        if ($request->filled('checkin_at')) {
             $checkin_at = $request->input('checkin_at');
         }
 
+        // Get all pending Acceptances for this asset and delete them
+        $acceptances = CheckoutAcceptance::pending()->whereHasMorph('checkoutable',
+            [Asset::class],
+            function (Builder $query) use ($asset) {
+                $query->where('id', $asset->id);
+            })->get();
+        $acceptances->map(function($acceptance) {
+            $acceptance->delete();
+        });
+
         // Was the asset updated?
         if ($asset->save()) {
             event(new CheckoutableCheckedIn($asset, $target, Auth::user(), $request->input('note'), $checkin_at));
 
-            if ((isset($user)) && ($backto =='user')) {
-                return redirect()->route("users.show", $user->id)->with('success', trans('admin/hardware/message.checkin.success'));
+            if ((isset($user)) && ($backto == 'user')) {
+                return redirect()->route('users.show', $user->id)->with('success', trans('admin/hardware/message.checkin.success'));
             }
-            return redirect()->route("hardware.index")->with('success', trans('admin/hardware/message.checkin.success'));
+
+            return redirect()->route('hardware.index')->with('success', trans('admin/hardware/message.checkin.success'));
         }
         // Redirect to the asset management page with error
-        return redirect()->route("hardware.index")->with('error', trans('admin/hardware/message.checkin.error').$asset->getErrors());
+        return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkin.error').$asset->getErrors());
     }
 }

app/Http/Controllers/Assets/AssetCheckoutController.php

@@ -2,7 +2,6 @@
 
 namespace App\Http\Controllers\Assets;
 
-
 use App\Exceptions\CheckoutNotAllowed;
 use App\Helpers\Helper;
 use App\Http\Controllers\CheckInOutRequest;
@@ -15,15 +14,16 @@ use Illuminate\Support\Facades\Auth;
 class AssetCheckoutController extends Controller
 {
     use CheckInOutRequest;
+
     /**
-    * Returns a view that presents a form to check an asset out to a
-    * user.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @param int $assetId
-    * @since [v1.0]
-    * @return View
-    */
+     * Returns a view that presents a form to check an asset out to a
+     * user.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $assetId
+     * @since [v1.0]
+     * @return View
+     */
     public function create($assetId)
     {
         // Check if the asset exists
@@ -37,9 +37,8 @@ class AssetCheckoutController extends Controller
             return view('hardware/checkout', compact('asset'))
                 ->with('statusLabel_list', Helper::deployableStatusLabelList());
         }
+
         return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkout.not_available'));
-
-
     }
 
     /**
@@ -55,9 +54,9 @@ class AssetCheckoutController extends Controller
     {
         try {
             // Check if the asset exists
-            if (!$asset = Asset::find($assetId)) {
+            if (! $asset = Asset::find($assetId)) {
                 return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
-            } elseif (!$asset->availableForCheckout()) {
+            } elseif (! $asset->availableForCheckout()) {
                 return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkout.not_available'));
             }
             $this->authorize('checkout', $asset);
@@ -67,8 +66,8 @@ class AssetCheckoutController extends Controller
 
             $asset = $this->updateAssetLocation($asset, $target);
 
-            $checkout_at = date("Y-m-d H:i:s");
-            if (($request->filled('checkout_at')) && ($request->get('checkout_at')!= date("Y-m-d"))) {
+            $checkout_at = date('Y-m-d H:i:s');
+            if (($request->filled('checkout_at')) && ($request->get('checkout_at') != date('Y-m-d'))) {
                 $checkout_at = $request->get('checkout_at');
             }
 
@@ -82,7 +81,7 @@ class AssetCheckoutController extends Controller
             }
 
             if ($asset->checkOut($target, $admin, $checkout_at, $expected_checkin, e($request->get('note')), $request->get('name'))) {
-                return redirect()->route("hardware.index")->with('success', trans('admin/hardware/message.checkout.success'));
+                return redirect()->route('hardware.index')->with('success', trans('admin/hardware/message.checkout.success'));
             }
 
             // Redirect to the asset management page with error
@@ -93,5 +92,4 @@ class AssetCheckoutController extends Controller
             return redirect()->back()->with('error', $e->getMessage());
         }
     }
-
 }

app/Http/Controllers/Assets/AssetFilesController.php

@@ -2,13 +2,13 @@
 
 namespace App\Http\Controllers\Assets;
 
+use App\Helpers\StorageHelper;
 use App\Http\Controllers\Controller;
 use App\Http\Requests\AssetFileRequest;
 use App\Models\Actionlog;
 use App\Models\Asset;
 use Illuminate\Support\Facades\Response;
 use Illuminate\Support\Facades\Storage;
-use App\Helpers\StorageHelper;
 use enshrined\svgSanitize\Sanitizer;
 
 class AssetFilesController extends Controller
@@ -25,15 +25,16 @@ class AssetFilesController extends Controller
      */
     public function store(AssetFileRequest $request, $assetId = null)
     {
-        if (!$asset = Asset::find($assetId)) {
+        if (! $asset = Asset::find($assetId)) {
             return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
         }
 
         $this->authorize('update', $asset);
 
         if ($request->hasFile('file')) {
-
-            if (!Storage::exists('private_uploads/assets')) Storage::makeDirectory('private_uploads/assets', 775);
+            if (! Storage::exists('private_uploads/assets')) {
+                Storage::makeDirectory('private_uploads/assets', 775);
+            }
 
             foreach ($request->file('file') as $file) {
 
@@ -55,12 +56,13 @@ class AssetFilesController extends Controller
                             \Log::debug($e);
                         }
                 } else {
-                    Storage::put('private_uploads/assets/'.$file_name, file_get_contents($file));
+                Storage::put('private_uploads/assets/'.$file_name, file_get_contents($file));
                 }
                
                 
                 $asset->logUpload($file_name, e($request->get('notes')));
             }
+
             return redirect()->back()->with('success', trans('admin/hardware/message.upload.success'));
         }
 
@@ -84,7 +86,7 @@ class AssetFilesController extends Controller
         if (isset($asset->id)) {
             $this->authorize('view', $asset);
 
-            if (!$log = Actionlog::find($fileId)) {
+            if (! $log = Actionlog::find($fileId)) {
                 return response('No matching record for that asset/file', 500)
                     ->header('Content-Type', 'text/plain');
             }
@@ -92,21 +94,23 @@ class AssetFilesController extends Controller
             $file = 'private_uploads/assets/'.$log->filename;
             \Log::debug('Checking for '.$file);
 
-            if ($log->action_type =='audit') {
+            if ($log->action_type == 'audit') {
                 $file = 'private_uploads/audits/'.$log->filename;
             }
 
-            if (!Storage::exists($file)) {
+            if (! Storage::exists($file)) {
                 return response('File '.$file.' not found on server', 404)
                     ->header('Content-Type', 'text/plain');
             }
 
             if ($download != 'true') {
-                  if ($contents = file_get_contents(Storage::url($file))) {
-                      return Response::make(Storage::url($file)->header('Content-Type', mime_content_type($file)));
-                  }
-                return JsonResponse::create(["error" => "Failed validation: "], 500);
+                if ($contents = file_get_contents(Storage::url($file))) {
+                    return Response::make(Storage::url($file)->header('Content-Type', mime_content_type($file)));
+                }
+
+                return JsonResponse::create(['error' => 'Failed validation: '], 500);
             }
+
             return StorageHelper::downloader($file);
         }
         // Prepare the error message
@@ -141,6 +145,7 @@ class AssetFilesController extends Controller
                     Storage::delete($rel_path.'/'.$log->filename);
                 }
                 $log->delete();
+
                 return redirect()->back()->with('success', trans('admin/hardware/message.deletefile.success'));
             }
 

app/Http/Controllers/Assets/AssetsController.php

@@ -1,4 +1,5 @@
 <?php
+
 namespace App\Http\Controllers\Assets;
 
 use App\Helpers\Helper;
@@ -14,13 +15,13 @@ use App\Models\Setting;
 use App\Models\User;
 use Auth;
 use Carbon\Carbon;
-use Intervention\Image\Facades\Image;
 use DB;
 use Gate;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Cache;
 use Illuminate\Support\Facades\Storage;
 use Input;
+use Intervention\Image\Facades\Image;
 use League\Csv\Reader;
 use League\Csv\Statement;
 use Paginator;
@@ -40,9 +41,8 @@ use View;
  */
 class AssetsController extends Controller
 {
-    protected $qrCodeDimensions = array( 'height' => 3.5, 'width' => 3.5);
-    protected $barCodeDimensions = array( 'height' => 2, 'width' => 22);
-
+    protected $qrCodeDimensions = ['height' => 3.5, 'width' => 3.5];
+    protected $barCodeDimensions = ['height' => 2, 'width' => 22];
 
     public function __construct()
     {
@@ -65,6 +65,7 @@ class AssetsController extends Controller
     {
         $this->authorize('index', Asset::class);
         $company = Company::find($request->input('company_id'));
+
         return view('hardware/index')->with('company', $company);
     }
 
@@ -89,6 +90,7 @@ class AssetsController extends Controller
             $selected_model = AssetModel::find($request->input('model_id'));
             $view->with('selected_model', $selected_model);
         }
+
         return $view;
     }
 
@@ -114,18 +116,17 @@ class AssetsController extends Controller
         $serials = $request->input('serials');
 
         for ($a = 1; $a <= count($asset_tags); $a++) {
-
             $asset = new Asset();
             $asset->model()->associate(AssetModel::find($request->input('model_id')));
-            $asset->name                    = $request->input('name');
+            $asset->name = $request->input('name');
 
             // Check for a corresponding serial
             if (($serials) && (array_key_exists($a, $serials))) {
-                $asset->serial                  = $serials[$a];
+                $asset->serial = $serials[$a];
             }
 
             if (($asset_tags) && (array_key_exists($a, $asset_tags))) {
-                $asset->asset_tag                  = $asset_tags[$a];
+                $asset->asset_tag = $asset_tags[$a];
             }
 
             $asset->company_id              = Company::getIdForCurrentUser($request->input('company_id'));
@@ -145,11 +146,11 @@ class AssetsController extends Controller
             $asset->requestable             = request('requestable', 0);
             $asset->rtd_location_id         = request('rtd_location_id', null);
 
-            if (!empty($settings->audit_interval)) {
-                $asset->next_audit_date         = Carbon::now()->addMonths($settings->audit_interval)->toDateString();
+            if (! empty($settings->audit_interval)) {
+                $asset->next_audit_date = Carbon::now()->addMonths($settings->audit_interval)->toDateString();
             }
 
-            if ($asset->assigned_to=='') {
+            if ($asset->assigned_to == '') {
                 $asset->location_id = $request->input('rtd_location_id', null);
             }
 
