Bumped version

Merge remote-tracking branch 'origin/develop'
# Conflicts: # Dockerfile # resources/views/auth/login.blade.php
2016-11-15 17:49:24 -08:00 · 2016-11-15 17:46:05 -08:00 · 2016-11-15 01:55:27 -08:00 · 2016-11-11 20:50:10 -08:00 · 2016-11-11 20:30:26 -08:00 · 2016-11-11 20:30:04 -08:00
754 changed files with 15707 additions and 7116 deletions
@@ -30,7 +30,9 @@ MAIL_USERNAME=YOURUSERNAME
 MAIL_PASSWORD=YOURPASSWORD
 MAIL_ENCRYPTION=null
 MAIL_FROM_ADDR=you@example.com
-MAIL_FROM_NAME=Snipe-IT
+MAIL_FROM_NAME='Snipe-IT'
+MAIL_REPLYTO_ADDR=you@example.com
+MAIL_REPLYTO_NAME='Snipe-IT'


 # --------------------------------------------
@@ -74,4 +76,5 @@ AWS_BUCKET=null
 APP_LOG=single
 APP_LOCKED=false
 FILESYSTEM_DISK=local
-APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1
+APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1
+ALLOW_IFRAMING=false
@@ -13,7 +13,7 @@
 #### Please confirm you have done the following before posting your bug report:

 - [ ] I have enabled debug mode
- [ ] I have read [checked the Common Issues page](http://docs.snipeitapp.com/common-issues.html)
+- [ ] I have read [checked the Common Issues page](https://snipe-it.readme.io/docs/common-issues)

 -----
 #### Please provide answers to these questions before posting your bug report:
@@ -21,7 +21,7 @@
 - Version of Snipe-IT you're running
 - What OS and web server you're running Snipe-IT on
 - What method you used to install Snipe-IT (install.sh, manual installation, docker, etc)
- If you're getting an error in your browser, include that error
+- WITH DEBUG TURNED ON, if you're getting an error in your browser, include that error
 - What specific Snipe-IT page you're on, and what specific element you're interacting with to trigger the error
 - If a stacktrace is provided in the error, include that too.
 - Any errors that appear in your browser's error console.
@@ -54,12 +54,10 @@ COPY docker/docker.env /var/www/html/.env
 RUN chown -R docker /var/www/html

 RUN \
-	rm -r "/var/www/html/storage/private_uploads"      && ln -fs "/var/lib/snipeit/data/private_uploads"   "/var/www/html/storage/private_uploads"      && \
-	mkdir -p "/var/www/html/public/uploads" && \
-	rm -rf "/var/www/html/public/uploads/avatars"   && ln -fs "/var/lib/snipeit/data/uploads/avatars"   "/var/www/html/public/uploads/avatars"   && \
-	rm -rf "/var/www/html/public/uploads/models"    && ln -fs "/var/lib/snipeit/data/uploads/models"    "/var/www/html/public/uploads/models"    && \
-	rm -rf "/var/www/html/public/uploads/suppliers" && ln -fs "/var/lib/snipeit/data/uploads/suppliers" "/var/www/html/public/uploads/suppliers" && \
-	rm -r "/var/www/html/storage/app/backups"        && ln -fs "/var/lib/snipeit/dumps"                  "/var/www/html/storage/app/backups"
+	rm -r "/var/www/html/storage/private_uploads" && ln -fs "/var/lib/snipeit/data/private_uploads" "/var/www/html/storage/private_uploads" \
+      && mkdir -p "/var/lib/snipeit/data/uploads/{assets,avatars,barcodes,models,suppliers}" \
+      && rm -rf "/var/www/html/public/uploads" && ln -fs "/var/lib/snipeit/data/uploads" "/var/www/html/public/uploads" \
+      && rm -r "/var/www/html/storage/app/backups" && ln -fs "/var/lib/snipeit/dumps" "/var/www/html/storage/app/backups"

 ############## DEPENDENCIES via COMPOSER ###################

@@ -80,7 +78,7 @@ RUN cd /var/www/html;composer install

 ############### DATA VOLUME #################

-VOLUME [/var/lib/snipeit]
+VOLUME ["/var/lib/snipeit"]

