Bumped version for master

Signed-off-by: snipe <snipe@snipe.net>
Merge remote-tracking branch 'origin/develop'
2024-10-02 12:41:31 +01:00 · 2024-10-02 12:40:59 +01:00 · 2024-10-02 12:40:49 +01:00 · 2024-10-02 12:40:45 +01:00 · 2024-10-02 12:38:46 +01:00 · 2024-10-02 11:05:06 +01:00
1774 changed files with 18256 additions and 9472 deletions
--- a/.all-contributorsrc
+++ b/.all-contributorsrc
@@ -3172,6 +3172,51 @@
      "contributions": [
        "code"
      ]
+    },
+    {
+      "login": "arne-kroeger",
+      "name": "arne-kroeger",
+      "avatar_url": "https://avatars.githubusercontent.com/u/65785975?v=4",
+      "profile": "https://github.com/arne-kroeger",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "Glukose1",
+      "name": "Glukose1",
+      "avatar_url": "https://avatars.githubusercontent.com/u/167117705?v=4",
+      "profile": "https://github.com/Glukose1",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "Scarzy",
+      "name": "Scarzy",
+      "avatar_url": "https://avatars.githubusercontent.com/u/1197791?v=4",
+      "profile": "https://github.com/Scarzy",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "setpill",
+      "name": "setpill",
+      "avatar_url": "https://avatars.githubusercontent.com/u/37372069?v=4",
+      "profile": "https://github.com/setpill",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "swift2512",
+      "name": "swift2512",
+      "avatar_url": "https://avatars.githubusercontent.com/u/3755203?v=4",
+      "profile": "https://github.com/swift2512",
+      "contributions": [
+        "bug"
+      ]
    }
  ]
 }
--- a/.env.dev.docker
+++ b/.env.dev.docker
@@ -1,6 +1,8 @@
 # --------------------------------------------
 # REQUIRED: DB SETUP
 # --------------------------------------------
+# https://mariadb.com/kb/en/mariadb-server-docker-official-image-environment-variables/
+
 MYSQL_DATABASE=snipeit
 MYSQL_USER=snipeit
 MYSQL_PASSWORD=changeme1234
--- a/.env.example
+++ b/.env.example
@@ -32,6 +32,8 @@ DB_PREFIX=null
 DB_DUMP_PATH='/usr/bin'
 DB_CHARSET=utf8mb4
 DB_COLLATION=utf8mb4_unicode_ci
+DB_SANITIZE_BY_DEFAULT=false
+

 # --------------------------------------------
 # OPTIONAL: SSL DATABASE SETTINGS
--- a/.github/stale.yml
+++ b/.github/stale.yml
@@ -1,43 +0,0 @@
-# Number of days of inactivity before an issue becomes stale
-daysUntilStale: 60
-# Number of days of inactivity before a stale issue is closed
-daysUntilClose: 7
-# Issues with these labels will never be considered stale
-exemptLabels:
-  - pinned
-  - security
-  - :woman_technologist: ready for dev
-  - :moneybag: bounty
-  - :hand: bug
-  - "🔐 security"
-  - "👩‍💻 ready for dev"
-  - "💰 bounty"
-  - "✋ bug"
-
-exemptMilestones: true
-
-# Label to use when marking an issue as stale
-staleLabel: stale
-
-only: issues
-
-# Comment to post when removing the stale label.
-unmarkComment: >
-  Okay, it looks like this issue or feature request might still be important. We'll re-open
-  it for now. Thank you for letting us know!
-
-# Comment to post when marking an issue as stale. Set to `false` to disable
-markComment: >
-  Is this still relevant? We haven't heard from anyone in a bit. If so,
-  please comment with any updates or additional detail.
-
-  This issue has been automatically marked as stale because it has not had
-  recent activity. It will be closed if no further activity occurs. Don't
-  take it personally, we just need to keep a handle on things. Thank you
-  for your contributions!
-# Comment to post when closing a stale issue. Set to `false` to disable
-closeComment: >
-  This issue has been automatically closed because it has not had
-  recent activity. If you believe this is still an issue, please confirm that
-  this issue is still happening in the most recent version of Snipe-IT and reply
-  to this thread to re-open it.
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@@ -0,0 +1,40 @@
+name: 'Close stale issues'
+on:
+  schedule:
+    - cron: '30 1 * * *'
+
+jobs:
+  stale:
+    runs-on: ubuntu-latest
+    permissions:
+      #  contents: write # only for delete-branch option
+      issues: write
+      #  pull-requests: write
+    steps:
+      - uses: actions/stale@v9
+        with:
+          debug-only: true
+          ascending: true
+          operations-per-run: 1000 # just while we're debugging
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+          days-before-stale: 60
+          days-before-close: 7
+          exempt-all-milestones: true
+          stale-issue-message: >
+            Is this still relevant? We haven't heard from anyone in a bit. If so,
+            please comment with any updates or additional detail.
+            
+            This issue has been automatically marked as stale because it has not had
+            recent activity. It will be closed if no further activity occurs. Don't
+            take it personally, we just need to keep a handle on things. Thank you
+            for your contributions!
+          close-issue-message: >
+            This issue has been automatically closed because it has not had
+            recent activity. If you believe this is still an issue, please confirm that
+            this issue is still happening in the most recent version of Snipe-IT and reply
+            to this thread to re-open it.
+          # There doesn't seem to be a 'reopen issue message'?
+          # Since there is no 'stale-pr-message' - PR's should not be stale'd
+          stale-issue-label: stale
+          exempt-issue-labels: >
+            pinned,security,:woman_technologist: ready for dev,:moneybag: bounty,:hand: bug,🔐 security,👩‍💻 ready for dev,💰 bounty,✋ bug
--- a/.gitignore
+++ b/.gitignore
@@ -47,6 +47,7 @@ storage/private_uploads/users/*
 tests/_data/scenarios
 tests/_output/*
 tests/_support/_generated/*
+tests/coverage/*
 /npm-debug.log
 /storage/oauth-private.key
 /storage/oauth-public.key
@@ -68,3 +69,5 @@ _ide_helper_models.php
 storage/ldap_client_tls.cert
 storage/ldap_client_tls.key
 /storage/framework/testing
+
+/.phpunit.cache
--- a/CONTRIBUTORS.md
+++ b/CONTRIBUTORS.md
@@ -51,7 +51,8 @@ Thanks goes to all of these wonderful people ([emoji key](https://github.com/ken
 | [<img src="https://avatars.githubusercontent.com/u/111287779?v=4" width="110px;"/><br /><sub>NojoudAlshehri</sub>](https://github.com/NojoudAlshehri)<br />[💻](https://github.com/snipe/snipe-it/commits?author=NojoudAlshehri "Code") | [<img src="https://avatars.githubusercontent.com/u/54367449?v=4" width="110px;"/><br /><sub>Stefan Stidl</sub>](https://github.com/stefanstidlffg)<br />[💻](https://github.com/snipe/snipe-it/commits?author=stefanstidlffg "Code") | [<img src="https://avatars.githubusercontent.com/u/87803479?v=4" width="110px;"/><br /><sub>Quentin Aymard</sub>](https://github.com/qay21)<br />[💻](https://github.com/snipe/snipe-it/commits?author=qay21 "Code") | [<img src="https://avatars.githubusercontent.com/u/5396871?v=4" width="110px;"/><br /><sub>Grant Le Roux</sub>](https://github.com/cram42)<br />[💻](https://github.com/snipe/snipe-it/commits?author=cram42 "Code") | [<img src="https://avatars.githubusercontent.com/u/58479551?v=4" width="110px;"/><br /><sub>Bogdan</sub>](http://@singrity)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Singrity "Code") | [<img src="https://avatars.githubusercontent.com/u/3483684?v=4" width="110px;"/><br /><sub>mmanjos</sub>](https://github.com/mmanjos)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mmanjos "Code") | [<img src="https://avatars.githubusercontent.com/u/7429229?v=4" width="110px;"/><br /><sub>Abdelaziz Faki</sub>](https://azooz2014.github.io/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Azooz2014 "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/47315739?v=4" width="110px;"/><br /><sub>bilias</sub>](https://github.com/bilias)<br />[💻](https://github.com/snipe/snipe-it/commits?author=bilias "Code") | [<img src="https://avatars.githubusercontent.com/u/2565989?v=4" width="110px;"/><br /><sub>coach1988</sub>](https://github.com/coach1988)<br />[💻](https://github.com/snipe/snipe-it/commits?author=coach1988 "Code") | [<img src="https://avatars.githubusercontent.com/u/11910225?v=4" width="110px;"/><br /><sub>MrM</sub>](https://github.com/mauro-miatello)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mauro-miatello "Code") | [<img src="https://avatars.githubusercontent.com/u/60405354?v=4" width="110px;"/><br /><sub>koiakoia</sub>](https://github.com/koiakoia)<br />[💻](https://github.com/snipe/snipe-it/commits?author=koiakoia "Code") | [<img src="https://avatars.githubusercontent.com/u/5323832?v=4" width="110px;"/><br /><sub>Mustafa Online</sub>](https://github.com/mustafa-online)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mustafa-online "Code") | [<img src="https://avatars.githubusercontent.com/u/104601439?v=4" width="110px;"/><br /><sub>franceslui</sub>](https://github.com/franceslui)<br />[💻](https://github.com/snipe/snipe-it/commits?author=franceslui "Code") | [<img src="https://avatars.githubusercontent.com/u/125313163?v=4" width="110px;"/><br /><sub>Q4kK</sub>](https://github.com/Q4kK)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Q4kK "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/55590532?v=4" width="110px;"/><br /><sub>squintfox</sub>](https://github.com/squintfox)<br />[💻](https://github.com/snipe/snipe-it/commits?author=squintfox "Code") | [<img src="https://avatars.githubusercontent.com/u/1380084?v=4" width="110px;"/><br /><sub>Jeff Clay</sub>](https://github.com/jeffclay)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jeffclay "Code") | [<img src="https://avatars.githubusercontent.com/u/52716446?v=4" width="110px;"/><br /><sub>Phil J R</sub>](https://github.com/PP-JN-RL)<br />[💻](https://github.com/snipe/snipe-it/commits?author=PP-JN-RL "Code") | [<img src="https://avatars.githubusercontent.com/u/1496725?v=4" width="110px;"/><br /><sub>i_virus</sub>](https://www.corelight.com/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=chandanchowdhury "Code") | [<img src="https://avatars.githubusercontent.com/u/1020541?v=4" width="110px;"/><br /><sub>Paul Grime</sub>](https://github.com/gitgrimbo)<br />[💻](https://github.com/snipe/snipe-it/commits?author=gitgrimbo "Code") | [<img src="https://avatars.githubusercontent.com/u/922815?v=4" width="110px;"/><br /><sub>Lee Porte</sub>](https://leeporte.co.uk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=LeePorte "Code") | [<img src="https://avatars.githubusercontent.com/u/23613427?v=4" width="110px;"/><br /><sub>BRYAN </sub>](https://github.com/bryanlopezinc)<br />[💻](https://github.com/snipe/snipe-it/commits?author=bryanlopezinc "Code") [⚠️](https://github.com/snipe/snipe-it/commits?author=bryanlopezinc "Tests") |
-| [<img src="https://avatars.githubusercontent.com/u/64061710?v=4" width="110px;"/><br /><sub>U-H-T</sub>](https://github.com/U-H-T)<br />[💻](https://github.com/snipe/snipe-it/commits?author=U-H-T "Code") | [<img src="https://avatars.githubusercontent.com/u/5395363?v=4" width="110px;"/><br /><sub>Matt Tyree</sub>](https://github.com/Tyree)<br />[📖](https://github.com/snipe/snipe-it/commits?author=Tyree "Documentation") | [<img src="https://avatars.githubusercontent.com/u/292081?v=4" width="110px;"/><br /><sub>Florent Bervas</sub>](http://spoontux.net)<br />[💻](https://github.com/snipe/snipe-it/commits?author=FlorentDotMe "Code") | [<img src="https://avatars.githubusercontent.com/u/4498077?v=4" width="110px;"/><br /><sub>Daniel Albertsen</sub>](https://ditscheri.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=dbakan "Code") | [<img src="https://avatars.githubusercontent.com/u/100710244?v=4" width="110px;"/><br /><sub>r-xyz</sub>](https://github.com/r-xyz)<br />[💻](https://github.com/snipe/snipe-it/commits?author=r-xyz "Code") | [<img src="https://avatars.githubusercontent.com/u/47491036?v=4" width="110px;"/><br /><sub>Steven Mainor</sub>](https://github.com/DrekiDegga)<br />[💻](https://github.com/snipe/snipe-it/commits?author=DrekiDegga "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/64061710?v=4" width="110px;"/><br /><sub>U-H-T</sub>](https://github.com/U-H-T)<br />[💻](https://github.com/snipe/snipe-it/commits?author=U-H-T "Code") | [<img src="https://avatars.githubusercontent.com/u/5395363?v=4" width="110px;"/><br /><sub>Matt Tyree</sub>](https://github.com/Tyree)<br />[📖](https://github.com/snipe/snipe-it/commits?author=Tyree "Documentation") | [<img src="https://avatars.githubusercontent.com/u/292081?v=4" width="110px;"/><br /><sub>Florent Bervas</sub>](http://spoontux.net)<br />[💻](https://github.com/snipe/snipe-it/commits?author=FlorentDotMe "Code") | [<img src="https://avatars.githubusercontent.com/u/4498077?v=4" width="110px;"/><br /><sub>Daniel Albertsen</sub>](https://ditscheri.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=dbakan "Code") | [<img src="https://avatars.githubusercontent.com/u/100710244?v=4" width="110px;"/><br /><sub>r-xyz</sub>](https://github.com/r-xyz)<br />[💻](https://github.com/snipe/snipe-it/commits?author=r-xyz "Code") | [<img src="https://avatars.githubusercontent.com/u/47491036?v=4" width="110px;"/><br /><sub>Steven Mainor</sub>](https://github.com/DrekiDegga)<br />[💻](https://github.com/snipe/snipe-it/commits?author=DrekiDegga "Code") | [<img src="https://avatars.githubusercontent.com/u/65785975?v=4" width="110px;"/><br /><sub>arne-kroeger</sub>](https://github.com/arne-kroeger)<br />[💻](https://github.com/snipe/snipe-it/commits?author=arne-kroeger "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/167117705?v=4" width="110px;"/><br /><sub>Glukose1</sub>](https://github.com/Glukose1)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Glukose1 "Code") | [<img src="https://avatars.githubusercontent.com/u/1197791?v=4" width="110px;"/><br /><sub>Scarzy</sub>](https://github.com/Scarzy)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Scarzy "Code") | [<img src="https://avatars.githubusercontent.com/u/37372069?v=4" width="110px;"/><br /><sub>setpill</sub>](https://github.com/setpill)<br />[💻](https://github.com/snipe/snipe-it/commits?author=setpill "Code") | [<img src="https://avatars.githubusercontent.com/u/3755203?v=4" width="110px;"/><br /><sub>swift2512</sub>](https://github.com/swift2512)<br />[🐛](https://github.com/snipe/snipe-it/issues?q=author%3Aswift2512 "Bug reports") |
 <!-- ALL-CONTRIBUTORS-LIST:END -->

 This project follows the [all-contributors](https://github.com/kentcdodds/all-contributors) specification. Contributions of any kind welcome!
--- a/Dockerfile.alpine
+++ b/Dockerfile.alpine
@@ -79,12 +79,12 @@ USER root

 VOLUME ["/var/lib/snipeit"]

-# Entrypoints
-COPY docker/entrypoint_alpine.sh /entrypoint.sh
-RUN chmod +x /entrypoint.sh
+# Startup script
+COPY docker/startup_alpine.sh /startup.sh
+RUN chmod +x /startup.sh

 ENTRYPOINT ["/sbin/tini", "--"]

-CMD ["/entrypoint.sh"]
+CMD ["/startup.sh"]

 EXPOSE 80
--- a/Dockerfile.fpm-alpine
+++ b/Dockerfile.fpm-alpine
@@ -97,7 +97,7 @@ RUN set -eux; \
 VOLUME [ "/var/lib/snipeit" ]

 COPY --chown=www-data:www-data docker/docker-secrets.env /var/www/html/.env
-COPY --chmod=655 docker/docker-entrypoint.sh /usr/local/bin/docker-snipeit-entrypoint
+COPY --chmod=655 docker/startup_alpine_fpm.sh /startup.sh
 COPY docker/column-statistics.cnf /etc/mysql/conf.d/column-statistics.cnf
-ENTRYPOINT [ "/usr/local/bin/docker-snipeit-entrypoint" ]
-CMD [ "/usr/local/bin/docker-php-entrypoint", "php-fpm" ]
+ENTRYPOINT [ "/startup.sh" ]
+CMD [ "/startup.sh", "php-fpm" ]
--- a/README.md
+++ b/README.md
@@ -72,12 +72,13 @@ Since the release of the JSON REST API, several third-party developers have been
 - [Snipe-IT plugin for Jira Service Desk](https://marketplace.atlassian.com/apps/1220964/snipe-it-for-jira)
 - [Python 3 CSV importer](https://github.com/gastamper/snipeit-csvimporter) - allows importing assets into Snipe-IT based on Item Name rather than Asset Tag.
 - [Snipe-IT Kubernetes Helm Chart](https://github.com/t3n/helm-charts/tree/master/snipeit) - For more information, [click here](https://hub.helm.sh/charts/t3n/snipeit).
- [Snipe-IT Bulk Edit](https://github.com/bricelabelle/snipe-it-bulkedit) - Google Script files to use Google Sheets as a bulk checkout/checkin/edit tool for Snipe-it.
- [MosyleSnipeSync](https://github.com/RodneyLeeBrands/MosyleSnipeSync) by [@Karpadiem](https://github.com/Karpadiem) - Python script to synchronize information between Mosyle and Snipe-IT
+- [Snipe-IT Bulk Edit](https://github.com/bricelabelle/snipe-it-bulkedit) - Google Script files to use Google Sheets as a bulk checkout/checkin/edit tool for Snipe-IT.
+- [MosyleSnipeSync](https://github.com/RodneyLeeBrands/MosyleSnipeSync) by [@Karpadiem](https://github.com/Karpadiem) - Python script to synchronize information between Mosyle and Snipe-IT.
 - [WWW::SnipeIT](https://github.com/SEDC/perl-www-snipeit) by [@SEDC](https://github.com/SEDC) - perl module for accessing the API
 - [UniFi to Snipe-IT](https://github.com/RodneyLeeBrands/UnifiSnipeSync) by [@karpadiem](https://github.com/karpadiem) - Python script that synchronizes UniFi devices with Snipe-IT.
 - [Kandji2Snipe](https://github.com/grokability/kandji2snipe) by [@briangoldstein](https://github.com/briangoldstein) - Python script that synchronizes Kandji with Snipe-IT.
- [SnipeAgent](https://github.com/ReticentRobot/SnipeAgent) by @ReticentRobot - Windows agent for Snipe-IT
+- [SnipeAgent](https://github.com/ReticentRobot/SnipeAgent) by [@ReticentRobot](https://github.com/ReticentRobot) - Windows agent for Snipe-IT.
+- [Gate Pass Generator](https://github.com/cha7uraAE/snipe-it-gate-pass-system) by [@cha7uraAE](https://github.com/cha7uraAE) - A Streamlit application for generating gate passes based on hardware data from a Snipe-IT API.

 -----

--- a/app/Console/Commands/FixupAssignedToWithoutAssignedType.php
+++ b/app/Console/Commands/FixupAssignedToWithoutAssignedType.php
@@ -0,0 +1,66 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\Asset;
+use Illuminate\Console\Command;
+
+class FixupAssignedToWithoutAssignedType extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:assigned-to-fixup
+                            {--debug : Display debugging output}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Fixes up assets that have an assigned_to but no assigned_type';
+
+    /**
+     * Execute the console command.
+     */
+    public function handle()
+    {
+        $assets = Asset::whereNull("assigned_type")->whereNotNull("assigned_to")->withTrashed();
+        $this->withProgressBar($assets->get(), function (Asset $asset) {
+            //now check each action log, from the most recent backwards, to find the last checkin or checkout
+            foreach($asset->log()->orderBy("id","desc")->get() as $action_log) {
+                if($this->option("debug")) {
+                    $this->info("Asset id: " . $asset->id . " action log, action type is: " . $action_log->action_type);
+                }
+                switch($action_log->action_type) {
+                    case 'checkin from':
+                        if($this->option("debug")) {
+                            $this->info("Doing a checkin for ".$asset->id);
+                        }
+                        $asset->assigned_to = null;
+                        // if you have a required custom field, we still want to save, and we *don't* want an action_log
+                        $asset->saveQuietly();
+                        return;
+
+                    case 'checkout':
+                        if($this->option("debug")) {
+                            $this->info("Doing a checkout for " . $asset->id . " picking target type: " . $action_log->target_type);
+                        }
+                        if($asset->assigned_to != $action_log->target_id) {
+                            $this->error("Asset's assigned_to does *NOT* match Action Log's target_id. \$asset->assigned_to=".$asset->assigned_to." vs. \$action_log->target_id=".$action_log->target_id);
+                            //FIXME - do we abort here? Do we try to keep looking? I don't know, this means your data is *really* messed up...
+                        }
+                        $asset->assigned_type = $action_log->target_type;
+                        $asset->saveQuietly(); // see above
+                        return;
+                }
+            }
+            $asset->assigned_to = null; //asset was never checked in or out in its lifetime - it stays 'checked in'
+            $asset->saveQuietly(); //see above
+        });
+        $this->newLine();
+        $this->info("Assets assigned_type are fixed");
+    }
+}
--- a/app/Console/Commands/LdapSync.php
+++ b/app/Console/Commands/LdapSync.php
@@ -53,18 +53,22 @@ class LdapSync extends Command

        ini_set('max_execution_time', env('LDAP_TIME_LIM', 600)); //600 seconds = 10 minutes
        ini_set('memory_limit', env('LDAP_MEM_LIM', '500M'));
-        $ldap_result_username = Setting::getSettings()->ldap_username_field;
-        $ldap_result_last_name = Setting::getSettings()->ldap_lname_field;
-        $ldap_result_first_name = Setting::getSettings()->ldap_fname_field;
-        $ldap_result_active_flag = Setting::getSettings()->ldap_active_flag;
-        $ldap_result_emp_num = Setting::getSettings()->ldap_emp_num;
-        $ldap_result_email = Setting::getSettings()->ldap_email;
-        $ldap_result_phone = Setting::getSettings()->ldap_phone_field;
-        $ldap_result_jobtitle = Setting::getSettings()->ldap_jobtitle;
-        $ldap_result_country = Setting::getSettings()->ldap_country;
-        $ldap_result_location = Setting::getSettings()->ldap_location;
-        $ldap_result_dept = Setting::getSettings()->ldap_dept;
-        $ldap_result_manager = Setting::getSettings()->ldap_manager;
+
+        $ldap_map = [
+            "username" => Setting::getSettings()->ldap_username_field,
+            "last_name" => Setting::getSettings()->ldap_lname_field,
+            "first_name" => Setting::getSettings()->ldap_fname_field,
+            "active_flag" => Setting::getSettings()->ldap_active_flag,
+            "emp_num" => Setting::getSettings()->ldap_emp_num,
+            "email" => Setting::getSettings()->ldap_email,
+            "phone" => Setting::getSettings()->ldap_phone_field,
+            "jobtitle" => Setting::getSettings()->ldap_jobtitle,
+            "country" => Setting::getSettings()->ldap_country,
+            "location" => Setting::getSettings()->ldap_location,
+            "dept" => Setting::getSettings()->ldap_dept,
+            "manager" => Setting::getSettings()->ldap_manager,
+        ];
+
        $ldap_default_group = Setting::getSettings()->ldap_default_group;
        $search_base = Setting::getSettings()->ldap_base_dn;

