Refactor custom fields handling for storage

Signed-off-by: snipe <snipe@snipe.net>
Merge pull request #15043 from snipe/fixes/custom_fields_on_audit
2024-07-08 14:00:15 +01:00 · 2024-07-08 13:20:59 +01:00 · 2024-07-08 13:19:05 +01:00 · 2024-07-04 17:10:10 +01:00 · 2024-07-04 16:55:47 +01:00 · 2024-07-04 16:48:05 +01:00
2005 changed files with 313774 additions and 121808 deletions
--- a/.all-contributorsrc
+++ b/.all-contributorsrc
@@ -3099,6 +3099,43 @@
      "contributions": [
        "code"
      ]
+    },
+    {
+      "login": "LeePorte",
+      "name": "Lee Porte",
+      "avatar_url": "https://avatars.githubusercontent.com/u/922815?v=4",
+      "profile": "https://leeporte.co.uk",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "bryanlopezinc",
+      "name": "BRYAN ",
+      "avatar_url": "https://avatars.githubusercontent.com/u/23613427?v=4",
+      "profile": "https://github.com/bryanlopezinc",
+      "contributions": [
+        "code",
+        "test"
+      ]
+    },
+    {
+      "login": "U-H-T",
+      "name": "U-H-T",
+      "avatar_url": "https://avatars.githubusercontent.com/u/64061710?v=4",
+      "profile": "https://github.com/U-H-T",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "Tyree",
+      "name": "Matt Tyree",
+      "avatar_url": "https://avatars.githubusercontent.com/u/5395363?v=4",
+      "profile": "https://github.com/Tyree",
+      "contributions": [
+        "doc"
+      ]
    }
  ]
 }
--- a/.env.dev.docker
+++ b/.env.dev.docker
@@ -0,0 +1,166 @@
+# --------------------------------------------
+# REQUIRED: DB SETUP
+# --------------------------------------------
+MYSQL_DATABASE=snipeit
+MYSQL_USER=snipeit
+MYSQL_PASSWORD=changeme1234
+MYSQL_ROOT_PASSWORD=changeme1234
+# --------------------------------------------
+# REQUIRED: BASIC APP SETTINGS
+# --------------------------------------------
+APP_ENV=develop
+APP_DEBUG=false
+# please regenerate the APP_KEY value by calling `docker-compose run --rm snipeit bash` and then `php artisan key:generate --show` and then copy paste the value here
+APP_KEY=base64:3ilviXqB9u6DX1NRcyWGJ+sjySF+H18CPDGb3+IVwMQ=
+APP_URL=http://localhost:8000
+APP_TIMEZONE='UTC'
+APP_LOCALE=en
+MAX_RESULTS=500
+
+# --------------------------------------------
+# REQUIRED: UPLOADED FILE STORAGE SETTINGS
+# --------------------------------------------
+PRIVATE_FILESYSTEM_DISK=local
+PUBLIC_FILESYSTEM_DISK=local_public
+
+# --------------------------------------------
+# REQUIRED: DATABASE SETTINGS
+# --------------------------------------------
+DB_CONNECTION=mysql
+DB_HOST=mariadb
+DB_DATABASE=snipeit
+DB_USERNAME=snipeit
+DB_PASSWORD=changeme1234
+DB_PREFIX=null
+DB_DUMP_PATH='/usr/bin'
+DB_CHARSET=utf8mb4
+DB_COLLATION=utf8mb4_unicode_ci
+
+# --------------------------------------------
+# OPTIONAL: SSL DATABASE SETTINGS
+# --------------------------------------------
+DB_SSL=false
+DB_SSL_IS_PAAS=false
+DB_SSL_KEY_PATH=null
+DB_SSL_CERT_PATH=null
+DB_SSL_CA_PATH=null
+DB_SSL_CIPHER=null
+DB_SSL_VERIFY_SERVER=null
+
+# --------------------------------------------
+# REQUIRED: OUTGOING MAIL SERVER SETTINGS
+# --------------------------------------------
+MAIL_DRIVER=smtp
+MAIL_HOST=mailhog
+MAIL_PORT=1025
+MAIL_USERNAME=null
+MAIL_PASSWORD=null
+MAIL_ENCRYPTION=null
+MAIL_FROM_ADDR=you@example.com
+MAIL_FROM_NAME='Snipe-IT'
+MAIL_REPLYTO_ADDR=you@example.com
+MAIL_REPLYTO_NAME='Snipe-IT'
+MAIL_AUTO_EMBED_METHOD='attachment'
+
+# --------------------------------------------
+# REQUIRED: IMAGE LIBRARY
+# This should be gd or imagick
+# --------------------------------------------
+IMAGE_LIB=gd
+
+
+# --------------------------------------------
+# OPTIONAL: BACKUP SETTINGS
+# --------------------------------------------
+MAIL_BACKUP_NOTIFICATION_DRIVER=null
+MAIL_BACKUP_NOTIFICATION_ADDRESS=null
+BACKUP_ENV=true
+
+
+# --------------------------------------------
+# OPTIONAL: SESSION SETTINGS
+# --------------------------------------------
+SESSION_LIFETIME=12000
+EXPIRE_ON_CLOSE=false
+ENCRYPT=false
+COOKIE_NAME=snipeit_session
+COOKIE_DOMAIN=null
+SECURE_COOKIES=false
+API_TOKEN_EXPIRATION_YEARS=40
+
+# --------------------------------------------
+# OPTIONAL: SECURITY HEADER SETTINGS
+# --------------------------------------------
+APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1
+ALLOW_IFRAMING=false
+REFERRER_POLICY=same-origin
+ENABLE_CSP=false
+CORS_ALLOWED_ORIGINS=null
+ENABLE_HSTS=false
+
+# --------------------------------------------
+# OPTIONAL: CACHE SETTINGS
+# --------------------------------------------
+CACHE_DRIVER=file
+SESSION_DRIVER=file
+QUEUE_DRIVER=sync
+CACHE_PREFIX=snipeit
+
+# --------------------------------------------
+# OPTIONAL: REDIS SETTINGS
+# --------------------------------------------
+REDIS_HOST=redis
+REDIS_PASSWORD=null
+REDIS_PORT=6379
+
+# --------------------------------------------
+# OPTIONAL: MEMCACHED SETTINGS
+# --------------------------------------------
+MEMCACHED_HOST=null
+MEMCACHED_PORT=null
+
+# --------------------------------------------
+# OPTIONAL: PUBLIC S3 Settings
+# --------------------------------------------
+PUBLIC_AWS_SECRET_ACCESS_KEY=null
+PUBLIC_AWS_ACCESS_KEY_ID=null
+PUBLIC_AWS_DEFAULT_REGION=null
+PUBLIC_AWS_BUCKET=null
+PUBLIC_AWS_URL=null
+PUBLIC_AWS_BUCKET_ROOT=null
+
+# --------------------------------------------
+# OPTIONAL: PRIVATE S3 Settings
+# --------------------------------------------
+PRIVATE_AWS_ACCESS_KEY_ID=null
+PRIVATE_AWS_SECRET_ACCESS_KEY=null
+PRIVATE_AWS_DEFAULT_REGION=null
+PRIVATE_AWS_BUCKET=null
+PRIVATE_AWS_URL=null
+PRIVATE_AWS_BUCKET_ROOT=null
+
+# --------------------------------------------
+# OPTIONAL: AWS Settings
+# --------------------------------------------
+AWS_ACCESS_KEY_ID=null
+AWS_SECRET_ACCESS_KEY=null
+AWS_DEFAULT_REGION=null
+
+# --------------------------------------------
+# OPTIONAL: LOGIN THROTTLING
+# --------------------------------------------
+LOGIN_MAX_ATTEMPTS=5
+LOGIN_LOCKOUT_DURATION=60
+RESET_PASSWORD_LINK_EXPIRES=900
+
+# --------------------------------------------
+# OPTIONAL: MISC
+# --------------------------------------------
+LOG_CHANNEL=stderr
+LOG_MAX_DAYS=10
+APP_LOCKED=false
+APP_CIPHER=AES-256-CBC
+APP_FORCE_TLS=false
+GOOGLE_MAPS_API=
+LDAP_MEM_LIM=500M
+LDAP_TIME_LIM=600
--- a/.env.docker
+++ b/.env.docker
@@ -1,18 +1,18 @@
 # --------------------------------------------
-# REQUIRED: DB SETUP
+# REQUIRED: DOCKER SPECIFIC SETTINGS
 # --------------------------------------------
-MYSQL_DATABASE=snipeit
-MYSQL_USER=snipeit
-MYSQL_PASSWORD=changeme1234
-MYSQL_ROOT_PASSWORD=changeme1234
+APP_VERSION=v6.4.1
+APP_PORT=8000
+
 # --------------------------------------------
 # REQUIRED: BASIC APP SETTINGS
 # --------------------------------------------
-APP_ENV=develop
+APP_ENV=production
 APP_DEBUG=false
-# please regenerate the APP_KEY value by calling `docker-compose run --rm snipeit bash` and then `php artisan key:generate --show` and then copy paste the value here
+# Please regenerate the APP_KEY value by calling `docker compose run --rm snipeit php artisan key:generate --show`. Copy paste the value here
 APP_KEY=base64:3ilviXqB9u6DX1NRcyWGJ+sjySF+H18CPDGb3+IVwMQ=
 APP_URL=http://localhost:8000
+# https://en.wikipedia.org/wiki/List_of_tz_database_time_zones - TZ identifier
 APP_TIMEZONE='UTC'
 APP_LOCALE=en
 MAX_RESULTS=500
@@ -27,10 +27,12 @@ PUBLIC_FILESYSTEM_DISK=local_public
 # REQUIRED: DATABASE SETTINGS
 # --------------------------------------------
 DB_CONNECTION=mysql
-DB_HOST=mariadb
+DB_HOST=db
+DB_PORT='3306'
 DB_DATABASE=snipeit
 DB_USERNAME=snipeit
 DB_PASSWORD=changeme1234
+MYSQL_ROOT_PASSWORD=changeme1234
 DB_PREFIX=null
 DB_DUMP_PATH='/usr/bin'
 DB_CHARSET=utf8mb4
@@ -50,25 +52,30 @@ DB_SSL_VERIFY_SERVER=null
 # --------------------------------------------
 # REQUIRED: OUTGOING MAIL SERVER SETTINGS
 # --------------------------------------------
-MAIL_DRIVER=smtp
+MAIL_MAILER=smtp
 MAIL_HOST=mailhog
 MAIL_PORT=1025
 MAIL_USERNAME=null
 MAIL_PASSWORD=null
-MAIL_ENCRYPTION=null
+MAIL_TLS_VERIFY_PEER=true
 MAIL_FROM_ADDR=you@example.com
 MAIL_FROM_NAME='Snipe-IT'
 MAIL_REPLYTO_ADDR=you@example.com
 MAIL_REPLYTO_NAME='Snipe-IT'
 MAIL_AUTO_EMBED_METHOD='attachment'

+# --------------------------------------------
+# REQUIRED: DATA PROTECTION
+# --------------------------------------------
+ALLOW_BACKUP_DELETE=false
+ALLOW_DATA_PURGE=false
+
 # --------------------------------------------
 # REQUIRED: IMAGE LIBRARY
 # This should be gd or imagick
 # --------------------------------------------
 IMAGE_LIB=gd

-
 # --------------------------------------------
 # OPTIONAL: BACKUP SETTINGS
 # --------------------------------------------
@@ -76,7 +83,6 @@ MAIL_BACKUP_NOTIFICATION_DRIVER=null
 MAIL_BACKUP_NOTIFICATION_ADDRESS=null
 BACKUP_ENV=true

-
 # --------------------------------------------
 # OPTIONAL: SESSION SETTINGS
 # --------------------------------------------
@@ -91,7 +97,7 @@ API_TOKEN_EXPIRATION_YEARS=40
 # --------------------------------------------
 # OPTIONAL: SECURITY HEADER SETTINGS
 # --------------------------------------------
-APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1
+APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1,172.0.0.0/8
 ALLOW_IFRAMING=false
 REFERRER_POLICY=same-origin
 ENABLE_CSP=false
@@ -109,7 +115,7 @@ CACHE_PREFIX=snipeit
 # --------------------------------------------
 # OPTIONAL: REDIS SETTINGS
 # --------------------------------------------
-REDIS_HOST=redis
+REDIS_HOST=null
 REDIS_PASSWORD=null
 REDIS_PORT=6379

--- a/.env.dusk.example
+++ b/.env.dusk.example
@@ -41,7 +41,7 @@ DB_SSL_VERIFY_SERVER=null
 # --------------------------------------------
 # REQUIRED: OUTGOING MAIL SERVER SETTINGS
 # --------------------------------------------
-MAIL_DRIVER="log"
+MAIL_MAILER="log"


 # --------------------------------------------
--- a/.env.example
+++ b/.env.example
@@ -47,17 +47,21 @@ DB_SSL_VERIFY_SERVER=null
 # --------------------------------------------
 # REQUIRED: OUTGOING MAIL SERVER SETTINGS
 # --------------------------------------------
-MAIL_DRIVER=smtp
+MAIL_MAILER=smtp
 MAIL_HOST=email-smtp.us-west-2.amazonaws.com
 MAIL_PORT=587
 MAIL_USERNAME=YOURUSERNAME
 MAIL_PASSWORD=YOURPASSWORD
-MAIL_ENCRYPTION=null
 MAIL_FROM_ADDR=you@example.com
 MAIL_FROM_NAME='Snipe-IT'
 MAIL_REPLYTO_ADDR=you@example.com
 MAIL_REPLYTO_NAME='Snipe-IT'
 MAIL_AUTO_EMBED_METHOD='attachment'
+MAIL_TLS_VERIFY_PEER=true
+
+# MAIL_ENCRYPTION is no longer supported. SymfonyMailer will use tls if it's
+# advertised, and won't if it's not. If you want to use your mail server's IP but it's failing
+# because of certificate errors, set MAIL_TLS_VERIFY_PEER-true

 # --------------------------------------------
 # REQUIRED: IMAGE LIBRARY
@@ -96,6 +100,7 @@ APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1
 ALLOW_IFRAMING=false
 REFERRER_POLICY=same-origin
 ENABLE_CSP=false
+ADDITIONAL_CSP_URLS=null
 CORS_ALLOWED_ORIGINS=null
 ENABLE_HSTS=false

@@ -192,4 +197,4 @@ ARGON_TIME=2
 # OPTIONAL: SCIM
 # --------------------------------------------
 SCIM_TRACE=false
-SCIM_STANDARDS_COMPLIANCE=false
+SCIM_STANDARDS_COMPLIANCE=false
--- a/.env.testing-ci
+++ b/.env.testing-ci
@@ -22,7 +22,7 @@ DB_PASSWORD=null
 # --------------------------------------------
 # REQUIRED: OUTGOING MAIL SERVER SETTINGS
 # --------------------------------------------
-MAIL_DRIVER=log
+MAIL_MAILER=log


 # --------------------------------------------
--- a/.env.tests
+++ b/.env.tests
@@ -18,6 +18,6 @@ APP_KEY=base64:tu9NRh/a6+dCXBDGvg0Gv/0TcABnFsbT4AKxrr8mwQo=
 LOGIN_MAX_ATTEMPTS=1000000
 LOGIN_LOCKOUT_DURATION=100000000

-MAIL_DRIVER=log
+MAIL_MAILER=log
 MAIL_FROM_ADDR=you@example.com
 MAIL_FROM_NAME=Snipe-IT
--- a/.env.unit-tests
+++ b/.env.unit-tests
@@ -15,6 +15,6 @@ APP_KEY=base64:tu9NRh/a6+dCXBDGvg0Gv/0TcABnFsbT4AKxrr8mwQo=
 LOGIN_MAX_ATTEMPTS=1000000
 LOGIN_LOCKOUT_DURATION=100000000

-MAIL_DRIVER=log
+MAIL_MAILER=log
 MAIL_FROM_ADDR=you@example.com
 MAIL_FROM_NAME=Snipe-IT
--- a/.github/workflows/codacy-analysis.yml
+++ b/.github/workflows/codacy-analysis.yml
@@ -36,7 +36,7 @@ jobs:

      # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
      - name: Run Codacy Analysis CLI
-        uses: codacy/codacy-analysis-cli-action@v4.4.0
+        uses: codacy/codacy-analysis-cli-action@v4.4.1
        with:
          # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository
          # You can also omit the token and run the tools that support default configurations
--- a/.github/workflows/crowdin-upload.yml
+++ b/.github/workflows/crowdin-upload.yml
@@ -12,7 +12,7 @@ jobs:
        uses: actions/checkout@v4

      - name: Crowdin push
-        uses: crowdin/github-action@v1
+        uses: crowdin/github-action@v2
        with:
          upload_sources: true
          upload_translations: false
--- a/.github/workflows/docker-alpine.yml
+++ b/.github/workflows/docker-alpine.yml
@@ -73,7 +73,7 @@ jobs:
      # https://github.com/docker/build-push-action
      - name: Build and push 'snipe-it' image
        id: docker_build
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
        with:
          context: .
          file: ./Dockerfile.alpine
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -73,7 +73,7 @@ jobs:
      # https://github.com/docker/build-push-action
      - name: Build and push 'snipe-it' image
        id: docker_build
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
        with:
          context: .
          file: ./Dockerfile
--- a/.github/workflows/tests-mysql.yml
+++ b/.github/workflows/tests-mysql.yml
@@ -25,9 +25,9 @@ jobs:
      fail-fast: false
      matrix:
        php-version:
-          - "7.4"
-          - "8.0"
-          - "8.1.1"
+          - "8.1"
+          - "8.2"
+          - "8.3"

    name: PHP ${{ matrix.php-version }}

@@ -58,11 +58,17 @@ jobs:
      - name: Install Dependencies
        run: composer install -q --no-ansi --no-interaction --no-scripts --no-progress --prefer-dist

-      - name: Generate key
-        run: php artisan key:generate
-
-      - name: Directory Permissions
-        run: chmod -R 777 storage bootstrap/cache
+      - name: Setup Laravel
+        env:
+          DB_CONNECTION: mysql
+          DB_DATABASE: snipeit
+          DB_PORT: ${{ job.services.mysql.ports[3306] }}
+          DB_USERNAME: root
+        run: |
+          php artisan key:generate
+          php artisan migrate --force
+          php artisan passport:install
+          chmod -R 777 storage bootstrap/cache

      - name: Execute tests (Unit and Feature tests) via PHPUnit
        env:
--- a/.github/workflows/tests-postgres.yml
+++ b/.github/workflows/tests-postgres.yml
@@ -0,0 +1,75 @@
+name: Tests in Postgres
+
+on: workflow_dispatch
+
+jobs:
+  tests:
+    runs-on: ubuntu-latest
+
+    services:
+      postgresql:
+        image: postgres
+        env:
+          POSTGRES_DB: snipeit
+          POSTGRES_USER: snipeit
+          POSTGRES_PASSWORD: password
+        ports:
+          - 5432:5432
+        options: --health-cmd=pg_isready --health-interval=10s --health-timeout=5s --health-retries=3
+
+    strategy:
+      fail-fast: false
+      matrix:
+        php-version:
+          - "8.2"
+
+    name: PHP ${{ matrix.php-version }}
+
+    steps:
+      - uses: shivammathur/setup-php@v2
+        with:
+          php-version: "${{ matrix.php-version }}"
+          coverage: none
+
+      - uses: actions/checkout@v4
+
+      - name: Get Composer Cache Directory
+        id: composer-cache
+        run: |
+          echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT
+      - uses: actions/cache@v4
+        with:
+          path: ${{ steps.composer-cache.outputs.dir }}
+          key: ${{ runner.os }}-${{ matrix.php-version }}-composer-${{ hashFiles('**/composer.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-composer-
+
+      - name: Copy .env
+        run: |
+          cp -v .env.testing.example .env
+          cp -v .env.testing.example .env.testing
+
+      - name: Install Dependencies
+        run: composer install -q --no-ansi --no-interaction --no-scripts --no-progress --prefer-dist
+
+      - name: Setup Laravel
+        env:
+          DB_CONNECTION: pgsql
+          DB_DATABASE: snipeit
+          DB_PORT: ${{ job.services.postgresql.ports[5432] }}
+          DB_USERNAME: snipeit
+          DB_PASSWORD: password
+        run: |
+          php artisan key:generate
+          php artisan migrate --force
+          php artisan passport:install
+          chmod -R 777 storage bootstrap/cache
+
+      - name: Execute tests (Unit and Feature tests) via PHPUnit
+        env:
+          DB_CONNECTION: pgsql
+          DB_DATABASE: snipeit
+          DB_PORT: ${{ job.services.postgresql.ports[5432] }}
+          DB_USERNAME: snipeit
+          DB_PASSWORD: password
+        run: php artisan test --parallel
--- a/.github/workflows/tests-sqlite.yml
+++ b/.github/workflows/tests-sqlite.yml
@@ -49,6 +49,9 @@ jobs:
      - name: Generate key
        run: php artisan key:generate

+      - name: Setup Passport
+        run: php artisan passport:keys
+
      - name: Directory Permissions
        run: chmod -R 777 storage bootstrap/cache

