Refactor custom fields handling for storage

Signed-off-by: snipe <snipe@snipe.net>
Merge pull request #15043 from snipe/fixes/custom_fields_on_audit
2024-07-08 14:00:15 +01:00 · 2024-07-08 13:20:59 +01:00 · 2024-07-08 13:19:05 +01:00 · 2024-07-04 17:10:10 +01:00 · 2024-07-04 16:55:47 +01:00 · 2024-07-04 16:48:05 +01:00
2560 changed files with 331801 additions and 131151 deletions
@@ -3018,6 +3018,124 @@
      "contributions": [
        "code"
      ]
    },
    {
      "login": "koiakoia",
      "name": "koiakoia",
      "avatar_url": "https://avatars.githubusercontent.com/u/60405354?v=4",
      "profile": "https://github.com/koiakoia",
      "contributions": [
        "code"
      ]
    },
    {
      "login": "mustafa-online",
      "name": "Mustafa Online",
      "avatar_url": "https://avatars.githubusercontent.com/u/5323832?v=4",
      "profile": "https://github.com/mustafa-online",
      "contributions": [
        "code"
      ]
    },
    {
      "login": "franceslui",
      "name": "franceslui",
      "avatar_url": "https://avatars.githubusercontent.com/u/104601439?v=4",
      "profile": "https://github.com/franceslui",
      "contributions": [
        "code"
      ]
    },
    {
      "login": "Q4kK",
      "name": "Q4kK",
      "avatar_url": "https://avatars.githubusercontent.com/u/125313163?v=4",
      "profile": "https://github.com/Q4kK",
      "contributions": [
        "code"
      ]
    },
    {
      "login": "squintfox",
      "name": "squintfox",
      "avatar_url": "https://avatars.githubusercontent.com/u/55590532?v=4",
      "profile": "https://github.com/squintfox",
      "contributions": [
        "code"
      ]
    },
    {
      "login": "jeffclay",
      "name": "Jeff Clay",
      "avatar_url": "https://avatars.githubusercontent.com/u/1380084?v=4",
      "profile": "https://github.com/jeffclay",
      "contributions": [
        "code"
      ]
    },
    {
      "login": "PP-JN-RL",
      "name": "Phil J R",
      "avatar_url": "https://avatars.githubusercontent.com/u/52716446?v=4",
      "profile": "https://github.com/PP-JN-RL",
      "contributions": [
        "code"
      ]
    },
    {
      "login": "chandanchowdhury",
      "name": "i_virus",
      "avatar_url": "https://avatars.githubusercontent.com/u/1496725?v=4",
      "profile": "https://www.corelight.com/",
      "contributions": [
        "code"
      ]
    },
    {
      "login": "gitgrimbo",
      "name": "Paul Grime",
      "avatar_url": "https://avatars.githubusercontent.com/u/1020541?v=4",
      "profile": "https://github.com/gitgrimbo",
      "contributions": [
        "code"
      ]
    },
    {
      "login": "LeePorte",
      "name": "Lee Porte",
      "avatar_url": "https://avatars.githubusercontent.com/u/922815?v=4",
      "profile": "https://leeporte.co.uk",
      "contributions": [
        "code"
      ]
    },
    {
      "login": "bryanlopezinc",
      "name": "BRYAN ",
      "avatar_url": "https://avatars.githubusercontent.com/u/23613427?v=4",
      "profile": "https://github.com/bryanlopezinc",
      "contributions": [
        "code",
        "test"
      ]
    },
    {
      "login": "U-H-T",
      "name": "U-H-T",
      "avatar_url": "https://avatars.githubusercontent.com/u/64061710?v=4",
      "profile": "https://github.com/U-H-T",
      "contributions": [
        "code"
      ]
    },
    {
      "login": "Tyree",
      "name": "Matt Tyree",
      "avatar_url": "https://avatars.githubusercontent.com/u/5395363?v=4",
      "profile": "https://github.com/Tyree",
      "contributions": [
        "doc"
      ]
    }
  ]
 }
@@ -0,0 +1,166 @@
 # --------------------------------------------
 # REQUIRED: DB SETUP
 # --------------------------------------------
 MYSQL_DATABASE=snipeit
 MYSQL_USER=snipeit
 MYSQL_PASSWORD=changeme1234
 MYSQL_ROOT_PASSWORD=changeme1234
 # --------------------------------------------
 # REQUIRED: BASIC APP SETTINGS
 # --------------------------------------------
 APP_ENV=develop
 APP_DEBUG=false
 # please regenerate the APP_KEY value by calling `docker-compose run --rm snipeit bash` and then `php artisan key:generate --show` and then copy paste the value here
 APP_KEY=base64:3ilviXqB9u6DX1NRcyWGJ+sjySF+H18CPDGb3+IVwMQ=
 APP_URL=http://localhost:8000
 APP_TIMEZONE='UTC'
 APP_LOCALE=en
 MAX_RESULTS=500
 # --------------------------------------------
 # REQUIRED: UPLOADED FILE STORAGE SETTINGS
 # --------------------------------------------
 PRIVATE_FILESYSTEM_DISK=local
 PUBLIC_FILESYSTEM_DISK=local_public
 # --------------------------------------------
 # REQUIRED: DATABASE SETTINGS
 # --------------------------------------------
 DB_CONNECTION=mysql
 DB_HOST=mariadb
 DB_DATABASE=snipeit
 DB_USERNAME=snipeit
 DB_PASSWORD=changeme1234
 DB_PREFIX=null
 DB_DUMP_PATH='/usr/bin'
 DB_CHARSET=utf8mb4
 DB_COLLATION=utf8mb4_unicode_ci
 # --------------------------------------------
 # OPTIONAL: SSL DATABASE SETTINGS
 # --------------------------------------------
 DB_SSL=false
 DB_SSL_IS_PAAS=false
 DB_SSL_KEY_PATH=null
 DB_SSL_CERT_PATH=null
 DB_SSL_CA_PATH=null
 DB_SSL_CIPHER=null
 DB_SSL_VERIFY_SERVER=null
 # --------------------------------------------
 # REQUIRED: OUTGOING MAIL SERVER SETTINGS
 # --------------------------------------------
 MAIL_DRIVER=smtp
 MAIL_HOST=mailhog
 MAIL_PORT=1025
 MAIL_USERNAME=null
 MAIL_PASSWORD=null
 MAIL_ENCRYPTION=null
 MAIL_FROM_ADDR=you@example.com
 MAIL_FROM_NAME='Snipe-IT'
 MAIL_REPLYTO_ADDR=you@example.com
 MAIL_REPLYTO_NAME='Snipe-IT'
 MAIL_AUTO_EMBED_METHOD='attachment'
 # --------------------------------------------
 # REQUIRED: IMAGE LIBRARY
 # This should be gd or imagick
 # --------------------------------------------
 IMAGE_LIB=gd
 # --------------------------------------------
 # OPTIONAL: BACKUP SETTINGS
 # --------------------------------------------
 MAIL_BACKUP_NOTIFICATION_DRIVER=null
 MAIL_BACKUP_NOTIFICATION_ADDRESS=null
 BACKUP_ENV=true
 # --------------------------------------------
 # OPTIONAL: SESSION SETTINGS
 # --------------------------------------------
 SESSION_LIFETIME=12000
 EXPIRE_ON_CLOSE=false
 ENCRYPT=false
 COOKIE_NAME=snipeit_session
 COOKIE_DOMAIN=null
 SECURE_COOKIES=false
 API_TOKEN_EXPIRATION_YEARS=40
 # --------------------------------------------
 # OPTIONAL: SECURITY HEADER SETTINGS
 # --------------------------------------------
 APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1
 ALLOW_IFRAMING=false
 REFERRER_POLICY=same-origin
 ENABLE_CSP=false
 CORS_ALLOWED_ORIGINS=null
 ENABLE_HSTS=false
 # --------------------------------------------
 # OPTIONAL: CACHE SETTINGS
 # --------------------------------------------
 CACHE_DRIVER=file
 SESSION_DRIVER=file
 QUEUE_DRIVER=sync
 CACHE_PREFIX=snipeit
 # --------------------------------------------
 # OPTIONAL: REDIS SETTINGS
 # --------------------------------------------
 REDIS_HOST=redis
 REDIS_PASSWORD=null
 REDIS_PORT=6379
 # --------------------------------------------
 # OPTIONAL: MEMCACHED SETTINGS
 # --------------------------------------------
 MEMCACHED_HOST=null
 MEMCACHED_PORT=null
 # --------------------------------------------
 # OPTIONAL: PUBLIC S3 Settings
 # --------------------------------------------
 PUBLIC_AWS_SECRET_ACCESS_KEY=null
 PUBLIC_AWS_ACCESS_KEY_ID=null
 PUBLIC_AWS_DEFAULT_REGION=null
 PUBLIC_AWS_BUCKET=null
 PUBLIC_AWS_URL=null
 PUBLIC_AWS_BUCKET_ROOT=null
 # --------------------------------------------
 # OPTIONAL: PRIVATE S3 Settings
 # --------------------------------------------
 PRIVATE_AWS_ACCESS_KEY_ID=null
 PRIVATE_AWS_SECRET_ACCESS_KEY=null
 PRIVATE_AWS_DEFAULT_REGION=null
 PRIVATE_AWS_BUCKET=null
 PRIVATE_AWS_URL=null
 PRIVATE_AWS_BUCKET_ROOT=null
 # --------------------------------------------
 # OPTIONAL: AWS Settings
 # --------------------------------------------
 AWS_ACCESS_KEY_ID=null
 AWS_SECRET_ACCESS_KEY=null
 AWS_DEFAULT_REGION=null
 # --------------------------------------------
 # OPTIONAL: LOGIN THROTTLING
 # --------------------------------------------
 LOGIN_MAX_ATTEMPTS=5
 LOGIN_LOCKOUT_DURATION=60
 RESET_PASSWORD_LINK_EXPIRES=900
 # --------------------------------------------
 # OPTIONAL: MISC
 # --------------------------------------------
 LOG_CHANNEL=stderr
 LOG_MAX_DAYS=10
 APP_LOCKED=false
 APP_CIPHER=AES-256-CBC
 APP_FORCE_TLS=false
 GOOGLE_MAPS_API=
 LDAP_MEM_LIM=500M
 LDAP_TIME_LIM=600
@@ -1,18 +1,18 @@
 # --------------------------------------------
-# REQUIRED: DB SETUP
+# REQUIRED: DOCKER SPECIFIC SETTINGS
 # --------------------------------------------
-MYSQL_DATABASE=snipeit
+APP_VERSION=v6.4.1
-MYSQL_USER=snipeit
+APP_PORT=8000
-MYSQL_PASSWORD=changeme1234
+
 MYSQL_ROOT_PASSWORD=changeme1234
 # --------------------------------------------
 # REQUIRED: BASIC APP SETTINGS
 # --------------------------------------------
-APP_ENV=develop
+APP_ENV=production
 APP_DEBUG=false
-# please regenerate the APP_KEY value by calling `docker-compose run --rm snipeit bash` and then `php artisan key:generate --show` and then copy paste the value here
+# Please regenerate the APP_KEY value by calling `docker compose run --rm snipeit php artisan key:generate --show`. Copy paste the value here
 APP_KEY=base64:3ilviXqB9u6DX1NRcyWGJ+sjySF+H18CPDGb3+IVwMQ=
 APP_URL=http://localhost:8000
 # https://en.wikipedia.org/wiki/List_of_tz_database_time_zones - TZ identifier
 APP_TIMEZONE='UTC'
 APP_LOCALE=en
 MAX_RESULTS=500
@@ -27,10 +27,12 @@ PUBLIC_FILESYSTEM_DISK=local_public
 # REQUIRED: DATABASE SETTINGS
 # --------------------------------------------
 DB_CONNECTION=mysql
-DB_HOST=mariadb
+DB_HOST=db
 DB_PORT='3306'
 DB_DATABASE=snipeit
 DB_USERNAME=snipeit
 DB_PASSWORD=changeme1234
 MYSQL_ROOT_PASSWORD=changeme1234
 DB_PREFIX=null
 DB_DUMP_PATH='/usr/bin'
 DB_CHARSET=utf8mb4
@@ -45,29 +47,35 @@ DB_SSL_KEY_PATH=null
 DB_SSL_CERT_PATH=null
 DB_SSL_CA_PATH=null
 DB_SSL_CIPHER=null
 DB_SSL_VERIFY_SERVER=null
 # --------------------------------------------
 # REQUIRED: OUTGOING MAIL SERVER SETTINGS
 # --------------------------------------------
-MAIL_DRIVER=smtp
+MAIL_MAILER=smtp
 MAIL_HOST=mailhog
 MAIL_PORT=1025
 MAIL_USERNAME=null
 MAIL_PASSWORD=null
-MAIL_ENCRYPTION=null
+MAIL_TLS_VERIFY_PEER=true
 MAIL_FROM_ADDR=you@example.com
 MAIL_FROM_NAME='Snipe-IT'
 MAIL_REPLYTO_ADDR=you@example.com
 MAIL_REPLYTO_NAME='Snipe-IT'
 MAIL_AUTO_EMBED_METHOD='attachment'
 # --------------------------------------------
 # REQUIRED: DATA PROTECTION
 # --------------------------------------------
 ALLOW_BACKUP_DELETE=false
 ALLOW_DATA_PURGE=false
 # --------------------------------------------
 # REQUIRED: IMAGE LIBRARY
 # This should be gd or imagick
 # --------------------------------------------
 IMAGE_LIB=gd
 # --------------------------------------------
 # OPTIONAL: BACKUP SETTINGS
 # --------------------------------------------
@@ -75,7 +83,6 @@ MAIL_BACKUP_NOTIFICATION_DRIVER=null
 MAIL_BACKUP_NOTIFICATION_ADDRESS=null
 BACKUP_ENV=true
 # --------------------------------------------
 # OPTIONAL: SESSION SETTINGS
 # --------------------------------------------
@@ -90,7 +97,7 @@ API_TOKEN_EXPIRATION_YEARS=40
 # --------------------------------------------
 # OPTIONAL: SECURITY HEADER SETTINGS
 # --------------------------------------------
-APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1
+APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1,172.0.0.0/8
 ALLOW_IFRAMING=false
 REFERRER_POLICY=same-origin
 ENABLE_CSP=false
@@ -108,7 +115,7 @@ CACHE_PREFIX=snipeit
 # --------------------------------------------
 # OPTIONAL: REDIS SETTINGS
 # --------------------------------------------
-REDIS_HOST=redis
+REDIS_HOST=null
 REDIS_PASSWORD=null
 REDIS_PORT=6379
@@ -36,11 +36,12 @@ DB_SSL_KEY_PATH=null
 DB_SSL_CERT_PATH=null
 DB_SSL_CA_PATH=null
 DB_SSL_CIPHER=null
 DB_SSL_VERIFY_SERVER=null
 # --------------------------------------------
 # REQUIRED: OUTGOING MAIL SERVER SETTINGS
 # --------------------------------------------
-MAIL_DRIVER="log"
+MAIL_MAILER="log"
 # --------------------------------------------
@@ -42,21 +42,26 @@ DB_SSL_KEY_PATH=null
 DB_SSL_CERT_PATH=null
 DB_SSL_CA_PATH=null
 DB_SSL_CIPHER=null
 DB_SSL_VERIFY_SERVER=null
 # --------------------------------------------
 # REQUIRED: OUTGOING MAIL SERVER SETTINGS
 # --------------------------------------------
-MAIL_DRIVER=smtp
+MAIL_MAILER=smtp
 MAIL_HOST=email-smtp.us-west-2.amazonaws.com
 MAIL_PORT=587
 MAIL_USERNAME=YOURUSERNAME
 MAIL_PASSWORD=YOURPASSWORD
 MAIL_ENCRYPTION=null
 MAIL_FROM_ADDR=you@example.com
 MAIL_FROM_NAME='Snipe-IT'
 MAIL_REPLYTO_ADDR=you@example.com
 MAIL_REPLYTO_NAME='Snipe-IT'
 MAIL_AUTO_EMBED_METHOD='attachment'
 MAIL_TLS_VERIFY_PEER=true
 # MAIL_ENCRYPTION is no longer supported. SymfonyMailer will use tls if it's
 # advertised, and won't if it's not. If you want to use your mail server's IP but it's failing
 # because of certificate errors, set MAIL_TLS_VERIFY_PEER-true
 # --------------------------------------------
 # REQUIRED: IMAGE LIBRARY
@@ -86,6 +91,7 @@ COOKIE_DOMAIN=null
 SECURE_COOKIES=false
 API_TOKEN_EXPIRATION_YEARS=15
 BS_TABLE_STORAGE=cookieStorage
 BS_TABLE_DEEPLINK=true
 # --------------------------------------------
 # OPTIONAL: SECURITY HEADER SETTINGS
@@ -94,6 +100,7 @@ APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1
 ALLOW_IFRAMING=false
 REFERRER_POLICY=same-origin
 ENABLE_CSP=false
 ADDITIONAL_CSP_URLS=null
 CORS_ALLOWED_ORIGINS=null
 ENABLE_HSTS=false
@@ -190,4 +197,4 @@ ARGON_TIME=2
 # OPTIONAL: SCIM
 # --------------------------------------------
 SCIM_TRACE=false
-SCIM_STANDARDS_COMPLIANCE=false
+SCIM_STANDARDS_COMPLIANCE=false
@@ -22,7 +22,7 @@ DB_PASSWORD=null
 # --------------------------------------------
 # REQUIRED: OUTGOING MAIL SERVER SETTINGS
 # --------------------------------------------
-MAIL_DRIVER=log
+MAIL_MAILER=log
 # --------------------------------------------
@@ -18,6 +18,6 @@ APP_KEY=base64:tu9NRh/a6+dCXBDGvg0Gv/0TcABnFsbT4AKxrr8mwQo=
 LOGIN_MAX_ATTEMPTS=1000000
 LOGIN_LOCKOUT_DURATION=100000000
-MAIL_DRIVER=log
+MAIL_MAILER=log
 MAIL_FROM_ADDR=you@example.com
 MAIL_FROM_NAME=Snipe-IT
@@ -15,6 +15,6 @@ APP_KEY=base64:tu9NRh/a6+dCXBDGvg0Gv/0TcABnFsbT4AKxrr8mwQo=
 LOGIN_MAX_ATTEMPTS=1000000
 LOGIN_LOCKOUT_DURATION=100000000
-MAIL_DRIVER=log
+MAIL_MAILER=log
 MAIL_FROM_ADDR=you@example.com
 MAIL_FROM_NAME=Snipe-IT
@@ -36,7 +36,7 @@ jobs:
      # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
      - name: Run Codacy Analysis CLI
-        uses: codacy/codacy-analysis-cli-action@v4.3.0
+        uses: codacy/codacy-analysis-cli-action@v4.4.1
        with:
          # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository
          # You can also omit the token and run the tools that support default configurations
@@ -12,7 +12,7 @@ jobs:
        uses: actions/checkout@v4
      - name: Crowdin push
-        uses: crowdin/github-action@v1
+        uses: crowdin/github-action@v2
        with:
          upload_sources: true
          upload_translations: false
@@ -73,7 +73,7 @@ jobs:
      # https://github.com/docker/build-push-action
      - name: Build and push 'snipe-it' image
        id: docker_build
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
        with:
          context: .
          file: ./Dockerfile.alpine
@@ -73,7 +73,7 @@ jobs:
      # https://github.com/docker/build-push-action
      - name: Build and push 'snipe-it' image
        id: docker_build
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
        with:
          context: .
          file: ./Dockerfile
@@ -25,9 +25,9 @@ jobs:
      fail-fast: false
      matrix:
        php-version:
-          - "7.4"
+          - "8.1"
-          - "8.0"
+          - "8.2"
-          - "8.1.1"
+          - "8.3"
    name: PHP ${{ matrix.php-version }}
@@ -58,11 +58,17 @@ jobs:
      - name: Install Dependencies
        run: composer install -q --no-ansi --no-interaction --no-scripts --no-progress --prefer-dist
-      - name: Generate key
+      - name: Setup Laravel
-        run: php artisan key:generate
+        env:
-
+          DB_CONNECTION: mysql
-      - name: Directory Permissions
+          DB_DATABASE: snipeit
-        run: chmod -R 777 storage bootstrap/cache
+          DB_PORT: ${{ job.services.mysql.ports[3306] }}
          DB_USERNAME: root
        run: |
          php artisan key:generate
          php artisan migrate --force
          php artisan passport:install
          chmod -R 777 storage bootstrap/cache
      - name: Execute tests (Unit and Feature tests) via PHPUnit
        env:
@@ -0,0 +1,75 @@
 name: Tests in Postgres
 on: workflow_dispatch
 jobs:
  tests:
    runs-on: ubuntu-latest
    services:
      postgresql:
        image: postgres
        env:
          POSTGRES_DB: snipeit
          POSTGRES_USER: snipeit
          POSTGRES_PASSWORD: password
        ports:
          - 5432:5432
        options: --health-cmd=pg_isready --health-interval=10s --health-timeout=5s --health-retries=3
    strategy:
      fail-fast: false
      matrix:
        php-version:
          - "8.2"
    name: PHP ${{ matrix.php-version }}
    steps:
      - uses: shivammathur/setup-php@v2
        with:
          php-version: "${{ matrix.php-version }}"
          coverage: none
      - uses: actions/checkout@v4
      - name: Get Composer Cache Directory
        id: composer-cache
        run: |
          echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT
      - uses: actions/cache@v4
        with:
          path: ${{ steps.composer-cache.outputs.dir }}
          key: ${{ runner.os }}-${{ matrix.php-version }}-composer-${{ hashFiles('**/composer.lock') }}
          restore-keys: |
            ${{ runner.os }}-composer-
      - name: Copy .env
        run: |
          cp -v .env.testing.example .env
          cp -v .env.testing.example .env.testing
      - name: Install Dependencies
        run: composer install -q --no-ansi --no-interaction --no-scripts --no-progress --prefer-dist
      - name: Setup Laravel
        env:
          DB_CONNECTION: pgsql
          DB_DATABASE: snipeit
          DB_PORT: ${{ job.services.postgresql.ports[5432] }}
          DB_USERNAME: snipeit
          DB_PASSWORD: password
        run: |
          php artisan key:generate
          php artisan migrate --force
          php artisan passport:install
          chmod -R 777 storage bootstrap/cache
      - name: Execute tests (Unit and Feature tests) via PHPUnit
        env:
          DB_CONNECTION: pgsql
          DB_DATABASE: snipeit
          DB_PORT: ${{ job.services.postgresql.ports[5432] }}
          DB_USERNAME: snipeit
          DB_PASSWORD: password
        run: php artisan test --parallel
@@ -49,6 +49,9 @@ jobs:
      - name: Generate key
        run: php artisan key:generate
      - name: Setup Passport
        run: php artisan passport:keys
      - name: Directory Permissions
        run: chmod -R 777 storage bootstrap/cache
@@ -1 +1 @@
-v12.22.1
+v18.16.0
@@ -3,8 +3,8 @@
    "DOC2": "In other words, what you see locally are the requirements for your _current_ install",
    "DOC3": "Please don't rely on these versions for planning upgrades unless you've fetched the most recent version",
    "DOC4": "You should really just ignore it and run upgrade.php. Really",
-    "php_min_version": "7.4.0",
+    "php_min_version": "8.1.0",
-    "php_max_major_minor": "8.1",
+    "php_max_major_minor": "8.3",
-    "php_max_wontwork": "8.2.0",
+    "php_max_wontwork": "8.4.0",
-    "current_snipeit_version": "6.3"
+    "current_snipeit_version": "7.0"
 }
@@ -432,6 +432,23 @@ Thanks goes to all of these wonderful people ([emoji key](https://github.com/ken
      <td align="center" valign="top" width="14.28%"><a href="https://github.com/bilias"><img src="https://avatars.githubusercontent.com/u/47315739?v=4?s=110" width="110px;" alt="bilias"/><br /><sub><b>bilias</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=bilias" title="Code">💻</a></td>
      <td align="center" valign="top" width="14.28%"><a href="https://github.com/coach1988"><img src="https://avatars.githubusercontent.com/u/2565989?v=4?s=110" width="110px;" alt="coach1988"/><br /><sub><b>coach1988</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=coach1988" title="Code">💻</a></td>
      <td align="center" valign="top" width="14.28%"><a href="https://github.com/mauro-miatello"><img src="https://avatars.githubusercontent.com/u/11910225?v=4?s=110" width="110px;" alt="MrM"/><br /><sub><b>MrM</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=mauro-miatello" title="Code">💻</a></td>
      <td align="center" valign="top" width="14.28%"><a href="https://github.com/koiakoia"><img src="https://avatars.githubusercontent.com/u/60405354?v=4?s=110" width="110px;" alt="koiakoia"/><br /><sub><b>koiakoia</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=koiakoia" title="Code">💻</a></td>
      <td align="center" valign="top" width="14.28%"><a href="https://github.com/mustafa-online"><img src="https://avatars.githubusercontent.com/u/5323832?v=4?s=110" width="110px;" alt="Mustafa Online"/><br /><sub><b>Mustafa Online</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=mustafa-online" title="Code">💻</a></td>
      <td align="center" valign="top" width="14.28%"><a href="https://github.com/franceslui"><img src="https://avatars.githubusercontent.com/u/104601439?v=4?s=110" width="110px;" alt="franceslui"/><br /><sub><b>franceslui</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=franceslui" title="Code">💻</a></td>
      <td align="center" valign="top" width="14.28%"><a href="https://github.com/Q4kK"><img src="https://avatars.githubusercontent.com/u/125313163?v=4?s=110" width="110px;" alt="Q4kK"/><br /><sub><b>Q4kK</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=Q4kK" title="Code">💻</a></td>
    </tr>
    <tr>
      <td align="center" valign="top" width="14.28%"><a href="https://github.com/squintfox"><img src="https://avatars.githubusercontent.com/u/55590532?v=4?s=110" width="110px;" alt="squintfox"/><br /><sub><b>squintfox</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=squintfox" title="Code">💻</a></td>
      <td align="center" valign="top" width="14.28%"><a href="https://github.com/jeffclay"><img src="https://avatars.githubusercontent.com/u/1380084?v=4?s=110" width="110px;" alt="Jeff Clay"/><br /><sub><b>Jeff Clay</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=jeffclay" title="Code">💻</a></td>
      <td align="center" valign="top" width="14.28%"><a href="https://github.com/PP-JN-RL"><img src="https://avatars.githubusercontent.com/u/52716446?v=4?s=110" width="110px;" alt="Phil J R"/><br /><sub><b>Phil J R</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=PP-JN-RL" title="Code">💻</a></td>
      <td align="center" valign="top" width="14.28%"><a href="https://www.corelight.com/"><img src="https://avatars.githubusercontent.com/u/1496725?v=4?s=110" width="110px;" alt="i_virus"/><br /><sub><b>i_virus</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=chandanchowdhury" title="Code">💻</a></td>
      <td align="center" valign="top" width="14.28%"><a href="https://github.com/gitgrimbo"><img src="https://avatars.githubusercontent.com/u/1020541?v=4?s=110" width="110px;" alt="Paul Grime"/><br /><sub><b>Paul Grime</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=gitgrimbo" title="Code">💻</a></td>
      <td align="center" valign="top" width="14.28%"><a href="https://leeporte.co.uk"><img src="https://avatars.githubusercontent.com/u/922815?v=4?s=110" width="110px;" alt="Lee Porte"/><br /><sub><b>Lee Porte</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=LeePorte" title="Code">💻</a></td>
      <td align="center" valign="top" width="14.28%"><a href="https://github.com/bryanlopezinc"><img src="https://avatars.githubusercontent.com/u/23613427?v=4?s=110" width="110px;" alt="BRYAN "/><br /><sub><b>BRYAN </b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=bryanlopezinc" title="Code">💻</a> <a href="https://github.com/snipe/snipe-it/commits?author=bryanlopezinc" title="Tests">⚠️</a></td>
    </tr>
    <tr>
      <td align="center" valign="top" width="14.28%"><a href="https://github.com/U-H-T"><img src="https://avatars.githubusercontent.com/u/64061710?v=4?s=110" width="110px;" alt="U-H-T"/><br /><sub><b>U-H-T</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=U-H-T" title="Code">💻</a></td>
      <td align="center" valign="top" width="14.28%"><a href="https://github.com/Tyree"><img src="https://avatars.githubusercontent.com/u/5395363?v=4?s=110" width="110px;" alt="Matt Tyree"/><br /><sub><b>Matt Tyree</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=Tyree" title="Documentation">📖</a></td>
    </tr>
  </tbody>
 </table>
@@ -105,7 +105,7 @@ RUN \
      && ln -fs "/var/lib/snipeit/keys/ldap_client_tls.cert" "/var/www/html/storage/ldap_client_tls.cert" \
      && ln -fs "/var/lib/snipeit/keys/ldap_client_tls.key" "/var/www/html/storage/ldap_client_tls.key" \
      && chown docker "/var/lib/snipeit/keys/" \
-      && chown -h docker "/var/www/html/storage/" \
+      && chown -Rh docker "/var/www/html/storage/" \
      && chmod +x /var/www/html/artisan \
      && echo "Finished setting up application in /var/www/html"
@@ -1,4 +1,4 @@
-FROM alpine:3.18.5
+FROM alpine:3.18.6
 # Apache + PHP
 RUN  apk add --no-cache \
        apache2 \
@@ -29,6 +29,7 @@ RUN  apk add --no-cache \
        php81-sodium \
        php81-redis \
        php81-pecl-memcached \
        php81-exif \
        curl \
        wget \
        vim \
@@ -1,17 +1,18 @@
 ![snipe-it-by-grok](https://github.com/snipe/snipe-it/assets/197404/b515673b-c7c8-4d9a-80f5-9fa58829a602)
-[![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.svg)](https://crowdin.com/project/snipe-it) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeitapp.svg?style=social)](https://twitter.com/snipeitapp) [![Codacy Badge](https://api.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://www.codacy.com/app/snipe/snipe-it?utm_source=github.com&amp;utm_medium=referral&amp;utm_content=snipe/snipe-it&amp;utm_campaign=Badge_Grade) [![Tests](https://github.com/snipe/snipe-it/actions/workflows/tests.yml/badge.svg)](https://github.com/snipe/snipe-it/actions/workflows/tests.yml)
+[![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.svg)](https://crowdin.com/project/snipe-it) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeitapp.svg?style=social)](https://twitter.com/snipeitapp) [![Codacy Badge](https://app.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://app.codacy.com/gh/snipe/snipe-it/dashboard?utm_source=gh&utm_medium=referral&utm_content=&utm_campaign=Badge_grade) [![Tests](https://github.com/snipe/snipe-it/actions/workflows/tests.yml/badge.svg)](https://github.com/snipe/snipe-it/actions/workflows/tests.yml)
-[![All Contributors](https://img.shields.io/badge/all_contributors-331-orange.svg?style=flat-square)](#contributors) [![Discord](https://badgen.net/badge/icon/discord?icon=discord&label)](https://discord.gg/yZFtShAcKk)
+[![All Contributors](https://img.shields.io/badge/all_contributors-331-orange.svg?style=flat-square)](#contributing) [![Discord](https://badgen.net/badge/icon/discord?icon=discord&label)](https://discord.gg/yZFtShAcKk)
 ## Snipe-IT - Open Source Asset Management System
 This is a FOSS project for asset management in IT Operations. Knowing who has which laptop, when it was purchased in order to depreciate it correctly, handling software licenses, etc.