@@ -107,14 +111,21 @@ class LdapSync extends Command
            }

            /**
-             * If a filter has been specified, use that
+             * If a filter has been specified, use that, otherwise default to null
             */
            if ($this->option('filter') != '') {
-                $results = Ldap::findLdapUsers($search_base, -1, $this->option('filter'));
+                $filter = $this->option('filter');
            } else {
-                $results = Ldap::findLdapUsers($search_base);
+                $filter = null;
            }
-            
+
+            /**
+             * We only need to request the LDAP attributes that we process
+             */
+            $attributes = array_values(array_filter($ldap_map));
+
+            $results = Ldap::findLdapUsers($search_base, -1, $filter, $attributes);
+
        } catch (\Exception $e) {
            if ($this->option('json_summary')) {
                $json_summary = ['error' => true, 'error_message' => $e->getMessage(), 'summary' => []];
@@ -183,17 +194,17 @@ class LdapSync extends Command
                }
                $usernames = [];
                for ($i = 0; $i < $location_users['count']; $i++) {
-                    if (array_key_exists($ldap_result_username, $location_users[$i])) {
+                    if (array_key_exists($ldap_map["username"], $location_users[$i])) {
                        $location_users[$i]['ldap_location_override'] = true;
                        $location_users[$i]['location_id'] = $ldap_loc['id'];
-                        $usernames[] = $location_users[$i][$ldap_result_username][0];
+                        $usernames[] = $location_users[$i][$ldap_map["username"]][0];
                    }
                }

                // Delete located users from the general group.
                foreach ($results as $key => $generic_entry) {
-                    if ((is_array($generic_entry)) && (array_key_exists($ldap_result_username, $generic_entry))) {
-                        if (in_array($generic_entry[$ldap_result_username][0], $usernames)) {
+                    if ((is_array($generic_entry)) && (array_key_exists($ldap_map["username"], $generic_entry))) {
+                        if (in_array($generic_entry[$ldap_map["username"]][0], $usernames)) {
                            unset($results[$key]);
                        }
                    }
@@ -219,22 +230,22 @@ class LdapSync extends Command

        for ($i = 0; $i < $results['count']; $i++) {
                $item = [];
-                $item['username'] = $results[$i][$ldap_result_username][0] ?? '';
-                $item['employee_number'] = $results[$i][$ldap_result_emp_num][0] ?? '';
-                $item['lastname'] = $results[$i][$ldap_result_last_name][0] ?? '';
-                $item['firstname'] = $results[$i][$ldap_result_first_name][0] ?? '';
-                $item['email'] = $results[$i][$ldap_result_email][0] ?? '';
+                $item['username'] = $results[$i][$ldap_map["username"]][0] ?? '';
+                $item['employee_number'] = $results[$i][$ldap_map["emp_num"]][0] ?? '';
+                $item['lastname'] = $results[$i][$ldap_map["last_name"]][0] ?? '';
+                $item['firstname'] = $results[$i][$ldap_map["first_name"]][0] ?? '';
+                $item['email'] = $results[$i][$ldap_map["email"]][0] ?? '';
                $item['ldap_location_override'] = $results[$i]['ldap_location_override'] ?? '';
                $item['location_id'] = $results[$i]['location_id'] ?? '';
-                $item['telephone'] = $results[$i][$ldap_result_phone][0] ?? '';
-                $item['jobtitle'] = $results[$i][$ldap_result_jobtitle][0] ?? '';
-                $item['country'] = $results[$i][$ldap_result_country][0] ?? '';
-                $item['department'] = $results[$i][$ldap_result_dept][0] ?? '';
-                $item['manager'] = $results[$i][$ldap_result_manager][0] ?? '';
-                $item['location'] = $results[$i][$ldap_result_location][0] ?? '';
+                $item['telephone'] = $results[$i][$ldap_map["phone"]][0] ?? '';
+                $item['jobtitle'] = $results[$i][$ldap_map["jobtitle"]][0] ?? '';
+                $item['country'] = $results[$i][$ldap_map["country"]][0] ?? '';
+                $item['department'] = $results[$i][$ldap_map["dept"]][0] ?? '';
+                $item['manager'] = $results[$i][$ldap_map["manager"]][0] ?? '';
+                $item['location'] = $results[$i][$ldap_map["location"]][0] ?? '';

                // ONLY if you are using the "ldap_location" option *AND* you have an actual result
-                if ($ldap_result_location && $item['location']) {
+                if ($ldap_map["location"] && $item['location']) {
                        $location = Location::firstOrCreate([
                                'name' => $item['location'],
                        ]);
@@ -257,38 +268,38 @@ class LdapSync extends Command
                }

            //If a sync option is not filled in on the LDAP settings don't populate the user field
-            if($ldap_result_username  != null){
+            if($ldap_map["username"]  != null){
                $user->username = $item['username'];
            }
-            if($ldap_result_last_name != null){
+            if($ldap_map["last_name"] != null){
                $user->last_name = $item['lastname'];
            }
-            if($ldap_result_first_name != null){
+            if($ldap_map["first_name"] != null){
                $user->first_name = $item['firstname'];
            }
-            if($ldap_result_emp_num  != null){
+            if($ldap_map["emp_num"]  != null){
                $user->employee_num = e($item['employee_number']);
            }
-            if($ldap_result_email != null){
+            if($ldap_map["email"] != null){
                $user->email = $item['email'];
            }
-            if($ldap_result_phone != null){
+            if($ldap_map["phone"] != null){
                $user->phone = $item['telephone'];
            }
-            if($ldap_result_jobtitle != null){
+            if($ldap_map["jobtitle"] != null){
                $user->jobtitle = $item['jobtitle'];
            }
-            if($ldap_result_country != null){
+            if($ldap_map["country"] != null){
                $user->country = $item['country'];
            }
-            if($ldap_result_dept  != null){
+            if($ldap_map["dept"]  != null){
                $user->department_id = $department->id;
            }
-            if($ldap_result_location != null){
+            if($ldap_map["location"] != null){
                $user->location_id = $location ? $location->id : null;
            }

-            if($ldap_result_manager != null){
+            if($ldap_map["manager"] != null){
                if($item['manager'] != null) {
                    // Check Cache first
                    if (isset($manager_cache[$item['manager']])) {
@@ -305,7 +316,7 @@ class LdapSync extends Command
                            $ldap_manager = [
                                "count" => 1,
                                0 => [
-                                    $ldap_result_username => [$item['manager']]
+                                    $ldap_map["username"] => [$item['manager']]
                                ]
                            ];
                        }
@@ -314,7 +325,7 @@ class LdapSync extends Command

                            // Get the Manager's username
                            // PHP LDAP returns every LDAP attribute as an array, and 90% of the time it's an array of just one item. But, hey, it's an array.
-                            $ldapManagerUsername = $ldap_manager[0][$ldap_result_username][0];
+                            $ldapManagerUsername = $ldap_manager[0][$ldap_map["username"]][0];

                            // Get User from Manager username.
                            $ldap_manager = User::where('username', $ldapManagerUsername)->first();
@@ -331,10 +342,10 @@ class LdapSync extends Command
            }

                // Sync activated state for Active Directory.
-                if ( !empty($ldap_result_active_flag)) { // IF we have an 'active' flag set....
+                if ( !empty($ldap_map["active_flag"])) { // IF we have an 'active' flag set....
                    // ....then *most* things that are truthy will activate the user. Anything falsey will deactivate them.
                    // (Specifically, we don't handle a value of '0.0' correctly)
-                    $raw_value = @$results[$i][$ldap_result_active_flag][0];
+                    $raw_value = @$results[$i][$ldap_map["active_flag"]][0];
                    $filter_var = filter_var($raw_value, FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE);
                    $boolean_cast = (bool)$raw_value;

--- a/app/Console/Commands/Purge.php
+++ b/app/Console/Commands/Purge.php
@@ -3,6 +3,7 @@
 namespace App\Console\Commands;

 use App\Models\Accessory;
+use App\Models\Actionlog;
 use App\Models\Asset;
 use App\Models\AssetModel;
 use App\Models\Category;
@@ -15,6 +16,8 @@ use App\Models\Statuslabel;
 use App\Models\Supplier;
 use App\Models\User;
 use Illuminate\Console\Command;
+use Illuminate\Support\Facades\Log;
+use Illuminate\Support\Facades\Storage;

 class Purge extends Command
 {
@@ -141,6 +144,20 @@ class Purge extends Command
            $this->info($users->count().' users purged.');
            $user_assoc = 0;
            foreach ($users as $user) {
+
+                $rel_path = 'private_uploads/users';
+                $filenames = Actionlog::where('action_type', 'uploaded')
+                    ->where('item_id', $user->id)
+                    ->pluck('filename');
+                foreach($filenames as $filename) {
+                    try {
+                        if (Storage::exists($rel_path . '/' . $filename)) {
+                            Storage::delete($rel_path . '/' . $filename);
+                        }
+                    } catch (\Exception $e) {
+                        Log::info('An error occurred while deleting files: ' . $e->getMessage());
+                    }
+                }
                $this->info('- User "'.$user->username.'" deleted.');
                $user_assoc += $user->userlog()->count();
                $user->userlog()->forceDelete();
--- a/app/Console/Commands/RemoveExplicitEols.php
+++ b/app/Console/Commands/RemoveExplicitEols.php
@@ -0,0 +1,60 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\Asset;
+use App\Models\AssetModel;
+use Illuminate\Console\Command;
+
+class RemoveExplicitEols extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:remove-explicit-eols {--model_name= : The name of the asset model to update (use "all" to update all models)}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Removes explicit EOLs on assets with selected model so they may inherit the asset model EOL';
+
+    /**
+     * Execute the console command.
+     */
+    public function handle()
+    {
+        $startTime = microtime(true);
+
+        if ($this->option('model_name') == 'all') {
+            $assets = Asset::all();
+            $this->updateAssets($assets);
+        } else {
+            $assetModel = AssetModel::where('name', '=', $this->option('model_name'))->first();
+
+            if ($assetModel) {
+                $assets = Asset::where('model_id', '=', $assetModel->id)->get();
+                $this->updateAssets($assets);
+            } else {
+                $this->error('Asset model not found');
+            }
+        }
+        $endTime = microtime(true);
+        $executionTime = ($endTime - $startTime);
+        $this->info('Command executed in ' . round($executionTime, 2) . ' seconds.');
+    }
+
+    private function updateAssets($assets)
+    {
+        foreach ($assets as $asset) {
+            $asset->eol_explicit = 0;
+            $asset->asset_eol_date = null;
+            $asset->save();
+        }
+
+        $this->info($assets->count() . ' Assets updated successfully');
+    }
+}
--- a/app/Console/Commands/RestoreFromBackup.php
+++ b/app/Console/Commands/RestoreFromBackup.php
@@ -92,7 +92,7 @@ class SQLStreamer {
        $parser->line_aware_piping(); // <----- THIS is doing the heavy lifting!

        $check_tables = ['settings' => null, 'migrations' => null /* 'assets' => null */]; //TODO - move to statics?
-        //can't use 'users' because the 'accessories_users' table?
+        //can't use 'users' because the 'accessories_checkout' table?
        // can't use 'assets' because 'ver1_components_assets'
        foreach($check_tables as $check_table => $_ignore) {
            foreach ($parser->tablenames as $tablename => $_count) {
--- a/app/Console/Commands/SendAcceptanceReminder.php
+++ b/app/Console/Commands/SendAcceptanceReminder.php
@@ -47,7 +47,8 @@ class SendAcceptanceReminder extends Command
    {
        $pending = CheckoutAcceptance::pending()->where('checkoutable_type', 'App\Models\Asset')
                                                ->whereHas('checkoutable', function($query) {
-                                                    $query->where('archived', 0);
+                                                    $query->where('accepted_at', null)
+                                                          ->where('declined_at', null);
                                                })
                                                ->with(['assignedTo', 'checkoutable.assignedTo', 'checkoutable.model', 'checkoutable.adminuser'])
                                                ->get();
--- a/app/Helpers/Helper.php
+++ b/app/Helpers/Helper.php
@@ -721,7 +721,7 @@ class Helper
    {
        $alert_threshold = \App\Models\Setting::getSettings()->alert_threshold;
        $consumables = Consumable::withCount('consumableAssignments as consumable_assignments_count')->whereNotNull('min_amt')->get();
-        $accessories = Accessory::withCount('users as users_count')->whereNotNull('min_amt')->get();
+        $accessories = Accessory::withCount('checkouts as checkouts_count')->whereNotNull('min_amt')->get();
        $components = Component::whereNotNull('min_amt')->get();
        $asset_models = AssetModel::where('min_amt', '>', 0)->get();
        $licenses = License::where('min_amt', '>', 0)->get();
@@ -749,7 +749,7 @@ class Helper
        }

        foreach ($accessories as $accessory) {
-            $avail = $accessory->qty - $accessory->users_count;
+            $avail = $accessory->qty - $accessory->checkouts_count;
            if ($avail < ($accessory->min_amt) + $alert_threshold) {
                if ($accessory->qty > 0) {
                    $percent = number_format((($avail / $accessory->qty) * 100), 0);
--- a/app/Helpers/IconHelper.php
+++ b/app/Helpers/IconHelper.php
@@ -0,0 +1,190 @@
+<?php
+
+namespace App\Helpers;
+
+class IconHelper
+{
+
+    public static function icon($type) {
+        switch ($type) {
+            case 'checkout':
+                return 'fa-solid fa-rotate-left';
+            case 'checkin':
+                return 'fa-solid fa-rotate-right';
+            case 'edit':
+                return 'fas fa-pencil-alt';
+            case 'clone':
+                return 'far fa-clone';
+            case 'delete':
+                return 'fas fa-trash';
+            case 'create':
+                return 'fa-solid fa-plus';
+            case 'audit':
+                return 'fa-solid fa-clipboard-check';
+            case '2fa reset':
+                return 'fa-solid fa-mobile-screen';
+            case 'new-user':
+                return 'fa-solid fa-user-plus';
+            case 'merged-user':
+                return 'fa-solid fa-people-arrows';
+            case 'delete-user':
+                return 'fa-solid fa-user-minus';
+            case 'update-user':
+                return 'fa-solid fa-user-pen';
+            case 'user':
+                return 'fa-solid fa-user';
+            case 'users':
+                return 'fas fa-users';
+            case 'restore':
+                return 'fa-solid fa-trash-arrow-up';
+            case 'external-link':
+                return 'fa fa-external-link';
+            case 'email':
+                return 'fa-regular fa-envelope';
+            case 'phone':
+                return 'fa-solid fa-phone';
+            case 'long-arrow-right':
+                return 'fas fa-long-arrow-alt-right';
+            case 'download':
+                return 'fas fa-download';
+            case 'checkmark':
+                return 'fas fa-check icon-white';
+            case 'x':
+                return 'fas fa-times';
+            case 'logout':
+                return 'fa fa-sign-out';
+            case 'admin-settings':
+                return 'fas fa-cogs';
+            case 'settings':
+                return 'fas fa-cog';
+            case 'angle-left':
+                return 'fas fa-angle-left';
+            case 'warning':
+                return 'fas fa-exclamation-triangle';
+            case 'kits':
+                return 'fas fa-object-group';
+            case 'assets':
+            case 'asset':
+                return 'fas fa-barcode';
+            case 'accessories':
+            case 'accessory':
+                return 'far fa-keyboard';
+            case 'components':
+            case 'component':
+                return 'far fa-hdd';
+            case 'consumables':
+            case 'consumable':
+                return 'fas fa-tint';
+            case 'licenses':
+            case 'license':
+                return 'far fa-save';
+            case 'requestable':
+                return 'fas fa-laptop';
+            case 'reports':
+                return 'fas fa-chart-bar';
+            case 'heart':
+                return 'fas fa-heart';
+            case 'circle':
+                return 'fa-regular fa-circle';
+            case 'circle-solid':
+                return 'fa-solid fa-circle';
+            case 'due':
+                return 'fas fa-history';
+            case 'import':
+                return 'fas fa-cloud-upload-alt';
+            case 'search':
+                return 'fas fa-search';
+            case 'alerts':
+                return 'far fa-flag';
+            case 'password':
+                return 'fa-solid fa-key';
+            case 'api-key':
+                return 'fa-solid fa-user-secret';
+            case 'nav-toggle':
+                return 'fas fa-bars';
+            case 'dashboard':
+                return 'fas fa-tachometer-alt';
+            case 'info-circle':
+                    return 'fas fa-info-circle';
+            case 'caret-right':
+                return 'fa fa-caret-right';
+            case 'caret-up':
+                return 'fa fa-caret-up';
+            case 'caret-down':
+                return 'fa fa-caret-down';
+            case 'arrow-circle-right':
+                return 'fa fa-arrow-circle-right';
+            case 'minus':
+                return 'fas fa-minus';
+            case 'spinner':
+                return 'fas fa-spinner fa-spin';
+            case 'copy-clipboard':
+                return 'fa-regular fa-clipboard';
+            case 'paperclip':
+                return 'fas fa-paperclip';
+            case 'files':
+                return 'fa-regular fa-file';
+            case 'more-info':
+                return 'far fa-life-ring';
+            case 'calendar':
+                return 'fas fa-calendar';
+            case 'plus':
+                return 'fas fa-plus';
+            case 'history':
+                return 'fas fa-history';
+            case 'more-files':
+                return 'fa-solid fa-laptop-file';
+            case 'maintenances':
+                return 'fas fa-wrench';
+            case 'seats':
+                return 'far fa-list-alt';
+            case 'globe-us':
+                return 'fas fa-globe-americas';
+            case 'locked':
+                return 'fas fa-lock';
+            case 'unlocked':
+                return 'fas fa-lock';
+            case 'locations':
+                return 'fas fa-map-marker-alt';
+            case 'location':
+                return 'fas fa-map-marker-alt';
+            case 'superadmin':
+                return 'fas fa-crown';
+            case 'print':
+                return 'fa-solid fa-print';
+            case 'checkin-and-delete':
+                return 'fa-solid fa-user-xmark';
+            case 'branding':
+                return 'fas fa-copyright';
+            case 'general-settings':
+                return 'fa-solid fa-list-check';
+            case 'groups':
+                return 'fa-solid fa-user-group';
+            case 'bell':
+                return 'fa-solid fa-bell';
+            case 'hashtag':
+                return 'fa-solid fa-hashtag';
+            case 'asset-tags':
+                return 'fas fa-list-ol';
+            case 'labels':
+                return 'fas fa-tags';
+            case 'ldap':
+                return 'fas fa-sitemap';
+            case 'google':
+                return 'fa-brands fa-google';
+            case 'saml':
+                return 'fas fa-sign-in-alt';
+            case 'backups':
+                return 'fas fa-file-archive';
+            case 'logins':
+                return 'fas fa-crosshairs';
+            case 'oauth':
+                return 'fas fa-user-secret';
+            case 'employee_num' :
+                return 'fa-regular fa-id-card';
+            case 'department' :
+                return 'fa-solid fa-building-user';
+
+        }
+    }
+}
--- a/app/Http/Controllers/Accessories/AccessoriesController.php
+++ b/app/Http/Controllers/Accessories/AccessoriesController.php
@@ -73,7 +73,7 @@ class AccessoriesController extends Controller
        $accessory->purchase_date           = request('purchase_date');
        $accessory->purchase_cost           = request('purchase_cost');
        $accessory->qty                     = request('qty');
-        $accessory->user_id                 = auth()->id();
+        $accessory->created_by              = auth()->id();
        $accessory->supplier_id             = request('supplier_id');
        $accessory->notes                   = request('notes');

@@ -144,12 +144,12 @@ class AccessoriesController extends Controller
     */
    public function update(ImageUploadRequest $request, $accessoryId = null) : RedirectResponse
    {
-        if ($accessory = Accessory::withCount('users as users_count')->find($accessoryId)) {
+        if ($accessory = Accessory::withCount('checkouts as checkouts_count')->find($accessoryId)) {

            $this->authorize($accessory);

            $validator = Validator::make($request->all(), [
-                "qty" => "required|numeric|min:$accessory->users_count"
+                "qty" => "required|numeric|min:$accessory->checkouts_count"
            ]);

            if ($validator->fails()) {
@@ -233,7 +233,7 @@ class AccessoriesController extends Controller
     */
    public function show($accessoryID = null) : View | RedirectResponse
    {
-        $accessory = Accessory::withCount('users as users_count')->find($accessoryID);
+        $accessory = Accessory::withCount('checkouts as checkouts_count')->find($accessoryID);
        $this->authorize('view', $accessory);
        if (isset($accessory->id)) {
            return view('accessories/view', compact('accessory'));
--- a/app/Http/Controllers/Accessories/AccessoryCheckinController.php
+++ b/app/Http/Controllers/Accessories/AccessoryCheckinController.php
@@ -6,6 +6,7 @@ use App\Events\CheckoutableCheckedIn;
 use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Models\Accessory;
+use App\Models\AccessoryCheckout;
 use App\Models\User;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\DB;
@@ -24,7 +25,7 @@ class AccessoryCheckinController extends Controller
     */
    public function create($accessoryUserId = null, $backto = null) : View | RedirectResponse
    {
-        if (is_null($accessory_user = DB::table('accessories_users')->find($accessoryUserId))) {
+        if (is_null($accessory_user = DB::table('accessories_checkout')->find($accessoryUserId))) {
            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.not_found'));
        }

@@ -39,16 +40,16 @@ class AccessoryCheckinController extends Controller
     *
     * @uses Accessory::checkin_email() to determine if an email can and should be sent
     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @param null $accessoryUserId
+     * @param null $accessoryCheckoutId
     * @param string $backto
     */
-    public function store(Request $request, $accessoryUserId = null, $backto = null) : RedirectResponse
+    public function store(Request $request, $accessoryCheckoutId = null, $backto = null) : RedirectResponse
    {
-        if (is_null($accessory_user = DB::table('accessories_users')->find($accessoryUserId))) {
+        if (is_null($accessory_checkout = AccessoryCheckout::find($accessoryCheckoutId))) {
            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist'));
        }

-        $accessory = Accessory::find($accessory_user->accessory_id);
+        $accessory = Accessory::find($accessory_checkout->accessory_id);

        $this->authorize('checkin', $accessory);

@@ -59,10 +60,8 @@ class AccessoryCheckinController extends Controller
        }

        // Was the accessory updated?
-        if (DB::table('accessories_users')->where('id', '=', $accessory_user->id)->delete()) {
-            $return_to = e($accessory_user->assigned_to);
-
-            event(new CheckoutableCheckedIn($accessory, User::find($return_to), auth()->user(), $request->input('note'), $checkin_at));
+        if ($accessory_checkout->delete()) {
+            event(new CheckoutableCheckedIn($accessory, $accessory_checkout->assignedTo, auth()->user(), $request->input('note'), $checkin_at));

            session()->put(['redirect_option' => $request->get('redirect_option')]);

