Sets the ldap_default_group field to nullable and default null

Signed-off-by: snipe <snipe@snipe.net>
Merge pull request #12268 from inietov/fixes/people_count
2022-12-20 17:24:01 -08:00 · 2022-12-20 17:05:18 -08:00 · 2022-12-20 18:39:17 -06:00 · 2022-12-20 15:09:30 -08:00 · 2022-12-20 14:57:58 -08:00 · 2022-12-19 12:41:32 -08:00
410 changed files with 23298 additions and 1309 deletions
@@ -2736,7 +2736,97 @@
      "avatar_url": "https://avatars.githubusercontent.com/u/111710123?v=4",
      "profile": "https://github.com/Vautia",
      "contributions": [
-        "security"
+        "code"
+      ]
+    },
+    {
+      "login": "chartjes",
+      "name": "Chris Hartjes",
+      "avatar_url": "https://avatars.githubusercontent.com/u/28321?v=4",
+      "profile": "http://www.littlehart.net/atthekeyboard",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "geo-chen",
+      "name": "geo-chen",
+      "avatar_url": "https://avatars.githubusercontent.com/u/2404584?v=4",
+      "profile": "https://github.com/geo-chen",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "nh314",
+      "name": "Phan Nguyen",
+      "avatar_url": "https://avatars.githubusercontent.com/u/6006620?v=4",
+      "profile": "https://github.com/nh314",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "StarlessNights",
+      "name": "Iisakki Jaakkola",
+      "avatar_url": "https://avatars.githubusercontent.com/u/115993812?v=4",
+      "profile": "https://github.com/StarlessNights",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "eltociear",
+      "name": "Ikko Ashimine",
+      "avatar_url": "https://avatars.githubusercontent.com/u/22633385?v=4",
+      "profile": "https://bandism.net/",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "lukasfehling",
+      "name": "Lukas Fehling",
+      "avatar_url": "https://avatars.githubusercontent.com/u/56871540?v=4",
+      "profile": "https://github.com/lukasfehling",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "fernando-almeida",
+      "name": "Fernando Almeida",
+      "avatar_url": "https://avatars.githubusercontent.com/u/1975990?v=4",
+      "profile": "https://github.com/fernando-almeida",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "akemidx",
+      "name": "akemidx",
+      "avatar_url": "https://avatars.githubusercontent.com/u/116301219?v=4",
+      "profile": "https://github.com/akemidx",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "oguzbilgic",
+      "name": "Oguz Bilgic",
+      "avatar_url": "https://avatars.githubusercontent.com/u/144778?v=4",
+      "profile": "http://oguz.site",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "scoo73r",
+      "name": "Scooter Crawford",
+      "avatar_url": "https://avatars.githubusercontent.com/u/9262438?v=4",
+      "profile": "https://github.com/scoo73r",
+      "contributions": [
+        "code"
      ]
    }
  ]
@@ -174,3 +174,9 @@ REPORT_TIME_LIMIT=12000
 REQUIRE_SAML=false
 API_THROTTLE_PER_MINUTE=120
 CSV_ESCAPE_FORMULAS=true
+
+# --------------------------------------------
+# OPTIONAL: SCIM
+# --------------------------------------------
+SCIM_TRACE=false
+SCIM_STANDARDS_COMPLIANCE=false
@@ -26,7 +26,7 @@ jobs:
        language: [ 'javascript' ]
    steps:
    - name: Checkout repository
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3.1.0

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
@@ -32,7 +32,7 @@ jobs:
    steps:
      # Checkout the repository to the GitHub Actions runner
      - name: Checkout code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3.1.0

      # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
      - name: Run Codacy Analysis CLI
@@ -41,7 +41,7 @@ jobs:
    steps:
      # https://github.com/actions/checkout
      - name: Checkout codebase
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3.1.0

      # https://github.com/docker/setup-buildx-action
      - name: Setup Docker Buildx
@@ -41,7 +41,7 @@ jobs:
    steps:
      # https://github.com/actions/checkout
      - name: Checkout codebase
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3.1.0

      # https://github.com/docker/setup-buildx-action
      - name: Setup Docker Buildx
@@ -24,6 +24,7 @@ php7.4-mbstring \
 php7.4-zip \
 php7.4-bcmath \
 php7.4-redis \
+php-memcached \
 patch \
 curl \
 wget  \
@@ -139,4 +140,4 @@ RUN chmod +x /startup.sh /usr/bin/supervisor-exit-event-listener
 CMD ["/startup.sh"]

 EXPOSE 80
-EXPOSE 443
+EXPOSE 443
@@ -28,6 +28,7 @@ RUN  apk add --no-cache \
        php7-xmlreader \
        php7-sodium \
        php7-redis \
+        php7-pecl-memcached \
        curl \
        wget \
        vim \
@@ -85,4 +86,4 @@ ENTRYPOINT ["/sbin/tini", "--"]

 CMD ["/entrypoint.sh"]

-EXPOSE 80
+EXPOSE 80
@@ -75,14 +75,14 @@ RUN set -eux; \
 	rm snipeit.tar.gz; \
 # Install composer php dependencies
    if [ "$ENVIRONMENT" = "production" ]; then \
-        echo "production enviroment detected!"; \
+        echo "production environment detected!"; \
        composer update \
            --no-cache \
            --no-dev \
            --optimize-autoloader \
            --working-dir=/var/www/html; \
    else \
-        echo "development enviroment detected!"; \
+        echo "development environment detected!"; \
        apk add --no-cache \
            ${DEV_PACKAGES}; \
        composer update \
@@ -100,4 +100,4 @@ COPY --chown=www-data:www-data docker/docker-secrets.env /var/www/html/.env
 COPY --chmod=655 docker/docker-entrypoint.sh /usr/local/bin/docker-snipeit-entrypoint
 COPY docker/column-statistics.cnf /etc/mysql/conf.d/column-statistics.cnf
 ENTRYPOINT [ "/usr/local/bin/docker-snipeit-entrypoint" ]
-CMD [ "/usr/local/bin/docker-php-entrypoint", "php-fpm" ]
+CMD [ "/usr/local/bin/docker-php-entrypoint", "php-fpm" ]
@@ -1,5 +1,5 @@
 ![Build Status](https://app.chipperci.com/projects/0e5f8979-31eb-4ee6-9abf-050b76ab0383/status/master) [![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.svg)](https://crowdin.com/project/snipe-it) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeitapp.svg?style=social)](https://twitter.com/snipeitapp)  [![Codacy Badge](https://api.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://www.codacy.com/app/snipe/snipe-it?utm_source=github.com&amp;utm_medium=referral&amp;utm_content=snipe/snipe-it&amp;utm_campaign=Badge_Grade)
-[![All Contributors](https://img.shields.io/badge/all_contributors-300-orange.svg?style=flat-square)](#contributors) [![Discord](https://badgen.net/badge/icon/discord?icon=discord&label)](https://discord.gg/yZFtShAcKk) [![huntr](https://cdn.huntr.dev/huntr_security_badge_mono.svg)](https://huntr.dev)
+[![All Contributors](https://img.shields.io/badge/all_contributors-311-orange.svg?style=flat-square)](#contributors) [![Discord](https://badgen.net/badge/icon/discord?icon=discord&label)](https://discord.gg/yZFtShAcKk) [![huntr](https://cdn.huntr.dev/huntr_security_badge_mono.svg)](https://huntr.dev)

