Squashed commit of the following:

commit e1263155b1 Merge: 886f2a0de 014eab3ab Author: snipe <snipe@snipe.net> Date: Mon Jan 9 11:10:19 2023 -0800 Merge pull request #12323 from snipe/translations/updated_strings Updated language strings commit 014eab3abc Author: snipe <snipe@snipe.net> Date: Mon Jan 9 11:09:26 2023 -0800 Updated language strings Signed-off-by: snipe <snipe@snipe.net> commit 886f2a0dec Merge: 19e703980 e05764ac3 Author: snipe <snipe@snipe.net> Date: Thu Jan 5 18:44:44 2023 -0800 Merge pull request #12317 from snipe/fixes/shorten_url_display_on_view Truncate URL with ellipsis if too long commit e05764ac34 Author: snipe <snipe@snipe.net> Date: Thu Jan 5 18:42:26 2023 -0800 Truncate URL with ellipsis if too long Signed-off-by: snipe <snipe@snipe.net> commit 19e703980d Merge: bd3f730cb 6e42bce40 Author: snipe <snipe@snipe.net> Date: Thu Jan 5 18:07:30 2023 -0800 Merge pull request #12316 from snipe/features/chunk_data_in_sync_script Chunk sync script commit 6e42bce409 Author: snipe <snipe@snipe.net> Date: Thu Jan 5 18:04:06 2023 -0800 Removed $start variable from calback Signed-off-by: snipe <snipe@snipe.net> commit 1a3c947b14 Author: snipe <snipe@snipe.net> Date: Thu Jan 5 17:57:52 2023 -0800 Chunk sync script Signed-off-by: snipe <snipe@snipe.net> commit bd3f730cb2 Merge: ace73acba 381f89c5a Author: snipe <snipe@snipe.net> Date: Thu Jan 5 14:11:24 2023 -0800 Merge pull request #12315 from snipe/features/added_default_values_to_model_api Features/added default values to model api commit 381f89c5a8 Author: snipe <snipe@snipe.net> Date: Thu Jan 5 13:15:30 2023 -0800 Added format to array Signed-off-by: snipe <snipe@snipe.net> commit db43628bdc Author: snipe <snipe@snipe.net> Date: Thu Jan 5 13:12:54 2023 -0800 Added default field info to models API response Signed-off-by: snipe <snipe@snipe.net> commit ace73acba1 Merge: 5898e384f 301c4fda6 Author: snipe <snipe@snipe.net> Date: Thu Jan 5 09:59:35 2023 -0800 Merge pull request #12263 from Godmartinz/gh12211_label_padding_adjustment Fixed: page-break and padding at the end of document for labels commit 301c4fda6e Author: Godfrey M <godmartinz@gmail.com> Date: Thu Jan 5 09:55:25 2023 -0800 fixes conflicts commit 5898e384f8 Merge: c575798b5 9c63f426d Author: snipe <snipe@snipe.net> Date: Wed Jan 4 15:13:36 2023 -0800 Merge pull request #12308 from snipe/fixes/missing_translation_string Fixed missing translation string commit 9c63f426d9 Author: snipe <snipe@snipe.net> Date: Wed Jan 4 14:09:14 2023 -0800 Added missing translation string Signed-off-by: snipe <snipe@snipe.net> commit c575798b56 Merge: b36e81836 7123e7327 Author: snipe <snipe@snipe.net> Date: Wed Jan 4 14:01:03 2023 -0800 Merge pull request #12307 from snipe/fixes/update_less_and_css_loader Updated less-loader and css-loader libraries commit 7123e7327f Author: snipe <snipe@snipe.net> Date: Wed Jan 4 14:00:04 2023 -0800 Updated less-loader and css-loader libraries Signed-off-by: snipe <snipe@snipe.net> commit b36e81836f Merge: 818db58a7 b77d5801f Author: snipe <snipe@snipe.net> Date: Wed Jan 4 13:57:14 2023 -0800 Merge pull request #12306 from snipe/fixes/weird_sentence_in_translations Fixed incomplete sentence in translation file for audit interval commit b77d5801fa Author: snipe <snipe@snipe.net> Date: Wed Jan 4 13:56:16 2023 -0800 English is hard, apparently Signed-off-by: snipe <snipe@snipe.net> commit 818db58a7b Merge: baf14c43e c4f900e9a Author: snipe <snipe@snipe.net> Date: Wed Jan 4 13:22:03 2023 -0800 Merge pull request #12305 from uberbrady/fix_license_seat_reporting Fixed: Change license_seat changing method to properly 'true up' license seats commit c4f900e9af Author: Brady Wetherington <bwetherington@grokability.com> Date: Wed Jan 4 13:02:53 2023 -0800 Change license_seat changing method to properly 'true up' license seats commit baf14c43ee Merge: d187174f0 fa439a192 Author: snipe <snipe@snipe.net> Date: Tue Jan 3 14:50:25 2023 -0800 Merge pull request #12298 from snipe/fixes/db_seeder_company_id Fixed db seeder when company id is not present commit fa439a1928 Author: snipe <snipe@snipe.net> Date: Tue Jan 3 14:45:23 2023 -0800 Check that the array key exists before trying to seed it Signed-off-by: snipe <snipe@snipe.net> commit d187174f00 Merge: 6d3c5e065 92ae27129 Author: snipe <snipe@snipe.net> Date: Thu Dec 22 11:29:12 2022 -0800 Merge pull request #12090 from Godmartinz/deparmtnet_name_validator Added: validation for department names at Company locations commit 6d3c5e0659 Merge: 685cc86d7 e791e6592 Author: snipe <snipe@snipe.net> Date: Wed Dec 21 19:04:11 2022 -0800 Merge pull request #12264 from Godmartinz/gh12253_display_notes_accessories Added: notes to the accessories tab for user detail view commit 685cc86d71 Author: snipe <snipe@snipe.net> Date: Tue Dec 20 17:24:01 2022 -0800 Sets the `ldap_default_group` field to nullable and default null Signed-off-by: snipe <snipe@snipe.net> commit fb10a6f218 Merge: 128c21a90 3a9b8a499 Author: snipe <snipe@snipe.net> Date: Tue Dec 20 17:05:18 2022 -0800 Merge pull request #12268 from inietov/fixes/people_count Fixed: Dashboard user count scoping when full company support is enabled commit 3a9b8a4993 Author: Ivan Nieto Vivanco <inietov@gmail.com> Date: Tue Dec 20 18:39:17 2022 -0600 Calculate the proper amount of people in the dashboard if Full Company Support is enabled commit 128c21a905 Merge: 88291cadc 75a757d6f Author: snipe <snipe@snipe.net> Date: Tue Dec 20 15:09:30 2022 -0800 Merge pull request #12266 from uberbrady/fix-select-all-bug Fixed: There was a bug with BS tables' select-all which showed an incorrect list of elements commit 75a757d6f5 Author: Brady Wetherington <bwetherington@grokability.com> Date: Tue Dec 20 14:57:58 2022 -0800 There was a bug with select-all where some bits didn't quite work commit e791e6592a Author: Godfrey M <godmartinz@gmail.com> Date: Tue Dec 20 10:37:19 2022 -0800 adds notes to the accessories tab under users commit 38575e93e8 Author: Godfrey M <godmartinz@gmail.com> Date: Tue Dec 20 09:45:41 2022 -0800 fixes the rules for adding page-break and padding at the end of document commit 88291cadc1 Merge: 399c7590c 94afe2bc6 Author: snipe <snipe@snipe.net> Date: Mon Dec 19 12:41:32 2022 -0800 Merge pull request #12254 from akemidx/documentating_something Commenting on a scope in Models/Company.php commit 94afe2bc6a Author: akemidx <kojotek.dx@gmail.com> Date: Mon Dec 19 14:48:43 2022 -0500 edits & typo fixes commit 399c7590cd Merge: d0c5ba70f eb67d1b06 Author: snipe <snipe@snipe.net> Date: Thu Dec 15 14:19:41 2022 -0800 Merge pull request #12209 from snipe/fixes/error_downloading_unaccepted_assets Fixed 500 when downloading the Unaccepted Assets report [sc-19555] commit d0c5ba70f6 Merge: 29c2ff56e d9a21cce0 Author: snipe <snipe@snipe.net> Date: Thu Dec 15 12:42:29 2022 -0800 Merge pull request #12242 from inietov/features/add_purchase_cost_column Added `purchase_cost` to user's default view [sc-19680] commit 133d6ffa50 Author: akemidx <kojotek.dx@gmail.com> Date: Thu Dec 15 15:18:24 2022 -0500 Commenting on a scope in Models/Company.php commit d9a21cce00 Author: Ivan Nieto Vivanco <inietov@gmail.com> Date: Thu Dec 15 14:12:05 2022 -0600 Add other items' purchase_cost columns to the same permission commit 29c2ff56ec Merge: 3e7975b2c 1fe0bfe17 Author: snipe <snipe@snipe.net> Date: Thu Dec 15 11:26:49 2022 -0800 Merge pull request #12188 from snipe/fixes/decrease_logging_for_saml_when_not_enabled Removed extra logging case that was very noisy commit 3e7975b2c3 Merge: 227fef76e d870bc3b0 Author: snipe <snipe@snipe.net> Date: Thu Dec 15 11:25:53 2022 -0800 Merge pull request #12250 from akemidx/grey_out_pw_reset_button Fixed: Grey out pw reset button for consistency commit d870bc3b02 Author: akemidx <kojotek.dx@gmail.com> Date: Thu Dec 15 14:19:51 2022 -0500 nested if loop commit 227fef76ee Merge: 418ddcfac 9d44720ff Author: snipe <snipe@snipe.net> Date: Thu Dec 15 11:06:53 2022 -0800 Merge pull request #11736 from Godmartinz/gh6508_ldap_default_group Adds a permission group selection for directory sync commit 9d44720ffd Author: Godfrey M <godmartinz@gmail.com> Date: Thu Dec 15 11:02:34 2022 -0800 reverted changes to composer.lock commit 9f3f0a25ed Author: Godfrey M <godmartinz@gmail.com> Date: Thu Dec 15 10:53:45 2022 -0800 reverted changes to composer.lock commit 2e228ccb0b Author: Godfrey M <godmartinz@gmail.com> Date: Thu Dec 15 10:45:42 2022 -0800 redid a few things. should be good now :) commit 3ee413f379 Author: Godfrey M <godmartinz@gmail.com> Date: Thu Dec 15 09:20:30 2022 -0800 removes livewire stuff commit b142f8e012 Author: Ivan Nieto Vivanco <inietov@gmail.com> Date: Wed Dec 14 23:00:35 2022 -0600 Add the permission to show purchase cost column to non-admin sessions commit 418ddcfac3 Merge: c342668f0 1a908e361 Author: snipe <snipe@snipe.net> Date: Wed Dec 14 17:46:53 2022 -0800 Merge pull request #9876 from Toreg87/fixes/locations-deletable Fixed #9875: Make locations deletable for non Superuser-Accounts with FullMultipleCompanySupport commit c342668f0f Author: snipe <snipe@snipe.net> Date: Wed Dec 14 17:25:39 2022 -0800 Update @scoo73r as a contributor commit 2f6a26ec7d Author: snipe <snipe@snipe.net> Date: Wed Dec 14 17:25:25 2022 -0800 Add @scoo73r as a contributor commit f635278010 Merge: d13a23700 8043b8678 Author: snipe <snipe@snipe.net> Date: Wed Dec 14 16:42:41 2022 -0800 Merge pull request #12251 from snipe/security/upgrade_font_awesome Upgraded font awesome to 6.2.1 commit 8043b86786 Author: snipe <snipe@snipe.net> Date: Wed Dec 14 16:41:56 2022 -0800 Upgraded font awesome to 6.2.1 Signed-off-by: snipe <snipe@snipe.net> commit d13a237000 Merge: fabefa61b d0d0058e7 Author: snipe <snipe@snipe.net> Date: Wed Dec 14 12:13:18 2022 -0800 Merge pull request #12205 from Godmartinz/sc19675_add_remote_to_importer Adds remote field to the user importer commit b114ffd2c3 Author: akemidx <kojotek.dx@gmail.com> Date: Wed Dec 14 14:48:59 2022 -0500 Grey out button pw reset button for consistency When user has no email in their profile, the box is greyed out for consistency accross all buttons on the user profile commit fabefa61b0 Merge: 389ec3a3c f3e57d7dc Author: snipe <snipe@snipe.net> Date: Tue Dec 13 14:00:48 2022 -0800 Merge pull request #12243 from akemidx/new_grey_out_when_no_assets Created method in users.php for adding up all assigned to user and pr… commit f3e57d7dc0 Author: akemidx <kojotek.dx@gmail.com> Date: Tue Dec 13 16:00:59 2022 -0500 fixing PR commit 389ec3a3cb Merge: c432fb9d7 6a72c344b Author: snipe <snipe@snipe.net> Date: Tue Dec 13 12:57:50 2022 -0800 Merge pull request #12247 from Godmartinz/gh12225_serial_added_to_components adds serial to components tab of assets commit 6a72c344b7 Author: Godfrey M <godmartinz@gmail.com> Date: Tue Dec 13 12:32:30 2022 -0800 removed the cuddlers commit 4442b446b9 Author: Godfrey M <godmartinz@gmail.com> Date: Tue Dec 13 10:30:37 2022 -0800 adds serial to components tab of assets commit c432fb9d70 Merge: 9e8fff6e5 fa872b09a Author: snipe <snipe@snipe.net> Date: Tue Dec 13 10:28:17 2022 -0800 Merge pull request #12181 from Godmartinz/gh12163_asset_age Adds asset age to asset index and asset view pages commit 07ae91b00f Author: akemi <akemi@ShibaPro.local> Date: Wed Dec 7 17:46:18 2022 -0500 Created method in users.php for adding up all assigned to user and providing an integer value. this then used to grey out buttons on user view if user has nothing assigned. commit 450ad3dcec Author: Ivan Nieto Vivanco <inietov@gmail.com> Date: Mon Dec 12 14:17:08 2022 -0600 Added the column purchase_cost to user's default view commit fa872b09a9 Author: Godfrey M <godmartinz@gmail.com> Date: Mon Dec 12 10:38:31 2022 -0800 fixes a typo, the world is great again commit eb67d1b064 Author: Ivan Nieto Vivanco <inietov@gmail.com> Date: Tue Dec 6 18:00:16 2022 -0600 Filter items from the report if null returned commit d0d0058e79 Author: Godfrey M <godmartinz@gmail.com> Date: Tue Dec 6 11:19:28 2022 -0800 removed unwanted changes commit bbd04f8876 Author: Godfrey M <godmartinz@gmail.com> Date: Tue Dec 6 11:13:24 2022 -0800 adds the rest of the fields for Remote commit 36901d271b Author: Godfrey M <godmartinz@gmail.com> Date: Mon Dec 5 16:28:19 2022 -0800 adds csvmatch for remote. Im a bit lost though lol commit 3206929ee4 Author: Godfrey M <godmartinz@gmail.com> Date: Tue Nov 29 09:51:42 2022 -0800 adds AgeFormatter, not working yet commit 1fe0bfe17e Author: snipe <snipe@snipe.net> Date: Mon Nov 28 19:27:42 2022 -0800 Removed extra logging case that was very noisy Signed-off-by: snipe <snipe@snipe.net> commit 8d861cfd82 Author: Godfrey M <godmartinz@gmail.com> Date: Mon Nov 28 10:59:18 2022 -0800 adds age to the asset table commit 078e7281cd Author: Godfrey M <godmartinz@gmail.com> Date: Mon Nov 28 10:45:58 2022 -0800 adds asset age to asset view commit 92ae271292 Author: Godfrey M <godmartinz@gmail.com> Date: Wed Nov 9 13:11:33 2022 -0800 adds validation for department names at Company locations commit f2d4a61e3c Author: Godfrey M <godmartinz@gmail.com> Date: Tue Oct 18 15:31:37 2022 -0700 removes dead space commit 3f25a1bf61 Author: Godfrey M <godmartinz@gmail.com> Date: Tue Oct 18 15:25:38 2022 -0700 removes dead code commit f9ac447dd1 Merge: 9b448227f b7bcfaccc Author: Godfrey M <godmartinz@gmail.com> Date: Tue Oct 18 15:18:09 2022 -0700 adds default group to LDAP commit 9b448227f7 Author: Godfrey M <godmartinz@gmail.com> Date: Tue Sep 13 11:40:10 2022 -0700 tinkering to no avail commit 28bc97f29f Author: Godfrey M <godmartinz@gmail.com> Date: Mon Sep 12 11:40:16 2022 -0700 one line away from this being over with commit 193b31e427 Author: Godfrey M <godmartinz@gmail.com> Date: Wed Aug 31 12:58:33 2022 -0700 select options working, testing sync then done commit 70ac8af9c4 Author: Godfrey M <godmartinz@gmail.com> Date: Wed Aug 31 09:53:20 2022 -0700 . commit 0c362e8b57 Author: Godfrey M <godmartinz@gmail.com> Date: Mon Aug 29 12:09:56 2022 -0700 gets the groups selector to appear but options are blank commit fc6fefdb4e Author: Godfrey M <godmartinz@gmail.com> Date: Thu Aug 25 15:19:38 2022 -0700 adds migration, variables, checkbox,working on groups commit 1a908e361e Author: Tobias Regnery <tobias.regnery@gmail.com> Date: Thu Jul 29 10:33:34 2021 +0200 Make locations deletable for non Superuser-Accounts with FullMultipleCompanySupport locations->isDeletable() checks via gate::allows if a locations is deletable. This calls SnipePermissionsPolicy->before() and checks for !Company::isCurrentUserHasAccess($item). This returns false because locations don't have a company_id. Check for this and return true if the item don't have a company_id. Signed-off-by: snipe <snipe@snipe.net>
2023-01-09 12:07:46 -08:00 · 2023-01-04 13:53:41 -08:00 · 2023-01-02 13:31:52 -08:00 · 2022-12-21 18:53:48 -08:00 · 2022-12-21 18:03:17 -08:00 · 2022-12-21 18:02:34 -08:00
1475 changed files with 319635 additions and 16491 deletions
@@ -2662,8 +2662,170 @@
      "avatar_url": "https://avatars.githubusercontent.com/u/7991086?v=4",
      "profile": "https://github.com/reederda",
      "contributions": [
-        "translations",
        "translation",
+        "translation",
+        "code"
+      ]
+    },
+    {
+      "login": "vickyjaura183",
+      "name": "vickyjaura183",
+      "avatar_url": "https://avatars.githubusercontent.com/u/109422491?v=4",
+      "profile": "https://github.com/vickyjaura183",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "julian-piehl",
+      "name": "Peace",
+      "avatar_url": "https://avatars.githubusercontent.com/u/32363424?v=4",
+      "profile": "https://github.com/julian-piehl",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "kylegordon",
+      "name": "Kyle Gordon",
+      "avatar_url": "https://avatars.githubusercontent.com/u/231528?v=4",
+      "profile": "https://github.com/kylegordon",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "sunflowerbofh",
+      "name": "Katharina Drexel",
+      "avatar_url": "https://avatars.githubusercontent.com/u/53009155?v=4",
+      "profile": "http://www.bfh.ch",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "dsferruzza",
+      "name": "David Sferruzza",
+      "avatar_url": "https://avatars.githubusercontent.com/u/1931963?v=4",
+      "profile": "https://david.sferruzza.fr/",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "rnelsonee",
+      "name": "Rick Nelson",
+      "avatar_url": "https://avatars.githubusercontent.com/u/19511639?v=4",
+      "profile": "https://github.com/rnelsonee",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "BasO12",
+      "name": "BasO12",
+      "avatar_url": "https://avatars.githubusercontent.com/u/94169344?v=4",
+      "profile": "https://github.com/BasO12",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "Vautia",
+      "name": "Vautia",
+      "avatar_url": "https://avatars.githubusercontent.com/u/111710123?v=4",
+      "profile": "https://github.com/Vautia",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "chartjes",
+      "name": "Chris Hartjes",
+      "avatar_url": "https://avatars.githubusercontent.com/u/28321?v=4",
+      "profile": "http://www.littlehart.net/atthekeyboard",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "geo-chen",
+      "name": "geo-chen",
+      "avatar_url": "https://avatars.githubusercontent.com/u/2404584?v=4",
+      "profile": "https://github.com/geo-chen",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "nh314",
+      "name": "Phan Nguyen",
+      "avatar_url": "https://avatars.githubusercontent.com/u/6006620?v=4",
+      "profile": "https://github.com/nh314",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "StarlessNights",
+      "name": "Iisakki Jaakkola",
+      "avatar_url": "https://avatars.githubusercontent.com/u/115993812?v=4",
+      "profile": "https://github.com/StarlessNights",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "eltociear",
+      "name": "Ikko Ashimine",
+      "avatar_url": "https://avatars.githubusercontent.com/u/22633385?v=4",
+      "profile": "https://bandism.net/",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "lukasfehling",
+      "name": "Lukas Fehling",
+      "avatar_url": "https://avatars.githubusercontent.com/u/56871540?v=4",
+      "profile": "https://github.com/lukasfehling",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "fernando-almeida",
+      "name": "Fernando Almeida",
+      "avatar_url": "https://avatars.githubusercontent.com/u/1975990?v=4",
+      "profile": "https://github.com/fernando-almeida",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "akemidx",
+      "name": "akemidx",
+      "avatar_url": "https://avatars.githubusercontent.com/u/116301219?v=4",
+      "profile": "https://github.com/akemidx",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "oguzbilgic",
+      "name": "Oguz Bilgic",
+      "avatar_url": "https://avatars.githubusercontent.com/u/144778?v=4",
+      "profile": "http://oguz.site",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "scoo73r",
+      "name": "Scooter Crawford",
+      "avatar_url": "https://avatars.githubusercontent.com/u/9262438?v=4",
+      "profile": "https://github.com/scoo73r",
+      "contributions": [
        "code"
      ]
    }
@@ -155,8 +155,8 @@ RESET_PASSWORD_LINK_EXPIRES=900
 # --------------------------------------------
 # OPTIONAL: MISC
 # --------------------------------------------
-APP_LOG=stderr
-APP_LOG_MAX_FILES=10
+LOG_CHANNEL=stderr
+LOG_MAX_DAYS=10
 APP_LOCKED=false
 APP_CIPHER=AES-256-CBC
 GOOGLE_MAPS_API=
@@ -21,6 +21,7 @@ PUBLIC_FILESYSTEM_DISK=local_public
 # --------------------------------------------
 DB_CONNECTION=mysql
 DB_HOST=localhost
+DB_PORT=3306
 DB_DATABASE=snipeit-local
 DB_USERNAME=snipeit-local
 DB_PASSWORD=snipeit-local
@@ -93,7 +94,7 @@ DISABLE_NOSAML_LOCAL_LOGIN=true
 # --------------------------------------------
 # OPTIONAL: MISC
 # --------------------------------------------
-APP_LOG=single
+LOG_CHANNEL=single
 LOG_LEVEL=debug
 LOG_CHANNEL=stack
 LOG_SLACK_WEBHOOK_URL=null
@@ -24,6 +24,7 @@ PUBLIC_FILESYSTEM_DISK=local_public
 # --------------------------------------------
 DB_CONNECTION=mysql
 DB_HOST=127.0.0.1
+DB_PORT=3306
 DB_DATABASE=null
 DB_USERNAME=null
 DB_PASSWORD=null
@@ -76,6 +77,7 @@ ALLOW_DATA_PURGE=false
 # --------------------------------------------
 # OPTIONAL: SESSION SETTINGS
 # --------------------------------------------
+SESSION_DRIVER=file
 SESSION_LIFETIME=12000
 EXPIRE_ON_CLOSE=false
 ENCRYPT=false
@@ -98,7 +100,6 @@ ENABLE_HSTS=false
 # OPTIONAL: CACHE SETTINGS
 # --------------------------------------------
 CACHE_DRIVER=file
-SESSION_DRIVER=file
 QUEUE_DRIVER=sync
 CACHE_PREFIX=snipeit