@@ -164,17 +165,18 @@ class AssetsController extends Controller
 
             if (($model) && ($model->fieldset)) {
                 foreach ($model->fieldset->fields as $field) {
-                    if ($field->field_encrypted=='1') {
+                    if ($field->field_encrypted == '1') {
                         if (Gate::allows('admin')) {
-                            if(is_array($request->input($field->convertUnicodeDbSlug()))){
+                            if (is_array($request->input($field->convertUnicodeDbSlug()))) {
                                 $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt(e(implode(', ', $request->input($field->convertUnicodeDbSlug()))));
-                            }else{
+                            } else {
                                 $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt(e($request->input($field->convertUnicodeDbSlug())));
-                            }                        }
+                            }
+                        }
                     } else {
-                        if(is_array($request->input($field->convertUnicodeDbSlug()))){
+                        if (is_array($request->input($field->convertUnicodeDbSlug()))) {
                             $asset->{$field->convertUnicodeDbSlug()} = implode(', ', $request->input($field->convertUnicodeDbSlug()));
-                        }else{
+                        } else {
                             $asset->{$field->convertUnicodeDbSlug()} = $request->input($field->convertUnicodeDbSlug());
                         }
                     }
@@ -183,7 +185,6 @@ class AssetsController extends Controller
 
             // Validate the asset before saving
             if ($asset->isValid() && $asset->save()) {
-
                 if (request('assigned_user')) {
                     $target = User::find(request('assigned_user'));
                     $location = $target->location_id;
@@ -196,14 +197,11 @@ class AssetsController extends Controller
                 }
 
                 if (isset($target)) {
-                    $asset->checkOut($target, Auth::user(), date('Y-m-d H:i:s'), $request->input('expected_checkin', null), 'Checked out on asset creation', e($request->get('name')), $location);
+                    $asset->checkOut($target, Auth::user(), date('Y-m-d H:i:s'), $request->input('expected_checkin', null), 'Checked out on asset creation', $request->get('name'), $location);
                 }
 
                 $success = true;
-
-
             }
-
         }
 
         if ($success) {
@@ -213,7 +211,6 @@ class AssetsController extends Controller
         }
 
         return redirect()->back()->withInput()->withErrors($asset->getErrors());
-
     }
 
     /**
@@ -226,7 +223,7 @@ class AssetsController extends Controller
      */
     public function edit($assetId = null)
     {
-        if (!$item = Asset::find($assetId)) {
+        if (! $item = Asset::find($assetId)) {
             // Redirect to the asset management page with error
             return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
         }
@@ -262,17 +259,17 @@ class AssetsController extends Controller
             if ($asset->location) {
                 $use_currency = $asset->location->currency;
             } else {
-                if ($settings->default_currency!='') {
+                if ($settings->default_currency != '') {
                     $use_currency = $settings->default_currency;
                 } else {
                     $use_currency = trans('general.currency');
                 }
             }
 
-            $qr_code = (object) array(
+            $qr_code = (object) [
                 'display' => $settings->qr_code == '1',
-                'url' => route('qr_code/hardware', $asset->id)
-            );
+                'url' => route('qr_code/hardware', $asset->id),
+            ];
 
             return view('hardware/view', compact('asset', 'qr_code', 'settings'))
                 ->with('use_currency', $use_currency)->with('audit_log', $audit_log);
@@ -281,7 +278,6 @@ class AssetsController extends Controller
         return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
     }
 
-
     /**
      * Validate and process asset edit form.
      *
@@ -290,11 +286,10 @@ class AssetsController extends Controller
      * @since [v1.0]
      * @return Redirect
      */
-
     public function update(ImageUploadRequest $request, $assetId = null)
     {
         // Check if the asset exists
-        if (!$asset = Asset::find($assetId)) {
+        if (! $asset = Asset::find($assetId)) {
             // Redirect to the asset management page with error
             return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
         }
@@ -311,7 +306,7 @@ class AssetsController extends Controller
         $asset->requestable = $request->filled('requestable');
         $asset->rtd_location_id = $request->input('rtd_location_id', null);
 
-        if ($asset->assigned_to=='') {
+        if ($asset->assigned_to == '') {
             $asset->location_id = $request->input('rtd_location_id', null);
         }
 
@@ -323,21 +318,19 @@ class AssetsController extends Controller
             } catch (\Exception $e) {
                 \Log::info($e);
             }
-
         }
 
-
         // Update the asset data
-        $asset_tag           =  $request->input('asset_tags');
-        $serial              = $request->input('serials');
-        $asset->name         = $request->input('name');
-        $asset->serial       = $serial[1];
-        $asset->company_id   = Company::getIdForCurrentUser($request->input('company_id'));
-        $asset->model_id     = $request->input('model_id');
+        $asset_tag = $request->input('asset_tags');
+        $serial = $request->input('serials');
+        $asset->name = $request->input('name');
+        $asset->serial = $serial[1];
+        $asset->company_id = Company::getIdForCurrentUser($request->input('company_id'));
+        $asset->model_id = $request->input('model_id');
         $asset->order_number = $request->input('order_number');
-        $asset->asset_tag    = $asset_tag[1];
-        $asset->notes        = $request->input('notes');
-        $asset->physical     = '1';
+        $asset->asset_tag = $asset_tag[1];
+        $asset->notes = $request->input('notes');
+        $asset->physical = '1';
 
         $asset = $request->handleImages($asset);
 
@@ -348,18 +341,18 @@ class AssetsController extends Controller
         $model = AssetModel::find($request->get('model_id'));
         if (($model) && ($model->fieldset)) {
             foreach ($model->fieldset->fields as $field) {
-                if ($field->field_encrypted=='1') {
+                if ($field->field_encrypted == '1') {
                     if (Gate::allows('admin')) {
-                        if(is_array($request->input($field->convertUnicodeDbSlug()))){
+                        if (is_array($request->input($field->convertUnicodeDbSlug()))) {
                             $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt(e(implode(', ', $request->input($field->convertUnicodeDbSlug()))));
-                        }else{
+                        } else {
                             $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt(e($request->input($field->convertUnicodeDbSlug())));
                         }
                     }
                 } else {
-                    if(is_array($request->input($field->convertUnicodeDbSlug()))){
+                    if (is_array($request->input($field->convertUnicodeDbSlug()))) {
                         $asset->{$field->convertUnicodeDbSlug()} = implode(', ', $request->input($field->convertUnicodeDbSlug()));
-                    }else{
+                    } else {
                         $asset->{$field->convertUnicodeDbSlug()} = $request->input($field->convertUnicodeDbSlug());
                     }
                 }
@@ -368,7 +361,7 @@ class AssetsController extends Controller
 
 
         if ($asset->save()) {
-            return redirect()->route("hardware.show", $assetId)
+            return redirect()->route('hardware.show', $assetId)
                 ->with('success', trans('admin/hardware/message.update.success'));
         }
 
@@ -395,10 +388,10 @@ class AssetsController extends Controller
 
         DB::table('assets')
             ->where('id', $asset->id)
-            ->update(array('assigned_to' => null));
+            ->update(['assigned_to' => null]);
 
         if ($asset->image) {
-            try  {
+            try {
                 Storage::disk('public')->delete('assets'.'/'.$asset->image);
             } catch (\Exception $e) {
                 \Log::debug($e);
@@ -410,7 +403,23 @@ class AssetsController extends Controller
         return redirect()->route('hardware.index')->with('success', trans('admin/hardware/message.delete.success'));
     }
 
+    /**
+     * Searches the assets table by serial, and redirects if it finds one
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return Redirect
+     */
+    public function getAssetBySerial(Request $request)
+    {
+        $topsearch = ($request->get('topsearch')=="true");
 
+        if (!$asset = Asset::where('serial', '=', $request->get('serial'))->first()) {
+            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+        }
+        $this->authorize('view', $asset);
+        return redirect()->route('hardware.show', $asset->id)->with('topsearch', $topsearch);
+    }
 
     /**
      * Searches the assets table by asset tag, and redirects if it finds one
@@ -421,14 +430,17 @@ class AssetsController extends Controller
      */
     public function getAssetByTag(Request $request)
     {
-        $topsearch = ($request->get('topsearch')=="true");
+        $topsearch = ($request->get('topsearch') == 'true');
 
-        if (!$asset = Asset::where('asset_tag', '=', $request->get('assetTag'))->first()) {
+        if (! $asset = Asset::where('asset_tag', '=', $request->get('assetTag'))->first()) {
             return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
         }
         $this->authorize('view', $asset);
+
         return redirect()->route('hardware.show', $asset->id)->with('topsearch', $topsearch);
     }
+
+
     /**
      * Return a QR code for the asset
      *
@@ -450,20 +462,22 @@ class AssetsController extends Controller
                 if (isset($asset->id, $asset->asset_tag)) {
                     if (file_exists($qr_file)) {
                         $header = ['Content-type' => 'image/png'];
+
                         return response()->file($qr_file, $header);
                     } else {
                         $barcode = new \Com\Tecnick\Barcode\Barcode();
-                        $barcode_obj =  $barcode->getBarcodeObj($settings->barcode_type, route('hardware.show', $asset->id), $size['height'], $size['width'], 'black', array(-2, -2, -2, -2));
+                        $barcode_obj = $barcode->getBarcodeObj($settings->barcode_type, route('hardware.show', $asset->id), $size['height'], $size['width'], 'black', [-2, -2, -2, -2]);
                         file_put_contents($qr_file, $barcode_obj->getPngData());
+
                         return response($barcode_obj->getPngData())->header('Content-type', 'image/png');
                     }
                 }
             }
+
             return 'That asset is invalid';
         }
     }
 
-
     /**
      * Return a 2D barcode for the asset
      *
@@ -481,6 +495,7 @@ class AssetsController extends Controller
         if (isset($asset->id, $asset->asset_tag)) {
             if (file_exists($barcode_file)) {
                 $header = ['Content-type' => 'image/png'];
+
                 return response()->file($barcode_file, $header);
             } else {
                 // Calculate barcode width in pixel based on label width (inch)
@@ -488,20 +503,19 @@ class AssetsController extends Controller
 
                 $barcode = new \Com\Tecnick\Barcode\Barcode();
                 try {
-                    $barcode_obj = $barcode->getBarcodeObj($settings->alt_barcode,$asset->asset_tag,($barcode_width < 300 ? $barcode_width : 300),50);
+                    $barcode_obj = $barcode->getBarcodeObj($settings->alt_barcode, $asset->asset_tag, ($barcode_width < 300 ? $barcode_width : 300), 50);
                     file_put_contents($barcode_file, $barcode_obj->getPngData());
+
                     return response($barcode_obj->getPngData())->header('Content-type', 'image/png');
-                } catch(\Exception $e) {
+                } catch (\Exception $e) {
                     \Log::debug('The barcode format is invalid.');
+
                     return response(file_get_contents(public_path('uploads/barcodes/invalid_barcode.gif')))->header('Content-type', 'image/gif');
                 }
-
-
             }
         }
     }
 
-
     /**
      * Return a label for an individual asset.
      *
@@ -523,7 +537,6 @@ class AssetsController extends Controller
         }
     }
 
-
     /**
      * Returns a view that presents a form to clone an asset.
      *
@@ -564,6 +577,7 @@ class AssetsController extends Controller
     public function getImportHistory()
     {
         $this->authorize('admin');
+
         return view('hardware/history');
     }
 
@@ -572,49 +586,48 @@ class AssetsController extends Controller
      *
      * This needs a LOT of love. It's done very inelegantly right now, and there are
      * a ton of optimizations that could (and should) be done.
-     * 
+     *
      * Updated to respect checkin dates:
      * No checkin column, assume all items are checked in (todays date)
      * Checkin date in the past, update history.
      * Checkin date in future or empty, check the item out to the user.
-     * 
+     *
      * @author [A. Gianotto] [<snipe@snipe.net>]
      * @since [v3.3]
      * @return View
      */
     public function postImportHistory(Request $request)
     {
-
-        if (!$request->hasFile('user_import_csv')) {
+        if (! $request->hasFile('user_import_csv')) {
             return back()->with('error', 'No file provided. Please select a file for import and try again. ');
         }
 