 ##### START SERVER

@@ -0,0 +1,164 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+use App\Models\Setting;
+use App\Models\Ldap;
+use App\Models\User;
+use App\Models\Location;
+use Log;
+
+class LdapSync extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:ldap-sync {--location=} {--location_id=} {--summary}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Command line LDAP sync';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+        ini_set('max_execution_time', 600); //600 seconds = 10 minutes
+        ini_set('memory_limit', '500M');
+
+        $ldap_result_username = Setting::getSettings()->ldap_username_field;
+        $ldap_result_last_name = Setting::getSettings()->ldap_lname_field;
+        $ldap_result_first_name = Setting::getSettings()->ldap_fname_field;
+
+        $ldap_result_active_flag = Setting::getSettings()->ldap_active_flag_field;
+        $ldap_result_emp_num = Setting::getSettings()->ldap_emp_num;
+        $ldap_result_email = Setting::getSettings()->ldap_email;
+
+        try {
+            $ldapconn = Ldap::connectToLdap();
+        } catch (\Exception $e) {
+            LOG::error($e);
+        }
+
+        try {
+            Ldap::bindAdminToLdap($ldapconn);
+        } catch (\Exception $e) {
+            LOG::error($e);
+        }
+
+        $summary = array();
+
+        $results = Ldap::findLdapUsers();
+
+        if ($this->option('location')!='') {
+            $location = Location::where('name','=',$this->option('location'))->first();
+            LOG::debug('Location name '.$this->option('location').' passed');
+            LOG::debug('Importing to '.$location->name.' ('.$location->id.')');
+        } elseif ($this->option('location_id')!='') {
+            $location = Location::where('id','=',$this->option('location_id'))->first();
+            LOG::debug('Location ID '.$this->option('location_id').' passed');
+            LOG::debug('Importing to '.$location->name.' ('.$location->id.')');
+        } else {
+            $location = new Location;
+        }
+
+        if (!isset($location)) {
+            LOG::debug('That location is invalid, so no location will be assigned.');
+        }
+
+
+        $tmp_pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
+        $pass = bcrypt($tmp_pass);
+
+
+        for ($i = 0; $i < $results["count"]; $i++) {
+            if (empty($ldap_result_active_flag) || $results[$i][$ldap_result_active_flag][0] == "TRUE") {
+
+                $item = array();
+                $item["username"] = isset($results[$i][$ldap_result_username][0]) ? $results[$i][$ldap_result_username][0] : "";
+                $item["employee_number"] = isset($results[$i][$ldap_result_emp_num][0]) ? $results[$i][$ldap_result_emp_num][0] : "";
+                $item["lastname"] = isset($results[$i][$ldap_result_last_name][0]) ? $results[$i][$ldap_result_last_name][0] : "";
+                $item["firstname"] = isset($results[$i][$ldap_result_first_name][0]) ? $results[$i][$ldap_result_first_name][0] : "";
+                $item["email"] = isset($results[$i][$ldap_result_email][0]) ? $results[$i][$ldap_result_email][0] : "" ;
+
+                // User exists
+                $item["createorupdate"] = 'updated';
+                if (!$user = User::where('username', $item["username"])->first()) {
+                    $user = new User;
+                    $user->password = $pass;
+                    $item["createorupdate"] = 'created';
+                }
+
+                // Create the user if they don't exist.
+
+
+                $user->first_name = e($item["firstname"]);
+                $user->last_name = e($item["lastname"]);
+                $user->username = e($item["username"]);
+                $user->email = e($item["email"]);
+                $user->employee_num = e($item["employee_number"]);
+                $user->activated = 1;
+
+                if ($location) {
+                    $user->location_id = e($location->id);
+                }
+
+                $user->notes = 'Imported from LDAP';
+                $user->ldap_import = 1;
+
+                $errors = '';
+
+                if ($user->save()) {
+                    $item["note"] = $item["createorupdate"];
+                    $item["status"]='success';
+                } else {
+                    foreach ($user->getErrors()->getMessages() as $key => $err) {
+                        $errors .= $err[0];
+                    }
+                    $item["note"] = $errors;
+                    $item["status"]='error';
+                }
+
+                array_push($summary, $item);
+            }
+
+        }
+
+        if ($this->option('summary')) {
+            for ($x = 0; $x < count($summary); $x++) {
+                if ($summary[$x]['status']=='error') {
+                    $this->error('ERROR: '.$summary[$x]['firstname'].' '.$summary[$x]['lastname'].' (username:  '.$summary[$x]['username'].' was not imported: '.$summary[$x]['note'] );
+                } else {
+                    $this->info('User '.$summary[$x]['firstname'].' '.$summary[$x]['lastname'].' (username:  '.$summary[$x]['username'].' was '.strtoupper($summary[$x]['createorupdate']).'.');
+                }
+
+            }
+        } else {
+            return $summary;
+        }
+
+
+
+    }
+
+
+}
@@ -1,25 +1,27 @@
 <?php
 namespace App\Console\Commands;