 ## Snipe-IT - Open Source Asset Management System

@@ -59,7 +59,7 @@ Since the release of the JSON REST API, several third-party developers have been
 - [SnipeSharp - .NET module in C#](https://github.com/barrycarey/SnipeSharp) by [@barrycarey](https://github.com/barrycarey)
 - [InQRy -unmaintained-](https://github.com/Microsoft/InQRy) by [@Microsoft](https://github.com/Microsoft)
 - [SnipeitPS](https://github.com/snazy2000/SnipeitPS) by [@snazy2000](https://github.com/snazy2000) - Powershell API Wrapper for Snipe-it
- [jamf2snipe](https://github.com/ParadoxGuitarist/jamf2snipe) by [@ParadoxGuitarist](https://github.com/ParadoxGuitarist) - Python script to sync assets between a JAMFPro instance and a Snipe-IT instance
+- [jamf2snipe](https://github.com/grokability/jamf2snipe) - Python script to sync assets between a JAMFPro instance and a Snipe-IT instance
 - [Marksman](https://github.com/Scope-IT/marksman) - A Windows agent for Snipe-IT
 - [Snipe-IT plugin for Jira Service Desk](https://marketplace.atlassian.com/apps/1220964/snipe-it-for-jira)
 - [Python 3 CSV importer](https://github.com/gastamper/snipeit-csvimporter) - allows importing assets into Snipe-IT based on Item Name rather than Asset Tag.
@@ -137,7 +137,9 @@ Thanks goes to all of these wonderful people ([emoji key](https://github.com/ken
 | [<img src="https://avatars.githubusercontent.com/u/1911435?v=4" width="110px;"/><br /><sub>Adam</sub>](http://www.aboutcher.co.uk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=adamboutcher "Code") | [<img src="https://avatars.githubusercontent.com/u/16104273?v=4" width="110px;"/><br /><sub>Ian</sub>](https://snksrv.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=sneak-it "Code") | [<img src="https://avatars.githubusercontent.com/u/4023909?v=4" width="110px;"/><br /><sub>Shao Yu-Lung (Allen)</sub>](http://blog.bestlong.idv.tw/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=bestlong "Code") | [<img src="https://avatars.githubusercontent.com/u/76475453?v=4" width="110px;"/><br /><sub>Haxatron</sub>](https://github.com/Haxatron)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Haxatron "Code") | [<img src="https://avatars.githubusercontent.com/u/88776392?v=4" width="110px;"/><br /><sub>PlaneNuts</sub>](https://github.com/PlaneNuts)<br />[💻](https://github.com/snipe/snipe-it/commits?author=PlaneNuts "Code") | [<img src="https://avatars.githubusercontent.com/u/3842948?v=4" width="110px;"/><br /><sub>Bradley Coudriet</sub>](http://bjcpgd.cias.rit.edu)<br />[💻](https://github.com/snipe/snipe-it/commits?author=exula "Code") | [<img src="https://avatars.githubusercontent.com/u/21966173?v=4" width="110px;"/><br /><sub>Dalton Durst</sub>](https://daltondur.st)<br />[💻](https://github.com/snipe/snipe-it/commits?author=UniversalSuperBox "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/38761237?v=4" width="110px;"/><br /><sub>Alex Janes</sub>](https://adagiohealth.org)<br />[💻](https://github.com/snipe/snipe-it/commits?author=adagioajanes "Code") | [<img src="https://avatars.githubusercontent.com/u/32387849?v=4" width="110px;"/><br /><sub>Nuraeil</sub>](https://github.com/nuraeil)<br />[💻](https://github.com/snipe/snipe-it/commits?author=nuraeil "Code") | [<img src="https://avatars.githubusercontent.com/u/48162670?v=4" width="110px;"/><br /><sub>TenOfTens</sub>](https://github.com/TenOfTens)<br />[💻](https://github.com/snipe/snipe-it/commits?author=TenOfTens "Code") | [<img src="https://avatars.githubusercontent.com/u/9415391?v=4" width="110px;"/><br /><sub>waffle</sub>](https://ditisjens.be/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=insert-waffle "Code") | [<img src="https://avatars.githubusercontent.com/u/19945501?v=4" width="110px;"/><br /><sub>Yevhenii Huzii</sub>](https://github.com/QveenSi)<br />[💻](https://github.com/snipe/snipe-it/commits?author=QveenSi "Code") | [<img src="https://avatars.githubusercontent.com/u/3839381?v=4" width="110px;"/><br /><sub>Achmad Fienan Rahardianto</sub>](https://github.com/veenone)<br />[💻](https://github.com/snipe/snipe-it/commits?author=veenone "Code") | [<img src="https://avatars.githubusercontent.com/u/19945501?v=4" width="110px;"/><br /><sub>Yevhenii Huzii</sub>](https://github.com/QveenSi)<br />[💻](https://github.com/snipe/snipe-it/commits?author=QveenSi "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/97299851?v=4" width="110px;"/><br /><sub>Christian Weirich</sub>](https://github.com/chrisweirich)<br />[💻](https://github.com/snipe/snipe-it/commits?author=chrisweirich "Code") | [<img src="https://avatars.githubusercontent.com/u/1294403?v=4" width="110px;"/><br /><sub>denzfarid</sub>](https://github.com/denzfarid)<br /> | [<img src="https://avatars.githubusercontent.com/u/94018771?v=4" width="110px;"/><br /><sub>ntbutler-nbcs</sub>](https://github.com/ntbutler-nbcs)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ntbutler-nbcs "Code") | [<img src="https://avatars.githubusercontent.com/u/172697?v=4" width="110px;"/><br /><sub>Naveen</sub>](https://naveensrinivasan.dev)<br />[💻](https://github.com/snipe/snipe-it/commits?author=naveensrinivasan "Code") | [<img src="https://avatars.githubusercontent.com/u/55674383?v=4" width="110px;"/><br /><sub>Mike Roquemore</sub>](https://github.com/mikeroq)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mikeroq "Code") | [<img src="https://avatars.githubusercontent.com/u/7991086?v=4" width="110px;"/><br /><sub>Daniel Reeder</sub>](https://github.com/reederda)<br />[🌍](#translation-reederda "Translation") [🌍](#translation-reederda "Translation") [💻](https://github.com/snipe/snipe-it/commits?author=reederda "Code") | [<img src="https://avatars.githubusercontent.com/u/109422491?v=4" width="110px;"/><br /><sub>vickyjaura183</sub>](https://github.com/vickyjaura183)<br />[💻](https://github.com/snipe/snipe-it/commits?author=vickyjaura183 "Code") |
-| [<img src="https://avatars.githubusercontent.com/u/32363424?v=4" width="110px;"/><br /><sub>Peace</sub>](https://github.com/julian-piehl)<br />[💻](https://github.com/snipe/snipe-it/commits?author=julian-piehl "Code") | [<img src="https://avatars.githubusercontent.com/u/231528?v=4" width="110px;"/><br /><sub>Kyle Gordon</sub>](https://github.com/kylegordon)<br />[💻](https://github.com/snipe/snipe-it/commits?author=kylegordon "Code") | [<img src="https://avatars.githubusercontent.com/u/53009155?v=4" width="110px;"/><br /><sub>Katharina Drexel</sub>](http://www.bfh.ch)<br />[💻](https://github.com/snipe/snipe-it/commits?author=sunflowerbofh "Code") | [<img src="https://avatars.githubusercontent.com/u/1931963?v=4" width="110px;"/><br /><sub>David Sferruzza</sub>](https://david.sferruzza.fr/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=dsferruzza "Code") | [<img src="https://avatars.githubusercontent.com/u/19511639?v=4" width="110px;"/><br /><sub>Rick Nelson</sub>](https://github.com/rnelsonee)<br />[💻](https://github.com/snipe/snipe-it/commits?author=rnelsonee "Code") | [<img src="https://avatars.githubusercontent.com/u/94169344?v=4" width="110px;"/><br /><sub>BasO12</sub>](https://github.com/BasO12)<br />[💻](https://github.com/snipe/snipe-it/commits?author=BasO12 "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/32363424?v=4" width="110px;"/><br /><sub>Peace</sub>](https://github.com/julian-piehl)<br />[💻](https://github.com/snipe/snipe-it/commits?author=julian-piehl "Code") | [<img src="https://avatars.githubusercontent.com/u/231528?v=4" width="110px;"/><br /><sub>Kyle Gordon</sub>](https://github.com/kylegordon)<br />[💻](https://github.com/snipe/snipe-it/commits?author=kylegordon "Code") | [<img src="https://avatars.githubusercontent.com/u/53009155?v=4" width="110px;"/><br /><sub>Katharina Drexel</sub>](http://www.bfh.ch)<br />[💻](https://github.com/snipe/snipe-it/commits?author=sunflowerbofh "Code") | [<img src="https://avatars.githubusercontent.com/u/1931963?v=4" width="110px;"/><br /><sub>David Sferruzza</sub>](https://david.sferruzza.fr/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=dsferruzza "Code") | [<img src="https://avatars.githubusercontent.com/u/19511639?v=4" width="110px;"/><br /><sub>Rick Nelson</sub>](https://github.com/rnelsonee)<br />[💻](https://github.com/snipe/snipe-it/commits?author=rnelsonee "Code") | [<img src="https://avatars.githubusercontent.com/u/94169344?v=4" width="110px;"/><br /><sub>BasO12</sub>](https://github.com/BasO12)<br />[💻](https://github.com/snipe/snipe-it/commits?author=BasO12 "Code") | [<img src="https://avatars.githubusercontent.com/u/111710123?v=4" width="110px;"/><br /><sub>Vautia</sub>](https://github.com/Vautia)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Vautia "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/28321?v=4" width="110px;"/><br /><sub>Chris Hartjes</sub>](http://www.littlehart.net/atthekeyboard)<br />[💻](https://github.com/snipe/snipe-it/commits?author=chartjes "Code") | [<img src="https://avatars.githubusercontent.com/u/2404584?v=4" width="110px;"/><br /><sub>geo-chen</sub>](https://github.com/geo-chen)<br />[💻](https://github.com/snipe/snipe-it/commits?author=geo-chen "Code") | [<img src="https://avatars.githubusercontent.com/u/6006620?v=4" width="110px;"/><br /><sub>Phan Nguyen</sub>](https://github.com/nh314)<br />[💻](https://github.com/snipe/snipe-it/commits?author=nh314 "Code") | [<img src="https://avatars.githubusercontent.com/u/115993812?v=4" width="110px;"/><br /><sub>Iisakki Jaakkola</sub>](https://github.com/StarlessNights)<br />[💻](https://github.com/snipe/snipe-it/commits?author=StarlessNights "Code") | [<img src="https://avatars.githubusercontent.com/u/22633385?v=4" width="110px;"/><br /><sub>Ikko Ashimine</sub>](https://bandism.net/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=eltociear "Code") | [<img src="https://avatars.githubusercontent.com/u/56871540?v=4" width="110px;"/><br /><sub>Lukas Fehling</sub>](https://github.com/lukasfehling)<br />[💻](https://github.com/snipe/snipe-it/commits?author=lukasfehling "Code") | [<img src="https://avatars.githubusercontent.com/u/1975990?v=4" width="110px;"/><br /><sub>Fernando Almeida</sub>](https://github.com/fernando-almeida)<br />[💻](https://github.com/snipe/snipe-it/commits?author=fernando-almeida "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/116301219?v=4" width="110px;"/><br /><sub>akemidx</sub>](https://github.com/akemidx)<br />[💻](https://github.com/snipe/snipe-it/commits?author=akemidx "Code") | [<img src="https://avatars.githubusercontent.com/u/144778?v=4" width="110px;"/><br /><sub>Oguz Bilgic</sub>](http://oguz.site)<br />[💻](https://github.com/snipe/snipe-it/commits?author=oguzbilgic "Code") | [<img src="https://avatars.githubusercontent.com/u/9262438?v=4" width="110px;"/><br /><sub>Scooter Crawford</sub>](https://github.com/scoo73r)<br />[💻](https://github.com/snipe/snipe-it/commits?author=scoo73r "Code") |
 <!-- ALL-CONTRIBUTORS-LIST:END -->

 This project follows the [all-contributors](https://github.com/kentcdodds/all-contributors) specification. Contributions of any kind welcome!
@@ -148,7 +148,7 @@
    "image": "heroku/php",
    "addons": [
      "cleardb:ignite",
-      "heroku-redis:hobby-dev",
+      "heroku-redis:mini",
      "papertrail:choklad"
    ]
-  }
+  }
@@ -22,7 +22,7 @@ class CheckoutLicenseToAllUsers extends Command
     *
     * @var string
     */
-    protected $description = 'Command description';
+    protected $description = 'Checks out licenses to all users';

    /**
     * Create a new command instance.
@@ -3,6 +3,7 @@
 namespace App\Console\Commands;

 use App\Models\Department;
+use App\Models\Group;
 use Illuminate\Console\Command;
 use App\Models\Setting;
 use App\Models\Ldap;
@@ -57,6 +58,7 @@ class LdapSync extends Command
        $ldap_result_country = Setting::getSettings()->ldap_country;
        $ldap_result_dept = Setting::getSettings()->ldap_dept;
        $ldap_result_manager = Setting::getSettings()->ldap_manager;
+        $ldap_default_group = Setting::getSettings()->ldap_default_group;

        try {
            $ldapconn = Ldap::connectToLdap();
@@ -175,6 +177,8 @@ class LdapSync extends Command
        $tmp_pass = substr(str_shuffle('0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'), 0, 20);
        $pass = bcrypt($tmp_pass);

+        $manager_cache = [];
+
        for ($i = 0; $i < $results['count']; $i++) {
                $item = [];
                $item['username'] = isset($results[$i][$ldap_result_username][0]) ? $results[$i][$ldap_result_username][0] : '';
@@ -190,6 +194,7 @@ class LdapSync extends Command
                $item['department'] = isset($results[$i][$ldap_result_dept][0]) ? $results[$i][$ldap_result_dept][0] : '';
                $item['manager'] = isset($results[$i][$ldap_result_manager][0]) ? $results[$i][$ldap_result_manager][0] : '';

+
                $department = Department::firstOrCreate([
                    'name' => $item['department'],
                ]);
@@ -216,21 +221,50 @@ class LdapSync extends Command
                $user->country = $item['country'];
                $user->department_id = $department->id;

+                if($ldap_default_group != null) {
+
+                    $default = Group::select()->where('id', $ldap_default_group)->first();
+                    $user->permissions = $default->permissions;
+
+                }
+
                if($item['manager'] != null) {
-                    // Get the LDAP Manager
-                    $ldap_manager = Ldap::findLdapUsers($item['manager'], -1, $this->option('filter'));
-
-                    if($ldap_manager["count"] > 0) { 
-                        // Get the Managers username
-                        $ldapManagerUsername = $ldap_manager[0][$ldap_result_username][0];
-
-                        // Get User from Manager username.
-                        $ldap_manager = User::where('username', $ldapManagerUsername)->first();
-
-                        if ( $ldap_manager && isset($ldap_manager->id) ) {
-                            // Link user to manager id.
-                            $user->manager_id = $ldap_manager->id;
+                    // Check Cache first
+                    if (isset($manager_cache[$item['manager']])) {
+                        // found in cache; use that and avoid extra lookups
+                        $user->manager_id = $manager_cache[$item['manager']];
+                    } else {
+                        // Get the LDAP Manager
+                        try {
+                            $ldap_manager = Ldap::findLdapUsers($item['manager'], -1, $this->option('filter'));
+                        } catch (\Exception $e) {
+                            \Log::warning("Manager lookup caused an exception: " . $e->getMessage() . ". Falling back to direct username lookup");
+                            // Hail-mary for Okta manager 'shortnames' - will only work if
+                            // Okta configuration is using full email-address-style usernames
+                            $ldap_manager = [
+                                "count" => 1,
+                                0 => [
+                                    $ldap_result_username => [$item['manager']]
+                                ]
+                            ];
                        }
+
+                        if ($ldap_manager["count"] > 0) {
+
+                            // Get the Manager's username
+                            // PHP LDAP returns every LDAP attribute as an array, and 90% of the time it's an array of just one item. But, hey, it's an array.
+                            $ldapManagerUsername = $ldap_manager[0][$ldap_result_username][0];
+
+                            // Get User from Manager username.
+                            $ldap_manager = User::where('username', $ldapManagerUsername)->first();
+
+                            if ($ldap_manager && isset($ldap_manager->id)) {
+                                // Link user to manager id.
+                                $user->manager_id = $ldap_manager->id;
+                            }
+                        }
+                        $manager_cache[$item['manager']] = $ldap_manager && isset($ldap_manager->id)  ? $ldap_manager->id : null; // Store results in cache, even if 'failed'
+
                    }
                }

@@ -302,6 +336,7 @@ class LdapSync extends Command
                if ($user->save()) {
                    $item['note'] = $item['createorupdate'];
                    $item['status'] = 'success';
+
                } else {
                    foreach ($user->getErrors()->getMessages() as $key => $err) {
                        $errors .= $err[0];
@@ -12,6 +12,7 @@ use App\Models\Statuslabel;
 use Crypt;
 use Illuminate\Contracts\Encryption\DecryptException;
 use Image;
+use Carbon\Carbon;

 class Helper
 {
@@ -1125,5 +1126,25 @@ class Helper

        return $settings;
        }
+    public static function AgeFormat($date) {
+        $year = Carbon::parse($date)
+            ->diff(now())->y;
+        $month = Carbon::parse($date)
+            ->diff(now())->m;
+        $days = Carbon::parse($date)
+            ->diff(now())->d;
+        $age='';
+        if ($year) {
+            $age .= $year.'y ';
+        }
+        if ($month) {
+            $age .= $month.'m ';
+        }
+        if ($days) {
+            $age .= $days.'d';
+        }