-        if (!ini_get("auto_detect_line_endings")) {
-            ini_set("auto_detect_line_endings", '1');
+        if (! ini_get('auto_detect_line_endings')) {
+            ini_set('auto_detect_line_endings', '1');
         }
         $csv = Reader::createFromPath($request->file('user_import_csv'));
         $csv->setHeaderOffset(0);
         $header = $csv->getHeader();
-        $isCheckinHeaderExplicit = in_array("checkin date", (array_map('strtolower', $header)));
+        $isCheckinHeaderExplicit = in_array('checkin date', (array_map('strtolower', $header)));
         $results = $csv->getRecords();
-        $item = array();
-        $status = array();
-        $status['error'] = array();
-        $status['success'] = array();
+        $item = [];
+        $status = [];
+        $status['error'] = [];
+        $status['success'] = [];
         foreach ($results as $row) {
             if (is_array($row)) {
                 $row = array_change_key_case($row, CASE_LOWER);
-                $asset_tag = Helper::array_smart_fetch($row, "asset tag");
-                if (!array_key_exists($asset_tag, $item)) {
-                    $item[$asset_tag] = array();
+                $asset_tag = Helper::array_smart_fetch($row, 'asset tag');
+                if (! array_key_exists($asset_tag, $item)) {
+                    $item[$asset_tag] = [];
                 }
                 $batch_counter = count($item[$asset_tag]);
-                $item[$asset_tag][$batch_counter]['checkout_date'] = Carbon::parse(Helper::array_smart_fetch($row, "checkout date"))->format('Y-m-d H:i:s');
-    
-                if ($isCheckinHeaderExplicit){
+                $item[$asset_tag][$batch_counter]['checkout_date'] = Carbon::parse(Helper::array_smart_fetch($row, 'checkout date'))->format('Y-m-d H:i:s');
+
+                if ($isCheckinHeaderExplicit) {
                     //checkin date not empty, assume past transaction or future checkin date (expected)
-                    if (!empty(Helper::array_smart_fetch($row, "checkin date"))) {
-                        $item[$asset_tag][$batch_counter]['checkin_date'] = Carbon::parse(Helper::array_smart_fetch($row, "checkin date"))->format('Y-m-d H:i:s');
+                    if (! empty(Helper::array_smart_fetch($row, 'checkin date'))) {
+                        $item[$asset_tag][$batch_counter]['checkin_date'] = Carbon::parse(Helper::array_smart_fetch($row, 'checkin date'))->format('Y-m-d H:i:s');
                     } else {
                         $item[$asset_tag][$batch_counter]['checkin_date'] = '';
                     }
@@ -623,44 +636,44 @@ class AssetsController extends Controller
                     $item[$asset_tag][$batch_counter]['checkin_date'] = Carbon::parse(now())->format('Y-m-d H:i:s');
                 }
 
-                $item[$asset_tag][$batch_counter]['asset_tag'] = Helper::array_smart_fetch($row, "asset tag");
-                $item[$asset_tag][$batch_counter]['name'] = Helper::array_smart_fetch($row, "name");
-                $item[$asset_tag][$batch_counter]['email'] = Helper::array_smart_fetch($row, "email");
+                $item[$asset_tag][$batch_counter]['asset_tag'] = Helper::array_smart_fetch($row, 'asset tag');
+                $item[$asset_tag][$batch_counter]['name'] = Helper::array_smart_fetch($row, 'name');
+                $item[$asset_tag][$batch_counter]['email'] = Helper::array_smart_fetch($row, 'email');
                 if ($asset = Asset::where('asset_tag', '=', $asset_tag)->first()) {
                     $item[$asset_tag][$batch_counter]['asset_id'] = $asset->id;
                     $base_username = User::generateFormattedNameFromFullName(Setting::getSettings()->username_format, $item[$asset_tag][$batch_counter]['name']);
                     $user = User::where('username', '=', $base_username['username']);
                     $user_query = ' on username '.$base_username['username'];
-                    if ($request->input('match_firstnamelastname')=='1') {
+                    if ($request->input('match_firstnamelastname') == '1') {
                         $firstnamedotlastname = User::generateFormattedNameFromFullName('firstname.lastname', $item[$asset_tag][$batch_counter]['name']);
                         $item[$asset_tag][$batch_counter]['username'][] = $firstnamedotlastname['username'];
                         $user->orWhere('username', '=', $firstnamedotlastname['username']);
                         $user_query .= ', or on username '.$firstnamedotlastname['username'];
                     }
-                    if ($request->input('match_flastname')=='1') {
+                    if ($request->input('match_flastname') == '1') {
                         $flastname = User::generateFormattedNameFromFullName('filastname', $item[$asset_tag][$batch_counter]['name']);
                         $item[$asset_tag][$batch_counter]['username'][] = $flastname['username'];
                         $user->orWhere('username', '=', $flastname['username']);
                         $user_query .= ', or on username '.$flastname['username'];
                     }
-                    if ($request->input('match_firstname')=='1') {
+                    if ($request->input('match_firstname') == '1') {
                         $firstname = User::generateFormattedNameFromFullName('firstname', $item[$asset_tag][$batch_counter]['name']);
                         $item[$asset_tag][$batch_counter]['username'][] = $firstname['username'];
                         $user->orWhere('username', '=', $firstname['username']);
                         $user_query .= ', or on username '.$firstname['username'];
                     }
-                    if ($request->input('match_email')=='1') {
-                        if ($item[$asset_tag][$batch_counter]['name']=='') {
+                    if ($request->input('match_email') == '1') {
+                        if ($item[$asset_tag][$batch_counter]['name'] == '') {
                             $item[$asset_tag][$batch_counter]['username'][] = $user_email = User::generateEmailFromFullName($item[$asset_tag][$batch_counter]['name']);
                             $user->orWhere('username', '=', $user_email);
                             $user_query .= ', or on username '.$user_email;
                         }
                     }
-                    if ($request->input('match_username') == '1'){
+                    if ($request->input('match_username') == '1') {
                         // Added #8825: add explicit username lookup
-                           $raw_username = $item[$asset_tag][$batch_counter]['name'];
-                           $user->orWhere('username', '=', $raw_username);
-                            $user_query .= ', or on username ' . $raw_username;
+                        $raw_username = $item[$asset_tag][$batch_counter]['name'];
+                        $user->orWhere('username', '=', $raw_username);
+                        $user_query .= ', or on username '.$raw_username;
                     }
 
                     // A matching user was found
@@ -668,7 +681,7 @@ class AssetsController extends Controller
                         //$user is now matched user from db
                         $item[$asset_tag][$batch_counter]['user_id'] = $user->id;
 
-                        Actionlog::firstOrCreate(array(
+                        Actionlog::firstOrCreate([
                             'item_id' => $asset->id,
                             'item_type' => Asset::class,
                             'user_id' =>  Auth::user()->id,
@@ -677,7 +690,7 @@ class AssetsController extends Controller
                             'target_type' => User::class,
                             'created_at' =>  $item[$asset_tag][$batch_counter]['checkout_date'],
                             'action_type'   => 'checkout',
-                        ));
+                        ]);
 
                         $checkin_date = $item[$asset_tag][$batch_counter]['checkin_date'];
 
@@ -685,7 +698,7 @@ class AssetsController extends Controller
 
                             //if checkin date header exists, assume that empty or future date is still checked out
                             //if checkin is before todays date, assume it's checked in and do not assign user ID, if checkin date is in the future or blank, this is the expected checkin date, items is checked out
-                            
+
                             if ((strtotime($checkin_date) > strtotime(Carbon::now())) || (empty($checkin_date))
                             ) {
                                 //only do this if item is checked out
@@ -694,29 +707,27 @@ class AssetsController extends Controller
                             }
                         }
 
-                        if (!empty($checkin_date)) {
+                        if (! empty($checkin_date)) {
                             //only make a checkin there is a valid checkin date or we created one on import.
-                            Actionlog::firstOrCreate(array(
-                                'item_id' =>
-                                $item[$asset_tag][$batch_counter]['asset_id'],
+                            Actionlog::firstOrCreate([
+                                'item_id' => $item[$asset_tag][$batch_counter]['asset_id'],
                                 'item_type' => Asset::class,
                                 'user_id' => Auth::user()->id,
-                                'note' => 'Checkin imported by ' . Auth::user()->present()->fullName() . ' from history importer',
+                                'note' => 'Checkin imported by '.Auth::user()->present()->fullName().' from history importer',
                                 'target_id' => null,
                                 'created_at' => $checkin_date,
-                                'action_type' => 'checkin'
-                            ));
-
+                                'action_type' => 'checkin',
+                            ]);
                         }
-                     
+
                         if ($asset->save()) {
-                            $status['success'][]['asset'][$asset_tag]['msg'] = 'Asset successfully matched for '.Helper::array_smart_fetch($row, "name").$user_query.' on '.$item[$asset_tag][$batch_counter]['checkout_date'];
+                            $status['success'][]['asset'][$asset_tag]['msg'] = 'Asset successfully matched for '.Helper::array_smart_fetch($row, 'name').$user_query.' on '.$item[$asset_tag][$batch_counter]['checkout_date'];
                         } else {
                             $status['error'][]['asset'][$asset_tag]['msg'] = 'Asset and user was matched but could not be saved.';
                         }
                     } else {
                         $item[$asset_tag][$batch_counter]['user_id'] = null;
-                        $status['error'][]['user'][Helper::array_smart_fetch($row, "name")]['msg'] = 'User does not exist so no checkin log was created.';
+                        $status['error'][]['user'][Helper::array_smart_fetch($row, 'name')]['msg'] = 'User does not exist so no checkin log was created.';
                     }
                 } else {
                     $item[$asset_tag][$batch_counter]['asset_id'] = null;
@@ -724,6 +735,7 @@ class AssetsController extends Controller
                 }
             }
         }
+
         return view('hardware/history')->with('status', $status);
     }
 
@@ -752,12 +764,13 @@ class AssetsController extends Controller
             $logaction = new Actionlog();
             $logaction->item_type = Asset::class;
             $logaction->item_id = $asset->id;
-            $logaction->created_at =  date("Y-m-d H:i:s");
+            $logaction->created_at = date('Y-m-d H:i:s');
             $logaction->user_id = Auth::user()->id;
             $logaction->logaction('restored');
 
             return redirect()->route('hardware.index')->with('success', trans('admin/hardware/message.restore.success'));
         }
+
         return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
     }
 
@@ -765,10 +778,16 @@ class AssetsController extends Controller
     {
         $this->authorize('audit', Asset::class);
         $dt = Carbon::now()->addMonths(12)->toDateString();
+
         return view('hardware/quickscan')->with('next_audit_date', $dt);
     }
 
+    public function quickScanCheckin()
+    {
+        $this->authorize('checkin', Asset::class);
 