--- a/.nvmrc
+++ b/.nvmrc
@@ -1 +1 @@
-v12.22.1
+v18.16.0
--- a/.upgrade_requirements.json
+++ b/.upgrade_requirements.json
@@ -3,8 +3,8 @@
    "DOC2": "In other words, what you see locally are the requirements for your _current_ install",
    "DOC3": "Please don't rely on these versions for planning upgrades unless you've fetched the most recent version",
    "DOC4": "You should really just ignore it and run upgrade.php. Really",
-    "php_min_version": "7.4.0",
-    "php_max_major_minor": "8.1",
-    "php_max_wontwork": "8.2.0",
-    "current_snipeit_version": "6.3"
+    "php_min_version": "8.1.0",
+    "php_max_major_minor": "8.3",
+    "php_max_wontwork": "8.4.0",
+    "current_snipeit_version": "7.0"
 }
--- a/CONTRIBUTORS.md
+++ b/CONTRIBUTORS.md
@@ -443,6 +443,12 @@ Thanks goes to all of these wonderful people ([emoji key](https://github.com/ken
      <td align="center" valign="top" width="14.28%"><a href="https://github.com/PP-JN-RL"><img src="https://avatars.githubusercontent.com/u/52716446?v=4?s=110" width="110px;" alt="Phil J R"/><br /><sub><b>Phil J R</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=PP-JN-RL" title="Code">💻</a></td>
      <td align="center" valign="top" width="14.28%"><a href="https://www.corelight.com/"><img src="https://avatars.githubusercontent.com/u/1496725?v=4?s=110" width="110px;" alt="i_virus"/><br /><sub><b>i_virus</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=chandanchowdhury" title="Code">💻</a></td>
      <td align="center" valign="top" width="14.28%"><a href="https://github.com/gitgrimbo"><img src="https://avatars.githubusercontent.com/u/1020541?v=4?s=110" width="110px;" alt="Paul Grime"/><br /><sub><b>Paul Grime</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=gitgrimbo" title="Code">💻</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://leeporte.co.uk"><img src="https://avatars.githubusercontent.com/u/922815?v=4?s=110" width="110px;" alt="Lee Porte"/><br /><sub><b>Lee Porte</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=LeePorte" title="Code">💻</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/bryanlopezinc"><img src="https://avatars.githubusercontent.com/u/23613427?v=4?s=110" width="110px;" alt="BRYAN "/><br /><sub><b>BRYAN </b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=bryanlopezinc" title="Code">💻</a> <a href="https://github.com/snipe/snipe-it/commits?author=bryanlopezinc" title="Tests">⚠️</a></td>
+    </tr>
+    <tr>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/U-H-T"><img src="https://avatars.githubusercontent.com/u/64061710?v=4?s=110" width="110px;" alt="U-H-T"/><br /><sub><b>U-H-T</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=U-H-T" title="Code">💻</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/Tyree"><img src="https://avatars.githubusercontent.com/u/5395363?v=4?s=110" width="110px;" alt="Matt Tyree"/><br /><sub><b>Matt Tyree</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=Tyree" title="Documentation">📖</a></td>
    </tr>
  </tbody>
 </table>
--- a/2
+++ b/2
@@ -105,7 +105,7 @@ RUN \
      && ln -fs "/var/lib/snipeit/keys/ldap_client_tls.cert" "/var/www/html/storage/ldap_client_tls.cert" \
      && ln -fs "/var/lib/snipeit/keys/ldap_client_tls.key" "/var/www/html/storage/ldap_client_tls.key" \
      && chown docker "/var/lib/snipeit/keys/" \
-      && chown -h docker "/var/www/html/storage/" \
+      && chown -Rh docker "/var/www/html/storage/" \
      && chmod +x /var/www/html/artisan \
      && echo "Finished setting up application in /var/www/html"

--- a/README.md
+++ b/README.md
@@ -1,13 +1,13 @@
 ![snipe-it-by-grok](https://github.com/snipe/snipe-it/assets/197404/b515673b-c7c8-4d9a-80f5-9fa58829a602)

-[![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.svg)](https://crowdin.com/project/snipe-it) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeitapp.svg?style=social)](https://twitter.com/snipeitapp) [![Codacy Badge](https://api.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://www.codacy.com/app/snipe/snipe-it?utm_source=github.com&amp;utm_medium=referral&amp;utm_content=snipe/snipe-it&amp;utm_campaign=Badge_Grade) [![Tests](https://github.com/snipe/snipe-it/actions/workflows/tests.yml/badge.svg)](https://github.com/snipe/snipe-it/actions/workflows/tests.yml)
+[![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.svg)](https://crowdin.com/project/snipe-it) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeitapp.svg?style=social)](https://twitter.com/snipeitapp) [![Codacy Badge](https://app.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://app.codacy.com/gh/snipe/snipe-it/dashboard?utm_source=gh&utm_medium=referral&utm_content=&utm_campaign=Badge_grade) [![Tests](https://github.com/snipe/snipe-it/actions/workflows/tests.yml/badge.svg)](https://github.com/snipe/snipe-it/actions/workflows/tests.yml)
 [![All Contributors](https://img.shields.io/badge/all_contributors-331-orange.svg?style=flat-square)](#contributing) [![Discord](https://badgen.net/badge/icon/discord?icon=discord&label)](https://discord.gg/yZFtShAcKk)

 ## Snipe-IT - Open Source Asset Management System

 This is a FOSS project for asset management in IT Operations. Knowing who has which laptop, when it was purchased in order to depreciate it correctly, handling software licenses, etc.

-It is built on [Laravel 8](http://laravel.com).
+It is built on [Laravel 10](http://laravel.com).

 Snipe-IT is actively developed and we [release quite frequently](https://github.com/snipe/snipe-it/releases). ([Check out the live demo here](https://snipeitapp.com/demo/).)

--- a/app.json
+++ b/app.json
@@ -38,7 +38,7 @@
        "description": "The maximum number of search results that can be returned at one time.",
        "value": "500"
      },
-      "MAIL_DRIVER": {
+      "MAIL_MAILER": {
        "description": "Mail driver - Generally SMTP on Heroku - https://snipe-it.readme.io/docs/configuration#required-outgoing-mail-settings",
        "value": "smtp"
      },
@@ -58,9 +58,9 @@
        "description": "SMTP Server Password",
        "value": "YOURPASSWORD"
      },
-      "MAIL_ENCRYPTION": {
-        "description": "Encryption protocol for email sending.",
-        "value": "null"
+      "MAIL_TLS_VERIFY_PEER": {
+        "description": "Ensure validity of TLS certificate on remote mail server",
+        "value": true
      },
      "MAIL_FROM_ADDR": {
        "description": "Email from address",
--- a/app/Console/Commands/GeneratePersonalAccessToken.php
+++ b/app/Console/Commands/GeneratePersonalAccessToken.php
@@ -7,7 +7,7 @@ use Illuminate\Console\Command;
 use App\Models\User;
 use Laravel\Passport\TokenRepository;
 use Illuminate\Contracts\Validation\Factory as ValidationFactory;
-use DB;
+use Illuminate\Support\Facades\DB;

 class GeneratePersonalAccessToken extends Command
 {
--- a/app/Console/Commands/LdapSync.php
+++ b/app/Console/Commands/LdapSync.php
@@ -9,7 +9,7 @@ use App\Models\Setting;
 use App\Models\Ldap;
 use App\Models\User;
 use App\Models\Location;
-use Log;
+use Illuminate\Support\Facades\Log;

 class LdapSync extends Command
 {
@@ -298,7 +298,7 @@ class LdapSync extends Command
                        try {
                            $ldap_manager = Ldap::findLdapUsers($item['manager'], -1, $this->option('filter'));
                        } catch (\Exception $e) {
-                            \Log::warning("Manager lookup caused an exception: " . $e->getMessage() . ". Falling back to direct username lookup");
+                            Log::warning("Manager lookup caused an exception: " . $e->getMessage() . ". Falling back to direct username lookup");
                            // Hail-mary for Okta manager 'shortnames' - will only work if
                            // Okta configuration is using full email-address-style usernames
                            $ldap_manager = [
--- a/app/Console/Commands/LdapTroubleshooter.php
+++ b/app/Console/Commands/LdapTroubleshooter.php
@@ -5,7 +5,7 @@ namespace App\Console\Commands;
 use Illuminate\Console\Command;
 use App\Models\Setting;
 use Exception;
-use Crypt;
+use Illuminate\Support\Facades\Crypt;

 /**
 * Check if a given ip is in a network
@@ -160,7 +160,7 @@ class LdapTroubleshooter extends Command
            $output[] = "-x";
            $output[] = "-b ".escapeshellarg($settings->ldap_basedn);
            $output[] = "-D ".escapeshellarg($settings->ldap_uname);
-            $output[] = "-w ".escapeshellarg(\Crypt::Decrypt($settings->ldap_pword));
+            $output[] = "-w ".escapeshellarg(Crypt::Decrypt($settings->ldap_pword));
            $output[] = escapeshellarg(parenthesized_filter($settings->ldap_filter));
            if($settings->ldap_tls) {
                $this->line("# adding STARTTLS option");
--- a/app/Console/Commands/MergeUsersByUsername.php
+++ b/app/Console/Commands/MergeUsersByUsername.php
@@ -2,6 +2,7 @@

 namespace App\Console\Commands;

+use App\Events\UserMerged;
 use App\Models\User;
 use Carbon\Carbon;
 use Illuminate\Console\Command;
@@ -51,7 +52,7 @@ class MergeUsersByUsername extends Command

            $bad_users = User::where('username', '=', trim($parts[0]))
                ->whereNull('deleted_at')
-                ->with('assets', 'manager', 'userlog', 'licenses', 'consumables', 'accessories', 'managedLocations')
+                ->with('assets', 'manager', 'userlog', 'licenses', 'consumables', 'accessories', 'managedLocations','uploads', 'acceptances')
                ->get();


@@ -105,10 +106,26 @@ class MergeUsersByUsername extends Command
                    $managedLocation->save();
                }

+                foreach ($bad_user->uploads as $upload) {
+                    $this->info('Updating upload log record '.$upload->id.' to user '.$user->id);
+                    $upload->item_id = $user->id;
+                    $upload->save();
+                }
+
+                foreach ($bad_user->acceptances as $acceptance) {
+                    $this->info('Updating acceptance log record '.$acceptance->id.' to user '.$user->id);
+                    $acceptance->item_id = $user->id;
+                    $acceptance->save();
+                }
+
                // Mark the user as deleted
                $this->info('Marking the user as deleted');
                $bad_user->deleted_at = Carbon::now()->timestamp;
                $bad_user->save();
+
+                event(new UserMerged($bad_user, $user, null));
+
+
            }
        }
    }
--- a/app/Console/Commands/MoveUploadsToNewDisk.php
+++ b/app/Console/Commands/MoveUploadsToNewDisk.php
@@ -4,6 +4,7 @@ namespace App\Console\Commands;

 use Illuminate\Console\Command;
 use Illuminate\Support\Facades\Storage;
+use Illuminate\Support\Facades\Log;

 class MoveUploadsToNewDisk extends Command
 {
@@ -74,7 +75,7 @@ class MoveUploadsToNewDisk extends Command
                    $new_url = Storage::disk('public')->url('uploads/'.$public_type.'/'.$filename, $filename);
                    $this->info($type_count.'. PUBLIC: '.$filename.' was copied to '.$new_url);
                } catch (\Exception $e) {
-                    \Log::debug($e);
+                    Log::debug($e);
                    $this->error($e);
                }
            }
@@ -116,7 +117,7 @@ class MoveUploadsToNewDisk extends Command
                        $new_url = Storage::url($private_type . '/' . $filename, $filename);
                        $this->info($type_count . '. PRIVATE: ' . $filename . ' was copied to ' . $new_url);
                    } catch (\Exception $e) {
-                        \Log::debug($e);
+                        Log::debug($e);
                        $this->error($e);
                    }
                }
@@ -140,7 +141,7 @@ class MoveUploadsToNewDisk extends Command
                                unlink($filename);
                                $public_delete_count++;
                            } catch (\Exception $e) {
-                                \Log::debug($e);
+                                Log::debug($e);
                                $this->error($e);
                            }
                        }
@@ -153,7 +154,7 @@ class MoveUploadsToNewDisk extends Command
                                unlink($filename);
                                $private_delete_count++;
                            } catch (\Exception $e) {
-                                \Log::debug($e);
+                                Log::debug($e);
                                $this->error($e);
                            }
                        }
--- a/app/Console/Commands/ObjectImportCommand.php
+++ b/app/Console/Commands/ObjectImportCommand.php
@@ -5,6 +5,7 @@ namespace App\Console\Commands;
 use Illuminate\Console\Command;
 use Symfony\Component\Console\Input\InputArgument;
 use Symfony\Component\Console\Input\InputOption;
+use Illuminate\Support\Facades\Log;

 ini_set('max_execution_time', env('IMPORT_TIME_LIMIT', 600)); //600 seconds = 10 minutes
 ini_set('memory_limit', env('IMPORT_MEMORY_LIMIT', '500M'));
@@ -59,7 +60,7 @@ class ObjectImportCommand extends Command

        // This $logFile/useFiles() bit is currently broken, so commenting it out for now
        // $logFile = $this->option('logfile');
-        // \Log::useFiles($logFile);
+        // Log::useFiles($logFile);
        $this->comment('======= Importing Items from '.$filename.' =========');
        $importer->import();

@@ -112,10 +113,10 @@ class ObjectImportCommand extends Command
    public function log($string, $level = 'info')
    {
        if ($level === 'warning') {
-            \Log::warning($string);
+            Log::warning($string);
            $this->comment($string);
        } else {
-            \Log::Info($string);
+            Log::Info($string);
            if ($this->option('verbose')) {
                $this->comment($string);
            }
--- a/app/Console/Commands/PaveIt.php
+++ b/app/Console/Commands/PaveIt.php
@@ -5,7 +5,7 @@ namespace App\Console\Commands;
 use App\Models\Asset;
 use App\Models\CustomField;
 use Schema;
-use DB;
+use Illuminate\Support\Facades\DB;
 use Illuminate\Console\Command;

 class PaveIt extends Command
--- a/app/Console/Commands/RecryptFromMcrypt.php
+++ b/app/Console/Commands/RecryptFromMcrypt.php
@@ -103,7 +103,7 @@ class RecryptFromMcrypt extends Command
                $this->comment('INFO: No LDAP password found. Skipping... ');
            } else {
                $decrypted_ldap_pword = $mcrypter->decrypt($settings->ldap_pword);
-                $settings->ldap_pword = \Crypt::encrypt($decrypted_ldap_pword);
+                $settings->ldap_pword = Crypt::encrypt($decrypted_ldap_pword);
                $settings->save();
            }
            /** @var CustomField[] $custom_fields */
@@ -132,7 +132,7 @@ class RecryptFromMcrypt extends Command
                        // Try to decrypt the payload using the legacy app key
                        try {
                            $decrypted_field = $mcrypter->decrypt($asset->{$columnName});
-                            $asset->{$columnName} = \Crypt::encrypt($decrypted_field);
+                            $asset->{$columnName} = Crypt::encrypt($decrypted_field);
                            $this->comment($decrypted_field);
                        } catch (\Exception $e) {
                            $errors[] = ' - ERROR: Could not decrypt field ['.$encrypted_field->name.']: '.$e->getMessage();
--- a/app/Console/Commands/RegenerateAssetTags.php
+++ b/app/Console/Commands/RegenerateAssetTags.php
@@ -4,7 +4,7 @@ namespace App\Console\Commands;

 use App\Models\Asset;
 use App\Models\Setting;
-use Artisan;
+use Illuminate\Support\Facades\Artisan;
 use Illuminate\Console\Command;

 class RegenerateAssetTags extends Command
--- a/app/Console/Commands/RestoreDeletedUsers.php
+++ b/app/Console/Commands/RestoreDeletedUsers.php
@@ -6,8 +6,8 @@ use App\Models\Actionlog;
 use App\Models\Asset;
 use App\Models\License;
 use App\Models\User;
-use Artisan;
-use DB;
+use Illuminate\Support\Facades\Artisan;
+use Illuminate\Support\Facades\DB;
 use Illuminate\Console\Command;

 class RestoreDeletedUsers extends Command
--- a/app/Console/Commands/RestoreFromBackup.php
+++ b/app/Console/Commands/RestoreFromBackup.php
@@ -4,6 +4,7 @@ namespace App\Console\Commands;

 use Illuminate\Console\Command;
 use ZipArchive;
+use Illuminate\Support\Facades\Log;

 class SQLStreamer {
    private $input;
@@ -125,7 +126,7 @@ class SQLStreamer {
        while (($buffer = fgets($this->input, SQLStreamer::$buffer_size)) !== false) {
            $bytes_read += strlen($buffer);
            if ($this->reading_beginning_of_line) {
-                // \Log::debug("Buffer is: '$buffer'");
+                // Log::debug("Buffer is: '$buffer'");
                $cleaned_buffer = $this->parse_sql($buffer);
                if ($this->output) {
                    $bytes_written = fwrite($this->output, $cleaned_buffer);
@@ -191,7 +192,7 @@ class RestoreFromBackup extends Command
    {
        $dir = getcwd();
        if( $dir != base_path() ) { // usually only the case when running via webserver, not via command-line
-            \Log::debug("Current working directory is: $dir, changing directory to: ".base_path());
+            Log::debug("Current working directory is: $dir, changing directory to: ".base_path());
            chdir(base_path()); // TODO - is this *safe* to change on a running script?!
        }
        //
@@ -297,7 +298,7 @@ class RestoreFromBackup extends Command
                continue;
            }
            if (@pathinfo($raw_path, PATHINFO_EXTENSION) == 'sql') {
-                \Log::debug("Found a sql file!");
+                Log::debug("Found a sql file!");
                $sqlfiles[] = $raw_path;
                $sqlfile_indices[] = $i;
                continue;
@@ -413,7 +414,7 @@ class RestoreFromBackup extends Command
                $bytes_read = 0;
                while (($buffer = fgets($sql_contents, SQLStreamer::$buffer_size)) !== false) {
                    $bytes_read += strlen($buffer);
-                    // \Log::debug("Buffer is: '$buffer'");
+                    // Log::debug("Buffer is: '$buffer'");
                    $bytes_written = fwrite($pipes[0], $buffer);

                    if ($bytes_written === false) {
@@ -425,13 +426,13 @@ class RestoreFromBackup extends Command
                $bytes_read = $sql_importer->line_aware_piping();
            }
        } catch (\Exception $e) {
-            \Log::error("Error during restore!!!! ".$e->getMessage());
+            Log::error("Error during restore!!!! ".$e->getMessage());
            // FIXME - put these back and/or put them in the right places?!
            $err_out = fgets($pipes[1]);
            $err_err = fgets($pipes[2]);
-            \Log::error("Error OUTPUT: ".$err_out);
+            Log::error("Error OUTPUT: ".$err_out);
            $this->info($err_out);
-            \Log::error("Error ERROR : ".$err_err);
+            Log::error("Error ERROR : ".$err_err);
            $this->error($err_err);
            throw $e;
        }
--- a/app/Console/Commands/RotateAppKey.php
+++ b/app/Console/Commands/RotateAppKey.php
@@ -5,7 +5,7 @@ namespace App\Console\Commands;
 use App\Models\Asset;
 use App\Models\CustomField;
 use App\Models\Setting;
-use Artisan;
+use Illuminate\Support\Facades\Artisan;
 use Illuminate\Console\Command;
 use Illuminate\Contracts\Encryption\DecryptException;
 use Illuminate\Encryption\Encrypter;
--- a/app/Console/Commands/SendCurrentInventoryToUsers.php
+++ b/app/Console/Commands/SendCurrentInventoryToUsers.php
@@ -43,7 +43,7 @@ class SendCurrentInventoryToUsers extends Command

        $count = 0;
        foreach ($users as $user) {
-            if (($user->assets->count() > 0) || ($user->accessories->count() > 0) || ($user->licenses->count() > 0)) {
+            if (($user->assets->count() > 0) || ($user->accessories->count() > 0) || ($user->licenses->count() > 0) || ($user->consumables->count() > 0)) {
                $count++;
                $user->notify((new CurrentInventory($user)));
            }
--- a/app/Console/Commands/SendUpcomingAuditReport.php
+++ b/app/Console/Commands/SendUpcomingAuditReport.php
@@ -7,7 +7,7 @@ use App\Models\Recipients\AlertRecipient;
 use App\Models\Setting;
 use App\Notifications\SendUpcomingAuditNotification;
 use Carbon\Carbon;
-use DB;
+use Illuminate\Support\Facades\DB;
 use Illuminate\Console\Command;

 class SendUpcomingAuditReport extends Command
@@ -43,12 +43,11 @@ class SendUpcomingAuditReport extends Command
     */
    public function handle()
    {
-
+        $settings = Setting::getSettings();
        $interval = $settings->audit_warning_days ?? 0;
        $today = Carbon::now();
        $interval_date = $today->copy()->addDays($interval);

-        $settings = Setting::getSettings();
        $assets = Asset::whereNull('deleted_at')->DueOrOverdueForAudit($settings)->orderBy('assets.next_audit_date', 'desc')->get();
        $this->info($assets->count().' assets must be audited in on or before '.$interval_date.' is deadline');

--- a/app/Console/Commands/SyncAssetCounters.php
+++ b/app/Console/Commands/SyncAssetCounters.php
@@ -4,6 +4,7 @@ namespace App\Console\Commands;

 use App\Models\Asset;
 use Illuminate\Console\Command;
+use Illuminate\Support\Facades\Log;

 class SyncAssetCounters extends Command
 {
@@ -58,7 +59,7 @@ class SyncAssetCounters extends Command
                        $asset->save();
                        $bar->advance();

-                        \Log::debug('Asset: '.$asset->id.' has '.$asset->checkin_counter.' checkins, '.$asset->checkout_counter.' checkouts, and '.$asset->requests_counter.' requests');
+                        Log::debug('Asset: '.$asset->id.' has '.$asset->checkin_counter.' checkins, '.$asset->checkout_counter.' checkouts, and '.$asset->requests_counter.' requests');

                    }

--- a/app/Events/UserMerged.php
+++ b/app/Events/UserMerged.php
@@ -15,7 +15,7 @@ class UserMerged
     *
     * @return void
     */
-    public function __construct(User $from_user, User $to_user, User $admin)
+    public function __construct(User $from_user, User $to_user, ?User $admin)
    {
        $this->merged_from        = $from_user;
        $this->merged_to      = $to_user;
--- a/app/Exceptions/Handler.php
+++ b/app/Exceptions/Handler.php
@@ -7,7 +7,7 @@ use App\Helpers\Helper;
 use Illuminate\Validation\ValidationException;
 use Illuminate\Auth\AuthenticationException;
 use ArieTimmerman\Laravel\SCIMServer\Exceptions\SCIMException;
-use Log;
+use Illuminate\Support\Facades\Log;
 use Throwable;
 use JsonException;
 use Carbon\Exceptions\InvalidFormatException;
@@ -44,8 +44,8 @@ class Handler extends ExceptionHandler
    public function report(Throwable $exception)
    {
        if ($this->shouldReport($exception)) {
-            if (class_exists(\Log::class)) {
-                \Log::error($exception);
+            if (class_exists(Log::class)) {
+                Log::error($exception);
            }
            return parent::report($exception);
        }
--- a/app/Helpers/Helper.php
+++ b/app/Helpers/Helper.php
@@ -12,10 +12,12 @@ use App\Models\Depreciation;
 use App\Models\Setting;
 use App\Models\Statuslabel;
 use App\Models\License;
-use Crypt;
+use Illuminate\Support\Facades\Crypt;
 use Illuminate\Contracts\Encryption\DecryptException;
-use Image;
 use Carbon\Carbon;
+use Illuminate\Support\Facades\Log;
+use Intervention\Image\ImageManagerStatic as Image;
+use Illuminate\Support\Facades\Session;

 class Helper
 {
@@ -412,7 +414,7 @@ class Helper

        if ($index >= $total_colors) {

-            \Log::info('Status label count is '.$index.' and exceeds the allowed count of 266.');
+            Log::info('Status label count is '.$index.' and exceeds the allowed count of 266.');
            //patch fix for array key overflow (color count starts at 1, array starts at 0)
            $index = $index - $total_colors - 1;