-It is built on [Laravel 8](http://laravel.com).
+It is built on [Laravel 10](http://laravel.com).
 Snipe-IT is actively developed and we [release quite frequently](https://github.com/snipe/snipe-it/releases). ([Check out the live demo here](https://snipeitapp.com/demo/).)
-__This is web-based software__. This means there is no executable file (aka no .exe files), and it must be run on a web server and accessed through a web browser. It runs on any Mac OSX, flavor of Linux, as well as Windows, and we have a [Docker image](https://snipe-it.readme.io/docs/docker) available if that's what you're into.
+> [!TIP]
 > __This is web-based software__. This means there is no executable file (aka no .exe files), and it must be run on a web server and accessed through a web browser. It runs on any Mac OSX, any flavor of Linux, as well as Windows, and we have a [Docker image](https://snipe-it.readme.io/docs/docker) available if that's what you're into.
 -----
@@ -21,7 +22,7 @@ For instructions on installing and configuring Snipe-IT on your server, check ou
 If you're having trouble with the installation, please check the [Common Issues](https://snipe-it.readme.io/docs/common-issues) and [Getting Help](https://snipe-it.readme.io/docs/getting-help) documentation, and search this repository's open *and* closed issues for help.
-[![Deploy](https://www.herokucdn.com/deploy/button.svg)](https://heroku.com/deploy)
+<!-- [![Deploy](https://www.herokucdn.com/deploy/button.svg)](https://heroku.com/deploy) -->
 -----
 ### User's Manual
@@ -32,8 +33,9 @@ For help using Snipe-IT, check out the [user's manual](https://snipe-it.readme.i
 Feel free to check out the [GitHub Issues for this project](https://github.com/snipe/snipe-it/issues) to open a bug report or see what open issues you can help with. Please search through existing issues (open *and* closed) to see if your question has already been answered before opening a new issue.
-**PLEASE see the [Getting Help Guidelines](https://snipe-it.readme.io/docs/getting-help) and [Common Issues](https://snipe-it.readme.io/docs/common-issues) before opening a ticket, and be sure to complete all of the questions in the Github Issue template to help us to help you as quickly as possible.**
+> [!IMPORTANT]  
-
+> **PLEASE see the [Getting Help Guidelines](https://snipe-it.readme.io/docs/getting-help) and [Common Issues](https://snipe-it.readme.io/docs/common-issues) before opening a ticket, and be sure to complete all of the questions in the Github Issue template to help us to help you as quickly as possible.**
 > 
 -----
 ### Upgrading
@@ -57,6 +59,9 @@ Please see the [translations documentation](https://snipe-it.readme.io/docs/tran
 Since the release of the JSON REST API, several third-party developers have been developing modules and libraries to work with Snipe-IT.  
 > [!NOTE]  
 > As these were created by third-parties, Snipe-IT cannot provide support for these project, and you should contact the developers directly if you need assistance. Additionally, Snipe-IT makes no guarantees as to the reliability, accuracy or maintainability of these libraries. Use at your own risk. :)
 - [Python Module](https://github.com/jbloomer/SnipeIT-PythonAPI) by [@jbloomer](https://github.com/jbloomer)
 - [SnipeSharp - .NET module in C#](https://github.com/barrycarey/SnipeSharp) by [@barrycarey](https://github.com/barrycarey)
 - [InQRy -unmaintained-](https://github.com/Microsoft/InQRy) by [@Microsoft](https://github.com/Microsoft)
@@ -73,8 +78,6 @@ Since the release of the JSON REST API, several third-party developers have been
 - [UniFi to Snipe-IT](https://github.com/RodneyLeeBrands/UnifiSnipeSync) by [@karpadiem](https://github.com/karpadiem) - Python script that synchronizes UniFi devices with Snipe-IT.
 - [Kandji2Snipe](https://github.com/grokability/kandji2snipe) by [@briangoldstein](https://github.com/briangoldstein) - Python script that synchronizes Kandji with Snipe-IT.
 - [SnipeAgent](https://github.com/ReticentRobot/SnipeAgent) by @ReticentRobot - Windows agent for Snipe-IT
 As these were created by third-parties, Snipe-IT cannot provide support for these project, and you should contact the developers directly if you need assistance. Additionally, Snipe-IT makes no guarantees as to the reliability, accuracy or maintainability of these libraries. Use at your own risk. :)
 -----
@@ -92,4 +95,5 @@ The ERD is available [online here](https://drawsql.app/templates/snipe-it).
 ### Security
-To report a security vulnerability, please email security@snipeitapp.com instead of using the issue tracker. 
+> [!IMPORTANT]
 > **To report a security vulnerability, please email security@snipeitapp.com instead of using the issue tracker.**
@@ -45,8 +45,21 @@ DB_PASSWORD={}
 Now you are ready to run the entire test suite from your terminal:
-`php artisan test`
+```shell
 php artisan test
 ````
 To run individual test files, you can pass the path to the test that you want to run:
-`php artisan test tests/Unit/AccessoryTest.php`
+```shell
 php artisan test tests/Unit/AccessoryTest.php
 ```
 Some tests, like ones concerning LDAP, are marked with the `@group` annotation. Those groups can be run, or excluded, using the `--group` or `--exclude-group` flags:
 ```shell
 php artisan test --group=ldap
 php artisan test --exclude-group=ldap
 ```
 This can be helpful if a set of tests are failing because you don't have an extension, like LDAP, installed.
@@ -38,7 +38,7 @@
        "description": "The maximum number of search results that can be returned at one time.",
        "value": "500"
      },
-      "MAIL_DRIVER": {
+      "MAIL_MAILER": {
        "description": "Mail driver - Generally SMTP on Heroku - https://snipe-it.readme.io/docs/configuration#required-outgoing-mail-settings",
        "value": "smtp"
      },
@@ -58,9 +58,9 @@
        "description": "SMTP Server Password",
        "value": "YOURPASSWORD"
      },
-      "MAIL_ENCRYPTION": {
+      "MAIL_TLS_VERIFY_PEER": {
-        "description": "Encryption protocol for email sending.",
+        "description": "Ensure validity of TLS certificate on remote mail server",
-        "value": "null"
+        "value": true
      },
      "MAIL_FROM_ADDR": {
        "description": "Email from address",
@@ -7,7 +7,7 @@ use Illuminate\Console\Command;
 use App\Models\User;
 use Laravel\Passport\TokenRepository;
 use Illuminate\Contracts\Validation\Factory as ValidationFactory;
-use DB;
+use Illuminate\Support\Facades\DB;
 class GeneratePersonalAccessToken extends Command
 {
@@ -9,7 +9,7 @@ use App\Models\Setting;
 use App\Models\Ldap;
 use App\Models\User;
 use App\Models\Location;
-use Log;
+use Illuminate\Support\Facades\Log;
 class LdapSync extends Command
 {
@@ -298,7 +298,7 @@ class LdapSync extends Command
                        try {
                            $ldap_manager = Ldap::findLdapUsers($item['manager'], -1, $this->option('filter'));
                        } catch (\Exception $e) {
-                            \Log::warning("Manager lookup caused an exception: " . $e->getMessage() . ". Falling back to direct username lookup");
+                            Log::warning("Manager lookup caused an exception: " . $e->getMessage() . ". Falling back to direct username lookup");
                            // Hail-mary for Okta manager 'shortnames' - will only work if
                            // Okta configuration is using full email-address-style usernames
                            $ldap_manager = [
@@ -390,7 +390,7 @@ class LdapSync extends Command
                        $user->location_id = $location->id;
                    }
                }
-
+                $location = null;
                $user->ldap_import = 1;
                $errors = '';
@@ -5,7 +5,7 @@ namespace App\Console\Commands;
 use Illuminate\Console\Command;
 use App\Models\Setting;
 use Exception;
-use Crypt;
+use Illuminate\Support\Facades\Crypt;
 /**
 * Check if a given ip is in a network
@@ -160,7 +160,7 @@ class LdapTroubleshooter extends Command
            $output[] = "-x";
            $output[] = "-b ".escapeshellarg($settings->ldap_basedn);
            $output[] = "-D ".escapeshellarg($settings->ldap_uname);
-            $output[] = "-w ".escapeshellarg(\Crypt::Decrypt($settings->ldap_pword));
+            $output[] = "-w ".escapeshellarg(Crypt::Decrypt($settings->ldap_pword));
            $output[] = escapeshellarg(parenthesized_filter($settings->ldap_filter));
            if($settings->ldap_tls) {
                $this->line("# adding STARTTLS option");
@@ -2,6 +2,7 @@
 namespace App\Console\Commands;
 use App\Events\UserMerged;
 use App\Models\User;
 use Carbon\Carbon;
 use Illuminate\Console\Command;
@@ -51,7 +52,7 @@ class MergeUsersByUsername extends Command
            $bad_users = User::where('username', '=', trim($parts[0]))
                ->whereNull('deleted_at')
-                ->with('assets', 'manager', 'userlog', 'licenses', 'consumables', 'accessories', 'managedLocations')
+                ->with('assets', 'manager', 'userlog', 'licenses', 'consumables', 'accessories', 'managedLocations','uploads', 'acceptances')
                ->get();
@@ -105,10 +106,26 @@ class MergeUsersByUsername extends Command
                    $managedLocation->save();
                }
                foreach ($bad_user->uploads as $upload) {
                    $this->info('Updating upload log record '.$upload->id.' to user '.$user->id);
                    $upload->item_id = $user->id;
                    $upload->save();
                }
                foreach ($bad_user->acceptances as $acceptance) {
                    $this->info('Updating acceptance log record '.$acceptance->id.' to user '.$user->id);
                    $acceptance->item_id = $user->id;
                    $acceptance->save();
                }
                // Mark the user as deleted
                $this->info('Marking the user as deleted');
                $bad_user->deleted_at = Carbon::now()->timestamp;
                $bad_user->save();
                event(new UserMerged($bad_user, $user, null));
            }
        }
    }
@@ -4,6 +4,7 @@ namespace App\Console\Commands;
 use Illuminate\Console\Command;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Facades\Log;
 class MoveUploadsToNewDisk extends Command
 {
@@ -74,7 +75,7 @@ class MoveUploadsToNewDisk extends Command
                    $new_url = Storage::disk('public')->url('uploads/'.$public_type.'/'.$filename, $filename);
                    $this->info($type_count.'. PUBLIC: '.$filename.' was copied to '.$new_url);
                } catch (\Exception $e) {
-                    \Log::debug($e);
+                    Log::debug($e);
                    $this->error($e);
                }
            }
@@ -116,7 +117,7 @@ class MoveUploadsToNewDisk extends Command
                        $new_url = Storage::url($private_type . '/' . $filename, $filename);
                        $this->info($type_count . '. PRIVATE: ' . $filename . ' was copied to ' . $new_url);
                    } catch (\Exception $e) {
-                        \Log::debug($e);
+                        Log::debug($e);
                        $this->error($e);
                    }
                }
@@ -140,7 +141,7 @@ class MoveUploadsToNewDisk extends Command
                                unlink($filename);
                                $public_delete_count++;
                            } catch (\Exception $e) {
-                                \Log::debug($e);
+                                Log::debug($e);
                                $this->error($e);
                            }
                        }
@@ -153,7 +154,7 @@ class MoveUploadsToNewDisk extends Command
                                unlink($filename);
                                $private_delete_count++;
                            } catch (\Exception $e) {
-                                \Log::debug($e);
+                                Log::debug($e);
                                $this->error($e);
                            }
                        }
@@ -5,6 +5,7 @@ namespace App\Console\Commands;
 use Illuminate\Console\Command;
 use Symfony\Component\Console\Input\InputArgument;
 use Symfony\Component\Console\Input\InputOption;
 use Illuminate\Support\Facades\Log;
 ini_set('max_execution_time', env('IMPORT_TIME_LIMIT', 600)); //600 seconds = 10 minutes
 ini_set('memory_limit', env('IMPORT_MEMORY_LIMIT', '500M'));
@@ -59,7 +60,7 @@ class ObjectImportCommand extends Command
        // This $logFile/useFiles() bit is currently broken, so commenting it out for now
        // $logFile = $this->option('logfile');
-        // \Log::useFiles($logFile);
+        // Log::useFiles($logFile);
        $this->comment('======= Importing Items from '.$filename.' =========');
        $importer->import();
@@ -112,10 +113,10 @@ class ObjectImportCommand extends Command
    public function log($string, $level = 'info')
    {
        if ($level === 'warning') {
-            \Log::warning($string);
+            Log::warning($string);
            $this->comment($string);
        } else {
-            \Log::Info($string);
+            Log::Info($string);
            if ($this->option('verbose')) {
                $this->comment($string);
            }
@@ -5,7 +5,7 @@ namespace App\Console\Commands;
 use App\Models\Asset;
 use App\Models\CustomField;
 use Schema;
-use DB;
+use Illuminate\Support\Facades\DB;
 use Illuminate\Console\Command;
 class PaveIt extends Command
@@ -103,7 +103,7 @@ class RecryptFromMcrypt extends Command
                $this->comment('INFO: No LDAP password found. Skipping... ');
            } else {
                $decrypted_ldap_pword = $mcrypter->decrypt($settings->ldap_pword);
-                $settings->ldap_pword = \Crypt::encrypt($decrypted_ldap_pword);
+                $settings->ldap_pword = Crypt::encrypt($decrypted_ldap_pword);
                $settings->save();
            }
            /** @var CustomField[] $custom_fields */
@@ -132,7 +132,7 @@ class RecryptFromMcrypt extends Command
                        // Try to decrypt the payload using the legacy app key
                        try {
                            $decrypted_field = $mcrypter->decrypt($asset->{$columnName});
-                            $asset->{$columnName} = \Crypt::encrypt($decrypted_field);
+                            $asset->{$columnName} = Crypt::encrypt($decrypted_field);
                            $this->comment($decrypted_field);
                        } catch (\Exception $e) {
                            $errors[] = ' - ERROR: Could not decrypt field ['.$encrypted_field->name.']: '.$e->getMessage();
@@ -4,7 +4,7 @@ namespace App\Console\Commands;
 use App\Models\Asset;
 use App\Models\Setting;
-use Artisan;
+use Illuminate\Support\Facades\Artisan;
 use Illuminate\Console\Command;
 class RegenerateAssetTags extends Command
@@ -6,8 +6,8 @@ use App\Models\Actionlog;
 use App\Models\Asset;
 use App\Models\License;
 use App\Models\User;
-use Artisan;
+use Illuminate\Support\Facades\Artisan;
-use DB;
+use Illuminate\Support\Facades\DB;
 use Illuminate\Console\Command;
 class RestoreDeletedUsers extends Command
@@ -4,6 +4,152 @@ namespace App\Console\Commands;
 use Illuminate\Console\Command;
 use ZipArchive;
 use Illuminate\Support\Facades\Log;
 class SQLStreamer {
    private $input;
    private $output;
    // embed the prefix here?
    public ?string $prefix;
    private bool $reading_beginning_of_line = true;
    public static $buffer_size = 1024 * 1024;  // use a 1MB buffer, ought to work fine for most cases?
    public array $tablenames = [];
    private bool $should_guess = false;
    private bool $statement_is_permitted = false;
    public function __construct($input, $output, string $prefix = null)
    {
        $this->input = $input;
        $this->output = $output;
        $this->prefix = $prefix;
    }
    public function parse_sql(string $line): string {
        // take into account the 'start of line or not' setting as an instance variable?
        // 'continuation' lines for a permitted statement are PERMITTED.
        if($this->statement_is_permitted && $line[0] === ' ') {
            return $line;
        }
        $table_regex = '`?([a-zA-Z0-9_]+)`?';
        $allowed_statements = [
            "/^(DROP TABLE (?:IF EXISTS )?)`$table_regex(.*)$/" => false,
            "/^(CREATE TABLE )$table_regex(.*)$/" => true, //sets up 'continuation'
            "/^(LOCK TABLES )$table_regex(.*)$/" => false,
            "/^(INSERT INTO )$table_regex(.*)$/" => false,
            "/^UNLOCK TABLES/" => false,
            // "/^\\) ENGINE=InnoDB AUTO_INCREMENT=16 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;/" => false, // FIXME not sure what to do here?
            "/^\\)[a-zA-Z0-9_= ]*;$/" => false
            // ^^^^^^ that bit should *exit* the 'perimitted' black
        ];
        foreach($allowed_statements as $statement => $statechange) {
 //            $this->info("Checking regex: $statement...\n");
            $matches = [];
            if (preg_match($statement,$line,$matches)) {
                $this->statement_is_permitted = $statechange;
                // matches are: 1 => first part of the statement, 2 => tablename, 3 => rest of statement
                // (with of course 0 being "the whole match")
                if (@$matches[2]) {
 //                    print "Found a tablename! It's: ".$matches[2]."\n";
                    if ($this->should_guess) {
                        @$this->tablenames[$matches[2]] += 1;
                        continue; //oh? FIXME
                    } else {
                        $cleaned_tablename = \DB::getTablePrefix().preg_replace('/^'.$this->prefix.'/','',$matches[2]);
                        $line = preg_replace($statement,'$1`'.$cleaned_tablename.'`$3' , $line);
                    }
                } else {
                    // no explicit tablename in this one, leave the line alone
                }
                //how do we *replace* the tablename?
 //                print "RETURNING LINE: $line";
                return $line;
            }
        }
        // all that is not allowed is denied.
        return "";
    }
    //this is used in exactly *TWO* places, and in both cases should return a prefix I think?
    // first - if you do the --sanitize-only one (which is mostly for testing/development)
    // next - when you run *without* a guessed prefix, this is run first to figure out the prefix
    // I think we have to *duplicate* the call to be able to run it again?
    public static function guess_prefix($input):string
    {
        $parser = new self($input, null);
        $parser->should_guess = true;
        $parser->line_aware_piping(); // <----- THIS is doing the heavy lifting!
        $check_tables = ['settings' => null, 'migrations' => null /* 'assets' => null */]; //TODO - move to statics?
        //can't use 'users' because the 'accessories_users' table?
        // can't use 'assets' because 'ver1_components_assets'
        foreach($check_tables as $check_table => $_ignore) {
            foreach ($parser->tablenames as $tablename => $_count) {
 //                print "Comparing $tablename to $check_table\n";
                if (str_ends_with($tablename,$check_table)) {
 //                    print "Found one!\n";
                    $check_tables[$check_table] = substr($tablename,0,-strlen($check_table));
                }
            }
        }
        $guessed_prefix = null;
        foreach ($check_tables as $clean_table => $prefix_guess) {
            if(is_null($prefix_guess)) {
                print("Couldn't find table $clean_table\n");
                die();
            }
            if(is_null($guessed_prefix)) {
                $guessed_prefix = $prefix_guess;
            } else {
                if ($guessed_prefix != $prefix_guess) {
                    print("Prefix mismatch! Had guessed $guessed_prefix but got $prefix_guess\n");
                    die();
                }
            }
        }
        return $guessed_prefix;
    }
    public function line_aware_piping(): int
    {
        $bytes_read = 0;
        if (! $this->input) {
            throw new \Exception("No Input available for line_aware_piping");
        }
        while (($buffer = fgets($this->input, SQLStreamer::$buffer_size)) !== false) {
            $bytes_read += strlen($buffer);
            if ($this->reading_beginning_of_line) {
                // Log::debug("Buffer is: '$buffer'");
                $cleaned_buffer = $this->parse_sql($buffer);
                if ($this->output) {
                    $bytes_written = fwrite($this->output, $cleaned_buffer);
                    if ($bytes_written === false) {
                        throw new \Exception("Unable to write to pipe");
                    }
                }
            }
            // if we got a newline at the end of this, then the _next_ read is the beginning of a line
            if($buffer[strlen($buffer)-1] === "\n") {
                $this->reading_beginning_of_line = true;
            } else {
                $this->reading_beginning_of_line = false;
            }
        }
        return $bytes_read;
    }
 }
 class RestoreFromBackup extends Command
 {
@@ -12,10 +158,13 @@ class RestoreFromBackup extends Command
     *
     * @var string
     */
    // FIXME - , stripping prefixes and nonstandard SQL statements. Without --prefix, guess and return the correct prefix to strip
    protected $signature = 'snipeit:restore 
                                            {--force : Skip the danger prompt; assuming you enter "y"} 
                                            {filename : The zip file to be migrated}
-                                            {--no-progress : Don\'t show a progress bar}';
+                                            {--no-progress : Don\'t show a progress bar}
                                            {--sanitize-guess-prefix : Guess and output the table-prefix needed to "sanitize" the SQL}
                                            {--sanitize-with-prefix= : "Sanitize" the SQL, using the passed-in table prefix (can be learned from --sanitize-guess-prefix). Pass as just \'--sanitize-with-prefix=\' to use no prefix}';
    /**
     * The console command description.
@@ -34,8 +183,6 @@ class RestoreFromBackup extends Command
        parent::__construct();
    }
    public static $buffer_size = 1024 * 1024;  // use a 1MB buffer, ought to work fine for most cases?
    /**
     * Execute the console command.
     *
@@ -45,7 +192,7 @@ class RestoreFromBackup extends Command
    {
        $dir = getcwd();
        if( $dir != base_path() ) { // usually only the case when running via webserver, not via command-line
-            \Log::debug("Current working directory is: $dir, changing directory to: ".base_path());
+            Log::debug("Current working directory is: $dir, changing directory to: ".base_path());
            chdir(base_path()); // TODO - is this *safe* to change on a running script?!
        }
        //
@@ -55,7 +202,7 @@ class RestoreFromBackup extends Command
            return $this->error('Missing required filename');
        }
-        if (! $this->option('force') && ! $this->confirm('Are you sure you wish to restore from the given backup file? This can lead to MASSIVE DATA LOSS!')) {
+        if (! $this->option('force') && ! $this->option('sanitize-guess-prefix') && ! $this->confirm('Are you sure you wish to restore from the given backup file? This can lead to MASSIVE DATA LOSS!')) {
            return $this->error('Data loss not confirmed');
        }
@@ -151,18 +298,18 @@ class RestoreFromBackup extends Command
                continue;
            }
            if (@pathinfo($raw_path, PATHINFO_EXTENSION) == 'sql') {
-                \Log::debug("Found a sql file!");
+                Log::debug("Found a sql file!");
                $sqlfiles[] = $raw_path;
                $sqlfile_indices[] = $i;
                continue;
            }
            foreach (array_merge($private_dirs, $public_dirs) as $dir) {
-                $last_pos = strrpos($raw_path, $dir.'/');
+                $last_pos = strrpos($raw_path, $dir . '/');
                if ($last_pos !== false) {
                    //print("INTERESTING - last_pos is $last_pos when searching $raw_path for $dir - last_pos+strlen(\$dir) is: ".($last_pos+strlen($dir))." and strlen(\$rawpath) is: ".strlen($raw_path)."\n");
                    //print("We would copy $raw_path to $dir.\n"); //FIXME append to a path?