@@ -158,8 +159,8 @@ PASSWORD_RESET_MAX_ATTEMPTS_PER_MIN=50
 # --------------------------------------------
 # OPTIONAL: MISC
 # --------------------------------------------
-APP_LOG=single
-APP_LOG_MAX_FILES=10
+LOG_CHANNEL=single
+LOG_MAX_DAYS=10
 APP_LOCKED=false
 APP_CIPHER=AES-256-CBC
 APP_FORCE_TLS=false
@@ -172,3 +173,10 @@ IMPORT_MEMORY_LIMIT=500M
 REPORT_TIME_LIMIT=12000
 REQUIRE_SAML=false
 API_THROTTLE_PER_MINUTE=120
+CSV_ESCAPE_FORMULAS=true
+
+# --------------------------------------------
+# OPTIONAL: SCIM
+# --------------------------------------------
+SCIM_TRACE=false
+SCIM_STANDARDS_COMPLIANCE=false
@@ -14,6 +14,7 @@ FILESYSTEM_DISK=local
 # --------------------------------------------
 DB_CONNECTION=sqlite_testing
 DB_HOST=localhost
+DB_PORT=3306
 DB_DATABASE=testing.sqlite
 DB_USERNAME=null
 DB_PASSWORD=null
@@ -70,5 +71,5 @@ SECURE_COOKIES=false
 # --------------------------------------------
 # OPTIONAL: APP LOG FORMAT
 # --------------------------------------------
-APP_LOG=single
-APP_LOG_LEVEL=debug
+LOG_CHANNEL=single
+LOG_LEVEL=debug
@@ -14,6 +14,7 @@ FILESYSTEM_DISK=local
 # --------------------------------------------
 DB_CONNECTION=sqlite
 DB_HOST=localhost
+DB_PORT=3306
 DB_DATABASE='sqlite_testing'
 DB_USERNAME=root
 DB_PASSWORD=null
@@ -34,4 +35,4 @@ IMAGE_LIB=gd
 # --------------------------------------------
 # OPTIONAL: APP LOG FORMAT
 # --------------------------------------------
-APP_LOG=single
+LOG_CHANNEL=single
@@ -4,6 +4,7 @@ APP_URL=http://snipe-it.localapp
 DB_CONNECTION=mysql
 DB_DEFAULT=mysql
 DB_HOST=localhost
+DB_PORT=3306
 DB_DATABASE=snipeittests
 DB_USERNAME=snipeit
 DB_PASSWORD=snipe
@@ -4,6 +4,7 @@ APP_URL=http://snipe-it.localapp
 DB_CONNECTION=sqlite_testing
 DB_DEFAULT=sqlite_testing
 DB_HOST=localhost
+DB_PORT=3306
 APP_KEY=base64:tu9NRh/a6+dCXBDGvg0Gv/0TcABnFsbT4AKxrr8mwQo=


@@ -15,8 +15,8 @@
 #  *.js    @octocat @github/js


-app/Importer/*  @dmeltzer
 app/Http/Controllers/CustomFields* @uberbrady
 app/Http/Controllers/Api/CustomFields* @uberbrady
 resources/views/custom_fields/* @uberbrady
 docker/* @uberbrady
+app/Providers/SamlServiceProvider.php @uberbrady
@@ -1,4 +1,18 @@
-frontend: ["*.js", "*.css", "*.vue", "*.scss", "*.less", "*.blade.*"]
-backend: ["/app", "*.php"]
-legal: ["LICENSE*", "NOTICES*"]
+frontend: ["*.js", "*.css", "*.vue", "*.scss", "*.less", "*.blade.*", "*livewire*"]
+skins: ["*.js", "*.css", "*.scss", "*.less"]
+css: ["*.css","*.scss", "*.less"]
+backend: ["/app/*", "*.php"]
+backups: ["*backup*"]
+restore: ["*restore*"]
+saml: ["*saml*"]
+scim: ["*scim*"]
+custom fields: ["*fields*", "*fieldsets*"]
+dependencies: ["composer.json"]
+consumables: ["*consumables*"]
+api: ["/app/Http/Controllers/api/*"]
+notifications: ["/app/Notifications/*"]
+importer: ["/app/Importer/*"]
+cli / artisan: ["/app/Console/*"]
+LDAP: ["*LDAP*", "/app/Console/Commands/Ldap*","/app/Models/Ldap.php"]
+docker: ["*docker/*", "Dockerfile", "Dockerfile.alpine", "Dockerfile.fpm-alpine", ".dockerignore", ".env.docker"]
 config: .github
@@ -26,7 +26,7 @@ jobs:
        language: [ 'javascript' ]
    steps:
    - name: Checkout repository
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3.1.0

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
@@ -32,11 +32,11 @@ jobs:
    steps:
      # Checkout the repository to the GitHub Actions runner
      - name: Checkout code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3.1.0

      # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
      - name: Run Codacy Analysis CLI
-        uses: codacy/codacy-analysis-cli-action@1.1.0
+        uses: codacy/codacy-analysis-cli-action@v4.2.0
        with:
          # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository
          # You can also omit the token and run the tools that support default configurations
@@ -41,7 +41,7 @@ jobs:
    steps:
      # https://github.com/actions/checkout
      - name: Checkout codebase
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3.1.0

      # https://github.com/docker/setup-buildx-action
      - name: Setup Docker Buildx
@@ -41,7 +41,7 @@ jobs:
    steps:
      # https://github.com/actions/checkout
      - name: Checkout codebase
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3.1.0

      # https://github.com/docker/setup-buildx-action
      - name: Setup Docker Buildx
@@ -24,6 +24,7 @@ php7.4-mbstring \
 php7.4-zip \
 php7.4-bcmath \
 php7.4-redis \
+php-memcached \
 patch \
 curl \
 wget  \
@@ -139,4 +140,4 @@ RUN chmod +x /startup.sh /usr/bin/supervisor-exit-event-listener
 CMD ["/startup.sh"]

 EXPOSE 80
-EXPOSE 443
+EXPOSE 443
@@ -28,6 +28,7 @@ RUN  apk add --no-cache \
        php7-xmlreader \
        php7-sodium \
        php7-redis \
+        php7-pecl-memcached \
        curl \
        wget \
        vim \
@@ -85,4 +86,4 @@ ENTRYPOINT ["/sbin/tini", "--"]

 CMD ["/entrypoint.sh"]

-EXPOSE 80
+EXPOSE 80
@@ -75,14 +75,14 @@ RUN set -eux; \
 	rm snipeit.tar.gz; \
 # Install composer php dependencies
    if [ "$ENVIRONMENT" = "production" ]; then \
-        echo "production enviroment detected!"; \
+        echo "production environment detected!"; \
        composer update \
            --no-cache \
            --no-dev \
            --optimize-autoloader \
            --working-dir=/var/www/html; \
    else \
-        echo "development enviroment detected!"; \
+        echo "development environment detected!"; \
        apk add --no-cache \
            ${DEV_PACKAGES}; \
        composer update \
@@ -100,4 +100,4 @@ COPY --chown=www-data:www-data docker/docker-secrets.env /var/www/html/.env
 COPY --chmod=655 docker/docker-entrypoint.sh /usr/local/bin/docker-snipeit-entrypoint
 COPY docker/column-statistics.cnf /etc/mysql/conf.d/column-statistics.cnf
 ENTRYPOINT [ "/usr/local/bin/docker-snipeit-entrypoint" ]
-CMD [ "/usr/local/bin/docker-php-entrypoint", "php-fpm" ]
+CMD [ "/usr/local/bin/docker-php-entrypoint", "php-fpm" ]
@@ -1,5 +1,5 @@
 ![Build Status](https://app.chipperci.com/projects/0e5f8979-31eb-4ee6-9abf-050b76ab0383/status/master) [![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.svg)](https://crowdin.com/project/snipe-it) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeitapp.svg?style=social)](https://twitter.com/snipeitapp)  [![Codacy Badge](https://api.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://www.codacy.com/app/snipe/snipe-it?utm_source=github.com&amp;utm_medium=referral&amp;utm_content=snipe/snipe-it&amp;utm_campaign=Badge_Grade)
-[![All Contributors](https://img.shields.io/badge/all_contributors-292-orange.svg?style=flat-square)](#contributors) [![Discord](https://badgen.net/badge/icon/discord?icon=discord&label)](https://discord.gg/yZFtShAcKk) [![huntr](https://cdn.huntr.dev/huntr_security_badge_mono.svg)](https://huntr.dev)
+[![All Contributors](https://img.shields.io/badge/all_contributors-311-orange.svg?style=flat-square)](#contributors) [![Discord](https://badgen.net/badge/icon/discord?icon=discord&label)](https://discord.gg/yZFtShAcKk) [![huntr](https://cdn.huntr.dev/huntr_security_badge_mono.svg)](https://huntr.dev)

 ## Snipe-IT - Open Source Asset Management System

@@ -59,14 +59,16 @@ Since the release of the JSON REST API, several third-party developers have been
 - [SnipeSharp - .NET module in C#](https://github.com/barrycarey/SnipeSharp) by [@barrycarey](https://github.com/barrycarey)
 - [InQRy -unmaintained-](https://github.com/Microsoft/InQRy) by [@Microsoft](https://github.com/Microsoft)
 - [SnipeitPS](https://github.com/snazy2000/SnipeitPS) by [@snazy2000](https://github.com/snazy2000) - Powershell API Wrapper for Snipe-it
- [jamf2snipe](https://github.com/ParadoxGuitarist/jamf2snipe) by [@ParadoxGuitarist](https://github.com/ParadoxGuitarist) - Python script to sync assets between a JAMFPro instance and a Snipe-IT instance
+- [jamf2snipe](https://github.com/grokability/jamf2snipe) - Python script to sync assets between a JAMFPro instance and a Snipe-IT instance
 - [Marksman](https://github.com/Scope-IT/marksman) - A Windows agent for Snipe-IT
 - [Snipe-IT plugin for Jira Service Desk](https://marketplace.atlassian.com/apps/1220964/snipe-it-for-jira)
 - [Python 3 CSV importer](https://github.com/gastamper/snipeit-csvimporter) - allows importing assets into Snipe-IT based on Item Name rather than Asset Tag.
 - [Snipe-IT Kubernetes Helm Chart](https://github.com/t3n/helm-charts/tree/master/snipeit) - For more information, [click here](https://hub.helm.sh/charts/t3n/snipeit).
 - [Snipe-IT Bulk Edit](https://github.com/bricelabelle/snipe-it-bulkedit) - Google Script files to use Google Sheets as a bulk checkout/checkin/edit tool for Snipe-it.
+- [MosyleSnipeSync](https://github.com/RodneyLeeBrands/MosyleSnipeSync) by [@RodneyLeeBrands](https://github.com/RodneyLeeBrands) - Python script to synchronize information between Mosyle and Snipe-IT
+- [WWW::SnipeIT](https://github.com/SEDC/perl-www-snipeit) by [@SEDC](https://github.com/SEDC) - perl module for accessing the API
                                                     
-As these were created by third-parties, Snipe-IT cannot provide support for these project, and you should contact the developers directly if you need assistance. Additionally, Snipe-IT makes no guarantees as to the reliability, accuracy or maintainability of these libraries. Use at your own risk. :) 
+As these were created by third-parties, Snipe-IT cannot provide support for these project, and you should contact the developers directly if you need assistance. Additionally, Snipe-IT makes no guarantees as to the reliability, accuracy or maintainability of these libraries. Use at your own risk. :)

 -----

@@ -77,6 +79,8 @@ Please see the documentation on [contributing and developing for Snipe-IT](https

 Please note that this project is released with a [Contributor Code of Conduct](CODE_OF_CONDUCT.md). By participating in this project you agree to abide by its terms.

+The ERD is available [online here](https://drawsql.app/templates/snipe-it).
+
 -----

 ### Security
@@ -132,7 +136,10 @@ Thanks goes to all of these wonderful people ([emoji key](https://github.com/ken
 | [<img src="https://avatars.githubusercontent.com/u/84392209?v=4" width="110px;"/><br /><sub>Toreg87</sub>](https://github.com/Toreg87)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Toreg87 "Code") | [<img src="https://avatars.githubusercontent.com/u/67638596?v=4" width="110px;"/><br /><sub>Matthew Nickson</sub>](https://github.com/Computroniks)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Computroniks "Code") | [<img src="https://avatars.githubusercontent.com/u/1646397?v=4" width="110px;"/><br /><sub>Jethro Nederhof</sub>](https://jethron.id.au)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jethron "Code") | [<img src="https://avatars.githubusercontent.com/u/23289826?v=4" width="110px;"/><br /><sub>Oskar Stenberg</sub>](https://github.com/01ste02)<br />[💻](https://github.com/snipe/snipe-it/commits?author=01ste02 "Code") | [<img src="https://avatars.githubusercontent.com/u/82208283?v=4" width="110px;"/><br /><sub>Robert-Azelis</sub>](https://github.com/Robert-Azelis)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Robert-Azelis "Code") | [<img src="https://avatars.githubusercontent.com/u/60648387?v=4" width="110px;"/><br /><sub>Alexander William Smith</sub>](https://github.com/alwism)<br />[💻](https://github.com/snipe/snipe-it/commits?author=alwism "Code") | [<img src="https://avatars.githubusercontent.com/u/24418301?v=4" width="110px;"/><br /><sub>LEITWERK AG</sub>](https://www.leitwerk.de/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=leitwerk-ag "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/1911435?v=4" width="110px;"/><br /><sub>Adam</sub>](http://www.aboutcher.co.uk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=adamboutcher "Code") | [<img src="https://avatars.githubusercontent.com/u/16104273?v=4" width="110px;"/><br /><sub>Ian</sub>](https://snksrv.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=sneak-it "Code") | [<img src="https://avatars.githubusercontent.com/u/4023909?v=4" width="110px;"/><br /><sub>Shao Yu-Lung (Allen)</sub>](http://blog.bestlong.idv.tw/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=bestlong "Code") | [<img src="https://avatars.githubusercontent.com/u/76475453?v=4" width="110px;"/><br /><sub>Haxatron</sub>](https://github.com/Haxatron)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Haxatron "Code") | [<img src="https://avatars.githubusercontent.com/u/88776392?v=4" width="110px;"/><br /><sub>PlaneNuts</sub>](https://github.com/PlaneNuts)<br />[💻](https://github.com/snipe/snipe-it/commits?author=PlaneNuts "Code") | [<img src="https://avatars.githubusercontent.com/u/3842948?v=4" width="110px;"/><br /><sub>Bradley Coudriet</sub>](http://bjcpgd.cias.rit.edu)<br />[💻](https://github.com/snipe/snipe-it/commits?author=exula "Code") | [<img src="https://avatars.githubusercontent.com/u/21966173?v=4" width="110px;"/><br /><sub>Dalton Durst</sub>](https://daltondur.st)<br />[💻](https://github.com/snipe/snipe-it/commits?author=UniversalSuperBox "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/38761237?v=4" width="110px;"/><br /><sub>Alex Janes</sub>](https://adagiohealth.org)<br />[💻](https://github.com/snipe/snipe-it/commits?author=adagioajanes "Code") | [<img src="https://avatars.githubusercontent.com/u/32387849?v=4" width="110px;"/><br /><sub>Nuraeil</sub>](https://github.com/nuraeil)<br />[💻](https://github.com/snipe/snipe-it/commits?author=nuraeil "Code") | [<img src="https://avatars.githubusercontent.com/u/48162670?v=4" width="110px;"/><br /><sub>TenOfTens</sub>](https://github.com/TenOfTens)<br />[💻](https://github.com/snipe/snipe-it/commits?author=TenOfTens "Code") | [<img src="https://avatars.githubusercontent.com/u/9415391?v=4" width="110px;"/><br /><sub>waffle</sub>](https://ditisjens.be/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=insert-waffle "Code") | [<img src="https://avatars.githubusercontent.com/u/19945501?v=4" width="110px;"/><br /><sub>Yevhenii Huzii</sub>](https://github.com/QveenSi)<br />[💻](https://github.com/snipe/snipe-it/commits?author=QveenSi "Code") | [<img src="https://avatars.githubusercontent.com/u/3839381?v=4" width="110px;"/><br /><sub>Achmad Fienan Rahardianto</sub>](https://github.com/veenone)<br />[💻](https://github.com/snipe/snipe-it/commits?author=veenone "Code") | [<img src="https://avatars.githubusercontent.com/u/19945501?v=4" width="110px;"/><br /><sub>Yevhenii Huzii</sub>](https://github.com/QveenSi)<br />[💻](https://github.com/snipe/snipe-it/commits?author=QveenSi "Code") |
-| [<img src="https://avatars.githubusercontent.com/u/97299851?v=4" width="110px;"/><br /><sub>Christian Weirich</sub>](https://github.com/chrisweirich)<br />[💻](https://github.com/snipe/snipe-it/commits?author=chrisweirich "Code") | [<img src="https://avatars.githubusercontent.com/u/1294403?v=4" width="110px;"/><br /><sub>denzfarid</sub>](https://github.com/denzfarid)<br /> | [<img src="https://avatars.githubusercontent.com/u/94018771?v=4" width="110px;"/><br /><sub>ntbutler-nbcs</sub>](https://github.com/ntbutler-nbcs)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ntbutler-nbcs "Code") | [<img src="https://avatars.githubusercontent.com/u/172697?v=4" width="110px;"/><br /><sub>Naveen</sub>](https://naveensrinivasan.dev)<br />[💻](https://github.com/snipe/snipe-it/commits?author=naveensrinivasan "Code") | [<img src="https://avatars.githubusercontent.com/u/55674383?v=4" width="110px;"/><br /><sub>Mike Roquemore</sub>](https://github.com/mikeroq)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mikeroq "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/97299851?v=4" width="110px;"/><br /><sub>Christian Weirich</sub>](https://github.com/chrisweirich)<br />[💻](https://github.com/snipe/snipe-it/commits?author=chrisweirich "Code") | [<img src="https://avatars.githubusercontent.com/u/1294403?v=4" width="110px;"/><br /><sub>denzfarid</sub>](https://github.com/denzfarid)<br /> | [<img src="https://avatars.githubusercontent.com/u/94018771?v=4" width="110px;"/><br /><sub>ntbutler-nbcs</sub>](https://github.com/ntbutler-nbcs)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ntbutler-nbcs "Code") | [<img src="https://avatars.githubusercontent.com/u/172697?v=4" width="110px;"/><br /><sub>Naveen</sub>](https://naveensrinivasan.dev)<br />[💻](https://github.com/snipe/snipe-it/commits?author=naveensrinivasan "Code") | [<img src="https://avatars.githubusercontent.com/u/55674383?v=4" width="110px;"/><br /><sub>Mike Roquemore</sub>](https://github.com/mikeroq)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mikeroq "Code") | [<img src="https://avatars.githubusercontent.com/u/7991086?v=4" width="110px;"/><br /><sub>Daniel Reeder</sub>](https://github.com/reederda)<br />[🌍](#translation-reederda "Translation") [🌍](#translation-reederda "Translation") [💻](https://github.com/snipe/snipe-it/commits?author=reederda "Code") | [<img src="https://avatars.githubusercontent.com/u/109422491?v=4" width="110px;"/><br /><sub>vickyjaura183</sub>](https://github.com/vickyjaura183)<br />[💻](https://github.com/snipe/snipe-it/commits?author=vickyjaura183 "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/32363424?v=4" width="110px;"/><br /><sub>Peace</sub>](https://github.com/julian-piehl)<br />[💻](https://github.com/snipe/snipe-it/commits?author=julian-piehl "Code") | [<img src="https://avatars.githubusercontent.com/u/231528?v=4" width="110px;"/><br /><sub>Kyle Gordon</sub>](https://github.com/kylegordon)<br />[💻](https://github.com/snipe/snipe-it/commits?author=kylegordon "Code") | [<img src="https://avatars.githubusercontent.com/u/53009155?v=4" width="110px;"/><br /><sub>Katharina Drexel</sub>](http://www.bfh.ch)<br />[💻](https://github.com/snipe/snipe-it/commits?author=sunflowerbofh "Code") | [<img src="https://avatars.githubusercontent.com/u/1931963?v=4" width="110px;"/><br /><sub>David Sferruzza</sub>](https://david.sferruzza.fr/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=dsferruzza "Code") | [<img src="https://avatars.githubusercontent.com/u/19511639?v=4" width="110px;"/><br /><sub>Rick Nelson</sub>](https://github.com/rnelsonee)<br />[💻](https://github.com/snipe/snipe-it/commits?author=rnelsonee "Code") | [<img src="https://avatars.githubusercontent.com/u/94169344?v=4" width="110px;"/><br /><sub>BasO12</sub>](https://github.com/BasO12)<br />[💻](https://github.com/snipe/snipe-it/commits?author=BasO12 "Code") | [<img src="https://avatars.githubusercontent.com/u/111710123?v=4" width="110px;"/><br /><sub>Vautia</sub>](https://github.com/Vautia)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Vautia "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/28321?v=4" width="110px;"/><br /><sub>Chris Hartjes</sub>](http://www.littlehart.net/atthekeyboard)<br />[💻](https://github.com/snipe/snipe-it/commits?author=chartjes "Code") | [<img src="https://avatars.githubusercontent.com/u/2404584?v=4" width="110px;"/><br /><sub>geo-chen</sub>](https://github.com/geo-chen)<br />[💻](https://github.com/snipe/snipe-it/commits?author=geo-chen "Code") | [<img src="https://avatars.githubusercontent.com/u/6006620?v=4" width="110px;"/><br /><sub>Phan Nguyen</sub>](https://github.com/nh314)<br />[💻](https://github.com/snipe/snipe-it/commits?author=nh314 "Code") | [<img src="https://avatars.githubusercontent.com/u/115993812?v=4" width="110px;"/><br /><sub>Iisakki Jaakkola</sub>](https://github.com/StarlessNights)<br />[💻](https://github.com/snipe/snipe-it/commits?author=StarlessNights "Code") | [<img src="https://avatars.githubusercontent.com/u/22633385?v=4" width="110px;"/><br /><sub>Ikko Ashimine</sub>](https://bandism.net/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=eltociear "Code") | [<img src="https://avatars.githubusercontent.com/u/56871540?v=4" width="110px;"/><br /><sub>Lukas Fehling</sub>](https://github.com/lukasfehling)<br />[💻](https://github.com/snipe/snipe-it/commits?author=lukasfehling "Code") | [<img src="https://avatars.githubusercontent.com/u/1975990?v=4" width="110px;"/><br /><sub>Fernando Almeida</sub>](https://github.com/fernando-almeida)<br />[💻](https://github.com/snipe/snipe-it/commits?author=fernando-almeida "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/116301219?v=4" width="110px;"/><br /><sub>akemidx</sub>](https://github.com/akemidx)<br />[💻](https://github.com/snipe/snipe-it/commits?author=akemidx "Code") | [<img src="https://avatars.githubusercontent.com/u/144778?v=4" width="110px;"/><br /><sub>Oguz Bilgic</sub>](http://oguz.site)<br />[💻](https://github.com/snipe/snipe-it/commits?author=oguzbilgic "Code") | [<img src="https://avatars.githubusercontent.com/u/9262438?v=4" width="110px;"/><br /><sub>Scooter Crawford</sub>](https://github.com/scoo73r)<br />[💻](https://github.com/snipe/snipe-it/commits?author=scoo73r "Code") |
 <!-- ALL-CONTRIBUTORS-LIST:END -->