--- a/app/Http/Controllers/Accessories/AccessoryCheckoutController.php
+++ b/app/Http/Controllers/Accessories/AccessoryCheckoutController.php
@@ -4,9 +4,11 @@ namespace App\Http\Controllers\Accessories;

 use App\Events\CheckoutableCheckedOut;
 use App\Helpers\Helper;
+use App\Http\Controllers\CheckInOutRequest;
 use App\Http\Controllers\Controller;
 use App\Http\Requests\AccessoryCheckoutRequest;
 use App\Models\Accessory;
+use App\Models\AccessoryCheckout;
 use App\Models\User;
 use Carbon\Carbon;
 use Illuminate\Http\Request;
@@ -16,6 +18,9 @@ use \Illuminate\Http\RedirectResponse;

 class AccessoryCheckoutController extends Controller
 {
+
+    use CheckInOutRequest;
+
    /**
     * Return the form to checkout an Accessory to a user.
     *
@@ -25,7 +30,7 @@ class AccessoryCheckoutController extends Controller
    public function create($id) : View | RedirectResponse
    {

-        if ($accessory = Accessory::withCount('users as users_count')->find($id)) {
+        if ($accessory = Accessory::withCount('checkouts as checkouts_count')->find($id)) {

            $this->authorize('checkout', $accessory);

@@ -58,30 +63,32 @@ class AccessoryCheckoutController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param Request $request
-     * @param  int $accessory
+     * @param  Accessory $accessory
     */
    public function store(AccessoryCheckoutRequest $request, Accessory $accessory) : RedirectResponse
    {
-
+        
        $this->authorize('checkout', $accessory);
-        $accessory->assigned_to = $request->input('assigned_to');
-        $user = User::find($request->input('assigned_to'));
-        $accessory->checkout_qty = $request->input('checkout_qty', 1);

+        $target = $this->determineCheckoutTarget();
+        
+        $accessory->checkout_qty = $request->input('checkout_qty', 1);
+        
        for ($i = 0; $i < $accessory->checkout_qty; $i++) {
-            $accessory->users()->attach($accessory->id, [
+            AccessoryCheckout::create([
                'accessory_id' => $accessory->id,
                'created_at' => Carbon::now(),
-                'user_id' => Auth::id(),
-                'assigned_to' => $request->input('assigned_to'),
+                'created_by' => auth()->id(),
+                'assigned_to' => $target->id,
+                'assigned_type' => $target::class,
                'note' => $request->input('note'),
            ]);
        }
-        event(new CheckoutableCheckedOut($accessory, $user, auth()->user(), $request->input('note')));
+        event(new CheckoutableCheckedOut($accessory,  $target, auth()->user(), $request->input('note')));

        // Set this as user since we only allow checkout to user for this item type
-        $request->request->add(['checkout_to_type' => 'user']);
-        $request->request->add(['assigned_user' => $user->id]);
+        $request->request->add(['checkout_to_type' => request('checkout_to_type')]);
+        $request->request->add(['assigned_user' => $target->id]);

        session()->put(['redirect_option' => $request->get('redirect_option'), 'checkout_to_type' => $request->get('checkout_to_type')]);

--- a/app/Http/Controllers/Account/AcceptanceController.php
+++ b/app/Http/Controllers/Account/AcceptanceController.php
@@ -218,6 +218,7 @@ class AcceptanceController extends Controller
                'item_tag' => $item->asset_tag,
                'item_model' => $display_model,
                'item_serial' => $item->serial,
+                'item_status' => $item->assetstatus?->name,
                'eula' => $item->getEula(),
                'note' => $request->input('note'),
                'check_out_date' => Carbon::parse($acceptance->created_at)->format('Y-m-d'),
@@ -236,7 +237,11 @@ class AcceptanceController extends Controller
            }

            $acceptance->accept($sig_filename, $item->getEula(), $pdf_filename, $request->input('note'));
-            $acceptance->notify(new AcceptanceAssetAcceptedNotification($data));
+            try {
+                $acceptance->notify(new AcceptanceAssetAcceptedNotification($data));
+            } catch (\Exception $e) {
+                Log::warning($e);
+            }
            event(new CheckoutAccepted($acceptance));

            $return_msg = trans('admin/users/message.accepted');
@@ -308,6 +313,7 @@ class AcceptanceController extends Controller
                'item_tag' => $item->asset_tag,
                'item_model' => $display_model,
                'item_serial' => $item->serial,
+                'item_status' => $item->assetstatus?->name,
                'note' => $request->input('note'),
                'declined_date' => Carbon::parse($acceptance->declined_at)->format('Y-m-d'),
                'signature' => ($sig_filename) ? storage_path() . '/private_uploads/signatures/' . $sig_filename : null,
--- a/app/Http/Controllers/Api/AccessoriesController.php
+++ b/app/Http/Controllers/Api/AccessoriesController.php
@@ -4,6 +4,7 @@ namespace App\Http\Controllers\Api;

 use App\Events\CheckoutableCheckedOut;
 use App\Helpers\Helper;
+use App\Http\Controllers\CheckInOutRequest;
 use App\Http\Controllers\Controller;
 use App\Http\Requests\AccessoryCheckoutRequest;
 use App\Http\Requests\StoreAccessoryRequest;
@@ -17,10 +18,12 @@ use Carbon\Carbon;
 use Illuminate\Support\Facades\DB;
 use Illuminate\Http\Request;
 use App\Http\Requests\ImageUploadRequest;
-
+use App\Models\AccessoryCheckout;

 class AccessoriesController extends Controller
 {
+    use CheckInOutRequest;
+
    /**
     * Display a listing of the resource.
     *
@@ -48,13 +51,14 @@ class AccessoriesController extends Controller
                'min_amt',
                'company_id',
                'notes',
-                'users_count',
+                'checkouts_count',
                'qty',
            ];


-        $accessories = Accessory::select('accessories.*')->with('category', 'company', 'manufacturer', 'users', 'location', 'supplier')
-                                ->withCount('users as users_count');
+        $accessories = Accessory::select('accessories.*')
+            ->with('category', 'company', 'manufacturer', 'checkouts', 'location', 'supplier', 'adminuser')
+            ->withCount('checkouts as checkouts_count');

        if ($request->filled('search')) {
            $accessories = $accessories->TextSearch($request->input('search'));
@@ -107,7 +111,10 @@ class AccessoriesController extends Controller
                break;    
            case 'supplier':
                $accessories = $accessories->OrderSupplier($order);
-                break;       
+                break;
+            case 'created_by':
+                $accessories = $accessories->OrderByCreatedByName($order);
+                break;
            default:
                $accessories = $accessories->orderBy($column_sort, $order);
                break;
@@ -154,7 +161,7 @@ class AccessoriesController extends Controller
    public function show($id)
    {
        $this->authorize('view', Accessory::class);
-        $accessory = Accessory::withCount('users as users_count')->findOrFail($id);
+        $accessory = Accessory::withCount('checkouts as checkouts_count')->findOrFail($id);

        return (new AccessoriesTransformer)->transformAccessory($accessory);
    }
@@ -197,28 +204,23 @@ class AccessoriesController extends Controller
        $offset = request('offset', 0);
        $limit = request('limit', 50);

-        $accessory_users = $accessory->users;
-        $total = $accessory_users->count();
+        $accessory_checkouts = $accessory->checkouts;
+        $total = $accessory_checkouts->count();

        if ($total < $offset) {
            $offset = 0;
        }

-        $accessory_users = $accessory->users()->skip($offset)->take($limit)->get();
+        $accessory_checkouts = $accessory->checkouts()->skip($offset)->take($limit)->get();

        if ($request->filled('search')) {
-            $accessory_users = $accessory->users()
-                                         ->where(function ($query) use ($request) {
-                                             $search_str = '%' . $request->input('search') . '%';
-                                             $query->where('first_name', 'like', $search_str)
-                                                   ->orWhere('last_name', 'like', $search_str)
-                                                   ->orWhere('note', 'like', $search_str);
-                                         })
+            
+            $accessory_checkouts = $accessory->checkouts()->TextSearch($request->input('search'))
                                         ->get();
-            $total = $accessory_users->count();
+            $total = $accessory_checkouts->count();
        }

-        return (new AccessoriesTransformer)->transformCheckedoutAccessory($accessory, $accessory_users, $total);
+        return (new AccessoriesTransformer)->transformCheckedoutAccessory($accessory, $accessory_checkouts, $total);
    }


@@ -282,22 +284,22 @@ class AccessoriesController extends Controller
    public function checkout(AccessoryCheckoutRequest $request, Accessory $accessory)
    {
        $this->authorize('checkout', $accessory);
-        $accessory->assigned_to = $request->input('assigned_to');
-        $user = User::find($request->input('assigned_to'));
+        $target = $this->determineCheckoutTarget();
        $accessory->checkout_qty = $request->input('checkout_qty', 1);

        for ($i = 0; $i < $accessory->checkout_qty; $i++) {
-            $accessory->users()->attach($accessory->id, [
+            AccessoryCheckout::create([
                'accessory_id' => $accessory->id,
                'created_at' => Carbon::now(),
-                'user_id' => Auth::id(),
-                'assigned_to' => $request->input('assigned_to'),
+                'created_by' => auth()->id(),
+                'assigned_to' => $target->id,
+                'assigned_type' => $target::class,
                'note' => $request->input('note'),
            ]);
        }

        // Set this value to be able to pass the qty through to the event
-        event(new CheckoutableCheckedOut($accessory, $user, auth()->user(), $request->input('note')));
+        event(new CheckoutableCheckedOut($accessory, $target, auth()->user(), $request->input('note')));

        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/accessories/message.checkout.success')));

@@ -316,19 +318,19 @@ class AccessoriesController extends Controller
     */
    public function checkin(Request $request, $accessoryUserId = null)
    {
-        if (is_null($accessory_user = DB::table('accessories_users')->find($accessoryUserId))) {
+        if (is_null($accessory_checkout = AccessoryCheckout::find($accessoryUserId))) {
            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/accessories/message.does_not_exist')));
        }

-        $accessory = Accessory::find($accessory_user->accessory_id);
+        $accessory = Accessory::find($accessory_checkout->accessory_id);
        $this->authorize('checkin', $accessory);

-        $logaction = $accessory->logCheckin(User::find($accessory_user->assigned_to), $request->input('note'));
+        $logaction = $accessory->logCheckin(User::find($accessory_checkout->assigned_to), $request->input('note'));

        // Was the accessory updated?
-        if (DB::table('accessories_users')->where('id', '=', $accessory_user->id)->delete()) {
-            if (! is_null($accessory_user->assigned_to)) {
-                $user = User::find($accessory_user->assigned_to);
+        if ($accessory_checkout->delete()) {
+            if (! is_null($accessory_checkout->assigned_to)) {
+                $user = User::find($accessory_checkout->assigned_to);
            }

            $data['log_id'] = $logaction->id;
--- a/app/Http/Controllers/Api/AssetMaintenancesController.php
+++ b/app/Http/Controllers/Api/AssetMaintenancesController.php
@@ -34,7 +34,7 @@ class AssetMaintenancesController extends Controller
        $this->authorize('view', Asset::class);

        $maintenances = AssetMaintenance::select('asset_maintenances.*')
-            ->with('asset', 'asset.model', 'asset.location', 'asset.defaultLoc', 'supplier', 'asset.company',  'asset.assetstatus', 'admin');
+            ->with('asset', 'asset.model', 'asset.location', 'asset.defaultLoc', 'supplier', 'asset.company',  'asset.assetstatus', 'adminuser');

        if ($request->filled('search')) {
            $maintenances = $maintenances->TextSearch($request->input('search'));
@@ -48,6 +48,10 @@ class AssetMaintenancesController extends Controller
            $maintenances->where('asset_maintenances.supplier_id', '=', $request->input('supplier_id'));
        }

+        if ($request->filled('created_by')) {
+            $maintenances->where('asset_maintenances.created_by', '=', $request->input('created_by'));
+        }
+
        if ($request->filled('asset_maintenance_type')) {
            $maintenances->where('asset_maintenance_type', '=', $request->input('asset_maintenance_type'));
        }
@@ -69,7 +73,7 @@ class AssetMaintenancesController extends Controller
                                'asset_tag',
                                'asset_name',
                                'serial',
-                                'user_id',
+                                'created_by',
                                'supplier',
                                'is_warranty',
                                'status_label',
@@ -79,8 +83,8 @@ class AssetMaintenancesController extends Controller
        $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';

        switch ($sort) {
-            case 'user_id':
-                $maintenances = $maintenances->OrderAdmin($order);
+            case 'created_by':
+                $maintenances = $maintenances->OrderByCreatedBy($order);
                break;
            case 'supplier':
                $maintenances = $maintenances->OrderBySupplier($order);
@@ -124,7 +128,7 @@ class AssetMaintenancesController extends Controller
        // create a new model instance
        $maintenance = new AssetMaintenance();
        $maintenance->fill($request->all());
-        $maintenance->user_id = Auth::id();
+        $maintenance->created_by = auth()->id();

        // Was the asset maintenance created?
        if ($maintenance->save()) {
@@ -186,11 +190,8 @@ class AssetMaintenancesController extends Controller
    {
        $this->authorize('update', Asset::class);
        // Check if the asset maintenance exists
-        $assetMaintenance = AssetMaintenance::findOrFail($assetMaintenanceId);

-        if (! Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot delete a maintenance for that asset'));
-        }
+        $assetMaintenance = AssetMaintenance::findOrFail($assetMaintenanceId);

        $assetMaintenance->delete();

--- a/app/Http/Controllers/Api/AssetModelFilesController.php
+++ b/app/Http/Controllers/Api/AssetModelFilesController.php
@@ -0,0 +1,200 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use App\Helpers\StorageHelper;
+use Illuminate\Support\Facades\Storage;
+use App\Helpers\Helper;
+use App\Http\Controllers\Controller;
+use App\Models\AssetModel;
+use App\Models\Actionlog;
+use App\Http\Requests\UploadFileRequest;
+use Illuminate\Http\JsonResponse;
+use Illuminate\Support\Facades\Log;
+use Symfony\Component\HttpFoundation\StreamedResponse;
+use Symfony\Component\HttpFoundation\BinaryFileResponse;
+
+
+/**
+ * This class controls file related actions related
+ * to assets for the Snipe-IT Asset Management application.
+ *
+ * Based on the Assets/AssetFilesController by A. Gianotto <snipe@snipe.net>
+ *
+ * @version    v1.0
+ * @author [T. Scarsbrook] [<snipe@scarzybrook.co.uk>]
+ */
+class AssetModelFilesController extends Controller
+{
+    /**
+     * Accepts a POST to upload a file to the server.
+     *
+     * @param \App\Http\Requests\UploadFileRequest $request
+     * @param int $assetModelId
+     * @since [v7.0.12]
+     * @author [r-xyz]
+     */
+    public function store(UploadFileRequest $request, $assetModelId = null) : JsonResponse
+    {
+        // Start by checking if the asset being acted upon exists
+        if (! $assetModel = AssetModel::find($assetModelId)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/models/message.does_not_exist')), 404);
+        }
+
+        // Make sure we are allowed to update this asset
+        $this->authorize('update', $assetModel);
+
+            if ($request->hasFile('file')) {
+            // If the file storage directory doesn't exist; create it
+            if (! Storage::exists('private_uploads/assetmodels')) {
+                Storage::makeDirectory('private_uploads/assetmodels', 775);
+            }
+
+            // Loop over the attached files and add them to the asset
+            foreach ($request->file('file') as $file) {
+                $file_name = $request->handleFile('private_uploads/assetmodels/','model-'.$assetModel->id, $file);
+                
+                $assetModel->logUpload($file_name, e($request->get('notes')));
+            }
+
+            // All done - report success
+            return response()->json(Helper::formatStandardApiResponse('success', $assetModel, trans('admin/models/message.upload.success')));
+        }
+
+        // We only reach here if no files were included in the POST, so tell the user this
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/models/message.upload.nofiles')), 500);
+    }
+
+    /**
+     * List the files for an asset.
+     *
+     * @param  int $assetModelId
+     * @since [v7.0.12]
+     * @author [r-xyz]
+     */
+    public function list($assetModelId = null) : JsonResponse
+    {
+        // Start by checking if the asset being acted upon exists
+        if (! $assetModel = AssetModel::find($assetModelId)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/models/message.does_not_exist')), 404);
+        }
+        
+        // the asset is valid
+        if (isset($assetModel->id)) {
+            $this->authorize('view', $assetModel);
+
+            // Check that there are some uploads on this asset that can be listed
+            if ($assetModel->uploads->count() > 0) {
+                $files = array();
+                foreach ($assetModel->uploads as $upload) {
+                    array_push($files, $upload);
+                }
+                // Give the list of files back to the user
+                return response()->json(Helper::formatStandardApiResponse('success', $files, trans('admin/models/message.upload.success')));
+            }
+
+            // There are no files.
+            return response()->json(Helper::formatStandardApiResponse('success', array(), trans('admin/models/message.upload.success')));
+        }
+
+        // Send back an error message
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/models/message.download.error')), 500);
+    }
+
+    /**
+     * Check for permissions and display the file.
+     *
+     * @param  int $assetModelId
+     * @param  int $fileId
+     * @return \Illuminate\Http\JsonResponse
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     * @since [v7.0.12]
+     * @author [r-xyz]
+     */
+    public function show($assetModelId = null, $fileId = null) : JsonResponse | StreamedResponse | Storage | StorageHelper | BinaryFileResponse
+    {
+        // Start by checking if the asset being acted upon exists
+        if (! $assetModel = AssetModel::find($assetModelId)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/models/message.does_not_exist')), 404);
+        }
+
+        // the asset is valid
+        if (isset($assetModel->id)) {
+            $this->authorize('view', $assetModel);
+
+            // Check that the file being requested exists for the asset
+            if (! $log = Actionlog::whereNotNull('filename')->where('item_id', $assetModel->id)->find($fileId)) {
+                return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/models/message.download.no_match', ['id' => $fileId])), 404);
+            }
+
+            // Form the full filename with path
+            $file = 'private_uploads/assetmodels/'.$log->filename;
+            Log::debug('Checking for '.$file);
+
+            if ($log->action_type == 'audit') {
+                $file = 'private_uploads/audits/'.$log->filename;
+            }
+
+            // Check the file actually exists on the filesystem
+            if (! Storage::exists($file)) {
+                return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/models/message.download.does_not_exist', ['id' => $fileId])), 404);
+            }
+
+            if (request('inline') == 'true') {
+
+                $headers = [
+                    'Content-Disposition' => 'inline',
+                ];
+
+                return Storage::download($file, $log->filename, $headers);
+            }
+
+            return StorageHelper::downloader($file);
+        }
+
+        // Send back an error message
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/models/message.download.error', ['id' => $fileId])), 500);
+    }
+
+    /**
+     * Delete the associated file
+     *
+     * @param  int $assetModelId
+     * @param  int $fileId
+     * @since [v7.0.12]
+     * @author [r-xyz]
+     */
+    public function destroy($assetModelId = null, $fileId = null) : JsonResponse
+    {
+        // Start by checking if the asset being acted upon exists
+        if (! $assetModel = AssetModel::find($assetModelId)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/models/message.does_not_exist')), 404);
+        }
+
+        $rel_path = 'private_uploads/assetmodels';
+
+        // the asset is valid
+        if (isset($assetModel->id)) {
+            $this->authorize('update', $assetModel);
+
+            // Check for the file
+            $log = Actionlog::find($fileId);
+            if ($log) {
+                // Check the file actually exists, and delete it
+                if (Storage::exists($rel_path.'/'.$log->filename)) {
+                    Storage::delete($rel_path.'/'.$log->filename);
+                }
+                // Delete the record of the file
+                $log->delete();
+
+                // All deleting done - notify the user of success
+                return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/models/message.deletefile.success')), 200);
+            }
+
+            // The file doesn't seem to really exist, so report an error
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/models/message.deletefile.error')), 500);
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/models/message.deletefile.error')), 500);
+    }
+}
--- a/app/Http/Controllers/Api/AssetModelsController.php
+++ b/app/Http/Controllers/Api/AssetModelsController.php
@@ -48,6 +48,8 @@ class AssetModelsController extends Controller
                'assets_count',
                'category',
                'fieldset',
+                'deleted_at',
+                'updated_at',
            ];

        $assetmodels = AssetModel::select([
@@ -67,7 +69,7 @@ class AssetModelsController extends Controller
            'models.deleted_at',
            'models.updated_at',
         ])
-            ->with('category', 'depreciation', 'manufacturer', 'fieldset.fields.defaultValues')
+            ->with('category', 'depreciation', 'manufacturer', 'fieldset.fields.defaultValues','adminuser')
            ->withCount('assets as assets_count');

        if ($request->input('status')=='deleted') {
@@ -78,6 +80,10 @@ class AssetModelsController extends Controller
            $assetmodels = $assetmodels->where('models.category_id', '=', $request->input('category_id'));
        }

+        if ($request->filled('depreciation_id')) {
+            $assetmodels = $assetmodels->where('models.depreciation_id', '=', $request->input('depreciation_id'));
+        }
+
        if ($request->filled('search')) {
            $assetmodels->TextSearch($request->input('search'));
        }
--- a/app/Http/Controllers/Api/AssetsController.php
+++ b/app/Http/Controllers/Api/AssetsController.php
@@ -56,6 +56,11 @@ class AssetsController extends Controller
    public function index(Request $request, $action = null, $upcoming_status = null) : JsonResponse | array
    {

+
+        // This handles the legacy audit endpoints :(
+        if ($action == 'audit') {
+            $action = 'audits';
+        }
        $filter_non_deprecable_assets = false;

        /**
@@ -121,7 +126,7 @@ class AssetsController extends Controller
        }

        $assets = Asset::select('assets.*')
-            ->with('location', 'assetstatus', 'company', 'defaultLoc','assignedTo',
+            ->with('location', 'assetstatus', 'company', 'defaultLoc','assignedTo', 'adminuser','model.depreciation',
                'model.category', 'model.manufacturer', 'model.fieldset','supplier'); //it might be tempting to add 'assetlog' here, but don't. It blows up update-heavy users.