-use Illuminate\Console\Command;
-use Symfony\Component\Console\Input\InputOption;
-use Symfony\Component\Console\Input\InputArgument;
-use League\Csv\Reader;
+use App\Helpers\Helper;
 use App\Models\Accessory;
 use App\Models\Asset;
 use App\Models\AssetModel;
 use App\Models\Category;
 use App\Models\Company;
 use App\Models\Consumable;
+use App\Models\CustomField;
 use App\Models\Location;
 use App\Models\Manufacturer;
+use App\Models\Setting;
 use App\Models\Statuslabel;
 use App\Models\Supplier;
 use App\Models\User;
-use App\Models\CustomField;
 use DB;
-use App\Models\Setting;
+use Illuminate\Console\Command;
 use Illuminate\Database\Eloquent\Model;
+use League\Csv\Reader;
+use Symfony\Component\Console\Input\InputArgument;
+use Symfony\Component\Console\Input\InputOption;
+use ForceUTF8\Encoding;

 ini_set('max_execution_time', 600); //600 seconds = 10 minutes
 ini_set('memory_limit', '500M');
@@ -66,7 +68,7 @@ class ObjectImportCommand extends Command
        $tmp_password  = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
        $password = bcrypt($tmp_password);

-
+        $this->updating = $this->option('update');
        if (!$this->option('web-importer')) {
            $logFile = $this->option('logfile');
            \Log::useFiles($logFile);
@@ -102,9 +104,17 @@ class ObjectImportCommand extends Command
        $this->companies = Company::All(['name', 'id']);
        $this->status_labels = Statuslabel::All(['name', 'id']);
        $this->suppliers = Supplier::All(['name', 'id']);
-        $this->assets = Asset::all(['asset_tag']);
-        $this->accessories = Accessory::All(['name']);
-        $this->consumables = Consumable::All(['name']);
+        switch (strtolower($this->option('item-type'))) {
+            case "asset":
+                $this->assets = Asset::all();
+                break;
+            case "accessory":
+                $this->accessories = Accessory::All();
+                break;
+            case "consumable":
+                $this->consumables = Consumable::All();
+                break;
+        }
        $this->customfields = CustomField::All(['name']);
        $bar = null;

@@ -128,7 +138,7 @@ class ObjectImportCommand extends Command
                $item_category = $this->array_smart_fetch($row, "category");
                $item_company_name = $this->array_smart_fetch($row, "company");
                $item_location = $this->array_smart_fetch($row, "location");
-
+                $item_manufacturer = $this->array_smart_fetch($row, "manufacturer");
                $item_status_name = $this->array_smart_fetch($row, "status");

                $item["item_name"] = $this->array_smart_fetch($row, "item name");
@@ -152,6 +162,7 @@ class ObjectImportCommand extends Command
                }
                $this->log('Category: ' . $item_category);
                $this->log('Location: ' . $item_location);
+                $this->log('Manufacturer: ' . $item_manufacturer);
                $this->log('Purchase Date: ' . $item["purchase_date"]);
                $this->log('Purchase Cost: ' . $item["purchase_cost"]);
                $this->log('Company Name: ' . $item_company_name);
@@ -160,12 +171,22 @@ class ObjectImportCommand extends Command

                $item["user"] = $this->createOrFetchUser($row, $password);