+        return $age;
+
+    }
 }
@@ -0,0 +1,186 @@
+<?php
+
+namespace App\Http\Controllers\Accessories;
+
+use App\Helpers\StorageHelper;
+use App\Http\Controllers\Controller;
+use App\Http\Requests\AssetFileRequest;
+use App\Models\Actionlog;
+use App\Models\Accessory;
+use Illuminate\Support\Facades\Response;
+use Illuminate\Support\Facades\Storage;
+use Symfony\Accessory\HttpFoundation\JsonResponse;
+use enshrined\svgSanitize\Sanitizer;
+
+class AccessoriesFilesController extends Controller
+{
+    /**
+     * Validates and stores files associated with a accessory.
+     *
+     * @todo Switch to using the AssetFileRequest form request validator.
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @param AssetFileRequest $request
+     * @param int $accessoryId
+     * @return \Illuminate\Http\RedirectResponse
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function store(AssetFileRequest $request, $accessoryId = null)
+    {
+
+        if (config('app.lock_passwords')) {
+            return redirect()->route('accessories.show', ['accessory'=>$accessoryId])->with('error', trans('general.feature_disabled'));
+        }
+
+
+        $accessory = Accessory::find($accessoryId);
+
+        if (isset($accessory->id)) {
+            $this->authorize('accessories.files', $accessory);
+
+            if ($request->hasFile('file')) {
+                if (! Storage::exists('private_uploads/accessories')) {
+                    Storage::makeDirectory('private_uploads/accessories', 775);
+                }
+
+                foreach ($request->file('file') as $file) {
+
+                    $extension = $file->getClientOriginalExtension();
+                    $file_name = 'accessory-'.$accessory->id.'-'.str_random(8).'-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$extension;
+
+
+                    // Check for SVG and sanitize it
+                    if ($extension == 'svg') {
+                        \Log::debug('This is an SVG');
+                        \Log::debug($file_name);
+
+                        $sanitizer = new Sanitizer();
+                        $dirtySVG = file_get_contents($file->getRealPath());
+                        $cleanSVG = $sanitizer->sanitize($dirtySVG);
+
+                        try {
+                            Storage::put('private_uploads/accessories/'.$file_name, $cleanSVG);
+                        } catch (\Exception $e) {
+                            \Log::debug('Upload no workie :( ');
+                            \Log::debug($e);
+                        }
+
+                    } else {
+                        Storage::put('private_uploads/accessories/'.$file_name, file_get_contents($file));
+                    }
+
+                    //Log the upload to the log
+                    $accessory->logUpload($file_name, e($request->input('notes')));
+                }
+
+
+                return redirect()->route('accessories.show', $accessory->id)->with('success', trans('general.file_upload_success'));
+
+            }
+
+            return redirect()->route('accessories.show', $accessory->id)->with('error', trans('general.no_files_uploaded'));
+        }
+        // Prepare the error message
+        return redirect()->route('accessories.index')
+            ->with('error', trans('general.file_does_not_exist'));
+    }
+
+    /**
+     * Deletes the selected accessory file.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @param int $accessoryId
+     * @param int $fileId
+     * @return \Illuminate\Http\RedirectResponse
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function destroy($accessoryId = null, $fileId = null)
+    {
+        $accessory = Accessory::find($accessoryId);
+
+        // the asset is valid
+        if (isset($accessory->id)) {
+            $this->authorize('update', $accessory);
+            $log = Actionlog::find($fileId);
+
+            // Remove the file if one exists
+            if (Storage::exists('accessories/'.$log->filename)) {
+                try {
+                    Storage::delete('accessories/'.$log->filename);
+                } catch (\Exception $e) {
+                    \Log::debug($e);
+                }
+            }
+
+            $log->delete();
+
+            return redirect()->back()
+                ->with('success', trans('admin/hardware/message.deletefile.success'));
+        }
+
+        // Redirect to the licence management page
+        return redirect()->route('accessories.index')->with('error', trans('general.file_does_not_exist'));
+    }
+
+    /**
+     * Allows the selected file to be viewed.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.4]
+     * @param int $accessoryId
+     * @param int $fileId
+     * @return \Symfony\Accessory\HttpFoundation\Response
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function show($accessoryId = null, $fileId = null, $download = true)
+    {
+
+        \Log::debug('Private filesystem is: '.config('filesystems.default'));
+        $accessory = Accessory::find($accessoryId);
+
+
+
+        // the accessory is valid
+        if (isset($accessory->id)) {
+            $this->authorize('view', $accessory);
+            $this->authorize('accessories.files', $accessory);
+
+            if (! $log = Actionlog::find($fileId)) {
+                return response('No matching record for that asset/file', 500)
+                    ->header('Content-Type', 'text/plain');
+            }
+
+            $file = 'private_uploads/accessories/'.$log->filename;
+
+            if (Storage::missing($file)) {
+                \Log::debug('FILE DOES NOT EXISTS for '.$file);
+                \Log::debug('URL should be '.Storage::url($file));
+
+                return response('File '.$file.' ('.Storage::url($file).') not found on server', 404)
+                    ->header('Content-Type', 'text/plain');
+            } else {
+
+                // We have to override the URL stuff here, since local defaults in Laravel's Flysystem
+                // won't work, as they're not accessible via the web
+                if (config('filesystems.default') == 'local') { // TODO - is there any way to fix this at the StorageHelper layer?
+                    return StorageHelper::downloader($file);
+                } else {
+                    if ($download != 'true') {
+                        \Log::debug('display the file');
+                        if ($contents = file_get_contents(Storage::url($file))) { // TODO - this will fail on private S3 files or large public ones
+                            return Response::make(Storage::url($file)->header('Content-Type', mime_content_type($file)));
+                        }
+
+                        return JsonResponse::create(['error' => 'Failed validation: '], 500);
+                    }
+
+                    return StorageHelper::downloader($file);
+
+                }
+            }
+        }
+
+        return redirect()->route('accessories.index')->with('error', trans('general.file_does_not_exist', ['id' => $fileId]));
+    }
+}
@@ -120,7 +120,6 @@ class AssetsController extends Controller

        if ($filter_non_deprecable_assets) {
            $non_deprecable_models = AssetModel::select('id')->whereNotNull('depreciation_id')->get();
-
            $assets->InModelList($non_deprecable_models->toArray());
        }

@@ -141,6 +140,14 @@ class AssetsController extends Controller
            $assets->where('assets.status_id', '=', $request->input('status_id'));
        }

+        if ($request->filled('asset_tag')) {
+            $assets->where('assets.asset_tag', '=', $request->input('asset_tag'));
+        }
+
+        if ($request->filled('serial')) {
+            $assets->where('assets.serial', '=', $request->input('serial'));
+        }
+
        if ($request->input('requestable') == 'true') {
            $assets->where('assets.requestable', '=', '1');
        }
@@ -357,19 +364,28 @@ class AssetsController extends Controller
    /**
     * Returns JSON with information about an asset (by tag) for detail view.
     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param string $tag
     * @since [v4.2.1]
-     * @return JsonResponse
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @return \Illuminate\Http\JsonResponse
     */
    public function showByTag(Request $request, $tag)
    {
-        if ($asset = Asset::with('assetstatus')->with('assignedTo')->where('asset_tag', $tag)->first()) {
-            $this->authorize('view', $asset);
+        $this->authorize('index', Asset::class);
+        $assets = Asset::where('asset_tag', $tag)->with('assetstatus')->with('assignedTo');

-            return (new AssetsTransformer)->transformAsset($asset, $request);
+        // Check if they've passed ?deleted=true
+        if ($request->input('deleted', 'false') == 'true') {
+            $assets = $assets->withTrashed();
+        }
+
+        $assets = $assets->get();
+
+        if (($assets) && ($assets->count() > 0)) {
+            return (new AssetsTransformer)->transformAssets($assets, $assets->count());
+        } else {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 200);
        }
-        return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 200);

    }

@@ -379,28 +395,24 @@ class AssetsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param string $serial
     * @since [v4.2.1]
-     * @return JsonResponse
+     * @return \Illuminate\Http\JsonResponse
     */
    public function showBySerial(Request $request, $serial)
    {
        $this->authorize('index', Asset::class);
-        if ($assets = Asset::with('assetstatus')->with('assignedTo')
-            ->withTrashed()->where('serial', $serial)->get()) {
-                return (new AssetsTransformer)->transformAssets($assets, $assets->count());
-        }
-        return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 200);
+        $assets = Asset::where('serial', $serial)->with('assetstatus')->with('assignedTo');

-        $assets = Asset::with('assetstatus')->with('assignedTo');
-
-        if ($request->input('deleted', 'false') === 'true') {
+        // Check if they've passed ?deleted=true
+        if ($request->input('deleted', 'false') == 'true') {
            $assets = $assets->withTrashed();
-    }
+        }

-        $assets = $assets->where('serial', $serial)->get();
-        if ($assets) {
+        $assets = $assets->get();
+
+        if (($assets) && ($assets->count() > 0)) {
            return (new AssetsTransformer)->transformAssets($assets, $assets->count());
        } else {
-            return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 200);
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 200);
        }
    }

@@ -228,6 +228,7 @@ class ConsumablesController extends Controller

        foreach ($consumable->consumableAssignments as $consumable_assignment) {
            $rows[] = [
+                'avatar' => ($consumable_assignment->user) ? e($consumable_assignment->user->present()->gravatar) : '',
                'name' => ($consumable_assignment->user) ? $consumable_assignment->user->present()->nameUrl() : 'Deleted User',
                'created_at' => Helper::getFormattedDateObject($consumable_assignment->created_at, 'datetime'),
                'note' => ($consumable_assignment->note) ? e($consumable_assignment->note) : null,
@@ -96,7 +96,7 @@ class CustomFieldsController extends Controller
        $data = $request->all();
        $regex_format = null;

-        if (str_contains($data['format'], 'regex:')) {
+        if ((array_key_exists('format', $data)) && (str_contains($data['format'], 'regex:'))) {
            $regex_format = $data['format'];
        }

@@ -39,7 +39,7 @@ class LicenseSeatsController extends Controller
            }

            $total = $seats->count();
-            $offset = (($seats) && (request('offset') > $total)) ? 0 : request('offset', 0);
+            $offset = (($seats) && (request('offset') >= $total)) ? 0 : request('offset', 0);
            $limit = request('limit', 50);

            $seats = $seats->skip($offset)->take($limit)->get();
@@ -27,7 +27,7 @@ class LocationsController extends Controller
        $allowed_columns = [
            'id', 'name', 'address', 'address2', 'city', 'state', 'country', 'zip', 'created_at',
            'updated_at', 'manager_id', 'image',
-            'assigned_assets_count', 'users_count', 'assets_count', 'currency', 'ldap_ou', ];
+            'assigned_assets_count', 'users_count', 'assets_count','assigned_assets_count', 'assets_count', 'rtd_assets_count', 'currency', 'ldap_ou', ];

        $locations = Location::with('parent', 'manager', 'children')->select([
            'locations.id',
@@ -47,6 +47,7 @@ class LocationsController extends Controller
            'locations.currency',
        ])->withCount('assignedAssets as assigned_assets_count')
            ->withCount('assets as assets_count')
+            ->withCount('rtd_assets as rtd_assets_count')
            ->withCount('users as users_count');

        if ($request->filled('search')) {
@@ -157,7 +158,9 @@ class LocationsController extends Controller
            ])
            ->withCount('assignedAssets as assigned_assets_count')
            ->withCount('assets as assets_count')
-            ->withCount('users as users_count')->findOrFail($id);
+            ->withCount('rtd_assets as rtd_assets_count')
+            ->withCount('users as users_count')
+            ->findOrFail($id);

        return (new LocationsTransformer)->transformLocation($location);
    }
@@ -15,6 +15,7 @@ use App\Models\Asset;
 use App\Models\Company;
 use App\Models\License;
 use App\Models\User;
+use App\Notifications\CurrentInventory;
 use Auth;
 use Illuminate\Http\Request;
 use App\Http\Requests\ImageUploadRequest;
@@ -66,6 +67,8 @@ class UsersController extends Controller
            'users.zip',
            'users.remote',
            'users.ldap_import',
+            'users.start_date',
+            'users.end_date',

        ])->with('manager', 'groups', 'userloc', 'company', 'department', 'assets', 'licenses', 'accessories', 'consumables', 'createdBy',)
            ->withCount('assets as assets_count', 'licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count');
@@ -146,6 +149,15 @@ class UsersController extends Controller
            $users = $users->where('remote', '=', $request->input('remote'));
        }

+        if ($request->filled('start_date')) {
+            $users = $users->where('users.start_date', '=', $request->input('start_date'));
+        }
+
+        if ($request->filled('end_date')) {
+            $users = $users->where('users.end_date', '=', $request->input('end_date'));
+        }
+
+
        if ($request->filled('assets_count')) {
           $users->has('assets', '=', $request->input('assets_count'));
        }
@@ -200,7 +212,7 @@ class UsersController extends Controller
                        'assets', 'accessories', 'consumables', 'licenses', 'groups', 'activated', 'created_at',
                        'two_factor_enrolled', 'two_factor_optin', 'last_login', 'assets_count', 'licenses_count',
                        'consumables_count', 'accessories_count', 'phone', 'address', 'city', 'state',
-                        'country', 'zip', 'id', 'ldap_import', 'remote',
+                        'country', 'zip', 'id', 'ldap_import', 'remote', 'start_date', 'end_date',
                    ];