@@ -154,8 +159,8 @@ class AssetsController extends Controller
         * Handle due and overdue audits and checkin dates
         */
        switch ($action) {
-            case 'audits':
-
+            // Audit (singular) is left over from earlier legacy APIs
+            case 'audits' :
                switch ($upcoming_status) {
                    case 'due':
                        $assets->DueForAudit($settings);
@@ -371,8 +376,33 @@ class AssetsController extends Controller
            case 'assigned_to':
                $assets->OrderAssigned($order);
                break;
+            case 'created_by':
+                $assets->OrderByCreatedByName($order);
+                break;
            default:
-                $assets->orderBy($column_sort, $order);
+                $numeric_sort = false;
+
+                // Search through the custom fields array to see if we're sorting on a custom field
+                if (array_search($column_sort, $all_custom_fields->pluck('db_column')->toArray()) !== false) {
+
+                    // Check to see if this is a numeric field type
+                    foreach ($all_custom_fields as $field) {
+                        if (($field->db_column == $sort_override) && ($field->format == 'NUMERIC')) {
+                            $numeric_sort = true;
+                            break;
+                        }
+                    }
+
+                    // This may not work for all databases, but it works for MySQL
+                    if ($numeric_sort) {
+                        $assets->orderByRaw($sort_override . ' * 1 ' . $order);
+                    } else {
+                        $assets->orderBy($sort_override, $order);
+                    }
+
+                } else {
+                    $assets->orderBy($column_sort, $order);
+                }
                break;
        }

@@ -568,7 +598,7 @@ class AssetsController extends Controller
        $asset->model()->associate(AssetModel::find((int) $request->get('model_id')));

        $asset->fill($request->validated());
-        $asset->user_id    = Auth::id();
+        $asset->created_by    = auth()->id();

        /**
        * this is here just legacy reasons. Api\AssetController
@@ -602,7 +632,7 @@ class AssetsController extends Controller
                if ($field->field_encrypted == '1') {
                    Log::debug('This model field is encrypted in this fieldset.');

-                    if (Gate::allows('admin')) {
+                    if (Gate::allows('assets.view.encrypted_custom_fields')) {

                        // If input value is null, use custom field's default value
                        if (($field_val == null) && ($request->has('model_id') != '')) {
@@ -695,7 +725,7 @@ class AssetsController extends Controller
                            }
                        }
                        if ($field->field_encrypted == '1') {
-                            if (Gate::allows('admin')) {
+                            if (Gate::allows('assets.view.encrypted_custom_fields')) {
                                $field_val = Crypt::encrypt($field_val);
                            } else {
                                $problems_updating_encrypted_custom_fields = true;
@@ -750,9 +780,16 @@ class AssetsController extends Controller
        if ($asset = Asset::find($id)) {
            $this->authorize('delete', $asset);

-            DB::table('assets')
-                ->where('id', $asset->id)
-                ->update(['assigned_to' => null]);
+            if ($asset->assignedTo) {
+
+                $target = $asset->assignedTo;
+                $checkin_at = date('Y-m-d H:i:s');
+                $originalValues = $asset->getRawOriginal();
+                event(new CheckoutableCheckedIn($asset, $target, auth()->user(), 'Checkin on delete', $checkin_at, $originalValues));
+                DB::table('assets')
+                    ->where('id', $asset->id)
+                    ->update(['assigned_to' => null]);
+            }

            $asset->delete();

@@ -928,7 +965,7 @@ class AssetsController extends Controller
            }
        }

-        if ($request->has('status_id')) {
+        if ($request->filled('status_id')) {
            $asset->status_id = $request->input('status_id');
        }
        
@@ -978,7 +1015,7 @@ class AssetsController extends Controller
    public function checkinByTag(Request $request, $tag = null) : JsonResponse
    {
        $this->authorize('checkin', Asset::class);
-        if(null == $tag && null !== ($request->input('asset_tag'))) {
+        if (null == $tag && null !== ($request->input('asset_tag'))) {
            $tag = $request->input('asset_tag');
        }
        $asset = Asset::where('asset_tag', $tag)->first();
--- a/app/Http/Controllers/Api/CategoriesController.php
+++ b/app/Http/Controllers/Api/CategoriesController.php
@@ -43,6 +43,7 @@ class CategoriesController extends Controller

        $categories = Category::select([
            'id',
+            'created_by',
            'created_at',
            'updated_at',
            'name', 'category_type',
@@ -50,8 +51,10 @@ class CategoriesController extends Controller
            'eula_text',
            'require_acceptance',
            'checkin_email',
-            'image'
-            ])->withCount('accessories as accessories_count', 'consumables as consumables_count', 'components as components_count', 'licenses as licenses_count');
+            'image',
+            ])
+            ->with('adminuser')
+            ->withCount('accessories as accessories_count', 'consumables as consumables_count', 'components as components_count', 'licenses as licenses_count');


        /*
@@ -91,13 +94,33 @@ class CategoriesController extends Controller
            $categories->where('checkin_email', '=', $request->input('checkin_email'));
        }

+        if ($request->filled('created_by')) {
+            $categories->where('created_by', '=', $request->input('created_by'));
+        }
+
+        if ($request->filled('created_at')) {
+            $categories->where('created_at', '=', $request->input('created_at'));
+        }
+
+        if ($request->filled('updated_at')) {
+            $categories->where('updated_at', '=', $request->input('updated_at'));
+        }
+
        // Make sure the offset and limit are actually integers and do not exceed system limits
        $offset = ($request->input('offset') > $categories->count()) ? $categories->count() : app('api_offset_value');
        $limit = app('api_limit_value');
-
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'assets_count';
-        $categories->orderBy($sort, $order);
+        $sort_override =  $request->input('sort');
+        $column_sort = in_array($sort_override, $allowed_columns) ? $sort_override : 'assets_count';
+
+        switch ($sort_override) {
+            case 'created_by':
+                $categories = $categories->OrderByCreatedBy($order);
+                break;
+            default:
+                $categories = $categories->orderBy($column_sort, $order);
+                break;
+        }

        $total = $categories->count();
        $categories = $categories->skip($offset)->take($limit)->get();
--- a/app/Http/Controllers/Api/CompaniesController.php
+++ b/app/Http/Controllers/Api/CompaniesController.php
@@ -42,7 +42,7 @@ class CompaniesController extends Controller

        $companies = Company::withCount(['assets as assets_count'  => function ($query) {
            $query->AssetsForShow();
-        }])->withCount('licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count', 'components as components_count', 'users as users_count');
+        }])->withCount('assets as assets_count', 'licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count', 'components as components_count', 'users as users_count');

        if ($request->filled('search')) {
            $companies->TextSearch($request->input('search'));
@@ -56,17 +56,29 @@ class CompaniesController extends Controller
            $companies->where('email', '=', $request->input('email'));
        }

+        if ($request->filled('created_by')) {
+            $companies->where('created_by', '=', $request->input('created_by'));
+        }
+

        // Make sure the offset and limit are actually integers and do not exceed system limits
        $offset = ($request->input('offset') > $companies->count()) ? $companies->count() : app('api_offset_value');
        $limit = app('api_limit_value');
-
-
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
-        $companies->orderBy($sort, $order);
+        $sort_override =  $request->input('sort');
+        $column_sort = in_array($sort_override, $allowed_columns) ? $sort_override : 'created_at';
+
+        switch ($sort_override) {
+            case 'created_by':
+                $companies = $companies->OrderByCreatedBy($order);
+                break;
+            default:
+                $companies = $companies->orderBy($column_sort, $order);
+                break;
+        }

        $total = $companies->count();
+
        $companies = $companies->skip($offset)->take($limit)->get();
        return (new CompaniesTransformer)->transformCompanies($companies, $total);

--- a/app/Http/Controllers/Api/ComponentsController.php
+++ b/app/Http/Controllers/Api/ComponentsController.php
@@ -47,7 +47,7 @@ class ComponentsController extends Controller
            ];

        $components = Component::select('components.*')
-            ->with('company', 'location', 'category', 'assets', 'supplier');
+            ->with('company', 'location', 'category', 'assets', 'supplier', 'adminuser');

        if ($request->filled('search')) {
            $components = $components->TextSearch($request->input('search'));
@@ -98,6 +98,9 @@ class ComponentsController extends Controller
            case 'supplier':
                $components = $components->OrderSupplier($order);
                break;
+            case 'created_by':
+                $components = $components->OrderByCreatedBy($order);
+                break;
            default:
                $components = $components->orderBy($column_sort, $order);
                break;
@@ -270,7 +273,7 @@ class ComponentsController extends Controller
                'component_id' => $component->id,
                'created_at' => Carbon::now(),
                'assigned_qty' => $request->get('assigned_qty', 1),
-                'user_id' => auth()->id(),
+                'created_by' => auth()->id(),
                'asset_id' => $request->get('assigned_to'),
                'note' => $request->get('note'),
            ]);
--- a/app/Http/Controllers/Api/ConsumablesController.php
+++ b/app/Http/Controllers/Api/ConsumablesController.php
@@ -86,9 +86,15 @@ class ConsumablesController extends Controller
            case 'company':
                $consumables = $consumables->OrderCompany($order);
                break;
+            case 'remaining':
+                $consumables = $consumables->OrderRemaining($order);
+                break;
            case 'supplier':
                $consumables = $consumables->OrderSupplier($order);
                break;
+            case 'created_by':
+                $consumables = $consumables->OrderByCreatedBy($order);
+                break;
            default:
                // This array is what determines which fields should be allowed to be sorted on ON the table itself.
                // These must match a column on the consumables table directly.
@@ -207,7 +213,7 @@ class ConsumablesController extends Controller
        $consumable = Consumable::with(['consumableAssignments'=> function ($query) {
            $query->orderBy($query->getModel()->getTable().'.created_at', 'DESC');
        },
-        'consumableAssignments.admin'=> function ($query) {
+        'consumableAssignments.adminuser'=> function ($query) {
        },
        'consumableAssignments.user'=> function ($query) {
        },
@@ -225,7 +231,8 @@ class ConsumablesController extends Controller
                'name' => ($consumable_assignment->user) ? $consumable_assignment->user->present()->nameUrl() : 'Deleted User',
                'created_at' => Helper::getFormattedDateObject($consumable_assignment->created_at, 'datetime'),
                'note' => ($consumable_assignment->note) ? e($consumable_assignment->note) : null,
-                'admin' => ($consumable_assignment->admin) ? $consumable_assignment->admin->present()->nameUrl() : null,
+                'admin' => ($consumable_assignment->adminuser) ? $consumable_assignment->adminuser->present()->nameUrl() : null, // legacy, so we don't change the shape of the response
+                'created_by' => ($consumable_assignment->adminuser) ? $consumable_assignment->adminuser->present()->nameUrl() : null,
            ];
        }

@@ -274,7 +281,7 @@ class ConsumablesController extends Controller
        $consumable->users()->attach($consumable->id,
                [
                    'consumable_id' => $consumable->id,
-                    'user_id' => $user->id,
+                    'created_by' => $user->id,
                    'assigned_to' => $request->input('assigned_to'),
                    'note' => $request->input('note'),
                ]
--- a/app/Http/Controllers/Api/DepartmentsController.php
+++ b/app/Http/Controllers/Api/DepartmentsController.php
@@ -97,7 +97,7 @@ class DepartmentsController extends Controller
        $department->fill($request->all());
        $department = $request->handleImages($department);

-        $department->user_id = auth()->id();
+        $department->created_by = auth()->id();
        $department->manager_id = ($request->filled('manager_id') ? $request->input('manager_id') : null);

        if ($department->save()) {
--- a/app/Http/Controllers/Api/DepreciationsController.php
+++ b/app/Http/Controllers/Api/DepreciationsController.php
@@ -20,9 +20,23 @@ class DepreciationsController extends Controller
    public function index(Request $request) : JsonResponse | array
    {
        $this->authorize('view', Depreciation::class);
-        $allowed_columns = ['id','name','months','depreciation_min','created_at'];
+        $allowed_columns = [
+            'id',
+            'name',
+            'months',
+            'depreciation_min',
+            'depreciation_type',
+            'created_at',
+            'assets_count',
+            'models_count',
+            'licenses_count',
+        ];

-        $depreciations = Depreciation::select('id','name','months','depreciation_min','user_id','created_at','updated_at');
+        $depreciations = Depreciation::select('id','name','months','depreciation_min','depreciation_type','created_at','updated_at', 'created_by')
+            ->with('adminuser')
+            ->withCount('assets as assets_count')
+            ->withCount('models as models_count')
+            ->withCount('licenses as licenses_count');

        if ($request->filled('search')) {
            $depreciations = $depreciations->TextSearch($request->input('search'));
@@ -31,10 +45,18 @@ class DepreciationsController extends Controller
        // Make sure the offset and limit are actually integers and do not exceed system limits
        $offset = ($request->input('offset') > $depreciations->count()) ? $depreciations->count() : app('api_offset_value');
        $limit = app('api_limit_value');
-
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
-        $depreciations->orderBy($sort, $order);
+        $sort_override =  $request->input('sort');
+        $column_sort = in_array($sort_override, $allowed_columns) ? $sort_override : 'created_at';
+
+        switch ($sort_override) {
+            case 'created_by':
+                $depreciations = $depreciations->OrderByCreatedBy($order);
+                break;
+            default:
+                $depreciations = $depreciations->orderBy($column_sort, $order);
+                break;
+        }

        $total = $depreciations->count();
        $depreciations = $depreciations->skip($offset)->take($limit)->get();
--- a/app/Http/Controllers/Api/GroupsController.php
+++ b/app/Http/Controllers/Api/GroupsController.php
@@ -23,9 +23,8 @@ class GroupsController extends Controller
        $this->authorize('superadmin');

        $this->authorize('view', Group::class);
-        $allowed_columns = ['id', 'name', 'created_at', 'users_count'];

-        $groups = Group::select('id', 'name', 'permissions', 'created_at', 'updated_at', 'created_by')->with('admin')->withCount('users as users_count');
+        $groups = Group::select('id', 'name', 'permissions', 'created_at', 'updated_at', 'created_by')->with('adminuser')->withCount('users as users_count');

        if ($request->filled('search')) {
            $groups = $groups->TextSearch($request->input('search'));
@@ -35,13 +34,29 @@ class GroupsController extends Controller
            $groups->where('name', '=', $request->input('name'));
        }

-        // Make sure the offset and limit are actually integers and do not exceed system limits
+
        $offset = ($request->input('offset') > $groups->count()) ? $groups->count() : app('api_offset_value');
        $limit = app('api_limit_value');
-
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
-        $groups->orderBy($sort, $order);
+
+        switch ($request->input('sort')) {
+            case 'created_by':
+                $groups = $groups->OrderByCreatedBy($order);
+                break;
+            default:
+                // This array is what determines which fields should be allowed to be sorted on ON the table itself.
+                // These must match a column on the consumables table directly.
+                $allowed_columns = [
+                    'id',
+                    'name',
+                    'created_at',
+                    'users_count',
+                ];
+
+                $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+                $groups = $groups->orderBy($sort, $order);
+                break;
+        }

        $total = $groups->count();
        $groups = $groups->skip($offset)->take($limit)->get();
--- a/app/Http/Controllers/Api/LicenseSeatsController.php
+++ b/app/Http/Controllers/Api/LicenseSeatsController.php
@@ -107,7 +107,7 @@ class LicenseSeatsController extends Controller

        // attempt to update the license seat
        $licenseSeat->fill($request->all());
-        $licenseSeat->user_id = auth()->id();
+        $licenseSeat->created_by = auth()->id();

        // check if this update is a checkin operation
        // 1. are relevant fields touched at all?
--- a/app/Http/Controllers/Api/LicensesController.php
+++ b/app/Http/Controllers/Api/LicensesController.php
@@ -27,7 +27,7 @@ class LicensesController extends Controller
        $licenses = License::with('company', 'manufacturer', 'supplier','category', 'adminuser')->withCount('freeSeats as free_seats_count');

        if ($request->filled('company_id')) {
-            $licenses->where('company_id', '=', $request->input('company_id'));
+            $licenses->where('licenses.company_id', '=', $request->input('company_id'));
        }

        if ($request->filled('name')) {
@@ -70,8 +70,8 @@ class LicensesController extends Controller
            $licenses->where('depreciation_id', '=', $request->input('depreciation_id'));
        }

-        if ($request->filled('user_id')) {
-            $licenses->where('user_id', '=', $request->input('user_id'));
+        if ($request->filled('created_by')) {
+            $licenses->where('created_by', '=', $request->input('created_by'));
        }

        if (($request->filled('maintained')) && ($request->input('maintained')=='true')) {
@@ -117,7 +117,7 @@ class LicensesController extends Controller
                $licenses = $licenses->leftJoin('companies', 'licenses.company_id', '=', 'companies.id')->orderBy('companies.name', $order);
                break;
            case 'created_by':
-                $licenses = $licenses->OrderCreatedBy($order);
+                $licenses = $licenses->OrderByCreatedBy($order);
                break;
            default:
                $allowed_columns =
@@ -182,7 +182,7 @@ class LicensesController extends Controller
    public function show($id) : JsonResponse | array
    {
        $this->authorize('view', License::class);
-        $license = License::withCount('freeSeats')->findOrFail($id);
+        $license = License::withCount('freeSeats as free_seats_count')->findOrFail($id);
        $license = $license->load('assignedusers', 'licenseSeats.user', 'licenseSeats.asset');

        return (new LicensesTransformer)->transformLicense($license);
@@ -220,7 +220,6 @@ class LicensesController extends Controller
     */
    public function destroy($id) : JsonResponse
    {
-        //
        $license = License::findOrFail($id);
        $this->authorize('delete', $license);

--- a/app/Http/Controllers/Api/LocationsController.php
+++ b/app/Http/Controllers/Api/LocationsController.php
@@ -248,6 +248,7 @@ class LocationsController extends Controller
            ->withCount('rtd_assets as rtd_assets_count')
            ->withCount('children as children_count')
            ->withCount('users as users_count')
+            ->withCount('accessories as accessories_count')
            ->findOrFail($id);

        if (! $location->isDeletable()) {
--- a/app/Http/Controllers/Api/ManufacturersController.php
+++ b/app/Http/Controllers/Api/ManufacturersController.php
@@ -25,11 +25,42 @@ class ManufacturersController extends Controller
    public function index(Request $request) : JsonResponse | array
    {
        $this->authorize('view', Manufacturer::class);
-        $allowed_columns = ['id', 'name', 'url', 'support_url', 'support_email', 'warranty_lookup_url', 'support_phone', 'created_at', 'updated_at', 'image', 'assets_count', 'consumables_count', 'components_count', 'licenses_count'];
+        $allowed_columns =  [
+            'id',
+            'name',
+            'url',
+            'support_url',
+            'support_email',
+            'warranty_lookup_url',
+            'support_phone',
+            'created_at',
+            'updated_at',
+            'image',
+            'assets_count',
+            'consumables_count',
+            'components_count',
+            'licenses_count'
+        ];

-        $manufacturers = Manufacturer::select(
-            ['id', 'name', 'url', 'support_url', 'warranty_lookup_url', 'support_email', 'support_phone', 'created_at', 'updated_at', 'image', 'deleted_at']
-        )->withCount('assets as assets_count')->withCount('licenses as licenses_count')->withCount('consumables as consumables_count')->withCount('accessories as accessories_count');
+        $manufacturers = Manufacturer::select([
+                'id',
+                'name',
+                'url',
+                'support_url',
+                'warranty_lookup_url',
+                'support_email',
+                'support_phone',
+                'created_by',
+                'created_at',
+                'updated_at',
+                'image',
+                'deleted_at',
+            ])
+            ->with('adminuser')
+            ->withCount('assets as assets_count')
+            ->withCount('licenses as licenses_count')
+            ->withCount('consumables as consumables_count')
+            ->withCount('accessories as accessories_count');

        if ($request->input('deleted') == 'true') {
            $manufacturers->onlyTrashed();
@@ -66,10 +97,18 @@ class ManufacturersController extends Controller
        // Make sure the offset and limit are actually integers and do not exceed system limits
        $offset = ($request->input('offset') > $manufacturers->count()) ? $manufacturers->count() : app('api_offset_value');
        $limit = app('api_limit_value');
-
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
-        $manufacturers->orderBy($sort, $order);
+        $sort_override =  $request->input('sort');
+        $column_sort = in_array($sort_override, $allowed_columns) ? $sort_override : 'created_at';
+
+        switch ($sort_override) {
+            case 'created_by':
+                $manufacturers = $manufacturers->OrderByCreatedBy($order);
+                break;
+            default:
+                $manufacturers = $manufacturers->orderBy($column_sort, $order);
+                break;
+        }

        $total = $manufacturers->count();
        $manufacturers = $manufacturers->skip($offset)->take($limit)->get();
@@ -181,7 +220,7 @@ class ManufacturersController extends Controller
                $logaction->item_type = Manufacturer::class;
                $logaction->item_id = $manufacturer->id;
                $logaction->created_at = date('Y-m-d H:i:s');
-                $logaction->user_id = auth()->id();
+                $logaction->created_by = auth()->id();
                $logaction->logaction('restore');

                return response()->json(Helper::formatStandardApiResponse('success', trans('admin/manufacturers/message.restore.success')), 200);
--- a/app/Http/Controllers/Api/PredefinedKitsController.php
+++ b/app/Http/Controllers/Api/PredefinedKitsController.php
@@ -23,9 +23,8 @@ class PredefinedKitsController extends Controller
    public function index(Request $request) : JsonResponse | array
    {
        $this->authorize('view', PredefinedKit::class);
-        $allowed_columns = ['id', 'name'];

-        $kits = PredefinedKit::query();
+        $kits = PredefinedKit::query()->with('adminuser');

        if ($request->filled('search')) {
            $kits = $kits->TextSearch($request->input('search'));
@@ -36,8 +35,25 @@ class PredefinedKitsController extends Controller
        $limit = app('api_limit_value');

        $order = $request->input('order') === 'desc' ? 'desc' : 'asc';
-        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'name';
-        $kits->orderBy($sort, $order);
+
+        switch ($request->input('sort')) {
+            case 'created_by':
+                $kits = $kits->OrderByCreatedBy($order);
+                break;
+            default:
+                // This array is what determines which fields should be allowed to be sorted on ON the table itself.
+                // These must match a column on the consumables table directly.
+                $allowed_columns = [
+                    'id',
+                    'name',
+                    'created_at',
+                    'updated_at',
+                ];
+
+                $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+                $kits = $kits->orderBy($sort, $order);
+                break;
+        }

        $total = $kits->count();
        $kits = $kits->skip($offset)->take($limit)->get();
@@ -246,7 +262,7 @@ class PredefinedKitsController extends Controller

        $relation = $kit->models();
        if ($relation->find($model_id)) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, ['model' => 'Model already attached to kit']));
+            return response()->json(Helper::formatStandardApiResponse('error', null, ['model' => trans('admin/kits/general.model_already_attached')]));
        }
        $relation->attach($model_id, ['quantity' => $quantity]);

--- a/app/Http/Controllers/Api/ReportsController.php
+++ b/app/Http/Controllers/Api/ReportsController.php
@@ -20,7 +20,7 @@ class ReportsController extends Controller
    {
        $this->authorize('reports.view');

-        $actionlogs = Actionlog::with('item', 'user', 'admin', 'target', 'location');
+        $actionlogs = Actionlog::with('item', 'user', 'adminuser', 'target', 'location');

        if ($request->filled('search')) {
            $actionlogs = $actionlogs->TextSearch(e($request->input('search')));
@@ -48,8 +48,8 @@ class ReportsController extends Controller
            $actionlogs = $actionlogs->where('action_type', '=', $request->input('action_type'))->orderBy('created_at', 'desc');
        }

-        if ($request->filled('user_id')) {
-            $actionlogs = $actionlogs->where('user_id', '=', $request->input('user_id'));
+        if ($request->filled('created_by')) {
+            $actionlogs = $actionlogs->where('created_by', '=', $request->input('created_by'));
        }

        if ($request->filled('action_source')) {
@@ -68,13 +68,14 @@ class ReportsController extends Controller
            'id',
            'created_at',
            'target_id',
-            'user_id',
+            'created_by',
            'accept_signature',
            'action_type',
            'note',
            'remote_ip',
            'user_agent',
            'action_source',
+            'action_date',
        ];