 This project follows the [all-contributors](https://github.com/kentcdodds/all-contributors) specification. Contributions of any kind welcome!
@@ -0,0 +1,65 @@
+# Using the Test Suite
+
+This document is targeted at developers looking to make modifications to
+this application's code base and want to run the existing test suite.
+
+
+## Setup
+
+Follow the instructions for installing the application locally,
+making sure to have also run the [database migrations](link to db migrations).
+
+
+## Unit Tests 
+
+The application will use values in the `.env.testing` file located
+in the root directory to override the
+default settings and/or other values that exist in your `.env` files.
+
+Make sure to modify the section in `.env.testing` that has the
+database settings. In the example below, it is connecting to the
+[MariaDB](link-to-maria-db) server that is used if you install the
+application using [Docker](https://docker.com).
+
+```dotenv
+# --------------------------------------------
+# REQUIRED: DATABASE SETTINGS
+# --------------------------------------------
+DB_CONNECTION=mysql
+DB_HOST=127.0.0.1
+DB_DATABASE=snipeit
+DB_USERNAME=root
+DB_PASSWORD=changeme1234
+```
+
+To run the entire unit test suite, use the following command from your terminal:
+
+`php artisan test --env=testing`
+
+To run individual test files, you can pass the path to the test that
+you want to run.
+
+`php artisan test --env=testing tests/Unit/AccessoryTest.php`
+
+## Browser Tests 
+
+The browser tests use [Dusk](https://laravel.com/docs/8.x/dusk) to run them.
+When troubleshooting any problems, make sure that your `.env` file is configured
+correctly to run the existing application.
+
+### Test Setup
+
+Your application needs to be configued and up and running in order for the browser
+tests to actually run. When running the tests locally, you can start the application
+using the following command:
+
+`php artisan serve`
+
+
+To run the test suite use the following command from another terminal tab or window:
+
+`php artisan dusk`
+
+To run individual test files, you can pass the path to the test that you want to run.
+
+`php artisan dusk tests/Browser/LoginTest.php`
@@ -118,7 +118,7 @@
        "description": "The duration (in seconds) that the user should be blocked from attempting to authenticate again.",
        "value": "60"
      },
-      "APP_LOG": {
+      "LOG_CHANNEL": {
        "description": "Driver to send logs to. (errorlog for stderr)",
        "value": "errorlog"
      },
@@ -148,7 +148,7 @@
    "image": "heroku/php",
    "addons": [
      "cleardb:ignite",
-      "heroku-redis:hobby-dev",
+      "heroku-redis:mini",
      "papertrail:choklad"
    ]
-  }
+  }
@@ -22,7 +22,7 @@ class CheckoutLicenseToAllUsers extends Command
     *
     * @var string
     */
-    protected $description = 'Command description';
+    protected $description = 'Checks out licenses to all users';

    /**
     * Create a new command instance.
@@ -3,6 +3,7 @@
 namespace App\Console\Commands;

 use App\Models\Department;
+use App\Models\Group;
 use Illuminate\Console\Command;
 use App\Models\Setting;
 use App\Models\Ldap;
@@ -49,7 +50,7 @@ class LdapSync extends Command
        $ldap_result_last_name = Setting::getSettings()->ldap_lname_field;
        $ldap_result_first_name = Setting::getSettings()->ldap_fname_field;

-        $ldap_result_active_flag = Setting::getSettings()->ldap_active_flag_field;
+        $ldap_result_active_flag = Setting::getSettings()->ldap_active_flag;
        $ldap_result_emp_num = Setting::getSettings()->ldap_emp_num;
        $ldap_result_email = Setting::getSettings()->ldap_email;
        $ldap_result_phone = Setting::getSettings()->ldap_phone_field;
@@ -57,6 +58,7 @@ class LdapSync extends Command
        $ldap_result_country = Setting::getSettings()->ldap_country;
        $ldap_result_dept = Setting::getSettings()->ldap_dept;
        $ldap_result_manager = Setting::getSettings()->ldap_manager;
+        $ldap_default_group = Setting::getSettings()->ldap_default_group;

        try {
            $ldapconn = Ldap::connectToLdap();
@@ -175,8 +177,9 @@ class LdapSync extends Command
        $tmp_pass = substr(str_shuffle('0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'), 0, 20);
        $pass = bcrypt($tmp_pass);

+        $manager_cache = [];
+
        for ($i = 0; $i < $results['count']; $i++) {
-            if (empty($ldap_result_active_flag) || $results[$i][$ldap_result_active_flag][0] == 'TRUE') {
                $item = [];
                $item['username'] = isset($results[$i][$ldap_result_username][0]) ? $results[$i][$ldap_result_username][0] : '';
                $item['employee_number'] = isset($results[$i][$ldap_result_emp_num][0]) ? $results[$i][$ldap_result_emp_num][0] : '';
@@ -191,6 +194,7 @@ class LdapSync extends Command
                $item['department'] = isset($results[$i][$ldap_result_dept][0]) ? $results[$i][$ldap_result_dept][0] : '';
                $item['manager'] = isset($results[$i][$ldap_result_manager][0]) ? $results[$i][$ldap_result_manager][0] : '';

+
                $department = Department::firstOrCreate([
                    'name' => $item['department'],
                ]);
@@ -203,7 +207,7 @@ class LdapSync extends Command
                    // Creating a new user.
                    $user = new User;
                    $user->password = $pass;
-                    $user->activated = 0;
+                    $user->activated = 1; // newly created users can log in by default, unless AD's UAC is in use, or an active flag is set (below)
                    $item['createorupdate'] = 'created';
                }

@@ -217,20 +221,69 @@ class LdapSync extends Command
                $user->country = $item['country'];
                $user->department_id = $department->id;

+                if($ldap_default_group != null) {
+
+                    $default = Group::select()->where('id', $ldap_default_group)->first();
+                    $user->permissions = $default->permissions;
+
+                }
+
                if($item['manager'] != null) {
-                    //Captures only the Canonical Name
-                    $item['manager'] = ltrim($item['manager'], "CN=");
-                    $item['manager'] = substr($item['manager'],0, strpos($item['manager'], ','));
-                    $ldap_manager = User::where('username', $item['manager'])->first();
-                    if ( $ldap_manager && isset($ldap_manager->id) ) {
-                        $user->manager_id = $ldap_manager->id;
+                    // Check Cache first
+                    if (isset($manager_cache[$item['manager']])) {
+                        // found in cache; use that and avoid extra lookups
+                        $user->manager_id = $manager_cache[$item['manager']];
+                    } else {
+                        // Get the LDAP Manager
+                        try {
+                            $ldap_manager = Ldap::findLdapUsers($item['manager'], -1, $this->option('filter'));
+                        } catch (\Exception $e) {
+                            \Log::warning("Manager lookup caused an exception: " . $e->getMessage() . ". Falling back to direct username lookup");
+                            // Hail-mary for Okta manager 'shortnames' - will only work if
+                            // Okta configuration is using full email-address-style usernames
+                            $ldap_manager = [
+                                "count" => 1,
+                                0 => [
+                                    $ldap_result_username => [$item['manager']]
+                                ]
+                            ];
+                        }
+
+                        if ($ldap_manager["count"] > 0) {
+
+                            // Get the Manager's username
+                            // PHP LDAP returns every LDAP attribute as an array, and 90% of the time it's an array of just one item. But, hey, it's an array.
+                            $ldapManagerUsername = $ldap_manager[0][$ldap_result_username][0];
+
+                            // Get User from Manager username.
+                            $ldap_manager = User::where('username', $ldapManagerUsername)->first();
+
+                            if ($ldap_manager && isset($ldap_manager->id)) {
+                                // Link user to manager id.
+                                $user->manager_id = $ldap_manager->id;
+                            }
+                        }
+                        $manager_cache[$item['manager']] = $ldap_manager && isset($ldap_manager->id)  ? $ldap_manager->id : null; // Store results in cache, even if 'failed'
+
                    }
                }

-
                // Sync activated state for Active Directory.
-                if (array_key_exists('useraccountcontrol', $results[$i])) {
-                    /* The following is _probably_ the correct logic, but we can't use it because
+                if ( !empty($ldap_result_active_flag)) { // IF we have an 'active' flag set....
+                    // ....then *most* things that are truthy will activate the user. Anything falsey will deactivate them.
+                    // (Specifically, we don't handle a value of '0.0' correctly)
+                    $raw_value = @$results[$i][$ldap_result_active_flag][0];
+                    $filter_var = filter_var($raw_value, FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE);
+                    $boolean_cast = (bool)$raw_value;
+
+                    $user->activated = $filter_var ?? $boolean_cast; // if filter_var() was true or false, use that. If it's null, use the $boolean_cast
+
+                } elseif (array_key_exists('useraccountcontrol', $results[$i]) ) {
+                    // ....otherwise, (ie if no 'active' LDAP flag is defined), IF the UAC setting exists,
+                    // ....then use the UAC setting on the account to determine can-log-in vs. cannot-log-in
+
+
+                   /* The following is _probably_ the correct logic, but we can't use it because
                       some users may have been dependent upon the previous behavior, and this
                       could cause additional access to be available to users they don't want
                       to allow to log in.
@@ -260,12 +313,11 @@ class LdapSync extends Command
                    '1049088', // 0x100200 NORMAL_ACCOUNT, NOT_DELEGATED
                  ];
                    $user->activated = (in_array($results[$i]['useraccountcontrol'][0], $enabled_accounts)) ? 1 : 0;
-                }

                // If we're not using AD, and there isn't an activated flag set, activate all users
-                elseif (empty($ldap_result_active_flag)) {
-                    $user->activated = 1;
-                }
+                } /* implied 'else' here - leave the $user->activated flag alone. Newly-created accounts will be active.
+                already-existing accounts will be however the administrator has set them */
+

                if ($item['ldap_location_override'] == true) {
                    $user->location_id = $item['location_id'];
@@ -284,6 +336,7 @@ class LdapSync extends Command
                if ($user->save()) {
                    $item['note'] = $item['createorupdate'];
                    $item['status'] = 'success';
+
                } else {
                    foreach ($user->getErrors()->getMessages() as $key => $err) {
                        $errors .= $err[0];
@@ -293,7 +346,6 @@ class LdapSync extends Command
                }

                array_push($summary, $item);
-            }
        }

        if ($this->option('summary')) {
@@ -39,33 +39,39 @@ class SyncAssetCounters extends Command
    public function handle()
    {
        $start = microtime(true);
+
+        // We need the whole count of all assets in order to set up the progress bar
+        $assets_count = Asset::withTrashed()->count();
+        $bar = $this->output->createProgressBar($assets_count);
+
        $assets = Asset::withCount('checkins as checkins_count', 'checkouts as checkouts_count', 'userRequests as user_requests_count')
-            ->withTrashed()->get();
+            ->withTrashed()->chunk(100, function ($assets) use ($bar) {

-        if ($assets) {
-            if ($assets->count() > 0) {
-                $bar = $this->output->createProgressBar($assets->count());
+                if ($assets->count() > 0) {

-                foreach ($assets as $asset) {
-                    $asset->checkin_counter = (int) $asset->checkins_count;
-                    $asset->checkout_counter = (int) $asset->checkouts_count;
-                    $asset->requests_counter = (int) $asset->user_requests_count;
-                    $asset->unsetEventDispatcher();
-                    $asset->save();
-                    $output['info'][] = 'Asset: '.$asset->id.' has '.$asset->checkin_counter.' checkins, '.$asset->checkout_counter.' checkouts, and '.$asset->requests_counter.' requests';
-                    $bar->advance();
-                }
-                $bar->finish();
+                    foreach ($assets as $asset) {

-                foreach ($output['info'] as $key => $output_text) {
-                    $this->info($output_text);
-                }
+                        $asset->checkin_counter = (int) $asset->checkins_count;
+                        $asset->checkout_counter = (int) $asset->checkouts_count;
+                        $asset->requests_counter = (int) $asset->user_requests_count;
+                        $asset->unsetEventDispatcher();
+                        $asset->save();
+                        $bar->advance();
+
+                        \Log::debug('Asset: '.$asset->id.' has '.$asset->checkin_counter.' checkins, '.$asset->checkout_counter.' checkouts, and '.$asset->requests_counter.' requests');
+
+                    }

-                $time_elapsed_secs = microtime(true) - $start;
-                $this->info('Sync executed in '.$time_elapsed_secs.' seconds');
            } else {
                $this->info('No assets to sync');
            }
-        }
+        });
+        
+
+        $bar->finish();
+        $time_elapsed_secs = microtime(true) - $start;
+        $this->info("\nSync of ".$assets_count.' assets executed in '.$time_elapsed_secs.' seconds');
+
+
    }
 }
@@ -12,6 +12,7 @@ use App\Models\Statuslabel;
 use Crypt;
 use Illuminate\Contracts\Encryption\DecryptException;
 use Image;
+use Carbon\Carbon;

 class Helper
 {
@@ -22,12 +23,13 @@ class Helper
     * @since [v2.0]
     * @return string
     */
-    public static function parseEscapedMarkedown($str)
+    public static function parseEscapedMarkedown($str = null)
    {
        $Parsedown = new \Parsedown();
+        $Parsedown->setSafeMode(true);

        if ($str) {
-            return $Parsedown->text(e($str));
+            return $Parsedown->text($str);
        }
    }

@@ -623,7 +625,7 @@ class Helper
    {
        $consumables = Consumable::withCount('consumableAssignments as consumable_assignments_count')->whereNotNull('min_amt')->get();
        $accessories = Accessory::withCount('users as users_count')->whereNotNull('min_amt')->get();
-        $components = Component::withCount('assets as assets_count')->whereNotNull('min_amt')->get();
+        $components = Component::whereNotNull('min_amt')->get();

        $avail_consumables = 0;
        $items_array = [];
@@ -668,7 +670,7 @@ class Helper
        }

        foreach ($components as $component) {
-            $avail = $component->qty - $component->assets_count;
+            $avail = $component->numRemaining();
            if ($avail < ($component->min_amt) + \App\Models\Setting::getSettings()->alert_threshold) {
                if ($component->qty > 0) {
                    $percent = number_format((($avail / $component->qty) * 100), 0);
@@ -1124,5 +1126,25 @@ class Helper

        return $settings;
        }
+    public static function AgeFormat($date) {
+        $year = Carbon::parse($date)
+            ->diff(now())->y;
+        $month = Carbon::parse($date)
+            ->diff(now())->m;
+        $days = Carbon::parse($date)
+            ->diff(now())->d;
+        $age='';
+        if ($year) {
+            $age .= $year.'y ';
+        }
+        if ($month) {
+            $age .= $month.'m ';
+        }
+        if ($days) {
+            $age .= $days.'d';
+        }

+        return $age;
+
+    }
 }
@@ -0,0 +1,186 @@
+<?php
+
+namespace App\Http\Controllers\Accessories;
+
+use App\Helpers\StorageHelper;
+use App\Http\Controllers\Controller;
+use App\Http\Requests\AssetFileRequest;
+use App\Models\Actionlog;
+use App\Models\Accessory;
+use Illuminate\Support\Facades\Response;
+use Illuminate\Support\Facades\Storage;
+use Symfony\Accessory\HttpFoundation\JsonResponse;
+use enshrined\svgSanitize\Sanitizer;
+
+class AccessoriesFilesController extends Controller
+{
+    /**
+     * Validates and stores files associated with a accessory.
+     *
+     * @todo Switch to using the AssetFileRequest form request validator.
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @param AssetFileRequest $request
+     * @param int $accessoryId
+     * @return \Illuminate\Http\RedirectResponse
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function store(AssetFileRequest $request, $accessoryId = null)
+    {
+
+        if (config('app.lock_passwords')) {
+            return redirect()->route('accessories.show', ['accessory'=>$accessoryId])->with('error', trans('general.feature_disabled'));
+        }
+
+
+        $accessory = Accessory::find($accessoryId);
+
+        if (isset($accessory->id)) {
+            $this->authorize('accessories.files', $accessory);
+
+            if ($request->hasFile('file')) {
+                if (! Storage::exists('private_uploads/accessories')) {
+                    Storage::makeDirectory('private_uploads/accessories', 775);
+                }
+
+                foreach ($request->file('file') as $file) {
+
+                    $extension = $file->getClientOriginalExtension();
+                    $file_name = 'accessory-'.$accessory->id.'-'.str_random(8).'-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$extension;
+
+
+                    // Check for SVG and sanitize it
+                    if ($extension == 'svg') {
+                        \Log::debug('This is an SVG');
+                        \Log::debug($file_name);
+
+                        $sanitizer = new Sanitizer();
+                        $dirtySVG = file_get_contents($file->getRealPath());
+                        $cleanSVG = $sanitizer->sanitize($dirtySVG);
+
+                        try {
+                            Storage::put('private_uploads/accessories/'.$file_name, $cleanSVG);
+                        } catch (\Exception $e) {
+                            \Log::debug('Upload no workie :( ');
+                            \Log::debug($e);
+                        }
+
+                    } else {
+                        Storage::put('private_uploads/accessories/'.$file_name, file_get_contents($file));
+                    }
+
+                    //Log the upload to the log
+                    $accessory->logUpload($file_name, e($request->input('notes')));
+                }
+
+
+                return redirect()->route('accessories.show', $accessory->id)->with('success', trans('general.file_upload_success'));
+
+            }
+
+            return redirect()->route('accessories.show', $accessory->id)->with('error', trans('general.no_files_uploaded'));
+        }
+        // Prepare the error message
+        return redirect()->route('accessories.index')
+            ->with('error', trans('general.file_does_not_exist'));
+    }
+
+    /**
+     * Deletes the selected accessory file.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @param int $accessoryId
+     * @param int $fileId
+     * @return \Illuminate\Http\RedirectResponse
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function destroy($accessoryId = null, $fileId = null)
+    {
+        $accessory = Accessory::find($accessoryId);
+
+        // the asset is valid
+        if (isset($accessory->id)) {
+            $this->authorize('update', $accessory);
+            $log = Actionlog::find($fileId);
+
+            // Remove the file if one exists
+            if (Storage::exists('accessories/'.$log->filename)) {
+                try {
+                    Storage::delete('accessories/'.$log->filename);
+                } catch (\Exception $e) {
+                    \Log::debug($e);
+                }
+            }
+
+            $log->delete();
+
+            return redirect()->back()
+                ->with('success', trans('admin/hardware/message.deletefile.success'));
+        }
+
+        // Redirect to the licence management page
+        return redirect()->route('accessories.index')->with('error', trans('general.file_does_not_exist'));
+    }
+
+    /**
+     * Allows the selected file to be viewed.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.4]
+     * @param int $accessoryId
+     * @param int $fileId
+     * @return \Symfony\Accessory\HttpFoundation\Response
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function show($accessoryId = null, $fileId = null, $download = true)
+    {
+
+        \Log::debug('Private filesystem is: '.config('filesystems.default'));
+        $accessory = Accessory::find($accessoryId);
+
+
+
+        // the accessory is valid
+        if (isset($accessory->id)) {
+            $this->authorize('view', $accessory);
+            $this->authorize('accessories.files', $accessory);
+
+            if (! $log = Actionlog::find($fileId)) {
+                return response('No matching record for that asset/file', 500)
+                    ->header('Content-Type', 'text/plain');
+            }
+
+            $file = 'private_uploads/accessories/'.$log->filename;
+
+            if (Storage::missing($file)) {
+                \Log::debug('FILE DOES NOT EXISTS for '.$file);
+                \Log::debug('URL should be '.Storage::url($file));
+
+                return response('File '.$file.' ('.Storage::url($file).') not found on server', 404)
+                    ->header('Content-Type', 'text/plain');
+            } else {
+
+                // We have to override the URL stuff here, since local defaults in Laravel's Flysystem
+                // won't work, as they're not accessible via the web
+                if (config('filesystems.default') == 'local') { // TODO - is there any way to fix this at the StorageHelper layer?
+                    return StorageHelper::downloader($file);
+                } else {
+                    if ($download != 'true') {
+                        \Log::debug('display the file');
+                        if ($contents = file_get_contents(Storage::url($file))) { // TODO - this will fail on private S3 files or large public ones
+                            return Response::make(Storage::url($file)->header('Content-Type', mime_content_type($file)));
+                        }
+
+                        return JsonResponse::create(['error' => 'Failed validation: '], 500);
+                    }
+
+                    return StorageHelper::downloader($file);
+
+                }
+            }
+        }
+
+        return redirect()->route('accessories.index')->with('error', trans('general.file_does_not_exist', ['id' => $fileId]));
+    }
+}
@@ -63,7 +63,7 @@ class AccessoryCheckoutController extends Controller
        $this->authorize('checkout', $accessory);

        if (! $user = User::find($request->input('assigned_to'))) {
-            return redirect()->route('checkout/accessory', $accessory->id)->with('error', trans('admin/accessories/message.checkout.user_does_not_exist'));
+            return redirect()->route('accessories.checkout.show', $accessory->id)->with('error', trans('admin/accessories/message.checkout.user_does_not_exist'));
        }

        // Update the accessory data
@@ -19,6 +19,8 @@ use App\Models\Accessory;
 use App\Models\License;
 use App\Models\Component;
 use App\Models\Consumable;
+use App\Notifications\AcceptanceAssetAcceptedNotification;
+use App\Notifications\AcceptanceAssetDeclinedNotification;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\DB;
@@ -111,8 +113,6 @@ class AcceptanceController extends Controller
            Storage::makeDirectory('private_uploads/signatures', 775);
        }

-
-
        $item = $acceptance->checkoutable_type::find($acceptance->checkoutable_id);
        $display_model = '';
        $pdf_view_route = '';
@@ -138,6 +138,7 @@ class AcceptanceController extends Controller

                // The item was accepted, check for a signature
                if ($request->filled('signature_output')) {
+
                    $sig_filename = 'siglog-' . Str::uuid() . '-' . date('Y-m-d-his') . '.png';
                    $data_uri = $request->input('signature_output');
                    $encoded_image = explode(',', $data_uri);
@@ -149,59 +150,42 @@ class AcceptanceController extends Controller
                } else {
                    return redirect()->back()->with('error', trans('general.shitty_browser'));
                }
+
            }