-                    $interesting_files[$raw_path] = ['dest' =>$dir, 'index' => $i];
+                    $interesting_files[$raw_path] = ['dest' => $dir, 'index' => $i];
                    continue 2;
                    if ($last_pos + strlen($dir) + 1 == strlen($raw_path)) {
                        // we don't care about that; we just want files with the appropriate prefix
@@ -171,7 +318,7 @@ class RestoreFromBackup extends Command
                }
            }
            $good_extensions = ['png', 'gif', 'jpg', 'svg', 'jpeg', 'doc', 'docx', 'pdf', 'txt',
-                                'zip', 'rar', 'xls', 'xlsx', 'lic', 'xml', 'rtf', 'webp', 'key', 'ico', ];
+                'zip', 'rar', 'xls', 'xlsx', 'lic', 'xml', 'rtf', 'webp', 'key', 'ico',];
            foreach (array_merge($private_files, $public_files) as $file) {
                $has_wildcard = (strpos($file, '*') !== false);
                if ($has_wildcard) {
@@ -180,8 +327,8 @@ class RestoreFromBackup extends Command
                $last_pos = strrpos($raw_path, $file); // no trailing slash!
                if ($last_pos !== false) {
                    $extension = strtolower(pathinfo($raw_path, PATHINFO_EXTENSION));
-                    if (! in_array($extension, $good_extensions)) {
+                    if (!in_array($extension, $good_extensions)) {
-                        $this->warn('Potentially unsafe file '.$raw_path.' is being skipped');
+                        $this->warn('Potentially unsafe file ' . $raw_path . ' is being skipped');
                        $boring_files[] = $raw_path;
                        continue 2;
                    }
@@ -196,7 +343,6 @@ class RestoreFromBackup extends Command
            }
            $boring_files[] = $raw_path; //if we've gotten to here and haven't continue'ed our way into the next iteration, we don't want this file
        } // end of pre-processing the ZIP file for-loop
        // print_r($interesting_files);exit(-1);
        if (count($sqlfiles) != 1) {
@@ -208,6 +354,17 @@ class RestoreFromBackup extends Command
            //older Snipe-IT installs don't have the db-dumps subdirectory component
        }
        $sql_stat = $za->statIndex($sqlfile_indices[0]);
        //$this->info("SQL Stat is: ".print_r($sql_stat,true));
        $sql_contents = $za->getStream($sql_stat['name']); // maybe copy *THIS* thing?
        // OKAY, now that we *found* the sql file if we're doing just the guess-prefix thing, we can do that *HERE* I think?
        if ($this->option('sanitize-guess-prefix')) {
            $prefix = SQLStreamer::guess_prefix($sql_contents);
            $this->line($prefix);
            return $this->info("Re-run this command with '--sanitize-with-prefix=".$prefix."' to see an attempt to sanitze your SQL.");
        }
        //how to invoke the restore?
        $pipes = [];
@@ -228,6 +385,7 @@ class RestoreFromBackup extends Command
            return $this->error('Unable to invoke mysql via CLI');
        }
        // I'm not sure about these?
        stream_set_blocking($pipes[1], false); // use non-blocking reads for stdout
        stream_set_blocking($pipes[2], false); // use non-blocking reads for stderr
@@ -238,9 +396,9 @@ class RestoreFromBackup extends Command
        //$sql_contents = fopen($sqlfiles[0], "r"); //NOPE! This isn't a real file yet, silly-billy!
-        $sql_stat = $za->statIndex($sqlfile_indices[0]);
+        // FIXME - this feels like it wants to go somewhere else?
-        //$this->info("SQL Stat is: ".print_r($sql_stat,true));
+        // and it doesn't seem 'right' - if you can't get a stream to the .sql file,
-        $sql_contents = $za->getStream($sql_stat['name']);
+        // why do we care what's happening with pipes and stdout and stderr?!
        if ($sql_contents === false) {
            $stdout = fgets($pipes[1]);
            $this->info($stdout);
@@ -249,29 +407,35 @@ class RestoreFromBackup extends Command
            return false;
        }
        $bytes_read = 0;
        try {
-            while (($buffer = fgets($sql_contents, self::$buffer_size)) !== false) {
+            if ( $this->option('sanitize-with-prefix') === null) {
-                $bytes_read += strlen($buffer);
+                // "Legacy" direct-piping
-                // \Log::debug("Buffer is: '$buffer'");
+                $bytes_read = 0;
                while (($buffer = fgets($sql_contents, SQLStreamer::$buffer_size)) !== false) {
                    $bytes_read += strlen($buffer);
                    // Log::debug("Buffer is: '$buffer'");
                    $bytes_written = fwrite($pipes[0], $buffer);
-                if ($bytes_written === false) {
+                    if ($bytes_written === false) {
-                    throw new Exception("Unable to write to pipe");
+                        throw new Exception("Unable to write to pipe");
                    }
                }
            } else {
                $sql_importer = new SQLStreamer($sql_contents, $pipes[0], $this->option('sanitize-with-prefix'));
                $bytes_read = $sql_importer->line_aware_piping();
            }
        } catch (\Exception $e) {
-            \Log::error("Error during restore!!!! ".$e->getMessage());
+            Log::error("Error during restore!!!! ".$e->getMessage());
            // FIXME - put these back and/or put them in the right places?!
            $err_out = fgets($pipes[1]);
            $err_err = fgets($pipes[2]);
-            \Log::error("Error OUTPUT: ".$err_out);
+            Log::error("Error OUTPUT: ".$err_out);
            $this->info($err_out);
-            \Log::error("Error ERROR : ".$err_err);
+            Log::error("Error ERROR : ".$err_err);
            $this->error($err_err);
            throw $e;
        }
        if (!feof($sql_contents) || $bytes_read == 0) {
            return $this->error("Not at end of file for sql file, or zero bytes read. aborting!");
        }
@@ -303,7 +467,7 @@ class RestoreFromBackup extends Command
            $fp = $za->getStream($ugly_file_name);
            //$this->info("Weird problem, here are file details? ".print_r($file_details,true));
            $migrated_file = fopen($file_details['dest'].'/'.basename($pretty_file_name), 'w');
-            while (($buffer = fgets($fp, self::$buffer_size)) !== false) {
+            while (($buffer = fgets($fp, SQLStreamer::$buffer_size)) !== false) {
                fwrite($migrated_file, $buffer);
            }
            fclose($migrated_file);
@@ -5,7 +5,7 @@ namespace App\Console\Commands;
 use App\Models\Asset;
 use App\Models\CustomField;
 use App\Models\Setting;
-use Artisan;
+use Illuminate\Support\Facades\Artisan;
 use Illuminate\Console\Command;
 use Illuminate\Contracts\Encryption\DecryptException;
 use Illuminate\Encryption\Encrypter;
@@ -43,7 +43,7 @@ class SendCurrentInventoryToUsers extends Command
        $count = 0;
        foreach ($users as $user) {
-            if (($user->assets->count() > 0) || ($user->accessories->count() > 0) || ($user->licenses->count() > 0)) {
+            if (($user->assets->count() > 0) || ($user->accessories->count() > 0) || ($user->licenses->count() > 0) || ($user->consumables->count() > 0)) {
                $count++;
                $user->notify((new CurrentInventory($user)));
            }
@@ -9,7 +9,6 @@ use App\Notifications\ExpectedCheckinAdminNotification;
 use App\Notifications\ExpectedCheckinNotification;
 use Carbon\Carbon;
 use Illuminate\Console\Command;
 use Illuminate\Support\Facades\Log;
 class SendExpectedCheckinAlerts extends Command
 {
@@ -43,25 +42,31 @@ class SendExpectedCheckinAlerts extends Command
    public function handle()
    {
        $settings = Setting::getSettings();
-        $whenNotify = Carbon::now();
+        $interval = $settings->audit_warning_days ?? 0;
-        $assets = Asset::with('assignedTo')->whereNotNull('assigned_to')->whereNotNull('expected_checkin')->where('expected_checkin', '<=', $whenNotify)->get();
+        $today = Carbon::now();
        $interval_date = $today->copy()->addDays($interval);
        $assets = Asset::whereNull('deleted_at')->DueOrOverdueForCheckin($settings)->orderBy('assets.expected_checkin', 'desc')->get();
        $this->info($assets->count().' assets must be checked in on or before '.$interval_date.' is deadline');
        $this->info($whenNotify.' is deadline');
        $this->info($assets->count().' assets');
        foreach ($assets as $asset) {
-            if ($asset->assigned && $asset->checkedOutToUser()) {
+            if ($asset->assignedTo && (isset($asset->assignedTo->email)) && ($asset->assignedTo->email!='') && $asset->checkedOutToUser()) {
-                Log::info('Sending ExpectedCheckinNotification to ' . $asset->assigned->email);
+                $this->info('Sending User ExpectedCheckinNotification to: '.$asset->assignedTo->email);
-                $asset->assigned->notify((new ExpectedCheckinNotification($asset)));
+                $asset->assignedTo->notify((new ExpectedCheckinNotification($asset)));
            }
        }
        if (($assets) && ($assets->count() > 0) && ($settings->alert_email != '')) {
            // Send a rollup to the admin, if settings dictate
-            $recipients = collect(explode(',', $settings->alert_email))->map(function ($item, $key) {
+            $recipients = collect(explode(',', $settings->alert_email))->map(function ($item) {
                return new AlertRecipient($item);
            });
            $this->info('Sending Admin ExpectedCheckinNotification to: '.$settings->alert_email);
            \Notification::send($recipients, new ExpectedCheckinAdminNotification($assets));
        }
    }
 }
@@ -3,13 +3,11 @@
 namespace App\Console\Commands;
 use App\Models\Asset;
-use App\Models\License;
+use App\Models\Recipients\AlertRecipient;
 use App\Models\Recipients;
 use App\Models\Setting;
 use App\Notifications\ExpiringAssetsNotification;
 use App\Notifications\SendUpcomingAuditNotification;
 use Carbon\Carbon;
-use DB;
+use Illuminate\Support\Facades\DB;
 use Illuminate\Console\Command;
 class SendUpcomingAuditReport extends Command
@@ -46,39 +44,24 @@ class SendUpcomingAuditReport extends Command
    public function handle()
    {
        $settings = Setting::getSettings();
        $interval = $settings->audit_warning_days ?? 0;
        $today = Carbon::now();
        $interval_date = $today->copy()->addDays($interval);
-        if (($settings->alert_email != '') && ($settings->audit_warning_days) && ($settings->alerts_enabled == 1)) {
+        $assets = Asset::whereNull('deleted_at')->DueOrOverdueForAudit($settings)->orderBy('assets.next_audit_date', 'desc')->get();
        $this->info($assets->count().' assets must be audited in on or before '.$interval_date.' is deadline');
        if (($assets) && ($assets->count() > 0) && ($settings->alert_email != '')) {
            // Send a rollup to the admin, if settings dictate
-            $recipients = collect(explode(',', $settings->alert_email))->map(function ($item, $key) {
+            $recipients = collect(explode(',', $settings->alert_email))->map(function ($item) {
-                return new \App\Models\Recipients\AlertRecipient($item);
+                return new AlertRecipient($item);
            });
-            // Assets due for auditing
+            $this->info('Sending Admin SendUpcomingAuditNotification to: '.$settings->alert_email);
            \Notification::send($recipients, new SendUpcomingAuditNotification($assets, $settings->audit_warning_days));
            $assets = Asset::whereNotNull('next_audit_date')
                    ->DueOrOverdueForAudit($settings)
                    ->orderBy('last_audit_date', 'asc')->get();
            if ($assets->count() > 0) {
                $this->info(trans_choice('mail.upcoming-audits', $assets->count(),
                    ['count' => $assets->count(), 'threshold' => $settings->audit_warning_days]));
                \Notification::send($recipients, new SendUpcomingAuditNotification($assets, $settings->audit_warning_days));
                $this->info('Audit report sent to '.$settings->alert_email);
            } else {
                $this->info('No assets to be audited. No report sent.');
            }
        } elseif ($settings->alert_email == '') {
            $this->error('Could not send email. No alert email configured in settings');
        } elseif (! $settings->audit_warning_days) {
            $this->error('No audit warning days set in Admin Notifications. No mail will be sent.');
        } elseif ($settings->alerts_enabled != 1) {
            $this->info('Alerts are disabled in the settings. No mail will be sent');
        } else {
            $this->error('Something went wrong. :( ');
            $this->error('Admin Notifications Email Setting: '.$settings->alert_email);
            $this->error('Admin Audit Warning Setting: '.$settings->audit_warning_days);
            $this->error('Admin Alerts Emnabled: '.$settings->alerts_enabled);
        }
    }
 }
@@ -4,6 +4,7 @@ namespace App\Console\Commands;
 use App\Models\Asset;
 use Illuminate\Console\Command;
 use Illuminate\Support\Facades\Log;
 class SyncAssetCounters extends Command
 {
@@ -58,7 +59,7 @@ class SyncAssetCounters extends Command
                        $asset->save();
                        $bar->advance();
-                        \Log::debug('Asset: '.$asset->id.' has '.$asset->checkin_counter.' checkins, '.$asset->checkout_counter.' checkouts, and '.$asset->requests_counter.' requests');
+                        Log::debug('Asset: '.$asset->id.' has '.$asset->checkin_counter.' checkins, '.$asset->checkout_counter.' checkouts, and '.$asset->requests_counter.' requests');
                    }
@@ -0,0 +1,76 @@
 <?php
 namespace App\Console\Commands;
 use App\Models\Asset;
 use App\Models\CustomField;
 use Illuminate\Console\Command;
 use Illuminate\Support\Facades\DB;
 class ToggleCustomfieldEncryption extends Command
 {
    /**
     * The name and signature of the console command.
     *
     * @var string
     */
    protected $signature = 'snipeit:customfield-encryption
                             {fieldname : the db_column_name of the field}';
    /**
     * The console command description.
     *
     * @var string
     */
    protected $description = 'This command should be used to convert an unencrypted custom field into a custom field and encrypt the associated data in the assets table for that column.';
    /**
     * Create a new command instance.
     *
     * @return void
     */
    public function __construct()
    {
        parent::__construct();
    }
    /**
     * Execute the console command.
     *
     * @return int
     */
    public function handle()
    {
        $fieldname = $this->argument('fieldname');
        if ($field = CustomField::where('db_column', $fieldname)->first()) {
            // If the field is not encrypted, make it encrypted and encrypt the data in the assets table for the
            // corresponding field.
            DB::transaction(function () use ($field) {
                if ($field->field_encrypted == 0) {
                    $assets = Asset::whereNotNull($field->db_column)->get();
                    foreach ($assets as $asset) {
                        $asset->{$field->db_column} = encrypt($asset->{$field->db_column});
                        $asset->save();
                    }
                    $field->field_encrypted = 1;
                    $field->save();
                // This field is already encrypted. Do nothing.
                } else {
                    $this->error('The custom field ' . $field->db_column.' is already encrypted. No action was taken.');
                }
            });
        // No matching column name found
        } else {
            $this->error('No matching results for unencrypted custom fields with db_column name: ' . $fieldname.'. Please check the fieldname.');
        }
    }
 }
@@ -15,7 +15,7 @@ class UserMerged
     *
     * @return void
     */
-    public function __construct(User $from_user, User $to_user, User $admin)
+    public function __construct(User $from_user, User $to_user, ?User $admin)
    {
        $this->merged_from        = $from_user;
        $this->merged_to      = $to_user;
@@ -7,7 +7,7 @@ use App\Helpers\Helper;
 use Illuminate\Validation\ValidationException;
 use Illuminate\Auth\AuthenticationException;
 use ArieTimmerman\Laravel\SCIMServer\Exceptions\SCIMException;
-use Log;
+use Illuminate\Support\Facades\Log;
 use Throwable;
 use JsonException;
 use Carbon\Exceptions\InvalidFormatException;
@@ -44,8 +44,8 @@ class Handler extends ExceptionHandler
    public function report(Throwable $exception)
    {
        if ($this->shouldReport($exception)) {
-            if (class_exists(\Log::class)) {
+            if (class_exists(Log::class)) {
-                \Log::error($exception);
+                Log::error($exception);
            }
            return parent::report($exception);
        }
@@ -11,10 +11,13 @@ use App\Models\CustomFieldset;
 use App\Models\Depreciation;
 use App\Models\Setting;
 use App\Models\Statuslabel;
-use Crypt;
+use App\Models\License;
 use Illuminate\Support\Facades\Crypt;
 use Illuminate\Contracts\Encryption\DecryptException;
 use Image;
 use Carbon\Carbon;
 use Illuminate\Support\Facades\Log;
 use Intervention\Image\ImageManagerStatic as Image;
 use Illuminate\Support\Facades\Session;
 class Helper
 {
@@ -411,7 +414,7 @@ class Helper
        if ($index >= $total_colors) {
-            \Log::info('Status label count is '.$index.' and exceeds the allowed count of 266.');
+            Log::info('Status label count is '.$index.' and exceeds the allowed count of 266.');
            //patch fix for array key overflow (color count starts at 1, array starts at 0)
            $index = $index - $total_colors - 1;
@@ -715,18 +718,19 @@ class Helper
     */
    public static function checkLowInventory()
    {
        $alert_threshold = \App\Models\Setting::getSettings()->alert_threshold;
        $consumables = Consumable::withCount('consumableAssignments as consumable_assignments_count')->whereNotNull('min_amt')->get();
        $accessories = Accessory::withCount('users as users_count')->whereNotNull('min_amt')->get();
        $components = Component::whereNotNull('min_amt')->get();
        $asset_models = AssetModel::where('min_amt', '>', 0)->get();
        $licenses = License::where('min_amt', '>', 0)->get();
        $avail_consumables = 0;
        $items_array = [];
        $all_count = 0;
        foreach ($consumables as $consumable) {
            $avail = $consumable->numRemaining();
-            if ($avail < ($consumable->min_amt) + \App\Models\Setting::getSettings()->alert_threshold) {
+            if ($avail < ($consumable->min_amt) + $alert_threshold) {
                if ($consumable->qty > 0) {
                    $percent = number_format((($avail / $consumable->qty) * 100), 0);
                } else {
@@ -745,7 +749,7 @@ class Helper
        foreach ($accessories as $accessory) {
            $avail = $accessory->qty - $accessory->users_count;
-            if ($avail < ($accessory->min_amt) + \App\Models\Setting::getSettings()->alert_threshold) {
+            if ($avail < ($accessory->min_amt) + $alert_threshold) {
                if ($accessory->qty > 0) {
                    $percent = number_format((($avail / $accessory->qty) * 100), 0);
                } else {
@@ -764,7 +768,7 @@ class Helper
        foreach ($components as $component) {
            $avail = $component->numRemaining();
-            if ($avail < ($component->min_amt) + \App\Models\Setting::getSettings()->alert_threshold) {
+            if ($avail < ($component->min_amt) + $alert_threshold) {
                if ($component->qty > 0) {
                    $percent = number_format((($avail / $component->qty) * 100), 0);
                } else {
@@ -787,7 +791,7 @@ class Helper
            $total_owned = $asset->where('model_id', '=', $asset_model->id)->count();
            $avail = $asset->where('model_id', '=', $asset_model->id)->whereNull('assigned_to')->count();
-            if ($avail < ($asset_model->min_amt)+ \App\Models\Setting::getSettings()->alert_threshold) {
+            if ($avail < ($asset_model->min_amt) + $alert_threshold) {
                if ($avail > 0) {
                    $percent = number_format((($avail / $total_owned) * 100), 0);
                } else {
@@ -803,6 +807,26 @@ class Helper
            }
        }
        foreach ($licenses as $license){
            $avail = $license->remaincount();
            if ($avail < ($license->min_amt) + $alert_threshold) {
                if ($avail > 0) {
                    $percent = number_format((($avail / $license->min_amt) * 100), 0);
                } else {
                    $percent = 100;
                }
                $items_array[$all_count]['id'] = $license->id;
                $items_array[$all_count]['name'] = $license->name;
                $items_array[$all_count]['type'] = 'licenses';
                $items_array[$all_count]['percent'] = $percent;
                $items_array[$all_count]['remaining'] = $avail;
                $items_array[$all_count]['min_amt'] = $license->min_amt;
                $all_count++;
            }
        }
        return $items_array;
    }
@@ -820,7 +844,7 @@ class Helper
        $filetype = @finfo_file($finfo, $file);
        finfo_close($finfo);
-        if (($filetype == 'image/jpeg') || ($filetype == 'image/jpg') || ($filetype == 'image/png') || ($filetype == 'image/bmp') || ($filetype == 'image/gif')) {
+        if (($filetype == 'image/jpeg') || ($filetype == 'image/jpg') || ($filetype == 'image/png') || ($filetype == 'image/bmp') || ($filetype == 'image/gif') || ($filetype == 'image/avif')) {
            return $filetype;
        }
@@ -853,12 +877,15 @@ class Helper
                $permission_name = $permission[$x]['permission'];
                if ($permission[$x]['display'] === true) {
-                    if ($selected_arr) {
+
                    if (is_array($selected_arr)) {
                        if (array_key_exists($permission_name, $selected_arr)) {
                            $permissions_arr[$permission_name] = $selected_arr[$permission_name];
                        } else {
                            $permissions_arr[$permission_name] = '0';
                        }
                    } else {
                        $permissions_arr[$permission_name] = '0';
                    }
@@ -990,7 +1017,7 @@ class Helper
        try {
-            $tmp_date = new \Carbon($date);
+            $tmp_date = new Carbon($date);
            if ($type == 'datetime') {
                $dt['datetime'] = $tmp_date->format('Y-m-d H:i:s');
@@ -1007,7 +1034,7 @@ class Helper
            return $dt['formatted'];
        } catch (\Exception $e) {
-            \Log::warning($e);
+            Log::warning($e);
            return $date.' (Invalid '.$type.' value.)';
        }
@@ -1084,6 +1111,8 @@ class Helper
            'jpeg'   => 'far fa-image',
            'gif'   => 'far fa-image',
            'png'   => 'far fa-image',
            'webp'   => 'far fa-image',
            'avif'   => 'far fa-image',
            // word
            'doc'   => 'far fa-file-word',
            'docx'   => 'far fa-file-word',
@@ -1119,6 +1148,8 @@ class Helper
                case 'jpeg':
                case 'gif':
                case 'png':
                case 'webp':
                case 'avif':
                    return true;
                    break;
                default:
@@ -1316,7 +1347,7 @@ class Helper
    public static function isDemoMode() {
        if (config('app.lock_passwords') === true) {
            return true;
-            \Log::debug('app locked!');
+            Log::debug('app locked!');
        }
        return false;
@@ -1409,7 +1440,7 @@ class Helper
        foreach (self::$language_map as $legacy => $new) {
            if ($language_code == $legacy) {
-                \Log::debug('Current language is '.$legacy.', using '.$new.' instead');
+                Log::debug('Current language is '.$legacy.', using '.$new.' instead');
                return $new;
            }
        }
@@ -1433,4 +1464,38 @@ class Helper
        return $new_locale; // better that you have some weird locale that doesn't fit into our mappings anywhere than 'void'
    }
    static public function getRedirectOption($request, $id, $table, $asset_id = null)
    {
        $redirect_option = Session::get('redirect_option');
        $checkout_to_type = Session::get('checkout_to_type');
        //return to index
        if ($redirect_option == '0') {
            switch ($table) {
                case "Assets":
                    return redirect()->route('hardware.index')->with('success', trans('admin/hardware/message.checkout.success'));
            }
        }
        //return to thing being assigned
        if ($redirect_option == '1') {
            switch ($table) {
                case "Assets":
                    return redirect()->route('hardware.show', $id ? $id : $asset_id)->with('success', trans('admin/hardware/message.checkout.success'));
            }
        }
        //return to thing being assigned to
        if ($redirect_option == '2') {
            switch ($checkout_to_type) {
                case 'user':
                    return redirect()->route('users.show', $request->assigned_user)->with('success', trans('admin/hardware/message.checkout.success'));
                case 'location':
                    return redirect()->route('locations.show', $request->assigned_location)->with('success', trans('admin/hardware/message.checkout.success'));
                case 'asset':
                    return redirect()->route('hardware.show', $request->assigned_asset)->with('success', trans('admin/hardware/message.checkout.success'));
            }
        }
        return redirect()->back()->with('error', trans('admin/hardware/message.checkout.error'));
    }
 }
@@ -11,6 +11,7 @@ use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Facades\Validator;
 use Redirect;
 use Illuminate\Support\Facades\Log;
 /** This controller handles all actions related to Accessories for
 * the Snipe-IT Asset Management application.
@@ -57,7 +58,7 @@ class AccessoriesController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param ImageUploadRequest $request
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function store(ImageUploadRequest $request)
@@ -150,7 +151,7 @@ class AccessoriesController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param ImageUploadRequest $request
     * @param  int $accessoryId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function update(ImageUploadRequest $request, $accessoryId = null)
@@ -204,7 +205,7 @@ class AccessoriesController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param  int $accessoryId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function destroy($accessoryId)
@@ -224,7 +225,7 @@ class AccessoriesController extends Controller
            try {
                Storage::disk('public')->delete('accessories'.'/'.$accessory->image);
            } catch (\Exception $e) {
-                \Log::debug($e);
+                Log::debug($e);
            }
        }
@@ -4,28 +4,28 @@ namespace App\Http\Controllers\Accessories;
 use App\Helpers\StorageHelper;
 use App\Http\Controllers\Controller;
-use App\Http\Requests\AssetFileRequest;
+use App\Http\Requests\UploadFileRequest;
 use App\Models\Actionlog;
 use App\Models\Accessory;
 use Illuminate\Support\Facades\Response;
 use Illuminate\Support\Facades\Storage;
 use Symfony\Accessory\HttpFoundation\JsonResponse;
-use enshrined\svgSanitize\Sanitizer;
+use Illuminate\Support\Facades\Log;
 class AccessoriesFilesController extends Controller
 {
    /**
     * Validates and stores files associated with a accessory.
     *
-     * @todo Switch to using the AssetFileRequest form request validator.
+     * @param UploadFileRequest $request
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
     * @param AssetFileRequest $request
     * @param int $accessoryId
     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     *@author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
     * @todo Switch to using the AssetFileRequest form request validator.