@@ -83,11 +84,19 @@ class ReportsController extends Controller
        $offset = ($request->input('offset') > $total) ? $total : app('api_offset_value');
        $limit = app('api_limit_value');

-        $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
        $order = ($request->input('order') == 'asc') ? 'asc' : 'desc';

+        switch ($request->input('sort')) {
+            case 'created_by':
+                $actionlogs->OrderByCreatedBy($order);
+                break;
+            default:
+                $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
+                $actionlogs = $actionlogs->orderBy($sort, $order);
+                break;
+        }

-        $actionlogs = $actionlogs->orderBy($sort, $order)->skip($offset)->take($limit)->get();
+        $actionlogs = $actionlogs->skip($offset)->take($limit)->get();

        return response()->json((new ActionlogsTransformer)->transformActionlogs($actionlogs, $total), 200, ['Content-Type' => 'application/json;charset=utf8'], JSON_UNESCAPED_UNICODE);
    }
--- a/app/Http/Controllers/Api/StatuslabelsController.php
+++ b/app/Http/Controllers/Api/StatuslabelsController.php
@@ -8,6 +8,7 @@ use App\Http\Transformers\AssetsTransformer;
 use App\Http\Transformers\SelectlistTransformer;
 use App\Http\Transformers\StatuslabelsTransformer;
 use App\Models\Asset;
+use App\Models\Setting;
 use App\Models\Statuslabel;
 use Illuminate\Http\Request;
 use App\Http\Transformers\PieChartTransformer;
@@ -24,9 +25,17 @@ class StatuslabelsController extends Controller
    public function index(Request $request) : array
    {
        $this->authorize('view', Statuslabel::class);
-        $allowed_columns = ['id', 'name', 'created_at', 'assets_count', 'color', 'notes', 'default_label'];
+        $allowed_columns = [
+            'id',
+            'name',
+            'created_at',
+            'assets_count',
+            'color',
+            'notes',
+            'default_label'
+        ];

-        $statuslabels = Statuslabel::withCount('assets as assets_count');
+        $statuslabels = Statuslabel::with('adminuser')->withCount('assets as assets_count');

        if ($request->filled('search')) {
            $statuslabels = $statuslabels->TextSearch($request->input('search'));
@@ -53,10 +62,18 @@ class StatuslabelsController extends Controller
        // Make sure the offset and limit are actually integers and do not exceed system limits
        $offset = ($request->input('offset') > $statuslabels->count()) ? $statuslabels->count() : app('api_offset_value');
        $limit = app('api_limit_value');
-
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
-        $statuslabels->orderBy($sort, $order);
+        $sort_override =  $request->input('sort');
+        $column_sort = in_array($sort_override, $allowed_columns) ? $sort_override : 'created_at';
+
+        switch ($sort_override) {
+            case 'created_by':
+                $statuslabels = $statuslabels->OrderByCreatedBy($order);
+                break;
+            default:
+                $statuslabels = $statuslabels->orderBy($column_sort, $order);
+                break;
+        }

        $total = $statuslabels->count();
        $statuslabels = $statuslabels->skip($offset)->take($limit)->get();
@@ -187,8 +204,14 @@ class StatuslabelsController extends Controller
    public function getAssetCountByStatuslabel() : array
    {
        $this->authorize('view', Statuslabel::class);
-        $statuslabels = Statuslabel::withCount('assets')->get();
-        $total = Array();
+
+        if (Setting::getSettings()->show_archived_in_list == 0 ) {
+            $statuslabels = Statuslabel::withCount('assets')->where('archived','0')->get();
+        } else {
+            $statuslabels = Statuslabel::withCount('assets')->get();
+        }
+
+        $total = [];

        foreach ($statuslabels as $statuslabel) {

--- a/app/Http/Controllers/Api/UsersController.php
+++ b/app/Http/Controllers/Api/UsersController.php
@@ -206,6 +206,10 @@ class UsersController extends Controller
            $users->where('autoassign_licenses', '=', $request->input('autoassign_licenses'));
        }

+        if ($request->filled('locale')) {
+            $users = $users->where('users.locale', '=', $request->input('locale'));
+        }
+

        if (($request->filled('deleted')) && ($request->input('deleted') == 'true')) {
            $users = $users->onlyTrashed();
@@ -276,6 +280,7 @@ class UsersController extends Controller
                        'end_date',
                        'autoassign_licenses',
                        'website',
+                        'locale',
                    ];

                $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'first_name';
@@ -427,13 +432,10 @@ class UsersController extends Controller
     * @param  \Illuminate\Http\Request  $request
     * @param  int  $id
     */
-    public function update(SaveUserRequest $request, $id) : JsonResponse
+    public function update(SaveUserRequest $request, User $user): JsonResponse
    {
        $this->authorize('update', User::class);

-        if ($user = User::find($id)) {
-
-
            $this->authorize('update', $user);

            /**
@@ -443,12 +445,10 @@ class UsersController extends Controller
             *
             */

-
-            if ((($id == 1) || ($id == 2)) && (config('app.lock_passwords'))) {
+        if ((($user->id == 1) || ($user->id == 2)) && (config('app.lock_passwords'))) {
                return response()->json(Helper::formatStandardApiResponse('error', null, 'Permission denied. You cannot update user information via API on the demo.'));
            }

-
            $user->fill($request->all());

            if ($user->id == $request->input('manager_id')) {
@@ -473,16 +473,13 @@ class UsersController extends Controller
                $user->permissions = $permissions_array;
            }

-
            // Update the location of any assets checked out to this user
            Asset::where('assigned_type', User::class)
                ->where('assigned_to', $user->id)->update(['location_id' => $request->input('location_id', null)]);

-
            app('App\Http\Requests\ImageUploadRequest')->handleImages($user, 600, 'image', 'avatars', 'avatar');

            if ($user->save()) {
-
                // Check if the request has groups passed and has a value, AND that the user us a superuser
                if (($request->has('groups')) && (auth()->user()->isSuperUser())) {

@@ -496,18 +493,10 @@ class UsersController extends Controller

                    // Sync the groups since the user is a superuser and the groups pass validation
                    $user->groups()->sync($request->input('groups'));
-
-
                }
-
                return response()->json(Helper::formatStandardApiResponse('success', (new UsersTransformer)->transformUser($user), trans('admin/users/message.success.update')));
            }
-
            return response()->json(Helper::formatStandardApiResponse('error', null, $user->getErrors()));
-        }
-
-        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.user_not_found', compact('id'))));
-
    }

    /**
@@ -702,7 +691,7 @@ class UsersController extends Controller
                $logaction->item_type = User::class;
                $logaction->item_id = $user->id;
                $logaction->created_at = date('Y-m-d H:i:s');
-                $logaction->user_id = auth()->id();
+                $logaction->created_by = auth()->id();
                $logaction->logaction('2FA reset');

                return response()->json(['message' => trans('admin/settings/general.two_factor_reset_success')], 200);
@@ -752,7 +741,7 @@ class UsersController extends Controller
                $logaction->item_type = User::class;
                $logaction->item_id = $user->id;
                $logaction->created_at = date('Y-m-d H:i:s');
-                $logaction->user_id = auth()->id();
+                $logaction->created_by = auth()->id();
                $logaction->logaction('restore');

                return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/users/message.success.restored')), 200);
--- a/app/Http/Controllers/AssetMaintenancesController.php
+++ b/app/Http/Controllers/AssetMaintenancesController.php
@@ -109,7 +109,7 @@ class AssetMaintenancesController extends Controller
        $assetMaintenance->title = $request->input('title');
        $assetMaintenance->start_date = $request->input('start_date');
        $assetMaintenance->completion_date = $request->input('completion_date');
-        $assetMaintenance->user_id = Auth::id();
+        $assetMaintenance->created_by = auth()->id();

        if (($assetMaintenance->completion_date !== null)
            && ($assetMaintenance->start_date !== '')
--- a/app/Http/Controllers/AssetModelsController.php
+++ b/app/Http/Controllers/AssetModelsController.php
@@ -78,7 +78,7 @@ class AssetModelsController extends Controller
        $model->manufacturer_id = $request->input('manufacturer_id');
        $model->category_id = $request->input('category_id');
        $model->notes = $request->input('notes');
-        $model->user_id = Auth::id();
+        $model->created_by = auth()->id();
        $model->requestable = $request->has('requestable');

        if ($request->input('fieldset_id') != '') {
@@ -151,17 +151,17 @@ class AssetModelsController extends Controller
        $model->notes = $request->input('notes');
        $model->requestable = $request->input('requestable', '0');

-        $this->removeCustomFieldsDefaultValues($model);
-
        $model->fieldset_id = $request->input('fieldset_id');

-        if ($this->shouldAddDefaultValues($request->input())) {
-            if (!$this->assignCustomFieldsDefaultValues($model, $request->input('default_values'))){
-                return redirect()->back()->withInput()->with('error', trans('admin/custom_fields/message.fieldset_default_value.error'));
-            }
-        }
-
        if ($model->save()) {
+            $this->removeCustomFieldsDefaultValues($model);
+
+            if ($this->shouldAddDefaultValues($request->input())) {
+                if (!$this->assignCustomFieldsDefaultValues($model, $request->input('default_values'))) {
+                    return redirect()->back()->withInput()->with('error', trans('admin/custom_fields/message.fieldset_default_value.error'));
+                }
+            }
+
            if ($model->wasChanged('eol')) {
                    if ($model->eol > 0) {
                        $newEol = $model->eol; 
@@ -202,6 +202,7 @@ class AssetModelsController extends Controller
        if ($model->image) {
            try {
                Storage::disk('public')->delete('models/'.$model->image);
+                $model->update(['image' => null]);
            } catch (\Exception $e) {
                Log::info($e);
            }
@@ -233,10 +234,10 @@ class AssetModelsController extends Controller

            if ($model->restore()) {
                $logaction = new Actionlog();
-                $logaction->item_type = User::class;
+                $logaction->item_type = AssetModel::class;
                $logaction->item_id = $model->id;
                $logaction->created_at = date('Y-m-d H:i:s');
-                $logaction->user_id = auth()->id();
+                $logaction->created_by = auth()->id();
                $logaction->logaction('restore');


--- a/app/Http/Controllers/Assets/AssetsController.php
+++ b/app/Http/Controllers/Assets/AssetsController.php
@@ -2,6 +2,7 @@

 namespace App\Http\Controllers\Assets;

+use App\Events\CheckoutableCheckedIn;
 use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Http\Requests\ImageUploadRequest;
@@ -132,7 +133,7 @@ class AssetsController extends Controller
            $asset->model_id                = $request->input('model_id');
            $asset->order_number            = $request->input('order_number');
            $asset->notes                   = $request->input('notes');
-            $asset->user_id                 = Auth::id();
+            $asset->created_by              = auth()->id();
            $asset->status_id               = request('status_id');
            $asset->warranty_months         = request('warranty_months', null);
            $asset->purchase_cost           = request('purchase_cost');
@@ -165,7 +166,7 @@ class AssetsController extends Controller
            if (($model) && ($model->fieldset)) {
                foreach ($model->fieldset->fields as $field) {
                    if ($field->field_encrypted == '1') {
-                        if (Gate::allows('admin')) {
+                        if (Gate::allows('assets.view.encrypted_custom_fields')) {
                            if (is_array($request->input($field->db_column))) {
                                $asset->{$field->db_column} = Crypt::encrypt(implode(', ', $request->input($field->db_column)));
                            } else {
@@ -328,16 +329,21 @@ class AssetsController extends Controller
        }
        $asset->supplier_id = $request->input('supplier_id', null);
        $asset->expected_checkin = $request->input('expected_checkin', null);
-
-        // If the box isn't checked, it's not in the request at all.
-        $asset->requestable = $request->filled('requestable');
+        $asset->requestable = $request->input('requestable', 0);
        $asset->rtd_location_id = $request->input('rtd_location_id', null);
        $asset->byod = $request->input('byod', 0);

-        $status = Statuslabel::find($asset->status_id);
+        $status = Statuslabel::find($request->input('status_id'));

-        if ($status && $status->archived) {
+        // This is a non-deployable status label - we should check the asset back in.
+        if (($status && $status->getStatuslabelType() != 'deployable') && ($target = $asset->assignedTo)) {
+
+            $originalValues = $asset->getRawOriginal();
            $asset->assigned_to = null;
+            $asset->assigned_type = null;
+            $asset->accepted = null;
+
+            event(new CheckoutableCheckedIn($asset, $target, auth()->user(), 'Checkin on asset update', date('Y-m-d H:i:s'), $originalValues));
        }

        if ($asset->assigned_to == '') {
@@ -388,7 +394,7 @@ class AssetsController extends Controller
            foreach ($model->fieldset->fields as $field) {

                if ($field->field_encrypted == '1') {
-                    if (Gate::allows('admin')) {
+                    if (Gate::allows('assets.view.encrypted_custom_fields')) {
                        if (is_array($request->input($field->db_column))) {
                            $asset->{$field->db_column} = Crypt::encrypt(implode(', ', $request->input($field->db_column)));
                        } else {
@@ -422,7 +428,7 @@ class AssetsController extends Controller
     * @param int $assetId
     * @since [v1.0]
     */
-    public function destroy($assetId) : RedirectResponse
+    public function destroy(Request $request, $assetId) : RedirectResponse
    {
        // Check if the asset exists
        if (is_null($asset = Asset::find($assetId))) {
@@ -432,9 +438,17 @@ class AssetsController extends Controller

        $this->authorize('delete', $asset);

-        DB::table('assets')
-            ->where('id', $asset->id)
-            ->update(['assigned_to' => null]);
+        if ($asset->assignedTo) {
+
+            $target = $asset->assignedTo;
+            $checkin_at = date('Y-m-d H:i:s');
+            $originalValues = $asset->getRawOriginal();
+            event(new CheckoutableCheckedIn($asset, $target, auth()->user(), 'Checkin on delete', $checkin_at, $originalValues));
+            DB::table('assets')
+                ->where('id', $asset->id)
+                ->update(['assigned_to' => null]);
+        }
+

        if ($asset->image) {
            try {
@@ -478,9 +492,16 @@ class AssetsController extends Controller
        $tag = $tag ? $tag : $request->get('assetTag');
        $topsearch = ($request->get('topsearch') == 'true');

-        if (! $asset = Asset::where('asset_tag', '=', $tag)->first()) {
-            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+        // Search for an exact and unique asset tag match
+        $assets = Asset::where('asset_tag', '=', $tag);
+
+        // If not a unique result, redirect to the index view
+        if ($assets->count() != 1) {
+            return redirect()->route('hardware.index')
+                ->with('search', $tag)
+                ->with('warning', trans('admin/hardware/message.does_not_exist_var', [ 'asset_tag' => $tag ]));
        }
+        $asset = $assets->first();
        $this->authorize('view', $asset);

        return redirect()->route('hardware.show', $asset->id)->with('topsearch', $topsearch);
@@ -732,7 +753,7 @@ class AssetsController extends Controller
                        Actionlog::firstOrCreate([
                            'item_id' => $asset->id,
                            'item_type' => Asset::class,
-                            'user_id' =>  auth()->id(),
+                            'created_by' =>  auth()->id(),
                            'note' => 'Checkout imported by '.auth()->user()->present()->fullName().' from history importer',
                            'target_id' => $item[$asset_tag][$batch_counter]['user_id'],
                            'target_type' => User::class,
@@ -760,7 +781,7 @@ class AssetsController extends Controller
                            Actionlog::firstOrCreate([
                                'item_id' => $item[$asset_tag][$batch_counter]['asset_id'],
                                'item_type' => Asset::class,
-                                'user_id' => auth()->id(),
+                                'created_by' => auth()->id(),
                                'note' => 'Checkin imported by '.auth()->user()->present()->fullName().' from history importer',
                                'target_id' => null,
                                'created_at' => $checkin_date,
@@ -837,7 +858,7 @@ class AssetsController extends Controller
    {
        $this->authorize('checkin', Asset::class);

-        return view('hardware/quickscan-checkin');
+        return view('hardware/quickscan-checkin')->with('statusLabel_list', Helper::statusLabelList());
    }

    public function audit($id)
--- a/app/Http/Controllers/Assets/BulkAssetsController.php
+++ b/app/Http/Controllers/Assets/BulkAssetsController.php
@@ -10,6 +10,7 @@ use App\Models\AssetModel;
 use App\Models\Statuslabel;
 use App\Models\Setting;
 use App\View\Label;
+use Carbon\Carbon;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Crypt;
 use Illuminate\Support\Facades\DB;
@@ -227,7 +228,8 @@ class BulkAssetsController extends Controller
         * its checkout status.
         */

-        if (($request->filled('purchase_date'))
+        if (($request->filled('name'))
+            || ($request->filled('purchase_date'))
            || ($request->filled('expected_checkin'))
            || ($request->filled('purchase_cost'))
            || ($request->filled('supplier_id'))
@@ -239,6 +241,7 @@ class BulkAssetsController extends Controller
            || ($request->filled('status_id'))
            || ($request->filled('model_id'))
            || ($request->filled('next_audit_date'))
+            || ($request->filled('null_name'))
            || ($request->filled('null_purchase_date'))
            || ($request->filled('null_expected_checkin_date'))
            || ($request->filled('null_next_audit_date'))
@@ -251,13 +254,14 @@ class BulkAssetsController extends Controller
                $this->update_array = [];

                /**
-                 * Leave out model_id and status here because we do math on that later. We have to do some extra
-                 * validation and checks on those two.
+                 * Leave out model_id and status here because we do math on that later. We have to do some
+                 * extra validation and checks on those two.
                 *
                 * It's tempting to make these match the request check above, but some of these values require
                 * extra work to make sure the data makes sense.
                 */
-                $this->conditionallyAddItem('purchase_date')
+                $this->conditionallyAddItem('name')
+                    ->conditionallyAddItem('purchase_date')
                    ->conditionallyAddItem('expected_checkin')
                    ->conditionallyAddItem('order_number')
                    ->conditionallyAddItem('requestable')
@@ -268,11 +272,36 @@ class BulkAssetsController extends Controller
                        $this->conditionallyAddItem($custom_field_column); 
                   }

+                if (!($asset->eol_explicit)) {
+					if ($request->filled('model_id')) {
+						$model = AssetModel::find($request->input('model_id'));
+						if ($model->eol > 0) {
+							if ($request->filled('purchase_date')) {
+								$this->update_array['asset_eol_date'] = Carbon::parse($request->input('purchase_date'))->addMonths($model->eol)->format('Y-m-d');
+							} else {
+								$this->update_array['asset_eol_date'] = Carbon::parse($asset->purchase_date)->addMonths($model->eol)->format('Y-m-d');
+							}
+						} else {
+							$this->update_array['asset_eol_date'] = null;
+						}
+					} elseif (($request->filled('purchase_date')) && ($asset->model->eol > 0)) {
+						$this->update_array['asset_eol_date'] = Carbon::parse($request->input('purchase_date'))->addMonths($asset->model->eol)->format('Y-m-d');
+					}
+				}                
+                
                /**
                 * Blank out fields that were requested to be blanked out via checkbox
                 */
+                if ($request->input('null_name')=='1') {
+
+                    $this->update_array['name'] = null;
+                }
+
                if ($request->input('null_purchase_date')=='1') {
                    $this->update_array['purchase_date'] = null;
+                    if (!($asset->eol_explicit)) {
+						$this->update_array['asset_eol_date'] = null;
+					}
                }

                if ($request->input('null_expected_checkin_date')=='1') {
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@@ -508,8 +508,8 @@ class LoginController extends Controller
    protected function validator(array $data)
    {
        return Validator::make($data, [
-            'username' => 'required',
-            'password' => 'required',
+            'username' => 'required|not_array',
+            'password' => 'required|not_array',
        ]);
    }

--- a/app/Http/Controllers/Auth/ResetPasswordController.php
+++ b/app/Http/Controllers/Auth/ResetPasswordController.php
@@ -87,7 +87,7 @@ class ResetPasswordController extends Controller
            'password.not_in' => trans('validation.disallow_same_pwd_as_user_fields'),
        ];

-        $request->validate($this->rules(), $request->all(), $this->validationErrorMessages());
+        $request->validate($this->rules());

        Log::debug('Checking if '.$request->input('username').' exists');
        // Check to see if the user even exists - we'll treat the response the same to prevent user sniffing
--- a/app/Http/Controllers/Auth/SamlController.php
+++ b/app/Http/Controllers/Auth/SamlController.php
@@ -99,12 +99,18 @@ class SamlController extends Controller
    {
        $saml = $this->saml;
        $auth = $saml->getAuth();
-        $auth->processResponse();
+        $saml_exception = false;
+        try {
+            $auth->processResponse();
+        } catch (\Exception $e) {
+            Log::warning("Exception caught in SAML login: " . $e->getMessage());
+            $saml_exception = true;
+        }
        $errors = $auth->getErrors();

-        if (! empty($errors)) {
-            Log::error('There was an error with SAML ACS: '.implode(', ', $errors));
-            Log::error('Reason: '.$auth->getLastErrorReason());
+        if (!empty($errors) || $saml_exception) {
+            Log::warning('There was an error with SAML ACS: ' . implode(', ', $errors));
+            Log::warning('Reason: ' . $auth->getLastErrorReason());

            return redirect()->route('login')->with('error', trans('auth/message.signin.error'));
        }
@@ -132,12 +138,18 @@ class SamlController extends Controller
    {
        $auth = $this->saml->getAuth();
        $retrieveParametersFromServer = $this->saml->getSetting('retrieveParametersFromServer', false);
-        $sloUrl = $auth->processSLO(true, null, $retrieveParametersFromServer, null, true);
+        $saml_exception = false;
+        try {
+            $sloUrl = $auth->processSLO(true, null, $retrieveParametersFromServer, null, true);
+        } catch (\Exception $e) {
+            Log::warning("Exception caught in SAML single-logout: " . $e->getMessage());
+            $saml_exception = true;
+        }
        $errors = $auth->getErrors();

-        if (! empty($errors)) {
-            Log::error('There was an error with SAML SLS: '.implode(', ', $errors));
-            Log::error('Reason: '.$auth->getLastErrorReason());
+        if (!empty($errors) || $saml_exception) {
+            Log::warning('There was an error with SAML SLS: ' . implode(', ', $errors));
+            Log::warning('Reason: ' . $auth->getLastErrorReason());

            return view('errors.403');
        }
--- a/app/Http/Controllers/CategoriesController.php
+++ b/app/Http/Controllers/CategoriesController.php
@@ -69,7 +69,7 @@ class CategoriesController extends Controller
        $category->use_default_eula = $request->input('use_default_eula', '0');
        $category->require_acceptance = $request->input('require_acceptance', '0');
        $category->checkin_email = $request->input('checkin_email', '0');
-        $category->user_id = Auth::id();
+        $category->created_by = auth()->id();

        $category = $request->handleImages($category);
        if ($category->save()) {
--- a/app/Http/Controllers/CheckInOutRequest.php
+++ b/app/Http/Controllers/CheckInOutRequest.php
@@ -20,7 +20,7 @@ trait CheckInOutRequest
                return Location::findOrFail(request('assigned_location'));
            case 'asset':
                return Asset::findOrFail(request('assigned_asset'));
-            case 'user':
+            default:
                return User::findOrFail(request('assigned_user'));
        }