-            // this is horrible
-            switch($acceptance->checkoutable_type){
+            // this is now slightly less horrible
+            $assigned_to = User::find($acceptance->assigned_to_id)->present()->fullName;
+
+            switch ($acceptance->checkoutable_type) {
+
                case 'App\Models\Asset':
-                        $pdf_view_route ='account.accept.accept-asset-eula';
                        $asset_model = AssetModel::find($item->model_id);
                        $display_model = $asset_model->name;
-                        $assigned_to = User::find($acceptance->assigned_to_id)->present()->fullName;
                break;

                case 'App\Models\Accessory':
-                        $pdf_view_route ='account.accept.accept-accessory-eula';
                        $accessory = Accessory::find($item->id);
                        $display_model = $accessory->name;
-                        $assigned_to = User::find($item->assignedTo);
                break;

                case 'App\Models\LicenseSeat':
-                        $pdf_view_route ='account.accept.accept-license-eula';
                        $license = License::find($item->license_id);
                        $display_model = $license->name;
-                        $assigned_to = User::find($acceptance->assigned_to_id)->present()->fullName;
                break;

                case 'App\Models\Component':
-                        $pdf_view_route ='account.accept.accept-component-eula';
                        $component = Component::find($item->id);
                        $display_model = $component->name;
-                        $assigned_to = User::find($acceptance->assigned_to_id)->present()->fullName;
                break;

                case 'App\Models\Consumable':
-                        $pdf_view_route ='account.accept.accept-consumable-eula';
                        $consumable = Consumable::find($item->id);
                        $display_model = $consumable->name;
-                        $assigned_to = User::find($acceptance->assigned_to_id)->present()->fullName;
                break;
+
            }
-//            if ($acceptance->checkoutable_type == 'App\Models\Asset') {
-//                $pdf_view_route ='account.accept.accept-asset-eula';
-//                $asset_model = AssetModel::find($item->model_id);
-//                $display_model = $asset_model->name;
-//                $assigned_to = User::find($item->assigned_to)->present()->fullName;
-//
-//            } elseif ($acceptance->checkoutable_type== 'App\Models\Accessory') {
-//                $pdf_view_route ='account.accept.accept-accessory-eula';
-//                $accessory = Accessory::find($item->id);
-//                $display_model = $accessory->name;
-//                $assigned_to = User::find($item->assignedTo);
-//
-//            }
+

            /**
             * Gather the data for the PDF. We fire this whether there is a signature required or not,
@@ -231,17 +215,54 @@ class AcceptanceController extends Controller

            if ($pdf_view_route!='') {
                \Log::debug($pdf_filename.' is the filename, and the route was specified.');
-                $pdf = Pdf::loadView($pdf_view_route, $data);
+                $pdf = Pdf::loadView('account.accept.accept-item', $data);
                Storage::put('private_uploads/eula-pdfs/' .$pdf_filename, $pdf->output());
            }

            $acceptance->accept($sig_filename, $item->getEula(), $pdf_filename);
+            $acceptance->notify(new AcceptanceAssetAcceptedNotification($data));
            event(new CheckoutAccepted($acceptance));

            $return_msg = trans('admin/users/message.accepted');

        } else {
+            // Format the data to send the declined notification
+            $branding_settings = SettingsController::getPDFBranding();
+
+            // This is the most horriblest
+            switch($acceptance->checkoutable_type){
+                case 'App\Models\Asset':
+                    $assigned_to = User::find($acceptance->assigned_to_id)->present()->fullName;
+                    break;
+
+                case 'App\Models\Accessory':
+                    $assigned_to = User::find($item->assignedTo);
+                    break;
+
+                case 'App\Models\LicenseSeat':
+                    $assigned_to = User::find($acceptance->assigned_to_id)->present()->fullName;
+                    break;
+
+                case 'App\Models\Component':
+                    $assigned_to = User::find($acceptance->assigned_to_id)->present()->fullName;
+                    break;
+
+                case 'App\Models\Consumable':
+                    $assigned_to = User::find($acceptance->assigned_to_id)->present()->fullName;
+                    break;
+            }
+            $data = [
+                'item_tag' => $item->asset_tag,
+                'item_model' => $display_model,
+                'item_serial' => $item->serial,
+                'declined_date' => Carbon::parse($acceptance->accepted_at)->format($branding_settings->date_display_format),
+                'assigned_to' => $assigned_to,
+                'company_name' => $branding_settings->site_name,
+                'date_settings' => $branding_settings->date_display_format,
+            ];
+
            $acceptance->decline($sig_filename);
+            $acceptance->notify(new AcceptanceAssetDeclinedNotification($data));
            event(new CheckoutDeclined($acceptance));
            $return_msg = trans('admin/users/message.declined');
        }
@@ -120,7 +120,6 @@ class AssetsController extends Controller

        if ($filter_non_deprecable_assets) {
            $non_deprecable_models = AssetModel::select('id')->whereNotNull('depreciation_id')->get();
-
            $assets->InModelList($non_deprecable_models->toArray());
        }

@@ -141,6 +140,14 @@ class AssetsController extends Controller
            $assets->where('assets.status_id', '=', $request->input('status_id'));
        }

+        if ($request->filled('asset_tag')) {
+            $assets->where('assets.asset_tag', '=', $request->input('asset_tag'));
+        }
+
+        if ($request->filled('serial')) {
+            $assets->where('assets.serial', '=', $request->input('serial'));
+        }
+
        if ($request->input('requestable') == 'true') {
            $assets->where('assets.requestable', '=', '1');
        }
@@ -357,19 +364,28 @@ class AssetsController extends Controller
    /**
     * Returns JSON with information about an asset (by tag) for detail view.
     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param string $tag
     * @since [v4.2.1]
-     * @return JsonResponse
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @return \Illuminate\Http\JsonResponse
     */
    public function showByTag(Request $request, $tag)
    {
-        if ($asset = Asset::with('assetstatus')->with('assignedTo')->where('asset_tag', $tag)->first()) {
-            $this->authorize('view', $asset);
+        $this->authorize('index', Asset::class);
+        $assets = Asset::where('asset_tag', $tag)->with('assetstatus')->with('assignedTo');

-            return (new AssetsTransformer)->transformAsset($asset, $request);
+        // Check if they've passed ?deleted=true
+        if ($request->input('deleted', 'false') == 'true') {
+            $assets = $assets->withTrashed();
+        }
+
+        $assets = $assets->get();
+
+        if (($assets) && ($assets->count() > 0)) {
+            return (new AssetsTransformer)->transformAssets($assets, $assets->count());
+        } else {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 200);
        }
-        return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 200);

    }

@@ -379,28 +395,24 @@ class AssetsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param string $serial
     * @since [v4.2.1]
-     * @return JsonResponse
+     * @return \Illuminate\Http\JsonResponse
     */
    public function showBySerial(Request $request, $serial)
    {
        $this->authorize('index', Asset::class);
-        if ($assets = Asset::with('assetstatus')->with('assignedTo')
-            ->withTrashed()->where('serial', $serial)->get()) {
-                return (new AssetsTransformer)->transformAssets($assets, $assets->count());
-        }
-        return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 200);
+        $assets = Asset::where('serial', $serial)->with('assetstatus')->with('assignedTo');

-        $assets = Asset::with('assetstatus')->with('assignedTo');
-
-        if ($request->input('deleted', 'false') === 'true') {
+        // Check if they've passed ?deleted=true
+        if ($request->input('deleted', 'false') == 'true') {
            $assets = $assets->withTrashed();
-    }
+        }

-        $assets = $assets->where('serial', $serial)->get();
-        if ($assets) {
+        $assets = $assets->get();
+
+        if (($assets) && ($assets->count() > 0)) {
            return (new AssetsTransformer)->transformAssets($assets, $assets->count());
        } else {
-            return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 200);
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 200);
        }
    }

@@ -885,11 +897,9 @@ class AssetsController extends Controller
        if ($request->has('status_id')) {
            $asset->status_id = $request->input('status_id');
        }
+        
+        $checkin_at = $request->filled('checkin_at') ? $request->input('checkin_at').' '. date('H:i:s') : date('Y-m-d H:i:s');

-        $checkin_at = null;
-        if ($request->filled('checkin_at')) {
-            $checkin_at = $request->input('checkin_at');
-        }

        if ($asset->save()) {
            event(new CheckoutableCheckedIn($asset, $target, Auth::user(), $request->input('note'), $checkin_at));
@@ -912,7 +922,7 @@ class AssetsController extends Controller
        $this->authorize('checkin', Asset::class);
        $asset = Asset::where('asset_tag', $request->input('asset_tag'))->first();

-        if($asset) {
+        if ($asset) {
            return $this->checkin($request, $asset->id);
        }

@@ -246,7 +246,8 @@ class ComponentsController extends Controller
                'created_at' => \Carbon::now(),
                'assigned_qty' => $request->get('assigned_qty', 1),
                'user_id' => \Auth::id(),
-                'asset_id' => $request->get('assigned_to')
+                'asset_id' => $request->get('assigned_to'),
+                'note' => $request->get('note'),
            ]);

            $component->logCheckout($request->input('note'), $asset);
@@ -228,9 +228,11 @@ class ConsumablesController extends Controller

        foreach ($consumable->consumableAssignments as $consumable_assignment) {
            $rows[] = [
+                'avatar' => ($consumable_assignment->user) ? e($consumable_assignment->user->present()->gravatar) : '',
                'name' => ($consumable_assignment->user) ? $consumable_assignment->user->present()->nameUrl() : 'Deleted User',
                'created_at' => Helper::getFormattedDateObject($consumable_assignment->created_at, 'datetime'),
-                'admin' => ($consumable_assignment->admin) ? $consumable_assignment->admin->present()->nameUrl() : '',
+                'note' => ($consumable_assignment->note) ? e($consumable_assignment->note) : null,
+                'admin' => ($consumable_assignment->admin) ? $consumable_assignment->admin->present()->nameUrl() : null,
            ];
        }

@@ -273,6 +275,7 @@ class ConsumablesController extends Controller
                'consumable_id' => $consumable->id,
                'user_id' => $user->id,
                'assigned_to' => $assigned_to,
+                'note' => $request->input('note'),
            ]);

            // Log checkout event
@@ -96,7 +96,7 @@ class CustomFieldsController extends Controller
        $data = $request->all();
        $regex_format = null;

-        if (str_contains($data['format'], 'regex:')) {
+        if ((array_key_exists('format', $data)) && (str_contains($data['format'], 'regex:'))) {
            $regex_format = $data['format'];
        }

@@ -39,7 +39,7 @@ class LicenseSeatsController extends Controller
            }

            $total = $seats->count();
-            $offset = (($seats) && (request('offset') > $total)) ? 0 : request('offset', 0);
+            $offset = (($seats) && (request('offset') >= $total)) ? 0 : request('offset', 0);
            $limit = request('limit', 50);

            $seats = $seats->skip($offset)->take($limit)->get();
@@ -73,9 +73,6 @@ class LicensesController extends Controller
            $licenses->where('depreciation_id', '=', $request->input('depreciation_id'));
        }

-        if ($request->filled('supplier_id')) {
-            $licenses->where('supplier_id', '=', $request->input('supplier_id'));
-        }

        if (($request->filled('maintained')) && ($request->input('maintained')=='true')) {
            $licenses->where('maintained','=',1);
@@ -27,7 +27,7 @@ class LocationsController extends Controller
        $allowed_columns = [
            'id', 'name', 'address', 'address2', 'city', 'state', 'country', 'zip', 'created_at',
            'updated_at', 'manager_id', 'image',
-            'assigned_assets_count', 'users_count', 'assets_count', 'currency', 'ldap_ou', ];
+            'assigned_assets_count', 'users_count', 'assets_count','assigned_assets_count', 'assets_count', 'rtd_assets_count', 'currency', 'ldap_ou', ];

        $locations = Location::with('parent', 'manager', 'children')->select([
            'locations.id',
@@ -47,6 +47,7 @@ class LocationsController extends Controller
            'locations.currency',
        ])->withCount('assignedAssets as assigned_assets_count')
            ->withCount('assets as assets_count')
+            ->withCount('rtd_assets as rtd_assets_count')
            ->withCount('users as users_count');

        if ($request->filled('search')) {
@@ -157,7 +158,9 @@ class LocationsController extends Controller
            ])
            ->withCount('assignedAssets as assigned_assets_count')
            ->withCount('assets as assets_count')
-            ->withCount('users as users_count')->findOrFail($id);
+            ->withCount('rtd_assets as rtd_assets_count')
+            ->withCount('users as users_count')
+            ->findOrFail($id);

        return (new LocationsTransformer)->transformLocation($location);
    }
@@ -20,7 +20,7 @@ class ReportsController extends Controller
    {
        $this->authorize('reports.view');

-        $actionlogs = Actionlog::with('item', 'user', 'target', 'location');
+        $actionlogs = Actionlog::with('item', 'user', 'admin', 'target', 'location');

        if ($request->filled('search')) {
            $actionlogs = $actionlogs->TextSearch(e($request->input('search')));
@@ -9,6 +9,8 @@ use App\Http\Transformers\StatuslabelsTransformer;
 use App\Models\Asset;
 use App\Models\Statuslabel;
 use Illuminate\Http\Request;
+use App\Http\Transformers\PieChartTransformer;
+use Illuminate\Support\Arr;

 class StatuslabelsController extends Controller
 {
@@ -188,43 +190,54 @@ class StatuslabelsController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v3.0]
-     * @return \Illuminate\Http\Response
+     * @return array
     */
    public function getAssetCountByStatuslabel()
    {
        $this->authorize('view', Statuslabel::class);
-
        $statuslabels = Statuslabel::withCount('assets')->get();

-        $labels = [];
-        $points = [];
-        $default_color_count = 0;
-        $colors_array = [];
-
        foreach ($statuslabels as $statuslabel) {
-            if ($statuslabel->assets_count > 0) {
-                $labels[] = $statuslabel->name.' ('.number_format($statuslabel->assets_count).')';
-                $points[] = $statuslabel->assets_count;

-                if ($statuslabel->color != '') {
-                    $colors_array[] = $statuslabel->color;
-                } else {
-                    $colors_array[] = Helper::defaultChartColors($default_color_count);
-                }
-                $default_color_count++;
+            $total[$statuslabel->name]['label'] = $statuslabel->name;
+            $total[$statuslabel->name]['count'] = $statuslabel->assets_count;
+
+            if ($statuslabel->color != '') {
+                $total[$statuslabel->name]['color'] = $statuslabel->color;
            }
        }

-        $result = [
-            'labels' => $labels,
-            'datasets' => [[
-                'data' => $points,
-                'backgroundColor' => $colors_array,
-                'hoverBackgroundColor' =>  $colors_array,
-            ]],
-        ];
+        return (new PieChartTransformer())->transformPieChartDate($total);

-        return $result;
+    }
+
+    /**
+     * Show a count of assets by meta status type for pie chart
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v6.0.11]
+     * @return array
+     */
+    public function getAssetCountByMetaStatus()
+    {
+        $this->authorize('view', Statuslabel::class);
+
+        $total['rtd']['label'] = trans('general.ready_to_deploy');
+        $total['rtd']['count'] = Asset::RTD()->count();
+
+        $total['deployed']['label'] = trans('general.deployed');
+        $total['deployed']['count'] = Asset::Deployed()->count();
+
+        $total['archived']['label'] = trans('general.archived');
+        $total['archived']['count'] = Asset::Archived()->count();
+
+        $total['pending']['label'] = trans('general.pending');
+        $total['pending']['count'] = Asset::Pending()->count();
+
+        $total['undeployable']['label'] = trans('general.undeployable');
+        $total['undeployable']['count'] = Asset::Undeployable()->count();
+
+        return (new PieChartTransformer())->transformPieChartDate($total);
    }

    /**
@@ -15,6 +15,7 @@ use App\Models\Asset;
 use App\Models\Company;
 use App\Models\License;
 use App\Models\User;
+use App\Notifications\CurrentInventory;
 use Auth;
 use Illuminate\Http\Request;
 use App\Http\Requests\ImageUploadRequest;
@@ -66,6 +67,8 @@ class UsersController extends Controller
            'users.zip',
            'users.remote',
            'users.ldap_import',
+            'users.start_date',
+            'users.end_date',

        ])->with('manager', 'groups', 'userloc', 'company', 'department', 'assets', 'licenses', 'accessories', 'consumables', 'createdBy',)
            ->withCount('assets as assets_count', 'licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count');
@@ -146,6 +149,15 @@ class UsersController extends Controller
            $users = $users->where('remote', '=', $request->input('remote'));
        }

+        if ($request->filled('start_date')) {
+            $users = $users->where('users.start_date', '=', $request->input('start_date'));
+        }
+
+        if ($request->filled('end_date')) {
+            $users = $users->where('users.end_date', '=', $request->input('end_date'));
+        }
+
+
        if ($request->filled('assets_count')) {
           $users->has('assets', '=', $request->input('assets_count'));
        }
@@ -200,7 +212,7 @@ class UsersController extends Controller
                        'assets', 'accessories', 'consumables', 'licenses', 'groups', 'activated', 'created_at',
                        'two_factor_enrolled', 'two_factor_optin', 'last_login', 'assets_count', 'licenses_count',
                        'consumables_count', 'accessories_count', 'phone', 'address', 'city', 'state',
-                        'country', 'zip', 'id', 'ldap_import', 'remote',
+                        'country', 'zip', 'id', 'ldap_import', 'remote', 'start_date', 'end_date',
                    ];

                $sort = in_array($request->get('sort'), $allowed_columns) ? $request->get('sort') : 'first_name';
@@ -479,6 +491,26 @@ class UsersController extends Controller
        return (new AssetsTransformer)->transformAssets($assets, $assets->count(), $request);
    }

+    /**
+     * Notify a specific user via email with all of their assigned assets.
+     *
+     * @author [Lukas Fehling] [<lukas.fehling@adabay.rocks>]
+     * @since [v6.0.13]
+     * @param Request $request
+     * @param $id
+     * @return string JSON
+     */
+    public function emailAssetList(Request $request, $id)
+    {
+        $user = User::findOrFail($id);
+
+        if (empty($user->email)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.inventorynotification.error')));
+        }
+ 
+        return response()->Helper::formatStandardApiResponse('success', null, trans('admin/users/message.inventorynotification.success'));
+ 
+    }

    /**
     * Return JSON containing a list of consumables assigned to a user.
@@ -463,7 +463,18 @@ class AssetModelsController extends Controller
            $data[$customField->db_column] = $defaultValue;
        }

-        $rules = $model->fieldset->validation_rules();
+        $fieldsets = $model->fieldset->validation_rules();
+        $rules = array();
+
+        foreach ($fieldsets as $fieldset => $validation){
+            // If the field is marked as required, eliminate the rule so it doesn't interfere with the default values
+            // (we are at model level, the rule still applies when creating a new asset using this model)
+            $index = array_search('required', $validation);
+            if ($index !== false){
+                $validation[$index] = 'nullable';
+            }
+            $rules[$fieldset] = $validation;
+        }

        $validator = Validator::make($data, $rules);

@@ -62,7 +62,7 @@ class AssetModelsFilesController extends Controller
                $model->logUpload($file_name, e($request->get('notes')));
            }

-            return redirect()->back()->with('success', trans('admin/hardware/message.upload.success'));
+            return redirect()->back()->with('success', trans('general.file_upload_success'));
        }

        return redirect()->back()->with('error', trans('admin/hardware/message.upload.nofiles'));
@@ -10,6 +10,7 @@ use App\Http\Requests\AssetCheckoutRequest;
 use App\Models\Asset;
 use Illuminate\Database\Eloquent\ModelNotFoundException;
 use Illuminate\Support\Facades\Auth;
+use Illuminate\Http\Request;

 class AssetCheckoutController extends Controller
 {
@@ -24,8 +25,9 @@ class AssetCheckoutController extends Controller
     * @since [v1.0]
     * @return View
     */
-    public function create($assetId)
+    public function create(Request $request, $assetId)
    {
+
        // Check if the asset exists
        if (is_null($asset = Asset::find(e($assetId)))) {
            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
@@ -34,10 +36,28 @@ class AssetCheckoutController extends Controller
        $this->authorize('checkout', $asset);

        if ($asset->availableForCheckout()) {
+
+            /**
+             * Set a session variable here for the possible return url - this may or may not be used
+             * in the store() method below, but we need to set it here, so we know what "back" means.
+             * We set this here so that we don't end up with UX weirdness if our referrer isn't what we're
+             * expecting (for example a checkout that happens from a place we didn't plan for yet.
+             * - @snipe - 2022-12-22
+             */
+            $request->session()->forget('backto_item_type');
+            $request->session()->forget('backto_item_id');
+            \Log::debug('dropping session data for backto_item_type and backto_item_id');
+
+            // Hard-coding this for now, since we're only workiing with assets, not other first-class items yet
+            $request->session()->put('backto_item_type', '\App\Models\Asset');
+            $request->session()->put('backto_item_id', $assetId);
+            \Log::debug('setting new session data for asset '. $assetId . ' via backto_item_type and backto_item_id');
+
            return view('hardware/checkout', compact('asset'))
                ->with('statusLabel_list', Helper::deployableStatusLabelList());
        }

+
        return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkout.not_available'));
    }

@@ -52,26 +72,32 @@ class AssetCheckoutController extends Controller
     */
    public function store(AssetCheckoutRequest $request, $assetId)
    {
+
+        $asset = Asset::find($assetId);
+        $this->authorize('checkout', $asset);
+
+
+
        try {
            // Check if the asset exists
-            if (! $asset = Asset::find($assetId)) {
+            if (!$asset) {
                return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
-            } elseif (! $asset->availableForCheckout()) {
+            } elseif (!$asset->availableForCheckout()) {
                return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkout.not_available'));
            }
+
            $this->authorize('checkout', $asset);
+
            $admin = Auth::user();
-
            $target = $this->determineCheckoutTarget($asset);
-
            $asset = $this->updateAssetLocation($asset, $target);
-
+            $expected_checkin = '';
            $checkout_at = date('Y-m-d H:i:s');
+
            if (($request->filled('checkout_at')) && ($request->get('checkout_at') != date('Y-m-d'))) {
                $checkout_at = $request->get('checkout_at');
            }

-            $expected_checkin = '';
            if ($request->filled('expected_checkin')) {
                $expected_checkin = $request->get('expected_checkin');
            }
@@ -80,20 +106,32 @@ class AssetCheckoutController extends Controller
                $asset->status_id = $request->get('status_id');
            }

-            if(!empty($asset->licenseseats->all())){
-                if(request('checkout_to_type') == 'user') {
+            if ($request->filled('next_action')) {
+                $back_to_route = $request->get('next_action');
+            }
+
+            if(!empty($asset->licenseseats->all())) {
+
+                if (request('checkout_to_type') == 'user') {
                    foreach ($asset->licenseseats as $seat){
                        $seat->assigned_to = $target->id;
                        $seat->save();
                    }
                }
+
            }

            if ($asset->checkOut($target, $admin, $checkout_at, $expected_checkin, e($request->get('note')), $request->get('name'))) {
-                return redirect()->route('hardware.index')->with('success', trans('admin/hardware/message.checkout.success'));
+
+                if ($request->get('accept_in_person')=='1') {
+                    return view('hardware/checkout', compact('asset'))
+                        ->with('statusLabel_list', Helper::deployableStatusLabelList());
+                }
+
+                return redirect()->route($back_to_route)->with('success', trans('admin/hardware/message.checkout.success'));
            }