-                $item["location"] = $this->createOrFetchLocation($item_location);
-                $item["category"] = $this->createOrFetchCategory($item_category, $item_type);
-                $item["manufacturer"] = $this->createOrFetchManufacturer($row);
-                $item["company"] = $this->createOrFetchCompany($item_company_name);
+                if (!($this->updating && empty($item_location))) {
+                    $item["location"] = $this->createOrFetchLocation($item_location);
+                }
+                if (!($this->updating && empty($item_category))) {
+                    $item["category"] = $this->createOrFetchCategory($item_category, $item_type);
+                }
+                if (!($this->updating && empty($item_manufacturer))) {
+                    $item["manufacturer"] = $this->createOrFetchManufacturer($item_manufacturer);
+                }
+                if (!($this->updating && empty($item_company_name))) {
+                    $item["company"] = $this->createOrFetchCompany($item_company_name);
+                }

-                $item["status_label"] = $this->createOrFetchStatusLabel($item_status_name);
+                if (!($this->updating && empty($item_status_name))) {
+                    $item["status_label"] = $this->createOrFetchStatusLabel($item_status_name);
+                }

                switch ($item_type) {
                    case "asset":
@@ -226,7 +247,7 @@ class ObjectImportCommand extends Command
    }
    // Tracks the current item for error messages
    private $current_assetId;
-
+    private $updating;
    // An array of errors encountered while parsing
    private $errors;

@@ -275,7 +296,7 @@ class ObjectImportCommand extends Command
     */
    public function array_smart_fetch(array $array, $key, $default = '')
    {
-        return array_key_exists($key, $array) ? e(trim($array[ $key ])) : $default;
+        return array_key_exists(trim($key), $array) ? e(Encoding::fixUTF8(trim($array[ $key ]))) : $default;
    }


@@ -312,8 +333,10 @@ class ObjectImportCommand extends Command

        $asset_model_name = $this->array_smart_fetch($row, "model name");
        $asset_modelno = $this->array_smart_fetch($row, "model number");
-        if (empty($asset_model_name)) {
-            $asset_model_name='Unknown';
+        if ((empty($asset_model_name))  && (!empty($asset_modelno))) {
+            $asset_model_name = $asset_modelno;
+        } elseif ((empty($asset_model_name))  && (empty($asset_modelno))) {
+            $asset_model_name ='Unknown';
        }
        if (empty($asset_modelno)) {
            $asset_modelno='';
@@ -321,31 +344,44 @@ class ObjectImportCommand extends Command
        $this->log('Model Name: ' . $asset_model_name);
        $this->log('Model No: ' . $asset_modelno);

-
+        $asset_model = null;
+        $editingModel = false;
        foreach ($this->asset_models as $tempmodel) {
-            if ((strcasecmp($tempmodel->name, $asset_model_name) == 0)
-                && $tempmodel->modelno == $asset_modelno
-                && $tempmodel->category_id == $category->id
-                && $tempmodel->manufacturer_id == $manufacturer->id ) {
-                $this->log('A matching model ' . $asset_model_name . ' with model number ' . $asset_modelno . ' already exists');
-                return $tempmodel;
+            if (strcasecmp($tempmodel->name, $asset_model_name) == 0
+                && $tempmodel->modelno == $asset_modelno) {
+                $this->log('A matching model ' . $asset_model_name . ' already exists');
+                if (!$this->option('update')) {
+                    return $tempmodel;
+                }
+                $this->log('Updating matching model with new values');
+                $editingModel = true;
+                $asset_model = $tempmodel;
            }
        }
-        $asset_model = new AssetModel();
-        $asset_model->name = $asset_model_name;
-        $asset_model->manufacturer_id = $manufacturer->id;
-        $asset_model->modelno = $asset_modelno;
-        $asset_model->category_id = $category->id;
+        if (is_null($asset_model)) {
+            $this->log("No Matching Model, Creating a new one");
+            $asset_model = new AssetModel();
+        }
+        if (($editingModel && (!$asset_model_name === "Unknown")) || (!$editingModel)) {
+            $asset_model->name = $asset_model_name;
+        }
+        isset($manufacturer) && $manufacturer->exists && $asset_model->manufacturer_id = $manufacturer->id;
+        isset($asset_modelno) && $asset_model->modelno = $asset_modelno;
+        if (isset($category) && $category->exists) {
+            $asset_model->category_id = $category->id;
+        }
        $asset_model->user_id = $this->option('user_id');