--- a/app/Http/Controllers/CompaniesController.php
+++ b/app/Http/Controllers/CompaniesController.php
@@ -60,6 +60,7 @@ final class CompaniesController extends Controller
        $company->phone = $request->input('phone');
        $company->fax = $request->input('fax');
        $company->email = $request->input('email');
+        $company->created_by = auth()->id();

        $company = $request->handleImages($company);

--- a/app/Http/Controllers/Components/ComponentCheckoutController.php
+++ b/app/Http/Controllers/Components/ComponentCheckoutController.php
@@ -8,6 +8,7 @@ use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Models\Asset;
 use App\Models\Component;
+use App\Models\Setting;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Input;
@@ -97,11 +98,15 @@ class ComponentCheckoutController extends Controller
        // Check if the asset exists
        $asset = Asset::find($request->input('asset_id'));

+        if ((Setting::getSettings()->full_multiple_companies_support) && $component->company_id !== $asset->company_id) {
+            return redirect()->route('components.checkout.show', $componentId)->with('error', trans('general.error_user_company'));
+        }
+
        // Update the component data
        $component->asset_id = $request->input('asset_id');
        $component->assets()->attach($component->id, [
            'component_id' => $component->id,
-            'user_id' => auth()->user()->id,
+            'created_by' => auth()->user()->id,
            'created_at' => date('Y-m-d H:i:s'),
            'assigned_qty' => $request->input('assigned_qty'),
            'asset_id' => $request->input('asset_id'),
--- a/app/Http/Controllers/Components/ComponentsController.php
+++ b/app/Http/Controllers/Components/ComponentsController.php
@@ -81,7 +81,7 @@ class ComponentsController extends Controller
        $component->purchase_date          = $request->input('purchase_date', null);
        $component->purchase_cost          = $request->input('purchase_cost', null);
        $component->qty                    = $request->input('qty');
-        $component->user_id                = Auth::id();
+        $component->created_by                = auth()->id();
        $component->notes                  = $request->input('notes');

        $component = $request->handleImages($component);
--- a/app/Http/Controllers/Consumables/ConsumableCheckoutController.php
+++ b/app/Http/Controllers/Consumables/ConsumableCheckoutController.php
@@ -95,7 +95,7 @@ class ConsumableCheckoutController extends Controller
        for($i = 0; $i < $quantity; $i++){
        $consumable->users()->attach($consumable->id, [
            'consumable_id' => $consumable->id,
-            'user_id' => $admin_user->id,
+            'created_by' => $admin_user->id,
            'assigned_to' => e($request->input('assigned_to')),
            'note' => $request->input('note'),
        ]);
--- a/app/Http/Controllers/Consumables/ConsumablesController.php
+++ b/app/Http/Controllers/Consumables/ConsumablesController.php
@@ -81,7 +81,7 @@ class ConsumablesController extends Controller
        $consumable->purchase_date          = $request->input('purchase_date');
        $consumable->purchase_cost          = $request->input('purchase_cost');
        $consumable->qty                    = $request->input('qty');
-        $consumable->user_id                = Auth::id();
+        $consumable->created_by                = auth()->id();
        $consumable->notes                  = $request->input('notes');


@@ -221,7 +221,7 @@ class ConsumablesController extends Controller
        $consumable = clone $consumable_to_close;
        $consumable->id = null;
        $consumable->image = null;
-        $consumable->user_id = null;
+        $consumable->created_by = null;

        return view('consumables/edit')->with('item', $consumable);
    }
--- a/app/Http/Controllers/CustomFieldsController.php
+++ b/app/Http/Controllers/CustomFieldsController.php
@@ -104,7 +104,7 @@ class CustomFieldsController extends Controller
            "auto_add_to_fieldsets" => $request->get("auto_add_to_fieldsets", 0),
            "show_in_listview" => $request->get("show_in_listview", 0),
            "show_in_requestable_list" => $request->get("show_in_requestable_list", 0),
-            "user_id" => Auth::id()
+            "user_id" => auth()->id()
        ]);


@@ -248,7 +248,7 @@ class CustomFieldsController extends Controller
        $field->name          = trim(e($request->get("name")));
        $field->element       = e($request->get("element"));
        $field->field_values  = $request->get("field_values");
-        $field->user_id       = Auth::id();
+        $field->created_by       = auth()->id();
        $field->help_text     = $request->get("help_text");
        $field->show_in_email = $show_in_email;
        $field->is_unique     = $request->get("is_unique", 0);
--- a/app/Http/Controllers/CustomFieldsetsController.php
+++ b/app/Http/Controllers/CustomFieldsetsController.php
@@ -90,7 +90,7 @@ class CustomFieldsetsController extends Controller

        $fieldset = new CustomFieldset([
                'name' => $request->get('name'),
-                'user_id' => auth()->id(),
+                'created_by' => auth()->id(),
        ]);

        $validator = Validator::make($request->all(), $fieldset->rules);
--- a/app/Http/Controllers/DashboardController.php
+++ b/app/Http/Controllers/DashboardController.php
@@ -5,6 +5,7 @@ namespace App\Http\Controllers;
 use Illuminate\Support\Facades\Artisan;
 use Illuminate\Http\RedirectResponse;
 use \Illuminate\Contracts\View\View;
+use Illuminate\Support\Facades\Session;


 /**
@@ -44,6 +45,8 @@ class DashboardController extends Controller

            return view('dashboard')->with('asset_stats', $asset_stats)->with('counts', $counts);
        } else {
+            Session::reflash();
+
            // Redirect to the profile page
            return redirect()->intended('account/view-assets');
        }
--- a/app/Http/Controllers/DepartmentsController.php
+++ b/app/Http/Controllers/DepartmentsController.php
@@ -51,7 +51,7 @@ class DepartmentsController extends Controller
        $this->authorize('create', Department::class);
        $department = new Department;
        $department->fill($request->all());
-        $department->user_id = auth()->id();
+        $department->created_by = auth()->id();
        $department->manager_id = ($request->filled('manager_id') ? $request->input('manager_id') : null);
        $department->location_id = ($request->filled('location_id') ? $request->input('location_id') : null);
        $department->company_id = ($request->filled('company_id') ? $request->input('company_id') : null);
--- a/app/Http/Controllers/DepreciationsController.php
+++ b/app/Http/Controllers/DepreciationsController.php
@@ -61,7 +61,21 @@ class DepreciationsController extends Controller
        // Depreciation data
        $depreciation->name = $request->input('name');
        $depreciation->months = $request->input('months');
-        $depreciation->user_id = Auth::id();
+        $depreciation->created_by = auth()->id();
+
+        $request->validate([
+            'depreciation_min' => [
+                'required',
+                'numeric',
+                function ($attribute, $value, $fail) use ($request) {
+                    if ($request->input('depreciation_type') == 'percent' && ($value < 0 || $value > 100)) {
+                        $fail(trans('validation.percent'));
+                    }
+                },
+            ],
+            'depreciation_type' => 'required|in:amount,percent',
+        ]);
+        $depreciation->depreciation_type = $request->input('depreciation_type');
        $depreciation->depreciation_min = $request->input('depreciation_min');

        // Was the asset created?
@@ -116,6 +130,20 @@ class DepreciationsController extends Controller
        // Depreciation data
        $depreciation->name             = $request->input('name');
        $depreciation->months           = $request->input('months');
+
+        $request->validate([
+            'depreciation_min' => [
+                'required',
+                'numeric',
+                function ($attribute, $value, $fail) use ($request) {
+                    if ($request->input('depreciation_type') == 'percent' && ($value < 0 || $value > 100)) {
+                        $fail(trans('validation.percent'));
+                    }
+                },
+            ],
+            'depreciation_type' => 'required|in:amount,percent',
+        ]);
+        $depreciation->depreciation_type = $request->input('depreciation_type');
        $depreciation->depreciation_min = $request->input('depreciation_min');

        // Was the asset created?
@@ -165,13 +193,20 @@ class DepreciationsController extends Controller
     */
    public function show($id) : View | RedirectResponse
    {
-        if (is_null($depreciation = Depreciation::find($id))) {
-            // Redirect to the blogs management page
-            return redirect()->route('depreciations.index')->with('error', trans('admin/depreciations/message.does_not_exist'));
-        }
+        $depreciation = Depreciation::withCount('assets as assets_count')
+            ->withCount('models as models_count')
+            ->withCount('licenses as licenses_count')
+            ->find($id);

        $this->authorize('view', $depreciation);

-        return view('depreciations/view', compact('depreciation'));
+        if ($depreciation) {
+            return view('depreciations/view', compact('depreciation'));
+
+        }
+
+        return redirect()->route('depreciations.index')->with('error', trans('admin/depreciations/message.does_not_exist'));
+
+
    }
 }
--- a/app/Http/Controllers/Kits/CheckoutKitController.php
+++ b/app/Http/Controllers/Kits/CheckoutKitController.php
@@ -62,10 +62,10 @@ class CheckoutKitController extends Controller

        $checkout_result = $this->kitService->checkout($request, $kit, $user);
        if (Arr::has($checkout_result, 'errors') && count($checkout_result['errors']) > 0) {
-            return redirect()->back()->with('error', trans('general.checkout_error'))->with('error_messages', $checkout_result['errors']);
+            return redirect()->back()->with('error', trans('admin/kits/general.checkout_error'))->with('error_messages', $checkout_result['errors']);
        }

-        return redirect()->back()->with('success', trans('general.checkout_success'))
+        return redirect()->back()->with('success', trans('admin/kits/general.checkout_success'))
            ->with('assets', Arr::get($checkout_result, 'assets', null))
            ->with('accessories', Arr::get($checkout_result, 'accessories', null))
            ->with('consumables', Arr::get($checkout_result, 'consumables', null));
--- a/app/Http/Controllers/Kits/PredefinedKitsController.php
+++ b/app/Http/Controllers/Kits/PredefinedKitsController.php
@@ -55,6 +55,7 @@ class PredefinedKitsController extends Controller
        // Create a new Predefined Kit
        $kit = new PredefinedKit;
        $kit->name = $request->input('name');
+        $kit->created_by = auth()->id();

        if (! $kit->save()) {
            return redirect()->back()->withInput()->withErrors($kit->getErrors());
--- a/app/Http/Controllers/Licenses/LicenseCheckoutController.php
+++ b/app/Http/Controllers/Licenses/LicenseCheckoutController.php
@@ -77,7 +77,7 @@ class LicenseCheckoutController extends Controller
        $this->authorize('checkout', $license);

        $licenseSeat = $this->findLicenseSeatToCheckout($license, $seatId);
-        $licenseSeat->user_id = Auth::id();
+        $licenseSeat->created_by = auth()->id();
        $licenseSeat->notes = $request->input('notes');
        

--- a/app/Http/Controllers/Licenses/LicensesController.php
+++ b/app/Http/Controllers/Licenses/LicensesController.php
@@ -99,7 +99,7 @@ class LicensesController extends Controller
        $license->supplier_id       = $request->input('supplier_id');
        $license->category_id       = $request->input('category_id');
        $license->termination_date  = $request->input('termination_date');
-        $license->user_id           = Auth::id();
+        $license->created_by           = auth()->id();
        $license->min_amt           = $request->input('min_amt');

        session()->put(['redirect_option' => $request->get('redirect_option')]);
--- a/app/Http/Controllers/LocationsController.php
+++ b/app/Http/Controllers/LocationsController.php
@@ -3,6 +3,7 @@
 namespace App\Http\Controllers;

 use App\Http\Requests\ImageUploadRequest;
+use App\Models\Actionlog;
 use App\Models\Asset;
 use App\Models\Location;
 use App\Models\User;
@@ -74,7 +75,7 @@ class LocationsController extends Controller
        $location->zip = $request->input('zip');
        $location->ldap_ou = $request->input('ldap_ou');
        $location->manager_id = $request->input('manager_id');
-        $location->user_id = auth()->id();
+        $location->created_by = auth()->id();
        $location->phone = request('phone');
        $location->fax = request('fax');

@@ -193,7 +194,13 @@ class LocationsController extends Controller
     */
    public function show($id = null) : View | RedirectResponse
    {
-        $location = Location::find($id);
+        $location = Location::withCount('assignedAssets as assigned_assets_count')
+            ->withCount('assets as assets_count')
+            ->withCount('rtd_assets as rtd_assets_count')
+            ->withCount('children as children_count')
+            ->withCount('users as users_count')
+            ->withTrashed()
+            ->find($id);

        if (isset($location->id)) {
            return view('locations/view', compact('location'));
@@ -249,6 +256,41 @@ class LocationsController extends Controller
    }


+    /**
+     * Restore a given Asset Model (mark as un-deleted)
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @param int $id
+     */
+    public function postRestore($id) : RedirectResponse
+    {
+        $this->authorize('create', Location::class);
+
+        if ($location = Location::withTrashed()->find($id)) {
+
+            if ($location->deleted_at == '') {
+                return redirect()->back()->with('error', trans('general.not_deleted', ['item_type' => trans('general.location')]));
+            }
+
+            if ($location->restore()) {
+                $logaction = new Actionlog();
+                $logaction->item_type = Location::class;
+                $logaction->item_id = $location->id;
+                $logaction->created_at = date('Y-m-d H:i:s');
+                $logaction->created_by = auth()->id();
+                $logaction->logaction('restore');
+
+                return redirect()->route('locations.index')->with('success', trans('admin/locations/message.restore.success'));
+            }
+
+            // Check validation
+            return redirect()->back()->with('error', trans('general.could_not_restore', ['item_type' => trans('general.location'), 'error' => $location->getErrors()->first()]));
+        }
+
+        return redirect()->back()->with('error', trans('admin/models/message.does_not_exist'));
+
+    }
    public function print_all_assigned($id) : View | RedirectResponse
    {
        if ($location = Location::where('id', $id)->first()) {
--- a/app/Http/Controllers/ManufacturersController.php
+++ b/app/Http/Controllers/ManufacturersController.php
@@ -61,7 +61,7 @@ class ManufacturersController extends Controller
        $this->authorize('create', Manufacturer::class);
        $manufacturer = new Manufacturer;
        $manufacturer->name = $request->input('name');
-        $manufacturer->user_id = Auth::id();
+        $manufacturer->created_by = auth()->id();
        $manufacturer->url = $request->input('url');
        $manufacturer->support_url = $request->input('support_url');
        $manufacturer->warranty_lookup_url = $request->input('warranty_lookup_url');
@@ -219,7 +219,7 @@ class ManufacturersController extends Controller
                $logaction->item_type = Manufacturer::class;
                $logaction->item_id = $manufacturer->id;
                $logaction->created_at = date('Y-m-d H:i:s');
-                $logaction->user_id = auth()->id();
+                $logaction->created_by = auth()->id();
                $logaction->logaction('restore');

                // Redirect them to the deleted page if there are more, otherwise the section index
--- a/app/Http/Controllers/ProfileController.php
+++ b/app/Http/Controllers/ProfileController.php
@@ -49,6 +49,8 @@ class ProfileController extends Controller
        $user->gravatar = $request->input('gravatar');
        $user->skin = $request->input('skin');
        $user->phone = $request->input('phone');
+        $user->enable_sounds = $request->input('enable_sounds', false);
+        $user->enable_confetti = $request->input('enable_confetti', false);

        if (! config('app.lock_passwords')) {
            $user->locale = $request->input('locale', 'en-US');
--- a/app/Http/Controllers/ReportsController.php
+++ b/app/Http/Controllers/ReportsController.php
@@ -703,6 +703,10 @@ class ReportsController extends Controller
                    $assets->whereBetween('assets.expected_checkin', [$request->input('expected_checkin_start'), $request->input('expected_checkin_end')]);
            }

+            if (($request->filled('asset_eol_date_start')) && ($request->filled('asset_eol_date_end'))) {
+                $assets->whereBetween('assets.asset_eol_date', [$request->input('asset_eol_date_start'), $request->input('asset_eol_date_end')]);
+            }
+
            if (($request->filled('last_audit_start')) && ($request->filled('last_audit_end'))) {
                    $last_audit_start = Carbon::parse($request->input('last_audit_start'))->startOfDay();
                    $last_audit_end = Carbon::parse($request->input('last_audit_end'))->endOfDay();
@@ -778,7 +782,7 @@ class ReportsController extends Controller
                    }

                    if ($request->filled('eol')) {
-                            $row[] = ($asset->asset_eol_date) ? $asset->asset_eol_date : '';
+                        $row[] = ($asset->purchase_date != '') ? $asset->asset_eol_date : '';
                    }

                    if ($request->filled('order')) {
--- a/app/Http/Controllers/SettingsController.php
+++ b/app/Http/Controllers/SettingsController.php
@@ -181,7 +181,7 @@ class SettingsController extends Controller
        $settings->brand = 1;
        $settings->locale = $request->input('locale', 'en-US');
        $settings->default_currency = $request->input('default_currency', 'USD');
-        $settings->user_id = 1;
+        $settings->created_by = 1;
        $settings->email_domain = $request->input('email_domain');
        $settings->email_format = $request->input('email_format');
        $settings->next_auto_tag_base = 1;
@@ -324,6 +324,7 @@ class SettingsController extends Controller

        $setting->full_multiple_companies_support = $request->input('full_multiple_companies_support', '0');
        $setting->unique_serial = $request->input('unique_serial', '0');
+        $setting->shortcuts_enabled = $request->input('shortcuts_enabled', '0');
        $setting->show_images_in_email = $request->input('show_images_in_email', '0');
        $setting->show_archived_in_list = $request->input('show_archived_in_list', '0');
        $setting->dashboard_message = $request->input('dashboard_message');
@@ -636,6 +637,7 @@ class SettingsController extends Controller
        $setting->alert_threshold = $request->input('alert_threshold');
        $setting->audit_interval = $request->input('audit_interval');
        $setting->audit_warning_days = $request->input('audit_warning_days');
+        $setting->due_checkin_days = $request->input('due_checkin_days');
        $setting->show_alerts_in_menu = $request->input('show_alerts_in_menu', '0');

        if ($setting->save()) {
@@ -1202,7 +1204,7 @@ class SettingsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v6.0]
     */
-    public function postRestore($filename = null) : RedirectResponse
+    public function postRestore(Request $request, $filename = null): RedirectResponse
    {

        if (! config('app.lock_passwords')) {
@@ -1222,13 +1224,29 @@ class SettingsController extends Controller

                Log::debug('Attempting to restore from: '. storage_path($path).'/'.$filename);

-                // run the restore command
-                Artisan::call('snipeit:restore',
-                [
+                $restore_params = [
                    '--force' => true,
                    '--no-progress' => true,
-                    'filename' => storage_path($path).'/'.$filename
-                ]);
+                    'filename' => storage_path($path) . '/' . $filename
+                ];
+
+                if ($request->input('clean')) {
+                    Log::debug("Attempting 'clean' - first, guessing prefix...");
+                    Artisan::call('snipeit:restore', [
+                        '--sanitize-guess-prefix' => true,
+                        'filename' => storage_path($path) . '/' . $filename
+                    ]);
+                    $guess_prefix_output = Artisan::output();
+                    Log::debug("Sanitize output is: $guess_prefix_output");
+                    list($prefix, $_output) = explode("\n", $guess_prefix_output);
+                    Log::debug("prefix is: '$prefix'");
+                    $restore_params['--sanitize-with-prefix'] = $prefix;
+                }
+
+                // run the restore command
+                Artisan::call('snipeit:restore',
+                    $restore_params
+                );

                // If it's greater than 300, it probably worked
                $output = Artisan::output();
--- a/app/Http/Controllers/StatuslabelsController.php
+++ b/app/Http/Controllers/StatuslabelsController.php
@@ -69,7 +69,7 @@ class StatuslabelsController extends Controller

        // Save the Statuslabel data
        $statusLabel->name = $request->input('name');
-        $statusLabel->user_id = Auth::id();
+        $statusLabel->created_by = auth()->id();
        $statusLabel->notes = $request->input('notes');
        $statusLabel->deployable = $statusType['deployable'];
        $statusLabel->pending = $statusType['pending'];
--- a/app/Http/Controllers/SuppliersController.php
+++ b/app/Http/Controllers/SuppliersController.php
@@ -62,7 +62,7 @@ class SuppliersController extends Controller
        $supplier->email = request('email');
        $supplier->notes = request('notes');
        $supplier->url = $supplier->addhttp(request('url'));
-        $supplier->user_id = Auth::id();
+        $supplier->created_by = auth()->id();
        $supplier = $request->handleImages($supplier);

        if ($supplier->save()) {
--- a/app/Http/Controllers/Users/BulkUsersController.php
+++ b/app/Http/Controllers/Users/BulkUsersController.php
@@ -13,9 +13,11 @@ use App\Models\Group;
 use App\Models\LicenseSeat;
 use App\Models\ConsumableAssignment;
 use App\Models\Consumable;
+use App\Models\Setting;
 use App\Models\User;
 use Carbon\Carbon;
 use Illuminate\Http\Request;
+use Illuminate\Support\Collection;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\DB;
 use Illuminate\Support\Facades\Password;
@@ -29,12 +31,12 @@ class BulkUsersController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.7]
     * @param Request $request
-     * @return \Illuminate\Contracts\View\View
+     * @return \Illuminate\Contracts\View\View | \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function edit(Request $request)
    {
-        $this->authorize('update', User::class);
+        $this->authorize('view', User::class);

        // Make sure there were users selected
        if (($request->filled('ids')) && (count($request->input('ids')) > 0)) {
@@ -46,16 +48,18 @@ class BulkUsersController extends Controller

            // bulk edit, display the bulk edit form
            if ($request->input('bulk_actions') == 'edit') {
+                $this->authorize('update', User::class);
                return view('users/bulk-edit', compact('users'))
                    ->with('groups', Group::pluck('name', 'id'));

            // bulk delete, display the bulk delete confirmation form
            } elseif ($request->input('bulk_actions') == 'delete') {
+                $this->authorize('delete', User::class);
                return view('users/confirm-bulk-delete')->with('users', $users)->with('statuslabel_list', Helper::statusLabelList());

            // merge, confirm they have at least 2 users selected and display the merge screen
            } elseif ($request->input('bulk_actions') == 'merge') {
-
+                $this->authorize('delete', User::class);
                if (($request->filled('ids')) && (count($request->input('ids')) > 1)) {
                    return view('users/confirm-merge')->with('users', $users);
                // Not enough users selected, send them back
@@ -75,6 +79,33 @@ class BulkUsersController extends Controller
                }
                return redirect()->back()->with('success', trans('admin/users/message.password_resets_sent'));

+            } elseif ($request->input('bulk_actions') == 'print') {
+                $users = User::query()
+                    ->with([
+                        'assets.assetlog',
+                        'assets.assignedAssets.assetlog',
+                        'assets.assignedAssets.defaultLoc',
+                        'assets.assignedAssets.location',
+                        'assets.assignedAssets.model.category',
+                        'assets.defaultLoc',
+                        'assets.location',
+                        'assets.model.category',
+                        'accessories.assetlog',
+                        'accessories.category',
+                        'accessories.manufacturer',
+                        'consumables.assetlog',
+                        'consumables.category',
+                        'consumables.manufacturer',
+                        'licenses.category',
+                    ])
+                    ->withTrashed()
+                    ->findMany($request->input('ids'));
+
+                $users->each(fn($user) => $this->authorize('view', $user));
+
+                return view('users.print')
+                    ->with('users', $users)
+                    ->with('settings', Setting::getSettings());
            }
        }