-            // Redirect to the asset management page with error
+            // Redirect to the asset page with error
            return redirect()->to("hardware/$assetId/checkout")->with('error', trans('admin/hardware/message.checkout.error').$asset->getErrors());
        } catch (ModelNotFoundException $e) {
            return redirect()->back()->with('error', trans('admin/hardware/message.checkout.error'))->withErrors($asset->getErrors());
@@ -12,6 +12,7 @@ use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\DB;
 use Illuminate\Support\Facades\Session;
+use App\Http\Requests\AssetCheckoutRequest;

 class BulkAssetsController extends Controller
 {
@@ -32,7 +33,6 @@ class BulkAssetsController extends Controller

        if (! $request->filled('ids')) {
            return redirect()->back()->with('error', trans('admin/hardware/message.update.no_assets_selected'));
-
        }

        // Figure out where we need to send the user after the update is complete, and store that in the session
@@ -102,6 +102,8 @@ class BulkAssetsController extends Controller
            || ($request->filled('company_id'))
            || ($request->filled('status_id'))
            || ($request->filled('model_id'))
+            || ($request->filled('null_purchase_date'))
+            || ($request->filled('null_expected_checkin_date'))
        ) {
            foreach ($assets as $assetId) {

@@ -116,6 +118,14 @@ class BulkAssetsController extends Controller
                    ->conditionallyAddItem('supplier_id')
                    ->conditionallyAddItem('warranty_months');

+                if ($request->input('null_purchase_date')=='1') {
+                    $this->update_array['purchase_date'] = null;
+                }
+
+                if ($request->input('null_expected_checkin_date')=='1') {
+                    $this->update_array['expected_checkin'] = null;
+                }
+
                if ($request->filled('purchase_cost')) {
                    $this->update_array['purchase_cost'] =  Helper::ParseCurrency($request->input('purchase_cost'));
                }
@@ -239,7 +249,7 @@ class BulkAssetsController extends Controller
     * Process Multiple Checkout Request
     * @return View
     */
-    public function storeCheckout(Request $request)
+    public function storeCheckout(AssetCheckoutRequest $request)
    {

        $this->authorize('checkout', Asset::class);
@@ -250,7 +260,7 @@ class BulkAssetsController extends Controller
            $target = $this->determineCheckoutTarget();

            if (! is_array($request->get('selected_assets'))) {
-                return redirect()->route('hardware/bulkcheckout')->withInput()->with('error', trans('admin/hardware/message.checkout.no_assets_selected'));
+                return redirect()->route('hardware.bulkcheckout.show')->withInput()->with('error', trans('admin/hardware/message.checkout.no_assets_selected'));
            }

            $asset_ids = array_filter($request->get('selected_assets'));
@@ -297,9 +307,9 @@ class BulkAssetsController extends Controller
                return redirect()->to('hardware')->with('success', trans('admin/hardware/message.checkout.success'));
            }
            // Redirect to the asset management page with error
-            return redirect()->to('hardware/bulk-checkout')->with('error', trans('admin/hardware/message.checkout.error'))->withErrors($errors);
+            return redirect()->route('hardware.bulkcheckout.show')->with('error', trans('admin/hardware/message.checkout.error'))->withErrors($errors);
        } catch (ModelNotFoundException $e) {
-            return redirect()->to('hardware/bulk-checkout')->with('error', $e->getErrors());
+            return redirect()->route('hardware.bulkcheckout.show')->with('error', $e->getErrors());
        }
    }
 }
@@ -116,7 +116,7 @@ class LoginController extends Controller
                    Auth::login($user);
                } else {
                    $username = $saml->getUsername();
-                    \Log::warning("SAML user '$username' could not be found in database.");
+                    \Log::debug("SAML user '$username' could not be found in database.");
                    $request->session()->flash('error', trans('auth/message.signin.error'));
                    $saml->clearData();
                }
@@ -127,7 +127,7 @@ class LoginController extends Controller
                }
                
            } catch (\Exception $e) {
-                \Log::warning('There was an error authenticating the SAML user: '.$e->getMessage());
+                \Log::debug('There was an error authenticating the SAML user: '.$e->getMessage());
                throw new \Exception($e->getMessage());
            }

@@ -135,10 +135,8 @@ class LoginController extends Controller
        } else {

            // Better logging
-            if (!$saml->isEnabled()) {
-                \Log::debug("SAML page requested, but SAML does not seem to enabled.");
-            } else {
-                \Log::warning("SAML page requested, but samlData seems empty.");
+            if (empty($samlData)) {
+                \Log::debug("SAML page requested, but samlData seems empty.");
            }
        }

@@ -473,6 +471,11 @@ class LoginController extends Controller
        }

        $request->session()->regenerate(true);
+
+        if ($request->session()->has('password_hash_'.Auth::getDefaultDriver())){
+            $request->session()->remove('password_hash_'.Auth::getDefaultDriver());
+        }
+
        Auth::logout();

        if (! empty($sloRedirectUrl)) {
@@ -41,6 +41,7 @@ class ResetPasswordController extends Controller
    public function __construct()
    {
        $this->middleware('guest');
+        $this->middleware('throttle:10,1');
    }

    protected function rules()
@@ -116,7 +117,7 @@ class ResetPasswordController extends Controller
            }

            \Log::debug('Password reset for '.$user->username.' FAILED - this user exists but the token is not valid');
-            return redirect()->back()->withInput($request->only('email'))->with('error', trans('passwords.token'));
+            return redirect()->back()->withInput($request->only('email'))->with('success', trans('passwords.reset'));

        }

@@ -142,6 +142,6 @@ class SamlController extends Controller
            return view('errors.403');
        }

-        return redirect()->route('logout')->with(['saml_logout' => true,'saml_slo_redirect_url' => $sloUrl]);
+        return redirect()->route('logout.get')->with(['saml_logout' => true,'saml_slo_redirect_url' => $sloUrl]);
    }
 }
@@ -87,6 +87,7 @@ class ComponentCheckoutController extends Controller
            'created_at' => date('Y-m-d H:i:s'),
            'assigned_qty' => $request->input('assigned_qty'),
            'asset_id' => $asset_id,
+            'note' => $request->input('note'),
        ]);

        event(new CheckoutableCheckedOut($component, $asset, Auth::user(), $request->input('note')));
@@ -0,0 +1,180 @@
+<?php
+
+namespace App\Http\Controllers\Components;
+
+use App\Helpers\StorageHelper;
+use App\Http\Controllers\Controller;
+use App\Http\Requests\AssetFileRequest;
+use App\Models\Actionlog;
+use App\Models\Component;
+use Illuminate\Support\Facades\Response;
+use Illuminate\Support\Facades\Storage;
+use Symfony\Component\HttpFoundation\JsonResponse;
+use enshrined\svgSanitize\Sanitizer;
+
+class ComponentsFilesController extends Controller
+{
+    /**
+     * Validates and stores files associated with a component.
+     *
+     * @todo Switch to using the AssetFileRequest form request validator.
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @param AssetFileRequest $request
+     * @param int $componentId
+     * @return \Illuminate\Http\RedirectResponse
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function store(AssetFileRequest $request, $componentId = null)
+    {
+
+        if (config('app.lock_passwords')) {
+            return redirect()->route('components.show', ['component'=>$componentId])->with('error', trans('general.feature_disabled'));
+        }
+
+        $component = Component::find($componentId);
+
+        if (isset($component->id)) {
+            $this->authorize('update', $component);
+
+            if ($request->hasFile('file')) {
+                if (! Storage::exists('private_uploads/components')) {
+                    Storage::makeDirectory('private_uploads/components', 775);
+                }
+
+                foreach ($request->file('file') as $file) {
+
+                    $extension = $file->getClientOriginalExtension();
+                    $file_name = 'component-'.$component->id.'-'.str_random(8).'-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$extension;
+
+
+                    // Check for SVG and sanitize it
+                    if ($extension == 'svg') {
+                        \Log::debug('This is an SVG');
+                        \Log::debug($file_name);
+
+                        $sanitizer = new Sanitizer();
+                        $dirtySVG = file_get_contents($file->getRealPath());
+                        $cleanSVG = $sanitizer->sanitize($dirtySVG);
+
+                        try {
+                            Storage::put('private_uploads/components/'.$file_name, $cleanSVG);
+                        } catch (\Exception $e) {
+                            \Log::debug('Upload no workie :( ');
+                            \Log::debug($e);
+                        }
+
+                    } else {
+                        Storage::put('private_uploads/components/'.$file_name, file_get_contents($file));
+                    }
+
+                    //Log the upload to the log
+                    $component->logUpload($file_name, e($request->input('notes')));
+                }
+
+
+                return redirect()->route('components.show', $component->id)->with('success', trans('general.file_upload_success'));
+
+            }
+
+            return redirect()->route('components.show', $component->id)->with('error', trans('general.no_files_uploaded'));
+        }
+        // Prepare the error message
+        return redirect()->route('components.index')
+            ->with('error', trans('general.file_does_not_exist'));
+    }
+
+    /**
+     * Deletes the selected component file.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @param int $componentId
+     * @param int $fileId
+     * @return \Illuminate\Http\RedirectResponse
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function destroy($componentId = null, $fileId = null)
+    {
+        $component = Component::find($componentId);
+
+        // the asset is valid
+        if (isset($component->id)) {
+            $this->authorize('update', $component);
+            $log = Actionlog::find($fileId);
+
+            // Remove the file if one exists
+            if (Storage::exists('components/'.$log->filename)) {
+                try {
+                    Storage::delete('components/'.$log->filename);
+                } catch (\Exception $e) {
+                    \Log::debug($e);
+                }
+            }
+
+            $log->delete();
+
+            return redirect()->back()
+                ->with('success', trans('admin/hardware/message.deletefile.success'));
+        }
+
+        // Redirect to the licence management page
+        return redirect()->route('components.index')->with('error', trans('general.file_does_not_exist'));
+    }
+
+    /**
+     * Allows the selected file to be viewed.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.4]
+     * @param int $componentId
+     * @param int $fileId
+     * @return \Symfony\Component\HttpFoundation\Response
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function show($componentId = null, $fileId = null, $download = true)
+    {
+        \Log::debug('Private filesystem is: '.config('filesystems.default'));
+        $component = Component::find($componentId);
+
+        // the component is valid
+        if (isset($component->id)) {
+            $this->authorize('view', $component);
+            $this->authorize('components.files', $component);
+
+            if (! $log = Actionlog::find($fileId)) {
+                return response('No matching record for that asset/file', 500)
+                    ->header('Content-Type', 'text/plain');
+            }
+
+            $file = 'private_uploads/components/'.$log->filename;
+
+            if (Storage::missing($file)) {
+                \Log::debug('FILE DOES NOT EXISTS for '.$file);
+                \Log::debug('URL should be '.Storage::url($file));
+
+                return response('File '.$file.' ('.Storage::url($file).') not found on server', 404)
+                    ->header('Content-Type', 'text/plain');
+            } else {
+
+                if (config('filesystems.default') == 'local') { // TODO - is there any way to fix this at the StorageHelper layer?
+                    return StorageHelper::downloader($file);
+                } else {
+                    if ($download != 'true') {
+                        \Log::debug('display the file');
+                        if ($contents = file_get_contents(Storage::url($file))) { // TODO - this will fail on private S3 files or large public ones
+                            return Response::make(Storage::url($file)->header('Content-Type', mime_content_type($file)));
+                        }
+
+                        return JsonResponse::create(['error' => 'Failed validation: '], 500);
+                    }
+
+                    return StorageHelper::downloader($file);
+
+                }
+            }
+        }
+
+        return redirect()->route('components.index')->with('error', trans('general.file_does_not_exist', ['id' => $fileId]));
+    }
+}
@@ -56,7 +56,7 @@ class ConsumableCheckoutController extends Controller
        // Check if the user exists
        if (is_null($user = User::find($assigned_to))) {
            // Redirect to the consumable management page with error
-            return redirect()->route('checkout/consumable', $consumable)->with('error', trans('admin/consumables/message.checkout.user_does_not_exist'));
+            return redirect()->route('consumables.checkout.show', $consumable)->with('error', trans('admin/consumables/message.checkout.user_does_not_exist'))->withInput();
        }

        // Update the consumable data
@@ -66,6 +66,7 @@ class ConsumableCheckoutController extends Controller
            'consumable_id' => $consumable->id,
            'user_id' => $admin_user->id,
            'assigned_to' => e($request->input('assigned_to')),
+            'note' => $request->input('note'),
        ]);

        event(new CheckoutableCheckedOut($consumable, $user, Auth::user(), $request->input('note')));
@@ -0,0 +1,180 @@
+<?php
+
+namespace App\Http\Controllers\Consumables;
+
+use App\Helpers\StorageHelper;
+use App\Http\Controllers\Controller;
+use App\Http\Requests\AssetFileRequest;
+use App\Models\Actionlog;
+use App\Models\Consumable;
+use Illuminate\Support\Facades\Response;
+use Illuminate\Support\Facades\Storage;
+use Symfony\Consumable\HttpFoundation\JsonResponse;
+use enshrined\svgSanitize\Sanitizer;
+
+class ConsumablesFilesController extends Controller
+{
+    /**
+     * Validates and stores files associated with a consumable.
+     *
+     * @todo Switch to using the AssetFileRequest form request validator.
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @param AssetFileRequest $request
+     * @param int $consumableId
+     * @return \Illuminate\Http\RedirectResponse
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function store(AssetFileRequest $request, $consumableId = null)
+    {
+        if (config('app.lock_passwords')) {
+            return redirect()->route('consumables.show', ['consumable'=>$consumableId])->with('error', trans('general.feature_disabled'));
+        }
+
+        $consumable = Consumable::find($consumableId);
+
+        if (isset($consumable->id)) {
+            $this->authorize('update', $consumable);
+
+            if ($request->hasFile('file')) {
+                if (! Storage::exists('private_uploads/consumables')) {
+                    Storage::makeDirectory('private_uploads/consumables', 775);
+                }
+
+                foreach ($request->file('file') as $file) {
+
+                    $extension = $file->getClientOriginalExtension();
+                    $file_name = 'consumable-'.$consumable->id.'-'.str_random(8).'-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$extension;
+
+
+                    // Check for SVG and sanitize it
+                    if ($extension == 'svg') {
+                        \Log::debug('This is an SVG');
+                        \Log::debug($file_name);
+
+                        $sanitizer = new Sanitizer();
+                        $dirtySVG = file_get_contents($file->getRealPath());
+                        $cleanSVG = $sanitizer->sanitize($dirtySVG);
+
+                        try {
+                            Storage::put('private_uploads/consumables/'.$file_name, $cleanSVG);
+                        } catch (\Exception $e) {
+                            \Log::debug('Upload no workie :( ');
+                            \Log::debug($e);
+                        }
+
+                    } else {
+                        Storage::put('private_uploads/consumables/'.$file_name, file_get_contents($file));
+                    }
+
+                    //Log the upload to the log
+                    $consumable->logUpload($file_name, e($request->input('notes')));
+                }
+
+
+                return redirect()->route('consumables.show', $consumable->id)->with('success', trans('general.file_upload_success'));
+
+            }
+
+            return redirect()->route('consumables.show', $consumable->id)->with('error', trans('general.no_files_uploaded'));
+        }
+        // Prepare the error message
+        return redirect()->route('consumables.index')
+            ->with('error', trans('general.file_does_not_exist'));
+    }
+
+    /**
+     * Deletes the selected consumable file.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @param int $consumableId
+     * @param int $fileId
+     * @return \Illuminate\Http\RedirectResponse
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function destroy($consumableId = null, $fileId = null)
+    {
+        $consumable = Consumable::find($consumableId);
+
+        // the asset is valid
+        if (isset($consumable->id)) {
+            $this->authorize('update', $consumable);
+            $log = Actionlog::find($fileId);
+
+            // Remove the file if one exists
+            if (Storage::exists('consumables/'.$log->filename)) {
+                try {
+                    Storage::delete('consumables/'.$log->filename);
+                } catch (\Exception $e) {
+                    \Log::debug($e);
+                }
+            }
+
+            $log->delete();
+
+            return redirect()->back()
+                ->with('success', trans('admin/hardware/message.deletefile.success'));
+        }
+
+        // Redirect to the licence management page
+        return redirect()->route('consumables.index')->with('error', trans('general.file_does_not_exist'));
+    }
+
+    /**
+     * Allows the selected file to be viewed.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.4]
+     * @param int $consumableId
+     * @param int $fileId
+     * @return \Symfony\Consumable\HttpFoundation\Response
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function show($consumableId = null, $fileId = null, $download = true)
+    {
+        $consumable = Consumable::find($consumableId);
+
+        // the consumable is valid
+        if (isset($consumable->id)) {
+            $this->authorize('view', $consumable);
+            $this->authorize('consumables.files', $consumable);
+
+            if (! $log = Actionlog::find($fileId)) {
+                return response('No matching record for that asset/file', 500)
+                    ->header('Content-Type', 'text/plain');
+            }
+
+            $file = 'private_uploads/consumables/'.$log->filename;
+
+            if (Storage::missing($file)) {
+                \Log::debug('FILE DOES NOT EXISTS for '.$file);
+                \Log::debug('URL should be '.Storage::url($file));
+
+                return response('File '.$file.' ('.Storage::url($file).') not found on server', 404)
+                    ->header('Content-Type', 'text/plain');
+            } else {
+
+                // We have to override the URL stuff here, since local defaults in Laravel's Flysystem
+                // won't work, as they're not accessible via the web
+                if (config('filesystems.default') == 'local') { // TODO - is there any way to fix this at the StorageHelper layer?
+                    return StorageHelper::downloader($file);
+                } else {
+                    if ($download != 'true') {
+                        \Log::debug('display the file');
+                        if ($contents = file_get_contents(Storage::url($file))) { // TODO - this will fail on private S3 files or large public ones
+                            return Response::make(Storage::url($file)->header('Content-Type', mime_content_type($file)));
+                        }
+
+                        return JsonResponse::create(['error' => 'Failed validation: '], 500);
+                    }
+
+                    return StorageHelper::downloader($file);
+
+                }
+            }
+        }
+
+        return redirect()->route('consumables.index')->with('error', trans('general.file_does_not_exist', ['id' => $fileId]));
+    }
+}
@@ -86,14 +86,24 @@ class CustomFieldsController extends Controller
    {
        $this->authorize('create', CustomField::class);

+        $show_in_email = $request->get("show_in_email", 0);
+        $display_in_user_view = $request->get("display_in_user_view", 0);
+
+        // Override the display settings if the field is encrypted
+        if ($request->get("field_encrypted") == '1') {
+            $show_in_email = '0';
+            $display_in_user_view = '0';
+        }
+
        $field = new CustomField([
            "name" => trim($request->get("name")),
            "element" => $request->get("element"),
            "help_text" => $request->get("help_text"),
            "field_values" => $request->get("field_values"),
            "field_encrypted" => $request->get("field_encrypted", 0),
-            "show_in_email" => $request->get("show_in_email", 0),
+            "show_in_email" => $show_in_email,
            "is_unique" => $request->get("is_unique", 0),
+            "display_in_user_view" => $display_in_user_view,
            "user_id" => Auth::id()
        ]);

@@ -221,13 +231,24 @@ class CustomFieldsController extends Controller

        $this->authorize('update', $field);

+
+        $show_in_email = $request->get("show_in_email", 0);
+        $display_in_user_view = $request->get("display_in_user_view", 0);
+
+        // Override the display settings if the field is encrypted
+        if ($request->get("field_encrypted") == '1') {
+            $show_in_email = '0';
+            $display_in_user_view = '0';
+        }
+        
        $field->name          = trim(e($request->get("name")));
        $field->element       = e($request->get("element"));
        $field->field_values  = e($request->get("field_values"));
        $field->user_id       = Auth::id();
        $field->help_text     = $request->get("help_text");
-        $field->show_in_email = $request->get("show_in_email", 0);
+        $field->show_in_email = $show_in_email;
        $field->is_unique     = $request->get("is_unique", 0);
+        $field->display_in_user_view = $display_in_user_view;

        if ($request->get('format') == 'CUSTOM REGEX') {
            $field->format = e($request->get('custom_format'));
@@ -235,6 +256,10 @@ class CustomFieldsController extends Controller
            $field->format = e($request->get('format'));
        }

+        if($field->element == 'checkbox' || $field->element == 'radio'){
+            $field->format = 'ANY';
+        }
+
        if ($field->save()) {
            return redirect()->route('fields.index')->with('success', trans('admin/custom_fields/message.field.update.success'));
        }
@@ -34,7 +34,7 @@ class DashboardController extends Controller
            $counts['license'] = \App\Models\License::assetcount();
            $counts['consumable'] = \App\Models\Consumable::count();
            $counts['component'] = \App\Models\Component::count();
-            $counts['user'] = \App\Models\User::count();
+            $counts['user'] = \App\Models\Company::scopeCompanyables(Auth::user())->count();
            $counts['grand_total'] = $counts['asset'] + $counts['accessory'] + $counts['license'] + $counts['consumable'];

            if ((! file_exists(storage_path().'/oauth-private.key')) || (! file_exists(storage_path().'/oauth-public.key'))) {
@@ -54,7 +54,8 @@ class DepartmentsController extends Controller
        $department->fill($request->all());
        $department->user_id = Auth::user()->id;
        $department->manager_id = ($request->filled('manager_id') ? $request->input('manager_id') : null);
-
+        $department->location_id = ($request->filled('location_id') ? $request->input('location_id') : null);
+        $department->company_id = ($request->filled('company_id') ? $request->input('company_id') : null);
        $department = $request->handleImages($department);

        if ($department->save()) {
@@ -167,6 +168,8 @@ class DepartmentsController extends Controller

        $department->fill($request->all());
        $department->manager_id = ($request->filled('manager_id') ? $request->input('manager_id') : null);
+        $department->location_id = ($request->filled('location_id') ? $request->input('location_id') : null);
+        $department->company_id = ($request->filled('company_id') ? $request->input('company_id') : null);

        $department = $request->handleImages($department);

@@ -61,6 +61,7 @@ class LicenseCheckoutController extends Controller

        $licenseSeat = $this->findLicenseSeatToCheckout($license, $seatId);
        $licenseSeat->user_id = Auth::id();
+        