     */
-    public function store(AssetFileRequest $request, $accessoryId = null)
+    public function store(UploadFileRequest $request, $accessoryId = null)
    {
        if (config('app.lock_passwords')) {
@@ -45,30 +45,7 @@ class AccessoriesFilesController extends Controller
                foreach ($request->file('file') as $file) {
-                    $extension = $file->getClientOriginalExtension();
+                    $file_name = $request->handleFile('private_uploads/accessories/', 'accessory-'.$accessory->id, $file);
                    $file_name = 'accessory-'.$accessory->id.'-'.str_random(8).'-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$extension;
                    // Check for SVG and sanitize it
                    if ($extension == 'svg') {
                        \Log::debug('This is an SVG');
                        \Log::debug($file_name);
                        $sanitizer = new Sanitizer();
                        $dirtySVG = file_get_contents($file->getRealPath());
                        $cleanSVG = $sanitizer->sanitize($dirtySVG);
                        try {
                            Storage::put('private_uploads/accessories/'.$file_name, $cleanSVG);
                        } catch (\Exception $e) {
                            \Log::debug('Upload no workie :( ');
                            \Log::debug($e);
                        }
                    } else {
                        Storage::put('private_uploads/accessories/'.$file_name, file_get_contents($file));
                    }
                    //Log the upload to the log
                    $accessory->logUpload($file_name, e($request->input('notes')));
                }
@@ -109,7 +86,7 @@ class AccessoriesFilesController extends Controller
                try {
                    Storage::delete('accessories/'.$log->filename);
                } catch (\Exception $e) {
-                    \Log::debug($e);
+                    Log::debug($e);
                }
            }
@@ -136,7 +113,7 @@ class AccessoriesFilesController extends Controller
    public function show($accessoryId = null, $fileId = null, $download = true)
    {
-        \Log::debug('Private filesystem is: '.config('filesystems.default'));
+        Log::debug('Private filesystem is: '.config('filesystems.default'));
        $accessory = Accessory::find($accessoryId);
@@ -153,8 +130,8 @@ class AccessoriesFilesController extends Controller
            $file = 'private_uploads/accessories/'.$log->filename;
            if (Storage::missing($file)) {
-                \Log::debug('FILE DOES NOT EXISTS for '.$file);
+                Log::debug('FILE DOES NOT EXISTS for '.$file);
-                \Log::debug('URL should be '.Storage::url($file));
+                Log::debug('URL should be '.Storage::url($file));
                return response('File '.$file.' ('.Storage::url($file).') not found on server', 404)
                    ->header('Content-Type', 'text/plain');
@@ -44,7 +44,7 @@ class AccessoryCheckinController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param null $accessoryUserId
     * @param string $backto
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     * @internal param int $accessoryId
     */
@@ -59,7 +59,7 @@ class AccessoryCheckoutController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param Request $request
     * @param  int $accessoryId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function store(Request $request, $accessoryId)
@@ -23,13 +23,13 @@ use App\Notifications\AcceptanceAssetAcceptedNotification;
 use App\Notifications\AcceptanceAssetDeclinedNotification;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\DB;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Str;
 use App\Http\Controllers\SettingsController;
 use Barryvdh\DomPDF\Facade\Pdf;
 use Carbon\Carbon;
 use phpDocumentor\Reflection\Types\Compound;
 use Illuminate\Support\Facades\Log;
 class AcceptanceController extends Controller
 {
@@ -80,7 +80,7 @@ class AcceptanceController extends Controller
     *
     * @param  Request $request
     * @param  int  $id
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function store(Request $request, $id)
    {
@@ -223,6 +223,7 @@ class AcceptanceController extends Controller
                'item_model' => $display_model,
                'item_serial' => $item->serial,
                'eula' => $item->getEula(),
                'note' => $request->input('note'),
                'check_out_date' => Carbon::parse($acceptance->created_at)->format('Y-m-d'),
                'accepted_date' => Carbon::parse($acceptance->accepted_at)->format('Y-m-d'),
                'assigned_to' => $assigned_to,
@@ -233,12 +234,12 @@ class AcceptanceController extends Controller
            ];
            if ($pdf_view_route!='') {
-                \Log::debug($pdf_filename.' is the filename, and the route was specified.');
+                Log::debug($pdf_filename.' is the filename, and the route was specified.');
                $pdf = Pdf::loadView($pdf_view_route, $data);
                Storage::put('private_uploads/eula-pdfs/' .$pdf_filename, $pdf->output());
            }
-            $acceptance->accept($sig_filename, $item->getEula(), $pdf_filename);
+            $acceptance->accept($sig_filename, $item->getEula(), $pdf_filename, $request->input('note'));
            $acceptance->notify(new AcceptanceAssetAcceptedNotification($data));
            event(new CheckoutAccepted($acceptance));
@@ -306,10 +307,12 @@ class AcceptanceController extends Controller
                    $assigned_to = User::find($acceptance->assigned_to_id)->present()->fullName;
                    break;
            }
            $data = [
                'item_tag' => $item->asset_tag,
                'item_model' => $display_model,
                'item_serial' => $item->serial,
                'note' => $request->input('note'),
                'declined_date' => Carbon::parse($acceptance->declined_at)->format('Y-m-d'),
                'signature' => ($sig_filename) ? storage_path() . '/private_uploads/signatures/' . $sig_filename : null,
                'assigned_to' => $assigned_to,
@@ -318,12 +321,12 @@ class AcceptanceController extends Controller
            ];
            if ($pdf_view_route!='') {
-                \Log::debug($pdf_filename.' is the filename, and the route was specified.');
+                Log::debug($pdf_filename.' is the filename, and the route was specified.');
                $pdf = Pdf::loadView($pdf_view_route, $data);
                Storage::put('private_uploads/eula-pdfs/' .$pdf_filename, $pdf->output());
            }
-            $acceptance->decline($sig_filename);
+            $acceptance->decline($sig_filename, $request->input('note'));
            $acceptance->notify(new AcceptanceAssetDeclinedNotification($data));
            event(new CheckoutDeclined($acceptance));
            $return_msg = trans('admin/users/message.declined');
@@ -4,8 +4,9 @@ namespace App\Http\Controllers;
 use App\Helpers\Helper;
 use App\Models\Actionlog;
-use Response;
+use Illuminate\Support\Facades\Response;
-
+use Illuminate\Support\Facades\Log;
 use Illuminate\Support\Facades\Storage;
 class ActionlogController extends Controller
 {
    public function displaySig($filename)
@@ -14,19 +15,26 @@ class ActionlogController extends Controller
        // file_get_contents, so we set the error reporting for just this class
        error_reporting(0);
-        $this->authorize('view', \App\Models\Asset::class);
+        $disk = config('filesystems.default');
-        $file = config('app.private_uploads').'/signatures/'.$filename;
+        switch (config("filesystems.disks.$disk.driver")) {
-        $filetype = Helper::checkUploadIsImage($file);
+            case 's3':
                $file = 'private_uploads/signatures/'.$filename;
                return redirect()->away(Storage::disk($disk)->temporaryUrl($file, now()->addMinutes(5)));
            default:
                $this->authorize('view', \App\Models\Asset::class);
                $file = config('app.private_uploads').'/signatures/'.$filename;
                $filetype = Helper::checkUploadIsImage($file);
-        $contents = file_get_contents($file, false, stream_context_create(['http' => ['ignore_errors' => true]]));
+                $contents = file_get_contents($file, false, stream_context_create(['http' => ['ignore_errors' => true]]));
-        if ($contents === false) {
+                if ($contents === false) {
-            \Log::warn('File '.$file.' not found');
+                    Log::warning('File '.$file.' not found');
-            return false;
+                    return false;
-        } else {
+                } else {
-            return Response::make($contents)->header('Content-Type', $filetype);
+                    return Response::make($contents)->header('Content-Type', $filetype);
                }
        }
    }
    public function getStoredEula($filename){
        $this->authorize('view', \App\Models\Asset::class);
        $file = config('app.private_uploads').'/eula-pdfs/'.$filename;
@@ -2,6 +2,7 @@
 namespace App\Http\Controllers\Api;
 use App\Events\CheckoutableCheckedOut;
 use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Http\Transformers\AccessoriesTransformer;
@@ -9,9 +10,9 @@ use App\Http\Transformers\SelectlistTransformer;
 use App\Models\Accessory;
 use App\Models\Company;
 use App\Models\User;
-use Auth;
+use Illuminate\Support\Facades\Auth;
 use Carbon\Carbon;
-use DB;
+use Illuminate\Support\Facades\DB;
 use Illuminate\Http\Request;
 use App\Http\Requests\ImageUploadRequest;
@@ -273,12 +274,12 @@ class AccessoriesController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param  int  $accessoryId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function checkout(Request $request, $accessoryId)
    {
        // Check if the accessory exists
-        if (is_null($accessory = Accessory::find($accessoryId))) {
+        if (is_null($accessory = Accessory::withCount('users as users_count')->find($accessoryId))) {
            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/accessories/message.does_not_exist')));
        }
@@ -302,7 +303,7 @@ class AccessoriesController extends Controller
                'note' => $request->get('note'),
            ]);
-            $accessory->logCheckout($request->input('note'), $user);
+            event(new CheckoutableCheckedOut($accessory, $user, Auth::user(), $request->input('note')));
            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/accessories/message.checkout.success')));
        }
@@ -319,7 +320,7 @@ class AccessoriesController extends Controller
     * @param Request $request
     * @param int $accessoryUserId
     * @param string $backto
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @internal param int $accessoryId
     */
    public function checkin(Request $request, $accessoryUserId = null)
@@ -0,0 +1,219 @@
 <?php
 namespace App\Http\Controllers\Api;
 use App\Helpers\StorageHelper;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Support\Facades\Crypt;
 use Illuminate\Support\Facades\Gate;
 use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Models\Asset;
 use App\Models\AssetModel;
 use App\Models\Actionlog;
 use \Illuminate\Support\Facades\Auth;
 use Carbon\Carbon;
 use DB;
 use Illuminate\Http\Request;
 use App\Http\Requests\UploadFileRequest;
 use Illuminate\Support\Facades\Log;
 use Input;
 use Paginator;
 use Slack;
 use Str;
 use TCPDF;
 use Validator;
 use Route;
 /**
 * This class controls file related actions related
 * to assets for the Snipe-IT Asset Management application.
 *
 * Based on the Assets/AssetFilesController by A. Gianotto <snipe@snipe.net>
 *
 * @version    v1.0
 * @author [T. Scarsbrook] [<snipe@scarzybrook.co.uk>]
 */
 class AssetFilesController extends Controller
 {
    /**
     * Accepts a POST to upload a file to the server.
     *
     * @param \App\Http\Requests\UploadFileRequest $request
     * @param int $assetId
     * @return \Illuminate\Http\JsonResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     * @since [v6.0]
     * @author [T. Scarsbrook] [<snipe@scarzybrook.co.uk>]
     */
    public function store(UploadFileRequest $request, $assetId = null)
    {
        // Start by checking if the asset being acted upon exists
        if (! $asset = Asset::find($assetId)) {
            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 404);
        }
        // Make sure we are allowed to update this asset
        $this->authorize('update', $asset);
 	if ($request->hasFile('file')) {
            // If the file storage directory doesn't exist; create it
            if (! Storage::exists('private_uploads/assets')) {
                Storage::makeDirectory('private_uploads/assets', 775);
            }
            // Loop over the attached files and add them to the asset
            foreach ($request->file('file') as $file) {
                $file_name = $request->handleFile('private_uploads/assets/','hardware-'.$asset->id, $file);
                $asset->logUpload($file_name, e($request->get('notes')));
            }
            // All done - report success
            return response()->json(Helper::formatStandardApiResponse('success', $asset, trans('admin/hardware/message.upload.success')));
        }
        // We only reach here if no files were included in the POST, so tell the user this
        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.upload.nofiles')), 500);
    }
    /**
     * List the files for an asset.
     *
     * @param  int $assetId
     * @return \Illuminate\Http\JsonResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     * @since [v6.0]
     * @author [T. Scarsbrook] [<snipe@scarzybrook.co.uk>]
     */
    public function list($assetId = null)
    {
        // Start by checking if the asset being acted upon exists
        if (! $asset = Asset::find($assetId)) {
            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 404);
        }
 	// the asset is valid
        if (isset($asset->id)) {
            $this->authorize('view', $asset);
            // Check that there are some uploads on this asset that can be listed
            if ($asset->uploads->count() > 0) {
                $files = array();
                foreach ($asset->uploads as $upload) {
                    array_push($files, $upload);
 		}
                // Give the list of files back to the user
                return response()->json(Helper::formatStandardApiResponse('success', $files, trans('admin/hardware/message.upload.success')));
            }
 	    // There are no files.
            return response()->json(Helper::formatStandardApiResponse('success', array(), trans('admin/hardware/message.upload.success')));
        }
        // Send back an error message
        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.download.error')), 500);
    }
    /**
     * Check for permissions and display the file.
     *
     * @param  int $assetId
     * @param  int $fileId
     * @return \Illuminate\Http\JsonResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     * @since [v6.0]
     * @author [T. Scarsbrook] [<snipe@scarzybrook.co.uk>]
     */
    public function show($assetId = null, $fileId = null)
    {
        // Start by checking if the asset being acted upon exists
        if (! $asset = Asset::find($assetId)) {
            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 404);
        }
        // the asset is valid
        if (isset($asset->id)) {
            $this->authorize('view', $asset);
            // Check that the file being requested exists for the asset
            if (! $log = Actionlog::whereNotNull('filename')->where('item_id', $asset->id)->find($fileId)) {
                return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.download.no_match', ['id' => $fileId])), 404);
            }
 	    // Form the full filename with path
            $file = 'private_uploads/assets/'.$log->filename;
            \Log::debug('Checking for '.$file);
            if ($log->action_type == 'audit') {
                $file = 'private_uploads/audits/'.$log->filename;
            }
            // Check the file actually exists on the filesystem
            if (! Storage::exists($file)) {
                return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.download.does_not_exist', ['id' => $fileId])), 404);
            }
            if (request('inline') == 'true') {
                $headers = [
                    'Content-Disposition' => 'inline',
                ];
                return Storage::download($file, $log->filename, $headers);
            }
            return StorageHelper::downloader($file);
        }
        // Send back an error message
        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.download.error', ['id' => $fileId])), 500);
    }
    /**
     * Delete the associated file
     *
     * @param  int $assetId
     * @param  int $fileId
     * @return \Illuminate\Http\JsonResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     * @since [v6.0]
     * @author [T. Scarsbrook] [<snipe@scarzybrook.co.uk>]
     */
    public function destroy($assetId = null, $fileId = null)
    {
        // Start by checking if the asset being acted upon exists
        if (! $asset = Asset::find($assetId)) {
            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 404);
        }
        $rel_path = 'private_uploads/assets';
        // the asset is valid
        if (isset($asset->id)) {
            $this->authorize('update', $asset);
            // Check for the file
            $log = Actionlog::find($fileId);
 	    if ($log) {
                // Check the file actually exists, and delete it
                if (Storage::exists($rel_path.'/'.$log->filename)) {
                    Storage::delete($rel_path.'/'.$log->filename);
 		}
 		// Delete the record of the file
                $log->delete();
                // All deleting done - notify the user of success
                return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/hardware/message.deletefile.success')), 200);
            }
            // The file doesn't seem to really exist, so report an error
            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.deletefile.error')), 500);
        }
        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.deletefile.error')), 500);
    }
 }
@@ -8,7 +8,7 @@ use App\Http\Transformers\AssetMaintenancesTransformer;
 use App\Models\Asset;
 use App\Models\AssetMaintenance;
 use App\Models\Company;
-use Auth;
+use Illuminate\Support\Facades\Auth;
 use Carbon\Carbon;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Input;
@@ -36,7 +36,8 @@ class AssetMaintenancesController extends Controller
    {
        $this->authorize('view', Asset::class);
-        $maintenances = AssetMaintenance::select('asset_maintenances.*')->with('asset', 'asset.model', 'asset.location', 'asset.defaultLoc', 'supplier', 'asset.company', 'admin');
+        $maintenances = AssetMaintenance::select('asset_maintenances.*')
            ->with('asset', 'asset.model', 'asset.location', 'asset.defaultLoc', 'supplier', 'asset.company',  'asset.assetstatus', 'admin');
        if ($request->filled('search')) {
            $maintenances = $maintenances->TextSearch($request->input('search'));
@@ -47,7 +48,7 @@ class AssetMaintenancesController extends Controller
        }
        if ($request->filled('supplier_id')) {
-            $maintenances->where('supplier_id', '=', $request->input('supplier_id'));
+            $maintenances->where('asset_maintenances.supplier_id', '=', $request->input('supplier_id'));
        }
        if ($request->filled('asset_maintenance_type')) {
@@ -70,10 +71,13 @@ class AssetMaintenancesController extends Controller
                                'notes',
                                'asset_tag',
                                'asset_name',
                                'serial',
                                'user_id',
                                'supplier',
                                'is_warranty',
                                'status_label',
                            ];
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
@@ -90,6 +94,12 @@ class AssetMaintenancesController extends Controller
            case 'asset_name':
                $maintenances = $maintenances->OrderByAssetName($order);
                break;
            case 'serial':
                $maintenances = $maintenances->OrderByAssetSerial($order);
                break;
            case 'status_label':
                $maintenances = $maintenances->OrderStatusName($order);
                break;
            default:
                $maintenances = $maintenances->orderBy($sort, $order);
                break;
@@ -12,6 +12,7 @@ use App\Models\AssetModel;
 use Illuminate\Http\Request;
 use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Facades\Log;
 /**
 * This class controls all actions related to asset models for
@@ -224,7 +225,7 @@ class AssetModelsController extends Controller
            try {
                Storage::disk('public')->delete('assetmodels/'.$assetmodel->image);
            } catch (\Exception $e) {
-                \Log::info($e);
+                Log::info($e);
            }
        }
@@ -4,6 +4,10 @@ namespace App\Http\Controllers\Api;
 use App\Events\CheckoutableCheckedIn;
 use App\Http\Requests\StoreAssetRequest;
 use App\Http\Traits\MigratesLegacyAssetLocations;
 use App\Models\CheckoutAcceptance;
 use App\Models\LicenseSeat;
 use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Support\Facades\Crypt;
 use Illuminate\Support\Facades\Gate;
@@ -23,17 +27,16 @@ use App\Models\Setting;
 use App\Models\User;
 use \Illuminate\Support\Facades\Auth;
 use Carbon\Carbon;
-use DB;
+use Illuminate\Support\Facades\DB;
 use Illuminate\Http\Request;
 use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Log;
 use Input;
 use Paginator;
 use Slack;
 use Str;
 use TCPDF;
 use Validator;
-use Route;
+use Illuminate\Support\Facades\Route;
 /**
@@ -45,6 +48,8 @@ use Route;
 */
 class AssetsController extends Controller
 {
    use MigratesLegacyAssetLocations;
    /**
     * Returns JSON listing of all assets
     *
@@ -53,7 +58,7 @@ class AssetsController extends Controller
     * @since [v4.0]
     * @return \Illuminate\Http\JsonResponse
     */
-    public function index(Request $request, $audit = null) 
+    public function index(Request $request, $action = null, $upcoming_status = null)
    {
        $filter_non_deprecable_assets = false;
@@ -88,6 +93,7 @@ class AssetsController extends Controller
            'serial',
            'model_number',
            'last_checkout',
            'last_checkin',
            'notes',
            'expected_checkin',
            'order_number',
@@ -105,6 +111,7 @@ class AssetsController extends Controller
            'requests_counter',
            'byod',
            'asset_eol_date',
            'requestable',
        ];
        $filter = [];
@@ -147,17 +154,44 @@ class AssetsController extends Controller
            $assets->TextSearch($request->input('search'));
        }
-        // This is used by the audit reporting routes
+
-        if (Gate::allows('audit', Asset::class)) {
+        /**
-            switch ($audit) {
+         * Handle due and overdue audits and checkin dates
-                case 'due':
+         */
-                    $assets->DueOrOverdueForAudit($settings);
+        switch ($action) {
-                    break;
+            case 'audits':
-                case 'overdue':
+
-                    $assets->overdueForAudit($settings);
+                switch ($upcoming_status) {
-                    break;
+                    case 'due':
                        $assets->DueForAudit($settings);
                        break;
                    case 'overdue':
                        $assets->OverdueForAudit();
                        break;
                    case 'due-or-overdue':
                        $assets->DueOrOverdueForAudit($settings);
                        break;
                }
                break;
            case 'checkins':
                switch ($upcoming_status) {
                    case 'due':
                        $assets->DueForCheckin($settings);
                        break;
                    case 'overdue':
                        $assets->OverdueForCheckin();
                        break;
                    case 'due-or-overdue':
                        $assets->DueOrOverdueForCheckin($settings);
                        break;
                }
                break;
            }
-        }
+
        /**
         * End handling due and overdue audits and checkin dates
         */
        // This is used by the sidenav, mostly
@@ -551,44 +585,8 @@ class AssetsController extends Controller
        }     
        $asset = $request->handleImages($asset);
        $asset = $asset->handleCustomFieldsForStoring($request);
        // Update custom fields in the database.
        $model = AssetModel::find($request->input('model_id'));
        // Check that it's an object and not a collection
        // (Sometimes people send arrays here and they shouldn't
        if (($model) && ($model instanceof AssetModel) && ($model->fieldset)) {
            foreach ($model->fieldset->fields as $field) {
                // Set the field value based on what was sent in the request
                $field_val = $request->input($field->db_column, null);
                // If input value is null, use custom field's default value
                if ($field_val == null) {
                    Log::debug('Field value for '.$field->db_column.' is null');
                    $field_val = $field->defaultValue($request->get('model_id'));
                    Log::debug('Use the default fieldset value of '.$field->defaultValue($request->get('model_id')));
                }
                // if the field is set to encrypted, make sure we encrypt the value
                if ($field->field_encrypted == '1') {
                    Log::debug('This model field is encrypted in this fieldset.');
                    if (Gate::allows('admin')) {
                        // If input value is null, use custom field's default value
                        if (($field_val == null) && ($request->has('model_id') != '')) {
                            $field_val = Crypt::encrypt($field->defaultValue($request->get('model_id')));
                        } else {
                            $field_val = Crypt::encrypt($request->input($field->db_column));
                        }
                    }
                }
                $asset->{$field->db_column} = $field_val;
            }
        }
        if ($asset->save()) {
            if ($request->get('assigned_user')) {
@@ -607,6 +605,8 @@ class AssetsController extends Controller
            }
            return response()->json(Helper::formatStandardApiResponse('success', $asset, trans('admin/hardware/message.create.success')));
            return response()->json(Helper::formatStandardApiResponse('success', (new AssetsTransformer)->transformAsset($asset), trans('admin/hardware/message.create.success')));
        }
        return response()->json(Helper::formatStandardApiResponse('error', null, $asset->getErrors()), 200);
@@ -647,22 +647,7 @@ class AssetsController extends Controller
            }     
            $asset = $request->handleImages($asset);
-            $model = AssetModel::find($asset->model_id);
+            $asset = $asset->handleCustomFieldsForStoring($request);
            // Update custom fields
            if (($model) && (isset($model->fieldset))) {
                foreach ($model->fieldset->fields as $field) {
                    if ($request->has($field->db_column)) {
                        if ($field->field_encrypted == '1') {
                            if (Gate::allows('admin')) {
                                $asset->{$field->db_column} = \Crypt::encrypt($request->input($field->db_column));
                            }
                        } else {
                            $asset->{$field->db_column} = $request->input($field->db_column);
                        }
                    }
                }
            }
            if ($asset->save()) {
@@ -685,7 +670,11 @@ class AssetsController extends Controller
                    $asset->image = $asset->getImageUrl();
                }
-                return response()->json(Helper::formatStandardApiResponse('success', $asset, trans('admin/hardware/message.update.success')));
+                if ($problems_updating_encrypted_custom_fields) {
                    return response()->json(Helper::formatStandardApiResponse('success', $asset, trans('admin/hardware/message.update.encrypted_warning')));
                } else {
                    return response()->json(Helper::formatStandardApiResponse('success', $asset, trans('admin/hardware/message.update.success')));
                }
            }
            return response()->json(Helper::formatStandardApiResponse('error', null, $asset->getErrors()), 200);
@@ -795,7 +784,6 @@ class AssetsController extends Controller
            'asset_tag' => $asset->asset_tag,
        ];
        // This item is checked out to a location
        if (request('checkout_to_type') == 'location') {
            $target = Location::find(request('assigned_location'));
@@ -822,13 +810,10 @@ class AssetsController extends Controller
            $asset->status_id = $request->get('status_id');
        }
        if (! isset($target)) {
            return response()->json(Helper::formatStandardApiResponse('error', $error_payload, 'Checkout target for asset '.e($asset->asset_tag).' is invalid - '.$error_payload['target_type'].' does not exist.'));
        }
        $checkout_at = request('checkout_at', date('Y-m-d H:i:s'));
        $expected_checkin = request('expected_checkin', null);
        $note = request('note', null);
@@ -844,8 +829,6 @@ class AssetsController extends Controller
 //            $asset->location_id = $target->rtd_location_id;
 //        }
        if ($asset->checkOut($target, Auth::user(), $checkout_at, $expected_checkin, $note, $asset_name, $asset->location_id)) {
            return response()->json(Helper::formatStandardApiResponse('success', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkout.success')));
        }
@@ -864,11 +847,9 @@ class AssetsController extends Controller
     */
    public function checkin(Request $request, $asset_id)
    {
        $this->authorize('checkin', Asset::class);
        $asset = Asset::with('model')->findOrFail($asset_id);
        $this->authorize('checkin', $asset);
        $target = $asset->assignedTo;
        if (is_null($target)) {
            return response()->json(Helper::formatStandardApiResponse('error', [
@@ -879,9 +860,8 @@ class AssetsController extends Controller
        }
        $asset->expected_checkin = null;
-        $asset->last_checkout = null;
+        //$asset->last_checkout = null;
        $asset->last_checkin = now();
        $asset->assigned_to = null;
        $asset->assignedTo()->disassociate($asset);
        $asset->accepted = null;
@@ -889,10 +869,16 @@ class AssetsController extends Controller
            $asset->name = $request->input('name');
        }
        $this->migrateLegacyLocations($asset);
        $asset->location_id = $asset->rtd_location_id;
        if ($request->filled('location_id')) {
            $asset->location_id = $request->input('location_id');
            if ($request->input('update_default_location')){
                $asset->rtd_location_id = $request->input('location_id');
            }
        }
        if ($request->has('status_id')) {
@@ -906,6 +892,23 @@ class AssetsController extends Controller
            $originalValues['action_date'] = $checkin_at;
        }
        $asset->licenseseats->each(function (LicenseSeat $seat) {
            $seat->update(['assigned_to' => null]);
        });
        // Get all pending Acceptances for this asset and delete them
        CheckoutAcceptance::pending()
            ->whereHasMorph(
                'checkoutable',
                [Asset::class],
                function (Builder $query) use ($asset) {
                    $query->where('id', $asset->id);
                })
            ->get()
            ->map(function ($acceptance) {
                $acceptance->delete();
            });
        if ($asset->save()) {
            event(new CheckoutableCheckedIn($asset, $target, Auth::user(), $request->input('note'), $checkin_at, $originalValues));
@@ -956,25 +959,39 @@ class AssetsController extends Controller
    {
        $this->authorize('audit', Asset::class);
        $rules = [
            'asset_tag' => 'required',
            'location_id' => 'exists:locations,id|nullable|numeric',
            'next_audit_date' => 'date|nullable',
        ];
        $validator = Validator::make($request->all(), $rules);
        if ($validator->fails()) {
            return response()->json(Helper::formatStandardApiResponse('error', null, $validator->errors()->all()));
        }
        $settings = Setting::getSettings();
        $dt = Carbon::now()->addMonths($settings->audit_interval)->toDateString();
        // No tag passed - return an error
        if (!$request->filled('asset_tag')) {
            return response()->json(Helper::formatStandardApiResponse('error', [
                'asset_tag'=> '',
                'error'=> trans('admin/hardware/message.no_tag'),
            ], trans('admin/hardware/message.no_tag')), 200);
        }
        $asset = Asset::where('asset_tag', '=', $request->input('asset_tag'))->first();
        if ($asset) {
-            // We don't want to log this as a normal update, so let's bypass that
+
            /**
             * Even though we do a save() further down, we don't want to log this as a "normal" asset update,
             * which would trigger the Asset Observer and would log an asset *update* log entry (because the
             * de-normed fields like next_audit_date on the asset itself will change on save()) *in addition* to
             * the audit log entry we're creating through this controller.