+        return view('hardware/quickscan-checkin');
+    }
 
     public function audit($id)
     {
@@ -776,18 +795,21 @@ class AssetsController extends Controller
         $this->authorize('audit', Asset::class);
         $dt = Carbon::now()->addMonths($settings->audit_interval)->toDateString();
         $asset = Asset::findOrFail($id);
+
         return view('hardware/audit')->with('asset', $asset)->with('next_audit_date', $dt)->with('locations_list');
     }
 
     public function dueForAudit()
     {
         $this->authorize('audit', Asset::class);
+
         return view('hardware/audit-due');
     }
 
     public function overdueForAudit()
     {
         $this->authorize('audit', Asset::class);
+
         return view('hardware/audit-overdue');
     }
 
@@ -796,10 +818,10 @@ class AssetsController extends Controller
     {
         $this->authorize('audit', Asset::class);
 
-        $rules = array(
+        $rules = [
             'location_id' => 'exists:locations,id|nullable|numeric',
-            'next_audit_date' => 'date|nullable'
-        );
+            'next_audit_date' => 'date|nullable',
+        ];
 
         $validator = \Validator::make($request->all(), $rules);
 
@@ -817,7 +839,7 @@ class AssetsController extends Controller
 
         // Check to see if they checked the box to update the physical location,
         // not just note it in the audit notes
-        if ($request->input('update_location')=='1') {
+        if ($request->input('update_location') == '1') {
             \Log::debug('update location in audit');
             $asset->location_id = $request->input('location_id');
         }
@@ -828,7 +850,9 @@ class AssetsController extends Controller
             // Upload an image, if attached
             if ($request->hasFile('image')) {
                 $path = 'private_uploads/audits';
-                if (!Storage::exists($path)) Storage::makeDirectory($path, 775);
+                if (! Storage::exists($path)) {
+                    Storage::makeDirectory($path, 775);
+                }
                 $upload = $image = $request->file('image');
                 $ext = $image->getClientOriginalExtension();
                 $file_name = 'audit-'.str_random(18).'.'.$ext;
@@ -837,7 +861,7 @@ class AssetsController extends Controller
 
 
             $asset->logAudit($request->input('note'), $request->input('location_id'), $file_name);
-            return redirect()->to("hardware")->with('success', trans('admin/hardware/message.audit.success'));
+            return redirect()->to('hardware')->with('success', trans('admin/hardware/message.audit.success'));
         }
     }
 
@@ -853,5 +877,4 @@ class AssetsController extends Controller
 
         return view('hardware/requested', compact('requestedItems'));
     }
-
 }

app/Http/Controllers/Assets/BulkAssetsController.php

@@ -2,6 +2,7 @@
 
 namespace App\Http\Controllers\Assets;
 
+use App\Models\Actionlog;
 use App\Helpers\Helper;
 use App\Http\Controllers\CheckInOutRequest;
 use App\Http\Controllers\Controller;
@@ -28,15 +29,15 @@ class BulkAssetsController extends Controller
     {
         $this->authorize('update', Asset::class);
 
-        if (!$request->filled('ids')) {
+        if (! $request->filled('ids')) {
             return redirect()->back()->with('error', 'No assets selected');
         }
 
-        
+
         $asset_ids = array_values(array_unique($request->input('ids')));
 
         if ($request->filled('bulk_actions')) {
-            switch($request->input('bulk_actions')) {
+            switch ($request->input('bulk_actions')) {
                 case 'labels':
                     return view('hardware/labels')
                         ->with('assets', Asset::find($asset_ids))
@@ -48,6 +49,7 @@ class BulkAssetsController extends Controller
                     $assets->each(function ($asset) {
                         $this->authorize('delete', $asset);
                     });
+
                     return view('hardware/bulk-delete')->with('assets', $assets);
                 case 'edit':
                     return view('hardware/bulk')
@@ -55,6 +57,7 @@ class BulkAssetsController extends Controller
                         ->with('statuslabel_list', Helper::statusLabelList());
             }
         }
+
         return redirect()->back()->with('error', 'No action selected');
     }
 
@@ -72,8 +75,8 @@ class BulkAssetsController extends Controller
 
         \Log::debug($request->input('ids'));
 
-        if(!$request->filled('ids') || count($request->input('ids')) <= 0) {
-            return redirect()->route("hardware.index")->with('warning', trans('No assets selected, so nothing was updated.'));
+        if (! $request->filled('ids') || count($request->input('ids')) <= 0) {
+            return redirect()->route('hardware.index')->with('warning', trans('No assets selected, so nothing was updated.'));
         }
 
         $assets = array_keys($request->input('ids'));
@@ -108,8 +111,8 @@ class BulkAssetsController extends Controller
                 }
 
                 if ($request->filled('company_id')) {
-                    $this->update_array['company_id'] =  $request->input('company_id');
-                    if ($request->input('company_id')=="clear") {
+                    $this->update_array['company_id'] = $request->input('company_id');
+                    if ($request->input('company_id') == 'clear') {
                         $this->update_array['company_id'] = null;
                     }
                 }
@@ -121,33 +124,53 @@ class BulkAssetsController extends Controller
                     }
                 }
 
+                $changed = [];
+                $asset = Asset::where('id' ,$assetId)->get();
+
+                foreach ($this->update_array as $key => $value) {
+                    if ($this->update_array[$key] != $asset->toArray()[0][$key]) {
+                        $changed[$key]['old'] = $asset->toArray()[0][$key];
+                        $changed[$key]['new'] = $this->update_array[$key];
+                    }
+                }
+
+                $logAction = new Actionlog();
+                $logAction->item_type = Asset::class;
+                $logAction->item_id = $assetId;
+                $logAction->created_at =  date("Y-m-d H:i:s");
+                $logAction->user_id = Auth::id();
+                $logAction->log_meta = json_encode($changed);
+                $logAction->logaction('update');
+
                 DB::table('assets')
                     ->where('id', $assetId)
                     ->update($this->update_array);
             } // endforeach
-            return redirect()->route("hardware.index")->with('success', trans('admin/hardware/message.update.success'));
-        // no values given, nothing to update
-        }
-        return redirect()->route("hardware.index")->with('warning', trans('admin/hardware/message.update.nothing_updated'));
 
+            return redirect()->route('hardware.index')->with('success', trans('admin/hardware/message.update.success'));
+            // no values given, nothing to update
+        }
+
+        return redirect()->route('hardware.index')->with('warning', trans('admin/hardware/message.update.nothing_updated'));
     }
 
     /**
      * Array to store update data per item
-     * @var Array
+     * @var array
      */
     private $update_array;
 
     /**
      * Adds parameter to update array for an item if it exists in request
-     * @param  String $field field name
+     * @param  string $field field name
      * @return BulkAssetsController Model for Chaining
      */
     protected function conditionallyAddItem($field)
     {
-        if(request()->filled($field)) {
+        if (request()->filled($field)) {
             $this->update_array[$field] = request()->input($field);
         }
+
         return $this;
     }
 
@@ -175,10 +198,12 @@ class BulkAssetsController extends Controller
                     ->where('id', $asset->id)
                     ->update($update_array);
             } // endforeach
-            return redirect()->to("hardware")->with('success', trans('admin/hardware/message.delete.success'));
+
+            return redirect()->to('hardware')->with('success', trans('admin/hardware/message.delete.success'));
             // no values given, nothing to update
         }
-        return redirect()->to("hardware")->with('info', trans('admin/hardware/message.delete.nothing_updated'));
+
+        return redirect()->to('hardware')->with('info', trans('admin/hardware/message.delete.nothing_updated'));
     }
 
     /**
@@ -204,21 +229,21 @@ class BulkAssetsController extends Controller
 
             $target = $this->determineCheckoutTarget();
 
-            if (!is_array($request->get('selected_assets'))) {
+            if (! is_array($request->get('selected_assets'))) {
                 return redirect()->route('hardware/bulkcheckout')->withInput()->with('error', trans('admin/hardware/message.checkout.no_assets_selected'));
             }
 
             $asset_ids = array_filter($request->get('selected_assets'));
 
-            if(request('checkout_to_type') =='asset') {
+            if (request('checkout_to_type') == 'asset') {
                 foreach ($asset_ids as $asset_id) {
-                    if ($target->id == $asset_id)  {
+                    if ($target->id == $asset_id) {
                         return redirect()->back()->with('error', 'You cannot check an asset out to itself.');
                     }
                 }
             }
-            $checkout_at = date("Y-m-d H:i:s");
-            if (($request->filled('checkout_at')) && ($request->get('checkout_at')!= date("Y-m-d"))) {
+            $checkout_at = date('Y-m-d H:i:s');
+            if (($request->filled('checkout_at')) && ($request->get('checkout_at') != date('Y-m-d'))) {
                 $checkout_at = e($request->get('checkout_at'));
             }
 
@@ -230,13 +255,12 @@ class BulkAssetsController extends Controller
 
             $errors = [];
             DB::transaction(function () use ($target, $admin, $checkout_at, $expected_checkin, $errors, $asset_ids, $request) {
-
                 foreach ($asset_ids as $asset_id) {
                     $asset = Asset::findOrFail($asset_id);
                     $this->authorize('checkout', $asset);
                     $error = $asset->checkOut($target, $admin, $checkout_at, $expected_checkin, e($request->get('note')), null);
 
-                    if ($target->location_id!='') {
+                    if ($target->location_id != '') {
                         $asset->location_id = $target->location_id;
                         $asset->unsetEventDispatcher();
                         $asset->save();
@@ -248,14 +272,14 @@ class BulkAssetsController extends Controller
                 }
             });
 
-            if (!$errors) {
-              // Redirect to the new asset page
-                return redirect()->to("hardware")->with('success', trans('admin/hardware/message.checkout.success'));
+            if (! $errors) {
+                // Redirect to the new asset page
+                return redirect()->to('hardware')->with('success', trans('admin/hardware/message.checkout.success'));
             }
             // Redirect to the asset management page with error
-            return redirect()->to("hardware/bulk-checkout")->with('error', trans('admin/hardware/message.checkout.error'))->withErrors($errors);
+            return redirect()->to('hardware/bulk-checkout')->with('error', trans('admin/hardware/message.checkout.error'))->withErrors($errors);
         } catch (ModelNotFoundException $e) {
-            return redirect()->to("hardware/bulk-checkout")->with('error', $e->getErrors());
+            return redirect()->to('hardware/bulk-checkout')->with('error', $e->getErrors());
         }
     }
 }

app/Http/Controllers/Auth/ForgotPasswordController.php

@@ -42,8 +42,6 @@ class ForgotPasswordController extends Controller
         return property_exists($this, 'subject') ? $this->subject : \Lang::get('mail.reset_link');
     }
 
-
-
     /**
      * Send a reset link to the given user.
      *
@@ -58,13 +56,10 @@ class ForgotPasswordController extends Controller
          * buffer overflow issues with attackers sending very large
          * payloads through.
          */
-
         $request->validate([
             'username' => ['required', 'max:255'],
         ]);
 
-
-
         /**
          * If we find a matching email with an activated user, we will
          * send the password reset link to the user.
@@ -87,6 +82,8 @@ class ForgotPasswordController extends Controller
             \Log::info('Password reset attempt: User '.$request->input('username').'failed with exception: '.$e );
         }
 
+        // Prevent timing attack to enumerate users.
+        usleep(500000 + random_int(0, 1500000));
 
         if ($response === \Password::RESET_LINK_SENT) {
             \Log::info('Password reset attempt: User '.$request->input('username').' WAS found, password reset sent');
@@ -94,7 +91,6 @@ class ForgotPasswordController extends Controller
             \Log::info('Password reset attempt: User matching username '.$request->input('username').' NOT FOUND or user is inactive');
         }
 