        $checkoutMethod = 'checkoutTo'.ucwords(request('checkout_to_type'));
        if ($this->$checkoutMethod($licenseSeat)) {
@@ -76,14 +77,14 @@ class LicenseCheckoutController extends Controller

        if (! $licenseSeat) {
            if ($seatId) {
-                return redirect()->route('licenses.index')->with('error', 'This Seat is not available for checkout.');
+                throw new \Illuminate\Http\Exceptions\HttpResponseException(redirect()->route('licenses.index')->with('error', 'This Seat is not available for checkout.'));
            }
-
-            return redirect()->route('licenses.index')->with('error', 'There are no available seats for this license');
+            
+            throw new \Illuminate\Http\Exceptions\HttpResponseException(redirect()->route('licenses.index')->with('error', 'There are no available seats for this license.'));
        }

        if (! $licenseSeat->license->is($license)) {
-            return redirect()->route('licenses.index')->with('error', 'The license seat provided does not match the license.');
+            throw new \Illuminate\Http\Exceptions\HttpResponseException(redirect()->route('licenses.index')->with('error', 'The license seat provided does not match the license.'));
        }

        return $licenseSeat;
@@ -135,6 +135,7 @@ class LicenseFilesController extends Controller
        // the license is valid
        if (isset($license->id)) {
            $this->authorize('view', $license);
+            $this->authorize('licenses.files', $license);

            if (! $log = Actionlog::find($fileId)) {
                return response('No matching record for that asset/file', 500)
@@ -171,6 +172,6 @@ class LicenseFilesController extends Controller
            }
        }

-        return redirect()->route('license.index')->with('error', trans('admin/licenses/message.does_not_exist', ['id' => $fileId]));
+        return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.does_not_exist', ['id' => $fileId]));
    }
 }
@@ -3,8 +3,11 @@
 namespace App\Http\Controllers;

 use App\Http\Requests\ImageUploadRequest;
+use App\Models\Asset;
 use App\Models\Setting;
-use Auth;
+use App\Models\User;
+use App\Notifications\CurrentInventory;
+use Illuminate\Support\Facades\Auth;
 use Gate;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Hash;
@@ -133,7 +136,7 @@ class ProfileController extends Controller
    public function password()
    {
        $user = Auth::user();
-
+        
        return view('account/change-password', compact('user'));
    }

@@ -161,7 +164,7 @@ class ProfileController extends Controller
        $validator = \Validator::make($request->all(), $rules);
        $validator->after(function ($validator) use ($request, $user) {
            if (! Hash::check($request->input('current_password'), $user->password)) {
-                $validator->errors()->add('current_password', trans('validation.hashed_pass'));
+                $validator->errors()->add('current_password', trans('validation.custom.hashed_pass'));
            }

            // This checks to make sure that the user's password isn't the same as their username,
@@ -186,6 +189,9 @@ class ProfileController extends Controller
        if (! $validator->fails()) {
            $user->password = Hash::make($request->input('password'));
            $user->save();
+
+            // Log the user out of other devices
+            Auth::logoutOtherDevices($request->input('password'));
            return redirect()->route('account.password.index')->with('success', 'Password updated!');

        }
@@ -213,4 +219,47 @@ class ProfileController extends Controller
            $request->session()->put('menu_state', 'closed');
        }
    }
+
+
+    /**
+     * Print inventory
+     *
+     * @author A. Gianotto
+     * @since [v6.0.12]
+     * @return Illuminate\View\View
+     */
+    public function printInventory()
+    {
+        $show_user = Auth::user();
+
+        return view('users/print')
+            ->with('assets', Auth::user()->assets)
+            ->with('licenses', $show_user->licenses()->get())
+            ->with('accessories', $show_user->accessories()->get())
+            ->with('consumables', $show_user->consumables()->get())
+            ->with('show_user', $show_user)
+            ->with('settings', Setting::getSettings());
+    }
+
+    /**
+     * Emails user a list of assigned assets
+     *
+     * @author A. Gianotto
+     * @since [v6.0.12]
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function emailAssetList()
+    {
+
+        if (!$user = User::find(Auth::user()->id)) {
+            return redirect()->back()
+                ->with('error', trans('admin/users/message.user_not_found', ['id' => $id]));
+        }
+        if (empty($user->email)) {
+            return redirect()->back()->with('error', trans('admin/users/message.user_has_no_email'));
+        }
+
+        $user->notify((new CurrentInventory($user)));
+        return redirect()->back()->with('success', trans('admin/users/general.user_notified'));
+    }
 }
@@ -22,6 +22,8 @@ use Illuminate\Support\Facades\View;
 use Input;
 use League\Csv\Reader;
 use Symfony\Component\HttpFoundation\StreamedResponse;
+use League\Csv\EscapeFormula;
+

 /**
 * This controller handles all actions related to Reports for
@@ -411,6 +413,7 @@ class ReportsController extends Controller
        $customfields = CustomField::get();
        $response = new StreamedResponse(function () use ($customfields, $request) {
            \Log::debug('Starting streamed response');
+            \Log::debug('CSV escaping is set to: '.config('app.escape_formulas'));

            // Open output stream
            $handle = fopen('php://output', 'w');
@@ -422,6 +425,9 @@ class ReportsController extends Controller

            $header = [];

+            if ($request->filled('id')) {
+                $header[] = trans('general.id');
+            }

            if ($request->filled('company')) {
                $header[] = trans('general.company');
@@ -552,6 +558,10 @@ class ReportsController extends Controller
                $header[] = trans('general.updated_at');
            }

+            if ($request->filled('deleted_at')) {
+                $header[] = trans('general.deleted');
+            }
+
            if ($request->filled('last_audit_date')) {
                $header[] = trans('general.last_audit');
            }
@@ -564,6 +574,10 @@ class ReportsController extends Controller
                $header[] = trans('general.notes');
            }

+            if ($request->filled('url')) {
+                $header[] = trans('admin/manufacturers/table.url');
+            }
+

            foreach ($customfields as $customfield) {
                if ($request->input($customfield->db_column_name()) == '1') {
@@ -578,7 +592,7 @@ class ReportsController extends Controller
            \Log::debug('Added headers: '.$executionTime);

            $assets = \App\Models\Company::scopeCompanyables(Asset::select('assets.*'))->with(
-                'location', 'assetstatus', 'assetlog', 'company', 'defaultLoc', 'assignedTo',
+                'location', 'assetstatus', 'company', 'defaultLoc', 'assignedTo',
                'model.category', 'model.manufacturer', 'supplier');
            
            if ($request->filled('by_location_id')) {
@@ -586,7 +600,6 @@ class ReportsController extends Controller
            }

            if ($request->filled('by_rtd_location_id')) {
-                \Log::debug('RTD location should match: '.$request->input('by_rtd_location_id'));
                $assets->where('assets.rtd_location_id', $request->input('by_rtd_location_id'));
            }

@@ -607,7 +620,6 @@ class ReportsController extends Controller
            }

            if ($request->filled('by_dept_id')) {
-                \Log::debug('Only users in dept '.$request->input('by_dept_id'));
                $assets->CheckedOutToTargetInDepartment($request->input('by_dept_id'));
            }

@@ -642,15 +654,32 @@ class ReportsController extends Controller
            if (($request->filled('next_audit_start')) && ($request->filled('next_audit_end'))) {
                $assets->whereBetween('assets.next_audit_date', [$request->input('next_audit_start'), $request->input('next_audit_end')]);
            }
+            if ($request->filled('exclude_archived')) {
+                $assets->notArchived();
+            }
+            if ($request->input('deleted_assets') == '1') {
+                $assets->withTrashed();
+            }
+            if ($request->input('deleted_assets') == '0') {
+                $assets->onlyTrashed();
+            }
+
            $assets->orderBy('assets.id', 'ASC')->chunk(20, function ($assets) use ($handle, $customfields, $request) {
            
                $executionTime = microtime(true) - $_SERVER['REQUEST_TIME_FLOAT'];
                \Log::debug('Walking results: '.$executionTime);
                $count = 0;
+
+                $formatter = new EscapeFormula("`");
+
                foreach ($assets as $asset) {
                    $count++;
                    $row = [];
-                    
+
+                    if ($request->filled('id')) {
+                        $row[] = ($asset->id) ? $asset->id : '';
+                    }
+
                    if ($request->filled('company')) {
                        $row[] = ($asset->company) ? $asset->company->name : '';
                    }
@@ -779,7 +808,7 @@ class ReportsController extends Controller

                    if ($request->filled('warranty')) {
                        $row[] = ($asset->warranty_months) ? $asset->warranty_months : '';
-                        $row[] = $asset->present()->warrantee_expires();
+                        $row[] = $asset->present()->warranty_expires();
                    }

                    if ($request->filled('depreciation')) {
@@ -806,6 +835,10 @@ class ReportsController extends Controller
                        $row[] = ($asset->updated_at) ? $asset->updated_at : '';
                    }

+                    if ($request->filled('deleted_at')) {
+                        $row[] = ($asset->deleted_at) ? $asset->deleted_at : '';
+                    }
+
                    if ($request->filled('last_audit_date')) {
                        $row[] = ($asset->last_audit_date) ? $asset->last_audit_date : '';
                    }
@@ -818,13 +851,27 @@ class ReportsController extends Controller
                        $row[] = ($asset->notes) ? $asset->notes : '';
                    }

+                    if ($request->filled('url')) {
+                        $row[] = config('app.url').'/hardware/'.$asset->id ;
+                    }
+
                    foreach ($customfields as $customfield) {
                        $column_name = $customfield->db_column_name();
                        if ($request->filled($customfield->db_column_name())) {
                            $row[] = $asset->$column_name;
                        }
                    }
-                    fputcsv($handle, $row);
+
+                    
+                    // CSV_ESCAPE_FORMULAS is set to false in the .env
+                    if (config('app.escape_formulas') === false) {
+                        fputcsv($handle, $row);
+
+                   // CSV_ESCAPE_FORMULAS is set to true or is not set in the .env
+                    } else {
+                        fputcsv($handle, $formatter->escapeRecord($row));
+                    }
+
                    $executionTime = microtime(true) - $_SERVER['REQUEST_TIME_FLOAT'];
                    \Log::debug('-- Record '.$count.' Asset ID:'.$asset->id.' in '.$executionTime);
                }
@@ -975,7 +1022,11 @@ class ReportsController extends Controller
        }
        $assetItem = $acceptance->checkoutable;

-        $logItem = $assetItem->checkouts()->where('created_at', '=', $acceptance->created_at)->get()[0];
+        if (is_null($acceptance->created_at)){
+            return redirect()->route('reports/unaccepted_assets')->with('error', trans('general.bad_data'));
+        } else {
+            $logItem = $assetItem->checkouts()->where('created_at', '=', $acceptance->created_at)->get()[0];
+        }

        if(!$assetItem->assignedTo->locale){
            Notification::locale(Setting::getSettings()->locale)->send(
@@ -1032,9 +1083,9 @@ class ReportsController extends Controller
         * Get all assets with pending checkout acceptances
         */
        if($showDeleted) {
-            $acceptances = CheckoutAcceptance::pending()->withTrashed()->with(['assignedTo', 'checkoutable.assignedTo', 'checkoutable.model'])->get();
+            $acceptances = CheckoutAcceptance::pending()->where('checkoutable_type', 'App\Models\Asset')->withTrashed()->with(['assignedTo', 'checkoutable.assignedTo', 'checkoutable.model'])->get();
        } else {
-            $acceptances = CheckoutAcceptance::pending()->with(['assignedTo', 'checkoutable.assignedTo', 'checkoutable.model'])->get();
+            $acceptances = CheckoutAcceptance::pending()->where('checkoutable_type', 'App\Models\Asset')->with(['assignedTo', 'checkoutable.assignedTo', 'checkoutable.model'])->get();
        }

        $assetsForReport = $acceptances
@@ -1059,13 +1110,19 @@ class ReportsController extends Controller
        $rows[] = implode(',', $header);

        foreach ($assetsForReport as $item) {
-            $row    = [ ];
-            $row[]  = str_replace(',', '', e($item['assetItem']->model->category->name));
-            $row[]  = str_replace(',', '', e($item['assetItem']->model->name));
-            $row[]  = str_replace(',', '', e($item['assetItem']->name));
-            $row[]  = str_replace(',', '', e($item['assetItem']->asset_tag));
-            $row[]  = str_replace(',', '', e(($item['acceptance']->assignedTo) ? $item['acceptance']->assignedTo->present()->name() : trans('admin/reports/general.deleted_user')));
-            $rows[] = implode(',', $row);
+
+            if ($item['assetItem'] != null){
+            
+                $row    = [ ];
+                $row[]  = str_replace(',', '', e($item['assetItem']->model->category->name));
+                $row[]  = str_replace(',', '', e($item['assetItem']->model->name));
+                $row[]  = str_replace(',', '', e($item['assetItem']->name));
+                $row[]  = str_replace(',', '', e($item['assetItem']->asset_tag));
+                $row[]  = str_replace(',', '', e(($item['acceptance']->assignedTo) ? $item['acceptance']->assignedTo->present()->name() : trans('admin/reports/general.deleted_user')));
+                $rows[] = implode(',', $row);
+            } else {
+                // Log the error maybe?
+            }
        }

        // spit out a csv
@@ -7,6 +7,7 @@ use App\Helpers\StorageHelper;
 use App\Http\Requests\ImageUploadRequest;
 use App\Http\Requests\SettingsSamlRequest;
 use App\Http\Requests\SetupUserRequest;
+use App\Models\Group;
 use App\Models\Setting;
 use App\Models\Asset;
 use App\Models\User;
@@ -349,6 +350,7 @@ class SettingsController extends Controller
        $setting->privacy_policy_link = $request->input('privacy_policy_link');

        $setting->depreciation_method = $request->input('depreciation_method');
+        $setting->dash_chart_type = $request->input('dash_chart_type');

        if ($request->input('per_page') != '') {
            $setting->per_page = $request->input('per_page');
@@ -910,6 +912,8 @@ class SettingsController extends Controller
    public function getLdapSettings()
    {
        $setting = Setting::getSettings();
+        $groups = Group::pluck('name', 'id');
+

        /**
         * This validator is only temporary (famous last words.) - @snipe
@@ -922,13 +926,13 @@ class SettingsController extends Controller

        $validator = Validator::make($setting->toArray(), [
            'ldap_username_field' => 'not_in:sAMAccountName',
-            'ldap_auth_filter_query' => 'not_in:uid=samaccountname',
-            'ldap_filter' => 'regex:"^[^(]"',
+            'ldap_auth_filter_query' => 'not_in:uid=samaccountname|required_if:ldap_enabled,1',
+            'ldap_filter' => 'nullable|regex:"^[^(]"|required_if:ldap_enabled,1',
        ],  $messages);



-        return view('settings.ldap', compact('setting'))->withErrors($validator);
+        return view('settings.ldap', compact('setting', 'groups'))->withErrors($validator);
    }

    /**
@@ -955,6 +959,7 @@ class SettingsController extends Controller
                $setting->ldap_pword = Crypt::encrypt($request->input('ldap_pword'));
            }
            $setting->ldap_basedn = $request->input('ldap_basedn');
+            $setting->ldap_default_group = $request->input('ldap_default_group');
            $setting->ldap_filter = $request->input('ldap_filter');
            $setting->ldap_username_field = $request->input('ldap_username_field');
            $setting->ldap_lname_field = $request->input('ldap_lname_field');
@@ -1278,34 +1283,30 @@ class SettingsController extends Controller
                // If it's greater than 300, it probably worked
                $output = Artisan::output();

-                if (strlen($output) > 300) {
-                    $find_user = DB::table('users')->where('first_name', $user->first_name)->where('last_name', $user->last_name)->exists();
+                /* Run migrations */
+                \Log::debug('Migrating database...');
+                Artisan::call('migrate', ['--force' => true]);
+                $migrate_output = Artisan::output();
+                \Log::debug($migrate_output);

-                    if (!$find_user){
-                        \Log::warning('Attempting to restore user: ' . $user->first_name . ' ' . $user->last_name);
-                        $new_user = $user->replicate();
-                        $new_user->push();
-                    }
-
-
-                    \Log::debug('Logging all users out..');
-                    Artisan::call('snipeit:global-logout', ['--force' => true]);
-                    
-                    /* run migrations */
-                    \Log::debug('Migrating database...');
-                    Artisan::call('migrate', ['--force' => true]);
-                    $migrate_output = Artisan::output();
-                    \Log::debug($migrate_output);
-
-                    DB::table('users')->update(['remember_token' => null]);
-                    \Auth::logout();
-
-                    return redirect()->route('login')->with('success', 'Your system has been restored. Please login again.');
+                $find_user = DB::table('users')->where('username', $user->username)->exists();
+                
+                if (!$find_user){
+                    \Log::warning('Attempting to restore user: ' . $user->username);
+                    $new_user = $user->replicate();
+                    $new_user->push();
                } else {
-                    return redirect()->route('settings.backups.index')->with('error', $output);
-
+                    \Log::debug('User: ' . $user->username .' already exists.');
                }

+                \Log::debug('Logging all users out..');
+                Artisan::call('snipeit:global-logout', ['--force' => true]);
+
+                DB::table('users')->update(['remember_token' => null]);
+                \Auth::logout();
+
+                return redirect()->route('login')->with('success', 'Your system has been restored. Please login again.');
+                
            } else {
                return redirect()->route('settings.backups.index')->with('error', trans('admin/settings/message.backup.file_not_found'));
            }
@@ -5,10 +5,13 @@ namespace App\Http\Controllers\Users;
 use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Models\Accessory;
+use App\Models\License;
 use App\Models\Actionlog;
 use App\Models\Asset;
 use App\Models\Group;
 use App\Models\LicenseSeat;
+use App\Models\ConsumableAssignment;
+use App\Models\Consumable;
 use App\Models\User;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
@@ -162,13 +165,11 @@ class BulkUsersController extends Controller
        if ((! $request->filled('ids')) || (count($request->input('ids')) == 0)) {
            return redirect()->back()->with('error', 'No users selected');
        }
-        if ((! $request->filled('status_id')) || ($request->input('status_id') == '')) {
-            return redirect()->route('users.index')->with('error', 'No status selected');
-        }

        if (config('app.lock_passwords')) {
            return redirect()->route('users.index')->with('error', 'Bulk delete is not enabled in this installation');
        }
+
        $user_raw_array = request('ids');

        if (($key = array_search(Auth::id(), $user_raw_array)) !== false) {
@@ -179,27 +180,48 @@ class BulkUsersController extends Controller
        $assets = Asset::whereIn('assigned_to', $user_raw_array)->where('assigned_type', \App\Models\User::class)->get();
        $accessories = DB::table('accessories_users')->whereIn('assigned_to', $user_raw_array)->get();
        $licenses = DB::table('license_seats')->whereIn('assigned_to', $user_raw_array)->get();
+        $consumables = DB::table('consumables_users')->whereIn('assigned_to', $user_raw_array)->get();
+
+        if ((($assets->count() > 0) && ((!$request->filled('status_id')) || ($request->input('status_id') == '')))) {
+            return redirect()->route('users.index')->with('error', 'No status selected');
+        }


        $this->logItemCheckinAndDelete($assets, Asset::class);
        $this->logItemCheckinAndDelete($accessories, Accessory::class);
-        $this->logItemCheckinAndDelete($licenses, LicenseSeat::class);
+        $this->logItemCheckinAndDelete($licenses, License::class);
+        $this->logItemCheckinAndDelete($consumables, Consumable::class);
+

        Asset::whereIn('id', $assets->pluck('id'))->update([
            'status_id'     => e(request('status_id')),
            'assigned_to'   => null,
            'assigned_type' => null,
+            'expected_checkin' => null,
        ]);


        LicenseSeat::whereIn('id', $licenses->pluck('id'))->update(['assigned_to' => null]);
+        ConsumableAssignment::whereIn('id', $consumables->pluck('id'))->delete();
+

        foreach ($users as $user) {
+
+            $user->consumables()->sync([]);
            $user->accessories()->sync([]);
-            $user->delete();
+            if ($request->input('delete_user')=='1') {
+                $user->delete();
+            }
+
        }

-        return redirect()->route('users.index')->with('success', 'Your selected users have been deleted and their assets have been updated.');
+        $msg = trans('general.bulk_checkin_success');
+        if ($request->input('delete_user')=='1') {
+            $msg = trans('general.bulk_checkin_delete_success');
+        }
+
+
+        return redirect()->route('users.index')->with('success', $msg);
    }

    /**
@@ -210,14 +232,20 @@ class BulkUsersController extends Controller
    protected function logItemCheckinAndDelete($items, $itemType)
    {
        foreach ($items as $item) {
+            $item_id = $item->id;
            $logAction = new Actionlog();
-            $logAction->item_id = $item->id;
+
+            if ($itemType == License::class){
+                $item_id = $item->license_id;
+            }
+            
+            $logAction->item_id = $item_id;
            // We can't rely on get_class here because the licenses/accessories fetched above are not eloquent models, but simply arrays.
            $logAction->item_type = $itemType;
            $logAction->target_id = $item->assigned_to;
            $logAction->target_type = User::class;
            $logAction->user_id = Auth::id();
-            $logAction->note = 'Bulk checkin items and delete user';
+            $logAction->note = 'Bulk checkin items';
            $logAction->logaction('checkin from');
        }
    }
@@ -119,6 +119,8 @@ class UsersController extends Controller
        $user->remote = $request->input('remote', 0);
        $user->website = $request->input('website', null);
        $user->created_by = Auth::user()->id;
+        $user->start_date = $request->input('start_date', null);
+        $user->end_date = $request->input('end_date', null);

        // Strip out the superuser permission if the user isn't a superadmin
        $permissions_array = $request->input('permission');
@@ -270,6 +272,8 @@ class UsersController extends Controller
        $user->zip = $request->input('zip', null);
        $user->remote = $request->input('remote', 0);
        $user->website = $request->input('website', null);
+        $user->start_date = $request->input('start_date', null);
+        $user->end_date = $request->input('end_date', null);

        // Update the location of any assets checked out to this user
        Asset::where('assigned_type', User::class)
@@ -594,7 +598,7 @@ class UsersController extends Controller
    }

    /**
-     * LDAP form processing.
+     * Print inventory
     *
     * @author Aladin Alaily
     * @since [v1.8]
@@ -628,14 +632,16 @@ class UsersController extends Controller
    {
        $this->authorize('view', User::class);

-        if( User::where('id', $id)->first()->exists())
-            {
-                $user= User::where('id', $id)->first();
-                $user->notify((new CurrentInventory($user)));
-                return redirect()->back()->with('success', trans('admin/users/general.user_notified'));
-            }
+        if (!$user = User::find($id)) {
+            return redirect()->back()
+                ->with('error', trans('admin/users/message.user_not_found', ['id' => $id]));
+        }
+        if (empty($user->email)) {
+            return redirect()->back()->with('error', trans('admin/users/message.user_has_no_email'));
+        }

-        return redirect()->back()->with('error', 'admin/accessories/message.user_does_not_exist');
+        $user->notify((new CurrentInventory($user)));
+        return redirect()->back()->with('success', trans('admin/users/general.user_notified'));
    }

    /**
@@ -8,6 +8,7 @@ use App\Models\AssetModel;
 use App\Models\Company;
 use App\Models\Setting;
 use App\Models\User;
+use App\Models\CustomField;
 use App\Notifications\RequestAssetCancelation;
 use App\Notifications\RequestAssetNotification;
 use Illuminate\Http\Request;
@@ -29,23 +30,41 @@ class ViewAssetsController extends Controller
    public function getIndex()
    {
        $user = User::with(
+            'assets',
            'assets.model',
+            'assets.model.fieldset.fields',
            'consumables',
            'accessories',
            'licenses',
-            'userloc',
-            'userlog'
-        )->withTrashed()->find(Auth::user()->id);
+        )->find(Auth::user()->id);