             *
             * To prevent this double-logging (one for update and one for audit), we skip the observer and bypass
             * that de-normed update log entry by using unsetEventDispatcher(), BUT invoking unsetEventDispatcher()
             * will bypass normal model-level validation that's usually handled at the observer )
             *
             * We handle validation on the save() by checking if the asset is valid via the ->isValid() method,
             * which manually invokes Watson Validating to make sure the asset's model is valid.
             *
             * @see \App\Observers\AssetObserver::updating()
             */
            $asset->unsetEventDispatcher();
            $asset->next_audit_date = $dt;
@@ -990,8 +1007,12 @@ class AssetsController extends Controller
            $asset->last_audit_date = date('Y-m-d H:i:s');
-            if ($asset->save()) {
+            /**
-                $log = $asset->logAudit(request('note'), request('location_id'));
+             * Invoke Watson Validating to check the asset itself and check to make sure it saved correctly.
             * We have to invoke this manually because of the unsetEventDispatcher() above.)
             */
            if ($asset->isValid() && $asset->save()) {
                $asset->logAudit(request('note'), request('location_id'));
                return response()->json(Helper::formatStandardApiResponse('success', [
                    'asset_tag'=> e($asset->asset_tag),
@@ -999,9 +1020,23 @@ class AssetsController extends Controller
                    'next_audit_date' => Helper::getFormattedDateObject($asset->next_audit_date),
                ], trans('admin/hardware/message.audit.success')));
            }
            // Asset failed validation or was not able to be saved
            return response()->json(Helper::formatStandardApiResponse('error', [
                'asset_tag'=> e($asset->asset_tag),
                'error'=> $asset->getErrors()->first(),
            ], trans('admin/hardware/message.audit.error', ['error' => $asset->getErrors()->first()])), 200);
        }
-        return response()->json(Helper::formatStandardApiResponse('error', ['asset_tag'=> e($request->input('asset_tag'))], 'Asset with tag '.e($request->input('asset_tag')).' not found'));
+
        // No matching asset for the asset tag that was passed.
        return response()->json(Helper::formatStandardApiResponse('error', [
            'asset_tag'=> e($request->input('asset_tag')),
            'error'=> trans('admin/hardware/message.audit.error'),
        ], trans('admin/hardware/message.audit.error', ['error' => trans('admin/hardware/message.does_not_exist')])), 200);
    }
@@ -1035,8 +1070,7 @@ class AssetsController extends Controller
        $assets = Asset::select('assets.*')
            ->with('location', 'assetstatus', 'assetlog', 'company','assignedTo',
-                'model.category', 'model.manufacturer', 'model.fieldset', 'supplier', 'requests')
+                'model.category', 'model.manufacturer', 'model.fieldset', 'supplier', 'requests');
            ->requestableAssets();
@@ -1044,7 +1078,7 @@ class AssetsController extends Controller
        if ($request->filled('search')) {
            $assets->TextSearch($request->input('search'));
        }
-
+        
        // Search custom fields by column name
        foreach ($all_custom_fields as $field) {
            if ($request->filled($field->db_column_name())) {
@@ -1074,6 +1108,7 @@ class AssetsController extends Controller
                break;
        }
        $assets->requestableAssets();
        // Make sure the offset and limit are actually integers and do not exceed system limits
        $offset = ($request->input('offset') > $assets->count()) ? $assets->count() : app('api_offset_value');
@@ -40,7 +40,9 @@ class CompaniesController extends Controller
            'components_count',
        ];
-        $companies = Company::withCount('assets as assets_count', 'licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count', 'components as components_count', 'users as users_count');
+        $companies = Company::withCount(['assets as assets_count'  => function ($query) {
            $query->AssetsForShow();
        }])->withCount('licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count', 'components as components_count', 'users as users_count');
        if ($request->filled('search')) {
            $companies->TextSearch($request->input('search'));
@@ -14,6 +14,7 @@ use App\Events\ComponentCheckedIn;
 use App\Models\Asset;
 use Illuminate\Support\Facades\Validator;
 use Illuminate\Database\Query\Builder;
 use Illuminate\Support\Facades\Log;
 class ComponentsController extends Controller
 {
@@ -331,7 +332,7 @@ class ComponentsController extends Controller
            // actually checked out.
            $component_assets->assigned_qty = $qty_remaining_in_checkout;
-            \Log::debug($component_asset_id.' - '.$qty_remaining_in_checkout.' remaining in record '.$component_assets->id);
+            Log::debug($component_asset_id.' - '.$qty_remaining_in_checkout.' remaining in record '.$component_assets->id);
            \DB::table('components_assets')->where('id',
                $component_asset_id)->update(['assigned_qty' => $qty_remaining_in_checkout]);
@@ -2,6 +2,7 @@
 namespace App\Http\Controllers\Api;
 use App\Events\CheckoutableCheckedOut;
 use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Http\Transformers\ConsumablesTransformer;
@@ -11,6 +12,8 @@ use App\Models\Consumable;
 use App\Models\User;
 use Illuminate\Http\Request;
 use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Log;
 class ConsumablesController extends Controller
 {
@@ -275,7 +278,7 @@ class ConsumablesController extends Controller
        if (!$user = User::find($request->input('assigned_to'))) {
            // Return error message
            return response()->json(Helper::formatStandardApiResponse('error', null, 'No user found'));
-            \Log::debug('No valid user');
+            Log::debug('No valid user');
        }
        // Update the consumable data
@@ -290,17 +293,9 @@ class ConsumablesController extends Controller
                ]
            );
-            // Log checkout event
+        event(new CheckoutableCheckedOut($consumable, $user, Auth::user(), $request->input('note')));
            $logaction = $consumable->logCheckout($request->input('note'), $user);
            $data['log_id'] = $logaction->id;
            $data['eula'] = $consumable->getEula();
            $data['first_name'] = $user->first_name;
            $data['item_name'] = $consumable->name;
            $data['checkout_date'] = $logaction->created_at;
            $data['note'] = $logaction->note;
            $data['require_acceptance'] = $consumable->requireAcceptance();
-            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/consumables/message.checkout.success')));
+        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/consumables/message.checkout.success')));
    }
@@ -179,7 +179,7 @@ class CustomFieldsController extends Controller
     *
     * @author [Brady Wetherington] [<uberbrady@gmail.com>]
     * @since [v1.8]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function destroy($field_id)
    {
@@ -118,7 +118,7 @@ class CustomFieldsetsController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function destroy($id)
    {
@@ -8,7 +8,7 @@ use App\Http\Transformers\DepartmentsTransformer;
 use App\Http\Transformers\SelectlistTransformer;
 use App\Models\Company;
 use App\Models\Department;
-use Auth;
+use Illuminate\Support\Facades\Auth;
 use Illuminate\Http\Request;
 use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Storage;
@@ -7,6 +7,7 @@ use App\Http\Controllers\Controller;
 use App\Http\Transformers\GroupsTransformer;
 use App\Models\Group;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 class GroupsController extends Controller
@@ -25,7 +26,7 @@ class GroupsController extends Controller
        $this->authorize('view', Group::class);
        $allowed_columns = ['id', 'name', 'created_at', 'users_count'];
-        $groups = Group::select('id', 'name', 'permissions', 'created_at', 'updated_at')->withCount('users as users_count');
+        $groups = Group::select('id', 'name', 'permissions', 'created_at', 'updated_at', 'created_by')->with('admin')->withCount('users as users_count');
        if ($request->filled('search')) {
            $groups = $groups->TextSearch($request->input('search'));
@@ -61,12 +62,16 @@ class GroupsController extends Controller
    {
        $this->authorize('superadmin');
        $group = new Group;
        // Get all the available permissions
        $permissions = config('permissions');
        $groupPermissions = Helper::selectedPermissionsArray($permissions, $permissions);
        $group->name = $request->input('name');
-        $group->permissions = json_encode($request->input('permissions')); // Todo - some JSON validation stuff here
+        $group->created_by = Auth::user()->id;
        $group->permissions = json_encode($request->input('permissions', $groupPermissions));
        if ($group->save()) {
-            return response()->json(Helper::formatStandardApiResponse('success', $group, trans('admin/groups/message.create.success')));
+            return response()->json(Helper::formatStandardApiResponse('success', (new GroupsTransformer)->transformGroup($group), trans('admin/groups/message.success.create')));
        }
        return response()->json(Helper::formatStandardApiResponse('error', null, $group->getErrors()));
@@ -84,7 +89,6 @@ class GroupsController extends Controller
    {
        $this->authorize('superadmin');
        $group = Group::findOrFail($id);
        return (new GroupsTransformer)->transformGroup($group);
    }
@@ -106,7 +110,7 @@ class GroupsController extends Controller
        $group->permissions = $request->input('permissions'); // Todo - some JSON validation stuff here
        if ($group->save()) {
-            return response()->json(Helper::formatStandardApiResponse('success', $group, trans('admin/groups/message.update.success')));
+            return response()->json(Helper::formatStandardApiResponse('success', (new GroupsTransformer)->transformGroup($group), trans('admin/groups/message.success.update')));
        }
        return response()->json(Helper::formatStandardApiResponse('error', null, $group->getErrors()));
@@ -9,13 +9,14 @@ use App\Http\Transformers\ImportsTransformer;
 use App\Models\Asset;
 use App\Models\Company;
 use App\Models\Import;
-use Artisan;
+use Illuminate\Support\Facades\Artisan;
 use Illuminate\Database\Eloquent\JsonEncodingException;
 use Illuminate\Support\Facades\Request;
 use Illuminate\Support\Facades\Session;
 use Illuminate\Support\Facades\Storage;
 use League\Csv\Reader;
 use Symfony\Component\HttpFoundation\File\Exception\FileException;
 use Illuminate\Support\Facades\Log;
 class ImportController extends Controller
 {
@@ -159,10 +160,10 @@ class ImportController extends Controller
        // Run a backup immediately before processing
        if ($request->get('run-backup')) {
-            \Log::debug('Backup manually requested via importer');
+            Log::debug('Backup manually requested via importer');
            Artisan::call('snipeit:backup', ['--filename' => 'pre-import-backup-'.date('Y-m-d-H:i:s')]);
        } else {
-            \Log::debug('NO BACKUP requested via importer');
+            Log::debug('NO BACKUP requested via importer');
        }
        $import = Import::find($import_id);
@@ -8,7 +8,7 @@ use App\Http\Transformers\LabelsTransformer;
 use App\Models\Labels\Label;
 use Illuminate\Http\Request;
 use Illuminate\Support\ItemNotFoundException;
-use Auth;
+use Illuminate\Support\Facades\Auth;
 class LabelsController extends Controller
 {
@@ -9,7 +9,7 @@ use App\Models\Asset;
 use App\Models\License;
 use App\Models\LicenseSeat;
 use App\Models\User;
-use Auth;
+use Illuminate\Support\Facades\Auth;
 use Illuminate\Http\Request;
 class LicenseSeatsController extends Controller
@@ -136,6 +136,7 @@ class LicensesController extends Controller
                        'seats',
                        'termination_date',
                        'depreciation_id',
                        'min_amt',
                    ];
                $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
                $licenses = $licenses->orderBy($sort, $order);
@@ -25,9 +25,27 @@ class LocationsController extends Controller
    {
        $this->authorize('view', Location::class);
        $allowed_columns = [
-            'id', 'name', 'address', 'address2', 'city', 'state', 'country', 'zip', 'created_at',
+            'id',
-            'updated_at', 'manager_id', 'image',
+            'name',
-            'assigned_assets_count', 'users_count', 'assets_count','assigned_assets_count', 'assets_count', 'rtd_assets_count', 'currency', 'ldap_ou', ];
+            'address',
            'address2',
            'city',
            'state',
            'country',
            'zip',
            'created_at',
            'updated_at',
            'manager_id',
            'image',
            'assigned_assets_count',
            'users_count',
            'assets_count',
            'assigned_assets_count',
            'assets_count',
            'rtd_assets_count',
            'currency',
            'ldap_ou',
            ];
        $locations = Location::with('parent', 'manager', 'children')->select([
            'locations.id',
@@ -50,6 +68,7 @@ class LocationsController extends Controller
        ])->withCount('assignedAssets as assigned_assets_count')
            ->withCount('assets as assets_count')
            ->withCount('rtd_assets as rtd_assets_count')
            ->withCount('children as children_count')
            ->withCount('users as users_count');
        if ($request->filled('search')) {
@@ -80,6 +99,10 @@ class LocationsController extends Controller
            $locations->where('locations.country', '=', $request->input('country'));
        }
        if ($request->filled('manager_id')) {
            $locations->where('locations.manager_id', '=', $request->input('manager_id'));
        }
        // Make sure the offset and limit are actually integers and do not exceed system limits
        $offset = ($request->input('offset') > $locations->count()) ? $locations->count() : app('api_offset_value');
        $limit = app('api_limit_value');
@@ -212,10 +235,16 @@ class LocationsController extends Controller
    public function destroy($id)
    {
        $this->authorize('delete', Location::class);
-        $location = Location::findOrFail($id);
+        $location = Location::withCount('assignedAssets as assigned_assets_count')
            ->withCount('assets as assets_count')
            ->withCount('rtd_assets as rtd_assets_count')
            ->withCount('children as children_count')
            ->withCount('users as users_count')
            ->findOrFail($id);
        if (! $location->isDeletable()) {
            return response()
-                    ->json(Helper::formatStandardApiResponse('error', null, trans('admin/companies/message.assoc_users')));
+                    ->json(Helper::formatStandardApiResponse('error', null, trans('admin/locations/message.assoc_users')));
        }
        $this->authorize('delete', $location);
        $location->delete();
@@ -12,7 +12,7 @@ use Laravel\Passport\TokenRepository;
 use Illuminate\Contracts\Validation\Factory as ValidationFactory;
 use Illuminate\Support\Facades\Gate;
 use App\Models\CustomField;
-use DB;
+use Illuminate\Support\Facades\DB;
 class ProfileController extends Controller
 {
@@ -32,14 +32,26 @@ class ReportsController extends Controller
        }
        if (($request->filled('item_type')) && ($request->filled('item_id'))) {
-            $actionlogs = $actionlogs->where('item_id', '=', $request->input('item_id'))
+            $actionlogs = $actionlogs->where(function($query) use ($request)
-                ->where('item_type', '=', 'App\\Models\\'.ucwords($request->input('item_type')));
+            {
                $query->where('item_id', '=', $request->input('item_id'))
                ->where('item_type', '=', 'App\\Models\\'.ucwords($request->input('item_type')))
                ->orWhere(function($query) use ($request)
                {
                    $query->where('target_id', '=', $request->input('item_id'))
                    ->where('target_type', '=', 'App\\Models\\'.ucwords($request->input('item_type')));
                });
            });
        }
        if ($request->filled('action_type')) {
            $actionlogs = $actionlogs->where('action_type', '=', $request->input('action_type'))->orderBy('created_at', 'desc');
        }
        if ($request->filled('user_id')) {
            $actionlogs = $actionlogs->where('user_id', '=', $request->input('user_id'));
        }
        if ($request->filled('action_source')) {
            $actionlogs = $actionlogs->where('action_source', '=', $request->input('action_source'))->orderBy('created_at', 'desc');
        }
@@ -66,13 +78,14 @@ class ReportsController extends Controller
        ];
        $total = $actionlogs->count();
        // Make sure the offset and limit are actually integers and do not exceed system limits
-        $offset = ($request->input('offset') > $actionlogs->count()) ? $actionlogs->count() : app('api_offset_value');
+        $offset = ($request->input('offset') > $total) ? $total : app('api_offset_value');
        $limit = app('api_limit_value');
        $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
        $order = ($request->input('order') == 'asc') ? 'asc' : 'desc';
-        $total = $actionlogs->count();
+
        $actionlogs = $actionlogs->orderBy($sort, $order)->skip($offset)->take($limit)->get();
@@ -33,18 +33,18 @@ class SettingsController extends Controller
        $settings = Setting::getSettings();
        if ($settings->ldap_enabled!='1') {
-            \Log::debug('LDAP is not enabled cannot test.');
+            Log::debug('LDAP is not enabled cannot test.');
            return response()->json(['message' => 'LDAP is not enabled, cannot test.'], 400);
        }
-        \Log::debug('Preparing to test LDAP connection');
+        Log::debug('Preparing to test LDAP connection');
        $message = []; //where we collect together test messages
        try {
            $connection = Ldap::connectToLdap();
            try {
                $message['bind'] = ['message' => 'Successfully bound to LDAP server.'];
-                \Log::debug('attempting to bind to LDAP for LDAP test');
+                Log::debug('attempting to bind to LDAP for LDAP test');
                Ldap::bindAdminToLdap($connection);
                $message['login'] = [
                    'message' => 'Successfully connected to LDAP server.',
@@ -75,13 +75,13 @@ class SettingsController extends Controller
                return response()->json($message, 200);
            } catch (\Exception $e) {
-                \Log::debug('Bind failed');
+                Log::debug('Bind failed');
-                \Log::debug("Exception was: ".$e->getMessage());
+                Log::debug("Exception was: ".$e->getMessage());
                return response()->json(['message' => $e->getMessage()], 400);
                //return response()->json(['message' => $e->getMessage()], 500);
            }
        } catch (\Exception $e) {
-            \Log::debug('Connection failed but we cannot debug it any further on our end.');
+            Log::debug('Connection failed but we cannot debug it any further on our end.');
            return response()->json(['message' => $e->getMessage()], 500);
        }
@@ -92,7 +92,7 @@ class SettingsController extends Controller
    {
        if (Setting::getSettings()->ldap_enabled != '1') {
-            \Log::debug('LDAP is not enabled. Cannot test.');
+            Log::debug('LDAP is not enabled. Cannot test.');
            return response()->json(['message' => 'LDAP is not enabled, cannot test.'], 400);
        }
@@ -104,39 +104,39 @@ class SettingsController extends Controller
        $validator = Validator::make($request->all(), $rules);
        if ($validator->fails()) {
-            \Log::debug('LDAP Validation test failed.');
+            Log::debug('LDAP Validation test failed.');
            $validation_errors = implode(' ',$validator->errors()->all());
            return response()->json(['message' => $validator->errors()->all()], 400);
        }
-        \Log::debug('Preparing to test LDAP login');
+        Log::debug('Preparing to test LDAP login');
        try {
            $connection = Ldap::connectToLdap();
            try {
                Ldap::bindAdminToLdap($connection);
-                \Log::debug('Attempting to bind to LDAP for LDAP test');
+                Log::debug('Attempting to bind to LDAP for LDAP test');
                try {
                    $ldap_user = Ldap::findAndBindUserLdap($request->input('ldaptest_user'), $request->input('ldaptest_password'));
                    if ($ldap_user) {
-                        \Log::debug('It worked! '. $request->input('ldaptest_user').' successfully binded to LDAP.');
+                        Log::debug('It worked! '. $request->input('ldaptest_user').' successfully binded to LDAP.');
                        return response()->json(['message' => 'It worked! '. $request->input('ldaptest_user').' successfully binded to LDAP.'], 200);
                    }
                    return response()->json(['message' => 'Login Failed. '. $request->input('ldaptest_user').' did not successfully bind to LDAP.'], 400);
                } catch (\Exception $e) {
-                    \Log::debug('LDAP login failed');
+                    Log::debug('LDAP login failed');
                    return response()->json(['message' => $e->getMessage()], 400);
                }
            } catch (\Exception $e) {
-                \Log::debug('Bind failed');
+                Log::debug('Bind failed');
                return response()->json(['message' => $e->getMessage()], 400);
                //return response()->json(['message' => $e->getMessage()], 500);
            }
        } catch (\Exception $e) {
-            \Log::debug('Connection failed');
+            Log::debug('Connection failed');
            return response()->json(['message' => $e->getMessage()], 500);
        }
@@ -148,7 +148,7 @@ class SettingsController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v3.0]
-     * @return Redirect
+     * @return JsonResponse
     */
    public function ajaxTestEmail()
    {
@@ -170,7 +170,7 @@ class SettingsController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v5.0.0]
-     * @return Response
+     * @return JsonResponse
     */
    public function purgeBarcodes()
    {
@@ -181,19 +181,19 @@ class SettingsController extends Controller
            $file_parts = explode('.', $file);
            $extension = end($file_parts);
-            \Log::debug($extension);
+            Log::debug($extension);
            // Only generated barcodes would have a .png file extension
            if ($extension == 'png') {
-                \Log::debug('Deleting: '.$file);
+                Log::debug('Deleting: '.$file);
                try {
                    Storage::disk('public')->delete($file);
-                    \Log::debug('Deleting: '.$file);
+                    Log::debug('Deleting: '.$file);
                    $file_count++;
                } catch (\Exception $e) {
-                    \Log::debug($e);
+                    Log::debug($e);
                }
            }
        }
@@ -211,7 +211,7 @@ class SettingsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v5.0.0]
     * @param  \Illuminate\Http\Request  $request
-     * @return array
+     * @return array | JsonResponse
     */
    public function showLoginAttempts(Request $request)
    {
@@ -229,6 +229,12 @@ class SettingsController extends Controller
    }
    /**
     * Lists backup files
     *
     * @author [A. Gianotto]
     * @return array | JsonResponse
     */
    public function listBackups() {
        $settings = Setting::getSettings();
        $path = 'app/backups';
@@ -249,12 +255,12 @@ class SettingsController extends Controller
                        'filesize' => Setting::fileSizeConvert(Storage::size($backup_files[$f])),
                        'modified_value' => $file_timestamp,
                        'modified_display' => date($settings->date_display_format.' '.$settings->time_display_format, $file_timestamp),
                        'backup_url' => config('app.url').'/settings/backups/download/'.basename($backup_files[$f]),
                    ];
                    $count++;
                }
            }
        }
@@ -264,15 +270,56 @@ class SettingsController extends Controller
    }
    /**
     * Downloads a backup file.
     * We use response()->download() here instead of Storage::download() because Storage::download()
     * exhausts memory on larger files.