-
         /**
          * If an error was returned by the password broker, we will get this message
          * translated so we can notify a user of the problem. We'll redirect back
@@ -110,8 +106,6 @@ class ForgotPasswordController extends Controller
 
         // Regardless of response, we do not want to disclose the status of a user account,
         // so we give them a generic "If this exists, we're TOTALLY gonna email you" response
-        return redirect()->route('login')->with('success',trans('passwords.sent'));
+        return redirect()->route('login')->with('success', trans('passwords.sent'));
         }
-
-
 }

app/Http/Controllers/Auth/LoginController.php

@@ -5,7 +5,7 @@ namespace App\Http\Controllers\Auth;
 use App\Http\Controllers\Controller;
 use App\Models\Setting;
 use App\Models\User;
-use App\Services\LdapAd;
+use App\Models\Ldap;
 use App\Services\Saml;
 use Com\Tecnick\Barcode\Barcode;
 use Google2FA;
@@ -27,7 +27,6 @@ use Redirect;
  */
 class LoginController extends Controller
 {
-
     use ThrottlesLogins;
 
     // This tells the auth controller to use username instead of email address
@@ -40,11 +39,6 @@ class LoginController extends Controller
      */
     protected $redirectTo = '/';
 
-    /**
-     * @var LdapAd
-     */
-    protected $ldap;
-
     /**
      * @var Saml
      */
@@ -53,21 +47,20 @@ class LoginController extends Controller
     /**
      * Create a new authentication controller instance.
      *
-     * @param LdapAd $ldap
      * @param Saml $saml
      *
      * @return void
      */
-    public function __construct(/*LdapAd $ldap, */ Saml $saml)
+    public function __construct(Saml $saml)
     {
         parent::__construct();
-        $this->middleware('guest', ['except' => ['logout','postTwoFactorAuth','getTwoFactorAuth','getTwoFactorEnroll']]);
+        $this->middleware('guest', ['except' => ['logout', 'postTwoFactorAuth', 'getTwoFactorAuth', 'getTwoFactorEnroll']]);
         Session::put('backUrl', \URL::previous());
         // $this->ldap = $ldap;
         $this->saml = $saml;
     }
 
-    function showLoginForm(Request $request)
+    public function showLoginForm(Request $request)
     {
         $this->loginViaRemoteUser($request);
         $this->loginViaSaml($request);
@@ -75,11 +68,18 @@ class LoginController extends Controller
             return redirect()->intended('/');
         }
 
-        if ($this->saml->isEnabled() && Setting::getSettings()->saml_forcelogin == "1" && !($request->has('nosaml') || $request->session()->has('error'))) {
+        // If the environment is set to ALWAYS require SAML, go straight to the SAML route.
+        // We don't need to check other settings, as this should override those.
+        if (config('app.require_saml')) {
             return redirect()->route('saml.login');
         }
 
-        if (Setting::getSettings()->login_common_disabled == "1") {
+
+        if ($this->saml->isEnabled() && Setting::getSettings()->saml_forcelogin == '1' && ! ($request->has('nosaml') || $request->session()->has('error'))) {
+            return redirect()->route('saml.login');
+        }
+
+        if (Setting::getSettings()->login_common_disabled == '1') {
             return view('errors.403');
         }
 
@@ -88,26 +88,26 @@ class LoginController extends Controller
 
     /**
      * Log in a user by SAML
-     * 
+     *
      * @author Johnson Yi <jyi.dev@outlook.com>
-     * 
+     *
      * @since 5.0.0
      *
      * @param Request $request
-     * 
+     *
      * @return User
-     * 
+     *
      * @throws \Exception
      */
     private function loginViaSaml(Request $request)
     {
         $saml = $this->saml;
         $samlData = $request->session()->get('saml_login');
-        if ($saml->isEnabled() && !empty($samlData)) {
+        if ($saml->isEnabled() && ! empty($samlData)) {
             try {
-                Log::debug("Attempting to log user in by SAML authentication.");
+                Log::debug('Attempting to log user in by SAML authentication.');
                 $user = $saml->samlLogin($samlData);
-                if(!is_null($user)) {
+                if (! is_null($user)) {
                     Auth::login($user);
                 } else {
                     $username = $saml->getUsername();
@@ -121,7 +121,7 @@ class LoginController extends Controller
                     $user->save();
                 }
             } catch (\Exception $e) {
-                \Log::warning("There was an error authenticating the SAML user: " . $e->getMessage());
+                \Log::warning('There was an error authenticating the SAML user: '.$e->getMessage());
                 throw new \Exception($e->getMessage());
             }
         }
@@ -129,33 +129,70 @@ class LoginController extends Controller
 
     /**
      * Log in a user by LDAP
-     * 
+     *
      * @author Wes Hulette <jwhulette@gmail.com>
-     * 
+     *
      * @since 5.0.0
      *
      * @param Request $request
-     * 
+     *
      * @return User
-     * 
+     *
      * @throws \Exception
      */
     private function loginViaLdap(Request $request): User
     {
-        $ldap = \App::make( LdapAd::class);
-        try {
-            return $ldap->ldapLogin($request->input('username'), $request->input('password'));
-        } catch (\Exception $ex) {
-            LOG::debug("LDAP user login: " . $ex->getMessage());
-            throw new \Exception($ex->getMessage());
-        }
+        Log::debug("Binding user to LDAP.");
+         $ldap_user = Ldap::findAndBindUserLdap($request->input('username'), $request->input('password'));
+         if (!$ldap_user) {
+             Log::debug("LDAP user ".$request->input('username')." not found in LDAP or could not bind");
+             throw new \Exception("Could not find user in LDAP directory");
+         } else {
+             Log::debug("LDAP user ".$request->input('username')." successfully bound to LDAP");
+         }
+
+         // Check if the user already exists in the database and was imported via LDAP
+         $user = User::where('username', '=', $request->input('username'))->whereNull('deleted_at')->where('ldap_import', '=', 1)->where('activated', '=', '1')->first(); // FIXME - if we get more than one we should fail. and we sure about this ldap_import thing?
+         Log::debug("Local auth lookup complete");
+
+         // The user does not exist in the database. Try to get them from LDAP.
+         // If user does not exist and authenticates successfully with LDAP we
+         // will create it on the fly and sign in with default permissions
+         if (!$user) {
+             Log::debug("Local user ".$request->input('username')." does not exist");
+             Log::debug("Creating local user ".$request->input('username'));
+
+             if ($user = Ldap::createUserFromLdap($ldap_user)) { //this handles passwords on its own
+                 Log::debug("Local user created.");
+             } else {
+                 Log::debug("Could not create local user.");
+                 throw new \Exception("Could not create local user");
+             }
+             // If the user exists and they were imported from LDAP already
+         } else {
+             Log::debug("Local user ".$request->input('username')." exists in database. Updating existing user against LDAP.");
+
+             $ldap_attr = Ldap::parseAndMapLdapAttributes($ldap_user);
+
+            if (Setting::getSettings()->ldap_pw_sync=='1') {
+                $user->password = bcrypt($request->input('password'));
+            }
+            $user->email = $ldap_attr['email'];
+            $user->first_name = $ldap_attr['firstname'];
+            $user->last_name = $ldap_attr['lastname']; //FIXME (or TODO?) - do we need to map additional fields that we now support? E.g. country, phone, etc.
+            $user->save();
+        } // End if(!user)
+        return $user;
     }
 
     private function loginViaRemoteUser(Request $request)
     {
         $header_name = Setting::getSettings()->login_remote_user_header_name ?: 'REMOTE_USER';
         $remote_user = $request->server($header_name);
-        if (Setting::getSettings()->login_remote_user_enabled == "1" && isset($remote_user) && !empty($remote_user)) {
+        if (!isset($remote_user)) {
+          $remote_user = $request->server('REDIRECT_'.$header_name);
+        }
+        if (Setting::getSettings()->login_remote_user_enabled == '1' && isset($remote_user) && ! empty($remote_user)) {
             Log::debug("Authenticating via HTTP header $header_name.");
 
             $strip_prefixes = [
@@ -170,7 +207,7 @@ class LoginController extends Controller
 
             $pos = 0;
             foreach ($strip_prefixes as $needle) {
-                if (($pos = strpos($remote_user, $needle)) !== FALSE) {
+                if (($pos = strpos($remote_user, $needle)) !== false) {
                     $pos += strlen($needle);
                     break;
                 }
@@ -178,14 +215,16 @@ class LoginController extends Controller
 
             if ($pos > 0) {
                 $remote_user = substr($remote_user, $pos);
-            };
-            
+            }
+
             try {
                 $user = User::where('username', '=', $remote_user)->whereNull('deleted_at')->where('activated', '=', '1')->first();
-                Log::debug("Remote user auth lookup complete");
-                if(!is_null($user)) Auth::login($user, $request->input('remember'));
-            } catch(Exception $e) {
-                Log::debug("There was an error authenticating the Remote user: " . $e->getMessage());
+                Log::debug('Remote user auth lookup complete');
+                if (! is_null($user)) {
+                    Auth::login($user, $request->input('remember'));
+                }
+            } catch (Exception $e) {
+                Log::debug('There was an error authenticating the Remote user: '.$e->getMessage());
             }
         }
     }
@@ -197,7 +236,13 @@ class LoginController extends Controller
      */
     public function login(Request $request)
     {
-        if (Setting::getSettings()->login_common_disabled == "1") {
+
+        //If the environment is set to ALWAYS require SAML, return access denied
+        if (config('app.require_saml')) {
+            return view('errors.403');
+        }
+
+        if (Setting::getSettings()->login_common_disabled == '1') {
             return view('errors.403');
         }
 
@@ -212,6 +257,7 @@ class LoginController extends Controller
 
         if ($lockedOut = $this->hasTooManyLoginAttempts($request)) {
             $this->fireLockoutEvent($request);
+
             return $this->sendLockoutResponse($request);
         }
 
@@ -219,34 +265,33 @@ class LoginController extends Controller
 
         // Should we even check for LDAP users?
         if (Setting::getSettings()->ldap_enabled) { // avoid hitting the $this->ldap
-            LOG::debug("LDAP is enabled.");
+            LOG::debug('LDAP is enabled.');
             try {
-                LOG::debug("Attempting to log user in by LDAP authentication.");
+                LOG::debug('Attempting to log user in by LDAP authentication.');
                 $user = $this->loginViaLdap($request);
                 Auth::login($user, $request->input('remember'));
 
-            // If the user was unable to login via LDAP, log the error and let them fall through to
+                // If the user was unable to login via LDAP, log the error and let them fall through to
             // local authentication.
             } catch (\Exception $e) {
-                Log::debug("There was an error authenticating the LDAP user: ".$e->getMessage());
+                Log::debug('There was an error authenticating the LDAP user: '.$e->getMessage());
             }
         }
 
         // If the user wasn't authenticated via LDAP, skip to local auth
-        if (!$user) {
-            Log::debug("Authenticating user against database.");
-          // Try to log the user in
-            if (!Auth::attempt(['username' => $request->input('username'), 'password' => $request->input('password'), 'activated' => 1], $request->input('remember'))) {
-
-                if (!$lockedOut) {
+        if (! $user) {
+            Log::debug('Authenticating user against database.');
+            // Try to log the user in
+            if (! Auth::attempt(['username' => $request->input('username'), 'password' => $request->input('password'), 'activated' => 1], $request->input('remember'))) {
+                if (! $lockedOut) {
                     $this->incrementLoginAttempts($request);
                 }
 
-                Log::debug("Local authentication failed.");
+                Log::debug('Local authentication failed.');
+
                 return redirect()->back()->withInput()->with('error', trans('auth/message.account_not_found'));
             } else {
-
-                  $this->clearLoginAttempts($request);
+                $this->clearLoginAttempts($request);
             }
         }
 
@@ -269,11 +314,10 @@ class LoginController extends Controller
     {
 
         // Make sure the user is logged in
-        if (!Auth::check()) {
+        if (! Auth::check()) {
             return redirect()->route('login')->with('error', trans('auth/general.login_prompt'));
         }
 
-
         $settings = Setting::getSettings();
         $user = Auth::user();
 
@@ -283,7 +327,7 @@ class LoginController extends Controller
         // While you can access this page directly, enrolling a device when 2FA isn't enforced
         // won't cause any harm.
 