                $sort = in_array($request->get('sort'), $allowed_columns) ? $request->get('sort') : 'first_name';
@@ -479,6 +491,26 @@ class UsersController extends Controller
        return (new AssetsTransformer)->transformAssets($assets, $assets->count(), $request);
    }

+    /**
+     * Notify a specific user via email with all of their assigned assets.
+     *
+     * @author [Lukas Fehling] [<lukas.fehling@adabay.rocks>]
+     * @since [v6.0.13]
+     * @param Request $request
+     * @param $id
+     * @return string JSON
+     */
+    public function emailAssetList(Request $request, $id)
+    {
+        $user = User::findOrFail($id);
+
+        if (empty($user->email)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.inventorynotification.error')));
+        }
+ 
+        return response()->Helper::formatStandardApiResponse('success', null, trans('admin/users/message.inventorynotification.success'));
+ 
+    }

    /**
     * Return JSON containing a list of consumables assigned to a user.
@@ -62,7 +62,7 @@ class AssetModelsFilesController extends Controller
                $model->logUpload($file_name, e($request->get('notes')));
            }

-            return redirect()->back()->with('success', trans('admin/hardware/message.upload.success'));
+            return redirect()->back()->with('success', trans('general.file_upload_success'));
        }

        return redirect()->back()->with('error', trans('admin/hardware/message.upload.nofiles'));
@@ -33,7 +33,6 @@ class BulkAssetsController extends Controller

        if (! $request->filled('ids')) {
            return redirect()->back()->with('error', trans('admin/hardware/message.update.no_assets_selected'));
-
        }

        // Figure out where we need to send the user after the update is complete, and store that in the session
@@ -135,9 +135,7 @@ class LoginController extends Controller
        } else {

            // Better logging
-            if (!$saml->isEnabled()) {
-                \Log::debug("SAML page requested, but SAML does not seem to enabled.");
-            } else {
+            if (empty($samlData)) {
                \Log::debug("SAML page requested, but samlData seems empty.");
            }
        }
@@ -41,6 +41,7 @@ class ResetPasswordController extends Controller
    public function __construct()
    {
        $this->middleware('guest');
+        $this->middleware('throttle:10,1');
    }

    protected function rules()
@@ -116,7 +117,7 @@ class ResetPasswordController extends Controller
            }

            \Log::debug('Password reset for '.$user->username.' FAILED - this user exists but the token is not valid');
-            return redirect()->back()->withInput($request->only('email'))->with('error', trans('passwords.token'));
+            return redirect()->back()->withInput($request->only('email'))->with('success', trans('passwords.reset'));

        }

@@ -0,0 +1,180 @@
+<?php
+
+namespace App\Http\Controllers\Components;
+
+use App\Helpers\StorageHelper;
+use App\Http\Controllers\Controller;
+use App\Http\Requests\AssetFileRequest;
+use App\Models\Actionlog;
+use App\Models\Component;
+use Illuminate\Support\Facades\Response;
+use Illuminate\Support\Facades\Storage;
+use Symfony\Component\HttpFoundation\JsonResponse;
+use enshrined\svgSanitize\Sanitizer;
+
+class ComponentsFilesController extends Controller
+{
+    /**
+     * Validates and stores files associated with a component.
+     *
+     * @todo Switch to using the AssetFileRequest form request validator.
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @param AssetFileRequest $request
+     * @param int $componentId
+     * @return \Illuminate\Http\RedirectResponse
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function store(AssetFileRequest $request, $componentId = null)
+    {
+
+        if (config('app.lock_passwords')) {
+            return redirect()->route('components.show', ['component'=>$componentId])->with('error', trans('general.feature_disabled'));
+        }
+
+        $component = Component::find($componentId);
+
+        if (isset($component->id)) {
+            $this->authorize('update', $component);
+
+            if ($request->hasFile('file')) {
+                if (! Storage::exists('private_uploads/components')) {
+                    Storage::makeDirectory('private_uploads/components', 775);
+                }
+
+                foreach ($request->file('file') as $file) {
+
+                    $extension = $file->getClientOriginalExtension();
+                    $file_name = 'component-'.$component->id.'-'.str_random(8).'-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$extension;
+
+
+                    // Check for SVG and sanitize it
+                    if ($extension == 'svg') {
+                        \Log::debug('This is an SVG');
+                        \Log::debug($file_name);
+
+                        $sanitizer = new Sanitizer();
+                        $dirtySVG = file_get_contents($file->getRealPath());
+                        $cleanSVG = $sanitizer->sanitize($dirtySVG);
+
+                        try {
+                            Storage::put('private_uploads/components/'.$file_name, $cleanSVG);
+                        } catch (\Exception $e) {
+                            \Log::debug('Upload no workie :( ');
+                            \Log::debug($e);
+                        }
+
+                    } else {
+                        Storage::put('private_uploads/components/'.$file_name, file_get_contents($file));
+                    }
+
+                    //Log the upload to the log
+                    $component->logUpload($file_name, e($request->input('notes')));
+                }
+
+
+                return redirect()->route('components.show', $component->id)->with('success', trans('general.file_upload_success'));
+
+            }
+
+            return redirect()->route('components.show', $component->id)->with('error', trans('general.no_files_uploaded'));
+        }
+        // Prepare the error message
+        return redirect()->route('components.index')
+            ->with('error', trans('general.file_does_not_exist'));
+    }
+
+    /**
+     * Deletes the selected component file.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @param int $componentId
+     * @param int $fileId
+     * @return \Illuminate\Http\RedirectResponse
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function destroy($componentId = null, $fileId = null)
+    {
+        $component = Component::find($componentId);
+
+        // the asset is valid
+        if (isset($component->id)) {
+            $this->authorize('update', $component);
+            $log = Actionlog::find($fileId);
+
+            // Remove the file if one exists
+            if (Storage::exists('components/'.$log->filename)) {
+                try {
+                    Storage::delete('components/'.$log->filename);
+                } catch (\Exception $e) {
+                    \Log::debug($e);
+                }
+            }
+
+            $log->delete();
+
+            return redirect()->back()
+                ->with('success', trans('admin/hardware/message.deletefile.success'));
+        }
+
+        // Redirect to the licence management page
+        return redirect()->route('components.index')->with('error', trans('general.file_does_not_exist'));
+    }
+
+    /**
+     * Allows the selected file to be viewed.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.4]
+     * @param int $componentId
+     * @param int $fileId
+     * @return \Symfony\Component\HttpFoundation\Response
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function show($componentId = null, $fileId = null, $download = true)
+    {
+        \Log::debug('Private filesystem is: '.config('filesystems.default'));
+        $component = Component::find($componentId);
+
+        // the component is valid
+        if (isset($component->id)) {
+            $this->authorize('view', $component);
+            $this->authorize('components.files', $component);
+
+            if (! $log = Actionlog::find($fileId)) {
+                return response('No matching record for that asset/file', 500)
+                    ->header('Content-Type', 'text/plain');
+            }
+
+            $file = 'private_uploads/components/'.$log->filename;
+
+            if (Storage::missing($file)) {
+                \Log::debug('FILE DOES NOT EXISTS for '.$file);
+                \Log::debug('URL should be '.Storage::url($file));
+
+                return response('File '.$file.' ('.Storage::url($file).') not found on server', 404)
+                    ->header('Content-Type', 'text/plain');
+            } else {
+
+                if (config('filesystems.default') == 'local') { // TODO - is there any way to fix this at the StorageHelper layer?
+                    return StorageHelper::downloader($file);
+                } else {
+                    if ($download != 'true') {
+                        \Log::debug('display the file');
+                        if ($contents = file_get_contents(Storage::url($file))) { // TODO - this will fail on private S3 files or large public ones
+                            return Response::make(Storage::url($file)->header('Content-Type', mime_content_type($file)));
+                        }
+
+                        return JsonResponse::create(['error' => 'Failed validation: '], 500);
+                    }
+
+                    return StorageHelper::downloader($file);
+
+                }
+            }
+        }
+
+        return redirect()->route('components.index')->with('error', trans('general.file_does_not_exist', ['id' => $fileId]));
+    }
+}
@@ -0,0 +1,180 @@
+<?php
+
+namespace App\Http\Controllers\Consumables;
+
+use App\Helpers\StorageHelper;
+use App\Http\Controllers\Controller;
+use App\Http\Requests\AssetFileRequest;
+use App\Models\Actionlog;
+use App\Models\Consumable;
+use Illuminate\Support\Facades\Response;
+use Illuminate\Support\Facades\Storage;
+use Symfony\Consumable\HttpFoundation\JsonResponse;
+use enshrined\svgSanitize\Sanitizer;
+
+class ConsumablesFilesController extends Controller
+{
+    /**
+     * Validates and stores files associated with a consumable.
+     *
+     * @todo Switch to using the AssetFileRequest form request validator.
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @param AssetFileRequest $request
+     * @param int $consumableId
+     * @return \Illuminate\Http\RedirectResponse
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function store(AssetFileRequest $request, $consumableId = null)
+    {
+        if (config('app.lock_passwords')) {
+            return redirect()->route('consumables.show', ['consumable'=>$consumableId])->with('error', trans('general.feature_disabled'));
+        }
+
+        $consumable = Consumable::find($consumableId);
+
+        if (isset($consumable->id)) {
+            $this->authorize('update', $consumable);
+
+            if ($request->hasFile('file')) {
+                if (! Storage::exists('private_uploads/consumables')) {
+                    Storage::makeDirectory('private_uploads/consumables', 775);
+                }
+
+                foreach ($request->file('file') as $file) {
+
+                    $extension = $file->getClientOriginalExtension();
+                    $file_name = 'consumable-'.$consumable->id.'-'.str_random(8).'-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$extension;
+
+
+                    // Check for SVG and sanitize it
+                    if ($extension == 'svg') {
+                        \Log::debug('This is an SVG');
+                        \Log::debug($file_name);
+
+                        $sanitizer = new Sanitizer();
+                        $dirtySVG = file_get_contents($file->getRealPath());
+                        $cleanSVG = $sanitizer->sanitize($dirtySVG);
+
+                        try {
+                            Storage::put('private_uploads/consumables/'.$file_name, $cleanSVG);
+                        } catch (\Exception $e) {
+                            \Log::debug('Upload no workie :( ');
+                            \Log::debug($e);
+                        }
+
+                    } else {
+                        Storage::put('private_uploads/consumables/'.$file_name, file_get_contents($file));
+                    }
+
+                    //Log the upload to the log
+                    $consumable->logUpload($file_name, e($request->input('notes')));
+                }
+
+
+                return redirect()->route('consumables.show', $consumable->id)->with('success', trans('general.file_upload_success'));
+
+            }
+
+            return redirect()->route('consumables.show', $consumable->id)->with('error', trans('general.no_files_uploaded'));
+        }
+        // Prepare the error message
+        return redirect()->route('consumables.index')
+            ->with('error', trans('general.file_does_not_exist'));
+    }
+
+    /**
+     * Deletes the selected consumable file.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @param int $consumableId
+     * @param int $fileId
+     * @return \Illuminate\Http\RedirectResponse
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function destroy($consumableId = null, $fileId = null)
+    {
+        $consumable = Consumable::find($consumableId);
+
+        // the asset is valid
+        if (isset($consumable->id)) {
+            $this->authorize('update', $consumable);
+            $log = Actionlog::find($fileId);
+
+            // Remove the file if one exists
+            if (Storage::exists('consumables/'.$log->filename)) {
+                try {
+                    Storage::delete('consumables/'.$log->filename);
+                } catch (\Exception $e) {
+                    \Log::debug($e);
+                }
+            }
+
+            $log->delete();
+
+            return redirect()->back()
+                ->with('success', trans('admin/hardware/message.deletefile.success'));
+        }
+
+        // Redirect to the licence management page
+        return redirect()->route('consumables.index')->with('error', trans('general.file_does_not_exist'));
+    }
+
+    /**
+     * Allows the selected file to be viewed.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.4]
+     * @param int $consumableId
+     * @param int $fileId
+     * @return \Symfony\Consumable\HttpFoundation\Response
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function show($consumableId = null, $fileId = null, $download = true)
+    {
+        $consumable = Consumable::find($consumableId);
+
+        // the consumable is valid
+        if (isset($consumable->id)) {
+            $this->authorize('view', $consumable);
+            $this->authorize('consumables.files', $consumable);
+
+            if (! $log = Actionlog::find($fileId)) {
+                return response('No matching record for that asset/file', 500)
+                    ->header('Content-Type', 'text/plain');
+            }
+
+            $file = 'private_uploads/consumables/'.$log->filename;
+
+            if (Storage::missing($file)) {
+                \Log::debug('FILE DOES NOT EXISTS for '.$file);
+                \Log::debug('URL should be '.Storage::url($file));
+
+                return response('File '.$file.' ('.Storage::url($file).') not found on server', 404)
+                    ->header('Content-Type', 'text/plain');
+            } else {
+
+                // We have to override the URL stuff here, since local defaults in Laravel's Flysystem
+                // won't work, as they're not accessible via the web
+                if (config('filesystems.default') == 'local') { // TODO - is there any way to fix this at the StorageHelper layer?
+                    return StorageHelper::downloader($file);
+                } else {
+                    if ($download != 'true') {
+                        \Log::debug('display the file');
+                        if ($contents = file_get_contents(Storage::url($file))) { // TODO - this will fail on private S3 files or large public ones
+                            return Response::make(Storage::url($file)->header('Content-Type', mime_content_type($file)));
+                        }
+
+                        return JsonResponse::create(['error' => 'Failed validation: '], 500);
+                    }
+
+                    return StorageHelper::downloader($file);
+
+                }
+            }
+        }
+
+        return redirect()->route('consumables.index')->with('error', trans('general.file_does_not_exist', ['id' => $fileId]));
+    }
+}
@@ -86,14 +86,24 @@ class CustomFieldsController extends Controller
    {
        $this->authorize('create', CustomField::class);