-
+        if (!$editingModel) {
+                $this->asset_models->add($asset_model);
+        }
        if (!$this->option('testrun')) {
            if ($asset_model->save()) {
-                $this->asset_models->add($asset_model);
                $this->log('Asset Model ' . $asset_model_name . ' with model number ' . $asset_modelno . ' was created');
                return $asset_model;
            } else {
                $this->jsonError('Asset Model "' . $asset_model_name . '"', $asset_model->getErrors());
+                $this->log('Asset Model "' . $asset_model_name . '"', $asset_model->getErrors());
                return $asset_model;
            }
        } else {
@@ -487,23 +523,20 @@ class ObjectImportCommand extends Command
     *
     * @author Daniel Melzter
     * @since 3.0
-     * @param $row array
+     * @param $item_manufacturer string
     * @return Manufacturer
-     * @internal param $asset_mfgr string
     */

-    public function createOrFetchManufacturer(array $row)
+    public function createOrFetchManufacturer($item_manufacturer)
    {
-        $asset_mfgr = $this->array_smart_fetch($row, "manufacturer");

-        if (empty($asset_mfgr)) {
-            $asset_mfgr='Unknown';
+        if (empty($item_manufacturer)) {
+            $item_manufacturer='Unknown';
        }
-        $this->log('Manufacturer ID: ' . $asset_mfgr);

        foreach ($this->manufacturers as $tempmanufacturer) {
-            if (strcasecmp($tempmanufacturer->name, $asset_mfgr) == 0) {
-                $this->log('Manufacturer ' . $asset_mfgr . ' already exists') ;
+            if (strcasecmp($tempmanufacturer->name, $item_manufacturer) == 0) {
+                $this->log('Manufacturer ' . $item_manufacturer . ' already exists') ;
                return $tempmanufacturer;
            }
        }
@@ -511,7 +544,7 @@ class ObjectImportCommand extends Command
        //Otherwise create a manufacturer.

        $manufacturer = new Manufacturer();
-        $manufacturer->name = $asset_mfgr;
+        $manufacturer->name = $item_manufacturer;
        $manufacturer->user_id = $this->option('user_id');

        if (!$this->option('testrun')) {
@@ -591,27 +624,26 @@ class ObjectImportCommand extends Command
     * @param $row array
     * @return Supplier
     */
-    public function createOrFetchSupplier(array $row)
+    public function createOrFetchSupplier($item_supplier)
    {
-        $supplier_name = $this->array_smart_fetch($row, "supplier");
-        if (empty($supplier_name)) {
-            $supplier_name='Unknown';
+        if (empty($item_supplier)) {
+            $item_supplier='Unknown';
        }
        foreach ($this->suppliers as $tempsupplier) {
-            if (strcasecmp($tempsupplier->name, $supplier_name) == 0) {
-                $this->log('A matching Company ' . $supplier_name . ' already exists');
+            if (strcasecmp($tempsupplier->name, $item_supplier) == 0) {
+                $this->log('A matching Supplier ' . $item_supplier . ' already exists');
                return $tempsupplier;
            }
        }

        $supplier = new Supplier();
-        $supplier->name = $supplier_name;
+        $supplier->name = $item_supplier;
        $supplier->user_id = $this->option('user_id');