-        $userlog = $user->userlog->load('item', 'user', 'target');
+        $field_array = array();
+
+        // Loop through all the custom fields that are applied to any model the user has assigned
+        foreach ($user->assets as $asset) {
+
+            // Make sure the model has a custom fieldset before trying to loop through the associated fields
+            if ($asset->model->fieldset) {
+
+                foreach ($asset->model->fieldset->fields as $field) {
+                    // check and make sure they're allowed to see the value of the custom field
+                    if ($field->display_in_user_view == '1') {
+                        $field_array[$field->db_column] = $field->name;
+                    }
+                    
+                }
+            }
+
+        }
+
+        // Since some models may re-use the same fieldsets/fields, let's make the array unique so we don't repeat columns
+        array_unique($field_array);

        if (isset($user->id)) {
-            return view('account/view-assets', compact('user', 'userlog'))
+            return view('account/view-assets', compact('user', 'field_array' ))
                ->with('settings', Setting::getSettings());
-        } else {
-            // Redirect to the user management page
-            return redirect()->route('users.index')->with('error', trans('admin/users/message.user_not_found', compact('id')));
        }
+
        // Redirect to the user management page
        return redirect()->route('users.index')
            ->with('error', trans('admin/users/message.user_not_found', $user->id));
@@ -165,7 +184,7 @@ class ViewAssetsController extends Controller
            $settings->notify(new RequestAssetCancelation($data));

            return redirect()->route('requestable-assets')
-                ->with('success')->with('success', trans('admin/hardware/message.requests.cancel'));
+                ->with('success')->with('success', trans('admin/hardware/message.requests.canceled'));
        }

        $logaction->logaction('requested');
@@ -43,6 +43,7 @@ class Kernel extends HttpKernel
            \App\Http\Middleware\CheckForTwoFactor::class,
            \Laravel\Passport\Http\Middleware\CreateFreshApiToken::class,
            \App\Http\Middleware\AssetCountForSidebar::class,
+            \Illuminate\Session\Middleware\AuthenticateSession::class,
        ],

        'api' => [
@@ -49,7 +49,7 @@ class ItemImportRequest extends FormRequest
                $errorMessage = null;

                if (is_null($fieldValue)) {
-                    $errorMessage = trans('validation.import_field_empty');
+                    $errorMessage = trans('validation.import_field_empty', ['fieldname' => $field]);
                    $this->errorCallback($import, $field, $errorMessage);

                    return $this->errors;
@@ -57,7 +57,7 @@ class ActionlogsTransformer

        $file_url = '';
        if($actionlog->filename!='') {
-            if ($actionlog->present()->actionType() == 'accepted') {
+            if ($actionlog->action_type == 'accepted') {
                $file_url = route('log.storedeula.download', ['filename' => $actionlog->filename]);
            } else {
                if ($actionlog->itemType() == 'asset') {
@@ -85,6 +85,7 @@ class ActionlogsTransformer
                'id' => (int) $actionlog->item->id,
                'name' => ($actionlog->itemType()=='user') ? e($actionlog->item->getFullNameAttribute()) : e($actionlog->item->getDisplayNameAttribute()),
                'type' => e($actionlog->itemType()),
+                'serial' =>e($actionlog->item->serial) ? e($actionlog->item->serial) : null
            ] : null,
            'location' => ($actionlog->location) ? [
                'id' => (int) $actionlog->location->id,
@@ -95,11 +96,11 @@ class ActionlogsTransformer
            'next_audit_date' => ($actionlog->itemType()=='asset') ? Helper::getFormattedDateObject($actionlog->calcNextAuditDate(null, $actionlog->item), 'date'): null,
            'days_to_next_audit' => $actionlog->daysUntilNextAudit($settings->audit_interval, $actionlog->item),
            'action_type'   => $actionlog->present()->actionType(),
-            'admin' => ($actionlog->user) ? [
-                'id' => (int) $actionlog->user->id,
-                'name' => e($actionlog->user->getFullNameAttribute()),
-                'first_name'=> e($actionlog->user->first_name),
-                'last_name'=> e($actionlog->user->last_name)
+            'admin' => ($actionlog->admin) ? [
+                'id' => (int) $actionlog->admin->id,
+                'name' => e($actionlog->admin->getFullNameAttribute()),
+                'first_name'=> e($actionlog->admin->first_name),
+                'last_name'=> e($actionlog->admin->last_name)
            ] : null,
            'target' => ($actionlog->target) ? [
                'id' => (int) $actionlog->target->id,
@@ -22,6 +22,22 @@ class AssetModelsTransformer

    public function transformAssetModel(AssetModel $assetmodel)
    {
+
+        $default_field_values = array();
+
+        // Reach into the custom fields and models_custom_fields pivot table to find the default values for this model
+        if ($assetmodel->fieldset) {
+            foreach($assetmodel->fieldset->fields AS $field) {
+                $default_field_values[] = [
+                    'name' => e($field->name),
+                    'db_column_name' => e($field->db_column_name()),
+                    'default_value' => ($field->defaultValue($assetmodel->id)) ? e($field->defaultValue($assetmodel->id)) : null,
+                    'format' =>  e($field->format),
+                    'required' => ($field->pivot->required == '1') ? true : false,
+                ];
+            }
+        }
+
        $array = [
            'id' => (int) $assetmodel->id,
            'name' => e($assetmodel->name),
@@ -44,6 +60,7 @@ class AssetModelsTransformer
                'id' => (int) $assetmodel->fieldset->id,
                'name'=> e($assetmodel->fieldset->name),
            ] : null,
+            'default_fieldset_values' => $default_field_values,
            'eol' => ($assetmodel->eol > 0) ? $assetmodel->eol.' months' : 'None',
            'requestable' => ($assetmodel->requestable == '1') ? true : false,
            'notes' => e($assetmodel->notes),
@@ -8,6 +8,7 @@ use App\Models\Setting;
 use Gate;
 use Illuminate\Database\Eloquent\Collection;

+
 class AssetsTransformer
 {
    public function transformAssets(Collection $assets, $total)
@@ -80,6 +81,7 @@ class AssetsTransformer
            'next_audit_date' => Helper::getFormattedDateObject($asset->next_audit_date, 'date'),
            'deleted_at' => Helper::getFormattedDateObject($asset->deleted_at, 'datetime'),
            'purchase_date' => Helper::getFormattedDateObject($asset->purchase_date, 'date'),
+            'age' => $asset->purchase_date ? Helper::AgeFormat($asset->purchase_date) : '',
            'last_checkout' => Helper::getFormattedDateObject($asset->last_checkout, 'datetime'),
            'expected_checkin' => Helper::getFormattedDateObject($asset->expected_checkin, 'date'),
            'purchase_cost' => Helper::formatCurrencyOutput($asset->purchase_cost),
@@ -131,7 +133,7 @@ class AssetsTransformer
                $array['custom_fields'] = $fields_array;
            }
        } else {
-            $array['custom_fields'] = [];
+            $array['custom_fields'] = new \stdClass; // HACK to force generation of empty object instead of empty list
        }

        $permissions_array['available_actions'] = [
@@ -185,6 +187,7 @@ class AssetsTransformer
                    'name' => e($asset->assigned->getFullNameAttribute()),
                    'first_name'=> e($asset->assigned->first_name),
                    'last_name'=> ($asset->assigned->last_name) ? e($asset->assigned->last_name) : null,
+                    'email'=> ($asset->assigned->email) ? e($asset->assigned->email) : null,
                    'employee_number' =>  ($asset->assigned->employee_num) ? e($asset->assigned->employee_num) : null,
                    'type' => 'user',
                ] : null;
@@ -26,6 +26,7 @@ class ComponentsAssetsTransformer
            'created_at' => $asset->created_at->format('Y-m-d'),
            'qty' => $asset->components()->count(),
            'user_can_checkout' => $asset->availableForCheckout(),
+            'note' => e($asset->note),
        ];

        $permissions_array['available_actions'] = [
@@ -71,6 +71,7 @@ class ComponentsTransformer
                'id' => (int) $asset->id,
                'name' =>  e($asset->model->present()->name).' '.e($asset->present()->name),
                'qty' => $asset->pivot->assigned_qty,
+                'note' => $asset->pivot->note,
                'type' => 'asset',
                'created_at' => Helper::getFormattedDateObject($asset->pivot->created_at, 'datetime'),
                'available_actions' => ['checkin' => true],
@@ -47,6 +47,7 @@ class CustomFieldsTransformer
            'field_values_array'   => ($field->field_values) ? explode("\r\n", e($field->field_values)) : null,
            'type'   =>  e($field->element),
            'required'   =>  (($field->pivot) && ($field->pivot->required=='1')) ? true : false,
+            'display_in_user_view' =>  ($field->display_in_user_view =='1') ? true : false,
            'created_at' => Helper::getFormattedDateObject($field->created_at, 'datetime'),
            'updated_at' => Helper::getFormattedDateObject($field->updated_at, 'datetime'),
        ];
@@ -63,10 +63,16 @@ class DepreciationReportTransformer
         */
        if (($asset->model) && ($asset->model->depreciation)) {
            $depreciated_value = Helper::formatCurrencyOutput($asset->getDepreciatedValue());
-            $monthly_depreciation = Helper::formatCurrencyOutput(($asset->model->eol > 0 ? ($asset->purchase_cost / $asset->model->eol) : 0));
+            if($asset->model->eol==0 || $asset->model->eol==null ){
+                $monthly_depreciation = Helper::formatCurrencyOutput($asset->purchase_cost / $asset->model->depreciation->months);
+            }
+            else {
+                $monthly_depreciation = Helper::formatCurrencyOutput(($asset->model->eol > 0 ? ($asset->purchase_cost / $asset->model->eol) : 0));
+            }
            $diff = Helper::formatCurrencyOutput(($asset->purchase_cost - $asset->getDepreciatedValue()));
        }

+
        if ($asset->assigned) {
            $checkout_target = $asset->assigned->name;
            if ($asset->checkedOutToUser()) {
@@ -3,6 +3,7 @@
 namespace App\Http\Transformers;

 use App\Helpers\Helper;
+use App\Models\Depreciable;
 use App\Models\Depreciation;
 use Gate;
 use Illuminate\Database\Eloquent\Collection;
@@ -45,6 +45,7 @@ class LocationsTransformer
                'zip' => ($location->zip) ? e($location->zip) : null,
                'assigned_assets_count' => (int) $location->assigned_assets_count,
                'assets_count'    => (int) $location->assets_count,
+                'rtd_assets_count'    => (int) $location->rtd_assets_count,
                'users_count'    => (int) $location->users_count,
                'currency' =>  ($location->currency) ? e($location->currency) : null,
                'ldap_ou' =>  ($location->ldap_ou) ? e($location->ldap_ou) : null,
@@ -0,0 +1,55 @@
+<?php
+
+namespace App\Http\Transformers;
+
+
+use App\Helpers\Helper;
+/**
+ * Class PieChartTransformer
+ *
+ * This handles the standardized formatting of the API response we need to provide for
+ * the pie charts
+ *
+ * @return \Illuminate\Http\Response
+ * @since [v6.0.11]
+ * @author [A. Gianotto] [<snipe@snipe.net>]
+ */
+class PieChartTransformer
+{
+    public function transformPieChartDate($totals)
+    {
+
+        $labels = [];
+        $counts = [];
+        $default_color_count = 0;
+        $colors_array = [];
+
+        foreach ($totals as $total) {
+
+            if ($total['count'] > 0) {
+
+                $labels[] = $total['label']." (".$total['count'].")";
+                $counts[] = $total['count'];
+
+                if (isset($total['color'])) {
+                    $colors_array[] = $total['color'];
+                } else {
+                    $colors_array[] = Helper::defaultChartColors($default_color_count);
+                    $default_color_count++;
+                }
+            }
+        }
+
+        $results = [
+            'labels' => $labels,
+            'datasets' => [[
+                'data' => $counts,
+                'backgroundColor' => $colors_array,
+                'hoverBackgroundColor' =>  $colors_array,
+            ]],
+        ];
+
+
+        return $results;
+    }
+}
@@ -30,10 +30,10 @@ class UsersTransformer
                'username' => e($user->username),
                'remote' => ($user->remote == '1') ? true : false,
                'locale' => ($user->locale) ? e($user->locale) : null,
-                'employee_num' => e($user->employee_num),
+                'employee_num' => ($user->employee_num) ? e($user->employee_num) : null,
                'manager' => ($user->manager) ? [
                    'id' => (int) $user->manager->id,
-                    'name'=> e($user->manager->username),
+                    'name'=> e($user->manager->first_name).' '.e($user->manager->last_name),
                ] : null,
                'jobtitle' => ($user->jobtitle) ? e($user->jobtitle) : null,
                'phone' => ($user->phone) ? e($user->phone) : null,
@@ -43,7 +43,7 @@ class UsersTransformer
                'state' => ($user->state) ? e($user->state) : null,
                'country' => ($user->country) ? e($user->country) : null,
                'zip' => ($user->zip) ? e($user->zip) : null,
-                'email' => e($user->email),
+                'email' => ($user->email) ? e($user->email) : null,
                'department' => ($user->department) ? [
                    'id' => (int) $user->department->id,
                    'name'=> e($user->department->name),
@@ -69,13 +69,15 @@ class UsersTransformer
                ] : null,
                'created_at' => Helper::getFormattedDateObject($user->created_at, 'datetime'),
                'updated_at' => Helper::getFormattedDateObject($user->updated_at, 'datetime'),
+                'start_date' => Helper::getFormattedDateObject($user->start_date, 'date'),
+                'end_date' => Helper::getFormattedDateObject($user->end_date, 'date'),
                'last_login' => Helper::getFormattedDateObject($user->last_login, 'datetime'),
                'deleted_at' => ($user->deleted_at) ? Helper::getFormattedDateObject($user->deleted_at, 'datetime') : null,
            ];

        $permissions_array['available_actions'] = [
            'update' => (Gate::allows('update', User::class) && ($user->deleted_at == '')),
-            'delete' => (Gate::allows('delete', User::class) && ($user->assets_count == 0) && ($user->licenses_count == 0) && ($user->accessories_count == 0) && ($user->consumables_count == 0)),
+            'delete' => (Gate::allows('delete', User::class) && ($user->assets_count == 0) && ($user->licenses_count == 0) && ($user->accessories_count == 0)),
            'clone' => (Gate::allows('create', User::class) && ($user->deleted_at == '')),
            'restore' => (Gate::allows('create', User::class) && ($user->deleted_at != '')),
        ];
@@ -43,6 +43,7 @@ class AccessoryImporter extends ItemImporter
        $this->log('No Matching Accessory, Creating a new one');
        $accessory = new Accessory();
        $this->item['model_number'] = $this->findCsvMatch($row, "model_number");
+        $this->item['min_amt'] = $this->findCsvMatch($row, "min_amt");
        $accessory->fill($this->sanitizeItemForStoring($accessory));

        //FIXME: this disables model validation.  Need to find a way to avoid double-logs without breaking everything.
@@ -55,6 +55,11 @@ class AssetImporter extends ItemImporter
    {
        $editingAsset = false;
        $asset_tag = $this->findCsvMatch($row, 'asset_tag');
+
+        if(empty($asset_tag)){
+            $asset_tag = Asset::autoincrement_asset();
+        }
+
        $asset = Asset::where(['asset_tag'=> $asset_tag])->first();
        if ($asset) {
            if (! $this->updating) {
@@ -43,6 +43,7 @@ class ConsumableImporter extends ItemImporter
        $consumable = new Consumable();
        $this->item['model_number'] = $this->findCsvMatch($row, 'model_number');
        $this->item['item_no'] = $this->findCsvMatch($row, 'item_number');
+        $this->item['min_amt'] = $this->findCsvMatch($row, "min_amt");
        $consumable->fill($this->sanitizeItemForStoring($consumable));
        //FIXME: this disables model validation.  Need to find a way to avoid double-logs without breaking everything.
        $consumable->unsetEventDispatcher();
@@ -56,7 +56,7 @@ abstract class Importer
        'reassignable' => 'reassignable',
        'requestable' => 'requestable',
        'seats' => 'seats',
-        'serial_number' => 'serial number',
+        'serial' => 'serial number',
        'status' => 'status',
        'supplier' => 'supplier',
        'termination_date' => 'termination date',
@@ -77,6 +77,7 @@ abstract class Importer
        'manager_first_name' => 'manager first name',
        'manager_last_name' => 'manager last name',
        'min_amt' => 'minimum quantity',
+        'remote' => 'remote',
    ];
    /**
     * Map of item fields->csv names
@@ -288,6 +289,7 @@ abstract class Importer
            'department_id' =>  '',
            'username'  => $this->findCsvMatch($row, 'username'),
            'activated'  => $this->fetchHumanBoolean($this->findCsvMatch($row, 'activated')),
+            'remote'    => $this->fetchHumanBoolean(($this->findCsvMatch($row, 'remote'))),
        ];

        // Maybe we're lucky and the user already exists.
@@ -90,7 +90,7 @@ class ItemImporter extends Importer
        $this->item['qty'] = $this->findCsvMatch($row, 'quantity');
        $this->item['requestable'] = $this->findCsvMatch($row, 'requestable');
        $this->item['user_id'] = $this->user_id;
-        $this->item['serial'] = $this->findCsvMatch($row, 'serial');
+        $this->item['serial'] = $this->findCsvMatch($row, 'serial number');
        // NO need to call this method if we're running the user import.
        // TODO: Merge these methods.
        $this->item['checkout_class'] = $this->findCsvMatch($row, 'checkout_class');
@@ -112,7 +112,7 @@ class ItemImporter extends Importer
            return $this->createOrFetchUser($row);
        }

-        if (strtolower($this->item['checkout_class']) === 'location') {
+        if (strtolower($this->item['checkout_class']) === 'location' && $this->findCsvMatch($row, 'checkout_location') != null ) {
            return Location::findOrFail($this->createOrFetchLocation($this->findCsvMatch($row, 'checkout_location')));
        }

@@ -57,6 +57,7 @@ class UserImporter extends ItemImporter
        $this->item['employee_num'] = $this->findCsvMatch($row, 'employee_num');
        $this->item['department_id'] = $this->createOrFetchDepartment($this->findCsvMatch($row, 'department'));
        $this->item['manager_id'] = $this->fetchManager($this->findCsvMatch($row, 'manager_first_name'), $this->findCsvMatch($row, 'manager_last_name'));
+        $this->item['remote'] =($this->fetchHumanBoolean($this->findCsvMatch($row, 'remote')) ==1 ) ? '1' : 0;

        $user_department = $this->findCsvMatch($row, 'department');
        if ($this->shouldUpdateField($user_department)) {
@@ -20,6 +20,8 @@ use App\Notifications\CheckoutConsumableNotification;
 use App\Notifications\CheckoutLicenseNotification;
 use App\Notifications\CheckoutLicenseSeatNotification;
 use Illuminate\Support\Facades\Notification;
+use Exception;
+use Log;

 class CheckoutableListener
 {
@@ -43,16 +45,20 @@ class CheckoutableListener
         */
        $acceptance = $this->getCheckoutAcceptance($event);       

-        if (! $event->checkedOutTo->locale) {
-            Notification::locale(Setting::getSettings()->locale)->send(
-                $this->getNotifiables($event), 
-                $this->getCheckoutNotification($event, $acceptance)
-            );
-        } else {
-            Notification::send(
-                $this->getNotifiables($event), 
-                $this->getCheckoutNotification($event, $acceptance)
-            );
+        try {
+            if (! $event->checkedOutTo->locale) {
+                Notification::locale(Setting::getSettings()->locale)->send(
+                    $this->getNotifiables($event),
+                    $this->getCheckoutNotification($event, $acceptance)
+                );
+            } else {
+                Notification::send(
+                    $this->getNotifiables($event),
+                    $this->getCheckoutNotification($event, $acceptance)
+                );
+            }
+        } catch (Exception $e) {
+            Log::error("Exception caught during checkout notification: ".$e->getMessage());
        }
    }

@@ -83,17 +89,21 @@ class CheckoutableListener
            }
        }

-        // Use default locale
-        if (! $event->checkedOutTo->locale) {
-            Notification::locale(Setting::getSettings()->locale)->send(
-                $this->getNotifiables($event),
-                $this->getCheckinNotification($event)
-            );
-        } else {
-            Notification::send(
-                $this->getNotifiables($event),
-                $this->getCheckinNotification($event)
-            );
+        try {
+            // Use default locale
+            if (! $event->checkedOutTo->locale) {
+                Notification::locale(Setting::getSettings()->locale)->send(
+                    $this->getNotifiables($event),
+                    $this->getCheckinNotification($event)
+                );
+            } else {
+                Notification::send(
+                    $this->getNotifiables($event),
+                    $this->getCheckinNotification($event)
+                );
+            }
+        } catch (Exception $e) {
+            Log::error("Exception caught during checkin notification: ".$e->getMessage());
        }
    }      

@@ -54,7 +54,7 @@ class LogListener
    public function onCheckoutAccepted(CheckoutAccepted $event)
    {

-        \Log::error('event passed to the onCheckoutAccepted listener:');
+        \Log::debug('event passed to the onCheckoutAccepted listener:');
        $logaction = new Actionlog();
        $logaction->item()->associate($event->acceptance->checkoutable);
        $logaction->target()->associate($event->acceptance->assignedTo);
@@ -2,6 +2,7 @@

 namespace App\Models;

+use App\Helpers\Helper;
 use App\Models\Traits\Acceptable;
 use App\Models\Traits\Searchable;
 use App\Presenters\Presentable;
@@ -100,6 +101,23 @@ class Accessory extends SnipeModel



+    /**
+     * Establishes the accessories -> action logs -> uploads relationship
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v6.1.13]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
+    public function uploads()
+    {
+        return $this->hasMany(\App\Models\Actionlog::class, 'item_id')
+            ->where('item_type', '=', self::class)
+            ->where('action_type', '=', 'uploaded')
+            ->whereNotNull('filename')
+            ->orderBy('created_at', 'desc');
+    }
+
+
    /**
     * Establishes the accessory -> supplier relationship
     *
@@ -299,15 +317,14 @@ class Accessory extends SnipeModel
     */
    public function getEula()
    {
-        $Parsedown = new \Parsedown();

        if ($this->category->eula_text) {
-            return $Parsedown->text(e($this->category->eula_text));
+            return Helper::parseEscapedMarkedown($this->category->eula_text);
        } elseif ((Setting::getSettings()->default_eula_text) && ($this->category->use_default_eula == '1')) {
-            return $Parsedown->text(e(Setting::getSettings()->default_eula_text));
+            return Helper::parseEscapedMarkedown(Setting::getSettings()->default_eula_text);
        }

-            return null;
+        return null;
    }

     /**
@@ -43,7 +43,9 @@ class Actionlog extends SnipeModel
     */
    protected $searchableRelations = [
        'company' => ['name'],
-        'user' => ['first_name','last_name','username'],
+        'admin' => ['first_name','last_name','username', 'email'],
+        'user'  => ['first_name','last_name','username', 'email'],
+        'assets'  => ['asset_tag','name'],
    ];