+        $show_in_email = $request->get("show_in_email", 0);
+        $display_in_user_view = $request->get("display_in_user_view", 0);
+
+        // Override the display settings if the field is encrypted
+        if ($request->get("field_encrypted") == '1') {
+            $show_in_email = '0';
+            $display_in_user_view = '0';
+        }
+
        $field = new CustomField([
            "name" => trim($request->get("name")),
            "element" => $request->get("element"),
            "help_text" => $request->get("help_text"),
            "field_values" => $request->get("field_values"),
            "field_encrypted" => $request->get("field_encrypted", 0),
-            "show_in_email" => $request->get("show_in_email", 0),
+            "show_in_email" => $show_in_email,
            "is_unique" => $request->get("is_unique", 0),
+            "display_in_user_view" => $display_in_user_view,
            "user_id" => Auth::id()
        ]);

@@ -221,13 +231,24 @@ class CustomFieldsController extends Controller

        $this->authorize('update', $field);

+
+        $show_in_email = $request->get("show_in_email", 0);
+        $display_in_user_view = $request->get("display_in_user_view", 0);
+
+        // Override the display settings if the field is encrypted
+        if ($request->get("field_encrypted") == '1') {
+            $show_in_email = '0';
+            $display_in_user_view = '0';
+        }
+        
        $field->name          = trim(e($request->get("name")));
        $field->element       = e($request->get("element"));
        $field->field_values  = e($request->get("field_values"));
        $field->user_id       = Auth::id();
        $field->help_text     = $request->get("help_text");
-        $field->show_in_email = $request->get("show_in_email", 0);
+        $field->show_in_email = $show_in_email;
        $field->is_unique     = $request->get("is_unique", 0);
+        $field->display_in_user_view = $display_in_user_view;

        if ($request->get('format') == 'CUSTOM REGEX') {
            $field->format = e($request->get('custom_format'));
@@ -34,7 +34,7 @@ class DashboardController extends Controller
            $counts['license'] = \App\Models\License::assetcount();
            $counts['consumable'] = \App\Models\Consumable::count();
            $counts['component'] = \App\Models\Component::count();
-            $counts['user'] = \App\Models\User::count();
+            $counts['user'] = \App\Models\Company::scopeCompanyables(Auth::user())->count();
            $counts['grand_total'] = $counts['asset'] + $counts['accessory'] + $counts['license'] + $counts['consumable'];

            if ((! file_exists(storage_path().'/oauth-private.key')) || (! file_exists(storage_path().'/oauth-public.key'))) {
@@ -164,7 +164,7 @@ class ProfileController extends Controller
        $validator = \Validator::make($request->all(), $rules);
        $validator->after(function ($validator) use ($request, $user) {
            if (! Hash::check($request->input('current_password'), $user->password)) {
-                $validator->errors()->add('current_password', trans('validation.hashed_pass'));
+                $validator->errors()->add('current_password', trans('validation.custom.hashed_pass'));
            }

            // This checks to make sure that the user's password isn't the same as their username,
@@ -1110,13 +1110,19 @@ class ReportsController extends Controller
        $rows[] = implode(',', $header);

        foreach ($assetsForReport as $item) {
-            $row    = [ ];
-            $row[]  = str_replace(',', '', e($item['assetItem']->model->category->name));
-            $row[]  = str_replace(',', '', e($item['assetItem']->model->name));
-            $row[]  = str_replace(',', '', e($item['assetItem']->name));
-            $row[]  = str_replace(',', '', e($item['assetItem']->asset_tag));
-            $row[]  = str_replace(',', '', e(($item['acceptance']->assignedTo) ? $item['acceptance']->assignedTo->present()->name() : trans('admin/reports/general.deleted_user')));
-            $rows[] = implode(',', $row);
+
+            if ($item['assetItem'] != null){
+            
+                $row    = [ ];
+                $row[]  = str_replace(',', '', e($item['assetItem']->model->category->name));
+                $row[]  = str_replace(',', '', e($item['assetItem']->model->name));
+                $row[]  = str_replace(',', '', e($item['assetItem']->name));
+                $row[]  = str_replace(',', '', e($item['assetItem']->asset_tag));
+                $row[]  = str_replace(',', '', e(($item['acceptance']->assignedTo) ? $item['acceptance']->assignedTo->present()->name() : trans('admin/reports/general.deleted_user')));
+                $rows[] = implode(',', $row);
+            } else {
+                // Log the error maybe?
+            }
        }

        // spit out a csv
@@ -7,6 +7,7 @@ use App\Helpers\StorageHelper;
 use App\Http\Requests\ImageUploadRequest;
 use App\Http\Requests\SettingsSamlRequest;
 use App\Http\Requests\SetupUserRequest;
+use App\Models\Group;
 use App\Models\Setting;
 use App\Models\Asset;
 use App\Models\User;
@@ -911,6 +912,8 @@ class SettingsController extends Controller
    public function getLdapSettings()
    {
        $setting = Setting::getSettings();
+        $groups = Group::pluck('name', 'id');
+

        /**
         * This validator is only temporary (famous last words.) - @snipe
@@ -923,13 +926,13 @@ class SettingsController extends Controller

        $validator = Validator::make($setting->toArray(), [
            'ldap_username_field' => 'not_in:sAMAccountName',
-            'ldap_auth_filter_query' => 'not_in:uid=samaccountname',
-            'ldap_filter' => 'regex:"^[^(]"',
+            'ldap_auth_filter_query' => 'not_in:uid=samaccountname|required_if:ldap_enabled,1',
+            'ldap_filter' => 'nullable|regex:"^[^(]"|required_if:ldap_enabled,1',
        ],  $messages);



-        return view('settings.ldap', compact('setting'))->withErrors($validator);
+        return view('settings.ldap', compact('setting', 'groups'))->withErrors($validator);
    }

    /**
@@ -956,6 +959,7 @@ class SettingsController extends Controller
                $setting->ldap_pword = Crypt::encrypt($request->input('ldap_pword'));
            }
            $setting->ldap_basedn = $request->input('ldap_basedn');
+            $setting->ldap_default_group = $request->input('ldap_default_group');
            $setting->ldap_filter = $request->input('ldap_filter');
            $setting->ldap_username_field = $request->input('ldap_username_field');
            $setting->ldap_lname_field = $request->input('ldap_lname_field');
@@ -197,6 +197,7 @@ class BulkUsersController extends Controller
            'status_id'     => e(request('status_id')),
            'assigned_to'   => null,
            'assigned_type' => null,
+            'expected_checkin' => null,
        ]);


@@ -234,10 +235,10 @@ class BulkUsersController extends Controller
            $item_id = $item->id;
            $logAction = new Actionlog();

-            if($itemType == License::class){
+            if ($itemType == License::class){
                $item_id = $item->license_id;
            }
-
+            
            $logAction->item_id = $item_id;
            // We can't rely on get_class here because the licenses/accessories fetched above are not eloquent models, but simply arrays.
            $logAction->item_type = $itemType;
@@ -119,6 +119,8 @@ class UsersController extends Controller
        $user->remote = $request->input('remote', 0);
        $user->website = $request->input('website', null);
        $user->created_by = Auth::user()->id;
+        $user->start_date = $request->input('start_date', null);
+        $user->end_date = $request->input('end_date', null);

        // Strip out the superuser permission if the user isn't a superadmin
        $permissions_array = $request->input('permission');
@@ -270,6 +272,8 @@ class UsersController extends Controller
        $user->zip = $request->input('zip', null);
        $user->remote = $request->input('remote', 0);
        $user->website = $request->input('website', null);
+        $user->start_date = $request->input('start_date', null);
+        $user->end_date = $request->input('end_date', null);

        // Update the location of any assets checked out to this user
        Asset::where('assigned_type', User::class)
@@ -8,6 +8,7 @@ use App\Models\AssetModel;
 use App\Models\Company;
 use App\Models\Setting;
 use App\Models\User;
+use App\Models\CustomField;
 use App\Notifications\RequestAssetCancelation;
 use App\Notifications\RequestAssetNotification;
 use Illuminate\Http\Request;
@@ -29,23 +30,41 @@ class ViewAssetsController extends Controller
    public function getIndex()
    {
        $user = User::with(
+            'assets',
            'assets.model',
+            'assets.model.fieldset.fields',
            'consumables',
            'accessories',
            'licenses',
-            'userloc',
-            'userlog'
-        )->withTrashed()->find(Auth::user()->id);
+        )->find(Auth::user()->id);

-        $userlog = $user->userlog->load('item', 'user', 'target');
+        $field_array = array();
+
+        // Loop through all the custom fields that are applied to any model the user has assigned
+        foreach ($user->assets as $asset) {
+
+            // Make sure the model has a custom fieldset before trying to loop through the associated fields
+            if ($asset->model->fieldset) {
+
+                foreach ($asset->model->fieldset->fields as $field) {
+                    // check and make sure they're allowed to see the value of the custom field
+                    if ($field->display_in_user_view == '1') {
+                        $field_array[$field->db_column] = $field->name;
+                    }
+                    
+                }
+            }
+
+        }
+
+        // Since some models may re-use the same fieldsets/fields, let's make the array unique so we don't repeat columns
+        array_unique($field_array);

        if (isset($user->id)) {
-            return view('account/view-assets', compact('user', 'userlog'))
+            return view('account/view-assets', compact('user', 'field_array' ))
                ->with('settings', Setting::getSettings());
-        } else {
-            // Redirect to the user management page
-            return redirect()->route('users.index')->with('error', trans('admin/users/message.user_not_found', compact('id')));
        }
+
        // Redirect to the user management page
        return redirect()->route('users.index')
            ->with('error', trans('admin/users/message.user_not_found', $user->id));
@@ -85,6 +85,7 @@ class ActionlogsTransformer
                'id' => (int) $actionlog->item->id,
                'name' => ($actionlog->itemType()=='user') ? e($actionlog->item->getFullNameAttribute()) : e($actionlog->item->getDisplayNameAttribute()),
                'type' => e($actionlog->itemType()),
+                'serial' =>e($actionlog->item->serial) ? e($actionlog->item->serial) : null
            ] : null,
            'location' => ($actionlog->location) ? [
                'id' => (int) $actionlog->location->id,
@@ -8,6 +8,7 @@ use App\Models\Setting;
 use Gate;
 use Illuminate\Database\Eloquent\Collection;

+
 class AssetsTransformer
 {
    public function transformAssets(Collection $assets, $total)
@@ -80,6 +81,7 @@ class AssetsTransformer
            'next_audit_date' => Helper::getFormattedDateObject($asset->next_audit_date, 'date'),
            'deleted_at' => Helper::getFormattedDateObject($asset->deleted_at, 'datetime'),
            'purchase_date' => Helper::getFormattedDateObject($asset->purchase_date, 'date'),
+            'age' => $asset->purchase_date ? Helper::AgeFormat($asset->purchase_date) : '',
            'last_checkout' => Helper::getFormattedDateObject($asset->last_checkout, 'datetime'),
            'expected_checkin' => Helper::getFormattedDateObject($asset->expected_checkin, 'date'),
            'purchase_cost' => Helper::formatCurrencyOutput($asset->purchase_cost),
@@ -131,7 +133,7 @@ class AssetsTransformer
                $array['custom_fields'] = $fields_array;
            }
        } else {
-            $array['custom_fields'] = [];
+            $array['custom_fields'] = new \stdClass; // HACK to force generation of empty object instead of empty list
        }