        if (!$this->option('testrun')) {
            if ($supplier->save()) {
                $this->suppliers->add($supplier);
-                $this->log('Supplier ' . $supplier_name . ' was created');
+                $this->log('Supplier ' . $item_supplier . ' was created');
                return $supplier;
            } else {
                $this->log('Supplier', $supplier->getErrors());
@@ -732,6 +764,24 @@ class ObjectImportCommand extends Command
     */
    public function createAssetIfNotExists(array $row, array $item)
    {
+        $asset = null;
+        $editingAsset = false;
+        foreach ($this->assets as $tempasset) {
+            if (strcasecmp($tempasset->asset_tag, $item['asset_tag']) == 0) {
+                $this->log('A matching Asset ' . $item['asset_tag'] . ' already exists');
+                if (!$this->option('update')) {
+                    $this->log("Skipping item.");
+                    return;
+                }
+                $this->log('Updating matching asset with new values');
+                $editingAsset = true;
+                $asset = $tempasset;
+            }
+        }
+        if (is_null($asset)) {
+            $this->log("No Matching Asset, Creating a new one");
+            $asset = new Asset;
+        }
        $asset_serial = $this->array_smart_fetch($row, "serial number");
        $asset_image = $this->array_smart_fetch($row, "image");
        $asset_warranty_months = intval($this->array_smart_fetch($row, "warranty months"));
@@ -739,36 +789,42 @@ class ObjectImportCommand extends Command
            $asset_warranty_months = null;
        }
        // Check for the asset model match and create it if it doesn't exist
-        $asset_model = $this->createOrFetchAssetModel($row, $item["category"], $item["manufacturer"]);
-        $supplier = $this->createOrFetchSupplier($row);
+        if (!($editingAsset && empty($this->array_smart_fetch($row, 'model name')))) {
+            // Ignore the asset_model
+            isset($item["category"]) || $item["category"] = new Category();
+            isset($item["manufacturer"]) || $item["manufacturer"] = new Manufacturer();
+            $asset_model = $this->createOrFetchAssetModel($row, $item["category"], $item["manufacturer"]);
+        }
+        $item_supplier = $this->array_smart_fetch($row, "supplier");
+        // If we're editing, only update if value isn't empty
+        if (!($editingAsset && empty($item_supplier))) {
+            $supplier = $this->createOrFetchSupplier($item_supplier);
+        }

        $this->log('Serial No: '.$asset_serial);
        $this->log('Asset Tag: '.$item['asset_tag']);
        $this->log('Notes: '.$item["notes"]);
        $this->log('Warranty Months: ' . $asset_warranty_months);

-        foreach ($this->assets as $tempasset) {
-            if (strcasecmp($tempasset->asset_tag, $item['asset_tag']) == 0) {
-                $this->log('A matching Asset ' . $item['asset_tag'] . ' already exists');
-                return;
-            }
-        }

-        if ($item["status_label"]) {
+
+        if (isset($item["status_label"])) {
            $status_id = $item["status_label"]->id;
-
-        } else {
+        } else if (!$editingAsset) {
+            // Assume if we are editing, we already have a status and can ignore.
            // FIXME: We're already grabbing the list of statuses, we should probably not hardcode here
            $this->log("No status field found, defaulting to id 1.");
-            $status_id = 1;
+            $status_id = $this->status_labels->first()->id;
        }

-        $asset = new Asset();
-        $asset->name = $item["item_name"];
-        if ($item["purchase_date"] != '') {
+        if (!$editingAsset) {
+            $asset->asset_tag = $item['asset_tag']; // This doesn't need to be guarded for empty because it's the key we use to identify the asset.
+        }
+        if (!empty($item['item_name'])) {
+            $asset->name = $item["item_name"];
+        }
+        if (!empty($item["purchase_date"])) {
            $asset->purchase_date = $item["purchase_date"];
-        } else {
-            $asset->purchase_date = null;
        }

        if (array_key_exists('custom_fields', $item)) {
@@ -780,40 +836,57 @@ class ObjectImportCommand extends Command
        if (!empty($item["purchase_cost"])) {
            //TODO How to generalize this for not USD?
            $purchase_cost = substr($item["purchase_cost"], 0, 1) === '$' ? substr($item["purchase_cost"], 1) : $item["purchase_cost"];
-            $asset->purchase_cost = number_format($purchase_cost, 2);
+            // $asset->purchase_cost = number_format($purchase_cost, 2, '.', '');
+            $asset->purchase_cost = Helper::ParseFloat($purchase_cost);
            $this->log("Asset cost parsed: " . $asset->purchase_cost);
        } else {
            $asset->purchase_cost = 0.00;
        }
-        $asset->serial = $asset_serial;
-        $asset->asset_tag = $item['asset_tag'];
-                $asset->warranty_months = $asset_warranty_months;
+        if (!empty($asset_serial)) {
+            $asset->serial = $asset_serial;
+        }
+        if (!empty($asset_warranty_months)) {
+            $asset->warranty_months = $asset_warranty_months;
+        }