@@ -100,7 +131,7 @@ class BulkUsersController extends Controller
        $user_raw_array = $request->input('ids');

        // Remove the user from any updates.
-        $user_raw_array = array_diff($user_raw_array, [Auth::id()]);
+        $user_raw_array = array_diff($user_raw_array, [auth()->id()]);
        $manager_conflict = false;
        $users = User::whereIn('id', $user_raw_array)->where('id', '!=', auth()->id())->get();

@@ -115,6 +146,9 @@ class BulkUsersController extends Controller
            ->conditionallyAddItem('remote')
            ->conditionallyAddItem('ldap_import')
            ->conditionallyAddItem('activated')
+            ->conditionallyAddItem('start_date')
+            ->conditionallyAddItem('end_date')
+            ->conditionallyAddItem('city')
            ->conditionallyAddItem('autoassign_licenses');


@@ -145,13 +179,24 @@ class BulkUsersController extends Controller
            $this->update_array['company_id'] = null;
        }

-        
+        if ($request->input('null_start_date')=='1') {
+            $this->update_array['start_date'] = null;
+        }
+
+        if ($request->input('null_end_date')=='1') {
+            $this->update_array['end_date'] = null;
+        }
+
+        if ($request->input('null_locale')=='1') {
+            $this->update_array['locale'] = null;
+        }
+
        if (! $manager_conflict) {
            $this->conditionallyAddItem('manager_id');
        }
        // Save the updated info
        User::whereIn('id', $user_raw_array)
-            ->where('id', '!=', Auth::id())->update($this->update_array);
+            ->where('id', '!=', auth()->id())->update($this->update_array);

        if (array_key_exists('location_id', $this->update_array)){
            Asset::where('assigned_type', User::class)
@@ -213,26 +258,24 @@ class BulkUsersController extends Controller

        $user_raw_array = request('ids');

-        if (($key = array_search(Auth::id(), $user_raw_array)) !== false) {
+        if (($key = array_search(auth()->id(), $user_raw_array)) !== false) {
            unset($user_raw_array[$key]);
        }

        $users = User::whereIn('id', $user_raw_array)->get();
-        $assets = Asset::whereIn('assigned_to', $user_raw_array)->where('assigned_type', \App\Models\User::class)->get();
-        $accessories = DB::table('accessories_users')->whereIn('assigned_to', $user_raw_array)->get();
+        $assets = Asset::whereIn('assigned_to', $user_raw_array)->where('assigned_type', User::class)->get();
+        $accessoryUserRows = DB::table('accessories_checkout')->where('assigned_type', User::class)->whereIn('assigned_to', $user_raw_array)->get();
        $licenses = DB::table('license_seats')->whereIn('assigned_to', $user_raw_array)->get();
-        $consumables = DB::table('consumables_users')->whereIn('assigned_to', $user_raw_array)->get();
+        $consumableUserRows = DB::table('consumables_users')->whereIn('assigned_to', $user_raw_array)->get();

        if ((($assets->count() > 0) && ((!$request->filled('status_id')) || ($request->input('status_id') == '')))) {
            return redirect()->route('users.index')->with('error', 'No status selected');
        }

-
        $this->logItemCheckinAndDelete($assets, Asset::class);
-        $this->logItemCheckinAndDelete($accessories, Accessory::class);
+        $this->logAccessoriesCheckin($accessoryUserRows);
        $this->logItemCheckinAndDelete($licenses, License::class);
-        $this->logItemCheckinAndDelete($consumables, Consumable::class);
-
+        $this->logConsumablesCheckin($consumableUserRows);

        Asset::whereIn('id', $assets->pluck('id'))->update([
            'status_id'     => e(request('status_id')),
@@ -241,19 +284,14 @@ class BulkUsersController extends Controller
            'expected_checkin' => null,
        ]);

-
        LicenseSeat::whereIn('id', $licenses->pluck('id'))->update(['assigned_to' => null]);
-        ConsumableAssignment::whereIn('id', $consumables->pluck('id'))->delete();
-
+        ConsumableAssignment::whereIn('id', $consumableUserRows->pluck('id'))->delete();

        foreach ($users as $user) {
-
-            $user->consumables()->sync([]);
            $user->accessories()->sync([]);
            if ($request->input('delete_user')=='1') {
                $user->delete();
            }
-
        }

        $msg = trans('general.bulk_checkin_success');
@@ -279,13 +317,41 @@ class BulkUsersController extends Controller
            if ($itemType == License::class){
                $item_id = $item->license_id;
            }
-            
+
            $logAction->item_id = $item_id;
            // We can't rely on get_class here because the licenses/accessories fetched above are not eloquent models, but simply arrays.
            $logAction->item_type = $itemType;
            $logAction->target_id = $item->assigned_to;
            $logAction->target_type = User::class;
-            $logAction->user_id = Auth::id();
+            $logAction->created_at = auth()->id();
+            $logAction->note = 'Bulk checkin items';
+            $logAction->logaction('checkin from');
+        }
+    }
+
+    private function logAccessoriesCheckin(Collection $accessoryUserRows): void
+    {
+        foreach ($accessoryUserRows as $accessoryUserRow) {
+            $logAction = new Actionlog();
+            $logAction->item_id = $accessoryUserRow->accessory_id;
+            $logAction->item_type = Accessory::class;
+            $logAction->target_id = $accessoryUserRow->assigned_to;
+            $logAction->target_type = User::class;
+            $logAction->created_at = auth()->id();
+            $logAction->note = 'Bulk checkin items';
+            $logAction->logaction('checkin from');
+        }
+    }
+
+    private function logConsumablesCheckin(Collection $consumableUserRows): void
+    {
+        foreach ($consumableUserRows as $consumableUserRow) {
+            $logAction = new Actionlog();
+            $logAction->item_id = $consumableUserRow->consumable_id;
+            $logAction->item_type = Consumable::class;
+            $logAction->target_id = $consumableUserRow->assigned_to;
+            $logAction->target_type = User::class;
+            $logAction->created_at = auth()->id();
            $logAction->note = 'Bulk checkin items';
            $logAction->logaction('checkin from');
        }
--- a/app/Http/Controllers/Users/UserFilesController.php
+++ b/app/Http/Controllers/Users/UserFilesController.php
@@ -46,7 +46,7 @@ class UserFilesController extends Controller
                $logAction = new Actionlog();
                $logAction->item_id = $user->id;
                $logAction->item_type = User::class;
-                $logAction->user_id = Auth::id();
+                $logAction->created_by = auth()->id();
                $logAction->note = $request->input('notes');
                $logAction->target_id = null;
                $logAction->created_at = date("Y-m-d H:i:s");
--- a/app/Http/Controllers/Users/UsersController.php
+++ b/app/Http/Controllers/Users/UsersController.php
@@ -186,7 +186,7 @@ class UsersController extends Controller
    {

        $this->authorize('update', User::class);
-        $user = User::with('assets', 'assets.model', 'consumables', 'accessories', 'licenses', 'userloc')->withTrashed()->find($id);
+        $user = User::with(['assets', 'assets.model', 'consumables', 'accessories', 'licenses', 'userloc'])->withTrashed()->find($id);

        if ($user) {

@@ -214,83 +214,79 @@ class UsersController extends Controller
     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
-    public function update(SaveUserRequest $request, $id = null)
+    public function update(SaveUserRequest $request, User $user)
    {
        $this->authorize('update', User::class);

        // This is a janky hack to prevent people from changing admin demo user data on the public demo.
        // The $ids 1 and 2 are special since they are seeded as superadmins in the demo seeder.
        // Thanks, jerks. You are why we can't have nice things. - snipe
-
-        if ((($id == 1) || ($id == 2)) && (config('app.lock_passwords'))) {
+        if ((($user->id == 1) || ($user->id == 2)) && (config('app.lock_passwords'))) {
            return redirect()->route('users.index')->with('error', trans('general.permission_denied_superuser_demo'));
        }

-
        // We need to reverse the UI specific logic for our
        // permissions here before we update the user.
        $permissions = $request->input('permissions', []);
        app('request')->request->set('permissions', $permissions);

-        $user = User::with('assets', 'assets.model', 'consumables', 'accessories', 'licenses', 'userloc')->withTrashed()->find($id);
+        $user->load(['assets', 'assets.model', 'consumables', 'accessories', 'licenses', 'userloc'])->withTrashed();

-        // User is valid - continue...
-        if ($user) {
-            $this->authorize('update', $user);
+        $this->authorize('update', $user);

-            // Figure out of this user was an admin before this edit
-            $orig_permissions_array = $user->decodePermissions();
-            $orig_superuser = '0';
-            if (is_array($orig_permissions_array)) {
-                if (array_key_exists('superuser', $orig_permissions_array)) {
-                    $orig_superuser = $orig_permissions_array['superuser'];
-                }
+        // Figure out of this user was an admin before this edit
+        $orig_permissions_array = $user->decodePermissions();
+        $orig_superuser = '0';
+        if (is_array($orig_permissions_array)) {
+            if (array_key_exists('superuser', $orig_permissions_array)) {
+                $orig_superuser = $orig_permissions_array['superuser'];
            }
+        }

-            // Only save groups if the user is a superuser
-            if (auth()->user()->isSuperUser()) {
-                $user->groups()->sync($request->input('groups'));
-            }
+        // Only save groups if the user is a superuser
+        if (auth()->user()->isSuperUser()) {
+            $user->groups()->sync($request->input('groups'));
+        }

-            // Update the user fields
-            $user->username = trim($request->input('username'));
-            $user->email = trim($request->input('email'));
-            $user->first_name = $request->input('first_name');
-            $user->last_name = $request->input('last_name');
-            $user->two_factor_optin = $request->input('two_factor_optin') ?: 0;
-            $user->locale = $request->input('locale');
-            $user->employee_num = $request->input('employee_num');
-            $user->activated = $request->input('activated', 0);
-            $user->jobtitle = $request->input('jobtitle', null);
-            $user->phone = $request->input('phone');
-            $user->location_id = $request->input('location_id', null);
-            $user->company_id = Company::getIdForUser($request->input('company_id', null));
-            $user->manager_id = $request->input('manager_id', null);
-            $user->notes = $request->input('notes');
-            $user->department_id = $request->input('department_id', null);
-            $user->address = $request->input('address', null);
-            $user->city = $request->input('city', null);
-            $user->state = $request->input('state', null);
-            $user->country = $request->input('country', null);
-            // if a user is editing themselves we should always keep activated true
-            $user->activated = $request->input('activated', $request->user()->is($user) ? 1 : 0);
-            $user->zip = $request->input('zip', null);
-            $user->remote = $request->input('remote', 0);
-            $user->vip = $request->input('vip', 0);
-            $user->website = $request->input('website', null);
-            $user->start_date = $request->input('start_date', null);
-            $user->end_date = $request->input('end_date', null);
-            $user->autoassign_licenses = $request->input('autoassign_licenses', 0);
+        // Update the user fields
+        $user->username = trim($request->input('username'));
+        $user->email = trim($request->input('email'));
+        $user->first_name = $request->input('first_name');
+        $user->last_name = $request->input('last_name');
+        $user->two_factor_optin = $request->input('two_factor_optin') ?: 0;
+        $user->locale = $request->input('locale');
+        $user->employee_num = $request->input('employee_num');
+        $user->activated = $request->input('activated', 0);
+        $user->jobtitle = $request->input('jobtitle', null);
+        $user->phone = $request->input('phone');
+        $user->location_id = $request->input('location_id', null);
+        $user->company_id = Company::getIdForUser($request->input('company_id', null));
+        $user->manager_id = $request->input('manager_id', null);
+        $user->notes = $request->input('notes');
+        $user->department_id = $request->input('department_id', null);
+        $user->address = $request->input('address', null);
+        $user->city = $request->input('city', null);
+        $user->state = $request->input('state', null);
+        $user->country = $request->input('country', null);
+        // if a user is editing themselves we should always keep activated true
+        $user->activated = $request->input('activated', $request->user()->is($user) ? 1 : 0);
+        $user->zip = $request->input('zip', null);
+        $user->remote = $request->input('remote', 0);
+        $user->vip = $request->input('vip', 0);
+        $user->website = $request->input('website', null);
+        $user->start_date = $request->input('start_date', null);
+        $user->end_date = $request->input('end_date', null);
+        $user->autoassign_licenses = $request->input('autoassign_licenses', 0);

-            // Update the location of any assets checked out to this user
-            Asset::where('assigned_type', User::class)
-                ->where('assigned_to', $user->id)
-                ->update(['location_id' => $request->input('location_id', null)]);
+        // Update the location of any assets checked out to this user
+        Asset::where('assigned_type', User::class)
+            ->where('assigned_to', $user->id)
+            ->update(['location_id' => $request->input('location_id', null)]);

-            // Do we want to update the user password?
-            if ($request->filled('password')) {
-                $user->password = bcrypt($request->input('password'));
-            }
+        // Do we want to update the user password?
+        if ($request->filled('password')) {
+            $user->password = bcrypt($request->input('password'));
+        }


        // Update the location of any assets checked out to this user
@@ -318,13 +314,7 @@ class UsersController extends Controller
                return redirect()->to(Helper::getRedirectOption($request, $user->id, 'Users'))
                    ->with('success', trans('admin/users/message.success.update'));
            }
-
            return redirect()->back()->withInput()->withErrors($user->getErrors());
-
-
-        }
-
-        return redirect()->route('users.index')->with('error', trans('admin/users/message.user_not_found', compact('id')));
    }

    /**
@@ -382,7 +372,7 @@ class UsersController extends Controller
                $logaction->item_type = User::class;
                $logaction->item_id = $user->id;
                $logaction->created_at = date('Y-m-d H:i:s');
-                $logaction->user_id = auth()->id();
+                $logaction->created_by = auth()->id();
                $logaction->logaction('restore');

                // Redirect them to the deleted page if there are more, otherwise the section index
@@ -601,29 +591,43 @@ class UsersController extends Controller
    /**
     * Print inventory
     *
-     * @author Aladin Alaily
     * @since [v1.8]
-     * @return \Illuminate\Http\RedirectResponse
+     * @author Aladin Alaily
     */
    public function printInventory($id)
    {
        $this->authorize('view', User::class);
-        $user = User::where('id', $id)->withTrashed()->first();
-      

-        // Make sure they can view this particular user
-        $this->authorize('view', $user);
+        $user = User::where('id', $id)
+            ->with([
+                'assets.assetlog',
+                'assets.assignedAssets.assetlog',
+                'assets.assignedAssets.defaultLoc',
+                'assets.assignedAssets.location',
+                'assets.assignedAssets.model.category',
+                'assets.defaultLoc',
+                'assets.location',
+                'assets.model.category',
+                'accessories.assetlog',
+                'accessories.category',
+                'accessories.manufacturer',
+                'consumables.assetlog',
+                'consumables.category',
+                'consumables.manufacturer',
+                'licenses.category',
+            ])
+            ->withTrashed()
+            ->first();

-        $assets = Asset::where('assigned_to', $id)->where('assigned_type', User::class)->with('model', 'model.category')->get();
-        $accessories = $user->accessories()->get();
-        $consumables = $user->consumables()->get();
+        if ($user) {
+            $this->authorize('view', $user);

-        return view('users/print')->with('assets', $assets)
-            ->with('licenses', $user->licenses()->get())
-            ->with('accessories', $accessories)
-            ->with('consumables', $consumables)
-            ->with('show_user', $user)
-            ->with('settings', Setting::getSettings());
+            return view('users.print')
+                ->with('users', [$user])
+                ->with('settings', Setting::getSettings());
+        }
+
+        return redirect()->route('users.index')->with('error', trans('admin/users/message.user_not_found', compact('id')));
    }

    /**
--- a/app/Http/Controllers/ViewAssetsController.php
+++ b/app/Http/Controllers/ViewAssetsController.php
@@ -13,6 +13,7 @@ use App\Notifications\RequestAssetNotification;
 use Illuminate\Http\Request;
 use Illuminate\Http\RedirectResponse;
 use \Illuminate\Contracts\View\View;
+use Log;

 /**
 * This controller handles all actions related to the ability for users
@@ -179,8 +180,11 @@ class ViewAssetsController extends Controller
            $asset->decrement('requests_counter', 1);

            $logaction->logaction('request canceled');
-            $settings->notify(new RequestAssetCancelation($data));
-
+            try {
+                $settings->notify(new RequestAssetCancelation($data));
+            } catch (\Exception $e) {
+                Log::warning($e);
+            }
            return redirect()->route('requestable-assets')
                ->with('success')->with('success', trans('admin/hardware/message.requests.canceled'));
        }
@@ -188,7 +192,11 @@ class ViewAssetsController extends Controller
        $logaction->logaction('requested');
        $asset->request();
        $asset->increment('requests_counter', 1);
-        $settings->notify(new RequestAssetNotification($data));
+        try {
+            $settings->notify(new RequestAssetNotification($data));
+        } catch (\Exception $e) {
+            Log::warning($e);
+        }

        return redirect()->route('requestable-assets')->with('success')->with('success', trans('admin/hardware/message.requests.success'));
    }
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@@ -14,6 +14,7 @@ class Kernel extends HttpKernel
     * @var array
     */
    protected $middleware = [
+        \App\Http\Middleware\TrustProxies::class,
        \App\Http\Middleware\NoSessionStore::class,
        \Illuminate\Foundation\Http\Middleware\PreventRequestsDuringMaintenance::class,
        \Illuminate\Session\Middleware\StartSession::class,
@@ -21,6 +22,7 @@ class Kernel extends HttpKernel
        \App\Http\Middleware\CheckForSetup::class,
        \App\Http\Middleware\CheckForDebug::class,
        \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
+        \App\Http\Middleware\TrimStrings::class,
        \App\Http\Middleware\SecurityHeaders::class,
        \App\Http\Middleware\PreventBackHistory::class,
        \Illuminate\Http\Middleware\HandleCors::class,
@@ -48,6 +50,7 @@ class Kernel extends HttpKernel

        'api' => [
            'auth:api',
+            \App\Http\Middleware\CheckLocale::class,
            \Illuminate\Routing\Middleware\SubstituteBindings::class,
        ],
    ];
--- a/app/Http/Requests/AccessoryCheckoutRequest.php
+++ b/app/Http/Requests/AccessoryCheckoutRequest.php
@@ -44,13 +44,10 @@ class AccessoryCheckoutRequest extends ImageUploadRequest

        return array_merge(
            [
-                'assigned_to'  => [
-                    'required',
-                    'integer',
-                    'exists:users,id,deleted_at,NULL',
-                    'not_array'
-                ],
-
+                'assigned_user'         => 'required_without_all:assigned_asset,assigned_location',
+                'assigned_asset'        => 'required_without_all:assigned_user,assigned_location',
+                'assigned_location'     => 'required_without_all:assigned_user,assigned_asset',
+                
                'number_remaining_after_checkout' => [
                    'min:0',
                    'required',
--- a/app/Http/Requests/ItemImportRequest.php
+++ b/app/Http/Requests/ItemImportRequest.php
@@ -60,7 +60,7 @@ class ItemImportRequest extends FormRequest
            $fieldMappings = array_change_key_case(array_flip($import->field_map), CASE_LOWER);
        }
        $importer->setCallbacks([$this, 'log'], [$this, 'progress'], [$this, 'errorCallback'])
-                 ->setUserId(Auth::id())
+                 ->setUserId(auth()->id())
                 ->setUpdating($this->get('import-update'))
                 ->setShouldNotify($this->get('send-welcome'))
                 ->setUsernameFormat('firstname.lastname')
--- a/app/Http/Requests/SaveUserRequest.php
+++ b/app/Http/Requests/SaveUserRequest.php
@@ -6,6 +6,7 @@ use App\Models\Setting;
 use Illuminate\Contracts\Validation\Validator;
 use Illuminate\Foundation\Http\FormRequest;
 use Illuminate\Http\Exceptions\HttpResponseException;
+use App\Rules\UserCannotSwitchCompaniesIfItemsAssigned;

 class SaveUserRequest extends FormRequest
 {
@@ -34,6 +35,7 @@ class SaveUserRequest extends FormRequest
        $rules = [
            'department_id' => 'nullable|exists:departments,id',
            'manager_id' => 'nullable|exists:users,id',
+            'company_id' => ['nullable','exists:companies,id']
        ];

        switch ($this->method()) {
@@ -52,11 +54,13 @@ class SaveUserRequest extends FormRequest
                $rules['first_name'] = 'required|string|min:1';
                $rules['username'] = 'required_unless:ldap_import,1|string|min:1';
                $rules['password'] = Setting::passwordComplexityRulesSaving('update').'|confirmed';
+                $rules['company_id'] = [new UserCannotSwitchCompaniesIfItemsAssigned()];
                break;

            // Save only what's passed
            case 'PATCH':
                $rules['password'] = Setting::passwordComplexityRulesSaving('update');
+                $rules['company_id'] = [new UserCannotSwitchCompaniesIfItemsAssigned()];
                break;

            default:
--- a/app/Http/Requests/StoreAssetRequest.php
+++ b/app/Http/Requests/StoreAssetRequest.php
@@ -2,15 +2,18 @@

 namespace App\Http\Requests;

+use App\Http\Requests\Traits\MayContainCustomFields;
 use App\Models\Asset;
 use App\Models\Company;
 use App\Models\Setting;
 use Carbon\Carbon;
 use Carbon\Exceptions\InvalidFormatException;
 use Illuminate\Support\Facades\Gate;
+use App\Rules\AssetCannotBeCheckedOutToNondeployableStatus;

 class StoreAssetRequest extends ImageUploadRequest
 {
+    use MayContainCustomFields;
    /**
     * Determine if the user is authorized to make this request.
     *
@@ -59,6 +62,7 @@ class StoreAssetRequest extends ImageUploadRequest

        return array_merge(
            $modelRules,
+            ['status_id' => [new AssetCannotBeCheckedOutToNondeployableStatus()]],
            parent::rules(),
        );
    }
--- a/app/Http/Requests/Traits/MayContainCustomFields.php
+++ b/app/Http/Requests/Traits/MayContainCustomFields.php
@@ -0,0 +1,39 @@
+<?php
+
+namespace App\Http\Requests\Traits;
+
+use App\Models\AssetModel;
+use App\Models\CustomField;
+
+trait MayContainCustomFields
+{
+    // this gets called automatically on a form request
+    public function withValidator($validator)
+    {
+        // find the model
+        if ($this->method() == 'POST') {
+            $asset_model = AssetModel::find($this->model_id);
+        }
+        if ($this->method() == 'PATCH' || $this->method() == 'PUT') {
+            $asset_model = $this->asset->model;
+        }
+        // collect the custom fields in the request
+        $validator->after(function ($validator) use ($asset_model) {
+            $request_fields = $this->collect()->keys()->filter(function ($attributes) {
+                return str_starts_with($attributes, '_snipeit_');
+            });
+            // if there are custom fields, find the one's that don't exist on the model's fieldset and add an error to the validator's error bag
+            if (count($request_fields) > 0) {
+                $request_fields->diff($asset_model?->fieldset?->fields?->pluck('db_column'))
+                        ->each(function ($request_field_name) use ($request_fields, $validator) {
+                            if (CustomField::where('db_column', $request_field_name)->exists()) {
+                                $validator->errors()->add($request_field_name, trans('validation.custom.custom_field_not_found_on_model'));
+                            } else {
+                                $validator->errors()->add($request_field_name, trans('validation.custom.custom_field_not_found'));
+                            }
+                        });
+            }
+        });
+    }
+}
+
--- a/app/Http/Requests/UpdateAssetRequest.php
+++ b/app/Http/Requests/UpdateAssetRequest.php
@@ -2,12 +2,15 @@

 namespace App\Http\Requests;