@@ -875,12 +877,15 @@ class Helper
                $permission_name = $permission[$x]['permission'];

                if ($permission[$x]['display'] === true) {
-                    if ($selected_arr) {
+
+                    if (is_array($selected_arr)) {
+
                        if (array_key_exists($permission_name, $selected_arr)) {
                            $permissions_arr[$permission_name] = $selected_arr[$permission_name];
                        } else {
                            $permissions_arr[$permission_name] = '0';
                        }
+
                    } else {
                        $permissions_arr[$permission_name] = '0';
                    }
@@ -1012,7 +1017,7 @@ class Helper


        try {
-            $tmp_date = new \Carbon($date);
+            $tmp_date = new Carbon($date);

            if ($type == 'datetime') {
                $dt['datetime'] = $tmp_date->format('Y-m-d H:i:s');
@@ -1029,7 +1034,7 @@ class Helper
            return $dt['formatted'];

        } catch (\Exception $e) {
-            \Log::warning($e);
+            Log::warning($e);
            return $date.' (Invalid '.$type.' value.)';
        }

@@ -1342,7 +1347,7 @@ class Helper
    public static function isDemoMode() {
        if (config('app.lock_passwords') === true) {
            return true;
-            \Log::debug('app locked!');
+            Log::debug('app locked!');
        }
        
        return false;
@@ -1435,7 +1440,7 @@ class Helper

        foreach (self::$language_map as $legacy => $new) {
            if ($language_code == $legacy) {
-                \Log::debug('Current language is '.$legacy.', using '.$new.' instead');
+                Log::debug('Current language is '.$legacy.', using '.$new.' instead');
                return $new;
            }
        }
@@ -1459,4 +1464,38 @@ class Helper
        return $new_locale; // better that you have some weird locale that doesn't fit into our mappings anywhere than 'void'
    }

+
+    static public function getRedirectOption($request, $id, $table, $asset_id = null)
+    {
+
+        $redirect_option = Session::get('redirect_option');
+        $checkout_to_type = Session::get('checkout_to_type');
+
+        //return to index
+        if ($redirect_option == '0') {
+            switch ($table) {
+                case "Assets":
+                    return redirect()->route('hardware.index')->with('success', trans('admin/hardware/message.checkout.success'));
+            }
+        }
+        //return to thing being assigned
+        if ($redirect_option == '1') {
+            switch ($table) {
+                case "Assets":
+                    return redirect()->route('hardware.show', $id ? $id : $asset_id)->with('success', trans('admin/hardware/message.checkout.success'));
+            }
+        }
+        //return to thing being assigned to
+        if ($redirect_option == '2') {
+            switch ($checkout_to_type) {
+                case 'user':
+                    return redirect()->route('users.show', $request->assigned_user)->with('success', trans('admin/hardware/message.checkout.success'));
+                case 'location':
+                    return redirect()->route('locations.show', $request->assigned_location)->with('success', trans('admin/hardware/message.checkout.success'));
+                case 'asset':
+                    return redirect()->route('hardware.show', $request->assigned_asset)->with('success', trans('admin/hardware/message.checkout.success'));
+            }
+        }
+        return redirect()->back()->with('error', trans('admin/hardware/message.checkout.error'));
+    }
 }
--- a/app/Http/Controllers/Accessories/AccessoriesController.php
+++ b/app/Http/Controllers/Accessories/AccessoriesController.php
@@ -11,6 +11,7 @@ use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Facades\Validator;
 use Redirect;
+use Illuminate\Support\Facades\Log;

 /** This controller handles all actions related to Accessories for
 * the Snipe-IT Asset Management application.
@@ -57,7 +58,7 @@ class AccessoriesController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param ImageUploadRequest $request
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function store(ImageUploadRequest $request)
@@ -150,7 +151,7 @@ class AccessoriesController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param ImageUploadRequest $request
     * @param  int $accessoryId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function update(ImageUploadRequest $request, $accessoryId = null)
@@ -204,7 +205,7 @@ class AccessoriesController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param  int $accessoryId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function destroy($accessoryId)
@@ -224,7 +225,7 @@ class AccessoriesController extends Controller
            try {
                Storage::disk('public')->delete('accessories'.'/'.$accessory->image);
            } catch (\Exception $e) {
-                \Log::debug($e);
+                Log::debug($e);
            }
        }

--- a/app/Http/Controllers/Accessories/AccessoriesFilesController.php
+++ b/app/Http/Controllers/Accessories/AccessoriesFilesController.php
@@ -10,6 +10,7 @@ use App\Models\Accessory;
 use Illuminate\Support\Facades\Response;
 use Illuminate\Support\Facades\Storage;
 use Symfony\Accessory\HttpFoundation\JsonResponse;
+use Illuminate\Support\Facades\Log;

 class AccessoriesFilesController extends Controller
 {
@@ -85,7 +86,7 @@ class AccessoriesFilesController extends Controller
                try {
                    Storage::delete('accessories/'.$log->filename);
                } catch (\Exception $e) {
-                    \Log::debug($e);
+                    Log::debug($e);
                }
            }

@@ -112,7 +113,7 @@ class AccessoriesFilesController extends Controller
    public function show($accessoryId = null, $fileId = null, $download = true)
    {

-        \Log::debug('Private filesystem is: '.config('filesystems.default'));
+        Log::debug('Private filesystem is: '.config('filesystems.default'));
        $accessory = Accessory::find($accessoryId);


@@ -129,8 +130,8 @@ class AccessoriesFilesController extends Controller
            $file = 'private_uploads/accessories/'.$log->filename;

            if (Storage::missing($file)) {
-                \Log::debug('FILE DOES NOT EXISTS for '.$file);
-                \Log::debug('URL should be '.Storage::url($file));
+                Log::debug('FILE DOES NOT EXISTS for '.$file);
+                Log::debug('URL should be '.Storage::url($file));

                return response('File '.$file.' ('.Storage::url($file).') not found on server', 404)
                    ->header('Content-Type', 'text/plain');
--- a/app/Http/Controllers/Accessories/AccessoryCheckinController.php
+++ b/app/Http/Controllers/Accessories/AccessoryCheckinController.php
@@ -44,7 +44,7 @@ class AccessoryCheckinController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param null $accessoryUserId
     * @param string $backto
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     * @internal param int $accessoryId
     */
--- a/app/Http/Controllers/Accessories/AccessoryCheckoutController.php
+++ b/app/Http/Controllers/Accessories/AccessoryCheckoutController.php
@@ -59,7 +59,7 @@ class AccessoryCheckoutController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param Request $request
     * @param  int $accessoryId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function store(Request $request, $accessoryId)
--- a/app/Http/Controllers/Account/AcceptanceController.php
+++ b/app/Http/Controllers/Account/AcceptanceController.php
@@ -23,13 +23,13 @@ use App\Notifications\AcceptanceAssetAcceptedNotification;
 use App\Notifications\AcceptanceAssetDeclinedNotification;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
-use Illuminate\Support\Facades\DB;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Str;
 use App\Http\Controllers\SettingsController;
 use Barryvdh\DomPDF\Facade\Pdf;
 use Carbon\Carbon;
 use phpDocumentor\Reflection\Types\Compound;
+use Illuminate\Support\Facades\Log;

 class AcceptanceController extends Controller
 {
@@ -80,7 +80,7 @@ class AcceptanceController extends Controller
     *
     * @param  Request $request
     * @param  int  $id
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function store(Request $request, $id)
    {
@@ -223,6 +223,7 @@ class AcceptanceController extends Controller
                'item_model' => $display_model,
                'item_serial' => $item->serial,
                'eula' => $item->getEula(),
+                'note' => $request->input('note'),
                'check_out_date' => Carbon::parse($acceptance->created_at)->format('Y-m-d'),
                'accepted_date' => Carbon::parse($acceptance->accepted_at)->format('Y-m-d'),
                'assigned_to' => $assigned_to,
@@ -233,12 +234,12 @@ class AcceptanceController extends Controller
            ];

            if ($pdf_view_route!='') {
-                \Log::debug($pdf_filename.' is the filename, and the route was specified.');
+                Log::debug($pdf_filename.' is the filename, and the route was specified.');
                $pdf = Pdf::loadView($pdf_view_route, $data);
                Storage::put('private_uploads/eula-pdfs/' .$pdf_filename, $pdf->output());
            }

-            $acceptance->accept($sig_filename, $item->getEula(), $pdf_filename);
+            $acceptance->accept($sig_filename, $item->getEula(), $pdf_filename, $request->input('note'));
            $acceptance->notify(new AcceptanceAssetAcceptedNotification($data));
            event(new CheckoutAccepted($acceptance));

@@ -306,10 +307,12 @@ class AcceptanceController extends Controller
                    $assigned_to = User::find($acceptance->assigned_to_id)->present()->fullName;
                    break;
            }
+
            $data = [
                'item_tag' => $item->asset_tag,
                'item_model' => $display_model,
                'item_serial' => $item->serial,
+                'note' => $request->input('note'),
                'declined_date' => Carbon::parse($acceptance->declined_at)->format('Y-m-d'),
                'signature' => ($sig_filename) ? storage_path() . '/private_uploads/signatures/' . $sig_filename : null,
                'assigned_to' => $assigned_to,
@@ -318,12 +321,12 @@ class AcceptanceController extends Controller
            ];

            if ($pdf_view_route!='') {
-                \Log::debug($pdf_filename.' is the filename, and the route was specified.');
+                Log::debug($pdf_filename.' is the filename, and the route was specified.');
                $pdf = Pdf::loadView($pdf_view_route, $data);
                Storage::put('private_uploads/eula-pdfs/' .$pdf_filename, $pdf->output());
            }

-            $acceptance->decline($sig_filename);
+            $acceptance->decline($sig_filename, $request->input('note'));
            $acceptance->notify(new AcceptanceAssetDeclinedNotification($data));
            event(new CheckoutDeclined($acceptance));
            $return_msg = trans('admin/users/message.declined');
--- a/app/Http/Controllers/ActionlogController.php
+++ b/app/Http/Controllers/ActionlogController.php
@@ -4,8 +4,9 @@ namespace App\Http\Controllers;

 use App\Helpers\Helper;
 use App\Models\Actionlog;
-use Response;
-
+use Illuminate\Support\Facades\Response;
+use Illuminate\Support\Facades\Log;
+use Illuminate\Support\Facades\Storage;
 class ActionlogController extends Controller
 {
    public function displaySig($filename)
@@ -14,19 +15,26 @@ class ActionlogController extends Controller
        // file_get_contents, so we set the error reporting for just this class
        error_reporting(0);

-        $this->authorize('view', \App\Models\Asset::class);
-        $file = config('app.private_uploads').'/signatures/'.$filename;
-        $filetype = Helper::checkUploadIsImage($file);
+        $disk = config('filesystems.default');
+        switch (config("filesystems.disks.$disk.driver")) {
+            case 's3':
+                $file = 'private_uploads/signatures/'.$filename;
+                return redirect()->away(Storage::disk($disk)->temporaryUrl($file, now()->addMinutes(5)));
+            default:
+                $this->authorize('view', \App\Models\Asset::class);
+                $file = config('app.private_uploads').'/signatures/'.$filename;
+                $filetype = Helper::checkUploadIsImage($file);

-        $contents = file_get_contents($file, false, stream_context_create(['http' => ['ignore_errors' => true]]));
-        if ($contents === false) {
-            \Log::warn('File '.$file.' not found');
-            return false;
-        } else {
-            return Response::make($contents)->header('Content-Type', $filetype);
+                $contents = file_get_contents($file, false, stream_context_create(['http' => ['ignore_errors' => true]]));
+                if ($contents === false) {
+                    Log::warning('File '.$file.' not found');
+                    return false;
+                } else {
+                    return Response::make($contents)->header('Content-Type', $filetype);
+                }
        }
-       
    }
+
    public function getStoredEula($filename){
        $this->authorize('view', \App\Models\Asset::class);
        $file = config('app.private_uploads').'/eula-pdfs/'.$filename;
--- a/app/Http/Controllers/Api/AccessoriesController.php
+++ b/app/Http/Controllers/Api/AccessoriesController.php
@@ -10,9 +10,9 @@ use App\Http\Transformers\SelectlistTransformer;
 use App\Models\Accessory;
 use App\Models\Company;
 use App\Models\User;
-use Auth;
+use Illuminate\Support\Facades\Auth;
 use Carbon\Carbon;
-use DB;
+use Illuminate\Support\Facades\DB;
 use Illuminate\Http\Request;
 use App\Http\Requests\ImageUploadRequest;

@@ -274,7 +274,7 @@ class AccessoriesController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param  int  $accessoryId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function checkout(Request $request, $accessoryId)
    {
@@ -320,7 +320,7 @@ class AccessoriesController extends Controller
     * @param Request $request
     * @param int $accessoryUserId
     * @param string $backto
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @internal param int $accessoryId
     */
    public function checkin(Request $request, $accessoryUserId = null)
--- a/app/Http/Controllers/Api/AssetFilesController.php
+++ b/app/Http/Controllers/Api/AssetFilesController.php
@@ -0,0 +1,219 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use App\Helpers\StorageHelper;
+use Illuminate\Support\Facades\Storage;
+use Illuminate\Database\Eloquent\Builder;
+use Illuminate\Http\JsonResponse;
+use Illuminate\Support\Facades\Crypt;
+use Illuminate\Support\Facades\Gate;
+use App\Helpers\Helper;
+use App\Http\Controllers\Controller;
+use App\Models\Asset;
+use App\Models\AssetModel;
+use App\Models\Actionlog;
+use \Illuminate\Support\Facades\Auth;
+use Carbon\Carbon;
+use DB;
+use Illuminate\Http\Request;
+use App\Http\Requests\UploadFileRequest;
+use Illuminate\Support\Facades\Log;
+use Input;
+use Paginator;
+use Slack;
+use Str;
+use TCPDF;
+use Validator;
+use Route;
+
+
+/**
+ * This class controls file related actions related
+ * to assets for the Snipe-IT Asset Management application.
+ *
+ * Based on the Assets/AssetFilesController by A. Gianotto <snipe@snipe.net>
+ *
+ * @version    v1.0
+ * @author [T. Scarsbrook] [<snipe@scarzybrook.co.uk>]
+ */
+class AssetFilesController extends Controller
+{
+    /**
+     * Accepts a POST to upload a file to the server.
+     *
+     * @param \App\Http\Requests\UploadFileRequest $request
+     * @param int $assetId
+     * @return \Illuminate\Http\JsonResponse
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     * @since [v6.0]
+     * @author [T. Scarsbrook] [<snipe@scarzybrook.co.uk>]
+     */
+    public function store(UploadFileRequest $request, $assetId = null)
+    {
+        // Start by checking if the asset being acted upon exists
+        if (! $asset = Asset::find($assetId)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 404);
+        }
+
+        // Make sure we are allowed to update this asset
+        $this->authorize('update', $asset);
+
+	if ($request->hasFile('file')) {
+            // If the file storage directory doesn't exist; create it
+            if (! Storage::exists('private_uploads/assets')) {
+                Storage::makeDirectory('private_uploads/assets', 775);
+            }
+
+            // Loop over the attached files and add them to the asset
+            foreach ($request->file('file') as $file) {
+                $file_name = $request->handleFile('private_uploads/assets/','hardware-'.$asset->id, $file);
+                
+                $asset->logUpload($file_name, e($request->get('notes')));
+            }
+
+            // All done - report success
+            return response()->json(Helper::formatStandardApiResponse('success', $asset, trans('admin/hardware/message.upload.success')));
+        }
+
+        // We only reach here if no files were included in the POST, so tell the user this
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.upload.nofiles')), 500);
+    }
+
+    /**
+     * List the files for an asset.
+     *
+     * @param  int $assetId
+     * @return \Illuminate\Http\JsonResponse
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     * @since [v6.0]
+     * @author [T. Scarsbrook] [<snipe@scarzybrook.co.uk>]
+     */
+    public function list($assetId = null)
+    {
+        // Start by checking if the asset being acted upon exists
+        if (! $asset = Asset::find($assetId)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 404);
+        }
+	
+	// the asset is valid
+        if (isset($asset->id)) {
+            $this->authorize('view', $asset);
+
+            // Check that there are some uploads on this asset that can be listed
+            if ($asset->uploads->count() > 0) {
+                $files = array();
+                foreach ($asset->uploads as $upload) {
+                    array_push($files, $upload);
+		}
+                // Give the list of files back to the user
+                return response()->json(Helper::formatStandardApiResponse('success', $files, trans('admin/hardware/message.upload.success')));
+            }
+
+	    // There are no files.
+            return response()->json(Helper::formatStandardApiResponse('success', array(), trans('admin/hardware/message.upload.success')));
+        }
+
+        // Send back an error message
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.download.error')), 500);
+    }
+
+    /**
+     * Check for permissions and display the file.
+     *
+     * @param  int $assetId
+     * @param  int $fileId
+     * @return \Illuminate\Http\JsonResponse
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     * @since [v6.0]
+     * @author [T. Scarsbrook] [<snipe@scarzybrook.co.uk>]
+     */
+    public function show($assetId = null, $fileId = null)
+    {
+        // Start by checking if the asset being acted upon exists
+        if (! $asset = Asset::find($assetId)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 404);
+        }
+
+        // the asset is valid
+        if (isset($asset->id)) {
+            $this->authorize('view', $asset);
+
+            // Check that the file being requested exists for the asset
+            if (! $log = Actionlog::whereNotNull('filename')->where('item_id', $asset->id)->find($fileId)) {
+                return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.download.no_match', ['id' => $fileId])), 404);
+            }
+
+	    // Form the full filename with path
+            $file = 'private_uploads/assets/'.$log->filename;
+            \Log::debug('Checking for '.$file);
+
+            if ($log->action_type == 'audit') {
+                $file = 'private_uploads/audits/'.$log->filename;
+            }
+
+            // Check the file actually exists on the filesystem
+            if (! Storage::exists($file)) {
+                return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.download.does_not_exist', ['id' => $fileId])), 404);
+            }
+
+            if (request('inline') == 'true') {
+
+                $headers = [
+                    'Content-Disposition' => 'inline',
+                ];
+
+                return Storage::download($file, $log->filename, $headers);
+            }
+
+            return StorageHelper::downloader($file);
+        }
+
+        // Send back an error message
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.download.error', ['id' => $fileId])), 500);
+    }
+
+    /**
+     * Delete the associated file
+     *
+     * @param  int $assetId
+     * @param  int $fileId
+     * @return \Illuminate\Http\JsonResponse
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     * @since [v6.0]
+     * @author [T. Scarsbrook] [<snipe@scarzybrook.co.uk>]
+     */
+    public function destroy($assetId = null, $fileId = null)
+    {
+        // Start by checking if the asset being acted upon exists
+        if (! $asset = Asset::find($assetId)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 404);
+        }
+
+        $rel_path = 'private_uploads/assets';
+
+        // the asset is valid
+        if (isset($asset->id)) {
+            $this->authorize('update', $asset);
+
+            // Check for the file
+            $log = Actionlog::find($fileId);
+	    if ($log) {
+                // Check the file actually exists, and delete it
+                if (Storage::exists($rel_path.'/'.$log->filename)) {
+                    Storage::delete($rel_path.'/'.$log->filename);
+		}
+		// Delete the record of the file
+                $log->delete();
+
+                // All deleting done - notify the user of success
+                return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/hardware/message.deletefile.success')), 200);
+            }
+
+            // The file doesn't seem to really exist, so report an error
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.deletefile.error')), 500);
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.deletefile.error')), 500);
+    }
+}
--- a/app/Http/Controllers/Api/AssetMaintenancesController.php
+++ b/app/Http/Controllers/Api/AssetMaintenancesController.php
@@ -8,7 +8,7 @@ use App\Http\Transformers\AssetMaintenancesTransformer;
 use App\Models\Asset;
 use App\Models\AssetMaintenance;
 use App\Models\Company;
-use Auth;
+use Illuminate\Support\Facades\Auth;
 use Carbon\Carbon;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Input;
--- a/app/Http/Controllers/Api/AssetModelsController.php
+++ b/app/Http/Controllers/Api/AssetModelsController.php
@@ -12,6 +12,7 @@ use App\Models\AssetModel;
 use Illuminate\Http\Request;
 use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Storage;
+use Illuminate\Support\Facades\Log;

 /**
 * This class controls all actions related to asset models for
@@ -224,7 +225,7 @@ class AssetModelsController extends Controller
            try {
                Storage::disk('public')->delete('assetmodels/'.$assetmodel->image);
            } catch (\Exception $e) {
-                \Log::info($e);
+                Log::info($e);
            }
        }

--- a/app/Http/Controllers/Api/AssetsController.php
+++ b/app/Http/Controllers/Api/AssetsController.php
@@ -27,17 +27,16 @@ use App\Models\Setting;
 use App\Models\User;
 use \Illuminate\Support\Facades\Auth;
 use Carbon\Carbon;
-use DB;
+use Illuminate\Support\Facades\DB;
 use Illuminate\Http\Request;
 use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Log;
-use Input;
 use Paginator;
 use Slack;
 use Str;
 use TCPDF;
 use Validator;
-use Route;
+use Illuminate\Support\Facades\Route;


 /**
@@ -586,49 +585,8 @@ class AssetsController extends Controller
        }     

        $asset = $request->handleImages($asset);
+        $asset = $asset->handleCustomFieldsForStoring($request);

-        // Update custom fields in the database.
-        $model = AssetModel::find($request->input('model_id'));
-
-        // Check that it's an object and not a collection
-        // (Sometimes people send arrays here and they shouldn't
-        if (($model) && ($model instanceof AssetModel) && ($model->fieldset)) {
-            foreach ($model->fieldset->fields as $field) {
-
-                // Set the field value based on what was sent in the request
-                $field_val = $request->input($field->db_column, null);
-
-                // If input value is null, use custom field's default value
-                if ($field_val == null) {
-                    Log::debug('Field value for '.$field->db_column.' is null');
-                    $field_val = $field->defaultValue($request->get('model_id'));
-                    Log::debug('Use the default fieldset value of '.$field->defaultValue($request->get('model_id')));
-                }
-
-                // if the field is set to encrypted, make sure we encrypt the value
-                if ($field->field_encrypted == '1') {
-                    Log::debug('This model field is encrypted in this fieldset.');
-
-                    if (Gate::allows('admin')) {
-
-                        // If input value is null, use custom field's default value
-                        if (($field_val == null) && ($request->has('model_id') != '')) {
-                            $field_val = Crypt::encrypt($field->defaultValue($request->get('model_id')));
-                        } else {
-                            $field_val = Crypt::encrypt($request->input($field->db_column));
-                        }
-                    }
-                }
-                if ($field->element == 'checkbox') {
-                    if(is_array($field_val)) {
-                        $field_val = implode(',', $field_val);
-                    }
-                }
-
-
-                $asset->{$field->db_column} = $field_val;
-            }
-        }

        if ($asset->save()) {
            if ($request->get('assigned_user')) {
@@ -689,32 +647,7 @@ class AssetsController extends Controller
            }     