        $permissions_array['available_actions'] = [
@@ -185,6 +187,7 @@ class AssetsTransformer
                    'name' => e($asset->assigned->getFullNameAttribute()),
                    'first_name'=> e($asset->assigned->first_name),
                    'last_name'=> ($asset->assigned->last_name) ? e($asset->assigned->last_name) : null,
+                    'email'=> ($asset->assigned->email) ? e($asset->assigned->email) : null,
                    'employee_number' =>  ($asset->assigned->employee_num) ? e($asset->assigned->employee_num) : null,
                    'type' => 'user',
                ] : null;
@@ -47,6 +47,7 @@ class CustomFieldsTransformer
            'field_values_array'   => ($field->field_values) ? explode("\r\n", e($field->field_values)) : null,
            'type'   =>  e($field->element),
            'required'   =>  (($field->pivot) && ($field->pivot->required=='1')) ? true : false,
+            'display_in_user_view' =>  ($field->display_in_user_view =='1') ? true : false,
            'created_at' => Helper::getFormattedDateObject($field->created_at, 'datetime'),
            'updated_at' => Helper::getFormattedDateObject($field->updated_at, 'datetime'),
        ];
@@ -45,6 +45,7 @@ class LocationsTransformer
                'zip' => ($location->zip) ? e($location->zip) : null,
                'assigned_assets_count' => (int) $location->assigned_assets_count,
                'assets_count'    => (int) $location->assets_count,
+                'rtd_assets_count'    => (int) $location->rtd_assets_count,
                'users_count'    => (int) $location->users_count,
                'currency' =>  ($location->currency) ? e($location->currency) : null,
                'ldap_ou' =>  ($location->ldap_ou) ? e($location->ldap_ou) : null,
@@ -30,7 +30,7 @@ class UsersTransformer
                'username' => e($user->username),
                'remote' => ($user->remote == '1') ? true : false,
                'locale' => ($user->locale) ? e($user->locale) : null,
-                'employee_num' => e($user->employee_num),
+                'employee_num' => ($user->employee_num) ? e($user->employee_num) : null,
                'manager' => ($user->manager) ? [
                    'id' => (int) $user->manager->id,
                    'name'=> e($user->manager->first_name).' '.e($user->manager->last_name),
@@ -43,7 +43,7 @@ class UsersTransformer
                'state' => ($user->state) ? e($user->state) : null,
                'country' => ($user->country) ? e($user->country) : null,
                'zip' => ($user->zip) ? e($user->zip) : null,
-                'email' => e($user->email),
+                'email' => ($user->email) ? e($user->email) : null,
                'department' => ($user->department) ? [
                    'id' => (int) $user->department->id,
                    'name'=> e($user->department->name),
@@ -69,6 +69,8 @@ class UsersTransformer
                ] : null,
                'created_at' => Helper::getFormattedDateObject($user->created_at, 'datetime'),
                'updated_at' => Helper::getFormattedDateObject($user->updated_at, 'datetime'),
+                'start_date' => Helper::getFormattedDateObject($user->start_date, 'date'),
+                'end_date' => Helper::getFormattedDateObject($user->end_date, 'date'),
                'last_login' => Helper::getFormattedDateObject($user->last_login, 'datetime'),
                'deleted_at' => ($user->deleted_at) ? Helper::getFormattedDateObject($user->deleted_at, 'datetime') : null,
            ];
@@ -77,6 +77,7 @@ abstract class Importer
        'manager_first_name' => 'manager first name',
        'manager_last_name' => 'manager last name',
        'min_amt' => 'minimum quantity',
+        'remote' => 'remote',
    ];
    /**
     * Map of item fields->csv names
@@ -288,6 +289,7 @@ abstract class Importer
            'department_id' =>  '',
            'username'  => $this->findCsvMatch($row, 'username'),
            'activated'  => $this->fetchHumanBoolean($this->findCsvMatch($row, 'activated')),
+            'remote'    => $this->fetchHumanBoolean(($this->findCsvMatch($row, 'remote'))),
        ];

        // Maybe we're lucky and the user already exists.
@@ -57,6 +57,7 @@ class UserImporter extends ItemImporter
        $this->item['employee_num'] = $this->findCsvMatch($row, 'employee_num');
        $this->item['department_id'] = $this->createOrFetchDepartment($this->findCsvMatch($row, 'department'));
        $this->item['manager_id'] = $this->fetchManager($this->findCsvMatch($row, 'manager_first_name'), $this->findCsvMatch($row, 'manager_last_name'));
+        $this->item['remote'] =($this->fetchHumanBoolean($this->findCsvMatch($row, 'remote')) ==1 ) ? '1' : 0;

        $user_department = $this->findCsvMatch($row, 'department');
        if ($this->shouldUpdateField($user_department)) {
@@ -20,6 +20,8 @@ use App\Notifications\CheckoutConsumableNotification;
 use App\Notifications\CheckoutLicenseNotification;
 use App\Notifications\CheckoutLicenseSeatNotification;
 use Illuminate\Support\Facades\Notification;
+use Exception;
+use Log;

 class CheckoutableListener
 {
@@ -43,16 +45,20 @@ class CheckoutableListener
         */
        $acceptance = $this->getCheckoutAcceptance($event);       

-        if (! $event->checkedOutTo->locale) {
-            Notification::locale(Setting::getSettings()->locale)->send(
-                $this->getNotifiables($event), 
-                $this->getCheckoutNotification($event, $acceptance)
-            );
-        } else {
-            Notification::send(
-                $this->getNotifiables($event), 
-                $this->getCheckoutNotification($event, $acceptance)
-            );
+        try {
+            if (! $event->checkedOutTo->locale) {
+                Notification::locale(Setting::getSettings()->locale)->send(
+                    $this->getNotifiables($event),
+                    $this->getCheckoutNotification($event, $acceptance)
+                );
+            } else {
+                Notification::send(
+                    $this->getNotifiables($event),
+                    $this->getCheckoutNotification($event, $acceptance)
+                );
+            }
+        } catch (Exception $e) {
+            Log::error("Exception caught during checkout notification: ".$e->getMessage());
        }
    }

@@ -83,17 +89,21 @@ class CheckoutableListener
            }
        }

-        // Use default locale
-        if (! $event->checkedOutTo->locale) {
-            Notification::locale(Setting::getSettings()->locale)->send(
-                $this->getNotifiables($event),
-                $this->getCheckinNotification($event)
-            );
-        } else {
-            Notification::send(
-                $this->getNotifiables($event),
-                $this->getCheckinNotification($event)
-            );
+        try {
+            // Use default locale
+            if (! $event->checkedOutTo->locale) {
+                Notification::locale(Setting::getSettings()->locale)->send(
+                    $this->getNotifiables($event),
+                    $this->getCheckinNotification($event)
+                );
+            } else {
+                Notification::send(
+                    $this->getNotifiables($event),
+                    $this->getCheckinNotification($event)
+                );
+            }
+        } catch (Exception $e) {
+            Log::error("Exception caught during checkin notification: ".$e->getMessage());
        }
    }      

@@ -101,6 +101,23 @@ class Accessory extends SnipeModel



+    /**
+     * Establishes the accessories -> action logs -> uploads relationship
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v6.1.13]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
+    public function uploads()
+    {
+        return $this->hasMany(\App\Models\Actionlog::class, 'item_id')
+            ->where('item_type', '=', self::class)
+            ->where('action_type', '=', 'uploaded')
+            ->whereNotNull('filename')
+            ->orderBy('created_at', 'desc');
+    }
+
+
    /**
     * Establishes the accessory -> supplier relationship
     *
@@ -21,7 +21,7 @@ class CheckoutAcceptance extends Model
    {
        // At this point the endpoint is the same for everything.
        //  In the future this may want to be adapted for individual notifications.
-        return config('mail.reply_to.address');
+        return (config('mail.reply_to.address')) ? config('mail.reply_to.address') : '' ;
    }

    /**
@@ -73,6 +73,10 @@ final class Company extends SnipeModel
        }
    }

+    /**
+     * Scoping table queries, determining if a logged in user is part of a company, and only allows
+     * that user to see items associated with that company
+     */
    private static function scopeCompanyablesDirectly($query, $column = 'company_id', $table_name = null)
    {
        if (Auth::user()) {
@@ -127,6 +131,11 @@ final class Company extends SnipeModel
            return false;
        } elseif (! static::isFullMultipleCompanySupportEnabled()) {
            return true;
+        } elseif (!$companyable instanceof Company && !\Schema::hasColumn($companyable->getModel()->getTable(), 'company_id')) {
+            // This is primary for the gate:allows-check in location->isDeletable()
+            // Locations don't have a company_id so without this it isn't possible to delete locations with FullMultipleCompanySupport enabled
+            // because this function is called by SnipePermissionsPolicy->before()
+            return true;
        } else {
            if (Auth::user()) {
                $current_user_company_id = Auth::user()->company_id;
@@ -88,6 +88,24 @@ class Component extends SnipeModel
        'location'     => ['name'],
    ];

+
+    /**
+     * Establishes the components -> action logs -> uploads relationship
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v6.1.13]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
+    public function uploads()
+    {
+        return $this->hasMany(\App\Models\Actionlog::class, 'item_id')
+            ->where('item_type', '=', self::class)
+            ->where('action_type', '=', 'uploaded')
+            ->whereNotNull('filename')
+            ->orderBy('created_at', 'desc');
+    }
+
+
    /**
     * Establishes the component -> location relationship
     *
@@ -96,6 +96,24 @@ class Consumable extends SnipeModel
        'manufacturer' => ['name'],
    ];

+
+    /**
+     * Establishes the components -> action logs -> uploads relationship
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v6.1.13]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
+    public function uploads()
+    {
+        return $this->hasMany(\App\Models\Actionlog::class, 'item_id')
+            ->where('item_type', '=', self::class)
+            ->where('action_type', '=', 'uploaded')
+            ->whereNotNull('filename')
+            ->orderBy('created_at', 'desc');
+    }
+
+
    /**
     * Sets the attribute of whether or not the consumable is requestable
     *
@@ -48,7 +48,11 @@ class CustomField extends Model
     *
     * @var array
     */
-    protected $rules = [];
+    protected $rules = [
+        'name' => 'required|unique:custom_fields',
+        'element' => 'required|in:text,listbox,textarea,checkbox,radio',
+        'field_encrypted' => 'nullable|boolean',
+    ];

    /**
     * The attributes that are mass assignable.
@@ -64,6 +68,7 @@ class CustomField extends Model
        'help_text',
        'show_in_email',
        'is_unique',
+        'display_in_user_view',
    ];

    /**
@@ -356,15 +361,9 @@ class CustomField extends Model
    public function validationRules($regex_format = null)
    {
        return [
-            'name' => 'required|unique:custom_fields',
-            'element' => [
-                'required',
-                Rule::in(['text', 'listbox',  'textarea', 'checkbox', 'radio']),
-            ],
            'format' => [
                Rule::in(array_merge(array_keys(self::PREDEFINED_FORMATS), self::PREDEFINED_FORMATS, [$regex_format])),
-            ],
-            'field_encrypted' => 'nullable|boolean',
+            ]
        ];
    }

@@ -69,14 +69,14 @@ class Depreciable extends SnipeModel
    public function getLinearDepreciatedValue() // TODO - for testing it might be nice to have an optional $relative_to param here, defaulted to 'now'
    {
        if ($this->purchase_date) {
-            $months_passed = $this->purchase_date->diff(now())->m;
+            $months_passed = ($this->purchase_date->diff(now())->m)+($this->purchase_date->diff(now())->y*12);
        } else {
            return null;
        }

        if ($months_passed >= $this->get_depreciation()->months){
            //if there is a floor use it
-            if($this->get_depreciation()->deprecation_min->isNotEmpty()) {
+            if(!$this->get_depreciation()->depreciation_min == null) {

                $current_value = $this->get_depreciation()->depreciation_min;

@@ -90,6 +90,14 @@ class Location extends SnipeModel
      'parent' => ['name'],
    ];

+
+    /**
+     * Determine whether or not this location can be deleted
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v3.0]
+     * @return bool
+     */
    public function isDeletable()
    {
        return Gate::allows('delete', $this)
@@ -98,12 +106,25 @@ class Location extends SnipeModel
                && ($this->users()->count() === 0);
    }

+    /**
+     * Establishes the user -> location relationship
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v3.0]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
    public function users()
    {
        return $this->hasMany(\App\Models\User::class, 'location_id');
    }