     *
     * @author [A. Gianotto]
     * @return JsonResponse|\Symfony\Component\HttpFoundation\BinaryFileResponse
     */
    public function downloadBackup($file) {
-        $path = 'app/backups';
+        $path = storage_path('app/backups');
-        if (Storage::exists($path.'/'.$file)) {
+        
        if (Storage::exists('app/backups/'.$file)) {
            $headers = ['ContentType' => 'application/zip'];
-            return Storage::download($path.'/'.$file, $file, $headers);
+            return response()->download($path.'/'.$file, $file, $headers);
        } else {
-            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('general.file_not_found')));
+            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('general.file_not_found')), 404);
        }
    }
    /**
     * Determines and downloads the latest backup
     *
     * @author [A. Gianotto]
     * @since [v6.3.1]
     * @return JsonResponse|\Symfony\Component\HttpFoundation\BinaryFileResponse
     */
    public function downloadLatestBackup() {
        $fileData = collect();
        foreach (Storage::files('app/backups') as $file) {
            if (pathinfo($file, PATHINFO_EXTENSION) == 'zip') {
                $fileData->push([
                    'file' => $file,
                    'date' => Storage::lastModified($file)
                ]);
            }
        }
        $newest = $fileData->sortByDesc('date')->first();
        if (Storage::exists($newest['file'])) {
            $headers = ['ContentType' => 'application/zip'];
            return response()->download(storage_path($newest['file']), basename($newest['file']), $headers);
        } else {
            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('general.file_not_found')), 404);
        }
    }
 }
@@ -13,15 +13,17 @@ use App\Http\Transformers\SelectlistTransformer;
 use App\Http\Transformers\UsersTransformer;
 use App\Models\Actionlog;
 use App\Models\Asset;
-use App\Models\Company;
+use App\Models\Accessory;
 use App\Models\Consumable;
 use App\Models\License;
 use App\Models\User;
 use App\Notifications\CurrentInventory;
-use Auth;
+use Illuminate\Support\Facades\Auth;
 use Illuminate\Http\Request;
 use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Facades\Validator;
 use Illuminate\Support\Facades\Log;
 use App\Http\Requests\DeleteUserRequest;
 class UsersController extends Controller
 {
@@ -31,7 +33,7 @@ class UsersController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
     *
-     * @return \Illuminate\Http\Response
+     * @return array
     */
    public function index(Request $request)
    {
@@ -73,11 +75,16 @@ class UsersController extends Controller
            'users.end_date',
            'users.vip',
            'users.autoassign_licenses',
            'users.website',
-        ])->with('manager', 'groups', 'userloc', 'company', 'department', 'assets', 'licenses', 'accessories', 'consumables', 'createdBy',)
+        ])->with('manager', 'groups', 'userloc', 'company', 'department', 'assets', 'licenses', 'accessories', 'consumables', 'createdBy', 'managesUsers', 'managedLocations')
-            ->withCount('assets as assets_count', 'licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count');
+            ->withCount('assets as assets_count', 'licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count', 'managesUsers as manages_users_count', 'managedLocations as manages_locations_count');
        if ($request->filled('search') != '') {
            $users = $users->TextSearch($request->input('search'));
        }
        if ($request->filled('activated')) {
            $users = $users->where('users.activated', '=', $request->input('activated'));
        }
@@ -122,6 +129,10 @@ class UsersController extends Controller
            $users = $users->where('users.country', '=', $request->input('country'));
        }
        if ($request->filled('website')) {
            $users = $users->where('users.website', '=', $request->input('website'));
        }
        if ($request->filled('zip')) {
            $users = $users->where('users.zip', '=', $request->input('zip'));
        }
@@ -182,12 +193,23 @@ class UsersController extends Controller
            $users->has('accessories', '=', $request->input('accessories_count'));
        }
        if ($request->filled('manages_users_count')) {
            $users->has('manages_users_count', '=', $request->input('manages_users_count'));
        }
        if ($request->filled('manages_locations_count')) {
            $users->has('manages_locations_count', '=', $request->input('manages_locations_count'));
        }
        if ($request->filled('autoassign_licenses')) {
            $users->where('autoassign_licenses', '=', $request->input('autoassign_licenses'));
        }
-        if ($request->filled('search')) {
+
-            $users = $users->TextSearch($request->input('search'));
+        if (($request->filled('deleted')) && ($request->input('deleted') == 'true')) {
            $users = $users->onlyTrashed();
        } elseif (($request->filled('all')) && ($request->input('all') == 'true')) {
            $users = $users->withTrashed();
        }
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
@@ -225,10 +247,6 @@ class UsersController extends Controller
                        'jobtitle',
                        'username',
                        'employee_num',
                        'assets',
                        'accessories',
                        'consumables',
                        'licenses',
                        'groups',
                        'activated',
                        'created_at',
@@ -239,6 +257,8 @@ class UsersController extends Controller
                        'licenses_count',
                        'consumables_count',
                        'accessories_count',
                        'manages_users_count',
                        'manages_locations_count',
                        'phone',
                        'address',
                        'city',
@@ -254,31 +274,20 @@ class UsersController extends Controller
                        'start_date',
                        'end_date',
                        'autoassign_licenses',
                        'website',
                    ];
-                $sort = in_array($request->get('sort'), $allowed_columns) ? $request->get('sort') : 'first_name';
+                $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'first_name';
                $users = $users->orderBy($sort, $order);
                break;
        }
        if (($request->filled('deleted')) && ($request->input('deleted') == 'true')) {
            $users = $users->onlyTrashed();
        } elseif (($request->filled('all')) && ($request->input('all') == 'true')) {
            $users = $users->withTrashed();
        }
        $users = Company::scopeCompanyables($users);
        // Make sure the offset and limit are actually integers and do not exceed system limits
        $offset = ($request->input('offset') > $users->count()) ? $users->count() : app('api_offset_value');
        $limit = app('api_limit_value');
        \Log::debug('Requested offset: '. $request->input('offset'));
        \Log::debug('App offset: '. app('api_offset_value'));
        \Log::debug('Actual offset: '. $offset);
        \Log::debug('Limit: '. $limit);
        $total = $users->count();
        $users = $users->skip($offset)->take($limit)->get();
@@ -307,8 +316,6 @@ class UsersController extends Controller
            ]
            )->where('show_in_list', '=', '1');
        $users = Company::scopeCompanyables($users);
        if ($request->filled('search')) {
            $users = $users->where(function ($query) use ($request) {
                $query->SimpleNameSearch($request->get('search'))
@@ -350,7 +357,7 @@ class UsersController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
     * @param  \Illuminate\Http\Request  $request
-     * @return \Illuminate\Http\Response
+     * @return array | \Illuminate\Http\JsonResponse
     */
    public function store(SaveUserRequest $request)
    {
@@ -397,14 +404,19 @@ class UsersController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param  int  $id
-     * @return \Illuminate\Http\Response
+     * @return array | \Illuminate\Http\JsonResponse
     */
    public function show($id)
    {
        $this->authorize('view', User::class);
        $user = User::withCount('assets as assets_count', 'licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count')->findOrFail($id);
-        return (new UsersTransformer)->transformUser($user);
+        if ($user = User::withCount('assets as assets_count', 'licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count', 'managesUsers as manages_users_count', 'managedLocations as manages_locations_count')->find($id)) {
            $this->authorize('view', $user);
            return (new UsersTransformer)->transformUser($user);
        }
        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.user_not_found', compact('id'))));
    }
@@ -415,89 +427,89 @@ class UsersController extends Controller
     * @since [v4.0]
     * @param  \Illuminate\Http\Request  $request
     * @param  int  $id
-     * @return \Illuminate\Http\Response
+     * @return \Illuminate\Http\JsonResponse
     */
    public function update(SaveUserRequest $request, $id)
    {
        $this->authorize('update', User::class);
-        $user = User::findOrFail($id);
+        if ($user = User::find($id)) {
        /**
         * This is a janky hack to prevent people from changing admin demo user data on the public demo.
         * 
         * The $ids 1 and 2 are special since they are seeded as superadmins in the demo seeder.
         * 
         *  Thanks, jerks. You are why we can't have nice things. - snipe
         * 
         */ 
-        if ((($id == 1) || ($id == 2)) && (config('app.lock_passwords'))) {
+            $this->authorize('update', $user);
-            return response()->json(Helper::formatStandardApiResponse('error', null, 'Permission denied. You cannot update user information via API on the demo.'));
+
-        }
+            /**
             * This is a janky hack to prevent people from changing admin demo user data on the public demo.
             * The $ids 1 and 2 are special since they are seeded as superadmins in the demo seeder.
             *  Thanks, jerks. You are why we can't have nice things. - snipe
             *
             */
-        $user->fill($request->all());
+            if ((($id == 1) || ($id == 2)) && (config('app.lock_passwords'))) {
-        
+                return response()->json(Helper::formatStandardApiResponse('error', null, 'Permission denied. You cannot update user information via API on the demo.'));
        if ($user->id == $request->input('manager_id')) {
            return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot be your own manager'));
        }
        if ($request->filled('password')) {
            $user->password = bcrypt($request->input('password'));
        }
        // We need to use has()  instead of filled()
        // here because we need to overwrite permissions
        // if someone needs to null them out
        if ($request->has('permissions')) {
            $permissions_array = $request->input('permissions');
            // Strip out the superuser permission if the API user isn't a superadmin
            if (! Auth::user()->isSuperUser()) {
                unset($permissions_array['superuser']);
            }
            $user->permissions = $permissions_array;
        }
            $user->fill($request->all());
-        // Update the location of any assets checked out to this user
+            if ($user->id == $request->input('manager_id')) {
-        Asset::where('assigned_type', User::class)
+                return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot be your own manager'));
-            ->where('assigned_to', $user->id)->update(['location_id' => $request->input('location_id', null)]);
+            }
-        
+            if ($request->filled('password')) {
-        app('App\Http\Requests\ImageUploadRequest')->handleImages($user, 600, 'image', 'avatars', 'avatar');
+                $user->password = bcrypt($request->input('password'));
-          
+            }
        if ($user->save()) {
-            // Sync group memberships:
+            // We need to use has()  instead of filled()
-            // This was changed in Snipe-IT v4.6.x to 4.7, since we upgraded to Laravel 5.5
+            // here because we need to overwrite permissions
-            // which changes the behavior of has vs filled.
+            // if someone needs to null them out
-            // The $request->has method will now return true even if the input value is an empty string or null.
+            if ($request->has('permissions')) {
-            // A new $request->filled method has was added that provides the previous behavior of the has method.
+                $permissions_array = $request->input('permissions');
-            // Check if the request has groups passed and has a value
+                // Strip out the individual superuser permission if the API user isn't a superadmin
-            if ($request->filled('groups')) {
+                if (!Auth::user()->isSuperUser()) {
-                $validator = Validator::make($request->all(), [
+                    unset($permissions_array['superuser']);
                    'groups.*' => 'integer|exists:permission_groups,id',
                ]);
                if ($validator->fails()){
                    return response()->json(Helper::formatStandardApiResponse('error', null, $user->getErrors()));
                }
-                $user->groups()->sync($request->input('groups'));
+
-            // The groups field has been passed but it is null, so we should blank it out
+                $user->permissions = $permissions_array;
            } elseif ($request->has('groups')) {
                $user->groups()->sync([]);
            }
-            return response()->json(Helper::formatStandardApiResponse('success', (new UsersTransformer)->transformUser($user), trans('admin/users/message.success.update')));
+            // Update the location of any assets checked out to this user
            Asset::where('assigned_type', User::class)
                ->where('assigned_to', $user->id)->update(['location_id' => $request->input('location_id', null)]);
            app('App\Http\Requests\ImageUploadRequest')->handleImages($user, 600, 'image', 'avatars', 'avatar');
            if ($user->save()) {
                // Check if the request has groups passed and has a value, AND that the user us a superuser
                if (($request->has('groups')) && (Auth::user()->isSuperUser())) {
                    $validator = Validator::make($request->only('groups'), [
                        'groups.*' => 'integer|exists:permission_groups,id',
                    ]);
                    if ($validator->fails()) {
                        return response()->json(Helper::formatStandardApiResponse('error', null, $validator->errors()));
                    }
                    // Sync the groups since the user is a superuser and the groups pass validation
                    $user->groups()->sync($request->input('groups'));
                }
                return response()->json(Helper::formatStandardApiResponse('success', (new UsersTransformer)->transformUser($user), trans('admin/users/message.success.update')));
            }
            return response()->json(Helper::formatStandardApiResponse('error', null, $user->getErrors()));
        }
-        return response()->json(Helper::formatStandardApiResponse('error', null, $user->getErrors()));
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.user_not_found', compact('id'))));
    }
    /**
@@ -506,45 +518,36 @@ class UsersController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
     * @param  int  $id
-     * @return \Illuminate\Http\Response
+     * @return \Illuminate\Http\JsonResponse
     */
-    public function destroy($id)
+    public function destroy(DeleteUserRequest $request, $id)
    {
        $this->authorize('delete', User::class);
        $user = User::findOrFail($id);
        $this->authorize('delete', $user);
-        if (($user->assets) && ($user->assets->count() > 0)) {
+        if ($user = User::withTrashed()->find($id)) {
            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.error.delete_has_assets')));
        }
-        if (($user->licenses) && ($user->licenses->count() > 0)) {
+            $this->authorize('delete', $user);
            return response()->json(Helper::formatStandardApiResponse('error', null, 'This user still has '.$user->licenses->count().' license(s) associated with them and cannot be deleted.'));
        }
-        if (($user->accessories) && ($user->accessories->count() > 0)) {
+            if ($user->delete()) {
            return response()->json(Helper::formatStandardApiResponse('error', null, 'This user still has '.$user->accessories->count().' accessories associated with them.'));
        }
-        if (($user->managedLocations()) && ($user->managedLocations()->count() > 0)) {
+                // Remove the user's avatar if they have one
-            return response()->json(Helper::formatStandardApiResponse('error', null, 'This user still has '.$user->managedLocations()->count().' locations that they manage.'));
+                if (Storage::disk('public')->exists('avatars/' . $user->avatar)) {
-        }
+                    try {
-
+                        Storage::disk('public')->delete('avatars/' . $user->avatar);
-        if ($user->delete()) {
+                    } catch (\Exception $e) {
-
+                        Log::debug($e);
-            // Remove the user's avatar if they have one
+                    }
            if (Storage::disk('public')->exists('avatars/'.$user->avatar)) {
                try {
                    Storage::disk('public')->delete('avatars/'.$user->avatar);
                } catch (\Exception $e) {
                    \Log::debug($e);
                }
                return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/users/message.success.delete')));
            }
-            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/users/message.success.delete')));
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.error.delete')));
        }
-        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.error.delete')));
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.user_not_found')));
    }
    /**
@@ -553,15 +556,42 @@ class UsersController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v3.0]
     * @param $userId
-     * @return string JSON
+     * @return array | \Illuminate\Http\JsonResponse
     */
    public function assets(Request $request, $id)
    {
        $this->authorize('view', User::class);
        $this->authorize('view', Asset::class);
        $assets = Asset::where('assigned_to', '=', $id)->where('assigned_type', '=', User::class)->with('model')->get();
-        return (new AssetsTransformer)->transformAssets($assets, $assets->count(), $request);
+        if ($user = User::with('assets', 'assets.model', 'consumables', 'accessories', 'licenses', 'userloc')->withTrashed()->find($id)) {
            $this->authorize('view', $user);
            $assets = Asset::where('assigned_to', '=', $id)->where('assigned_type', '=', User::class)->with('model');
            // Filter on category ID
            if ($request->filled('category_id')) {
                $assets = $assets->InCategory($request->input('category_id'));
            }
            // Filter on model ID
            if ($request->filled('model_id')) {
                $model_ids = $request->input('model_id');
                if (!is_array($model_ids)) {
                    $model_ids = array($model_ids);
                }
                $assets = $assets->InModelList($model_ids);
            }
            $assets = $assets->get();
            return (new AssetsTransformer)->transformAssets($assets, $assets->count(), $request);
        }
        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.user_not_found', compact('id'))));
    }
    /**
@@ -575,15 +605,22 @@ class UsersController extends Controller
     */
    public function emailAssetList(Request $request, $id)
    {
-        $user = User::findOrFail($id);
+        $this->authorize('update', User::class);
-        if (empty($user->email)) {
+        if ($user = User::find($id)) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.inventorynotification.error')));
+            $this->authorize('update', $user);
            if (empty($user->email)) {
                return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.inventorynotification.error')));
            }
            $user->notify((new CurrentInventory($user)));
            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/users/message.inventorynotification.success')));
        }
-        $user->notify((new CurrentInventory($user)));
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.user_not_found', compact('id'))));
-        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/users/message.inventorynotification.success')));
+
    }
    /**
@@ -592,13 +629,14 @@ class UsersController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v3.0]
     * @param $userId
-     * @return string JSON
+     * @return array | \Illuminate\Http\JsonResponse
     */
    public function consumables(Request $request, $id)
    {
        $this->authorize('view', User::class);
        $this->authorize('view', Consumable::class);
        $user = User::findOrFail($id);
        $this->authorize('view', $user);
        $consumables = $user->consumables;
        return (new ConsumablesTransformer)->transformConsumables($consumables, $consumables->count(), $request);
    }
@@ -609,12 +647,13 @@ class UsersController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.6.14]
     * @param $userId
-     * @return string JSON
+     * @return array
     */
    public function accessories($id)
    {
        $this->authorize('view', User::class);
        $user = User::findOrFail($id);
        $this->authorize('view', $user);
        $this->authorize('view', Accessory::class);
        $accessories = $user->accessories;
@@ -627,7 +666,7 @@ class UsersController extends Controller
     * @author [N. Mathar] [<snipe@snipe.net>]
     * @since [v5.0]
     * @param $userId
-     * @return string JSON
+     * @return array | \Illuminate\Http\JsonResponse
     */
    public function licenses($id)
    {
@@ -635,6 +674,7 @@ class UsersController extends Controller
        $this->authorize('view', License::class);
        if ($user = User::where('id', $id)->withTrashed()->first()) {
            $this->authorize('update', $user);
            $licenses = $user->licenses()->get();
            return (new LicensesTransformer())->transformLicenses($licenses, $licenses->count());
        }
@@ -658,9 +698,20 @@ class UsersController extends Controller
        if ($request->filled('id')) {
            try {
                $user = User::find($request->get('id'));
                $this->authorize('update', $user);
                $user->two_factor_secret = null;
                $user->two_factor_enrolled = 0;
-                $user->save();
+                $user->saveQuietly();
                // Log the reset
                $logaction = new Actionlog();
                $logaction->target_type = User::class;
                $logaction->target_id = $user->id;
                $logaction->item_type = User::class;
                $logaction->item_id = $user->id;
                $logaction->created_at = date('Y-m-d H:i:s');
                $logaction->user_id = Auth::user()->id;
                $logaction->logaction('2FA reset');
                return response()->json(['message' => trans('admin/settings/general.two_factor_reset_success')], 200);
            } catch (\Exception $e) {
@@ -678,7 +729,7 @@ class UsersController extends Controller
     * @author [Juan Font] [<juanfontalonso@gmail.com>]
     * @since [v4.4.2]
     * @param  \Illuminate\Http\Request  $request
-     * @return \Illuminate\Http\Response
+     * @return array
     */
    public function getCurrentUserInfo(Request $request)
    {
@@ -691,12 +742,14 @@ class UsersController extends Controller
     * @author [E. Taylor] [<dev@evantaylor.name>]
     * @param int $userId
     * @since [v6.0.0]
-     * @return JsonResponse
+     * @return \Illuminate\Http\JsonResponse
     */
-    public function restore($userId = null)
+    public function restore($userId)
    {
        $this->authorize('delete', User::class);
        if ($user = User::withTrashed()->find($userId)) {
            $this->authorize('delete', $user);
            if ($user->deleted_at == '') {
@@ -715,8 +768,6 @@ class UsersController extends Controller
                return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/users/message.success.restored')), 200);
            }
            // Check validation to make sure we're not restoring a user with the same username as an existing user
            return response()->json(Helper::formatStandardApiResponse('error', null, $user->getErrors()));
        }
        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.user_not_found')), 200);
@@ -6,7 +6,7 @@ use App\Helpers\Helper;
 use App\Models\Asset;
 use App\Models\AssetMaintenance;
 use App\Models\Company;
-use Auth;
+use Illuminate\Support\Facades\Auth;
 use Carbon\Carbon;
 use Illuminate\Http\Request;
 use Slack;
@@ -148,30 +148,20 @@ class AssetMaintenancesController extends Controller
    */
    public function edit($assetMaintenanceId = null)
    {
        $this->authorize('update', Asset::class);
        // Check if the asset maintenance exists
        $this->authorize('update', Asset::class);
        // Check if the asset maintenance exists
        if (is_null($assetMaintenance = AssetMaintenance::find($assetMaintenanceId))) {
-            // Redirect to the improvement management page
+            // Redirect to the asset maintenance management page
-            return redirect()->route('maintenances.index')
+            return redirect()->route('maintenances.index')->with('error', trans('admin/asset_maintenances/message.not_found'));
-                           ->with('error', trans('admin/asset_maintenances/message.not_found'));
+        } elseif ((!$assetMaintenance->asset) || ($assetMaintenance->asset->deleted_at!='')) {
-        } elseif (! $assetMaintenance->asset) {
+            // Redirect to the asset maintenance management page
-            return redirect()->route('maintenances.index')
+            return redirect()->route('maintenances.index')->with('error', 'asset does not exist');
                ->with('error', 'The asset associated with this maintenance does not exist.');
        } elseif (! Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
            return static::getInsufficientPermissionsRedirect();
        }
        if ($assetMaintenance->completion_date == '0000-00-00') {
            $assetMaintenance->completion_date = null;
        }
        if ($assetMaintenance->start_date == '0000-00-00') {
            $assetMaintenance->start_date = null;
        }
        if ($assetMaintenance->cost == '0.00') {
            $assetMaintenance->cost = null;
        }
        // Prepare Improvement Type List
        $assetMaintenanceType = [
@@ -203,8 +193,10 @@ class AssetMaintenancesController extends Controller
        // Check if the asset maintenance exists
        if (is_null($assetMaintenance = AssetMaintenance::find($assetMaintenanceId))) {
            // Redirect to the asset maintenance management page
-            return redirect()->route('maintenances.index')
+            return redirect()->route('maintenances.index')->with('error', trans('admin/asset_maintenances/message.not_found'));
-                           ->with('error', trans('admin/asset_maintenances/message.not_found'));
+        } elseif ((!$assetMaintenance->asset) || ($assetMaintenance->asset->deleted_at!='')) {
                // Redirect to the asset maintenance management page
                return redirect()->route('maintenances.index')->with('error', 'asset does not exist');
        } elseif (! Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
            return static::getInsufficientPermissionsRedirect();
        }
@@ -7,16 +7,16 @@ use App\Http\Requests\ImageUploadRequest;
 use App\Models\Actionlog;
 use App\Models\Asset;
 use App\Models\AssetModel;
 use App\Models\CustomField;
 use App\Models\User;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\DB;
 use Illuminate\Support\Facades\Input;
 use Illuminate\Support\Facades\View;
 use Illuminate\Support\Facades\Validator;
-use Redirect;
+use Illuminate\Http\Request;
-use Request;
+use Illuminate\Support\Facades\Storage;
 use Storage;
 use Symfony\Component\HttpFoundation\JsonResponse;
 use Illuminate\Support\Facades\Log;
 /**
 * This class controls all actions related to asset models for
@@ -66,7 +66,7 @@ class AssetModelsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
     * @param ImageUploadRequest $request
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function store(ImageUploadRequest $request)
@@ -85,7 +85,7 @@ class AssetModelsController extends Controller
        $model->category_id = $request->input('category_id');
        $model->notes = $request->input('notes');
        $model->user_id = Auth::id();
-        $model->requestable = Request::has('requestable');
+        $model->requestable = $request->has('requestable');
        if ($request->input('fieldset_id') != '') {
            $model->fieldset_id = $request->input('fieldset_id');
@@ -139,7 +139,7 @@ class AssetModelsController extends Controller
     * @since [v1.0]
     * @param ImageUploadRequest $request
     * @param int $modelId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function update(ImageUploadRequest $request, $modelId = null)
@@ -200,7 +200,7 @@ class AssetModelsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
     * @param int $modelId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function destroy($modelId)
@@ -220,7 +220,7 @@ class AssetModelsController extends Controller
            try {
                Storage::disk('public')->delete('models/'.$model->image);
            } catch (\Exception $e) {
-                \Log::info($e);
+                Log::info($e);
            }
        }
@@ -237,7 +237,7 @@ class AssetModelsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
     * @param int $id
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function getRestore($id)
@@ -288,7 +288,7 @@ class AssetModelsController extends Controller
    public function show($modelId = null)
    {
        $this->authorize('view', AssetModel::class);
-        $model = AssetModel::withTrashed()->withCount('assets')->find($modelId);
+        $model = AssetModel::withTrashed()->find($modelId);
        if (isset($model->id)) {
            return view('models/view', compact('model'));
@@ -429,7 +429,7 @@ class AssetModelsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
     * @param int $modelId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function postBulkDelete(Request $request)
    {
@@ -442,7 +442,6 @@ class AssetModelsController extends Controller
            $del_count = 0;
            foreach ($models as $model) {
                \Log::debug($model->id);
                if ($model->assets_count > 0) {
                    $del_error_count++;
@@ -452,8 +451,6 @@ class AssetModelsController extends Controller
                }
            }
            \Log::debug($del_count);
            \Log::debug($del_error_count);
            if ($del_error_count == 0) {
                return redirect()->route('models.index')
@@ -489,11 +486,11 @@ class AssetModelsController extends Controller
     * @param  array      $defaultValues
     * @return void
     */
-    private function assignCustomFieldsDefaultValues(AssetModel $model, array $defaultValues)
+    private function assignCustomFieldsDefaultValues(AssetModel $model, array $defaultValues): bool
    {
        $data = array();
        foreach ($defaultValues as $customFieldId => $defaultValue) {
-            $customField = \App\Models\CustomField::find($customFieldId);
+            $customField = CustomField::find($customFieldId);
            $data[$customField->db_column] = $defaultValue;
        }
@@ -3,26 +3,25 @@
 namespace App\Http\Controllers;
 use App\Helpers\StorageHelper;
-use App\Http\Requests\AssetFileRequest;
+use App\Http\Requests\UploadFileRequest;
 use App\Models\Actionlog;
 use App\Models\AssetModel;
 use Illuminate\Support\Facades\Response;
 use Illuminate\Support\Facades\Storage;
 use enshrined\svgSanitize\Sanitizer;
 class AssetModelsFilesController extends Controller
 {
    /**
     * Upload a file to the server.
     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param UploadFileRequest $request
     * @param AssetFileRequest $request
     * @param int $modelId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @since [v1.0]
     * @throws \Illuminate\Auth\Access\AuthorizationException
     *@since [v1.0]
     * @author [A. Gianotto] [<snipe@snipe.net>]
     */
-    public function store(AssetFileRequest $request, $modelId = null)
+    public function store(UploadFileRequest $request, $modelId = null)
    {
        if (! $model = AssetModel::find($modelId)) {
            return redirect()->route('models.index')->with('error', trans('admin/hardware/message.does_not_exist'));
@@ -37,29 +36,9 @@ class AssetModelsFilesController extends Controller
            foreach ($request->file('file') as $file) {
-                $extension = $file->getClientOriginalExtension();
+                $file_name = $request->handleFile('private_uploads/assetmodels/','model-'.$model->id,$file);
                $file_name = 'model-'.$model->id.'-'.str_random(8).'-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$extension;
-                // Check for SVG and sanitize it
+                $model->logUpload($file_name, $request->get('notes'));
                if ($extension=='svg') {
                    \Log::debug('This is an SVG');
                    $sanitizer = new Sanitizer();
                    $dirtySVG = file_get_contents($file->getRealPath());
                    $cleanSVG = $sanitizer->sanitize($dirtySVG);
                    try {
                        Storage::put('private_uploads/assetmodels/'.$file_name, $cleanSVG);
                    } catch (\Exception $e) {
                        \Log::debug('Upload no workie :( ');
                        \Log::debug($e);
                    }
                } else {
                    Storage::put('private_uploads/assetmodels/'.$file_name, file_get_contents($file));
                }
                $model->logUpload($file_name, e($request->get('notes')));
            }
            return redirect()->back()->with('success', trans('general.file_upload_success'));
@@ -91,8 +70,6 @@ class AssetModelsFilesController extends Controller
            }
            $file = 'private_uploads/assetmodels/'.$log->filename;
            \Log::debug('Checking for '.$file);
            if (! Storage::exists($file)) {
                return response('File '.$file.' not found on server', 404)
@@ -6,15 +6,20 @@ use App\Events\CheckoutableCheckedIn;
 use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Http\Requests\AssetCheckinRequest;
 use App\Http\Traits\MigratesLegacyAssetLocations;
 use App\Models\Asset;
 use App\Models\CheckoutAcceptance;
 use App\Models\LicenseSeat;
 use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Support\Facades\Auth;
-use Illuminate\Support\Facades\Redirect;
+use Illuminate\Support\Facades\Session;
 use Illuminate\Support\Facades\View;
 use Illuminate\Support\Facades\Log;
 class AssetCheckinController extends Controller
 {
    use MigratesLegacyAssetLocations;
    /**
     * Returns a view that presents a form to check an asset back into inventory.