            $asset = $request->handleImages($asset);
-            $model = AssetModel::find($asset->model_id);
-            
-            // Update custom fields
-            $problems_updating_encrypted_custom_fields = false;
-            if (($model) && (isset($model->fieldset))) {
-                foreach ($model->fieldset->fields as $field) {
-                    $field_val = $request->input($field->db_column, null);
-
-                    if ($request->has($field->db_column)) {
-                        if ($field->element == 'checkbox') {
-                            if(is_array($field_val)) {
-                                $field_val = implode(',', $field_val);
-                            }
-                        }
-                        if ($field->field_encrypted == '1') {
-                            if (Gate::allows('admin')) {
-                                $field_val = Crypt::encrypt($field_val);
-                            } else {
-                                $problems_updating_encrypted_custom_fields = true;
-                                continue;
-                            }
-                        }
-                        $asset->{$field->db_column} = $field_val;
-                    }
-                }
-            }
+            $asset = $asset->handleCustomFieldsForStoring($request);


            if ($asset->save()) {
@@ -851,7 +784,6 @@ class AssetsController extends Controller
            'asset_tag' => $asset->asset_tag,
        ];

-
        // This item is checked out to a location
        if (request('checkout_to_type') == 'location') {
            $target = Location::find(request('assigned_location'));
@@ -878,13 +810,10 @@ class AssetsController extends Controller
            $asset->status_id = $request->get('status_id');
        }

-
        if (! isset($target)) {
            return response()->json(Helper::formatStandardApiResponse('error', $error_payload, 'Checkout target for asset '.e($asset->asset_tag).' is invalid - '.$error_payload['target_type'].' does not exist.'));
        }

-
-
        $checkout_at = request('checkout_at', date('Y-m-d H:i:s'));
        $expected_checkin = request('expected_checkin', null);
        $note = request('note', null);
@@ -900,8 +829,6 @@ class AssetsController extends Controller
 //            $asset->location_id = $target->rtd_location_id;
 //        }

-
-
        if ($asset->checkOut($target, Auth::user(), $checkout_at, $expected_checkin, $note, $asset_name, $asset->location_id)) {
            return response()->json(Helper::formatStandardApiResponse('success', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkout.success')));
        }
@@ -1032,25 +959,39 @@ class AssetsController extends Controller

    {
        $this->authorize('audit', Asset::class);
-        $rules = [
-            'asset_tag' => 'required',
-            'location_id' => 'exists:locations,id|nullable|numeric',
-            'next_audit_date' => 'date|nullable',
-        ];
-
-        $validator = Validator::make($request->all(), $rules);
-        if ($validator->fails()) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, $validator->errors()->all()));
-        }

        $settings = Setting::getSettings();
        $dt = Carbon::now()->addMonths($settings->audit_interval)->toDateString();

+        // No tag passed - return an error
+        if (!$request->filled('asset_tag')) {
+            return response()->json(Helper::formatStandardApiResponse('error', [
+                'asset_tag'=> '',
+                'error'=> trans('admin/hardware/message.no_tag'),
+            ], trans('admin/hardware/message.no_tag')), 200);
+        }
+
+
        $asset = Asset::where('asset_tag', '=', $request->input('asset_tag'))->first();


        if ($asset) {
-            // We don't want to log this as a normal update, so let's bypass that
+
+            /**
+             * Even though we do a save() further down, we don't want to log this as a "normal" asset update,
+             * which would trigger the Asset Observer and would log an asset *update* log entry (because the
+             * de-normed fields like next_audit_date on the asset itself will change on save()) *in addition* to
+             * the audit log entry we're creating through this controller.
+             *
+             * To prevent this double-logging (one for update and one for audit), we skip the observer and bypass
+             * that de-normed update log entry by using unsetEventDispatcher(), BUT invoking unsetEventDispatcher()
+             * will bypass normal model-level validation that's usually handled at the observer )
+             *
+             * We handle validation on the save() by checking if the asset is valid via the ->isValid() method,
+             * which manually invokes Watson Validating to make sure the asset's model is valid.
+             *
+             * @see \App\Observers\AssetObserver::updating()
+             */
            $asset->unsetEventDispatcher();
            $asset->next_audit_date = $dt;

@@ -1066,8 +1007,12 @@ class AssetsController extends Controller

            $asset->last_audit_date = date('Y-m-d H:i:s');

-            if ($asset->save()) {
-                $log = $asset->logAudit(request('note'), request('location_id'));
+            /**
+             * Invoke Watson Validating to check the asset itself and check to make sure it saved correctly.
+             * We have to invoke this manually because of the unsetEventDispatcher() above.)
+             */
+            if ($asset->isValid() && $asset->save()) {
+                $asset->logAudit(request('note'), request('location_id'));

                return response()->json(Helper::formatStandardApiResponse('success', [
                    'asset_tag'=> e($asset->asset_tag),
@@ -1075,9 +1020,23 @@ class AssetsController extends Controller
                    'next_audit_date' => Helper::getFormattedDateObject($asset->next_audit_date),
                ], trans('admin/hardware/message.audit.success')));
            }
+
+            // Asset failed validation or was not able to be saved
+            return response()->json(Helper::formatStandardApiResponse('error', [
+                'asset_tag'=> e($asset->asset_tag),
+                'error'=> $asset->getErrors()->first(),
+            ], trans('admin/hardware/message.audit.error', ['error' => $asset->getErrors()->first()])), 200);
+
        }

-        return response()->json(Helper::formatStandardApiResponse('error', ['asset_tag'=> e($request->input('asset_tag'))], 'Asset with tag '.e($request->input('asset_tag')).' not found'));
+
+        // No matching asset for the asset tag that was passed.
+        return response()->json(Helper::formatStandardApiResponse('error', [
+            'asset_tag'=> e($request->input('asset_tag')),
+            'error'=> trans('admin/hardware/message.audit.error'),
+        ], trans('admin/hardware/message.audit.error', ['error' => trans('admin/hardware/message.does_not_exist')])), 200);
+
+
    }


--- a/app/Http/Controllers/Api/ComponentsController.php
+++ b/app/Http/Controllers/Api/ComponentsController.php
@@ -14,6 +14,7 @@ use App\Events\ComponentCheckedIn;
 use App\Models\Asset;
 use Illuminate\Support\Facades\Validator;
 use Illuminate\Database\Query\Builder;
+use Illuminate\Support\Facades\Log;

 class ComponentsController extends Controller
 {
@@ -331,7 +332,7 @@ class ComponentsController extends Controller
            // actually checked out.
            $component_assets->assigned_qty = $qty_remaining_in_checkout;

-            \Log::debug($component_asset_id.' - '.$qty_remaining_in_checkout.' remaining in record '.$component_assets->id);
+            Log::debug($component_asset_id.' - '.$qty_remaining_in_checkout.' remaining in record '.$component_assets->id);
            
            \DB::table('components_assets')->where('id',
                $component_asset_id)->update(['assigned_qty' => $qty_remaining_in_checkout]);
--- a/app/Http/Controllers/Api/ConsumablesController.php
+++ b/app/Http/Controllers/Api/ConsumablesController.php
@@ -13,6 +13,7 @@ use App\Models\User;
 use Illuminate\Http\Request;
 use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Log;

 class ConsumablesController extends Controller
 {
@@ -277,7 +278,7 @@ class ConsumablesController extends Controller
        if (!$user = User::find($request->input('assigned_to'))) {
            // Return error message
            return response()->json(Helper::formatStandardApiResponse('error', null, 'No user found'));
-            \Log::debug('No valid user');
+            Log::debug('No valid user');
        }

        // Update the consumable data
--- a/app/Http/Controllers/Api/CustomFieldsController.php
+++ b/app/Http/Controllers/Api/CustomFieldsController.php
@@ -179,7 +179,7 @@ class CustomFieldsController extends Controller
     *
     * @author [Brady Wetherington] [<uberbrady@gmail.com>]
     * @since [v1.8]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function destroy($field_id)
    {
--- a/app/Http/Controllers/Api/CustomFieldsetsController.php
+++ b/app/Http/Controllers/Api/CustomFieldsetsController.php
@@ -118,7 +118,7 @@ class CustomFieldsetsController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function destroy($id)
    {
--- a/app/Http/Controllers/Api/DepartmentsController.php
+++ b/app/Http/Controllers/Api/DepartmentsController.php
@@ -8,7 +8,7 @@ use App\Http\Transformers\DepartmentsTransformer;
 use App\Http\Transformers\SelectlistTransformer;
 use App\Models\Company;
 use App\Models\Department;
-use Auth;
+use Illuminate\Support\Facades\Auth;
 use Illuminate\Http\Request;
 use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Storage;
--- a/app/Http/Controllers/Api/GroupsController.php
+++ b/app/Http/Controllers/Api/GroupsController.php
@@ -7,7 +7,7 @@ use App\Http\Controllers\Controller;
 use App\Http\Transformers\GroupsTransformer;
 use App\Models\Group;
 use Illuminate\Http\Request;
-use Auth;
+use Illuminate\Support\Facades\Auth;


 class GroupsController extends Controller
@@ -62,13 +62,16 @@ class GroupsController extends Controller
    {
        $this->authorize('superadmin');
        $group = new Group;
+        // Get all the available permissions
+        $permissions = config('permissions');
+        $groupPermissions = Helper::selectedPermissionsArray($permissions, $permissions);

        $group->name = $request->input('name');
        $group->created_by = Auth::user()->id;
-        $group->permissions = json_encode($request->input('permissions')); // Todo - some JSON validation stuff here
+        $group->permissions = json_encode($request->input('permissions', $groupPermissions));

        if ($group->save()) {
-            return response()->json(Helper::formatStandardApiResponse('success', $group, trans('admin/groups/message.create.success')));
+            return response()->json(Helper::formatStandardApiResponse('success', (new GroupsTransformer)->transformGroup($group), trans('admin/groups/message.success.create')));
        }

        return response()->json(Helper::formatStandardApiResponse('error', null, $group->getErrors()));
@@ -86,7 +89,6 @@ class GroupsController extends Controller
    {
        $this->authorize('superadmin');
        $group = Group::findOrFail($id);
-
        return (new GroupsTransformer)->transformGroup($group);
    }

@@ -108,7 +110,7 @@ class GroupsController extends Controller
        $group->permissions = $request->input('permissions'); // Todo - some JSON validation stuff here

        if ($group->save()) {
-            return response()->json(Helper::formatStandardApiResponse('success', $group, trans('admin/groups/message.update.success')));
+            return response()->json(Helper::formatStandardApiResponse('success', (new GroupsTransformer)->transformGroup($group), trans('admin/groups/message.success.update')));
        }

        return response()->json(Helper::formatStandardApiResponse('error', null, $group->getErrors()));
--- a/app/Http/Controllers/Api/ImportController.php
+++ b/app/Http/Controllers/Api/ImportController.php
@@ -9,13 +9,14 @@ use App\Http\Transformers\ImportsTransformer;
 use App\Models\Asset;
 use App\Models\Company;
 use App\Models\Import;
-use Artisan;
+use Illuminate\Support\Facades\Artisan;
 use Illuminate\Database\Eloquent\JsonEncodingException;
 use Illuminate\Support\Facades\Request;
 use Illuminate\Support\Facades\Session;
 use Illuminate\Support\Facades\Storage;
 use League\Csv\Reader;
 use Symfony\Component\HttpFoundation\File\Exception\FileException;
+use Illuminate\Support\Facades\Log;

 class ImportController extends Controller
 {
@@ -159,10 +160,10 @@ class ImportController extends Controller

        // Run a backup immediately before processing
        if ($request->get('run-backup')) {
-            \Log::debug('Backup manually requested via importer');
+            Log::debug('Backup manually requested via importer');
            Artisan::call('snipeit:backup', ['--filename' => 'pre-import-backup-'.date('Y-m-d-H:i:s')]);
        } else {
-            \Log::debug('NO BACKUP requested via importer');
+            Log::debug('NO BACKUP requested via importer');
        }

        $import = Import::find($import_id);
--- a/app/Http/Controllers/Api/LabelsController.php
+++ b/app/Http/Controllers/Api/LabelsController.php
@@ -8,7 +8,7 @@ use App\Http\Transformers\LabelsTransformer;
 use App\Models\Labels\Label;
 use Illuminate\Http\Request;
 use Illuminate\Support\ItemNotFoundException;
-use Auth;
+use Illuminate\Support\Facades\Auth;

 class LabelsController extends Controller
 {
--- a/app/Http/Controllers/Api/LicenseSeatsController.php
+++ b/app/Http/Controllers/Api/LicenseSeatsController.php
@@ -9,7 +9,7 @@ use App\Models\Asset;
 use App\Models\License;
 use App\Models\LicenseSeat;
 use App\Models\User;
-use Auth;
+use Illuminate\Support\Facades\Auth;
 use Illuminate\Http\Request;

 class LicenseSeatsController extends Controller
--- a/app/Http/Controllers/Api/LocationsController.php
+++ b/app/Http/Controllers/Api/LocationsController.php
@@ -244,7 +244,7 @@ class LocationsController extends Controller

        if (! $location->isDeletable()) {
            return response()
-                    ->json(Helper::formatStandardApiResponse('error', null, trans('admin/companies/message.assoc_users')));
+                    ->json(Helper::formatStandardApiResponse('error', null, trans('admin/locations/message.assoc_users')));
        }
        $this->authorize('delete', $location);
        $location->delete();
--- a/app/Http/Controllers/Api/ProfileController.php
+++ b/app/Http/Controllers/Api/ProfileController.php
@@ -12,7 +12,7 @@ use Laravel\Passport\TokenRepository;
 use Illuminate\Contracts\Validation\Factory as ValidationFactory;
 use Illuminate\Support\Facades\Gate;
 use App\Models\CustomField;
-use DB;
+use Illuminate\Support\Facades\DB;

 class ProfileController extends Controller
 {
--- a/app/Http/Controllers/Api/ReportsController.php
+++ b/app/Http/Controllers/Api/ReportsController.php
@@ -78,13 +78,14 @@ class ReportsController extends Controller
        ];


+        $total = $actionlogs->count();
        // Make sure the offset and limit are actually integers and do not exceed system limits
-        $offset = ($request->input('offset') > $actionlogs->count()) ? $actionlogs->count() : app('api_offset_value');
+        $offset = ($request->input('offset') > $total) ? $total : app('api_offset_value');
        $limit = app('api_limit_value');

        $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
        $order = ($request->input('order') == 'asc') ? 'asc' : 'desc';
-        $total = $actionlogs->count();
+

        $actionlogs = $actionlogs->orderBy($sort, $order)->skip($offset)->take($limit)->get();

--- a/app/Http/Controllers/Api/SettingsController.php
+++ b/app/Http/Controllers/Api/SettingsController.php
@@ -33,18 +33,18 @@ class SettingsController extends Controller
        $settings = Setting::getSettings();

        if ($settings->ldap_enabled!='1') {
-            \Log::debug('LDAP is not enabled cannot test.');
+            Log::debug('LDAP is not enabled cannot test.');
            return response()->json(['message' => 'LDAP is not enabled, cannot test.'], 400);
        }

-        \Log::debug('Preparing to test LDAP connection');
+        Log::debug('Preparing to test LDAP connection');

        $message = []; //where we collect together test messages
        try {
            $connection = Ldap::connectToLdap();
            try {
                $message['bind'] = ['message' => 'Successfully bound to LDAP server.'];
-                \Log::debug('attempting to bind to LDAP for LDAP test');
+                Log::debug('attempting to bind to LDAP for LDAP test');
                Ldap::bindAdminToLdap($connection);
                $message['login'] = [
                    'message' => 'Successfully connected to LDAP server.',
@@ -75,13 +75,13 @@ class SettingsController extends Controller

                return response()->json($message, 200);
            } catch (\Exception $e) {
-                \Log::debug('Bind failed');
-                \Log::debug("Exception was: ".$e->getMessage());
+                Log::debug('Bind failed');
+                Log::debug("Exception was: ".$e->getMessage());
                return response()->json(['message' => $e->getMessage()], 400);
                //return response()->json(['message' => $e->getMessage()], 500);
            }
        } catch (\Exception $e) {
-            \Log::debug('Connection failed but we cannot debug it any further on our end.');
+            Log::debug('Connection failed but we cannot debug it any further on our end.');
            return response()->json(['message' => $e->getMessage()], 500);
        }

@@ -92,7 +92,7 @@ class SettingsController extends Controller
    {

        if (Setting::getSettings()->ldap_enabled != '1') {
-            \Log::debug('LDAP is not enabled. Cannot test.');
+            Log::debug('LDAP is not enabled. Cannot test.');
            return response()->json(['message' => 'LDAP is not enabled, cannot test.'], 400);
        }

@@ -104,39 +104,39 @@ class SettingsController extends Controller

        $validator = Validator::make($request->all(), $rules);
        if ($validator->fails()) {
-            \Log::debug('LDAP Validation test failed.');
+            Log::debug('LDAP Validation test failed.');
            $validation_errors = implode(' ',$validator->errors()->all());
            return response()->json(['message' => $validator->errors()->all()], 400);
        }
        


-        \Log::debug('Preparing to test LDAP login');
+        Log::debug('Preparing to test LDAP login');
        try {
            $connection = Ldap::connectToLdap();
            try {
                Ldap::bindAdminToLdap($connection);
-                \Log::debug('Attempting to bind to LDAP for LDAP test');
+                Log::debug('Attempting to bind to LDAP for LDAP test');
                try {
                    $ldap_user = Ldap::findAndBindUserLdap($request->input('ldaptest_user'), $request->input('ldaptest_password'));
                    if ($ldap_user) {
-                        \Log::debug('It worked! '. $request->input('ldaptest_user').' successfully binded to LDAP.');
+                        Log::debug('It worked! '. $request->input('ldaptest_user').' successfully binded to LDAP.');
                        return response()->json(['message' => 'It worked! '. $request->input('ldaptest_user').' successfully binded to LDAP.'], 200);
                    }
                    return response()->json(['message' => 'Login Failed. '. $request->input('ldaptest_user').' did not successfully bind to LDAP.'], 400);

                } catch (\Exception $e) {
-                    \Log::debug('LDAP login failed');
+                    Log::debug('LDAP login failed');
                    return response()->json(['message' => $e->getMessage()], 400);
                }

            } catch (\Exception $e) {
-                \Log::debug('Bind failed');
+                Log::debug('Bind failed');
                return response()->json(['message' => $e->getMessage()], 400);
                //return response()->json(['message' => $e->getMessage()], 500);
            }
        } catch (\Exception $e) {
-            \Log::debug('Connection failed');
+            Log::debug('Connection failed');
            return response()->json(['message' => $e->getMessage()], 500);
        }

@@ -181,19 +181,19 @@ class SettingsController extends Controller

            $file_parts = explode('.', $file);
            $extension = end($file_parts);
-            \Log::debug($extension);
+            Log::debug($extension);

            // Only generated barcodes would have a .png file extension
            if ($extension == 'png') {
-                \Log::debug('Deleting: '.$file);
+                Log::debug('Deleting: '.$file);


                try {
                    Storage::disk('public')->delete($file);
-                    \Log::debug('Deleting: '.$file);
+                    Log::debug('Deleting: '.$file);
                    $file_count++;
                } catch (\Exception $e) {
-                    \Log::debug($e);
+                    Log::debug($e);
                }
            }
        }
--- a/app/Http/Controllers/Api/UsersController.php
+++ b/app/Http/Controllers/Api/UsersController.php
@@ -13,15 +13,17 @@ use App\Http\Transformers\SelectlistTransformer;
 use App\Http\Transformers\UsersTransformer;
 use App\Models\Actionlog;
 use App\Models\Asset;
-use App\Models\Company;
+use App\Models\Accessory;
+use App\Models\Consumable;
 use App\Models\License;
 use App\Models\User;
 use App\Notifications\CurrentInventory;
-use Auth;
+use Illuminate\Support\Facades\Auth;
 use Illuminate\Http\Request;
-use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Facades\Validator;
+use Illuminate\Support\Facades\Log;
+use App\Http\Requests\DeleteUserRequest;

 class UsersController extends Controller
 {
@@ -31,7 +33,7 @@ class UsersController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
     *
-     * @return \Illuminate\Http\Response
+     * @return array
     */
    public function index(Request $request)
    {
@@ -75,10 +77,14 @@ class UsersController extends Controller
            'users.autoassign_licenses',
            'users.website',

-        ])->with('manager', 'groups', 'userloc', 'company', 'department', 'assets', 'licenses', 'accessories', 'consumables', 'createdBy',)
-            ->withCount('assets as assets_count', 'licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count');
+        ])->with('manager', 'groups', 'userloc', 'company', 'department', 'assets', 'licenses', 'accessories', 'consumables', 'createdBy', 'managesUsers', 'managedLocations')
+            ->withCount('assets as assets_count', 'licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count', 'managesUsers as manages_users_count', 'managedLocations as manages_locations_count');


+        if ($request->filled('search') != '') {
+            $users = $users->TextSearch($request->input('search'));
+        }
+
        if ($request->filled('activated')) {
            $users = $users->where('users.activated', '=', $request->input('activated'));
        }
@@ -187,12 +193,23 @@ class UsersController extends Controller
            $users->has('accessories', '=', $request->input('accessories_count'));
        }

+        if ($request->filled('manages_users_count')) {
+            $users->has('manages_users_count', '=', $request->input('manages_users_count'));
+        }
+
+        if ($request->filled('manages_locations_count')) {
+            $users->has('manages_locations_count', '=', $request->input('manages_locations_count'));
+        }
+
        if ($request->filled('autoassign_licenses')) {
            $users->where('autoassign_licenses', '=', $request->input('autoassign_licenses'));
        }

-        if ($request->filled('search')) {
-            $users = $users->TextSearch($request->input('search'));
+
+        if (($request->filled('deleted')) && ($request->input('deleted') == 'true')) {
+            $users = $users->onlyTrashed();
+        } elseif (($request->filled('all')) && ($request->input('all') == 'true')) {
+            $users = $users->withTrashed();
        }