-
+    /**
+     * Find assets with this location as their location_id
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v3.0]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
    public function assets()
    {
        return $this->hasMany(\App\Models\Asset::class, 'location_id')
@@ -114,6 +135,14 @@ class Location extends SnipeModel
            });
    }

+
+    /**
+     * Establishes the  asset -> rtd_location relationship
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v3.0]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
    public function rtd_assets()
    {
        /* This used to have an ...->orHas() clause that referred to
@@ -123,48 +152,93 @@ class Location extends SnipeModel
           It is arguable that we should have a '...->whereNull('assigned_to')
           bit in there, but that isn't always correct either (in the case
           where a user has no location, for example).
-
-           In all likelyhood, we need to denorm an "effective_location" column
-           into Assets to make this slightly less miserable.
        */
        return $this->hasMany(\App\Models\Asset::class, 'rtd_location_id');
    }

+    /**
+     * Establishes the consumable -> location relationship
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v3.0]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
    public function consumables()
    {
        return $this->hasMany(\App\Models\Consumable::class, 'location_id');
    }

+    /**
+     * Establishes the component -> location relationship
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v3.0]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
    public function components()
    {
        return $this->hasMany(\App\Models\Component::class, 'location_id');
    }

+    /**
+     * Establishes the component -> accessory relationship
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v3.0]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
    public function accessories()
    {
        return $this->hasMany(\App\Models\Accessory::class, 'location_id');
    }

-
-
+    /**
+     * Find the parent of a location
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v2.0]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
    public function parent()
    {
        return $this->belongsTo(self::class, 'parent_id', 'id')
            ->with('parent');
    }

+
+    /**
+     * Find the manager of a location
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v2.0]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
    public function manager()
    {
        return $this->belongsTo(\App\Models\User::class, 'manager_id');
    }

+
+    /**
+     * Find children of a location
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v2.0]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
    public function children()
    {
        return $this->hasMany(self::class, 'parent_id')
            ->with('children');
    }

-    // I don't think we need this anymore since we de-normed location_id in assets?
+    /**
+     * Establishes the asset -> location assignment relationship
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v3.0]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
    public function assignedAssets()
    {
        return $this->morphMany(\App\Models\Asset::class, 'assigned', 'assigned_type', 'assigned_to')->withTrashed();
@@ -189,7 +189,7 @@ trait Loggable
        $params = [
            'item' => $log->item,
            'filename' => $log->filename,
-            'admin' => $log->user,
+            'admin' => $log->admin,
            'location' => ($location) ? $location->name : '',
            'note' => $note,
        ];
@@ -41,6 +41,11 @@ class SnipeSCIMConfig extends \ArieTimmerman\Laravel\SCIMServer\SCIMConfig
            } 
        );

+        // externalId support
+        $config['validations'][$core.'externalId'] = 'string|nullable'; // not required, but supported mostly just for Okta
+        // note that the mapping is *not* namespaced like the other $mappings
+        $config['mapping']['externalId'] = AttributeMapping::eloquent('scim_externalid');
+
        $config['validations'][$core.'emails'] = 'nullable|array';         // emails are not required in Snipe-IT...
        $config['validations'][$core.'emails.*.value'] = 'email'; // ...(had to remove the recommended 'required' here)

@@ -59,6 +59,9 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
        'username',
        'zip',
        'remote',
+        'start_date',
+        'end_date',
+        'scim_externalid'
    ];

    protected $casts = [
@@ -68,6 +71,16 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
        'company_id'   => 'integer',
    ];

+
+    protected $dates = [
+        'created_at',
+        'updated_at',
+        'deleted_at',
+        'start_date',
+        'end_date',
+    ];
+
+
    /**
     * Model validation rules
     *
@@ -83,6 +96,8 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
        'website'                 => 'url|nullable|max:191',
        'manager_id'              => 'nullable|exists:users,id|cant_manage_self',
        'location_id'             => 'exists:locations,id|nullable',
+        'start_date'              => 'nullable|date',
+        'end_date'                => 'nullable|date|after_or_equal:start_date',
    ];

    /**
@@ -323,6 +338,24 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
        return $this->belongsToMany(\App\Models\License::class, 'license_seats', 'assigned_to', 'license_id')->withPivot('id');
    }

+    /**
+     * Establishes a count of all items assigned
+     *
+     * @author J. Vinsmoke
+     * @since [v6.1]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
+    Public function allAssignedCount() {
+        $assetsCount = $this->assets()->count();
+        $licensesCount = $this->licenses()->count();
+        $accessoriesCount = $this->accessories()->count();
+        $consumablesCount = $this->consumables()->count();
+        
+        $totalCount = $assetsCount + $licensesCount + $accessoriesCount + $consumablesCount;
+    
+        return (int) $totalCount;
+        }
+
    /**
     * Establishes the user -> actionlogs relationship
     *
@@ -140,6 +140,12 @@ class AssetPresenter extends Presenter
                'visible' => false,
                'title' => trans('general.purchase_date'),
                'formatter' => 'dateDisplayFormatter',
+            ], [
+                'field' => 'age',
+                'searchable' => true,
+                'sortable' => true,
+                'visible' => false,
+                'title' => trans('general.age'),
            ], [
                'field' => 'purchase_cost',
                'searchable' => true,
@@ -70,47 +70,33 @@ class CategoryPresenter extends Presenter
                'visible' => true,
                'formatter' => 'trueFalseFormatter',
            ], [
-                'field' => 'actions',
-                'searchable' => false,
-                'sortable' => false,
-                'switchable' => false,
-                'title' => trans('table.actions'),
-            ],[
                "field" => "use_default_eula",
                "searchable" => false,
                "sortable" => true,
                "title" => trans('admin/categories/general.use_default_eula_column'),
                'visible' => true,
                "formatter" => 'trueFalseFormatter',
-            ],[
-                "field" => "checkin_email",
-                "searchable" => false,
-                "sortable" => true,
-                "class" => 'css-envelope',
-                "title" => 'Send Email',
-                "visible" => true,
-                "formatter" => 'trueFalseFormatter',
-            ],[
-                "field" => "require_acceptance",
-                "searchable" => false,
-                "sortable" => true,
-                'formatter' => 'categoriesActionsFormatter',
-            ],
-            [
+            ], [
                'field' => 'created_at',
                'searchable' => true,
                'sortable' => true,
                'visible' => false,
                'title' => trans('general.created_at'),
                'formatter' => 'dateDisplayFormatter',
-            ],
-            [
+            ], [
                'field' => 'updated_at',
                'searchable' => true,
                'sortable' => true,
                'visible' => false,
                'title' => trans('general.updated_at'),
                'formatter' => 'dateDisplayFormatter',
+            ], [
+                'field' => 'actions',
+                'searchable' => false,
+                'sortable' => false,
+                'switchable' => false,
+                'title' => trans('table.actions'),
+		'formatter' => 'categoriesActionsFormatter',
            ],
        ];

@@ -55,17 +55,28 @@ class LocationPresenter extends Presenter
                'searchable' => false,
                'sortable' => true,
                'switchable' => true,
-                'title' =>  trans('admin/locations/table.assets_rtd'),
+                'title' =>  trans('admin/locations/message.current_location'),
                'visible' => true,
            ],
+
+            [
+                'field' => 'rtd_assets_count',
+                'searchable' => false,
+                'sortable' => true,
+                'switchable' => true,
+                'title' =>  trans('admin/hardware/form.default_location'),
+                'visible' => false,
+            ],
+
            [
                'field' => 'assigned_assets_count',
                'searchable' => false,
                'sortable' => true,
                'switchable' => true,
-                'title' =>  trans('admin/locations/table.assets_checkedout'),
+                'title' =>  trans('admin/locations/message.assigned_assets'),
                'visible' => true,
            ],
+
            [
                'field' => 'users_count',
                'searchable' => false,
@@ -302,6 +302,24 @@ class UserPresenter extends Presenter
                'visible' => false,
                'formatter' => 'dateDisplayFormatter',
            ],
+            [
+                'field' => 'start_date',
+                'searchable' => true,
+                'sortable' => true,
+                'switchable' => true,
+                'title' => trans('general.start_date'),
+                'visible' => false,
+                'formatter' => 'dateDisplayFormatter',
+            ],
+            [
+                'field' => 'end_date',
+                'searchable' => true,
+                'sortable' => true,
+                'switchable' => true,
+                'title' => trans('general.end_date'),
+                'visible' => false,
+                'formatter' => 'dateDisplayFormatter',
+            ],
            [
                'field' => 'last_login',
                'searchable' => false,
@@ -159,6 +159,10 @@ class AuthServiceProvider extends ServiceProvider
            return $user->hasAccess('self.checkout_assets');
        });

+        Gate::define('self.view_purchase_cost', function ($user) {
+            return $user->hasAccess('self.view_purchase_cost');
+        });
+
        // This is largely used to determine whether to display the gear icon sidenav 
        // in the left-side navigation
        Gate::define('backend.interact', function ($user) {
@@ -78,18 +78,18 @@
            "source": {
                "type": "git",
                "url": "https://github.com/grokability/laravel-scim-server.git",
-                "reference": "d0e3d7c0b5da2ec76283b8a2fa2e672a91596509"
+                "reference": "2c7ecc450eee59234e059ec2e7724b2d8f3a8369"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/grokability/laravel-scim-server/zipball/d0e3d7c0b5da2ec76283b8a2fa2e672a91596509",
-                "reference": "d0e3d7c0b5da2ec76283b8a2fa2e672a91596509",
+                "url": "https://api.github.com/repos/grokability/laravel-scim-server/zipball/2c7ecc450eee59234e059ec2e7724b2d8f3a8369",
+                "reference": "2c7ecc450eee59234e059ec2e7724b2d8f3a8369",
                "shasum": ""
            },
            "require": {
-                "illuminate/console": "^6.0|^7.0|^8.0",
-                "illuminate/database": "^6.0|^7.0|^8.0",
-                "illuminate/support": "^6.0|^7.0|^8.0",
+                "illuminate/console": "^6.0|^7.0|^8.0|^9.0",
+                "illuminate/database": "^6.0|^7.0|^8.0|^9.0",
+                "illuminate/support": "^6.0|^7.0|^8.0|^9.0",
                "php": "^7.0|^8.0",
                "tmilos/scim-filter-parser": "^1.3",
                "tmilos/scim-schema": "^0.1.0"
@@ -133,7 +133,7 @@
            "support": {
                "source": "https://github.com/grokability/laravel-scim-server/tree/master"
            },
-            "time": "2022-07-18T22:15:42+00:00"
+            "time": "2022-11-22T20:26:54+00:00"
        },
        {
            "name": "asm89/stack-cors",
@@ -13530,5 +13530,5 @@
        "ext-pdo": "*"
    },
    "platform-dev": [],
-    "plugin-api-version": "2.0.0"
+    "plugin-api-version": "2.3.0"
 }
@@ -100,6 +100,11 @@ return [
        'emergency' => [
            'path' => storage_path('logs/laravel.log'),
        ],
+
+        'scimtrace' => [
+            'driver' => 'single',
+            'path' => storage_path('logs/scim.log')
+        ]
    ],

 ];
@@ -145,6 +145,13 @@ return [
            'note'       => '',
            'display'    => true,
        ],
+        [
+            'permission' => 'accessories.files',
+            'label'      => 'View and Modify Accessory Files',
+            'note'       => '',
+            'display'    => true,
+        ],
+
    ],

    'Consumables' => [
@@ -178,6 +185,12 @@ return [
            'note'       => '',
            'display'    => true,
        ],
+        [
+            'permission' => 'consumables.files',
+            'label'      => 'View and Modify Consumable Files',
+            'note'       => '',
+            'display'    => true,
+        ],
    ],


@@ -264,6 +277,12 @@ return [
            'note'       => '',
            'display'    => true,
        ],
+        [
+            'permission' => 'components.files',
+            'label'      => 'View and Modify Component Files',
+            'note'       => '',
+            'display'    => true,
+        ],

    ],

@@ -626,6 +645,13 @@ return [
            'display'    => true,
        ],

+        [
+            'permission' => 'self.view_purchase_cost',
+            'label'      => 'View Purchase-Cost Column',
+            'note'       => 'This user can see the purchase cost column of items assigned to them.',
+            'display'    => true,
+        ],
+
    ],