     *
@@ -35,7 +40,17 @@ class AssetCheckinController extends Controller
        $this->authorize('checkin', $asset);
-        return view('hardware/checkin', compact('asset'))->with('statusLabel_list', Helper::statusLabelList())->with('backto', $backto);
+        // This asset is already checked in, redirect
        if (is_null($asset->assignedTo)) {
            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkin.already_checked_in'));
        }
        if (!$asset->model) {
            return redirect()->route('hardware.show', $asset->id)->with('error', trans('admin/hardware/general.model_invalid_fix'));
        }
        return view('hardware/checkin', compact('asset'))->with('statusLabel_list', Helper::statusLabelList())->with('backto', $backto)->with('table_name', 'Assets');
    }
    /**
@@ -45,7 +60,7 @@ class AssetCheckinController extends Controller
     * @param AssetCheckinRequest $request
     * @param int $assetId
     * @param null $backto
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     * @since [v1.0]
     */
@@ -60,6 +75,11 @@ class AssetCheckinController extends Controller
        if (is_null($target = $asset->assignedTo)) {
            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkin.already_checked_in'));
        }
        if (!$asset->model) {
            return redirect()->route('hardware.show', $asset->id)->with('error', trans('admin/hardware/general.model_invalid_fix'));
        }
        $this->authorize('checkin', $asset);
        if ($asset->assignedType() == Asset::USER) {
@@ -67,11 +87,9 @@ class AssetCheckinController extends Controller
        }
        $asset->expected_checkin = null;
-        $asset->last_checkout = null;
+        //$asset->last_checkout = null;
        $asset->last_checkin = now();
        $asset->assigned_to = null;
        $asset->assignedTo()->disassociate($asset);
        $asset->assigned_type = null;
        $asset->accepted = null;
        $asset->name = $request->get('name');
@@ -79,29 +97,12 @@ class AssetCheckinController extends Controller
            $asset->status_id = e($request->get('status_id'));
        }
-        // This is just meant to correct legacy issues where some user data would have 0
+        $this->migrateLegacyLocations($asset);
        // as a location ID, which isn't valid. Later versions of Snipe-IT have stricter validation
        // rules, so it's necessary to fix this for long-time users. It's kinda gross, but will help
        // people (and their data) in the long run
        if ($asset->rtd_location_id == '0') {
            \Log::debug('Manually override the RTD location IDs');
            \Log::debug('Original RTD Location ID: '.$asset->rtd_location_id);
            $asset->rtd_location_id = '';
            \Log::debug('New RTD Location ID: '.$asset->rtd_location_id);
        }
        if ($asset->location_id == '0') {
            \Log::debug('Manually override the location IDs');
            \Log::debug('Original Location ID: '.$asset->location_id);
            $asset->location_id = '';
            \Log::debug('New Location ID: '.$asset->location_id);
        }
        $asset->location_id = $asset->rtd_location_id;
        if ($request->filled('location_id')) {
-            \Log::debug('NEW Location ID: '.$request->get('location_id'));
+            Log::debug('NEW Location ID: '.$request->get('location_id'));
            $asset->location_id = $request->get('location_id');
            if ($request->get('update_default_location') == 0){
@@ -117,12 +118,9 @@ class AssetCheckinController extends Controller
            $checkin_at = $request->get('checkin_at');
        }
-        if(!empty($asset->licenseseats->all())){
+        $asset->licenseseats->each(function (LicenseSeat $seat) {
-            foreach ($asset->licenseseats as $seat){
+            $seat->update(['assigned_to' => null]);
-                $seat->assigned_to = null;
+        });
                $seat->save();
            }
        }
        // Get all pending Acceptances for this asset and delete them
        $acceptances = CheckoutAcceptance::pending()->whereHasMorph('checkoutable',
@@ -134,15 +132,12 @@ class AssetCheckinController extends Controller
            $acceptance->delete();
        });
        Session::put('redirect_option', $request->get('redirect_option'));
        // Was the asset updated?
        if ($asset->save()) {
            event(new CheckoutableCheckedIn($asset, $target, Auth::user(), $request->input('note'), $checkin_at, $originalValues));
-
+            return Helper::getRedirectOption($asset, $assetId, 'Assets');
            if ((isset($user)) && ($backto == 'user')) {
                return redirect()->route('users.show', $user->id)->with('success', trans('admin/hardware/message.checkin.success'));
            }
            return redirect()->route('hardware.index')->with('success', trans('admin/hardware/message.checkin.success'));
        }
        // Redirect to the asset management page with error
        return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkin.error').$asset->getErrors());
@@ -10,6 +10,7 @@ use App\Http\Requests\AssetCheckoutRequest;
 use App\Models\Asset;
 use Illuminate\Database\Eloquent\ModelNotFoundException;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Session;
 class AssetCheckoutController extends Controller
 {
@@ -33,11 +34,17 @@ class AssetCheckoutController extends Controller
        $this->authorize('checkout', $asset);
        if (!$asset->model) {
            return redirect()->route('hardware.show', $asset->id)->with('error', trans('admin/hardware/general.model_invalid_fix'));
        }
        if ($asset->availableForCheckout()) {
            return view('hardware/checkout', compact('asset'))
-                ->with('statusLabel_list', Helper::deployableStatusLabelList());
+                ->with('statusLabel_list', Helper::deployableStatusLabelList())
                ->with('table_name', 'Assets');
        }
        return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkout.not_available'));
    }
@@ -47,7 +54,7 @@ class AssetCheckoutController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param AssetCheckoutRequest $request
     * @param int $assetId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @since [v1.0]
     */
    public function store(AssetCheckoutRequest $request, $assetId)
@@ -60,9 +67,14 @@ class AssetCheckoutController extends Controller
                return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkout.not_available'));
            }
            $this->authorize('checkout', $asset);
            if (!$asset->model) {
                return redirect()->route('hardware.show', $asset->id)->with('error', trans('admin/hardware/general.model_invalid_fix'));
            }
            $admin = Auth::user();
-            $target = $this->determineCheckoutTarget($asset);
+            $target = $this->determineCheckoutTarget();
            $asset = $this->updateAssetLocation($asset, $target);
@@ -97,11 +109,12 @@ class AssetCheckoutController extends Controller
                    return redirect()->to("hardware/$assetId/checkout")->with('error', trans('general.error_user_company'));
                }
            }
            if ($asset->checkOut($target, $admin, $checkout_at, $expected_checkin, $request->get('note'), $request->get('name'))) {
                return redirect()->route('hardware.index')->with('success', trans('admin/hardware/message.checkout.success'));
            }
                Session::put(['redirect_option' => $request->get('redirect_option'), 'checkout_to_type' => $request->get('checkout_to_type')]);
            if ($asset->checkOut($target, $admin, $checkout_at, $expected_checkin, $request->get('note'), $request->get('name'))) {
                return Helper::getRedirectOption($request, $assetId, 'Assets');
            }
            // Redirect to the asset management page with error
            return redirect()->to("hardware/$assetId/checkout")->with('error', trans('admin/hardware/message.checkout.error').$asset->getErrors());
        } catch (ModelNotFoundException $e) {
@@ -4,26 +4,25 @@ namespace App\Http\Controllers\Assets;
 use App\Helpers\StorageHelper;
 use App\Http\Controllers\Controller;
-use App\Http\Requests\AssetFileRequest;
+use App\Http\Requests\UploadFileRequest;
 use App\Models\Actionlog;
 use App\Models\Asset;
 use Illuminate\Support\Facades\Response;
 use Illuminate\Support\Facades\Storage;
 use enshrined\svgSanitize\Sanitizer;
 class AssetFilesController extends Controller
 {
    /**
     * Upload a file to the server.
     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param UploadFileRequest $request
     * @param AssetFileRequest $request
     * @param int $assetId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @since [v1.0]
     * @throws \Illuminate\Auth\Access\AuthorizationException
     *@since [v1.0]
     * @author [A. Gianotto] [<snipe@snipe.net>]
     */
-    public function store(AssetFileRequest $request, $assetId = null)
+    public function store(UploadFileRequest $request, $assetId = null)
    {
        if (! $asset = Asset::find($assetId)) {
            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
@@ -37,30 +36,9 @@ class AssetFilesController extends Controller
            }
            foreach ($request->file('file') as $file) {
-
+                $file_name = $request->handleFile('private_uploads/assets/','hardware-'.$asset->id, $file);
                $extension = $file->getClientOriginalExtension();
                $file_name = 'hardware-'.$asset->id.'-'.str_random(8).'-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$extension;
                // Check for SVG and sanitize it
                if ($extension=='svg') {
                    \Log::debug('This is an SVG');
                        $sanitizer = new Sanitizer();
                        $dirtySVG = file_get_contents($file->getRealPath());
                        $cleanSVG = $sanitizer->sanitize($dirtySVG);
                        try {
                            Storage::put('private_uploads/assets/'.$file_name, $cleanSVG);
                        } catch (\Exception $e) {
                            \Log::debug('Upload no workie :( ');
                            \Log::debug($e);
                        }
                } else {
                Storage::put('private_uploads/assets/'.$file_name, file_get_contents($file));
                }
-                $asset->logUpload($file_name, e($request->get('notes')));
+                $asset->logUpload($file_name, $request->get('notes'));
            }
            return redirect()->back()->with('success', trans('admin/hardware/message.upload.success'));
@@ -92,7 +70,6 @@ class AssetFilesController extends Controller
            }
            $file = 'private_uploads/assets/'.$log->filename;
            \Log::debug('Checking for '.$file);
            if ($log->action_type == 'audit') {
                $file = 'private_uploads/audits/'.$log->filename;
@@ -6,7 +6,7 @@ use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Http\Requests\ImageUploadRequest;
 use App\Models\Actionlog;
-use App\Models\Manufacturer;
+use App\Http\Requests\UploadFileRequest;
 use Illuminate\Support\Facades\Log;
 use App\Models\Asset;
 use App\Models\AssetModel;
@@ -96,12 +96,16 @@ class AssetsController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function store(ImageUploadRequest $request)
    {
        $this->authorize(Asset::class);
        // There are a lot more rules to add here but prevents
        // errors around `asset_tags` not being present below.
        $this->validate($request, ['asset_tags' => ['required', 'array']]);
        // Handle asset tags - there could be one, or potentially many.
        // This is only necessary on create, not update, since bulk editing is handled
        // differently
@@ -146,7 +150,8 @@ class AssetsController extends Controller
                $asset->next_audit_date = Carbon::now()->addMonths($settings->audit_interval)->toDateString();
            }
-            if ($asset->assigned_to == '') {
+            // Set location_id to rtd_location_id ONLY if the asset isn't being checked out
            if (!request('assigned_user') && !request('assigned_asset') && !request('assigned_location')) {
                $asset->location_id = $request->input('rtd_location_id', null);
            }
@@ -155,29 +160,7 @@ class AssetsController extends Controller
                $asset = $request->handleImages($asset);
            }
-            // Update custom fields in the database.
+            $asset = $asset->handleCustomFieldsForStoring($request);
            // Validation for these fields is handled through the AssetRequest form request
            $model = AssetModel::find($request->get('model_id'));
            if (($model) && ($model->fieldset)) {
                foreach ($model->fieldset->fields as $field) {
                    if ($field->field_encrypted == '1') {
                        if (Gate::allows('admin')) {
                            if (is_array($request->input($field->db_column))) {
                                $asset->{$field->db_column} = Crypt::encrypt(implode(', ', $request->input($field->db_column)));
                            } else {
                                $asset->{$field->db_column} = Crypt::encrypt($request->input($field->db_column));
                            }
                        }
                    } else {
                        if (is_array($request->input($field->db_column))) {
                            $asset->{$field->db_column} = implode(', ', $request->input($field->db_column));
                        } else {
                            $asset->{$field->db_column} = $request->input($field->db_column);
                        }
                    }
                }
            }
            // Validate the asset before saving
            if ($asset->isValid() && $asset->save()) {
@@ -202,7 +185,7 @@ class AssetsController extends Controller
        }
        if ($success) {
-            \Log::debug(e($asset->asset_tag));
+            Log::debug(e($asset->asset_tag));
            return redirect()->route('hardware.index')
                ->with('success-unescaped', trans('admin/hardware/message.create.success_linked', ['link' => route('hardware.show', $asset->id), 'id', 'tag' => e($asset->asset_tag)]));
@@ -288,7 +271,7 @@ class AssetsController extends Controller
     *
     * @param int $assetId
     * @return \Illuminate\Http\RedirectResponse|Redirect
-     *@since [v1.0]
+     * @since [v1.0]
     * @author [A. Gianotto] [<snipe@snipe.net>]
     */
    public function update(ImageUploadRequest $request, $assetId = null)
@@ -303,7 +286,8 @@ class AssetsController extends Controller
        $asset->status_id = $request->input('status_id', null);
        $asset->warranty_months = $request->input('warranty_months', null);
        $asset->purchase_cost = $request->input('purchase_cost', null);
-        $asset->purchase_date = $request->input('purchase_date', null); 
+        $asset->purchase_date = $request->input('purchase_date', null);
        $asset->next_audit_date = $request->input('next_audit_date', null);
        if ($request->filled('purchase_date') && !$request->filled('asset_eol_date') && ($asset->model->eol > 0)) {
            $asset->purchase_date = $request->input('purchase_date', null); 
            $asset->asset_eol_date = Carbon::parse($request->input('purchase_date'))->addMonths($asset->model->eol)->format('Y-m-d');
@@ -364,32 +348,7 @@ class AssetsController extends Controller
        $asset->notes = $request->input('notes');
        $asset = $request->handleImages($asset);
-
+        $asset = $asset->handleCustomFieldsForStoring($request);
        // Update custom fields in the database.
        // Validation for these fields is handlded through the AssetRequest form request
        // FIXME: No idea why this is returning a Builder error on db_column_name.
        // Need to investigate and fix. Using static method for now.
        $model = AssetModel::find($request->get('model_id'));
        if (($model) && ($model->fieldset)) {
            foreach ($model->fieldset->fields as $field) {
                if ($field->field_encrypted == '1') {
                    if (Gate::allows('admin')) {
                        if (is_array($request->input($field->db_column))) {
                            $asset->{$field->db_column} = Crypt::encrypt(implode(', ', $request->input($field->db_column)));
                        } else {
                            $asset->{$field->db_column} = Crypt::encrypt($request->input($field->db_column));
                        }
                    }
                } else {
                    if (is_array($request->input($field->db_column))) {
                        $asset->{$field->db_column} = implode(', ', $request->input($field->db_column));
                    } else {
                        $asset->{$field->db_column} = $request->input($field->db_column);
                    }
                }
            }
        }
        if ($asset->save()) {
            return redirect()->route('hardware.show', $assetId)
@@ -405,7 +364,7 @@ class AssetsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param int $assetId
     * @since [v1.0]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function destroy($assetId)
    {
@@ -439,7 +398,7 @@ class AssetsController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v3.0]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function getAssetBySerial(Request $request)
    {
@@ -457,7 +416,7 @@ class AssetsController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v3.0]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function getAssetByTag(Request $request, $tag=null)
    {
@@ -521,31 +480,33 @@ class AssetsController extends Controller
    public function getBarCode($assetId = null)
    {
        $settings = Setting::getSettings();
-        $asset = Asset::find($assetId);
+        if ($asset = Asset::withTrashed()->find($assetId)) {
-        $barcode_file = public_path().'/uploads/barcodes/'.str_slug($settings->alt_barcode).'-'.str_slug($asset->asset_tag).'.png';
+            $barcode_file = public_path().'/uploads/barcodes/'.str_slug($settings->alt_barcode).'-'.str_slug($asset->asset_tag).'.png';
-        if (isset($asset->id, $asset->asset_tag)) {
+            if (isset($asset->id, $asset->asset_tag)) {
-            if (file_exists($barcode_file)) {
+                if (file_exists($barcode_file)) {
-                $header = ['Content-type' => 'image/png'];
+                    $header = ['Content-type' => 'image/png'];
-                return response()->file($barcode_file, $header);
+                    return response()->file($barcode_file, $header);
-            } else {
+                } else {
-                // Calculate barcode width in pixel based on label width (inch)
+                    // Calculate barcode width in pixel based on label width (inch)
-                $barcode_width = ($settings->labels_width - $settings->labels_display_sgutter) * 200.000000000001;
+                    $barcode_width = ($settings->labels_width - $settings->labels_display_sgutter) * 200.000000000001;
-                $barcode = new \Com\Tecnick\Barcode\Barcode();
+                    $barcode = new \Com\Tecnick\Barcode\Barcode();
-                try {
+                    try {
-                    $barcode_obj = $barcode->getBarcodeObj($settings->alt_barcode, $asset->asset_tag, ($barcode_width < 300 ? $barcode_width : 300), 50);
+                        $barcode_obj = $barcode->getBarcodeObj($settings->alt_barcode, $asset->asset_tag, ($barcode_width < 300 ? $barcode_width : 300), 50);
-                    file_put_contents($barcode_file, $barcode_obj->getPngData());
+                        file_put_contents($barcode_file, $barcode_obj->getPngData());
-                    return response($barcode_obj->getPngData())->header('Content-type', 'image/png');
+                        return response($barcode_obj->getPngData())->header('Content-type', 'image/png');
-                } catch (\Exception $e) {
+                    } catch (\Exception $e) {
-                    Log::debug('The barcode format is invalid.');
+                        Log::debug('The barcode format is invalid.');
-                    return response(file_get_contents(public_path('uploads/barcodes/invalid_barcode.gif')))->header('Content-type', 'image/gif');
+                        return response(file_get_contents(public_path('uploads/barcodes/invalid_barcode.gif')))->header('Content-type', 'image/gif');
                    }
                }
            }
        }
        return null;
    }
    /**
@@ -734,11 +695,11 @@ class AssetsController extends Controller
                        if ($isCheckinHeaderExplicit) {
-                            //if checkin date header exists, assume that empty or future date is still checked out
+                            // if checkin date header exists, assume that empty or future date is still checked out
-                            //if checkin is before todays date, assume it's checked in and do not assign user ID, if checkin date is in the future or blank, this is the expected checkin date, items is checked out
+                            // if checkin is before today's date, assume it's checked in and do not assign user ID, if checkin date is in the future or blank, this is the expected checkin date, items are checked out
-                            if ((strtotime($checkin_date) > strtotime(Carbon::now())) || (empty($checkin_date))
+                            if ((strtotime($checkin_date) > strtotime(Carbon::now())) || (empty($checkin_date)))
-                            ) {
+                            {
                                //only do this if item is checked out
                                $asset->assigned_to = $user->id;
                                $asset->assigned_type = User::class;
@@ -847,15 +808,15 @@ class AssetsController extends Controller
        return view('hardware/audit-due');
    }
-    public function overdueForAudit()
+    public function dueForCheckin()
    {
-        $this->authorize('audit', Asset::class);
+        $this->authorize('checkin', Asset::class);
-        return view('hardware/audit-overdue');
+        return view('hardware/checkin-due');
    }
-    public function auditStore(Request $request, $id)
+    public function auditStore(UploadFileRequest $request, $id)
    {
        $this->authorize('audit', Asset::class);
@@ -872,7 +833,21 @@ class AssetsController extends Controller
        $asset = Asset::findOrFail($id);
-        // We don't want to log this as a normal update, so let's bypass that
+        /**
         * Even though we do a save() further down, we don't want to log this as a "normal" asset update,
         * which would trigger the Asset Observer and would log an asset *update* log entry (because the
         * de-normed fields like next_audit_date on the asset itself will change on save()) *in addition* to
         * the audit log entry we're creating through this controller.
         *
         * To prevent this double-logging (one for update and one for audit), we skip the observer and bypass
         * that de-normed update log entry by using unsetEventDispatcher(), BUT invoking unsetEventDispatcher()
         * will bypass normal model-level validation that's usually handled at the observer )
         *
         * We handle validation on the save() by checking if the asset is valid via the ->isValid() method,
         * which manually invokes Watson Validating to make sure the asset's model is valid.
         *
         * @see \App\Observers\AssetObserver::updating()
         */
        $asset->unsetEventDispatcher();
        $asset->next_audit_date = $request->input('next_audit_date');
@@ -881,29 +856,27 @@ class AssetsController extends Controller
        // Check to see if they checked the box to update the physical location,
        // not just note it in the audit notes
        if ($request->input('update_location') == '1') {
            Log::debug('update location in audit');
            $asset->location_id = $request->input('location_id');
        }
        /**
         * Invoke Watson Validating to check the asset itself and check to make sure it saved correctly.
         * We have to invoke this manually because of the unsetEventDispatcher() above.)
         */
        if ($asset->isValid() && $asset->save()) {
-        if ($asset->save()) {
+            $file_name = null;
-            $file_name = '';
+            // Create the image (if one was chosen.)
            // Upload an image, if attached
            if ($request->hasFile('image')) {
-                $path = 'private_uploads/audits';
+                $file_name = $request->handleFile('private_uploads/audits/', 'audit-'.$asset->id, $request->file('image'));
                if (! Storage::exists($path)) {
                    Storage::makeDirectory($path, 775);
                }
                $upload = $image = $request->file('image');
                $ext = $image->getClientOriginalExtension();
                $file_name = 'audit-'.str_random(18).'.'.$ext;
                Storage::putFileAs($path, $upload, $file_name);
            }
            $asset->logAudit($request->input('note'), $request->input('location_id'), $file_name);
            return redirect()->route('assets.audit.due')->with('success', trans('admin/hardware/message.audit.success'));
        }
        return redirect()->back()->withInput()->withErrors($asset->getErrors());
    }
    public function getRequestedIndex($user_id = null)
@@ -13,7 +13,10 @@ use App\Models\Setting;
 use App\View\Label;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Crypt;
 use Illuminate\Support\Facades\DB;
 use Illuminate\Support\Facades\Gate;
 use Illuminate\Support\Facades\Log;
 use Illuminate\Support\Facades\Session;
 use App\Http\Requests\AssetCheckoutRequest;
 use App\Models\CustomField;
@@ -93,6 +96,59 @@ class BulkAssetsController extends Controller
        $assets = Asset::with('assignedTo', 'location', 'model')->whereIn('assets.id', $asset_ids);
        $assets = $assets->get();
        if ($assets->isEmpty()) {
            Log::debug('No assets were found for the provided IDs', ['ids' => $asset_ids]);
            return redirect()->back()->with('error', trans('admin/hardware/message.update.assets_do_not_exist_or_are_invalid'));
        }
        $models = $assets->unique('model_id');
        $modelNames = [];
        foreach($models as $model) {
            $modelNames[] = $model->model->name;
        }
        if ($request->filled('bulk_actions')) {
            switch ($request->input('bulk_actions')) {
                case 'labels':
                    $this->authorize('view', Asset::class);
                    return (new Label)
                        ->with('assets', $assets)
                        ->with('settings', Setting::getSettings())
                        ->with('bulkedit', true)
                        ->with('count', 0);
                case 'delete':
                    $this->authorize('delete', Asset::class);
                    $assets->each(function ($assets) {
                        $this->authorize('delete', $assets);
                    });
                    return view('hardware/bulk-delete')->with('assets', $assets);
                case 'restore':
                    $this->authorize('update', Asset::class);
                    $assets = Asset::withTrashed()->find($asset_ids);
                    $assets->each(function ($asset) {
                        $this->authorize('delete', $asset);
                    });
                    return view('hardware/bulk-restore')->with('assets', $assets);
                case 'edit':
                    $this->authorize('update', Asset::class);
                    return view('hardware/bulk')
                        ->with('assets', $asset_ids)
                        ->with('statuslabel_list', Helper::statusLabelList())
                        ->with('models', $models->pluck(['model']))
                        ->with('modelNames', $modelNames);
            }
        }
        switch ($sort_override) {
            case 'model':
                $assets->OrderModels($order);
@@ -128,54 +184,6 @@ class BulkAssetsController extends Controller
                break;
        }
        $assets = $assets->get();
        $models = $assets->unique('model_id');
        $modelNames = [];
        foreach($models as $model) {
            $modelNames[] = $model->model->name;
        }
        if ($request->filled('bulk_actions')) {
            switch ($request->input('bulk_actions')) {
                case 'labels':
                    $this->authorize('view', Asset::class);
                    return (new Label)
                        ->with('assets', $assets)
                        ->with('settings', Setting::getSettings())
                        ->with('bulkedit', true)
                        ->with('count', 0);
                case 'delete':
                    $this->authorize('delete', Asset::class);
                    $assets->each(function ($assets) {
                        $this->authorize('delete', $assets);
                    });
                    return view('hardware/bulk-delete')->with('assets', $assets);
                case 'restore':
                    $this->authorize('update', Asset::class);
                    $assets = Asset::withTrashed()->find($asset_ids);
                    $assets->each(function ($asset) {
                        $this->authorize('delete', $asset);
                    });
                    return view('hardware/bulk-restore')->with('assets', $assets);
                case 'edit':
                    $this->authorize('update', Asset::class);
                    return view('hardware/bulk')
                        ->with('assets', $asset_ids)
                        ->with('statuslabel_list', Helper::statusLabelList())
                        ->with('models', $models->pluck(['model']))
                        ->with('modelNames', $modelNames);
            }
        }
        return redirect()->back()->with('error', 'No action selected');
    }
@@ -183,7 +191,6 @@ class BulkAssetsController extends Controller
     * Save bulk edits
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @return Redirect
     * @internal param array $assets
     * @since [v2.0]
     */
@@ -208,7 +215,7 @@ class BulkAssetsController extends Controller
        }
-        $assets = Asset::whereIn('id', array_keys($request->input('ids')))->get();
+        $assets = Asset::whereIn('id', $request->input('ids'))->get();
@@ -373,28 +380,30 @@ class BulkAssetsController extends Controller
                    foreach ($asset->model->fieldset->fields as $field) {
                        if ((array_key_exists($field->db_column, $this->update_array)) && ($field->field_encrypted == '1')) {
-                            $decrypted_old = Helper::gracefulDecrypt($field, $asset->{$field->db_column});
+                            if (Gate::allows('admin')) {
                                $decrypted_old = Helper::gracefulDecrypt($field, $asset->{$field->db_column});
                            /*
                             * Check if the decrypted existing value is different from one we just submitted
                             * and if not, pull it out of the object since it shouldn't really be updating at all.
                             * If we don't do this, it will try to re-encrypt it, and the same value encrypted two
                             * different times will have different values, so it will *look* like it was updated
                             * but it wasn't.
                             */
                            if ($decrypted_old != $this->update_array[$field->db_column]) {
                                $asset->{$field->db_column} = \Crypt::encrypt($this->update_array[$field->db_column]);
                            } else {
                                /*
-                                 * Remove the encrypted custom field from the update_array, since nothing changed
+                                 * Check if the decrypted existing value is different from one we just submitted
                                 * and if not, pull it out of the object since it shouldn't really be updating at all.
                                 * If we don't do this, it will try to re-encrypt it, and the same value encrypted two
                                 * different times will have different values, so it will *look* like it was updated
                                 * but it wasn't.