-        if (($user->two_factor_secret!='') && ($user->two_factor_enrolled==1)) {
+        if (($user->two_factor_secret != '') && ($user->two_factor_enrolled == 1)) {
             return redirect()->route('two-factor')->with('error', trans('auth/message.two_factor.already_enrolled'));
         }
 
@@ -310,7 +354,6 @@ class LoginController extends Controller
         return view('auth.two_factor_enroll')->with('barcode_obj', $barcode_obj);
     }
 
-
     /**
      * Two factor code form page
      *
@@ -319,7 +362,7 @@ class LoginController extends Controller
     public function getTwoFactorAuth()
     {
         // Check that the user is logged in
-        if (!Auth::check()) {
+        if (! Auth::check()) {
             return redirect()->route('login')->with('error', trans('auth/general.login_prompt'));
         }
 
@@ -328,7 +371,7 @@ class LoginController extends Controller
         // Check whether there is a device enrolled.
         // This *should* be handled via the \App\Http\Middleware\CheckForTwoFactor middleware
         // but we're just making sure (in case someone edited the database directly, etc)
-        if (($user->two_factor_secret=='') || ($user->two_factor_enrolled!=1)) {
+        if (($user->two_factor_secret == '') || ($user->two_factor_enrolled != 1)) {
             return redirect()->route('two-factor-enroll');
         }
 
@@ -344,16 +387,15 @@ class LoginController extends Controller
      */
     public function postTwoFactorAuth(Request $request)
     {
-
-        if (!Auth::check()) {
+        if (! Auth::check()) {
             return redirect()->route('login')->with('error', trans('auth/general.login_prompt'));
         }
 
-        if (!$request->filled('two_factor_secret')) {
+        if (! $request->filled('two_factor_secret')) {
             return redirect()->route('two-factor')->with('error', trans('auth/message.two_factor.code_required'));
         }
 
-        if (!$request->has('two_factor_secret')) {
+        if (! $request->has('two_factor_secret')) {
             return redirect()->route('two-factor')->with('error', 'Two-factor code is required.');
         }
 
@@ -363,13 +405,12 @@ class LoginController extends Controller
         if (Google2FA::verifyKey($user->two_factor_secret, $secret)) {
             $user->two_factor_enrolled = 1;
             $user->save();
-            $request->session()->put('2fa_authed', 'true');
+            $request->session()->put('2fa_authed', $user->id);
+
             return redirect()->route('home')->with('success', 'You are logged in!');
         }
 
         return redirect()->route('two-factor')->with('error', trans('auth/message.two_factor.invalid_code'));
-
-
     }
 
 
@@ -390,15 +431,15 @@ class LoginController extends Controller
         if ($saml->isEnabled()) {
             $auth = $saml->getAuth();
             $sloRedirectUrl = $request->session()->get('saml_slo_redirect_url');
-            
-            if (!empty($auth->getSLOurl()) && $settings->saml_slo == '1' && $saml->isAuthenticated()  && empty($sloRedirectUrl)) {
-                $sloRequestUrl = $auth->logout(null, array(), $saml->getNameId(), $saml->getSessionIndex(), true, $saml->getNameIdFormat(), $saml->getNameIdNameQualifier(), $saml->getNameIdSPNameQualifier());
+
+            if (! empty($auth->getSLOurl()) && $settings->saml_slo == '1' && $saml->isAuthenticated() && empty($sloRedirectUrl)) {
+                $sloRequestUrl = $auth->logout(null, [], $saml->getNameId(), $saml->getSessionIndex(), true, $saml->getNameIdFormat(), $saml->getNameIdNameQualifier(), $saml->getNameIdSPNameQualifier());
             }
 
             $saml->clearData();
         }
 
-        if (!empty($sloRequestUrl)) {
+        if (! empty($sloRequestUrl)) {
             return redirect()->away($sloRequestUrl);
         }
 
@@ -407,11 +448,11 @@ class LoginController extends Controller
         $request->session()->regenerate(true);
         Auth::logout();
 
-        if (!empty($sloRedirectUrl)) {
+        if (! empty($sloRedirectUrl)) {
             return redirect()->away($sloRedirectUrl);
         }
 
-        $customLogoutUrl = $settings->login_remote_user_custom_logout_url ;
+        $customLogoutUrl = $settings->login_remote_user_custom_logout_url;
         if ($settings->login_remote_user_enabled == '1' && $customLogoutUrl != '') {
             return redirect()->away($customLogoutUrl);
         }
@@ -434,7 +475,6 @@ class LoginController extends Controller
         ]);
     }
 
-
     public function username()
     {
         return 'username';
@@ -461,7 +501,6 @@ class LoginController extends Controller
             ->withErrors([$this->username() => $message]);
     }
 
-
     /**
      * Override the lockout time and duration
      *
@@ -480,13 +519,13 @@ class LoginController extends Controller
         );
     }
 
-    public function legacyAuthRedirect() {
+    public function legacyAuthRedirect()
+    {
         return redirect()->route('login');
     }
 
     public function redirectTo()
     {
-        return Session::get('backUrl') ? Session::get('backUrl') :   $this->redirectTo;
+        return Session::get('backUrl') ? Session::get('backUrl') : $this->redirectTo;
     }
-
 }

app/Http/Controllers/Auth/RegisterController.php

@@ -6,17 +6,18 @@ use App\Http\Controllers\Controller;
 
 class RegisterController extends Controller
 {
-
     public function __construct()
     {
         $this->middleware('guest');
     }
 
-    public function showRegistrationForm() {
-        abort(404,'Page not found');
+    public function showRegistrationForm()
+    {
+        abort(404, 'Page not found');
     }
-    
-    public function register() {
-        abort(404,'Page not found');
+
+    public function register()
+    {
+        abort(404, 'Page not found');
     }
 }

app/Http/Controllers/Auth/ResetPasswordController.php

@@ -54,29 +54,25 @@ class ResetPasswordController extends Controller
         ];
     }
 
-
     protected function credentials(Request $request)
     {
         return $request->only(
             'username', 'password', 'password_confirmation', 'token'
         );
     }
-    
 
     public function showResetForm(Request $request, $token = null)
     {
         return view('auth.passwords.reset')->with(
             [
                 'token' => $token,
-                'username' => $request->input('username')
+                'username' => $request->input('username'),
             ]
         );
     }
 
-
     public function reset(Request $request)
     {
-
         $messages = [
             'password.not_in' => trans('validation.disallow_same_pwd_as_user_fields'),
         ];
@@ -87,15 +83,13 @@ class ResetPasswordController extends Controller
         $user = User::where('username', '=', $request->input('username'))->first();
 
         $broker = $this->broker();
-        if (strpos(Setting::passwordComplexityRulesSaving('store'), 'disallow_same_pwd_as_user_fields') !== FALSE) {
+        if (strpos(Setting::passwordComplexityRulesSaving('store'), 'disallow_same_pwd_as_user_fields') !== false) {
             $request->validate(
                 [
-                'password' => 'required|notIn:["'.$user->email.'","'.$user->username.'","'.$user->first_name.'","'.$user->last_name.'"'
+                'password' => 'required|notIn:["'.$user->email.'","'.$user->username.'","'.$user->first_name.'","'.$user->last_name.'"',
             ], $messages);
-            
         }
 
-
         $response = $broker->reset(
             $this->credentials($request), function ($user, $password) {
                 $this->resetPassword($user, $password);
@@ -107,14 +101,10 @@ class ResetPasswordController extends Controller
             : $this->sendResetFailedResponse($request, $response);
     }
 
-
     protected function sendResetFailedResponse(Request $request, $response)
     {
         return redirect()->back()
             ->withInput(['username'=> $request->input('username')])
             ->withErrors(['username' => trans($response), 'password' => trans($response)]);
     }
-
-
-
 }

app/Http/Controllers/Auth/SamlController.php

@@ -2,9 +2,9 @@
 
 namespace App\Http\Controllers\Auth;
 
-use Illuminate\Http\Request;
 use App\Http\Controllers\Controller;
 use App\Services\Saml;
+use Illuminate\Http\Request;
 use Log;
 
 /**
@@ -30,20 +30,20 @@ class SamlController extends Controller
     {
         $this->saml = $saml;
 
-        $this->middleware('guest', ['except' => ['metadata','sls']]);
+        $this->middleware('guest', ['except' => ['metadata', 'sls']]);
     }
 
     /**
      * Return SAML SP metadata for Snipe-IT
-     * 
+     *
      * /saml/metadata
-     * 
+     *
      * @author Johnson Yi <jyi.dev@outlook.com>
-     * 
+     *
      * @since 5.0.0
      *
      * @param Request $request
-     * 
+     *
      * @return Response
      */
     public function metadata(Request $request)
@@ -53,7 +53,7 @@ class SamlController extends Controller
         if (empty($metadata)) {
             return response()->view('errors.403', [], 403);
         }
-    
+
         return response()->streamDownload(function () use ($metadata) {
             echo $metadata;
         }, 'snipe-it-metadata.xml', ['Content-Type' => 'text/xml']);
@@ -61,36 +61,37 @@ class SamlController extends Controller
 
     /**
      * Begin the SP-Initiated SSO by sending AuthN to the IdP.
-     * 
+     *
      * /login/saml
-     * 
+     *
      * @author Johnson Yi <jyi.dev@outlook.com>
-     * 
+     *
      * @since 5.0.0
      *
      * @param Request $request
-     * 
+     *
      * @return Redirect
      */
     public function login(Request $request)
     {
         $auth = $this->saml->getAuth();
-        $ssoUrl = $auth->login(null, array(), false, false, false, false);
+        $ssoUrl = $auth->login(null, [], false, false, false, false);
+
         return redirect()->away($ssoUrl);
     }
 
     /**
      * Receives, parses the assertion from IdP and flashes SAML data
      * back to the LoginController for authentication.
-     * 
+     *
      * /saml/acs
-     * 
+     *
      * @author Johnson Yi <jyi.dev@outlook.com>
-     * 
+     *
      * @since 5.0.0
      *
      * @param Request $request
-     * 
+     *
      * @return Redirect
      */
     public function acs(Request $request)
@@ -100,9 +101,10 @@ class SamlController extends Controller
         $auth->processResponse();
         $errors = $auth->getErrors();
 