        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
@@ -230,10 +247,6 @@ class UsersController extends Controller
                        'jobtitle',
                        'username',
                        'employee_num',
-                        'assets',
-                        'accessories',
-                        'consumables',
-                        'licenses',
                        'groups',
                        'activated',
                        'created_at',
@@ -244,6 +257,8 @@ class UsersController extends Controller
                        'licenses_count',
                        'consumables_count',
                        'accessories_count',
+                        'manages_users_count',
+                        'manages_locations_count',
                        'phone',
                        'address',
                        'city',
@@ -262,19 +277,11 @@ class UsersController extends Controller
                        'website',
                    ];

-                $sort = in_array($request->get('sort'), $allowed_columns) ? $request->get('sort') : 'first_name';
+                $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'first_name';
                $users = $users->orderBy($sort, $order);
                break;
        }

-        if (($request->filled('deleted')) && ($request->input('deleted') == 'true')) {
-            $users = $users->onlyTrashed();
-        } elseif (($request->filled('all')) && ($request->input('all') == 'true')) {
-            $users = $users->withTrashed();
-        }
-
-        // Apply companyable scope
-        $users = Company::scopeCompanyables($users);


        // Make sure the offset and limit are actually integers and do not exceed system limits
@@ -309,8 +316,6 @@ class UsersController extends Controller
            ]
            )->where('show_in_list', '=', '1');

-        $users = Company::scopeCompanyables($users);
-
        if ($request->filled('search')) {
            $users = $users->where(function ($query) use ($request) {
                $query->SimpleNameSearch($request->get('search'))
@@ -352,7 +357,7 @@ class UsersController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
     * @param  \Illuminate\Http\Request  $request
-     * @return \Illuminate\Http\Response
+     * @return array | \Illuminate\Http\JsonResponse
     */
    public function store(SaveUserRequest $request)
    {
@@ -399,17 +404,19 @@ class UsersController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param  int  $id
-     * @return \Illuminate\Http\Response
+     * @return array | \Illuminate\Http\JsonResponse
     */
    public function show($id)
    {
        $this->authorize('view', User::class);

-        $user = User::withCount('assets as assets_count', 'licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count')->findOrFail($id);
-        $user = Company::scopeCompanyables($user)->find($id);
-        $this->authorize('update', $user);
+        if ($user = User::withCount('assets as assets_count', 'licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count', 'managesUsers as manages_users_count', 'managedLocations as manages_locations_count')->find($id)) {
+            $this->authorize('view', $user);
+            return (new UsersTransformer)->transformUser($user);
+        }
+        
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.user_not_found', compact('id'))));

-        return (new UsersTransformer)->transformUser($user);
    }


@@ -420,102 +427,89 @@ class UsersController extends Controller
     * @since [v4.0]
     * @param  \Illuminate\Http\Request  $request
     * @param  int  $id
-     * @return \Illuminate\Http\Response
+     * @return \Illuminate\Http\JsonResponse
     */
    public function update(SaveUserRequest $request, $id)
    {
        $this->authorize('update', User::class);

-        $user = User::findOrFail($id);
-        $user = Company::scopeCompanyables($user)->find($id);
-        $this->authorize('update', $user);
-
-        /**
-         * This is a janky hack to prevent people from changing admin demo user data on the public demo.
-         * 
-         * The $ids 1 and 2 are special since they are seeded as superadmins in the demo seeder.
-         * 
-         *  Thanks, jerks. You are why we can't have nice things. - snipe
-         * 
-         */ 
+        if ($user = User::find($id)) {


-        if ((($id == 1) || ($id == 2)) && (config('app.lock_passwords'))) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, 'Permission denied. You cannot update user information via API on the demo.'));
-        }
+            $this->authorize('update', $user);
+
+            /**
+             * This is a janky hack to prevent people from changing admin demo user data on the public demo.
+             * The $ids 1 and 2 are special since they are seeded as superadmins in the demo seeder.
+             *  Thanks, jerks. You are why we can't have nice things. - snipe
+             *
+             */


-        $user->fill($request->all());
-        
-        if ($user->id == $request->input('manager_id')) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot be your own manager'));
-        }
-
-        if ($request->filled('password')) {
-            $user->password = bcrypt($request->input('password'));
-        }
-
-        // We need to use has()  instead of filled()
-        // here because we need to overwrite permissions
-        // if someone needs to null them out
-        if ($request->has('permissions')) {
-            $permissions_array = $request->input('permissions');
-
-            // Strip out the superuser permission if the API user isn't a superadmin
-            if (! Auth::user()->isSuperUser()) {
-                unset($permissions_array['superuser']);
-            }
-
-            $user->permissions = $permissions_array;
-        }
-
-
-
-        // Update the location of any assets checked out to this user
-        Asset::where('assigned_type', User::class)
-            ->where('assigned_to', $user->id)->update(['location_id' => $request->input('location_id', null)]);
-
-        
-        app('App\Http\Requests\ImageUploadRequest')->handleImages($user, 600, 'image', 'avatars', 'avatar');
-          
-        if ($user->save()) {
-
-            // Sync group memberships:
-            // This was changed in Snipe-IT v4.6.x to 4.7, since we upgraded to Laravel 5.5
-            // which changes the behavior of has vs filled.
-            // The $request->has method will now return true even if the input value is an empty string or null.
-            // A new $request->filled method has was added that provides the previous behavior of the has method.
-
-            // Check if the request has groups passed and has a value
-            if ($request->filled('groups')) {
-
-                $validator = Validator::make($request->all(), [
-                    'groups.*' => 'integer|exists:permission_groups,id',
-                ]);
-                
-                if ($validator->fails()){
-                    return response()->json(Helper::formatStandardApiResponse('error', null, $user->getErrors()));
-                }
-
-                // Only save groups if the user is a superuser
-                if (Auth::user()->isSuperUser()) {
-                    $user->groups()->sync($request->input('groups'));
-                }
-
-            // The groups field has been passed but it is null, so we should blank it out
-            } elseif ($request->has('groups')) {
-                
-                // Only save groups if the user is a superuser
-                if (Auth::user()->isSuperUser()) {
-                    $user->groups()->sync($request->input('groups'));
-                }
+            if ((($id == 1) || ($id == 2)) && (config('app.lock_passwords'))) {
+                return response()->json(Helper::formatStandardApiResponse('error', null, 'Permission denied. You cannot update user information via API on the demo.'));
            }


-            return response()->json(Helper::formatStandardApiResponse('success', (new UsersTransformer)->transformUser($user), trans('admin/users/message.success.update')));
+            $user->fill($request->all());
+
+            if ($user->id == $request->input('manager_id')) {
+                return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot be your own manager'));
+            }
+
+            if ($request->filled('password')) {
+                $user->password = bcrypt($request->input('password'));
+            }
+
+            // We need to use has()  instead of filled()
+            // here because we need to overwrite permissions
+            // if someone needs to null them out
+            if ($request->has('permissions')) {
+                $permissions_array = $request->input('permissions');
+
+                // Strip out the individual superuser permission if the API user isn't a superadmin
+                if (!Auth::user()->isSuperUser()) {
+                    unset($permissions_array['superuser']);
+                }
+
+                $user->permissions = $permissions_array;
+            }
+
+
+            // Update the location of any assets checked out to this user
+            Asset::where('assigned_type', User::class)
+                ->where('assigned_to', $user->id)->update(['location_id' => $request->input('location_id', null)]);
+
+
+            app('App\Http\Requests\ImageUploadRequest')->handleImages($user, 600, 'image', 'avatars', 'avatar');
+
+            if ($user->save()) {
+
+                // Check if the request has groups passed and has a value, AND that the user us a superuser
+                if (($request->has('groups')) && (Auth::user()->isSuperUser())) {
+
+                    $validator = Validator::make($request->only('groups'), [
+                        'groups.*' => 'integer|exists:permission_groups,id',
+                    ]);
+
+                    if ($validator->fails()) {
+                        return response()->json(Helper::formatStandardApiResponse('error', null, $validator->errors()));
+                    }
+
+                    // Sync the groups since the user is a superuser and the groups pass validation
+                    $user->groups()->sync($request->input('groups'));
+
+
+                }
+
+                return response()->json(Helper::formatStandardApiResponse('success', (new UsersTransformer)->transformUser($user), trans('admin/users/message.success.update')));
+            }
+
+            return response()->json(Helper::formatStandardApiResponse('error', null, $user->getErrors()));
        }

-        return response()->json(Helper::formatStandardApiResponse('error', null, $user->getErrors()));
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.user_not_found', compact('id'))));
+
    }

    /**
@@ -524,34 +518,15 @@ class UsersController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
     * @param  int  $id
-     * @return \Illuminate\Http\Response
+     * @return \Illuminate\Http\JsonResponse
     */
-    public function destroy($id)
+    public function destroy(DeleteUserRequest $request, $id)
    {
        $this->authorize('delete', User::class);
-        $user = User::with('assets', 'assets.model', 'consumables', 'accessories', 'licenses', 'userloc')->withTrashed();
-        $user = Company::scopeCompanyables($user)->find($id);
-        $this->authorize('delete', $user);

-        if ($user) {
+        if ($user = User::withTrashed()->find($id)) {

            $this->authorize('delete', $user);
-            
-            if (($user->assets) && ($user->assets->count() > 0)) {
-                return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.error.delete_has_assets')));
-            }
-
-            if (($user->licenses) && ($user->licenses->count() > 0)) {
-                return response()->json(Helper::formatStandardApiResponse('error', null, 'This user still has ' . $user->licenses->count() . ' license(s) associated with them and cannot be deleted.'));
-            }
-
-            if (($user->accessories) && ($user->accessories->count() > 0)) {
-                return response()->json(Helper::formatStandardApiResponse('error', null, 'This user still has ' . $user->accessories->count() . ' accessories associated with them.'));
-            }
-
-            if (($user->managedLocations()) && ($user->managedLocations()->count() > 0)) {
-                return response()->json(Helper::formatStandardApiResponse('error', null, 'This user still has ' . $user->managedLocations()->count() . ' locations that they manage.'));
-            }

            if ($user->delete()) {

@@ -560,15 +535,19 @@ class UsersController extends Controller
                    try {
                        Storage::disk('public')->delete('avatars/' . $user->avatar);
                    } catch (\Exception $e) {
-                        \Log::debug($e);
+                        Log::debug($e);
                    }
                }

                return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/users/message.success.delete')));
            }
+
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.error.delete')));
+
        }

-        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.error.delete')));
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.user_not_found')));
+
    }

    /**
@@ -577,39 +556,42 @@ class UsersController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v3.0]
     * @param $userId
-     * @return string JSON
+     * @return array | \Illuminate\Http\JsonResponse
     */
    public function assets(Request $request, $id)
    {
        $this->authorize('view', User::class);
        $this->authorize('view', Asset::class);

-        $user = User::with('assets', 'assets.model', 'consumables', 'accessories', 'licenses', 'userloc')->withTrashed();
-        $user = Company::scopeCompanyables($user)->find($id);
-        $this->authorize('view', $user);
+        if ($user = User::with('assets', 'assets.model', 'consumables', 'accessories', 'licenses', 'userloc')->withTrashed()->find($id)) {
+            $this->authorize('view', $user);

-        $assets = Asset::where('assigned_to', '=', $id)->where('assigned_type', '=', User::class)->with('model');
+            $assets = Asset::where('assigned_to', '=', $id)->where('assigned_type', '=', User::class)->with('model');


-        // Filter on category ID
-        if ($request->filled('category_id')) {
-            $assets = $assets->InCategory($request->input('category_id'));
-        }
-
-
-        // Filter on model ID
-        if ($request->filled('model_id')) {
-
-            $model_ids = $request->input('model_id');
-            if (!is_array($model_ids)) {
-                $model_ids = array($model_ids);
+            // Filter on category ID
+            if ($request->filled('category_id')) {
+                $assets = $assets->InCategory($request->input('category_id'));
            }
-            $assets = $assets->InModelList($model_ids);
+
+
+            // Filter on model ID
+            if ($request->filled('model_id')) {
+
+                $model_ids = $request->input('model_id');
+                if (!is_array($model_ids)) {
+                    $model_ids = array($model_ids);
+                }
+                $assets = $assets->InModelList($model_ids);
+            }
+
+            $assets = $assets->get();
+
+            return (new AssetsTransformer)->transformAssets($assets, $assets->count(), $request);
        }

-        $assets = $assets->get();
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.user_not_found', compact('id'))));

-        return (new AssetsTransformer)->transformAssets($assets, $assets->count(), $request);
    }

    /**
@@ -624,17 +606,21 @@ class UsersController extends Controller
    public function emailAssetList(Request $request, $id)
    {
        $this->authorize('update', User::class);
-        $user = User::findOrFail($id);
-        $user = Company::scopeCompanyables($user)->find($id);
-        $this->authorize('update', $user);

-        if (empty($user->email)) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.inventorynotification.error')));
+        if ($user = User::find($id)) {
+            $this->authorize('update', $user);
+
+            if (empty($user->email)) {
+                return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.inventorynotification.error')));
+            }
+
+            $user->notify((new CurrentInventory($user)));
+            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/users/message.inventorynotification.success')));
        }

-        $user->notify((new CurrentInventory($user)));
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.user_not_found', compact('id'))));
 
-        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/users/message.inventorynotification.success')));
+
    }

    /**
@@ -643,14 +629,14 @@ class UsersController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v3.0]
     * @param $userId
-     * @return string JSON
+     * @return array | \Illuminate\Http\JsonResponse
     */
    public function consumables(Request $request, $id)
    {
        $this->authorize('view', User::class);
        $this->authorize('view', Consumable::class);
        $user = User::findOrFail($id);
-        $this->authorize('update', $user);
+        $this->authorize('view', $user);
        $consumables = $user->consumables;
        return (new ConsumablesTransformer)->transformConsumables($consumables, $consumables->count(), $request);
    }
@@ -661,7 +647,7 @@ class UsersController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.6.14]
     * @param $userId
-     * @return string JSON
+     * @return array
     */
    public function accessories($id)
    {
@@ -680,7 +666,7 @@ class UsersController extends Controller
     * @author [N. Mathar] [<snipe@snipe.net>]
     * @since [v5.0]
     * @param $userId
-     * @return string JSON
+     * @return array | \Illuminate\Http\JsonResponse
     */
    public function licenses($id)
    {
@@ -743,7 +729,7 @@ class UsersController extends Controller
     * @author [Juan Font] [<juanfontalonso@gmail.com>]
     * @since [v4.4.2]
     * @param  \Illuminate\Http\Request  $request
-     * @return \Illuminate\Http\Response
+     * @return array
     */
    public function getCurrentUserInfo(Request $request)
    {
@@ -756,12 +742,14 @@ class UsersController extends Controller
     * @author [E. Taylor] [<dev@evantaylor.name>]
     * @param int $userId
     * @since [v6.0.0]
-     * @return JsonResponse
+     * @return \Illuminate\Http\JsonResponse
     */
-    public function restore($userId = null)
+    public function restore($userId)
    {
+        $this->authorize('delete', User::class);

        if ($user = User::withTrashed()->find($userId)) {
+
            $this->authorize('delete', $user);

            if ($user->deleted_at == '') {
@@ -780,8 +768,6 @@ class UsersController extends Controller
                return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/users/message.success.restored')), 200);
            }

-            // Check validation to make sure we're not restoring a user with the same username as an existing user
-            return response()->json(Helper::formatStandardApiResponse('error', null, $user->getErrors()));
        }

        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.user_not_found')), 200);
--- a/app/Http/Controllers/AssetMaintenancesController.php
+++ b/app/Http/Controllers/AssetMaintenancesController.php
@@ -6,7 +6,7 @@ use App\Helpers\Helper;
 use App\Models\Asset;
 use App\Models\AssetMaintenance;
 use App\Models\Company;
-use Auth;
+use Illuminate\Support\Facades\Auth;
 use Carbon\Carbon;
 use Illuminate\Http\Request;
 use Slack;
--- a/app/Http/Controllers/AssetModelsController.php
+++ b/app/Http/Controllers/AssetModelsController.php
@@ -11,13 +11,12 @@ use App\Models\CustomField;
 use App\Models\User;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Input;
 use Illuminate\Support\Facades\View;
 use Illuminate\Support\Facades\Validator;
-use Redirect;
-use Request;
-use Storage;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Storage;
 use Symfony\Component\HttpFoundation\JsonResponse;
+use Illuminate\Support\Facades\Log;

 /**
 * This class controls all actions related to asset models for
@@ -67,7 +66,7 @@ class AssetModelsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
     * @param ImageUploadRequest $request
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function store(ImageUploadRequest $request)
@@ -86,7 +85,7 @@ class AssetModelsController extends Controller
        $model->category_id = $request->input('category_id');
        $model->notes = $request->input('notes');
        $model->user_id = Auth::id();
-        $model->requestable = Request::has('requestable');
+        $model->requestable = $request->has('requestable');

        if ($request->input('fieldset_id') != '') {
            $model->fieldset_id = $request->input('fieldset_id');
@@ -140,7 +139,7 @@ class AssetModelsController extends Controller
     * @since [v1.0]
     * @param ImageUploadRequest $request
     * @param int $modelId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function update(ImageUploadRequest $request, $modelId = null)
@@ -201,7 +200,7 @@ class AssetModelsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
     * @param int $modelId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function destroy($modelId)
@@ -221,7 +220,7 @@ class AssetModelsController extends Controller
            try {
                Storage::disk('public')->delete('models/'.$model->image);
            } catch (\Exception $e) {
-                \Log::info($e);
+                Log::info($e);
            }
        }

@@ -238,7 +237,7 @@ class AssetModelsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
     * @param int $id
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function getRestore($id)
@@ -289,7 +288,7 @@ class AssetModelsController extends Controller
    public function show($modelId = null)
    {
        $this->authorize('view', AssetModel::class);
-        $model = AssetModel::withTrashed()->withCount('assets')->find($modelId);
+        $model = AssetModel::withTrashed()->find($modelId);

        if (isset($model->id)) {
            return view('models/view', compact('model'));
@@ -430,7 +429,7 @@ class AssetModelsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
     * @param int $modelId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function postBulkDelete(Request $request)
    {
--- a/app/Http/Controllers/AssetModelsFilesController.php
+++ b/app/Http/Controllers/AssetModelsFilesController.php
@@ -16,7 +16,7 @@ class AssetModelsFilesController extends Controller
     *
     * @param UploadFileRequest $request
     * @param int $modelId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     *@since [v1.0]
     * @author [A. Gianotto] [<snipe@snipe.net>]
@@ -70,8 +70,6 @@ class AssetModelsFilesController extends Controller
            }

            $file = 'private_uploads/assetmodels/'.$log->filename;
-            \Log::debug('Checking for '.$file);
-

            if (! Storage::exists($file)) {
                return response('File '.$file.' not found on server', 404)
--- a/app/Http/Controllers/Assets/AssetCheckinController.php
+++ b/app/Http/Controllers/Assets/AssetCheckinController.php
@@ -12,8 +12,9 @@ use App\Models\CheckoutAcceptance;
 use App\Models\LicenseSeat;
 use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Support\Facades\Auth;
-use Illuminate\Support\Facades\Redirect;
+use Illuminate\Support\Facades\Session;
 use Illuminate\Support\Facades\View;
+use Illuminate\Support\Facades\Log;

 class AssetCheckinController extends Controller
 {
@@ -45,7 +46,11 @@ class AssetCheckinController extends Controller
            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkin.already_checked_in'));
        }

-        return view('hardware/checkin', compact('asset'))->with('statusLabel_list', Helper::statusLabelList())->with('backto', $backto);
+        if (!$asset->model) {
+            return redirect()->route('hardware.show', $asset->id)->with('error', trans('admin/hardware/general.model_invalid_fix'));
+        }
+
+        return view('hardware/checkin', compact('asset'))->with('statusLabel_list', Helper::statusLabelList())->with('backto', $backto)->with('table_name', 'Assets');
    }

    /**
@@ -55,7 +60,7 @@ class AssetCheckinController extends Controller
     * @param AssetCheckinRequest $request
     * @param int $assetId
     * @param null $backto
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     * @since [v1.0]
     */
@@ -70,6 +75,11 @@ class AssetCheckinController extends Controller
        if (is_null($target = $asset->assignedTo)) {
            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkin.already_checked_in'));
        }
+
+        if (!$asset->model) {
+            return redirect()->route('hardware.show', $asset->id)->with('error', trans('admin/hardware/general.model_invalid_fix'));
+        }
+
        $this->authorize('checkin', $asset);

        if ($asset->assignedType() == Asset::USER) {
@@ -92,7 +102,7 @@ class AssetCheckinController extends Controller
        $asset->location_id = $asset->rtd_location_id;

        if ($request->filled('location_id')) {
-            \Log::debug('NEW Location ID: '.$request->get('location_id'));
+            Log::debug('NEW Location ID: '.$request->get('location_id'));
            $asset->location_id = $request->get('location_id');

            if ($request->get('update_default_location') == 0){
@@ -122,15 +132,12 @@ class AssetCheckinController extends Controller
            $acceptance->delete();
        });

+        Session::put('redirect_option', $request->get('redirect_option'));
        // Was the asset updated?
        if ($asset->save()) {
+
            event(new CheckoutableCheckedIn($asset, $target, Auth::user(), $request->input('note'), $checkin_at, $originalValues));
-
-            if ((isset($user)) && ($backto == 'user')) {
-                return redirect()->route('users.show', $user->id)->with('success', trans('admin/hardware/message.checkin.success'));
-            }
-
-            return redirect()->route('hardware.index')->with('success', trans('admin/hardware/message.checkin.success'));
+            return Helper::getRedirectOption($asset, $assetId, 'Assets');
        }
        // Redirect to the asset management page with error
        return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkin.error').$asset->getErrors());
--- a/app/Http/Controllers/Assets/AssetCheckoutController.php
+++ b/app/Http/Controllers/Assets/AssetCheckoutController.php
@@ -10,6 +10,7 @@ use App\Http\Requests\AssetCheckoutRequest;
 use App\Models\Asset;
 use Illuminate\Database\Eloquent\ModelNotFoundException;
 use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Session;

 class AssetCheckoutController extends Controller
 {
@@ -33,11 +34,17 @@ class AssetCheckoutController extends Controller

        $this->authorize('checkout', $asset);