    /**
@@ -95,6 +97,19 @@ class Actionlog extends SnipeModel
        return $this->hasMany(\App\Models\Company::class, 'id', 'company_id');
    }

+
+    /**
+     * Establishes the actionlog -> asset relationship
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
+    public function assets()
+    {
+        return $this->hasMany(\App\Models\Asset::class, 'id', 'item_id');
+    }
+
    /**
     * Establishes the actionlog -> item type relationship
     *
@@ -154,6 +169,19 @@ class Actionlog extends SnipeModel
        return $this->target();
    }

+    /**
+     * Establishes the actionlog -> admin user relationship
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
+    public function admin()
+    {
+        return $this->belongsTo(User::class, 'user_id')
+                    ->withTrashed();
+    }
+
    /**
     * Establishes the actionlog -> user relationship
     *
@@ -163,8 +191,8 @@ class Actionlog extends SnipeModel
     */
    public function user()
    {
-        return $this->belongsTo(User::class, 'user_id')
-                    ->withTrashed();
+        return $this->belongsTo(User::class, 'target_id')
+            ->withTrashed();
    }

    /**
@@ -5,6 +5,7 @@ namespace App\Models;
 use App\Events\AssetCheckedOut;
 use App\Events\CheckoutableCheckedOut;
 use App\Exceptions\CheckoutNotAllowed;
+use App\Helpers\Helper;
 use App\Http\Traits\UniqueSerialTrait;
 use App\Http\Traits\UniqueUndeletedTrait;
 use App\Models\Traits\Acceptable;
@@ -694,15 +695,15 @@ class Asset extends Depreciable
    public static function getExpiringWarrantee($days = 30)
    {
        $days = (is_null($days)) ? 30 : $days;
-        
+
        return self::where('archived', '=', '0')
            ->whereNotNull('warranty_months')
            ->whereNotNull('purchase_date')
            ->whereNull('deleted_at')
-            ->whereRaw(\DB::raw('DATE_ADD(`purchase_date`,INTERVAL `warranty_months` MONTH) <= DATE(NOW() + INTERVAL '
+            ->whereRaw('DATE_ADD(`purchase_date`,INTERVAL `warranty_months` MONTH) <= DATE(NOW() + INTERVAL '
                                 . $days
-                                 . ' DAY) AND DATE_ADD(`purchase_date`, INTERVAL `warranty_months` MONTH) > NOW()'))
-            ->orderBy('purchase_date', 'ASC')
+                                 . ' DAY) AND DATE_ADD(`purchase_date`, INTERVAL `warranty_months` MONTH) > NOW()')
+            ->orderByRaw('DATE_ADD(`purchase_date`,INTERVAL `warranty_months` MONTH)')
            ->get();
    }

@@ -875,13 +876,12 @@ class Asset extends Depreciable
     */
    public function getEula()
    {
-        $Parsedown = new \Parsedown();
-        
+
        if (($this->model) && ($this->model->category)) {
            if ($this->model->category->eula_text) {
-                return $Parsedown->text(e($this->model->category->eula_text));
+                return Helper::parseEscapedMarkedown($this->model->category->eula_text);
            } elseif ($this->model->category->use_default_eula == '1') {
-                return $Parsedown->text(e(Setting::getSettings()->default_eula_text));
+                return Helper::parseEscapedMarkedown(Setting::getSettings()->default_eula_text);
            } else {
                return false;
            }
@@ -74,10 +74,11 @@ class AssetMaintenance extends Model implements ICompanyableChild
            trans('admin/asset_maintenances/general.maintenance') => trans('admin/asset_maintenances/general.maintenance'),
            trans('admin/asset_maintenances/general.repair')      => trans('admin/asset_maintenances/general.repair'),
            trans('admin/asset_maintenances/general.upgrade')     => trans('admin/asset_maintenances/general.upgrade'),
-            'PAT test'      => 'PAT test',
+            trans('admin/asset_maintenances/general.pat_test')     => trans('admin/asset_maintenances/general.pat_test'),
            trans('admin/asset_maintenances/general.calibration')     => trans('admin/asset_maintenances/general.calibration'),
-            'Software Support'      => trans('admin/asset_maintenances/general.software_support'),
-            'Hardware Support'      => trans('admin/asset_maintenances/general.hardware_support'),
+            trans('admin/asset_maintenances/general.software_support')      => trans('admin/asset_maintenances/general.software_support'),
+            trans('admin/asset_maintenances/general.hardware_support')      => trans('admin/asset_maintenances/general.hardware_support'),
+            trans('admin/asset_maintenances/general.configuration_change')     => trans('admin/asset_maintenances/general.configuration_change'),
        ];
    }

@@ -9,6 +9,7 @@ use Illuminate\Database\Eloquent\Factories\HasFactory;
 use Illuminate\Database\Eloquent\SoftDeletes;
 use Illuminate\Support\Facades\Gate;
 use Watson\Validating\ValidatingTrait;
+use App\Helpers\Helper;

 /**
 * Model for Categories. Categories are a higher-level group
@@ -207,12 +208,11 @@ class Category extends SnipeModel
     */
    public function getEula()
    {
-        $Parsedown = new \Parsedown();

        if ($this->eula_text) {
-            return $Parsedown->text(e($this->eula_text));
+            return Helper::parseEscapedMarkedown($this->eula_text);
        } elseif ((Setting::getSettings()->default_eula_text) && ($this->use_default_eula == '1')) {
-            return $Parsedown->text(e(Setting::getSettings()->default_eula_text));
+            return Helper::parseEscapedMarkedown(Setting::getSettings()->default_eula_text);
        } else {
            return null;
        }
@@ -5,16 +5,25 @@ namespace App\Models;
 use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;
+use Illuminate\Notifications\Notifiable;

 class CheckoutAcceptance extends Model
 {
-    use SoftDeletes;
+    use SoftDeletes, Notifiable;

    protected $casts = [
        'accepted_at' => 'datetime',
        'declined_at' => 'datetime',
    ];

+    // Get the mail recipient from the config
+    public function routeNotificationForMail(): string
+    {
+        // At this point the endpoint is the same for everything.
+        //  In the future this may want to be adapted for individual notifications.
+        return (config('mail.reply_to.address')) ? config('mail.reply_to.address') : '' ;
+    }
+
    /**
     * The resource that was is out
     *
@@ -73,6 +73,10 @@ final class Company extends SnipeModel
        }
    }

+    /**
+     * Scoping table queries, determining if a logged in user is part of a company, and only allows
+     * that user to see items associated with that company
+     */
    private static function scopeCompanyablesDirectly($query, $column = 'company_id', $table_name = null)
    {
        if (Auth::user()) {
@@ -127,6 +131,11 @@ final class Company extends SnipeModel
            return false;
        } elseif (! static::isFullMultipleCompanySupportEnabled()) {
            return true;
+        } elseif (!$companyable instanceof Company && !\Schema::hasColumn($companyable->getModel()->getTable(), 'company_id')) {
+            // This is primary for the gate:allows-check in location->isDeletable()
+            // Locations don't have a company_id so without this it isn't possible to delete locations with FullMultipleCompanySupport enabled
+            // because this function is called by SnipePermissionsPolicy->before()
+            return true;
        } else {
            if (Auth::user()) {
                $current_user_company_id = Auth::user()->company_id;
@@ -88,6 +88,24 @@ class Component extends SnipeModel
        'location'     => ['name'],
    ];

+
+    /**
+     * Establishes the components -> action logs -> uploads relationship
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v6.1.13]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
+    public function uploads()
+    {
+        return $this->hasMany(\App\Models\Actionlog::class, 'item_id')
+            ->where('item_type', '=', self::class)
+            ->where('action_type', '=', 'uploaded')
+            ->whereNotNull('filename')
+            ->orderBy('created_at', 'desc');
+    }
+
+
    /**
     * Establishes the component -> location relationship
     *
@@ -109,7 +127,7 @@ class Component extends SnipeModel
     */
    public function assets()
    {
-        return $this->belongsToMany(\App\Models\Asset::class, 'components_assets')->withPivot('id', 'assigned_qty', 'created_at', 'user_id');
+        return $this->belongsToMany(\App\Models\Asset::class, 'components_assets')->withPivot('id', 'assigned_qty', 'created_at', 'user_id', 'note');
    }

    /**
@@ -2,6 +2,7 @@

 namespace App\Models;

+use App\Helpers\Helper;
 use App\Models\Traits\Acceptable;
 use App\Models\Traits\Searchable;
 use App\Presenters\Presentable;
@@ -95,6 +96,24 @@ class Consumable extends SnipeModel
        'manufacturer' => ['name'],
    ];

+
+    /**
+     * Establishes the components -> action logs -> uploads relationship
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v6.1.13]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
+    public function uploads()
+    {
+        return $this->hasMany(\App\Models\Actionlog::class, 'item_id')
+            ->where('item_type', '=', self::class)
+            ->where('action_type', '=', 'uploaded')
+            ->whereNotNull('filename')
+            ->orderBy('created_at', 'desc');
+    }
+
+
    /**
     * Sets the attribute of whether or not the consumable is requestable
     *
@@ -265,12 +284,10 @@ class Consumable extends SnipeModel
     */
    public function getEula()
    {
-        $Parsedown = new \Parsedown();
-
        if ($this->category->eula_text) {
-            return $Parsedown->text(e($this->category->eula_text));
+            return  Helper::parseEscapedMarkedown($this->category->eula_text);
        } elseif ((Setting::getSettings()->default_eula_text) && ($this->category->use_default_eula == '1')) {
-            return $Parsedown->text(e(Setting::getSettings()->default_eula_text));
+            return  Helper::parseEscapedMarkedown(Setting::getSettings()->default_eula_text);
        } else {
            return null;
        }
@@ -48,7 +48,11 @@ class CustomField extends Model
     *
     * @var array
     */
-    protected $rules = [];
+    protected $rules = [
+        'name' => 'required|unique:custom_fields',
+        'element' => 'required|in:text,listbox,textarea,checkbox,radio',
+        'field_encrypted' => 'nullable|boolean',
+    ];

    /**
     * The attributes that are mass assignable.
@@ -64,6 +68,7 @@ class CustomField extends Model
        'help_text',
        'show_in_email',
        'is_unique',
+        'display_in_user_view',
    ];

    /**
@@ -338,7 +343,7 @@ class CustomField extends Model
        $id = $this->id ? $this->id : 'xx';

        if (! function_exists('transliterator_transliterate')) {
-            $long_slug = '_snipeit_'.str_slug(\Patchwork\Utf8::utf8_encode(trim($name)), '_');
+            $long_slug = '_snipeit_'.str_slug(mb_convert_encoding(trim($name),"UTF-8"), '_');
        } else {
            $long_slug = '_snipeit_'.Utf8Slugger::slugify($name, '_');
        }
@@ -356,15 +361,9 @@ class CustomField extends Model
    public function validationRules($regex_format = null)
    {
        return [
-            'name' => 'required|unique:custom_fields',
-            'element' => [
-                'required',
-                Rule::in(['text', 'listbox',  'textarea', 'checkbox', 'radio']),
-            ],
            'format' => [
                Rule::in(array_merge(array_keys(self::PREDEFINED_FORMATS), self::PREDEFINED_FORMATS, [$regex_format])),
-            ],
-            'field_encrypted' => 'nullable|boolean',
+            ]
        ];
    }

@@ -87,7 +87,7 @@ class CustomFieldset extends Model
            }

            if ($field->is_unique == '1') {
-                    $rule[] = 'unique';
+                    $rule[] = 'unique_undeleted';
            }

            array_push($rule, $field->attributes['format']);
@@ -29,7 +29,7 @@ class Department extends SnipeModel
    ];

    protected $rules = [
-        'name'                  => 'required|max:255',
+        'name'                  => 'required|max:255|is_unique_department',
        'location_id'           => 'numeric|nullable',
        'company_id'            => 'numeric|nullable',
        'manager_id'            => 'numeric|nullable',
@@ -68,21 +68,37 @@ class Depreciable extends SnipeModel
     */
    public function getLinearDepreciatedValue() // TODO - for testing it might be nice to have an optional $relative_to param here, defaulted to 'now'
    {
-        $months_remaining = $this->time_until_depreciated()->m + 12 * $this->time_until_depreciated()->y; //UGlY
-
-        $current_value = round(($months_remaining / $this->get_depreciation()->months) * $this->purchase_cost, 2);
-
-        if($this->get_depreciation()->depreciation_min > $current_value) {
-
-            $current_value=round($this->get_depreciation()->depreciation_min,2);
+        if ($this->purchase_date) {
+            $months_passed = ($this->purchase_date->diff(now())->m)+($this->purchase_date->diff(now())->y*12);
+        } else {
+            return null;
        }
-        if ($current_value < 0) {
-            $current_value = 0;
+
+        if ($months_passed >= $this->get_depreciation()->months){
+            //if there is a floor use it
+            if(!$this->get_depreciation()->depreciation_min == null) {
+
+                $current_value = $this->get_depreciation()->depreciation_min;
+
+            }else{
+                $current_value = 0;
+            }
+        }
+        else {
+            // The equation here is (Purchase_Cost-Floor_min)*(Months_passed/Months_til_depreciated)
+            $current_value = round(($this->purchase_cost-($this->purchase_cost - ($this->get_depreciation()->depreciation_min)) * ($months_passed / $this->get_depreciation()->months)), 2);
+
        }

        return $current_value;
    }

+    public function getMonthlyDepreciation(){
+
+        return ($this->purchase_cost-$this->get_depreciation()->depreciation_min)/$this->get_depreciation()->months;
+
+    }
+
    /**
     * @param onlyHalfFirstYear Boolean always applied only second half of the first year
     * @return float|int
@@ -169,23 +169,29 @@ class Ldap extends Model
    {
        $ldap_username = Setting::getSettings()->ldap_uname;

-        // Lets return some nicer messages for users who donked their app key, and disable LDAP
-        try {
-            $ldap_pass = \Crypt::decrypt(Setting::getSettings()->ldap_pword);
-        } catch (Exception $e) {
-            throw new Exception('Your app key has changed! Could not decrypt LDAP password using your current app key, so LDAP authentication has been disabled. Login with a local account, update the LDAP password and re-enable it in Admin > Settings.');
-        }
-
-        if (! $ldapbind = @ldap_bind($connection, $ldap_username, $ldap_pass)) {
-            throw new Exception('Could not bind to LDAP: '.ldap_error($connection));
-        }
-        // TODO - this just "falls off the end" but the function states that it should return true or false
-        // unfortunately, one of the use cases for this function is wrong and *needs* for that failure mode to fire
-        // so I don't want to fix this right now.
-        // this method MODIFIES STATE on the passed-in $connection and just returns true or false (or, in this case, undefined)
-        // at the next refactor, this should be appropriately modified to be more consistent.
-    }
+		if ( $ldap_username ) {
+			// Lets return some nicer messages for users who donked their app key, and disable LDAP
+			try {
+				$ldap_pass = \Crypt::decrypt(Setting::getSettings()->ldap_pword);
+			} catch (Exception $e) {
+				throw new Exception('Your app key has changed! Could not decrypt LDAP password using your current app key, so LDAP authentication has been disabled. Login with a local account, update the LDAP password and re-enable it in Admin > Settings.');
+			}

+			if (! $ldapbind = @ldap_bind($connection, $ldap_username, $ldap_pass)) {
+				throw new Exception('Could not bind to LDAP: '.ldap_error($connection));
+			}
+			// TODO - this just "falls off the end" but the function states that it should return true or false
+			// unfortunately, one of the use cases for this function is wrong and *needs* for that failure mode to fire
+			// so I don't want to fix this right now.
+			// this method MODIFIES STATE on the passed-in $connection and just returns true or false (or, in this case, undefined)
+			// at the next refactor, this should be appropriately modified to be more consistent.
+		} else {
+			// LDAP should also work with anonymous bind (no dn, no password available)
+			if (! $ldapbind = @ldap_bind($connection )) {
+				throw new Exception('Could not bind to LDAP: '.ldap_error($connection));
+			}
+		}
+	}

    /**
     * Parse and map LDAP attributes based on settings
@@ -2,6 +2,7 @@

 namespace App\Models;

+use App\Helpers\Helper;
 use App\Models\Traits\Searchable;
 use App\Presenters\Presentable;
 use Carbon\Carbon;
@@ -122,12 +123,20 @@ class License extends Depreciable
        static::created(function ($license) {
            $newSeatCount = $license->getAttributes()['seats'];

-            return static::adjustSeatCount($license, $oldSeatCount = 0, $newSeatCount);
+            return static::adjustSeatCount($license, 0, $newSeatCount);
        });
        // However, we listen for updating to be able to prevent the edit if we cannot delete enough seats.
        static::updating(function ($license) {
            $newSeatCount = $license->getAttributes()['seats'];
-            $oldSeatCount = isset($license->getOriginal()['seats']) ? $license->getOriginal()['seats'] : 0;
+            //$oldSeatCount = isset($license->getOriginal()['seats']) ? $license->getOriginal()['seats'] : 0;
+            /*
+               That previous method *did* mostly work, but if you ever managed to get your $license->seats value out of whack
+               with your actual count of license_seats *records*, you would never manage to get back 'into whack'.
+               The below method actually grabs a count of existing license_seats records, so it will be more accurate.
+               This means that if your license_seats are out of whack, you can change the quantity and hit 'save' and it
+               will manage to 'true up' and make your counts line up correctly.
+            */
+            $oldSeatCount = $license->license_seats_count;

            return static::adjustSeatCount($license, $oldSeatCount, $newSeatCount);
        });
@@ -337,12 +346,11 @@ class License extends Depreciable
     */
    public function getEula()
    {
-        $Parsedown = new \Parsedown();

        if ($this->category->eula_text) {
-            return $Parsedown->text(e($this->category->eula_text));
+            return Helper::parseEscapedMarkedown($this->category->eula_text);
        } elseif ($this->category->use_default_eula == '1') {
-            return $Parsedown->text(e(Setting::getSettings()->default_eula_text));
+            return Helper::parseEscapedMarkedown(Setting::getSettings()->default_eula_text);
        } else {
            return false;
        }
@@ -90,6 +90,14 @@ class Location extends SnipeModel
      'parent' => ['name'],
    ];

+
+    /**
+     * Determine whether or not this location can be deleted
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v3.0]
+     * @return bool
+     */
    public function isDeletable()
    {
        return Gate::allows('delete', $this)
@@ -98,12 +106,25 @@ class Location extends SnipeModel
                && ($this->users()->count() === 0);
    }

+    /**
+     * Establishes the user -> location relationship
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v3.0]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
    public function users()
    {
        return $this->hasMany(\App\Models\User::class, 'location_id');
    }

-
+    /**
+     * Find assets with this location as their location_id
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v3.0]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
    public function assets()
    {
        return $this->hasMany(\App\Models\Asset::class, 'location_id')
@@ -114,6 +135,14 @@ class Location extends SnipeModel
            });
    }

+
+    /**
+     * Establishes the  asset -> rtd_location relationship
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v3.0]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
    public function rtd_assets()
    {
        /* This used to have an ...->orHas() clause that referred to
@@ -123,48 +152,93 @@ class Location extends SnipeModel
           It is arguable that we should have a '...->whereNull('assigned_to')
           bit in there, but that isn't always correct either (in the case
           where a user has no location, for example).
-
-           In all likelyhood, we need to denorm an "effective_location" column
-           into Assets to make this slightly less miserable.
        */
        return $this->hasMany(\App\Models\Asset::class, 'rtd_location_id');
    }

+    /**
+     * Establishes the consumable -> location relationship
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v3.0]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
    public function consumables()
    {
        return $this->hasMany(\App\Models\Consumable::class, 'location_id');
    }

+    /**
+     * Establishes the component -> location relationship
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v3.0]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
    public function components()
    {
        return $this->hasMany(\App\Models\Component::class, 'location_id');
    }

+    /**
+     * Establishes the component -> accessory relationship
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v3.0]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
    public function accessories()
    {
        return $this->hasMany(\App\Models\Accessory::class, 'location_id');
    }

-
-
+    /**
+     * Find the parent of a location
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v2.0]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
    public function parent()
    {
        return $this->belongsTo(self::class, 'parent_id', 'id')
            ->with('parent');
    }

+
+    /**
+     * Find the manager of a location
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v2.0]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
    public function manager()
    {
        return $this->belongsTo(\App\Models\User::class, 'manager_id');
    }

+
+    /**
+     * Find children of a location
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v2.0]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
    public function children()
    {
        return $this->hasMany(self::class, 'parent_id')
            ->with('children');
    }

-    // I don't think we need this anymore since we de-normed location_id in assets?
+    /**
+     * Establishes the asset -> location assignment relationship
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v3.0]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
    public function assignedAssets()
    {
        return $this->morphMany(\App\Models\Asset::class, 'assigned', 'assigned_type', 'assigned_to')->withTrashed();
@@ -189,7 +189,7 @@ trait Loggable
        $params = [
            'item' => $log->item,
            'filename' => $log->filename,
-            'admin' => $log->user,
+            'admin' => $log->admin,
            'location' => ($location) ? $location->name : '',
            'note' => $note,
        ];
@@ -8,9 +8,10 @@ use Illuminate\Notifications\Notifiable;
 use Illuminate\Support\Collection;
 use Illuminate\Support\Facades\App;
 use Illuminate\Support\Facades\Cache;
-use Parsedown;
+use App\Helpers\Helper;
 use Watson\Validating\ValidatingTrait;

+
 /**
 * Settings model.
 */
@@ -135,7 +136,6 @@ class Setting extends Model
    public function lar_ver(): string
    {
        $app = App::getFacadeApplication();
-
        return $app::VERSION;
    }

@@ -147,9 +147,7 @@ class Setting extends Model
    public static function getDefaultEula(): ?string
    {
        if (self::getSettings()->default_eula_text) {
-            $parsedown = new Parsedown();
-
-            return $parsedown->text(e(self::getSettings()->default_eula_text));
+            return Helper::parseEscapedMarkedown(self::getSettings()->default_eula_text);
        }

        return null;
@@ -41,6 +41,11 @@ class SnipeSCIMConfig extends \ArieTimmerman\Laravel\SCIMServer\SCIMConfig
            } 
        );

+        // externalId support
+        $config['validations'][$core.'externalId'] = 'string|nullable'; // not required, but supported mostly just for Okta
+        // note that the mapping is *not* namespaced like the other $mappings
+        $config['mapping']['externalId'] = AttributeMapping::eloquent('scim_externalid');
+
        $config['validations'][$core.'emails'] = 'nullable|array';         // emails are not required in Snipe-IT...
        $config['validations'][$core.'emails.*.value'] = 'email'; // ...(had to remove the recommended 'required' here)

@@ -162,6 +162,10 @@ trait Searchable
                        $query->orWhere($table.'.'.$column, 'LIKE', '%'.$term.'%');
                    }
                }
+                // I put this here because I only want to add the concat one time in the end of the user relation search
+                if($relation == 'user') {
+                    $query->orWhereRaw('CONCAT (users.first_name, " ", users.last_name) LIKE ?', ["%$term%"]);
+                }
            });
        }

--- a/Show More
+++ b/Show More