-        if (!empty($errors)) {
-            Log::error("There was an error with SAML ACS: " . implode(', ', $errors));
-            Log::error("Reason: " . $auth->getLastErrorReason());
+        if (! empty($errors)) {
+            Log::error('There was an error with SAML ACS: '.implode(', ', $errors));
+            Log::error('Reason: '.$auth->getLastErrorReason());
+
             return redirect()->route('login')->with('error', trans('auth/message.signin.error'));
         }
 
@@ -114,15 +116,15 @@ class SamlController extends Controller
     /**
      * Receives LogoutRequest/LogoutResponse from IdP and flashes
      * back to the LoginController for logging out.
-     * 
+     *
      * /saml/sls
-     * 
+     *
      * @author Johnson Yi <jyi.dev@outlook.com>
-     * 
+     *
      * @since 5.0.0
      *
      * @param Request $request
-     * 
+     *
      * @return Redirect
      */
     public function sls(Request $request)
@@ -131,10 +133,11 @@ class SamlController extends Controller
         $retrieveParametersFromServer = $this->saml->getSetting('retrieveParametersFromServer', false);
         $sloUrl = $auth->processSLO(true, null, $retrieveParametersFromServer, null, true);
         $errors = $auth->getErrors();
-        
-        if (!empty($errors)) {
-            Log::error("There was an error with SAML SLS: " . implode(', ', $errors));
-            Log::error("Reason: " . $auth->getLastErrorReason());
+
+        if (! empty($errors)) {
+            Log::error('There was an error with SAML SLS: '.implode(', ', $errors));
+            Log::error('Reason: '.$auth->getLastErrorReason());
+
             return view('errors.403');
         }
 

app/Http/Controllers/BulkAssetModelsController.php

@@ -10,7 +10,7 @@ use Illuminate\Support\Facades\Redirect;
 
 class BulkAssetModelsController extends Controller
 {
-  /**
+    /**
      * Returns a view that allows the user to bulk edit model attrbutes
      *
      * @author [A. Gianotto] [<snipe@snipe.net>]
@@ -24,26 +24,28 @@ class BulkAssetModelsController extends Controller
 
         // Make sure some IDs have been selected
         if ((is_array($models_raw_array)) && (count($models_raw_array) > 0)) {
-
             $models = AssetModel::whereIn('id', $models_raw_array)
                 ->withCount('assets as assets_count')
                 ->orderBy('assets_count', 'ASC')
                 ->get();
 
             // If deleting....
-            if ($request->input('bulk_actions')=='delete') {
+            if ($request->input('bulk_actions') == 'delete') {
+                $this->authorize('delete', AssetModel::class);
                 $valid_count = 0;
                 foreach ($models as $model) {
                     if ($model->assets_count == 0) {
                         $valid_count++;
                     }
                 }
+
                 return view('models/bulk-delete', compact('models'))->with('valid_count', $valid_count);
 
-            // Otherwise display the bulk edit screen
+                // Otherwise display the bulk edit screen
             }
-
+            $this->authorize('update', AssetModel::class);
             $nochange = ['NC' => 'No Change'];
+
             return view('models/bulk-edit', compact('models'))
                 ->with('fieldset_list', $nochange + Helper::customFieldsetList())
                 ->with('depreciation_list', $nochange + Helper::depreciationList());
@@ -63,34 +65,38 @@ class BulkAssetModelsController extends Controller
      */
     public function update(Request $request)
     {
-
+        $this->authorize('update', AssetModel::class);
+      
         $models_raw_array = $request->input('ids');
-        $update_array = array();
+        $update_array = [];
 
-        if (($request->filled('manufacturer_id') && ($request->input('manufacturer_id')!='NC'))) {
+        if (($request->filled('manufacturer_id') && ($request->input('manufacturer_id') != 'NC'))) {
             $update_array['manufacturer_id'] = $request->input('manufacturer_id');
         }
-        if (($request->filled('category_id') && ($request->input('category_id')!='NC'))) {
+        if (($request->filled('category_id') && ($request->input('category_id') != 'NC'))) {
             $update_array['category_id'] = $request->input('category_id');
         }
-        if ($request->input('fieldset_id')!='NC') {
+        if ($request->input('fieldset_id') != 'NC') {
             $update_array['fieldset_id'] = $request->input('fieldset_id');
         }
-        if ($request->input('depreciation_id')!='NC') {
+        if ($request->input('depreciation_id') != 'NC') {
             $update_array['depreciation_id'] = $request->input('depreciation_id');
         }
 
+        if ($request->filled('requestable') != '') {
+            $update_array['requestable'] = $request->input('requestable');
+        }
+
 
-        
         if (count($update_array) > 0) {
             AssetModel::whereIn('id', $models_raw_array)->update($update_array);
+
             return redirect()->route('models.index')
                 ->with('success', trans('admin/models/message.bulkedit.success'));
         }
 
         return redirect()->route('models.index')
             ->with('warning', trans('admin/models/message.bulkedit.error'));
-
     }
 
     /**
@@ -103,10 +109,11 @@ class BulkAssetModelsController extends Controller
      */
     public function destroy(Request $request)
     {
+        $this->authorize('delete', AssetModel::class);
+      
         $models_raw_array = $request->input('ids');
 
         if ((is_array($models_raw_array)) && (count($models_raw_array) > 0)) {
-
             $models = AssetModel::whereIn('id', $models_raw_array)->withCount('assets as assets_count')->get();
 
             $del_error_count = 0;
@@ -123,7 +130,7 @@ class BulkAssetModelsController extends Controller
 
             if ($del_error_count == 0) {
                 return redirect()->route('models.index')
-                    ->with('success', trans('admin/models/message.bulkdelete.success',['success_count'=> $del_count] ));
+                    ->with('success', trans('admin/models/message.bulkdelete.success', ['success_count'=> $del_count]));
             }
 
             return redirect()->route('models.index')
@@ -132,7 +139,5 @@ class BulkAssetModelsController extends Controller
 
         return redirect()->route('models.index')
             ->with('error', trans('admin/models/message.bulkdelete.error'));
-
     }
-
 }

app/Http/Controllers/CategoriesController.php

@@ -1,4 +1,5 @@
 <?php
+
 namespace App\Http\Controllers;
 
 use App\Helpers\Helper;
@@ -17,7 +18,6 @@ use Str;
  */
 class CategoriesController extends Controller
 {
-
     /**
      * Returns a view that invokes the ajax tables which actually contains
      * the content for the categories listing, which is generated in getDatatable.
@@ -32,10 +32,10 @@ class CategoriesController extends Controller
     {
         // Show the page
         $this->authorize('view', Category::class);
+
         return view('categories/index');
     }
 
-
     /**
      * Returns a form view to create a new category.
      *
@@ -49,11 +49,11 @@ class CategoriesController extends Controller
     {
         // Show the page
         $this->authorize('create', Category::class);
+
         return view('categories/edit')->with('item', new Category)
             ->with('category_types', Helper::categoryTypeList());
     }
 
-
     /**
      * Validates and stores the new category data.
      *
@@ -68,13 +68,13 @@ class CategoriesController extends Controller
     {
         $this->authorize('create', Category::class);
         $category = new Category();
-        $category->name                 = $request->input('name');
-        $category->category_type        = $request->input('category_type');
-        $category->eula_text            = $request->input('eula_text');
-        $category->use_default_eula     = $request->input('use_default_eula', '0');
-        $category->require_acceptance   = $request->input('require_acceptance', '0');
-        $category->checkin_email        = $request->input('checkin_email', '0');
-        $category->user_id              = Auth::id();
+        $category->name = $request->input('name');
+        $category->category_type = $request->input('category_type');
+        $category->eula_text = $request->input('eula_text');
+        $category->use_default_eula = $request->input('use_default_eula', '0');
+        $category->require_acceptance = $request->input('require_acceptance', '0');
+        $category->checkin_email = $request->input('checkin_email', '0');
+        $category->user_id = Auth::id();
 
         $category = $request->handleImages($category);
         if ($category->save()) {
@@ -100,11 +100,11 @@ class CategoriesController extends Controller
         if (is_null($item = Category::find($categoryId))) {
             return redirect()->route('categories.index')->with('error', trans('admin/categories/message.does_not_exist'));
         }
+
         return view('categories/edit', compact('item'))
         ->with('category_types', Helper::categoryTypeList());
     }
 
-
     /**
      * Validates and stores the updated category data.
      *
@@ -125,15 +125,14 @@ class CategoriesController extends Controller
         }
 
         // Update the category data
-        $category->name                 = $request->input('name');
+        $category->name = $request->input('name');
         // If the item count is > 0, we disable the category type in the edit. Disabled items
         // don't POST, so if the category_type is blank we just set it to the default.
-        $category->category_type        = $request->input('category_type', $category->category_type);
-        $category->eula_text            = $request->input('eula_text');
-        $category->use_default_eula     = $request->input('use_default_eula', '0');
-        $category->require_acceptance   = $request->input('require_acceptance', '0');
-        $category->checkin_email        = $request->input('checkin_email', '0');
-
+        $category->category_type = $request->input('category_type', $category->category_type);
+        $category->eula_text = $request->input('eula_text');
+        $category->use_default_eula = $request->input('use_default_eula', '0');
+        $category->require_acceptance = $request->input('require_acceptance', '0');
+        $category->checkin_email = $request->input('checkin_email', '0');
 
         $category = $request->handleImages($category);
 
@@ -162,8 +161,8 @@ class CategoriesController extends Controller
             return redirect()->route('categories.index')->with('error', trans('admin/categories/message.not_found'));
         }
 
-        if (!$category->isDeletable()) {
-            return redirect()->route('categories.index')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=> $category->category_type ]));
+        if (! $category->isDeletable()) {
+            return redirect()->route('categories.index')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=> $category->category_type]));
         }
 
         Storage::disk('public')->delete('categories'.'/'.$category->image);
@@ -172,7 +171,6 @@ class CategoriesController extends Controller
         return redirect()->route('categories.index')->with('success', trans('admin/categories/message.delete.success'));
     }
 
-
     /**
      * Returns a view that invokes the ajax tables which actually contains
      * the content for the categories detail view, which is generated in getDataView.
@@ -188,20 +186,20 @@ class CategoriesController extends Controller
     {
         $this->authorize('view', Category::class);
         if ($category = Category::find($id)) {
-
-            if ($category->category_type=='asset') {
+            if ($category->category_type == 'asset') {
                 $category_type = 'hardware';
                 $category_type_route = 'assets';
-            } elseif ($category->category_type=='accessory') {
+            } elseif ($category->category_type == 'accessory') {
                 $category_type = 'accessories';
                 $category_type_route = 'accessories';
             } else {
                 $category_type = $category->category_type;
                 $category_type_route = $category->category_type.'s';
             }
+
             return view('categories/view', compact('category'))
-                ->with('category_type',$category_type)
-                ->with('category_type_route',$category_type_route);
+                ->with('category_type', $category_type)
+                ->with('category_type_route', $category_type_route);
         }
 
         return redirect()->route('categories.index')->with('error', trans('admin/categories/message.does_not_exist'));

app/Http/Controllers/CheckInOutRequest.php

@@ -1,4 +1,5 @@
 <?php
+
 namespace App\Http\Controllers;
 
 use App\Models\Asset;
@@ -14,9 +15,8 @@ trait CheckInOutRequest
      */
     protected function determineCheckoutTarget()
     {
-          // This item is checked out to a location
-        switch(request('checkout_to_type'))
-        {
+        // This item is checked out to a location
+        switch (request('checkout_to_type')) {
             case 'location':
                 return Location::findOrFail(request('assigned_location'));
             case 'asset':
@@ -24,6 +24,7 @@ trait CheckInOutRequest
             case 'user':
                 return User::findOrFail(request('assigned_user'));
         }
+
         return null;
     }
 