 ];
@@ -1,5 +1,8 @@
 <?php

 return [
-    "publish_routes" => false
+    "trace" => env("SCIM_TRACE",false),
+    // below, if we ever get 'sure' that we can change this default to 'true' we should
+    "omit_main_schema_in_return" => env('SCIM_STANDARDS_COMPLIANCE', false),
+    "publish_routes" => false,
 ];
@@ -1,10 +1,10 @@
 <?php
 return array (
-  'app_version' => 'v6.0.11',
-  'full_app_version' => 'v6.0.11 - build 8758-g61fa0bda4',
-  'build_version' => '8758',
+  'app_version' => 'v6.0.14',
+  'full_app_version' => 'v6.0.14 - build 9038-g163b3f6c0',
+  'build_version' => '9038',
  'prerelease_version' => '',
-  'hash_version' => 'g61fa0bda4',
-  'full_hash' => 'v6.0.11-145-g61fa0bda4',
-  'branch' => 'master',
+  'hash_version' => 'g163b3f6c0',
+  'full_hash' => 'v6.0.14-113-g163b3f6c0',
+  'branch' => 'develop',
 );
@@ -0,0 +1,33 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+class AddsLdapDefaultGroupToSettingsTable extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('settings', function (Blueprint $table) {
+            $table->integer('ldap_default_group')
+                ->after('ldap_basedn')->default(null);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('settings', function (Blueprint $table) {
+            $table->dropColumn('ldap_default_group');
+        });
+    }
+}
@@ -0,0 +1,34 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+class AddStartTerminationDateToUsers extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('users', function (Blueprint $table) {
+            $table->date('start_date')->nullable()->default(null);
+            $table->date('end_date')->nullable()->default(null);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('users', function (Blueprint $table) {
+            $table->dropColumn('start_date');
+            $table->dropColumn('end_date');
+        });
+    }
+}
@@ -0,0 +1,32 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+class AddExternalidToUsers extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('users', function (Blueprint $table) {
+            $table->string('scim_externalid')->nullable()->default(null);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('users', function (Blueprint $table) {
+            $table->dropColumn('scim_externalid');
+        });
+    }
+}
@@ -0,0 +1,32 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+class AddDisplayToUserInCustomFields extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('custom_fields', function (Blueprint $table) {
+            $table->boolean('display_in_user_view')->nullable()->default(0);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('custom_fields', function (Blueprint $table) {
+            $table->dropColumn('display_in_user_view');
+        });
+    }
+}
@@ -0,0 +1,30 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+class FixNullableMigrationForSettings extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('settings', function (Blueprint $table) {
+            $table->string('ldap_default_group')->nullable()->default(null)->change();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        // nothing to do here - this is a hotfix
+    }
+}
@@ -24,7 +24,7 @@
        "vue-template-compiler": "2.4.4"
    },
    "dependencies": {
-        "@fortawesome/fontawesome-free": "^6.2.0",
+        "@fortawesome/fontawesome-free": "^6.2.1",
        "acorn": "^8.8.0",
        "acorn-import-assertions": "^1.8.0",
        "admin-lte": "^2.4.18",
@@ -953,4 +953,19 @@ th.css-accessory > .th-inner::before {
 .bs-checkbox input {
  zoom: 1.5;
 }
+@media screen and (max-width: 511px) {
+  .sidebar-menu {
+    margin-top: 64px;
+  }
+}
+@media screen and (max-width: 771px) and (min-width: 512px) {
+  .sidebar-menu {
+    margin-top: 14px;
+  }
+}
+@media screen and (max-width: 1098px) and (min-width: 772px) {
+  .sidebar-menu {
+    margin-top: 51px;
+  }
+}

@@ -586,4 +586,19 @@ th.css-accessory > .th-inner::before {
 .bs-checkbox input {
  zoom: 1.5;
 }
+@media screen and (max-width: 511px) {
+  .sidebar-menu {
+    margin-top: 64px;
+  }
+}
+@media screen and (max-width: 771px) and (min-width: 512px) {
+  .sidebar-menu {
+    margin-top: 14px;
+  }
+}
+@media screen and (max-width: 1098px) and (min-width: 772px) {
+  .sidebar-menu {
+    margin-top: 51px;
+  }
+}

@@ -23815,6 +23815,21 @@ th.css-accessory > .th-inner::before {
 .bs-checkbox input {
  zoom: 1.5;
 }
+@media screen and (max-width: 511px) {
+  .sidebar-menu {
+    margin-top: 64px;
+  }
+}
+@media screen and (max-width: 771px) and (min-width: 512px) {
+  .sidebar-menu {
+    margin-top: 14px;
+  }
+}
+@media screen and (max-width: 1098px) and (min-width: 772px) {
+  .sidebar-menu {
+    margin-top: 51px;
+  }
+}


 .select2-container {
@@ -24887,4 +24902,19 @@ th.css-accessory > .th-inner::before {
 .bs-checkbox input {
  zoom: 1.5;
 }
+@media screen and (max-width: 511px) {
+  .sidebar-menu {
+    margin-top: 64px;
+  }
+}
+@media screen and (max-width: 771px) and (min-width: 512px) {
+  .sidebar-menu {
+    margin-top: 14px;
+  }
+}
+@media screen and (max-width: 1098px) and (min-width: 772px) {
+  .sidebar-menu {
+    margin-top: 51px;
+  }
+}

@@ -217,6 +217,9 @@ a:visited {
 .navbar-nav > li > a:link {
  color: var(--nav-link);
 }
+.far fa-life-ring {
+  color: var(--link);
+}
 .modal-content {
  background-color: var(--back-main);
  color: var(--text-main);
@@ -217,6 +217,9 @@ a:visited {
 .navbar-nav > li > a:link {
  color: var(--nav-link);
 }
+.far fa-life-ring {
+  color: var(--link);
+}
 .modal-content {
  background-color: var(--back-main);
  color: var(--text-main);
@@ -199,6 +199,9 @@ a.btn-danger:visited {
 .btn-danger.btn-sm.disabled {
  color: #FFF;
 }
+.far fa-life-ring {
+  color: var(--link);
+}
 .sidebar-toggle-mobile {
  color: #FFF !important;
 }
@@ -199,6 +199,9 @@ a.btn-danger:visited {
 .btn-danger.btn-sm.disabled {
  color: #FFF;
 }
+.far fa-life-ring {
+  color: var(--link);
+}
 .sidebar-toggle-mobile {
  color: #FFF !important;
 }
@@ -212,6 +212,9 @@ a:visited {
 .navbar-nav > li > a:link {
  color: var(--nav-link);
 }
+.far fa-life-ring {
+  color: var(--link);
+}
 .modal-content {
  background-color: var(--back-main);
  color: var(--text-main);
@@ -212,6 +212,9 @@ a:visited {
 .navbar-nav > li > a:link {
  color: var(--nav-link);
 }
+.far fa-life-ring {
+  color: var(--link);
+}
 .modal-content {
  background-color: var(--back-main);
  color: var(--text-main);
@@ -123,7 +123,7 @@
  border-bottom-left-radius: 0;
 }
 .skin-blue.layout-top-nav .main-header > .logo .logo-variant {
-  background-color: none;
+  background-color: unset;
 }
 .btn.btn-primary,
 btn-sm.btn-primary,
@@ -218,6 +218,9 @@ a:hover {
 .text-primary {
  color: #23536f;
 }
+.far fa-life-ring {
+  color: var(--link);
+}
 .fixed-table-container tbody .selected td {
  background-color: #fff8af;
 }
@@ -123,7 +123,7 @@
  border-bottom-left-radius: 0;
 }
 .skin-blue.layout-top-nav .main-header > .logo .logo-variant {
-  background-color: none;
+  background-color: unset;
 }
 .btn.btn-primary,
 btn-sm.btn-primary,
@@ -218,6 +218,9 @@ a:hover {
 .text-primary {
  color: #23536f;
 }
+.far fa-life-ring {
+  color: var(--link);
+}
 .fixed-table-container tbody .selected td {
  background-color: #fff8af;
 }
@@ -205,6 +205,9 @@ a:visited {
 .bootstrap-table .fixed-table-container .table thead th .sortable {
  color: var(--nav-link);
 }
+.far fa-life-ring {
+  color: var(--link);
+}
 .thead,
 .navbar-nav > li > a:link {
  color: var(--nav-link);
@@ -205,6 +205,9 @@ a:visited {
 .bootstrap-table .fixed-table-container .table thead th .sortable {
  color: var(--nav-link);
 }
+.far fa-life-ring {
+  color: var(--link);
+}
 .thead,
 .navbar-nav > li > a:link {
  color: var(--nav-link);
@@ -195,6 +195,9 @@ a:visited {
 .text-primary {
  color: #004023;
 }
+.far fa-life-ring {
+  color: var(--link);
+}
 .fixed-table-container tbody .selected td {
  background-color: #fff8af;
 }
@@ -195,6 +195,9 @@ a:visited {
 .text-primary {
  color: #004023;
 }
+.far fa-life-ring {
+  color: var(--link);
+}
 .fixed-table-container tbody .selected td {
  background-color: #fff8af;
 }
@@ -196,6 +196,9 @@ li.dropdown-item-marker {
  background: linear-gradient(to bottom, var(--header) 0%, var(--header) 100%);
  border-color: var(--header);
 }
+.far fa-life-ring {
+  color: var(--link);
+}
 .bootstrap-table .fixed-table-container .table thead th .sortable {
  color: var(--nav-link);
 }
@@ -196,6 +196,9 @@ li.dropdown-item-marker {
  background: linear-gradient(to bottom, var(--header) 0%, var(--header) 100%);
  border-color: var(--header);
 }
+.far fa-life-ring {
+  color: var(--link);
+}
 .bootstrap-table .fixed-table-container .table thead th .sortable {
  color: var(--nav-link);
 }
@@ -190,6 +190,9 @@ a.btn-warning:visited,
 a.btn-danger:visited {
  color: #FFF;
 }
+.far fa-life-ring {
+  color: var(--link);
+}
 .fixed-table-container tbody .selected td {
  background-color: #fff8af;
 }
@@ -190,6 +190,9 @@ a.btn-warning:visited,
 a.btn-danger:visited {
  color: #FFF;
 }
+.far fa-life-ring {
+  color: var(--link);
+}
 .fixed-table-container tbody .selected td {
  background-color: #fff8af;
 }
@@ -223,6 +223,9 @@ a:visited {
 a:link {
  color: var(--link);
 }
+.far fa-life-ring {
+  color: var(--link);
+}
 .btn-primary.hover {
  color: var(--nav-link);
 }
@@ -223,6 +223,9 @@ a:visited {
 a:link {
  color: var(--link);
 }
+.far fa-life-ring {
+  color: var(--link);
+}
 .btn-primary.hover {
  color: var(--nav-link);
 }
@@ -196,6 +196,9 @@ a.btn-danger:visited {
 .select2-container--default .select2-selection--multiple .select2-selection__choice {
  background-color: #605ca8;
 }
+.far fa-life-ring {
+  color: var(--link);
+}
 .search-highlight,
 .search-highlight:hover {
  background-color: #e9d15b;
@@ -196,6 +196,9 @@ a.btn-danger:visited {
 .select2-container--default .select2-selection--multiple .select2-selection__choice {
  background-color: #605ca8;
 }
+.far fa-life-ring {
+  color: var(--link);
+}
 .search-highlight,
 .search-highlight:hover {
  background-color: #e9d15b;
@@ -226,6 +226,9 @@ a:visited {
 a:hover {
  color: var(--hover-link);
 }
+.far fa-life-ring {
+  color: var(--link);
+}
 .btn-primary.hover {
  color: var(--nav-link);
 }
@@ -226,6 +226,9 @@ a:visited {
 a:hover {
  color: var(--hover-link);
 }
+.far fa-life-ring {
+  color: var(--link);
+}
 .btn-primary.hover {
  color: var(--nav-link);
 }
@@ -207,4 +207,7 @@ a.btn-danger:visited {
 .search-highlight:hover {
  background-color: #e9d15b;
 }
+.far fa-life-ring {
+  color: var(--link);
+}

@@ -207,4 +207,7 @@ a.btn-danger:visited {
 .search-highlight:hover {
  background-color: #e9d15b;
 }
+.far fa-life-ring {
+  color: var(--link);
+}

@@ -217,6 +217,9 @@ a:link.btn-default {
  text-decoration: none;
  color: var(--nav-link) !important;
 }
+.far fa-life-ring {
+  color: var(--link);
+}
 #accessoriesTable > tbody > tr > td > nobr > a > i.fa {
  color: var(--text-main);
 }
@@ -217,6 +217,9 @@ a:link.btn-default {
  text-decoration: none;
  color: var(--nav-link) !important;
 }
+.far fa-life-ring {
+  color: var(--link);
+}
 #accessoriesTable > tbody > tr > td > nobr > a > i.fa {
  color: var(--text-main);
 }
@@ -214,4 +214,7 @@ a:visited {
 .skin-yellow .main-header .navbar .nav > li > a {
  color: #413F42;
 }
+.far fa-life-ring {
+  color: var(--link);
+}

--- a/Show More
+++ b/Show More