+        if (!$asset->model) {
+            return redirect()->route('hardware.show', $asset->id)->with('error', trans('admin/hardware/general.model_invalid_fix'));
+        }
+
        if ($asset->availableForCheckout()) {
            return view('hardware/checkout', compact('asset'))
-                ->with('statusLabel_list', Helper::deployableStatusLabelList());
+                ->with('statusLabel_list', Helper::deployableStatusLabelList())
+                ->with('table_name', 'Assets');
        }

+
        return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkout.not_available'));
    }

@@ -47,7 +54,7 @@ class AssetCheckoutController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param AssetCheckoutRequest $request
     * @param int $assetId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @since [v1.0]
     */
    public function store(AssetCheckoutRequest $request, $assetId)
@@ -60,9 +67,14 @@ class AssetCheckoutController extends Controller
                return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkout.not_available'));
            }
            $this->authorize('checkout', $asset);
+
+            if (!$asset->model) {
+                return redirect()->route('hardware.show', $asset->id)->with('error', trans('admin/hardware/general.model_invalid_fix'));
+            }
+
            $admin = Auth::user();

-            $target = $this->determineCheckoutTarget($asset);
+            $target = $this->determineCheckoutTarget();

            $asset = $this->updateAssetLocation($asset, $target);

@@ -97,11 +109,12 @@ class AssetCheckoutController extends Controller
                    return redirect()->to("hardware/$assetId/checkout")->with('error', trans('general.error_user_company'));
                }
            }
-            
-            if ($asset->checkOut($target, $admin, $checkout_at, $expected_checkin, $request->get('note'), $request->get('name'))) {
-                return redirect()->route('hardware.index')->with('success', trans('admin/hardware/message.checkout.success'));
-            }

+                Session::put(['redirect_option' => $request->get('redirect_option'), 'checkout_to_type' => $request->get('checkout_to_type')]);
+
+            if ($asset->checkOut($target, $admin, $checkout_at, $expected_checkin, $request->get('note'), $request->get('name'))) {
+                return Helper::getRedirectOption($request, $assetId, 'Assets');
+            }
            // Redirect to the asset management page with error
            return redirect()->to("hardware/$assetId/checkout")->with('error', trans('admin/hardware/message.checkout.error').$asset->getErrors());
        } catch (ModelNotFoundException $e) {
--- a/app/Http/Controllers/Assets/AssetFilesController.php
+++ b/app/Http/Controllers/Assets/AssetFilesController.php
@@ -17,7 +17,7 @@ class AssetFilesController extends Controller
     *
     * @param UploadFileRequest $request
     * @param int $assetId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     *@since [v1.0]
     * @author [A. Gianotto] [<snipe@snipe.net>]
@@ -70,7 +70,6 @@ class AssetFilesController extends Controller
            }

            $file = 'private_uploads/assets/'.$log->filename;
-            \Log::debug('Checking for '.$file);

            if ($log->action_type == 'audit') {
                $file = 'private_uploads/audits/'.$log->filename;
--- a/app/Http/Controllers/Assets/AssetsController.php
+++ b/app/Http/Controllers/Assets/AssetsController.php
@@ -6,7 +6,7 @@ use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Http\Requests\ImageUploadRequest;
 use App\Models\Actionlog;
-use App\Models\Manufacturer;
+use App\Http\Requests\UploadFileRequest;
 use Illuminate\Support\Facades\Log;
 use App\Models\Asset;
 use App\Models\AssetModel;
@@ -96,7 +96,7 @@ class AssetsController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function store(ImageUploadRequest $request)
    {
@@ -160,29 +160,7 @@ class AssetsController extends Controller
                $asset = $request->handleImages($asset);
            }

-            // Update custom fields in the database.
-            // Validation for these fields is handled through the AssetRequest form request
-            $model = AssetModel::find($request->get('model_id'));
-
-            if (($model) && ($model->fieldset)) {
-                foreach ($model->fieldset->fields as $field) {
-                    if ($field->field_encrypted == '1') {
-                        if (Gate::allows('admin')) {
-                            if (is_array($request->input($field->db_column))) {
-                                $asset->{$field->db_column} = Crypt::encrypt(implode(', ', $request->input($field->db_column)));
-                            } else {
-                                $asset->{$field->db_column} = Crypt::encrypt($request->input($field->db_column));
-                            }
-                        }
-                    } else {
-                        if (is_array($request->input($field->db_column))) {
-                            $asset->{$field->db_column} = implode(', ', $request->input($field->db_column));
-                        } else {
-                            $asset->{$field->db_column} = $request->input($field->db_column);
-                        }
-                    }
-                }
-            }
+            $asset = $asset->handleCustomFieldsForStoring($request);

            // Validate the asset before saving
            if ($asset->isValid() && $asset->save()) {
@@ -207,7 +185,7 @@ class AssetsController extends Controller
        }

        if ($success) {
-            \Log::debug(e($asset->asset_tag));
+            Log::debug(e($asset->asset_tag));
            return redirect()->route('hardware.index')
                ->with('success-unescaped', trans('admin/hardware/message.create.success_linked', ['link' => route('hardware.show', $asset->id), 'id', 'tag' => e($asset->asset_tag)]));
               
@@ -293,7 +271,7 @@ class AssetsController extends Controller
     *
     * @param int $assetId
     * @return \Illuminate\Http\RedirectResponse|Redirect
-     *@since [v1.0]
+     * @since [v1.0]
     * @author [A. Gianotto] [<snipe@snipe.net>]
     */
    public function update(ImageUploadRequest $request, $assetId = null)
@@ -308,7 +286,8 @@ class AssetsController extends Controller
        $asset->status_id = $request->input('status_id', null);
        $asset->warranty_months = $request->input('warranty_months', null);
        $asset->purchase_cost = $request->input('purchase_cost', null);
-        $asset->purchase_date = $request->input('purchase_date', null); 
+        $asset->purchase_date = $request->input('purchase_date', null);
+        $asset->next_audit_date = $request->input('next_audit_date', null);
        if ($request->filled('purchase_date') && !$request->filled('asset_eol_date') && ($asset->model->eol > 0)) {
            $asset->purchase_date = $request->input('purchase_date', null); 
            $asset->asset_eol_date = Carbon::parse($request->input('purchase_date'))->addMonths($asset->model->eol)->format('Y-m-d');
@@ -369,32 +348,7 @@ class AssetsController extends Controller
        $asset->notes = $request->input('notes');

        $asset = $request->handleImages($asset);
-
-        // Update custom fields in the database.
-        // Validation for these fields is handlded through the AssetRequest form request
-        // FIXME: No idea why this is returning a Builder error on db_column_name.
-        // Need to investigate and fix. Using static method for now.
-        $model = AssetModel::find($request->get('model_id'));
-        if (($model) && ($model->fieldset)) {
-            foreach ($model->fieldset->fields as $field) {
-                if ($field->field_encrypted == '1') {
-                    if (Gate::allows('admin')) {
-                        if (is_array($request->input($field->db_column))) {
-                            $asset->{$field->db_column} = Crypt::encrypt(implode(', ', $request->input($field->db_column)));
-                        } else {
-                            $asset->{$field->db_column} = Crypt::encrypt($request->input($field->db_column));
-                        }
-                    }
-                } else {
-                    if (is_array($request->input($field->db_column))) {
-                        $asset->{$field->db_column} = implode(', ', $request->input($field->db_column));
-                    } else {
-                        $asset->{$field->db_column} = $request->input($field->db_column);
-                    }
-                }
-            }
-        }
-
+        $asset = $asset->handleCustomFieldsForStoring($request);

        if ($asset->save()) {
            return redirect()->route('hardware.show', $assetId)
@@ -410,7 +364,7 @@ class AssetsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param int $assetId
     * @since [v1.0]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function destroy($assetId)
    {
@@ -444,7 +398,7 @@ class AssetsController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v3.0]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function getAssetBySerial(Request $request)
    {
@@ -462,7 +416,7 @@ class AssetsController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v3.0]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function getAssetByTag(Request $request, $tag=null)
    {
@@ -862,7 +816,7 @@ class AssetsController extends Controller
    }


-    public function auditStore(Request $request, $id)
+    public function auditStore(UploadFileRequest $request, $id)
    {
        $this->authorize('audit', Asset::class);

@@ -879,7 +833,21 @@ class AssetsController extends Controller

        $asset = Asset::findOrFail($id);

-        // We don't want to log this as a normal update, so let's bypass that
+        /**
+         * Even though we do a save() further down, we don't want to log this as a "normal" asset update,
+         * which would trigger the Asset Observer and would log an asset *update* log entry (because the
+         * de-normed fields like next_audit_date on the asset itself will change on save()) *in addition* to
+         * the audit log entry we're creating through this controller.
+         *
+         * To prevent this double-logging (one for update and one for audit), we skip the observer and bypass
+         * that de-normed update log entry by using unsetEventDispatcher(), BUT invoking unsetEventDispatcher()
+         * will bypass normal model-level validation that's usually handled at the observer )
+         *
+         * We handle validation on the save() by checking if the asset is valid via the ->isValid() method,
+         * which manually invokes Watson Validating to make sure the asset's model is valid.
+         *
+         * @see \App\Observers\AssetObserver::updating()
+         */
        $asset->unsetEventDispatcher();

        $asset->next_audit_date = $request->input('next_audit_date');
@@ -888,29 +856,27 @@ class AssetsController extends Controller
        // Check to see if they checked the box to update the physical location,
        // not just note it in the audit notes
        if ($request->input('update_location') == '1') {
-            Log::debug('update location in audit');
            $asset->location_id = $request->input('location_id');
        }
+        

+        /**
+         * Invoke Watson Validating to check the asset itself and check to make sure it saved correctly.
+         * We have to invoke this manually because of the unsetEventDispatcher() above.)
+         */
+        if ($asset->isValid() && $asset->save()) {

-        if ($asset->save()) {
-            $file_name = '';
-            // Upload an image, if attached
+            $file_name = null;
+            // Create the image (if one was chosen.)
            if ($request->hasFile('image')) {
-                $path = 'private_uploads/audits';
-                if (! Storage::exists($path)) {
-                    Storage::makeDirectory($path, 775);
-                }
-                $upload = $image = $request->file('image');
-                $ext = $image->getClientOriginalExtension();
-                $file_name = 'audit-'.str_random(18).'.'.$ext;
-                Storage::putFileAs($path, $upload, $file_name);
+                $file_name = $request->handleFile('private_uploads/audits/', 'audit-'.$asset->id, $request->file('image'));
            }

-
            $asset->logAudit($request->input('note'), $request->input('location_id'), $file_name);
            return redirect()->route('assets.audit.due')->with('success', trans('admin/hardware/message.audit.success'));
        }
+
+        return redirect()->back()->withInput()->withErrors($asset->getErrors());
    }

    public function getRequestedIndex($user_id = null)
--- a/app/Http/Controllers/Assets/BulkAssetsController.php
+++ b/app/Http/Controllers/Assets/BulkAssetsController.php
@@ -13,7 +13,9 @@ use App\Models\Setting;
 use App\View\Label;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Crypt;
 use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Gate;
 use Illuminate\Support\Facades\Log;
 use Illuminate\Support\Facades\Session;
 use App\Http\Requests\AssetCheckoutRequest;
@@ -189,7 +191,6 @@ class BulkAssetsController extends Controller
     * Save bulk edits
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @return Redirect
     * @internal param array $assets
     * @since [v2.0]
     */
@@ -214,7 +215,7 @@ class BulkAssetsController extends Controller
        }


-        $assets = Asset::whereIn('id', array_keys($request->input('ids')))->get();
+        $assets = Asset::whereIn('id', $request->input('ids'))->get();



@@ -379,28 +380,30 @@ class BulkAssetsController extends Controller
                    foreach ($asset->model->fieldset->fields as $field) {

                        if ((array_key_exists($field->db_column, $this->update_array)) && ($field->field_encrypted == '1')) {
-                            $decrypted_old = Helper::gracefulDecrypt($field, $asset->{$field->db_column});
+                            if (Gate::allows('admin')) {
+                                $decrypted_old = Helper::gracefulDecrypt($field, $asset->{$field->db_column});

-                            /*
-                             * Check if the decrypted existing value is different from one we just submitted
-                             * and if not, pull it out of the object since it shouldn't really be updating at all.
-                             * If we don't do this, it will try to re-encrypt it, and the same value encrypted two
-                             * different times will have different values, so it will *look* like it was updated
-                             * but it wasn't.
-                             */
-                            if ($decrypted_old != $this->update_array[$field->db_column]) {
-                                $asset->{$field->db_column} = \Crypt::encrypt($this->update_array[$field->db_column]);
-                            } else {
                                /*
-                                 * Remove the encrypted custom field from the update_array, since nothing changed
+                                 * Check if the decrypted existing value is different from one we just submitted
+                                 * and if not, pull it out of the object since it shouldn't really be updating at all.
+                                 * If we don't do this, it will try to re-encrypt it, and the same value encrypted two
+                                 * different times will have different values, so it will *look* like it was updated
+                                 * but it wasn't.
                                 */
-                                unset($this->update_array[$field->db_column]);
-                                unset($asset->{$field->db_column});
-                            }
+                                if ($decrypted_old != $this->update_array[$field->db_column]) {
+                                    $asset->{$field->db_column} = Crypt::encrypt($this->update_array[$field->db_column]);
+                                } else {
+                                    /*
+                                     * Remove the encrypted custom field from the update_array, since nothing changed
+                                     */
+                                    unset($this->update_array[$field->db_column]);
+                                    unset($asset->{$field->db_column});
+                                }

-                            /*
-                             * These custom fields aren't encrypted, just carry on as usual
-                             */
+                                /*
+                                 * These custom fields aren't encrypted, just carry on as usual
+                                 */
+                            }
                        } else {

                            if ((array_key_exists($field->db_column, $this->update_array)) && ($asset->{$field->db_column} != $this->update_array[$field->db_column])) {
--- a/app/Http/Controllers/Auth/ForgotPasswordController.php
+++ b/app/Http/Controllers/Auth/ForgotPasswordController.php
@@ -5,7 +5,7 @@ namespace App\Http\Controllers\Auth;
 use App\Http\Controllers\Controller;
 use Illuminate\Foundation\Auth\SendsPasswordResetEmails;
 use Illuminate\Http\Request;
-
+use Illuminate\Support\Facades\Log;
 class ForgotPasswordController extends Controller
 {
    /*
@@ -79,16 +79,16 @@ class ForgotPasswordController extends Controller
                )
            );
        } catch(\Exception $e) {
-            \Log::info('Password reset attempt: User '.$request->input('username').'failed with exception: '.$e );
+            Log::info('Password reset attempt: User '.$request->input('username').'failed with exception: '.$e );
        }

        // Prevent timing attack to enumerate users.
        usleep(500000 + random_int(0, 1500000));

        if ($response === \Password::RESET_LINK_SENT) {
-            \Log::info('Password reset attempt: User '.$request->input('username').' WAS found, password reset sent');
+            Log::info('Password reset attempt: User '.$request->input('username').' WAS found, password reset sent');
        } else {
-            \Log::info('Password reset attempt: User matching username '.$request->input('username').' NOT FOUND or user is inactive');
+            Log::info('Password reset attempt: User matching username '.$request->input('username').' NOT FOUND or user is inactive');
        }

        /**
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@@ -16,7 +16,7 @@ use Illuminate\Support\Carbon;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Session;
 use Illuminate\Support\Facades\Validator;
-use Log;
+use Illuminate\Support\Facades\Log;
 use Redirect;

 /**
@@ -122,7 +122,7 @@ class LoginController extends Controller
                    Auth::login($user);
                } else {
                    $username = $saml->getUsername();
-                    \Log::debug("SAML user '$username' could not be found in database.");
+                    Log::debug("SAML user '$username' could not be found in database.");
                    $request->session()->flash('error', trans('auth/message.signin.error'));
                    $saml->clearData();
                }
@@ -137,7 +137,7 @@ class LoginController extends Controller
                $s->save();

            } catch (\Exception $e) {
-                \Log::debug('There was an error authenticating the SAML user: '.$e->getMessage());
+                Log::debug('There was an error authenticating the SAML user: '.$e->getMessage());
                throw $e;
            }

@@ -146,7 +146,7 @@ class LoginController extends Controller

            // Better logging
            if (empty($samlData)) {
-                \Log::debug("SAML page requested, but samlData seems empty.");
+                Log::debug("SAML page requested, but samlData seems empty.");
            }
        }

@@ -261,19 +261,19 @@ class LoginController extends Controller
    /**
     * Account sign in form processing.
     *
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function login(Request $request)
    {

        //If the environment is set to ALWAYS require SAML, return access denied
        if (config('app.require_saml')) {
-            \Log::debug('require SAML is enabled in the .env - return a 403');
+            Log::debug('require SAML is enabled in the .env - return a 403');
            return view('errors.403');
        }

        if (Setting::getSettings()->login_common_disabled == '1') {
-            \Log::debug('login_common_disabled is set to 1 - return a 403');
+            Log::debug('login_common_disabled is set to 1 - return a 403');
            return view('errors.403');
        }

@@ -339,7 +339,7 @@ class LoginController extends Controller
    /**
     * Two factor enrollment page
     *
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function getTwoFactorEnroll()
    {
@@ -389,7 +389,7 @@ class LoginController extends Controller
    /**
     * Two factor code form page
     *
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function getTwoFactorAuth()
    {
@@ -415,7 +415,7 @@ class LoginController extends Controller
     *
     * @param Request $request
     *
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function postTwoFactorAuth(Request $request)
    {
@@ -427,10 +427,6 @@ class LoginController extends Controller
            return redirect()->route('two-factor')->with('error', trans('auth/message.two_factor.code_required'));
        }

-        if (! $request->has('two_factor_secret')) { // TODO this seems almost the same as above?
-            return redirect()->route('two-factor')->with('error', 'Two-factor code is required.');
-        }
-
        $user = Auth::user();
        $secret = $request->input('two_factor_secret');

@@ -439,7 +435,7 @@ class LoginController extends Controller
            $user->saveQuietly();
            $request->session()->put('2fa_authed', $user->id);

-            return redirect()->route('home')->with('success', 'You are logged in!');
+            return redirect()->route('home')->with('success', trans('auth/message.signin.success'));
        }

        return redirect()->route('two-factor')->with('error', trans('auth/message.two_factor.invalid_code'));
@@ -451,7 +447,7 @@ class LoginController extends Controller
     *
     * @param Request $request
     *
-     * @return Redirect
+     * @return Illuminate\Http\RedirectResponse
     */
    public function logout(Request $request)
    {
@@ -537,7 +533,7 @@ class LoginController extends Controller

        $minutes = round($seconds / 60);

-        $message = \Lang::get('auth/message.throttle', ['minutes' => $minutes]);
+        $message = trans('auth/message.throttle', ['minutes' => $minutes]);

        return redirect()->back()
            ->withInput($request->only($this->username(), 'remember'))
--- a/app/Http/Controllers/Auth/ResetPasswordController.php
+++ b/app/Http/Controllers/Auth/ResetPasswordController.php
@@ -7,7 +7,7 @@ use App\Models\Setting;
 use App\Models\User;
 use Illuminate\Foundation\Auth\ResetsPasswords;
 use Illuminate\Http\Request;
-
+use Illuminate\Support\Facades\Log;

 class ResetPasswordController extends Controller
 {
@@ -66,7 +66,7 @@ class ResetPasswordController extends Controller
        $credentials =  $request->only('email', 'token');

        if (is_null($this->broker()->getUser($credentials))) {
-            \Log::debug('Password reset form FAILED - this token is not valid.');
+            Log::debug('Password reset form FAILED - this token is not valid.');
            return redirect()->route('password.request')->with('error', trans('passwords.token'));
        }

@@ -89,10 +89,10 @@ class ResetPasswordController extends Controller

        $request->validate($this->rules(), $request->all(), $this->validationErrorMessages());

-        \Log::debug('Checking if '.$request->input('username').' exists');
+        Log::debug('Checking if '.$request->input('username').' exists');
        // Check to see if the user even exists - we'll treat the response the same to prevent user sniffing
        if ($user = User::where('username', '=', $request->input('username'))->where('activated', '1')->whereNotNull('email')->first()) {
-            \Log::debug($user->username.' exists');
+            Log::debug($user->username.' exists');


            // handle the password validation rules set by the admin settings
@@ -112,17 +112,17 @@ class ResetPasswordController extends Controller

            // Check if the password reset above actually worked
            if ($response == \Password::PASSWORD_RESET) {
-                \Log::debug('Password reset for '.$user->username.' worked');
+                Log::debug('Password reset for '.$user->username.' worked');
                return redirect()->guest('login')->with('success', trans('passwords.reset'));
            }

-            \Log::debug('Password reset for '.$user->username.' FAILED - this user exists but the token is not valid');
+            Log::debug('Password reset for '.$user->username.' FAILED - this user exists but the token is not valid');
            return redirect()->back()->withInput($request->only('email'))->with('success', trans('passwords.reset'));

        }


-        \Log::debug('Password reset for '.$request->input('username').' FAILED - user does not exist or does not have an email address - but make it look like it succeeded');
+        Log::debug('Password reset for '.$request->input('username').' FAILED - user does not exist or does not have an email address - but make it look like it succeeded');
        return redirect()->guest('login')->with('success', trans('passwords.reset'));

    }
--- a/app/Http/Controllers/Auth/SamlController.php
+++ b/app/Http/Controllers/Auth/SamlController.php
@@ -5,7 +5,7 @@ namespace App\Http\Controllers\Auth;
 use App\Http\Controllers\Controller;
 use App\Services\Saml;
 use Illuminate\Http\Request;
-use Log;
+use Illuminate\Support\Facades\Log;

 /**
 * This controller provides the endpoint for SAML communication and metadata.
@@ -51,7 +51,7 @@ class SamlController extends Controller
        $metadata = $this->saml->getSPMetadata();

        if (empty($metadata)) {
-            \Log::debug('SAML metadata is empty - return a 403');
+            Log::debug('SAML metadata is empty - return a 403');
            return response()->view('errors.403', [], 403);
        }

@@ -71,7 +71,7 @@ class SamlController extends Controller
     *
     * @param Request $request
     *
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function login(Request $request)
    {
@@ -93,7 +93,7 @@ class SamlController extends Controller
     *
     * @param Request $request
     *
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function acs(Request $request)
    {
@@ -126,7 +126,7 @@ class SamlController extends Controller
     *
     * @param Request $request
     *
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function sls(Request $request)
    {
--- a/app/Http/Controllers/BulkAssetModelsController.php
+++ b/app/Http/Controllers/BulkAssetModelsController.php
@@ -105,7 +105,7 @@ class BulkAssetModelsController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function destroy(Request $request)
    {
--- a/app/Http/Controllers/CategoriesController.php
+++ b/app/Http/Controllers/CategoriesController.php
@@ -5,7 +5,7 @@ namespace App\Http\Controllers;
 use App\Helpers\Helper;
 use App\Http\Requests\ImageUploadRequest;
 use App\Models\Category as Category;
-use Auth;
+use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Storage;
 use Str;