                                 */
-                                unset($this->update_array[$field->db_column]);
+                                if ($decrypted_old != $this->update_array[$field->db_column]) {
-                                unset($asset->{$field->db_column});
+                                    $asset->{$field->db_column} = Crypt::encrypt($this->update_array[$field->db_column]);
-                            }
+                                } else {
                                    /*
                                     * Remove the encrypted custom field from the update_array, since nothing changed
                                     */
                                    unset($this->update_array[$field->db_column]);
                                    unset($asset->{$field->db_column});
                                }
-                            /*
+                                /*
-                             * These custom fields aren't encrypted, just carry on as usual
+                                 * These custom fields aren't encrypted, just carry on as usual
-                             */
+                                 */
                            }
                        } else {
                            if ((array_key_exists($field->db_column, $this->update_array)) && ($asset->{$field->db_column} != $this->update_array[$field->db_column])) {
@@ -5,7 +5,7 @@ namespace App\Http\Controllers\Auth;
 use App\Http\Controllers\Controller;
 use Illuminate\Foundation\Auth\SendsPasswordResetEmails;
 use Illuminate\Http\Request;
-
+use Illuminate\Support\Facades\Log;
 class ForgotPasswordController extends Controller
 {
    /*
@@ -79,16 +79,16 @@ class ForgotPasswordController extends Controller
                )
            );
        } catch(\Exception $e) {
-            \Log::info('Password reset attempt: User '.$request->input('username').'failed with exception: '.$e );
+            Log::info('Password reset attempt: User '.$request->input('username').'failed with exception: '.$e );
        }
        // Prevent timing attack to enumerate users.
        usleep(500000 + random_int(0, 1500000));
        if ($response === \Password::RESET_LINK_SENT) {
-            \Log::info('Password reset attempt: User '.$request->input('username').' WAS found, password reset sent');
+            Log::info('Password reset attempt: User '.$request->input('username').' WAS found, password reset sent');
        } else {
-            \Log::info('Password reset attempt: User matching username '.$request->input('username').' NOT FOUND or user is inactive');
+            Log::info('Password reset attempt: User matching username '.$request->input('username').' NOT FOUND or user is inactive');
        }
        /**
@@ -16,7 +16,7 @@ use Illuminate\Support\Carbon;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Session;
 use Illuminate\Support\Facades\Validator;
-use Log;
+use Illuminate\Support\Facades\Log;
 use Redirect;
 /**
@@ -122,7 +122,7 @@ class LoginController extends Controller
                    Auth::login($user);
                } else {
                    $username = $saml->getUsername();
-                    \Log::debug("SAML user '$username' could not be found in database.");
+                    Log::debug("SAML user '$username' could not be found in database.");
                    $request->session()->flash('error', trans('auth/message.signin.error'));
                    $saml->clearData();
                }
@@ -137,7 +137,7 @@ class LoginController extends Controller
                $s->save();
            } catch (\Exception $e) {
-                \Log::debug('There was an error authenticating the SAML user: '.$e->getMessage());
+                Log::debug('There was an error authenticating the SAML user: '.$e->getMessage());
                throw $e;
            }
@@ -146,7 +146,7 @@ class LoginController extends Controller
            // Better logging
            if (empty($samlData)) {
-                \Log::debug("SAML page requested, but samlData seems empty.");
+                Log::debug("SAML page requested, but samlData seems empty.");
            }
        }
@@ -261,19 +261,19 @@ class LoginController extends Controller
    /**
     * Account sign in form processing.
     *
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function login(Request $request)
    {
        //If the environment is set to ALWAYS require SAML, return access denied
        if (config('app.require_saml')) {
-            \Log::debug('require SAML is enabled in the .env - return a 403');
+            Log::debug('require SAML is enabled in the .env - return a 403');
            return view('errors.403');
        }
        if (Setting::getSettings()->login_common_disabled == '1') {
-            \Log::debug('login_common_disabled is set to 1 - return a 403');
+            Log::debug('login_common_disabled is set to 1 - return a 403');
            return view('errors.403');
        }
@@ -339,7 +339,7 @@ class LoginController extends Controller
    /**
     * Two factor enrollment page
     *
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function getTwoFactorEnroll()
    {
@@ -389,7 +389,7 @@ class LoginController extends Controller
    /**
     * Two factor code form page
     *
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function getTwoFactorAuth()
    {
@@ -415,7 +415,7 @@ class LoginController extends Controller
     *
     * @param Request $request
     *
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function postTwoFactorAuth(Request $request)
    {
@@ -427,10 +427,6 @@ class LoginController extends Controller
            return redirect()->route('two-factor')->with('error', trans('auth/message.two_factor.code_required'));
        }
        if (! $request->has('two_factor_secret')) { // TODO this seems almost the same as above?
            return redirect()->route('two-factor')->with('error', 'Two-factor code is required.');
        }
        $user = Auth::user();
        $secret = $request->input('two_factor_secret');
@@ -439,7 +435,7 @@ class LoginController extends Controller
            $user->saveQuietly();
            $request->session()->put('2fa_authed', $user->id);
-            return redirect()->route('home')->with('success', 'You are logged in!');
+            return redirect()->route('home')->with('success', trans('auth/message.signin.success'));
        }
        return redirect()->route('two-factor')->with('error', trans('auth/message.two_factor.invalid_code'));
@@ -451,7 +447,7 @@ class LoginController extends Controller
     *
     * @param Request $request
     *
-     * @return Redirect
+     * @return Illuminate\Http\RedirectResponse
     */
    public function logout(Request $request)
    {
@@ -537,7 +533,7 @@ class LoginController extends Controller
        $minutes = round($seconds / 60);
-        $message = \Lang::get('auth/message.throttle', ['minutes' => $minutes]);
+        $message = trans('auth/message.throttle', ['minutes' => $minutes]);
        return redirect()->back()
            ->withInput($request->only($this->username(), 'remember'))
@@ -7,7 +7,7 @@ use App\Models\Setting;
 use App\Models\User;
 use Illuminate\Foundation\Auth\ResetsPasswords;
 use Illuminate\Http\Request;
-
+use Illuminate\Support\Facades\Log;
 class ResetPasswordController extends Controller
 {
@@ -66,7 +66,7 @@ class ResetPasswordController extends Controller
        $credentials =  $request->only('email', 'token');
        if (is_null($this->broker()->getUser($credentials))) {
-            \Log::debug('Password reset form FAILED - this token is not valid.');
+            Log::debug('Password reset form FAILED - this token is not valid.');
            return redirect()->route('password.request')->with('error', trans('passwords.token'));
        }
@@ -89,10 +89,10 @@ class ResetPasswordController extends Controller
        $request->validate($this->rules(), $request->all(), $this->validationErrorMessages());
-        \Log::debug('Checking if '.$request->input('username').' exists');
+        Log::debug('Checking if '.$request->input('username').' exists');
        // Check to see if the user even exists - we'll treat the response the same to prevent user sniffing
        if ($user = User::where('username', '=', $request->input('username'))->where('activated', '1')->whereNotNull('email')->first()) {
-            \Log::debug($user->username.' exists');
+            Log::debug($user->username.' exists');
            // handle the password validation rules set by the admin settings
@@ -112,17 +112,17 @@ class ResetPasswordController extends Controller
            // Check if the password reset above actually worked
            if ($response == \Password::PASSWORD_RESET) {
-                \Log::debug('Password reset for '.$user->username.' worked');
+                Log::debug('Password reset for '.$user->username.' worked');
                return redirect()->guest('login')->with('success', trans('passwords.reset'));
            }
-            \Log::debug('Password reset for '.$user->username.' FAILED - this user exists but the token is not valid');
+            Log::debug('Password reset for '.$user->username.' FAILED - this user exists but the token is not valid');
            return redirect()->back()->withInput($request->only('email'))->with('success', trans('passwords.reset'));
        }
-        \Log::debug('Password reset for '.$request->input('username').' FAILED - user does not exist or does not have an email address - but make it look like it succeeded');
+        Log::debug('Password reset for '.$request->input('username').' FAILED - user does not exist or does not have an email address - but make it look like it succeeded');
        return redirect()->guest('login')->with('success', trans('passwords.reset'));
    }
@@ -5,7 +5,7 @@ namespace App\Http\Controllers\Auth;
 use App\Http\Controllers\Controller;
 use App\Services\Saml;
 use Illuminate\Http\Request;
-use Log;
+use Illuminate\Support\Facades\Log;
 /**
 * This controller provides the endpoint for SAML communication and metadata.
@@ -51,7 +51,7 @@ class SamlController extends Controller
        $metadata = $this->saml->getSPMetadata();
        if (empty($metadata)) {
-            \Log::debug('SAML metadata is empty - return a 403');
+            Log::debug('SAML metadata is empty - return a 403');
            return response()->view('errors.403', [], 403);
        }
@@ -71,7 +71,7 @@ class SamlController extends Controller
     *
     * @param Request $request
     *
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function login(Request $request)
    {
@@ -93,7 +93,7 @@ class SamlController extends Controller
     *
     * @param Request $request
     *
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function acs(Request $request)
    {
@@ -126,7 +126,7 @@ class SamlController extends Controller
     *
     * @param Request $request
     *
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function sls(Request $request)
    {
@@ -105,7 +105,7 @@ class BulkAssetModelsController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function destroy(Request $request)
    {
@@ -5,7 +5,7 @@ namespace App\Http\Controllers;
 use App\Helpers\Helper;
 use App\Http\Requests\ImageUploadRequest;
 use App\Models\Category as Category;
-use Auth;
+use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Storage;
 use Str;
@@ -6,6 +6,7 @@ use App\Http\Requests\ImageUploadRequest;
 use App\Models\Company;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Facades\Log;
 /**
 * This controller handles all actions related to Companies for
@@ -154,7 +155,7 @@ final class CompaniesController extends Controller
            try {
                Storage::disk('public')->delete('companies'.'/'.$company->image);
            } catch (\Exception $e) {
-                \Log::debug($e);
+                Log::debug($e);
            }
        }
@@ -11,6 +11,7 @@ use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Input;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Facades\Validator;
 use Illuminate\Support\Facades\Log;
 /**
 * This class controls all actions related to Components for
@@ -188,7 +189,7 @@ class ComponentsController extends Controller
            try {
                Storage::disk('public')->delete('components/'.$component->image);
            } catch (\Exception $e) {
-                \Log::debug($e);
+                Log::debug($e);
            }
        }
@@ -4,28 +4,28 @@ namespace App\Http\Controllers\Components;
 use App\Helpers\StorageHelper;
 use App\Http\Controllers\Controller;
-use App\Http\Requests\AssetFileRequest;
+use App\Http\Requests\UploadFileRequest;
 use App\Models\Actionlog;
 use App\Models\Component;
 use Illuminate\Support\Facades\Response;
 use Illuminate\Support\Facades\Storage;
 use Symfony\Component\HttpFoundation\JsonResponse;
-use enshrined\svgSanitize\Sanitizer;
+use Illuminate\Support\Facades\Log;
 class ComponentsFilesController extends Controller
 {
    /**
     * Validates and stores files associated with a component.
     *
-     * @todo Switch to using the AssetFileRequest form request validator.
+     * @param UploadFileRequest $request
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
     * @param AssetFileRequest $request
     * @param int $componentId
     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     *@author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
     * @todo Switch to using the AssetFileRequest form request validator.
     */
-    public function store(AssetFileRequest $request, $componentId = null)
+    public function store(UploadFileRequest $request, $componentId = null)
    {
        if (config('app.lock_passwords')) {
@@ -43,30 +43,7 @@ class ComponentsFilesController extends Controller
                }
                foreach ($request->file('file') as $file) {
-
+                    $file_name = $request->handleFile('private_uploads/components/','component-'.$component->id, $file);
                    $extension = $file->getClientOriginalExtension();
                    $file_name = 'component-'.$component->id.'-'.str_random(8).'-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$extension;
                    // Check for SVG and sanitize it
                    if ($extension == 'svg') {
                        \Log::debug('This is an SVG');
                        \Log::debug($file_name);
                        $sanitizer = new Sanitizer();
                        $dirtySVG = file_get_contents($file->getRealPath());
                        $cleanSVG = $sanitizer->sanitize($dirtySVG);
                        try {
                            Storage::put('private_uploads/components/'.$file_name, $cleanSVG);
                        } catch (\Exception $e) {
                            \Log::debug('Upload no workie :( ');
                            \Log::debug($e);
                        }
                    } else {
                        Storage::put('private_uploads/components/'.$file_name, file_get_contents($file));
                    }
                    //Log the upload to the log
                    $component->logUpload($file_name, e($request->input('notes')));
@@ -108,7 +85,7 @@ class ComponentsFilesController extends Controller
                try {
                    Storage::delete('components/'.$log->filename);
                } catch (\Exception $e) {
-                    \Log::debug($e);
+                    Log::debug($e);
                }
            }
@@ -134,7 +111,7 @@ class ComponentsFilesController extends Controller
     */
    public function show($componentId = null, $fileId = null)
    {
-        \Log::debug('Private filesystem is: '.config('filesystems.default'));
+        Log::debug('Private filesystem is: '.config('filesystems.default'));
        $component = Component::find($componentId);
        // the component is valid
@@ -150,8 +127,8 @@ class ComponentsFilesController extends Controller
            $file = 'private_uploads/components/'.$log->filename;
            if (Storage::missing($file)) {
-                \Log::debug('FILE DOES NOT EXISTS for '.$file);
+                Log::debug('FILE DOES NOT EXISTS for '.$file);
-                \Log::debug('URL should be '.Storage::url($file));
+                Log::debug('URL should be '.Storage::url($file));
                return response('File '.$file.' ('.Storage::url($file).') not found on server', 404)
                    ->header('Content-Type', 'text/plain');
@@ -71,11 +71,16 @@ class ConsumableCheckoutController extends Controller
        $this->authorize('checkout', $consumable);
-        // Make sure there is at least one available to checkout
+        // If the quantity is not present in the request or is not a positive integer, set it to 1
-        if ($consumable->numRemaining() <= 0) {
+        $quantity = $request->input('qty');
-            return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.checkout.unavailable'));
+        if (!isset($quantity) || !ctype_digit((string)$quantity) || $quantity <= 0) {
            $quantity = 1;
        }
        // Make sure there is at least one available to checkout
        if ($consumable->numRemaining() <= 0 || $quantity > $consumable->numRemaining()) {
            return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.checkout.unavailable'));
        }
        $admin_user = Auth::user();
        $assigned_to = e($request->input('assigned_to'));
@@ -89,13 +94,14 @@ class ConsumableCheckoutController extends Controller
        // Update the consumable data
        $consumable->assigned_to = e($request->input('assigned_to'));
        for($i = 0; $i < $quantity; $i++){
        $consumable->users()->attach($consumable->id, [
            'consumable_id' => $consumable->id,
            'user_id' => $admin_user->id,
            'assigned_to' => e($request->input('assigned_to')),
            'note' => $request->input('note'),
        ]);
-
+        }
        event(new CheckoutableCheckedOut($consumable, $user, Auth::user(), $request->input('note')));
        // Redirect to the new consumable page
@@ -4,28 +4,27 @@ namespace App\Http\Controllers\Consumables;
 use App\Helpers\StorageHelper;
 use App\Http\Controllers\Controller;
-use App\Http\Requests\AssetFileRequest;
+use App\Http\Requests\UploadFileRequest;
 use App\Models\Actionlog;
 use App\Models\Consumable;
 use Illuminate\Support\Facades\Response;
 use Illuminate\Support\Facades\Storage;
 use Symfony\Consumable\HttpFoundation\JsonResponse;
-use enshrined\svgSanitize\Sanitizer;
+use Illuminate\Support\Facades\Log;
 class ConsumablesFilesController extends Controller
 {
    /**
     * Validates and stores files associated with a consumable.
     *
-     * @todo Switch to using the AssetFileRequest form request validator.
+     * @param UploadFileRequest $request
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
     * @param AssetFileRequest $request
     * @param int $consumableId
     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     *@author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
     * @todo Switch to using the AssetFileRequest form request validator.
     */
-    public function store(AssetFileRequest $request, $consumableId = null)
+    public function store(UploadFileRequest $request, $consumableId = null)
    {
        if (config('app.lock_passwords')) {
            return redirect()->route('consumables.show', ['consumable'=>$consumableId])->with('error', trans('general.feature_disabled'));
@@ -42,30 +41,7 @@ class ConsumablesFilesController extends Controller
                }
                foreach ($request->file('file') as $file) {
-
+                    $file_name = $request->handleFile('private_uploads/consumables/','consumable-'.$consumable->id, $file);
                    $extension = $file->getClientOriginalExtension();
                    $file_name = 'consumable-'.$consumable->id.'-'.str_random(8).'-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$extension;
                    // Check for SVG and sanitize it
                    if ($extension == 'svg') {
                        \Log::debug('This is an SVG');
                        \Log::debug($file_name);
                        $sanitizer = new Sanitizer();
                        $dirtySVG = file_get_contents($file->getRealPath());
                        $cleanSVG = $sanitizer->sanitize($dirtySVG);
                        try {
                            Storage::put('private_uploads/consumables/'.$file_name, $cleanSVG);
                        } catch (\Exception $e) {
                            \Log::debug('Upload no workie :( ');
                            \Log::debug($e);
                        }
                    } else {
                        Storage::put('private_uploads/consumables/'.$file_name, file_get_contents($file));
                    }
                    //Log the upload to the log
                    $consumable->logUpload($file_name, e($request->input('notes')));
@@ -107,7 +83,7 @@ class ConsumablesFilesController extends Controller
                try {
                    Storage::delete('consumables/'.$log->filename);
                } catch (\Exception $e) {
-                    \Log::debug($e);
+                    Log::debug($e);
                }
            }
@@ -148,8 +124,8 @@ class ConsumablesFilesController extends Controller
            $file = 'private_uploads/consumables/'.$log->filename;
            if (Storage::missing($file)) {
-                \Log::debug('FILE DOES NOT EXISTS for '.$file);
+                Log::debug('FILE DOES NOT EXISTS for '.$file);
-                \Log::debug('URL should be '.Storage::url($file));
+                Log::debug('URL should be '.Storage::url($file));
                return response('File '.$file.' ('.Storage::url($file).') not found on server', 404)
                    ->header('Content-Type', 'text/plain');
@@ -22,7 +22,7 @@
 namespace App\Http\Controllers;
-use Auth;
+use Illuminate\Support\Facades\Auth;
 use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
 use Illuminate\Foundation\Bus\DispatchesJobs;
 use Illuminate\Foundation\Validation\ValidatesRequests;
@@ -8,7 +8,6 @@ use App\Models\CustomField;
 use App\Models\CustomFieldset;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Http\Request;
 use Redirect;
 /**
 * This controller handles all actions related to Custom Asset Fields for
@@ -260,7 +259,7 @@ class CustomFieldsController extends Controller
        $field->name          = trim(e($request->get("name")));
        $field->element       = e($request->get("element"));
-        $field->field_values  = e($request->get("field_values"));
+        $field->field_values  = $request->get("field_values");
        $field->user_id       = Auth::id();
        $field->help_text     = $request->get("help_text");
        $field->show_in_email = $show_in_email;
@@ -86,7 +86,7 @@ class CustomFieldsetsController extends Controller
     * @author [Brady Wetherington] [<uberbrady@gmail.com>]
     * @since [v1.8]
     * @param Request $request
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function store(Request $request)
@@ -126,7 +126,7 @@ class CustomFieldsetsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param  int  $id
     * @since [v6.0.14]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function edit($id)
@@ -147,7 +147,7 @@ class CustomFieldsetsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param  int  $id
     * @since [v6.0.14]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function update(Request $request, $id)
@@ -7,6 +7,7 @@ use App\Models\Department;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Facades\Log;
 class DepartmentsController extends Controller
 {
@@ -129,7 +130,7 @@ class DepartmentsController extends Controller
            try {
                Storage::disk('public')->delete('departments'.'/'.$department->image);
            } catch (\Exception $e) {
-                \Log::debug($e);
+                Log::debug($e);
            }
        }
        $department->delete();
@@ -8,7 +8,7 @@ use Illuminate\Support\Facades\Auth;
 use Laravel\Socialite\Facades\Socialite;
 use Laravel\Socialite\Two\InvalidStateException;
 use App\Models\Setting;
-
+use Illuminate\Support\Facades\Log;
 class GoogleAuthController extends Controller
 {
@@ -34,9 +34,9 @@ class GoogleAuthController extends Controller
    {
        try {
            $socialUser = Socialite::driver('google')->user();
-            \Log::debug('Google user found in Google Workspace');
+            Log::debug('Google user found in Google Workspace');
        } catch (InvalidStateException $exception) {
-            \Log::debug('Google user NOT found in Google Workspace');
+            Log::debug('Google user NOT found in Google Workspace');
            return redirect()->route('login')
                ->withErrors(
                    [
@@ -52,7 +52,7 @@ class GoogleAuthController extends Controller
        if ($user) {
-            \Log::debug('Google user '.$socialUser->getEmail().' found in Snipe-IT');
+            Log::debug('Google user '.$socialUser->getEmail().' found in Snipe-IT');
            $user->update([
                'avatar'   => $socialUser->avatar,
            ]);
@@ -61,7 +61,7 @@ class GoogleAuthController extends Controller
            return redirect()->route('home');
        }
-        \Log::debug('Google user '.$socialUser->getEmail().' NOT found in Snipe-IT');
+        Log::debug('Google user '.$socialUser->getEmail().' NOT found in Snipe-IT');
        return redirect()->route('login')
            ->withErrors(
                [
@@ -5,6 +5,7 @@ namespace App\Http\Controllers;
 use App\Helpers\Helper;
 use App\Models\Group;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 /**
 * This controller handles all actions related to User Groups for
@@ -63,6 +64,7 @@ class GroupsController extends Controller
        $group = new Group();
        $group->name = $request->input('name');
        $group->permissions = json_encode($request->input('permission'));
        $group->created_by = Auth::user()->id;
        if ($group->save()) {
            return redirect()->route('groups.index')->with('success', trans('admin/groups/message.success.create'));
@@ -48,7 +48,7 @@ class CheckoutKitController extends Controller
     * Validate and process the new Predefined Kit data.
     *
     * @author [D. Minaev.] [<dmitriy.minaev.v@gmail.com>]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function store(Request $request, $kit_id)
    {
@@ -47,7 +47,7 @@ class PredefinedKitsController extends Controller
     * Validate and process the new Predefined Kit data.
     *
     * @author [D. Minaev] [<dmitriy.minaev.v@gmail.com>]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function store(ImageUploadRequest $request)
    {
@@ -95,7 +95,7 @@ class PredefinedKitsController extends Controller
     * @author [D. Minaev] [<dmitriy.minaev.v@gmail.com>]
     * @since [v1.0]
     * @param int $kit_id
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function update(ImageUploadRequest $request, $kit_id = null)
    {
@@ -122,7 +122,7 @@ class PredefinedKitsController extends Controller
     * @author [D. Minaev] [<dmitriy.minaev.v@gmail.com>]
     * @since [v1.0]
     * @param int $kit_id
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function destroy($kit_id)
    {
@@ -6,6 +6,7 @@ use App\Models\Asset;
 use App\Models\AssetModel;
 use App\Models\Category;
 use App\Models\Company;
 use App\Models\CustomField;
 use App\Models\Labels\Label;
 use App\Models\Location;
 use App\Models\Manufacturer;
@@ -13,6 +14,7 @@ use App\Models\Setting;
 use App\Models\Supplier;
 use App\Models\User;
 use App\View\Label as LabelView;
 use Illuminate\Support\Facades\DB;
 use Illuminate\Support\Facades\Storage;
 class LabelsController extends Controller
@@ -20,9 +22,9 @@ class LabelsController extends Controller
    /**
     * Returns the Label view with test data
     *
-     * @author Grant Le Roux <grant.leroux+snipe-it@gmail.com>
+     * @param string $labelName
     * @param  string  $labelName
     * @return \Illuminate\Contracts\View\View
     * @author Grant Le Roux <grant.leroux+snipe-it@gmail.com>
     */
    public function show(string $labelName)
    {
@@ -65,6 +67,20 @@ class LabelsController extends Controller
        $exampleAsset->model->category->id = 999999;
        $exampleAsset->model->category->name = trans('admin/labels/table.example_category');
        $customFieldColumns = CustomField::where('field_encrypted', '=', 0)->pluck('db_column');
        collect(explode(';', Setting::getSettings()->label2_fields))
            ->filter()
            ->each(function ($item) use ($customFieldColumns, $exampleAsset) {
               $pair = explode('=', $item);
                if (array_key_exists(1, $pair)) {
                        if ($customFieldColumns->contains($pair[1])) {
                            $exampleAsset->{$pair[1]} = "{{$pair[0]}}";
                        }
                    }
            });
        $settings = Setting::getSettings();
        if (request()->has('settings')) {
            $overrides = request()->get('settings');
@@ -13,6 +13,7 @@ use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Input;
 use Illuminate\Support\Facades\Session;
 use Illuminate\Support\Facades\Validator;
 use Illuminate\Support\Facades\Log;
 class LicenseCheckinController extends Controller
 {
@@ -145,7 +146,7 @@ class LicenseCheckinController extends Controller
            $user_seat->assigned_to = null;
            if ($user_seat->save()) {
-                \Log::debug('Checking in '.$license->name.' from user '.$user_seat->username);
+                Log::debug('Checking in '.$license->name.' from user '.$user_seat->username);
                $user_seat->logCheckin($user_seat->user, trans('admin/licenses/general.bulk.checkin_all.log_msg'));
            }
        }
@@ -160,7 +161,7 @@ class LicenseCheckinController extends Controller
            $asset_seat->asset_id = null;
            if ($asset_seat->save()) {
-                \Log::debug('Checking in '.$license->name.' from asset '.$asset_seat->asset_tag);
+                Log::debug('Checking in '.$license->name.' from asset '.$asset_seat->asset_tag);
                $asset_seat->logCheckin($asset_seat->asset, trans('admin/licenses/general.bulk.checkin_all.log_msg'));
                $count++;
            }
@@ -11,6 +11,7 @@ use App\Models\License;
 use App\Models\LicenseSeat;
 use App\Models\User;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Log;
 class LicenseCheckoutController extends Controller
 {
@@ -155,16 +156,16 @@ class LicenseCheckoutController extends Controller
    public function bulkCheckout($licenseId) {
-        \Log::debug('Checking out '.$licenseId.' via bulk');
+        Log::debug('Checking out '.$licenseId.' via bulk');
        $license = License::findOrFail($licenseId);
        $this->authorize('checkin', $license);
        $avail_count = $license->getAvailSeatsCountAttribute();
        $users = User::whereNull('deleted_at')->where('autoassign_licenses', '=', 1)->with('licenses')->get();
-        \Log::debug($avail_count.' will be assigned');
+        Log::debug($avail_count.' will be assigned');
        if ($users->count() > $avail_count) {
-            \Log::debug('You do not have enough free seats to complete this task, so we will check out as many as we can. ');
+            Log::debug('You do not have enough free seats to complete this task, so we will check out as many as we can. ');
        }
        // If the license is valid, check that there is an available seat
@@ -179,7 +180,7 @@ class LicenseCheckoutController extends Controller
            // Check to make sure this user doesn't already have this license checked out to them
            if ($user->licenses->where('id', '=', $licenseId)->count()) {
-                \Log::debug($user->username.' already has this license checked out to them. Skipping... ');
+                Log::debug($user->username.' already has this license checked out to them. Skipping... ');
                continue;
            }
@@ -192,7 +193,7 @@ class LicenseCheckoutController extends Controller
                $avail_count--;
                $assigned_count++;
                $licenseSeat->logCheckout(trans('admin/licenses/general.bulk.checkout_all.log_msg'), $user);
-                \Log::debug('License '.$license->name.' seat '.$licenseSeat->id.' checked out to '.$user->username);
+                Log::debug('License '.$license->name.' seat '.$licenseSeat->id.' checked out to '.$user->username);
            }
            if ($avail_count ==  0) {
--- a/Show More
+++ b/Show More