@@ -35,15 +36,16 @@ trait CheckInOutRequest
      */
     protected function updateAssetLocation($asset, $target)
     {
-        switch(request('checkout_to_type'))
-        {
+        switch (request('checkout_to_type')) {
             case 'location':
                 $asset->location_id = $target->id;
+                Asset::where('assigned_type', 'App\Models\Asset')->where('assigned_to', $asset->id)
+                    ->update(['location_id' => $asset->location_id]);
                 break;
             case 'asset':
                 $asset->location_id = $target->rtd_location_id;
                 // Override with the asset's location_id if it has one
-                if ($target->location_id!='') {
+                if ($target->location_id != '') {
                     $asset->location_id = $target->location_id;
                 }
                 break;
@@ -51,6 +53,7 @@ trait CheckInOutRequest
                     $asset->location_id = $target->location_id;
                     break;
         }
+
         return $asset;
     }
 }

app/Http/Controllers/CompaniesController.php

@@ -1,4 +1,5 @@
 <?php
+
 namespace App\Http\Controllers;
 
 use App\Http\Requests\ImageUploadRequest;
@@ -12,10 +13,8 @@ use Illuminate\Support\Facades\Storage;
  *
  * @version    v1.0
  */
-
 final class CompaniesController extends Controller
 {
-
     /**
      * Returns view to display listing of companies.
      *
@@ -68,10 +67,10 @@ final class CompaniesController extends Controller
             return redirect()->route('companies.index')
                 ->with('success', trans('admin/companies/message.create.success'));
         }
+
         return redirect()->back()->withInput()->withErrors($company->getErrors());
     }
 
-
     /**
      * Return form to edit existing company.
      *
@@ -113,14 +112,13 @@ final class CompaniesController extends Controller
 
         $company->name = $request->input('name');
 
-
         $company = $request->handleImages($company);
 
-
         if ($company->save()) {
             return redirect()->route('companies.index')
                 ->with('success', trans('admin/companies/message.update.success'));
         }
+
         return redirect()->route('companies.edit', ['company' => $companyId])
             ->with('error', trans('admin/companies/message.update.error'));
     }
@@ -142,13 +140,13 @@ final class CompaniesController extends Controller
         }
 
         $this->authorize('delete', $company);
-        if(!$company->isDeletable()) {
+        if (! $company->isDeletable()) {
             return redirect()->route('companies.index')
                     ->with('error', trans('admin/companies/message.assoc_users'));
         }
 
         if ($company->image) {
-            try  {
+            try {
                 Storage::disk('public')->delete('companies'.'/'.$company->image);
             } catch (\Exception $e) {
                 \Log::debug($e);
@@ -156,11 +154,13 @@ final class CompaniesController extends Controller
         }
 
         $company->delete();
+
         return redirect()->route('companies.index')
             ->with('success', trans('admin/companies/message.delete.success'));
     }
 
-    public function show($id) {
+    public function show($id)
+    {
         $this->authorize('view', Company::class);
 
         if (is_null($company = Company::find($id))) {
@@ -168,6 +168,6 @@ final class CompaniesController extends Controller
                 ->with('error', trans('admin/companies/message.not_found'));
         }
 
-        return view('companies/view')->with('company',$company);
+        return view('companies/view')->with('company', $company);
     }
 }

app/Http/Controllers/Components/ComponentCheckinController.php

@@ -15,7 +15,6 @@ use Illuminate\Support\Facades\Validator;
 
 class ComponentCheckinController extends Controller
 {
-
     /**
      * Returns a view that allows the checkin of a component from an asset.
      *
@@ -39,14 +38,13 @@ class ComponentCheckinController extends Controller
                     trans('admin/components/message.not_found'));
             }
             $this->authorize('checkin', $component);
-            return view('components/checkin', compact('component_assets','component','asset'));
+
+            return view('components/checkin', compact('component_assets', 'component', 'asset'));
         }
 
         return redirect()->route('components.index')->with('error', trans('admin/components/messages.not_found'));
-
     }
 
-
     /**
      * Validate and store checkin data.
      *
@@ -66,12 +64,11 @@ class ComponentCheckinController extends Controller
                     trans('admin/components/message.not_found'));
             }
 
-
             $this->authorize('checkin', $component);
 
             $max_to_checkin = $component_assets->assigned_qty;
             $validator = Validator::make($request->all(), [
-                "checkin_qty" => "required|numeric|between:1,$max_to_checkin"
+                'checkin_qty' => "required|numeric|between:1,$max_to_checkin",
             ]);
 
             if ($validator->fails()) {
@@ -81,7 +78,7 @@ class ComponentCheckinController extends Controller
             }
 
             // Validation passed, so let's figure out what we have to do here.
-            $qty_remaining_in_checkout = ($component_assets->assigned_qty - (int)$request->input('checkin_qty'));
+            $qty_remaining_in_checkout = ($component_assets->assigned_qty - (int) $request->input('checkin_qty'));
 
             // We have to modify the record to reflect the new qty that's
             // actually checked out.
@@ -102,7 +99,7 @@ class ComponentCheckinController extends Controller
             return redirect()->route('components.index')->with('success',
                 trans('admin/components/message.checkin.success'));
         }
+
         return redirect()->route('components.index')->with('error', trans('admin/components/message.does_not_exist'));
     }
-
 }

app/Http/Controllers/Components/ComponentCheckoutController.php

@@ -32,6 +32,7 @@ class ComponentCheckoutController extends Controller
             return redirect()->route('components.index')->with('error', trans('admin/components/message.not_found'));
         }
         $this->authorize('checkout', $component);
+
         return view('components/checkout', compact('component'));
     }
 
@@ -58,8 +59,8 @@ class ComponentCheckoutController extends Controller
 
         $max_to_checkout = $component->numRemaining();
         $validator = Validator::make($request->all(), [
-            "asset_id"          => "required",
-            "assigned_qty"      => "required|numeric|between:1,$max_to_checkout"
+            'asset_id'          => 'required',
+            'assigned_qty'      => "required|numeric|between:1,$max_to_checkout",
         ]);
 
         if ($validator->fails()) {
@@ -78,14 +79,14 @@ class ComponentCheckoutController extends Controller
         }
 
         // Update the component data
-        $component->asset_id =   $asset_id;
+        $component->asset_id = $asset_id;
 
         $component->assets()->attach($component->id, [
             'component_id' => $component->id,
             'user_id' => $admin_user->id,
             'created_at' => date('Y-m-d H:i:s'),
             'assigned_qty' => $request->input('assigned_qty'),
-            'asset_id' => $asset_id
+            'asset_id' => $asset_id,
         ]);
 
         event(new CheckoutableCheckedOut($component, $asset, Auth::user(), $request->input('note')));

app/Http/Controllers/Components/ComponentsController.php

@@ -1,4 +1,5 @@
 <?php
+
 namespace App\Http\Controllers\Components;
 
 use App\Http\Controllers\Controller;
@@ -32,6 +33,7 @@ class ComponentsController extends Controller
     public function index()
     {
         $this->authorize('view', Component::class);
+
         return view('components/index');
     }
 
@@ -48,11 +50,11 @@ class ComponentsController extends Controller
     public function create()
     {
         $this->authorize('create', Component::class);
+
         return view('components/edit')->with('category_type', 'component')
             ->with('item', new Component);
     }
 
-
     /**
      * Validate and store data for new component.
      *
@@ -78,12 +80,14 @@ class ComponentsController extends Controller
         $component->purchase_cost          = Helper::ParseCurrency($request->input('purchase_cost', null));
         $component->qty                    = $request->input('qty');
         $component->user_id                = Auth::id();
+        $component->notes                  = $request->input('notes');
 
         $component = $request->handleImages($component);
 
         if ($component->save()) {
             return redirect()->route('components.index')->with('success', trans('admin/components/message.create.success'));
         }
+
         return redirect()->back()->withInput()->withErrors($component->getErrors());
     }
 
@@ -101,8 +105,10 @@ class ComponentsController extends Controller
     {
         if ($item = Component::find($componentId)) {
             $this->authorize('update', $item);
+
             return view('components/edit', compact('item'))->with('category_type', 'component');
         }
+
         return redirect()->route('components.index')->with('error', trans('admin/components/message.does_not_exist'));
     }
 
@@ -125,7 +131,7 @@ class ComponentsController extends Controller
         }
         $min = $component->numCHeckedOut();
         $validator = Validator::make($request->all(), [
-            "qty" => "required|numeric|min:$min"
+            'qty' => "required|numeric|min:$min",
         ]);
 
         if ($validator->fails()) {
@@ -147,12 +153,14 @@ class ComponentsController extends Controller
         $component->purchase_date          = $request->input('purchase_date');
         $component->purchase_cost          = Helper::ParseCurrency(request('purchase_cost'));
         $component->qty                    = $request->input('qty');
+        $component->notes                  = $request->input('notes');
 
         $component = $request->handleImages($component);
 
         if ($component->save()) {
             return redirect()->route('components.index')->with('success', trans('admin/components/message.update.success'));
         }
+
         return redirect()->back()->withInput()->withErrors($component->getErrors());
     }
 
@@ -175,7 +183,7 @@ class ComponentsController extends Controller
 
         // Remove the image if one exists
         if (Storage::disk('public')->exists('components/'.$component->image)) {
-            try  {
+            try {
                 Storage::disk('public')->delete('components/'.$component->image);
             } catch (\Exception $e) {
                 \Log::debug($e);
@@ -183,6 +191,7 @@ class ComponentsController extends Controller
         }
 
         $component->delete();
+
         return redirect()->route('components.index')->with('success', trans('admin/components/message.delete.success'));
     }
 
@@ -202,6 +211,7 @@ class ComponentsController extends Controller
 
         if (isset($component->id)) {
             $this->authorize('view', $component);
+
             return view('components/view', compact('component'));
         }
         // Redirect to the user management page

app/Http/Controllers/Consumables/ConsumableCheckoutController.php

@@ -12,7 +12,6 @@ use Illuminate\Support\Facades\Input;
 
 class ConsumableCheckoutController extends Controller
 {
-
     /**
      * Return a view to checkout a consumable to a user.
      *
@@ -29,6 +28,7 @@ class ConsumableCheckoutController extends Controller
             return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.does_not_exist'));
         }
         $this->authorize('checkout', $consumable);
+
         return view('consumables/checkout', compact('consumable'));
     }
 
@@ -65,13 +65,12 @@ class ConsumableCheckoutController extends Controller
         $consumable->users()->attach($consumable->id, [
             'consumable_id' => $consumable->id,
             'user_id' => $admin_user->id,
-            'assigned_to' => e($request->input('assigned_to'))
+            'assigned_to' => e($request->input('assigned_to')),
         ]);
 
         event(new CheckoutableCheckedOut($consumable, $user, Auth::user(), $request->input('note')));
 
         // Redirect to the new consumable page
         return redirect()->route('consumables.index')->with('success', trans('admin/consumables/message.checkout.success'));
-
     }
 }