+use App\Http\Requests\Traits\MayContainCustomFields;
 use App\Models\Asset;
+use App\Models\Setting;
 use Illuminate\Support\Facades\Gate;
 use Illuminate\Validation\Rule;

 class UpdateAssetRequest extends ImageUploadRequest
 {
+    use MayContainCustomFields;
    /**
     * Determine if the user is authorized to make this request.
     *
@@ -39,6 +42,12 @@ class UpdateAssetRequest extends ImageUploadRequest
            ],
        );

+        // if the purchase cost is passed in as a string **and** the digit_separator is ',' (as is common in the EU)
+        // then we tweak the purchase_cost rule to make it a string
+        if (Setting::getSettings()->digit_separator === '1.234,56' && is_string($this->input('purchase_cost'))) {
+            $rules['purchase_cost'] = ['nullable', 'string'];
+        }
+
        return $rules;
    }
 }
--- a/app/Http/Traits/TwoColumnUniqueUndeletedTrait.php
+++ b/app/Http/Traits/TwoColumnUniqueUndeletedTrait.php
@@ -11,15 +11,17 @@ trait TwoColumnUniqueUndeletedTrait
     * @param  string $field
     * @return string
     */
-    protected function prepareTwoColumnUniqueUndeletedRule($parameters, $field)
+    protected function prepareTwoColumnUniqueUndeletedRule($parameters)
    {
        $column = $parameters[0];
        $value = $this->{$parameters[0]};

+        // This is an existing model we're updating so ignore the current ID ($this->getKey())
        if ($this->exists) {
            return 'two_column_unique_undeleted:'.$this->table.','.$this->getKey().','.$column.','.$value;
        }

+        // This is a new record, so we can ignore the current ID
        return 'two_column_unique_undeleted:'.$this->table.',0,'.$column.','.$value;
    }
 }
--- a/app/Http/Transformers/AccessoriesTransformer.php
+++ b/app/Http/Transformers/AccessoriesTransformer.php
@@ -38,9 +38,12 @@ class AccessoriesTransformer
            'purchase_cost' => Helper::formatCurrencyOutput($accessory->purchase_cost),
            'order_number' => ($accessory->order_number) ? e($accessory->order_number) : null,
            'min_qty' => ($accessory->min_amt) ? (int) $accessory->min_amt : null,
-            'remaining_qty' => (int) $accessory->numRemaining(),
-            'users_count' =>  $accessory->users_count,
-
+            'remaining_qty' => (int) ($accessory->qty - $accessory->checkouts_count),
+            'checkouts_count' =>  $accessory->checkouts_count,
+            'created_by' => ($accessory->adminuser) ? [
+                'id' => (int) $accessory->adminuser->id,
+                'name'=> e($accessory->adminuser->present()->fullName()),
+            ] : null,
            'created_at' => Helper::getFormattedDateObject($accessory->created_at, 'datetime'),
            'updated_at' => Helper::getFormattedDateObject($accessory->updated_at, 'datetime'),

@@ -57,7 +60,7 @@ class AccessoriesTransformer

        $permissions_array['user_can_checkout'] = false;

-        if ($accessory->numRemaining() > 0) {
+        if (($accessory->qty - $accessory->checkouts_count) > 0) {
            $permissions_array['user_can_checkout'] = true;
        }

@@ -66,27 +69,42 @@ class AccessoriesTransformer
        return $array;
    }

-    public function transformCheckedoutAccessory($accessory, $accessory_users, $total)
+    public function transformCheckedoutAccessory($accessory, $accessory_checkouts, $total)
    {
        $array = [];

-        foreach ($accessory_users as $user) {
+        foreach ($accessory_checkouts as $checkout) {
            $array[] = [
-
-                'assigned_pivot_id' => $user->pivot->id,
-                'id' => (int) $user->id,
-                'username' => e($user->username),
-                'name' => e($user->getFullNameAttribute()),
-                'first_name'=> e($user->first_name),
-                'last_name'=> e($user->last_name),
-                'employee_number' =>  e($user->employee_num),
-                'checkout_notes' => e($user->pivot->note),
-                'last_checkout' => Helper::getFormattedDateObject($user->pivot->created_at, 'datetime'),
-                'type' => 'user',
+                'id' => $checkout->id,
+                'assigned_to' => $this->transformAssignedTo($checkout),
+                'checkout_notes' => e($checkout->note),
+                'last_checkout' => Helper::getFormattedDateObject($checkout->created_at, 'datetime'),
                'available_actions' => ['checkin' => true],
            ];
        }

        return (new DatatablesTransformer)->transformDatatables($array, $total);
    }
+
+    public function transformAssignedTo($accessoryCheckout)
+    {
+        if ($accessoryCheckout->checkedOutToUser()) {
+            return [
+                    'id' => (int) $accessoryCheckout->assigned->id,
+                    'username' => e($accessoryCheckout->assigned->username),
+                    'name' => e($accessoryCheckout->assigned->getFullNameAttribute()),
+                    'first_name'=> e($accessoryCheckout->assigned->first_name),
+                    'last_name'=> ($accessoryCheckout->assigned->last_name) ? e($accessoryCheckout->assigned->last_name) : null,
+                    'email'=> ($accessoryCheckout->assigned->email) ? e($accessoryCheckout->assigned->email) : null,
+                    'employee_number' =>  ($accessoryCheckout->assigned->employee_num) ? e($accessoryCheckout->assigned->employee_num) : null,
+                    'type' => 'user',
+                ];
+        }
+
+        return $accessoryCheckout->assigned ? [
+            'id' => $accessoryCheckout->assigned->id,
+            'name' => e($accessoryCheckout->assigned->display_name),
+            'type' => $accessoryCheckout->assignedType(),
+        ] : null;
+    }
 }
--- a/app/Http/Transformers/ActionlogsTransformer.php
+++ b/app/Http/Transformers/ActionlogsTransformer.php
@@ -176,11 +176,17 @@ class ActionlogsTransformer
            'next_audit_date' => ($actionlog->itemType()=='asset') ? Helper::getFormattedDateObject($actionlog->calcNextAuditDate(null, $actionlog->item), 'date'): null,
            'days_to_next_audit' => $actionlog->daysUntilNextAudit($settings->audit_interval, $actionlog->item),
            'action_type'   => $actionlog->present()->actionType(),
-            'admin' => ($actionlog->admin) ? [
-                'id' => (int) $actionlog->admin->id,
-                'name' => e($actionlog->admin->getFullNameAttribute()),
-                'first_name'=> e($actionlog->admin->first_name),
-                'last_name'=> e($actionlog->admin->last_name)
+            'admin' => ($actionlog->adminuser) ? [
+                'id' => (int) $actionlog->adminuser->id,
+                'name' => e($actionlog->adminuser->getFullNameAttribute()),
+                'first_name'=> e($actionlog->adminuser->first_name),
+                'last_name'=> e($actionlog->adminuser->last_name)
+            ] : null,
+            'created_by' => ($actionlog->adminuser) ? [
+                'id' => (int) $actionlog->adminuser->id,
+                'name' => e($actionlog->adminuser->getFullNameAttribute()),
+                'first_name'=> e($actionlog->adminuser->first_name),
+                'last_name'=> e($actionlog->adminuser->last_name)
            ] : null,
            'target' => ($actionlog->target) ? [
                'id' => (int) $actionlog->target->id,
@@ -205,11 +211,11 @@ class ActionlogsTransformer



-    public function transformCheckedoutActionlog (Collection $accessories_users, $total)
+    public function transformCheckedoutActionlog (Collection $accessories_checkout, $total)
    {

        $array = array();
-        foreach ($accessories_users as $user) {
+        foreach ($accessories_checkout as $user) {
            $array[] = (new UsersTransformer)->transformUser($user);
        }
        return (new DatatablesTransformer)->transformDatatables($array, $total);
--- a/app/Http/Transformers/AssetMaintenancesTransformer.php
+++ b/app/Http/Transformers/AssetMaintenancesTransformer.php
@@ -64,7 +64,14 @@ class AssetMaintenancesTransformer
            'start_date'         => Helper::getFormattedDateObject($assetmaintenance->start_date, 'date'),
            'asset_maintenance_time'          => $assetmaintenance->asset_maintenance_time,
            'completion_date'     => Helper::getFormattedDateObject($assetmaintenance->completion_date, 'date'),
-            'user_id'    => ($assetmaintenance->admin) ? ['id' => $assetmaintenance->admin->id, 'name'=> e($assetmaintenance->admin->getFullNameAttribute())] : null,
+            'user_id'    => ($assetmaintenance->adminuser) ? [
+                'id' => $assetmaintenance->adminuser->id,
+                'name'=> e($assetmaintenance->admin->getFullNameAttribute())
+            ] : null, // legacy to not change the shape of the API
+            'created_by' => ($assetmaintenance->adminuser) ? [
+                'id' => (int) $assetmaintenance->adminuser->id,
+                'name'=> e($assetmaintenance->adminuser->present()->fullName()),
+            ] : null,
            'created_at' => Helper::getFormattedDateObject($assetmaintenance->created_at, 'datetime'),
            'updated_at' => Helper::getFormattedDateObject($assetmaintenance->updated_at, 'datetime'),
            'is_warranty'=> $assetmaintenance->is_warranty,
--- a/app/Http/Transformers/AssetsTransformer.php
+++ b/app/Http/Transformers/AssetsTransformer.php
@@ -80,13 +80,17 @@ class AssetsTransformer
            'assigned_to' => $this->transformAssignedTo($asset),
            'warranty_months' =>  ($asset->warranty_months > 0) ? e($asset->warranty_months.' '.trans('admin/hardware/form.months')) : null,
            'warranty_expires' => ($asset->warranty_months > 0) ? Helper::getFormattedDateObject($asset->warranty_expires, 'date') : null,
+            'created_by' => ($asset->adminuser) ? [
+                'id' => (int) $asset->adminuser->id,
+                'name'=> e($asset->adminuser->present()->fullName()),
+            ] : null,
            'created_at' => Helper::getFormattedDateObject($asset->created_at, 'datetime'),
            'updated_at' => Helper::getFormattedDateObject($asset->updated_at, 'datetime'),
            'last_audit_date' => Helper::getFormattedDateObject($asset->last_audit_date, 'datetime'),
            'next_audit_date' => Helper::getFormattedDateObject($asset->next_audit_date, 'date'),
            'deleted_at' => Helper::getFormattedDateObject($asset->deleted_at, 'datetime'),
            'purchase_date' => Helper::getFormattedDateObject($asset->purchase_date, 'date'),
-            'age' => $asset->purchase_date ? $asset->purchase_date->diffForHumans() : '',
+            'age' => $asset->purchase_date ? $asset->purchase_date->locale(app()->getLocale())->diffForHumans() : '',
            'last_checkout' => Helper::getFormattedDateObject($asset->last_checkout, 'datetime'),
            'last_checkin' => Helper::getFormattedDateObject($asset->last_checkin, 'datetime'),
            'expected_checkin' => Helper::getFormattedDateObject($asset->expected_checkin, 'date'),
--- a/app/Http/Transformers/CategoriesTransformer.php
+++ b/app/Http/Transformers/CategoriesTransformer.php
@@ -62,6 +62,10 @@ class CategoriesTransformer
                'consumables_count' => (int) $category->consumables_count,
                'components_count' => (int) $category->components_count,
                'licenses_count' => (int) $category->licenses_count,
+                'created_by' => ($category->adminuser) ? [
+                    'id' => (int) $category->adminuser->id,
+                    'name'=> e($category->adminuser->present()->fullName()),
+                ] : null,
                'created_at' => Helper::getFormattedDateObject($category->created_at, 'datetime'),
                'updated_at' => Helper::getFormattedDateObject($category->updated_at, 'datetime'),
            ];
--- a/app/Http/Transformers/CompaniesTransformer.php
+++ b/app/Http/Transformers/CompaniesTransformer.php
@@ -30,14 +30,18 @@ class CompaniesTransformer
                'fax' => ($company->fax!='') ? e($company->fax): null,
                'email' => ($company->email!='') ? e($company->email): null,
                'image' =>   ($company->image) ? Storage::disk('public')->url('companies/'.e($company->image)) : null,
-                'created_at' => Helper::getFormattedDateObject($company->created_at, 'datetime'),
-                'updated_at' => Helper::getFormattedDateObject($company->updated_at, 'datetime'),
                'assets_count' => (int) $company->assets_count,
                'licenses_count' => (int) $company->licenses_count,
                'accessories_count' => (int) $company->accessories_count,
                'consumables_count' => (int) $company->consumables_count,
                'components_count' => (int) $company->components_count,
                'users_count' => (int) $company->users_count,
+                'created_by' => ($company->adminuser) ? [
+                    'id' => (int) $company->adminuser->id,
+                    'name'=> e($company->adminuser->present()->fullName()),
+                ] : null,
+                'created_at' => Helper::getFormattedDateObject($company->created_at, 'datetime'),
+                'updated_at' => Helper::getFormattedDateObject($company->updated_at, 'datetime'),
            ];

            $permissions_array['available_actions'] = [
--- a/app/Http/Transformers/ComponentsTransformer.php
+++ b/app/Http/Transformers/ComponentsTransformer.php
@@ -47,6 +47,10 @@ class ComponentsTransformer
                'name' => e($component->company->name),
            ] : null,
            'notes' => ($component->notes) ? Helper::parseEscapedMarkedownInline($component->notes) : null,
+            'created_by' => ($component->adminuser) ? [
+                'id' => (int) $component->adminuser->id,
+                'name'=> e($component->adminuser->present()->fullName()),
+            ] : null,
            'created_at' => Helper::getFormattedDateObject($component->created_at, 'datetime'),
            'updated_at' => Helper::getFormattedDateObject($component->updated_at, 'datetime'),
            'user_can_checkout' =>  ($component->numRemaining() > 0) ? 1 : 0,
--- a/app/Http/Transformers/ConsumablesTransformer.php
+++ b/app/Http/Transformers/ConsumablesTransformer.php
@@ -40,6 +40,10 @@ class ConsumablesTransformer
            'purchase_date'  => Helper::getFormattedDateObject($consumable->purchase_date, 'date'),
            'qty'           => (int) $consumable->qty,
            'notes'         => ($consumable->notes) ? Helper::parseEscapedMarkedownInline($consumable->notes) : null,
+            'created_by' => ($consumable->adminuser) ? [
+                'id' => (int) $consumable->adminuser->id,
+                'name'=> e($consumable->adminuser->present()->fullName()),
+            ] : null,
            'created_at' => Helper::getFormattedDateObject($consumable->created_at, 'datetime'),
            'updated_at' => Helper::getFormattedDateObject($consumable->updated_at, 'datetime'),
        ];
--- a/app/Http/Transformers/DepreciationReportTransformer.php
+++ b/app/Http/Transformers/DepreciationReportTransformer.php
@@ -63,15 +63,12 @@ class DepreciationReportTransformer
         */
        if (($asset->model) && ($asset->model->depreciation)) {
            $depreciated_value = Helper::formatCurrencyOutput($asset->getDepreciatedValue());
-            if($asset->model->eol==0 || $asset->model->eol==null ){
-                $monthly_depreciation = Helper::formatCurrencyOutput($asset->purchase_cost / $asset->model->depreciation->months);
-            }
-            else {
-                $monthly_depreciation = Helper::formatCurrencyOutput(($asset->model->eol > 0 ? ($asset->purchase_cost / $asset->model->eol) : 0));
-            }
+            $monthly_depreciation =Helper::formatCurrencyOutput($asset->purchase_cost / $asset->model->depreciation->months);
            $diff = Helper::formatCurrencyOutput(($asset->purchase_cost - $asset->getDepreciatedValue()));
        }
-
+        else if($asset->model->eol !== null) {
+            $monthly_depreciation = Helper::formatCurrencyOutput(($asset->model->eol > 0 ? ($asset->purchase_cost / $asset->model->eol) : 0));
+        }

        if ($asset->assigned) {
            $checkout_target = $asset->assigned->name;
--- a/app/Http/Transformers/DepreciationsTransformer.php
+++ b/app/Http/Transformers/DepreciationsTransformer.php
@@ -7,6 +7,7 @@ use App\Models\Depreciable;
 use App\Models\Depreciation;
 use Illuminate\Support\Facades\Gate;
 use Illuminate\Database\Eloquent\Collection;
+use Illuminate\Support\Facades\Log;

 class DepreciationsTransformer
 {
@@ -26,7 +27,14 @@ class DepreciationsTransformer
            'id' => (int) $depreciation->id,
            'name' => e($depreciation->name),
            'months' => $depreciation->months.' '.trans('general.months'),
-            'depreciation_min' => $depreciation->depreciation_min,
+            'depreciation_min' => $depreciation->depreciation_type === 'percent' ? $depreciation->depreciation_min.'%' : $depreciation->depreciation_min,
+            'assets_count' => $depreciation->assets_count,
+            'models_count' => $depreciation->models_count,
+            'licenses_count' => $depreciation->licenses_count,
+            'created_by' => ($depreciation->adminuser) ? [
+                'id' => (int) $depreciation->adminuser->id,
+                'name'=> e($depreciation->adminuser->present()->fullName()),
+            ] : null,
            'created_at' => Helper::getFormattedDateObject($depreciation->created_at, 'datetime'),
            'updated_at' => Helper::getFormattedDateObject($depreciation->updated_at, 'datetime')
        ];
--- a/app/Http/Transformers/GroupsTransformer.php
+++ b/app/Http/Transformers/GroupsTransformer.php
@@ -26,7 +26,10 @@ class GroupsTransformer
            'name' => e($group->name),
            'permissions' => json_decode($group->permissions),
            'users_count' => (int) $group->users_count,
-            'created_by' => ($group->admin) ? e($group->admin->present()->fullName) : null,
+            'created_by' => ($group->adminuser) ? [
+                'id' => (int) $group->adminuser->id,
+                'name'=> e($group->adminuser->present()->fullName()),
+            ] : null,
            'created_at' => Helper::getFormattedDateObject($group->created_at, 'datetime'),
            'updated_at' => Helper::getFormattedDateObject($group->updated_at, 'datetime'),
        ];
--- a/app/Http/Transformers/LicensesTransformer.php
+++ b/app/Http/Transformers/LicensesTransformer.php
@@ -61,7 +61,7 @@ class LicensesTransformer
            'checkin' => Gate::allows('checkin', License::class),
            'clone' => Gate::allows('create', License::class),
            'update' => Gate::allows('update', License::class),
-            'delete' => (Gate::allows('delete', License::class) && ($license->seats == $license->availCount()->count())) ? true : false,
+            'delete' => (Gate::allows('delete', License::class) && ($license->free_seats_count > 0)) ? true : false,
        ];

        $array += $permissions_array;
--- a/app/Http/Transformers/ManufacturersTransformer.php
+++ b/app/Http/Transformers/ManufacturersTransformer.php
@@ -36,6 +36,10 @@ class ManufacturersTransformer
                'licenses_count' => (int) $manufacturer->licenses_count,
                'consumables_count' => (int) $manufacturer->consumables_count,
                'accessories_count' => (int) $manufacturer->accessories_count,
+                'created_by' => ($manufacturer->adminuser) ? [
+                    'id' => (int) $manufacturer->adminuser->id,
+                    'name'=> e($manufacturer->adminuser->present()->fullName()),
+                ] : null,
                'created_at' => Helper::getFormattedDateObject($manufacturer->created_at, 'datetime'),
                'updated_at' => Helper::getFormattedDateObject($manufacturer->updated_at, 'datetime'),
                'deleted_at' => Helper::getFormattedDateObject($manufacturer->deleted_at, 'datetime'),
--- a/app/Http/Transformers/PredefinedKitsTransformer.php
+++ b/app/Http/Transformers/PredefinedKitsTransformer.php
@@ -2,6 +2,7 @@

 namespace App\Http\Transformers;

+use App\Helpers\Helper;
 use App\Models\PredefinedKit;
 use App\Models\SnipeModel;
 use Illuminate\Support\Facades\Gate;
@@ -30,6 +31,12 @@ class PredefinedKitsTransformer
        $array = [
            'id' => (int) $kit->id,
            'name' => e($kit->name),
+            'created_by' => ($kit->adminuser) ? [
+                'id' => (int) $kit->adminuser->id,
+                'name'=> e($kit->adminuser->present()->fullName()),
+            ] : null,
+            'created_at' => Helper::getFormattedDateObject($kit->created_at, 'datetime'),
+            'updated_at' => Helper::getFormattedDateObject($kit->updated_at, 'datetime'),
        ];

        $permissions_array['available_actions'] = [
--- a/app/Http/Transformers/StatuslabelsTransformer.php
+++ b/app/Http/Transformers/StatuslabelsTransformer.php
@@ -30,6 +30,10 @@ class StatuslabelsTransformer
            'default_label' => ($statuslabel->default_label == '1') ? true : false,
            'assets_count' => (int) $statuslabel->assets_count,
            'notes' => e($statuslabel->notes),
+            'created_by' => ($statuslabel->adminuser) ? [
+                'id' => (int) $statuslabel->adminuser->id,
+                'name'=> e($statuslabel->adminuser->present()->fullName()),
+            ] : null,
            'created_at' => Helper::getFormattedDateObject($statuslabel->created_at, 'datetime'),
            'updated_at' => Helper::getFormattedDateObject($statuslabel->updated_at, 'datetime'),
        ];
--- a/app/Importer/AssetImporter.php
+++ b/app/Importer/AssetImporter.php
@@ -71,8 +71,10 @@ class AssetImporter extends ItemImporter
        $asset = Asset::where(['asset_tag'=> (string) $asset_tag])->first();
        if ($asset) {
            if (! $this->updating) {
-                $this->log('A matching Asset '.$asset_tag.' already exists');
-                return;
+                $exists_error = trans('general.import_asset_tag_exists', ['asset_tag' => $asset_tag]);
+                $this->log($exists_error);
+                $this->addErrorToBag($asset, 'asset_tag', $exists_error);
+                return $exists_error;
            }

            $this->log('Updating Asset');
@@ -175,7 +177,7 @@ class AssetImporter extends ItemImporter
            $this->log('Asset '.$this->item['name'].' with serial number '.$this->item['serial'].' was created');

            // If we have a target to checkout to, lets do so.
-            //-- user_id is a property of the abstract class Importer, which this class inherits from and it's set by
+            //-- created_by is a property of the abstract class Importer, which this class inherits from and it's set by
            //-- the class that needs to use it (command importer or GUI importer inside the project).
            if (isset($target) && ($target !== false)) {
                if (!is_null($asset->assigned_to)){
@@ -184,7 +186,7 @@ class AssetImporter extends ItemImporter
                    }
                }

-                $asset->fresh()->checkOut($target, $this->user_id, $checkout_date, null, 'Checkout from CSV Importer',  $asset->name);
+                $asset->fresh()->checkOut($target, $this->created_by, $checkout_date, null, 'Checkout from CSV Importer',  $asset->name);
            }

            return;
--- a/Show More
+++ b/Show More