--- a/app/Http/Controllers/CompaniesController.php
+++ b/app/Http/Controllers/CompaniesController.php
@@ -6,6 +6,7 @@ use App\Http\Requests\ImageUploadRequest;
 use App\Models\Company;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Storage;
+use Illuminate\Support\Facades\Log;

 /**
 * This controller handles all actions related to Companies for
@@ -154,7 +155,7 @@ final class CompaniesController extends Controller
            try {
                Storage::disk('public')->delete('companies'.'/'.$company->image);
            } catch (\Exception $e) {
-                \Log::debug($e);
+                Log::debug($e);
            }
        }

--- a/app/Http/Controllers/Components/ComponentsController.php
+++ b/app/Http/Controllers/Components/ComponentsController.php
@@ -11,6 +11,7 @@ use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Input;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Facades\Validator;
+use Illuminate\Support\Facades\Log;

 /**
 * This class controls all actions related to Components for
@@ -188,7 +189,7 @@ class ComponentsController extends Controller
            try {
                Storage::disk('public')->delete('components/'.$component->image);
            } catch (\Exception $e) {
-                \Log::debug($e);
+                Log::debug($e);
            }
        }

--- a/app/Http/Controllers/Components/ComponentsFilesController.php
+++ b/app/Http/Controllers/Components/ComponentsFilesController.php
@@ -10,6 +10,7 @@ use App\Models\Component;
 use Illuminate\Support\Facades\Response;
 use Illuminate\Support\Facades\Storage;
 use Symfony\Component\HttpFoundation\JsonResponse;
+use Illuminate\Support\Facades\Log;

 class ComponentsFilesController extends Controller
 {
@@ -84,7 +85,7 @@ class ComponentsFilesController extends Controller
                try {
                    Storage::delete('components/'.$log->filename);
                } catch (\Exception $e) {
-                    \Log::debug($e);
+                    Log::debug($e);
                }
            }

@@ -110,7 +111,7 @@ class ComponentsFilesController extends Controller
     */
    public function show($componentId = null, $fileId = null)
    {
-        \Log::debug('Private filesystem is: '.config('filesystems.default'));
+        Log::debug('Private filesystem is: '.config('filesystems.default'));
        $component = Component::find($componentId);

        // the component is valid
@@ -126,8 +127,8 @@ class ComponentsFilesController extends Controller
            $file = 'private_uploads/components/'.$log->filename;

            if (Storage::missing($file)) {
-                \Log::debug('FILE DOES NOT EXISTS for '.$file);
-                \Log::debug('URL should be '.Storage::url($file));
+                Log::debug('FILE DOES NOT EXISTS for '.$file);
+                Log::debug('URL should be '.Storage::url($file));

                return response('File '.$file.' ('.Storage::url($file).') not found on server', 404)
                    ->header('Content-Type', 'text/plain');
--- a/app/Http/Controllers/Consumables/ConsumableCheckoutController.php
+++ b/app/Http/Controllers/Consumables/ConsumableCheckoutController.php
@@ -71,8 +71,14 @@ class ConsumableCheckoutController extends Controller

        $this->authorize('checkout', $consumable);

+        // If the quantity is not present in the request or is not a positive integer, set it to 1
+        $quantity = $request->input('qty');
+        if (!isset($quantity) || !ctype_digit((string)$quantity) || $quantity <= 0) {
+            $quantity = 1;
+        }
+
        // Make sure there is at least one available to checkout
-        if ($consumable->numRemaining() <= 0) {
+        if ($consumable->numRemaining() <= 0 || $quantity > $consumable->numRemaining()) {
            return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.checkout.unavailable'));
        }

@@ -88,13 +94,14 @@ class ConsumableCheckoutController extends Controller
        // Update the consumable data
        $consumable->assigned_to = e($request->input('assigned_to'));

+        for($i = 0; $i < $quantity; $i++){
        $consumable->users()->attach($consumable->id, [
            'consumable_id' => $consumable->id,
            'user_id' => $admin_user->id,
            'assigned_to' => e($request->input('assigned_to')),
            'note' => $request->input('note'),
        ]);
-
+        }
        event(new CheckoutableCheckedOut($consumable, $user, Auth::user(), $request->input('note')));

        // Redirect to the new consumable page
--- a/app/Http/Controllers/Consumables/ConsumablesFilesController.php
+++ b/app/Http/Controllers/Consumables/ConsumablesFilesController.php
@@ -10,7 +10,7 @@ use App\Models\Consumable;
 use Illuminate\Support\Facades\Response;
 use Illuminate\Support\Facades\Storage;
 use Symfony\Consumable\HttpFoundation\JsonResponse;
-
+use Illuminate\Support\Facades\Log;
 class ConsumablesFilesController extends Controller
 {
    /**
@@ -83,7 +83,7 @@ class ConsumablesFilesController extends Controller
                try {
                    Storage::delete('consumables/'.$log->filename);
                } catch (\Exception $e) {
-                    \Log::debug($e);
+                    Log::debug($e);
                }
            }

@@ -124,8 +124,8 @@ class ConsumablesFilesController extends Controller
            $file = 'private_uploads/consumables/'.$log->filename;

            if (Storage::missing($file)) {
-                \Log::debug('FILE DOES NOT EXISTS for '.$file);
-                \Log::debug('URL should be '.Storage::url($file));
+                Log::debug('FILE DOES NOT EXISTS for '.$file);
+                Log::debug('URL should be '.Storage::url($file));

                return response('File '.$file.' ('.Storage::url($file).') not found on server', 404)
                    ->header('Content-Type', 'text/plain');
--- a/app/Http/Controllers/Controller.php
+++ b/app/Http/Controllers/Controller.php
@@ -22,7 +22,7 @@

 namespace App\Http\Controllers;

-use Auth;
+use Illuminate\Support\Facades\Auth;
 use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
 use Illuminate\Foundation\Bus\DispatchesJobs;
 use Illuminate\Foundation\Validation\ValidatesRequests;
--- a/app/Http/Controllers/CustomFieldsController.php
+++ b/app/Http/Controllers/CustomFieldsController.php
@@ -8,7 +8,6 @@ use App\Models\CustomField;
 use App\Models\CustomFieldset;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Http\Request;
-use Redirect;

 /**
 * This controller handles all actions related to Custom Asset Fields for
--- a/app/Http/Controllers/CustomFieldsetsController.php
+++ b/app/Http/Controllers/CustomFieldsetsController.php
@@ -86,7 +86,7 @@ class CustomFieldsetsController extends Controller
     * @author [Brady Wetherington] [<uberbrady@gmail.com>]
     * @since [v1.8]
     * @param Request $request
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function store(Request $request)
@@ -126,7 +126,7 @@ class CustomFieldsetsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param  int  $id
     * @since [v6.0.14]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function edit($id)
@@ -147,7 +147,7 @@ class CustomFieldsetsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param  int  $id
     * @since [v6.0.14]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function update(Request $request, $id)
--- a/app/Http/Controllers/DepartmentsController.php
+++ b/app/Http/Controllers/DepartmentsController.php
@@ -7,6 +7,7 @@ use App\Models\Department;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Storage;
+use Illuminate\Support\Facades\Log;

 class DepartmentsController extends Controller
 {
@@ -129,7 +130,7 @@ class DepartmentsController extends Controller
            try {
                Storage::disk('public')->delete('departments'.'/'.$department->image);
            } catch (\Exception $e) {
-                \Log::debug($e);
+                Log::debug($e);
            }
        }
        $department->delete();
--- a/app/Http/Controllers/GoogleAuthController.php
+++ b/app/Http/Controllers/GoogleAuthController.php
@@ -8,7 +8,7 @@ use Illuminate\Support\Facades\Auth;
 use Laravel\Socialite\Facades\Socialite;
 use Laravel\Socialite\Two\InvalidStateException;
 use App\Models\Setting;
-
+use Illuminate\Support\Facades\Log;

 class GoogleAuthController extends Controller
 {
@@ -34,9 +34,9 @@ class GoogleAuthController extends Controller
    {
        try {
            $socialUser = Socialite::driver('google')->user();
-            \Log::debug('Google user found in Google Workspace');
+            Log::debug('Google user found in Google Workspace');
        } catch (InvalidStateException $exception) {
-            \Log::debug('Google user NOT found in Google Workspace');
+            Log::debug('Google user NOT found in Google Workspace');
            return redirect()->route('login')
                ->withErrors(
                    [
@@ -52,7 +52,7 @@ class GoogleAuthController extends Controller


        if ($user) {
-            \Log::debug('Google user '.$socialUser->getEmail().' found in Snipe-IT');
+            Log::debug('Google user '.$socialUser->getEmail().' found in Snipe-IT');
            $user->update([
                'avatar'   => $socialUser->avatar,
            ]);
@@ -61,7 +61,7 @@ class GoogleAuthController extends Controller
            return redirect()->route('home');
        }

-        \Log::debug('Google user '.$socialUser->getEmail().' NOT found in Snipe-IT');
+        Log::debug('Google user '.$socialUser->getEmail().' NOT found in Snipe-IT');
        return redirect()->route('login')
            ->withErrors(
                [
--- a/app/Http/Controllers/GroupsController.php
+++ b/app/Http/Controllers/GroupsController.php
@@ -5,7 +5,7 @@ namespace App\Http\Controllers;
 use App\Helpers\Helper;
 use App\Models\Group;
 use Illuminate\Http\Request;
-use Auth;
+use Illuminate\Support\Facades\Auth;

 /**
 * This controller handles all actions related to User Groups for
--- a/app/Http/Controllers/Kits/CheckoutKitController.php
+++ b/app/Http/Controllers/Kits/CheckoutKitController.php
@@ -48,7 +48,7 @@ class CheckoutKitController extends Controller
     * Validate and process the new Predefined Kit data.
     *
     * @author [D. Minaev.] [<dmitriy.minaev.v@gmail.com>]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function store(Request $request, $kit_id)
    {
--- a/app/Http/Controllers/Kits/PredefinedKitsController.php
+++ b/app/Http/Controllers/Kits/PredefinedKitsController.php
@@ -47,7 +47,7 @@ class PredefinedKitsController extends Controller
     * Validate and process the new Predefined Kit data.
     *
     * @author [D. Minaev] [<dmitriy.minaev.v@gmail.com>]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function store(ImageUploadRequest $request)
    {
@@ -95,7 +95,7 @@ class PredefinedKitsController extends Controller
     * @author [D. Minaev] [<dmitriy.minaev.v@gmail.com>]
     * @since [v1.0]
     * @param int $kit_id
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function update(ImageUploadRequest $request, $kit_id = null)
    {
@@ -122,7 +122,7 @@ class PredefinedKitsController extends Controller
     * @author [D. Minaev] [<dmitriy.minaev.v@gmail.com>]
     * @since [v1.0]
     * @param int $kit_id
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function destroy($kit_id)
    {
--- a/app/Http/Controllers/Licenses/LicenseCheckinController.php
+++ b/app/Http/Controllers/Licenses/LicenseCheckinController.php
@@ -13,6 +13,7 @@ use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Input;
 use Illuminate\Support\Facades\Session;
 use Illuminate\Support\Facades\Validator;
+use Illuminate\Support\Facades\Log;

 class LicenseCheckinController extends Controller
 {
@@ -145,7 +146,7 @@ class LicenseCheckinController extends Controller
            $user_seat->assigned_to = null;

            if ($user_seat->save()) {
-                \Log::debug('Checking in '.$license->name.' from user '.$user_seat->username);
+                Log::debug('Checking in '.$license->name.' from user '.$user_seat->username);
                $user_seat->logCheckin($user_seat->user, trans('admin/licenses/general.bulk.checkin_all.log_msg'));
            }
        }
@@ -160,7 +161,7 @@ class LicenseCheckinController extends Controller
            $asset_seat->asset_id = null;

            if ($asset_seat->save()) {
-                \Log::debug('Checking in '.$license->name.' from asset '.$asset_seat->asset_tag);
+                Log::debug('Checking in '.$license->name.' from asset '.$asset_seat->asset_tag);
                $asset_seat->logCheckin($asset_seat->asset, trans('admin/licenses/general.bulk.checkin_all.log_msg'));
                $count++;
            }
--- a/app/Http/Controllers/Licenses/LicenseCheckoutController.php
+++ b/app/Http/Controllers/Licenses/LicenseCheckoutController.php
@@ -11,6 +11,7 @@ use App\Models\License;
 use App\Models\LicenseSeat;
 use App\Models\User;
 use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Log;

 class LicenseCheckoutController extends Controller
 {
@@ -155,16 +156,16 @@ class LicenseCheckoutController extends Controller

    public function bulkCheckout($licenseId) {

-        \Log::debug('Checking out '.$licenseId.' via bulk');
+        Log::debug('Checking out '.$licenseId.' via bulk');
        $license = License::findOrFail($licenseId);
        $this->authorize('checkin', $license);
        $avail_count = $license->getAvailSeatsCountAttribute();

        $users = User::whereNull('deleted_at')->where('autoassign_licenses', '=', 1)->with('licenses')->get();
-        \Log::debug($avail_count.' will be assigned');
+        Log::debug($avail_count.' will be assigned');

        if ($users->count() > $avail_count) {
-            \Log::debug('You do not have enough free seats to complete this task, so we will check out as many as we can. ');
+            Log::debug('You do not have enough free seats to complete this task, so we will check out as many as we can. ');
        }

        // If the license is valid, check that there is an available seat
@@ -179,7 +180,7 @@ class LicenseCheckoutController extends Controller

            // Check to make sure this user doesn't already have this license checked out to them
            if ($user->licenses->where('id', '=', $licenseId)->count()) {
-                \Log::debug($user->username.' already has this license checked out to them. Skipping... ');
+                Log::debug($user->username.' already has this license checked out to them. Skipping... ');
                continue;
            }

@@ -192,7 +193,7 @@ class LicenseCheckoutController extends Controller
                $avail_count--;
                $assigned_count++;
                $licenseSeat->logCheckout(trans('admin/licenses/general.bulk.checkout_all.log_msg'), $user);
-                \Log::debug('License '.$license->name.' seat '.$licenseSeat->id.' checked out to '.$user->username);
+                Log::debug('License '.$license->name.' seat '.$licenseSeat->id.' checked out to '.$user->username);
            }

            if ($avail_count ==  0) {
--- a/app/Http/Controllers/Licenses/LicenseFilesController.php
+++ b/app/Http/Controllers/Licenses/LicenseFilesController.php
@@ -7,9 +7,8 @@ use App\Http\Controllers\Controller;
 use App\Http\Requests\UploadFileRequest;
 use App\Models\Actionlog;
 use App\Models\License;
-use Illuminate\Support\Facades\Response;
 use Illuminate\Support\Facades\Storage;
-use Symfony\Component\HttpFoundation\JsonResponse;
+use Illuminate\Support\Facades\Log;

 class LicenseFilesController extends Controller
 {
@@ -20,7 +19,7 @@ class LicenseFilesController extends Controller
     * @param int $licenseId
     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
-     *@author [A. Gianotto] [<snipe@snipe.net>]
+     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
     * @todo Switch to using the AssetFileRequest form request validator.
     */
@@ -78,7 +77,7 @@ class LicenseFilesController extends Controller
                    try {
                        Storage::delete('licenses/'.$log->filename);
                    } catch (\Exception $e) {
-                        \Log::debug($e);
+                        Log::debug($e);
                    }
                }
                
@@ -121,8 +120,8 @@ class LicenseFilesController extends Controller
            $file = 'private_uploads/licenses/'.$log->filename;

            if (Storage::missing($file)) {
-                \Log::debug('NOT EXISTS for '.$file);
-                \Log::debug('NOT EXISTS URL should be '.Storage::url($file));
+                Log::debug('NOT EXISTS for '.$file);
+                Log::debug('NOT EXISTS URL should be '.Storage::url($file));

                return response('File '.$file.' ('.Storage::url($file).') not found on server', 404)
                    ->header('Content-Type', 'text/plain');
--- a/app/Http/Controllers/Licenses/LicensesController.php
+++ b/app/Http/Controllers/Licenses/LicensesController.php
@@ -360,7 +360,7 @@ class LicensesController extends Controller
                            $license->order_number,
                            $license->free_seat_count,
                            $license->seats,
-                            $license->adminuser->present()->fullName(),
+                            ($license->adminuser ? $license->adminuser->present()->fullName() : trans('admin/reports/general.deleted_user')),
                            $license->depreciation ? $license->depreciation->name: '',
                            $license->updated_at,
                            $license->deleted_at,
--- a/app/Http/Controllers/LocationsController.php
+++ b/app/Http/Controllers/LocationsController.php
@@ -9,6 +9,7 @@ use App\Models\User;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Log;

 /**
 * This controller handles all actions related to Locations for
@@ -186,7 +187,7 @@ class LocationsController extends Controller
            try {
                Storage::disk('public')->delete('locations/'.$location->image);
            } catch (\Exception $e) {
-                \Log::error($e);
+                Log::error($e);
            }
        }
        $location->delete();
@@ -341,8 +342,8 @@ class LocationsController extends Controller
                }
            }

-            \Log::debug('Success count: '.$success_count);
-            \Log::debug('Error count: '.$error_count);
+            Log::debug('Success count: '.$success_count);
+            Log::debug('Error count: '.$error_count);
            // Complete success
            if ($success_count == count($locations_raw_array)) {
                return redirect()
--- a/app/Http/Controllers/ManufacturersController.php
+++ b/app/Http/Controllers/ManufacturersController.php
@@ -12,6 +12,7 @@ use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Storage;
 use Redirect;
+use Illuminate\Support\Facades\Log;

 /**
 * This controller handles all actions related to Manufacturers for
@@ -174,7 +175,7 @@ class ManufacturersController extends Controller
            try {
                Storage::disk('public')->delete('manufacturers/'.$manufacturer->image);
            } catch (\Exception $e) {
-                \Log::info($e);
+                Log::info($e);
            }
        }

@@ -219,7 +220,7 @@ class ManufacturersController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.1.15]
     * @param int $manufacturers_id
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function restore($id)
--- a/app/Http/Controllers/ProfileController.php
+++ b/app/Http/Controllers/ProfileController.php
@@ -3,7 +3,6 @@
 namespace App\Http\Controllers;

 use App\Http\Requests\ImageUploadRequest;
-use App\Models\Asset;
 use App\Models\Setting;
 use App\Models\User;
 use App\Notifications\CurrentInventory;
@@ -11,10 +10,6 @@ use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Gate;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Hash;
-use Illuminate\Support\Facades\Storage;
-use Image;
-use Redirect;
-use View;

 /**
 * This controller handles all actions related to User Profiles for
@@ -33,8 +28,8 @@ class ProfileController extends Controller
     */
    public function getIndex()
    {
+        $this->authorize('self.profile');
        $user = Auth::user();
-
        return view('account/profile', compact('user'));
    }

@@ -47,6 +42,7 @@ class ProfileController extends Controller
     */
    public function postIndex(ImageUploadRequest $request)
    {
+        $this->authorize('self.profile');
        $user = Auth::user();
        $user->first_name = $request->input('first_name');
        $user->last_name = $request->input('last_name');
@@ -72,7 +68,7 @@ class ProfileController extends Controller


        if ($user->save()) {
-            return redirect()->route('profile')->with('success', 'Account successfully updated');
+            return redirect()->route('profile')->with('success', trans('account/general.profile_updated'));
        }

        return redirect()->back()->withInput()->withErrors($user->getErrors());
@@ -87,11 +83,9 @@ class ProfileController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
-     * @return View
     */
-    public function api()
+    public function api(): \Illuminate\Contracts\View\View
    {
-
        // Make sure the self.api permission has been granted
        if (!Gate::allows('self.api')) {
            abort(403);
@@ -115,7 +109,7 @@ class ProfileController extends Controller
    /**
     * Users change password form processing page.
     *
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function passwordSave(Request $request)
    {
--- a/app/Http/Controllers/ReportsController.php
+++ b/app/Http/Controllers/ReportsController.php
@@ -19,11 +19,11 @@ use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Notification;
 use Illuminate\Support\Facades\Response;
 use Illuminate\Support\Facades\View;
-use Input;
 use League\Csv\Reader;
 use Symfony\Component\HttpFoundation\StreamedResponse;
 use League\Csv\EscapeFormula;
 use App\Http\Requests\CustomAssetReportRequest;
+use Illuminate\Support\Facades\Log;


 /**
@@ -235,7 +235,7 @@ class ReportsController extends Controller

        \Debugbar::disable();
        $response = new StreamedResponse(function () {
-            \Log::debug('Starting streamed response');
+            Log::debug('Starting streamed response');

            // Open output stream
            $handle = fopen('php://output', 'w');
@@ -259,16 +259,16 @@ class ReportsController extends Controller

            ];
            $executionTime = microtime(true) - $_SERVER['REQUEST_TIME_FLOAT'];
-            \Log::debug('Starting headers: '.$executionTime);
+            Log::debug('Starting headers: '.$executionTime);
            fputcsv($handle, $header);
            $executionTime = microtime(true) - $_SERVER['REQUEST_TIME_FLOAT'];
-            \Log::debug('Added headers: '.$executionTime);
+            Log::debug('Added headers: '.$executionTime);

            $actionlogs = Actionlog::with('item', 'user', 'target', 'location')
                ->orderBy('created_at', 'DESC')
                ->chunk(20, function ($actionlogs) use ($handle) {
                    $executionTime = microtime(true) - $_SERVER['REQUEST_TIME_FLOAT'];
-                \Log::debug('Walking results: '.$executionTime);
+                Log::debug('Walking results: '.$executionTime);
                $count = 0;

                foreach ($actionlogs as $actionlog) {
@@ -312,7 +312,7 @@ class ReportsController extends Controller
            // Close the output stream
            fclose($handle);
            $executionTime = microtime(true) - $_SERVER['REQUEST_TIME_FLOAT'];
-            \Log::debug('-- SCRIPT COMPLETED IN '.$executionTime);
+            Log::debug('-- SCRIPT COMPLETED IN '.$executionTime);
        }, 200, [
            'Content-Type' => 'text/csv',
            'Content-Disposition' => 'attachment; filename="activity-report-'.date('Y-m-d-his').'.csv"',
@@ -425,8 +425,8 @@ class ReportsController extends Controller
        \Debugbar::disable();
        $customfields = CustomField::get();
        $response = new StreamedResponse(function () use ($customfields, $request) {
-            \Log::debug('Starting streamed response');
-            \Log::debug('CSV escaping is set to: '.config('app.escape_formulas'));
+            Log::debug('Starting streamed response');
+            Log::debug('CSV escaping is set to: '.config('app.escape_formulas'));

            // Open output stream
            $handle = fopen('php://output', 'w');
@@ -627,10 +627,10 @@ class ReportsController extends Controller
            }

            $executionTime = microtime(true) - $_SERVER['REQUEST_TIME_FLOAT'];
-            \Log::debug('Starting headers: '.$executionTime);
+            Log::debug('Starting headers: '.$executionTime);
            fputcsv($handle, $header);
            $executionTime = microtime(true) - $_SERVER['REQUEST_TIME_FLOAT'];
-            \Log::debug('Added headers: '.$executionTime);
+            Log::debug('Added headers: '.$executionTime);

            $assets = Asset::select('assets.*')->with(
                'location', 'assetstatus', 'company', 'defaultLoc', 'assignedTo',
@@ -732,11 +732,11 @@ class ReportsController extends Controller
                $assets->onlyTrashed();
            }

-            \Log::debug($assets->toSql());
+            Log::debug($assets->toSql());
            $assets->orderBy('assets.id', 'ASC')->chunk(20, function ($assets) use ($handle, $customfields, $request) {
            
                $executionTime = microtime(true) - $_SERVER['REQUEST_TIME_FLOAT'];
-                \Log::debug('Walking results: '.$executionTime);
+                Log::debug('Walking results: '.$executionTime);
                $count = 0;

                $formatter = new EscapeFormula("`");
@@ -933,7 +933,7 @@ class ReportsController extends Controller
                            $diff = ($asset->purchase_cost - $depreciation);
                        $row[] = Helper::formatCurrencyOutput($depreciation);
                        $row[] = Helper::formatCurrencyOutput($diff);
-                        $row[] = ($asset->depreciation) ? $asset->depreciated_date()->format('Y-m-d') : '';
+                        $row[] = (($asset->depreciation) && ($asset->depreciated_date())) ? $asset->depreciated_date()->format('Y-m-d') : '';
                    }

                    if ($request->filled('checkout_date')) {
@@ -996,14 +996,14 @@ class ReportsController extends Controller
                    }

                    $executionTime = microtime(true) - $_SERVER['REQUEST_TIME_FLOAT'];
-                    \Log::debug('-- Record '.$count.' Asset ID:'.$asset->id.' in '.$executionTime);
+                    Log::debug('-- Record '.$count.' Asset ID:'.$asset->id.' in '.$executionTime);
                }
            });

            // Close the output stream
            fclose($handle);
            $executionTime = microtime(true) - $_SERVER['REQUEST_TIME_FLOAT'];
-            \Log::debug('-- SCRIPT COMPLETED IN '.$executionTime);
+            Log::debug('-- SCRIPT COMPLETED IN '.$executionTime);
        }, 200, [
            'Content-Type' => 'text/csv',
            'Content-Disposition' => 'attachment; filename="custom-assets-report-'.date('Y-m-d-his').'.csv"',
@@ -1141,23 +1141,23 @@ class ReportsController extends Controller
        $this->authorize('reports.view');

        if (!$acceptance = CheckoutAcceptance::pending()->find($request->input('acceptance_id'))) {
-            \Log::debug('No pending acceptances');
+            Log::debug('No pending acceptances');
            // Redirect to the unaccepted assets report page with error
            return redirect()->route('reports/unaccepted_assets')->with('error', trans('general.bad_data'));
        }

        $assetItem = $acceptance->checkoutable;

-        \Log::debug(print_r($assetItem, true));
+        Log::debug(print_r($assetItem, true));

        if (is_null($acceptance->created_at)){
-            \Log::debug('No acceptance created_at');
+            Log::debug('No acceptance created_at');
            return redirect()->route('reports/unaccepted_assets')->with('error', trans('general.bad_data'));
        } else {
            $logItem_res = $assetItem->checkouts()->where('created_at', '=', $acceptance->created_at)->get();

            if ($logItem_res->isEmpty()){
-                \Log::debug('Acceptance date mismatch');
+                Log::debug('Acceptance date mismatch');
                return redirect()->route('reports/unaccepted_assets')->with('error', trans('general.bad_data'));
            }
            $logItem = $logItem_res[0];
--- a/app/Http/Controllers/SettingsController.php
+++ b/app/Http/Controllers/SettingsController.php
@@ -14,22 +14,22 @@ use App\Models\Asset;
 use App\Models\User;
 use App\Notifications\FirstAdminNotification;
 use App\Notifications\MailTest;
-use Auth;
-use Crypt;
-use DB;
-use enshrined\svgSanitize\Sanitizer;
+use Illuminate\Http\Client\HttpClientException;
 use Illuminate\Http\Request;
+use Illuminate\Support\Facades\App;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Validation\Rule;
-use Image;
-use Input;
 use Redirect;
-use Response;
-use App\Http\Requests\SlackSettingsRequest;
 use Illuminate\Support\Str;
 use Illuminate\Support\Facades\Artisan;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Crypt;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\File;
+use Illuminate\Support\Facades\Http;
+use Illuminate\Support\Facades\Log;
+use Illuminate\Support\Facades\URL;
 use Illuminate\Support\Facades\Validator;
-use Carbon\Carbon;

 /**
 * This controller handles all actions related to Settings for
@@ -68,47 +68,15 @@ class SettingsController extends Controller
            $start_settings['db_error'] = $e->getMessage();
        }

-        if (array_key_exists("HTTP_X_FORWARDED_PROTO", $_SERVER)) {
-            $protocol = $_SERVER["HTTP_X_FORWARDED_PROTO"] . "://";
-        } elseif (array_key_exists('HTTPS', $_SERVER) && ('on' == $_SERVER['HTTPS'])) {
-            $protocol = "https://";
-        } else {
-            $protocol = "http://";
-        }
-
-        if (array_key_exists("HTTP_X_FORWARDED_HOST", $_SERVER)) {
-            $host = $_SERVER["HTTP_X_FORWARDED_HOST"];
-        } else {
-            $host = array_key_exists('SERVER_NAME', $_SERVER) ? $_SERVER['SERVER_NAME'] : null;
-            $port = array_key_exists('SERVER_PORT', $_SERVER) ? $_SERVER['SERVER_PORT'] : null;
-            if (('http://' === $protocol && '80' != $port) || ('https://' === $protocol && '443' != $port)) {
-                $host .= ':'.$port;
-            }
-        }
-        $pageURL = $protocol.$host.$_SERVER['REQUEST_URI'];
-
-        $start_settings['url_config'] = config('app.url').'/setup';
-        $start_settings['url_valid'] = ($start_settings['url_config'] === $pageURL);
-        $start_settings['real_url'] = $pageURL;
+        $start_settings['url_config'] = trim(config('app.url'), '/'). '/setup';
+        $start_settings['real_url']  = request()->url();
+        $start_settings['url_valid'] = $start_settings['url_config'] === $start_settings['real_url'];
        $start_settings['php_version_min'] = true;

        // Curl the .env file to make sure it's not accessible via a browser
-        $ch = curl_init($protocol.$host.'/.env');
-        curl_setopt($ch, CURLOPT_HEADER, true);    // we want headers
-        curl_setopt($ch, CURLOPT_NOBODY, true);    // we don't need body
-        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
-        curl_setopt($ch, CURLOPT_TIMEOUT, 10);
-        $output = curl_exec($ch);
-        $httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
-        curl_close($ch);
+        $start_settings['env_exposed'] = $this->dotEnvFileIsExposed();

-        if (404 == $httpcode || 403 == $httpcode || 0 == $httpcode) {
-            $start_settings['env_exposed'] = false;
-        } else {
-            $start_settings['env_exposed'] = true;
-        }
-
-        if (\App::Environment('production') && (true == config('app.debug'))) {
+        if (App::Environment('production') && (true == config('app.debug'))) {
            $start_settings['debug_exposed'] = true;
        } else {
            $start_settings['debug_exposed'] = false;
@@ -139,17 +107,7 @@ class SettingsController extends Controller
            $start_settings['owner_is_admin'] = false;
        }

-        if ((is_writable(storage_path()))
-            && (is_writable(storage_path().'/framework'))
-            && (is_writable(storage_path().'/framework/cache'))
-            && (is_writable(storage_path().'/framework/sessions'))
-            && (is_writable(storage_path().'/framework/views'))
-            && (is_writable(storage_path().'/logs'))
-        ) {
-            $start_settings['writable'] = true;
-        } else {
-            $start_settings['writable'] = false;
-        }
+        $start_settings['writable'] = $this->storagePathIsWritable();

        $start_settings['gd'] = extension_loaded('gd');

@@ -159,6 +117,38 @@ class SettingsController extends Controller
            ->with('section', 'Pre-Flight Check');
    }

+    /**
+     * Determine if the .env file accessible via a browser.
+     *
+     * @return bool This method will return true when exceptions (such as curl exception) is thrown.
+     * Check the log files to see more details about the exception.
+     */
+    protected function dotEnvFileIsExposed()
+    {
+        try {
+            return Http::timeout(10)
+                ->accept('*/*')
+                ->get(URL::to('.env'))
+                ->successful();
+        } catch (HttpClientException $e) {
+            Log::debug($e->getMessage());
+            return true;
+        }
+    }
+
+    /**
+     * Determine if the app storage path is writable.
+     */
+    protected function storagePathIsWritable(): bool
+    {
+        return File::isWritable(storage_path())                  &&
+            File::isWritable(storage_path('framework'))          &&
+            File::isWritable(storage_path('framework/cache'))    &&
+            File::isWritable(storage_path('framework/sessions')) &&
+            File::isWritable(storage_path('framework/views'))    &&
+            File::isWritable(storage_path('logs'));
+    }
+
    /**
     * Save the first admin user from Setup.
     *
@@ -166,7 +156,7 @@ class SettingsController extends Controller
     *
     * @since [v3.0]
     *
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function postSaveFirstAdmin(SetupUserRequest $request)
    {
@@ -358,12 +348,11 @@ class SettingsController extends Controller
        }

        $setting->default_eula_text = $request->input('default_eula_text');
-        $setting->load_remote = $request->input('load_remote', 0);
        $setting->thumbnail_max_h = $request->input('thumbnail_max_h');
        $setting->privacy_policy_link = $request->input('privacy_policy_link');
-
        $setting->depreciation_method = $request->input('depreciation_method');
        $setting->dash_chart_type = $request->input('dash_chart_type');
+        $setting->profile_edit = $request->input('profile_edit', 0);

        if ($request->input('per_page') != '') {
            $setting->per_page = $request->input('per_page');
@@ -403,10 +392,11 @@ class SettingsController extends Controller
     *
     * @since [v1.0]
     *
-     * @return View
+     * @return \Illuminate\Contracts\View\View | \Illuminate\Http\RedirectResponse
     */
    public function postBranding(ImageUploadRequest $request)
    {
+        // Something has gone horribly wrong - no settings record exists!
        if (is_null($setting = Setting::getSettings())) {
            return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
        }
@@ -417,51 +407,75 @@ class SettingsController extends Controller
        $setting->version_footer = $request->input('version_footer');
        $setting->footer_text = $request->input('footer_text');
        $setting->skin = $request->input('skin');
-        $setting->allow_user_skin = $request->input('allow_user_skin');
+        $setting->allow_user_skin = $request->input('allow_user_skin', '0');
        $setting->show_url_in_emails = $request->input('show_url_in_emails', '0');
        $setting->logo_print_assets = $request->input('logo_print_assets', '0');
+        $setting->load_remote = $request->input('load_remote', 0);

-        // Only allow the site name and CSS to be changed if lock_passwords is false
+        // Only allow the site name, images, and CSS to be changed if lock_passwords is false
        // Because public demos make people act like dicks

-        if (! config('app.lock_passwords')) {
-            $setting->site_name = $request->input('site_name');
+        if (!config('app.lock_passwords')) {
+
+            if ($request->has('site_name')) {
+                $request->validate(['site_name' => 'required']);
+            }
+
+            $setting->site_name = $request->input('site_name', 'Snipe-IT');
            $setting->custom_css = $request->input('custom_css');
+
+            // Logo upload
            $setting = $request->handleImages($setting, 600, 'logo', '', 'logo');

-            if ('1' == $request->input('clear_logo')) {
-                Storage::disk('public')->delete($setting->logo);
+            if ($request->input('clear_logo') == '1') {
+
+                if (($setting->logo) && (Storage::exists($setting->logo))) {
+                    Storage::disk('public')->delete($setting->logo);
+                }
                $setting->logo = null;
                $setting->brand = 1;
            }

-
+            // Email logo upload
            $setting = $request->handleImages($setting, 600, 'email_logo', '', 'email_logo');
+            if ($request->input('clear_email_logo') == '1') {

-
-            if ('1' == $request->input('clear_email_logo')) {
-                Storage::disk('public')->delete($setting->email_logo);
+                if (($setting->email_logo) && (Storage::exists($setting->email_logo))) {
+                    Storage::disk('public')->delete($setting->email_logo);
+                }
                $setting->email_logo = null;
                // If they are uploading an image, validate it and upload it
            }

-
+             // Label logo upload
            $setting = $request->handleImages($setting, 600, 'label_logo', '', 'label_logo');
+            if ($request->input('clear_label_logo') == '1') {

-            if ('1' == $request->input('clear_label_logo')) {
-                Storage::disk('public')->delete($setting->label_logo);
+                if (($setting->label_logo) && (Storage::exists($setting->label_logo))) {
+                    Storage::disk('public')->delete($setting->label_logo);
+                }
                $setting->label_logo = null;
            }

-
-            $setting = $request->handleImages($setting, 600, 'favicon', '', 'favicon');
-
-            // If the user wants to clear the favicon...
+            // Favicon upload
+            $setting = $request->handleImages($setting, 100, 'favicon', '', 'favicon');
            if ('1' == $request->input('clear_favicon')) {
-                Storage::disk('public')->delete($setting->favicon);
+
+                if (($setting->favicon) && (Storage::exists($setting->favicon))) {
+                    Storage::disk('public')->delete($setting->favicon);
+                }
                $setting->favicon = null;
            }

+            // Default avatar upload
+            $setting = $request->handleImages($setting, 500, 'default_avatar', 'avatars', 'default_avatar');
+            if ($request->input('clear_default_avatar') == '1') {
+
+                if (($setting->default_avatar) && (Storage::exists('avatars/'.$setting->default_avatar))) {
+                    Storage::disk('public')->delete('avatars/'.$setting->default_avatar);
+                }
+                $setting->default_avatar = null;
+            }
        }

        if ($setting->save()) {
@@ -641,9 +655,9 @@ class SettingsController extends Controller
                    ['next_audit_date' => DB::raw('DATE_ADD(next_audit_date, INTERVAL '.$audit_diff_months.' MONTH)')]
            );

-            \Log::debug($affected .' assets affected by audit interval update');
+            Log::debug($affected .' assets affected by audit interval update');
+

-            
        }

        $alert_email = rtrim($request->input('alert_email'), ',');
@@ -969,8 +983,6 @@ class SettingsController extends Controller
            $setting->ldap_dept = $request->input('ldap_dept');
            $setting->ldap_client_tls_cert   = $request->input('ldap_client_tls_cert');
            $setting->ldap_client_tls_key    = $request->input('ldap_client_tls_key');
-
-
        }

        if ($setting->save()) {
@@ -1114,11 +1126,9 @@ class SettingsController extends Controller
                        'filesize' => Setting::fileSizeConvert(Storage::size($backup_files[$f])),
                        'modified_value' => $file_timestamp,
                        'modified_display' => date($settings->date_display_format.' '.$settings->time_display_format, $file_timestamp),
-                        
+
                    ];
                }
-
-               
            }
        }

@@ -1135,7 +1145,7 @@ class SettingsController extends Controller
     *
     * @since [v1.8]
     *
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function postBackups()
    {
@@ -1210,9 +1220,8 @@ class SettingsController extends Controller
                        Storage::delete($path . '/' . $filename);
                        return redirect()->route('settings.backups.index')->with('success', trans('admin/settings/message.backup.file_deleted'));
                    } catch (\Exception $e) {
-                        \Log::debug($e);
+                        Log::debug($e);
                    }
-
                } else {
                    return redirect()->route('settings.backups.index')->with('error', trans('admin/settings/message.backup.file_not_found'));
                }
@@ -1222,7 +1231,7 @@ class SettingsController extends Controller
        }

        // Hell to the no
-        \Log::warning('User ID '.Auth::user()->id.' is attempting to delete backup file '.$filename.' and is not authorized to.');
+        Log::warning('User ID '.Auth::user()->id.' is attempting to delete backup file '.$filename.' and is not authorized to.');
        return redirect()->route('settings.backups.index')->with('error', trans('general.backup_delete_not_allowed'));
    }

@@ -1234,7 +1243,7 @@ class SettingsController extends Controller
     *
     * @since [v6.0]
     *
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */

    public function postUploadBackup(Request $request) {
@@ -1254,20 +1263,15 @@ class SettingsController extends Controller
                        $upload_filename = 'uploaded-'.date('U').'-'.Str::slug(pathinfo($request->file('file')->getClientOriginalName(), PATHINFO_FILENAME)).'.zip';

                        Storage::putFileAs('app/backups', $request->file('file'), $upload_filename);
-            
+
                        return redirect()->route('settings.backups.index')->with('success', 'File uploaded');
                }

                return redirect()->route('settings.backups.index')->withErrors($validator);
-
            }
-
        } else {
            return redirect()->route('settings.backups.index')->with('error', trans('general.feature_disabled'));
-        }    
-
-        
-        
+        }
    }

    /**
@@ -1281,7 +1285,7 @@ class SettingsController extends Controller
     */
    public function postRestore($filename = null)
    {
-        
+
        if (! config('app.lock_passwords')) {
            $path = 'app/backups';

@@ -1297,13 +1301,13 @@ class SettingsController extends Controller
                    '--force' => true,
                ]);

-                \Log::debug('Attempting to restore from: '. storage_path($path).'/'.$filename);
+                Log::debug('Attempting to restore from: '. storage_path($path).'/'.$filename);

                // run the restore command
-                Artisan::call('snipeit:restore', 
+                Artisan::call('snipeit:restore',
                [
-                    '--force' => true, 
-                    '--no-progress' => true, 
+                    '--force' => true,
+                    '--no-progress' => true,
                    'filename' => storage_path($path).'/'.$filename
                ]);

@@ -1311,29 +1315,28 @@ class SettingsController extends Controller
                $output = Artisan::output();

                /* Run migrations */
-                \Log::debug('Migrating database...');
+                Log::debug('Migrating database...');
                Artisan::call('migrate', ['--force' => true]);
                $migrate_output = Artisan::output();
-                \Log::debug($migrate_output);
+                Log::debug($migrate_output);

                $find_user = DB::table('users')->where('username', $user->username)->exists();
-                
+
                if (!$find_user){
-                    \Log::warning('Attempting to restore user: ' . $user->username);
+                    Log::warning('Attempting to restore user: ' . $user->username);
                    $new_user = $user->replicate();
                    $new_user->push();
                } else {
-                    \Log::debug('User: ' . $user->username .' already exists.');
+                    Log::debug('User: ' . $user->username .' already exists.');
                }

-                \Log::debug('Logging all users out..');
+                Log::debug('Logging all users out..');
                Artisan::call('snipeit:global-logout', ['--force' => true]);

                DB::table('users')->update(['remember_token' => null]);
-                \Auth::logout();
+                Auth::logout();

                return redirect()->route('login')->with('success', 'Your system has been restored. Please login again.');
-                
            } else {
                return redirect()->route('settings.backups.index')->with('error', trans('admin/settings/message.backup.file_not_found'));
            }
@@ -1354,14 +1357,13 @@ class SettingsController extends Controller
    public function getPurge()
    {

-        \Log::warning('User '.Auth::user()->username.' (ID'.Auth::user()->id.') is attempting a PURGE');
+        Log::warning('User '.Auth::user()->username.' (ID'.Auth::user()->id.') is attempting a PURGE');

        if (config('app.allow_purge')=='true') {
            return view('settings.purge-form');
        }

        return redirect()->route('settings.index')->with('error', trans('general.purge_not_allowed'));
-
    }

    /**
@@ -1375,16 +1377,16 @@ class SettingsController extends Controller
     */
    public function postPurge(Request $request)
    {
-        \Log::warning('User '.Auth::user()->username.' (ID'.Auth::user()->id.') is attempting a PURGE');
+        Log::warning('User '.Auth::user()->username.' (ID'.Auth::user()->id.') is attempting a PURGE');

        if (config('app.allow_purge')=='true') {
-            \Log::debug('Purging is not allowed via the .env');
+            Log::debug('Purging is not allowed via the .env');

            if (!config('app.lock_passwords')) {

                if ($request->input('confirm_purge')=='DELETE') {

-                    \Log::warning('User ID ' . Auth::user()->id . ' initiated a PURGE!');
+                    Log::warning('User ID ' . Auth::user()->id . ' initiated a PURGE!');
                    // Run a backup immediately before processing
                    Artisan::call('backup:run');
                    Artisan::call('snipeit:purge', ['--force' => 'true', '--no-interaction' => true]);
@@ -1392,7 +1394,6 @@ class SettingsController extends Controller

                    return redirect()->route('settings.index')
                        ->with('output', $output)->with('success', trans('admin/settings/message.purge.success'));
-
                } else {
                    return redirect()->route('settings.purge.index')
                        ->with('error', trans('admin/settings/message.purge.validation_failed'));
@@ -1403,7 +1404,7 @@ class SettingsController extends Controller
            }
        }

-        \Log::error('User '.Auth::user()->username.' (ID'.Auth::user()->id.') is attempting to purge deleted data and is not authorized to.');
+        Log::error('User '.Auth::user()->username.' (ID'.Auth::user()->id.') is attempting to purge deleted data and is not authorized to.');


        // Nope.
@@ -1435,7 +1436,7 @@ class SettingsController extends Controller
     *
     * @since [v3.0]
     *
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function ajaxTestEmail()
    {
@@ -1446,7 +1447,7 @@ class SettingsController extends Controller
            ])->notify(new MailTest());

            return response()->json(Helper::formatStandardApiResponse('success', null, 'Maiol sent!'));
-        } catch (Exception $e) {
+        } catch (\Exception $e) {
            return response()->json(Helper::formatStandardApiResponse('success', null, $e->getMessage()));
        }
    }
--- a/Show More
+++ b/Show More