-        if ($asset_model) {
+        if (isset($asset_model)) {
            $asset->model_id = $asset_model->id;
        }
+
        if ($item["user"]) {
            $asset->assigned_to = $item["user"]->id;
        }
-        if ($item["location"]) {
+
+        if (isset($item["location"])) {
            $asset->rtd_location_id = $item["location"]->id;
        }
+
        $asset->user_id = $this->option('user_id');
-        $this->log("status_id: " . $status_id);
-        $asset->status_id = $status_id;
-        if ($item["company"]) {
+        if (isset($status_id)) {
+            $asset->status_id = $status_id;
+        }
+        if (isset($item["company"])) {
            $asset->company_id = $item["company"]->id;
        }
-        $asset->order_number = $item["order_number"];
-        if ($supplier) {
+        if ($item["order_number"]) {
+            $asset->order_number = $item["order_number"];
+        }
+        if (isset($supplier)) {
            $asset->supplier_id = $supplier->id;
        }
-        $asset->notes = $item["notes"];
-        $asset->image = $asset_image;
-        $this->assets->add($asset);
+        if ($item["notes"]) {
+            $asset->notes = $item["notes"];
+        }
+        if (!empty($asset_image)) {
+            $asset->image = $asset_image;
+        }
+        if (!$editingAsset) {
+            $this->assets->add($asset);
+        }
        if (!$this->option('testrun')) {

            if ($asset->save()) {
+                $asset->logCreate('Imported using csv importer');
                $this->log('Asset ' . $item["item_name"] . ' with serial number ' . $asset_serial . ' was created');
            } else {
                $this->jsonError('Asset', $asset->getErrors());
@@ -835,17 +908,29 @@ class ObjectImportCommand extends Command
     */
    public function createAccessoryIfNotExists(array $item)
    {
+        $accessory = null;
+        $editingAccessory = false;
        $this->log("Creating Accessory");
        foreach ($this->accessories as $tempaccessory) {
            if (strcasecmp($tempaccessory->name, $item["item_name"]) == 0) {
                $this->log('A matching Accessory ' . $item["item_name"] . ' already exists.  ');
-                // FUTURE: Adjust quantity on import maybe?
-                return;
+                if (!$this->option('update')) {
+                    $this->log("Skipping accessory.");
+                    return;
+                }
+                $this->log('Updating matching accessory with new values');
+                $editingAccessory = true;
+                $accessory = $tempaccessory;
            }
        }
+        if (is_null($accessory)) {
+            $this->log("No Matching Accessory, Creating a new one");
+            $accessory = new Accessory();
+        }

-        $accessory = new Accessory();
-        $accessory->name = $item["item_name"];
+        if (!$editingAccessory) {
+            $accessory->name = $item["item_name"];
+        }

        if (!empty($item["purchase_date"])) {
            $accessory->purchase_date = $item["purchase_date"];
@@ -853,35 +938,41 @@ class ObjectImportCommand extends Command
            $accessory->purchase_date = null;
        }
        if (!empty($item["purchase_cost"])) {
-            $accessory->purchase_cost = number_format(e($item["purchase_cost"]), 2);
-        } else {
-            $accessory->purchase_cost = 0.00;
+            $accessory->purchase_cost = Helper::ParseFloat($item["purchase_cost"]);
        }
-        if ($item["location"]) {
+
+        if (isset($item["location"])) {
            $accessory->location_id = $item["location"]->id;
        }
        $accessory->user_id = $this->option('user_id');
-        if ($item["company"]) {
+        if (isset($item["company"])) {
            $accessory->company_id = $item["company"]->id;
        }
-        $accessory->order_number = $item["order_number"];
-        if ($item["category"]) {
+        if (!empty($item["order_number"])) {
+            $accessory->order_number = $item["order_number"];
+        }
+        if (isset($item["category"])) {
            $accessory->category_id = $item["category"]->id;
        }

        //TODO: Implement
 //		$accessory->notes = e($item_notes);
-        $accessory->requestable = filter_var($item["requestable"], FILTER_VALIDATE_BOOLEAN);
+        if (!empty($item["requestable"])) {
+            $accessory->requestable = filter_var($item["requestable"], FILTER_VALIDATE_BOOLEAN);
+        }

        //Must have at least zero of the item if we import it.
-        if ($item["quantity"] > -1) {
-            $accessory->qty = $item["quantity"];
-        } else {
-            $accessory->qty = 1;
+        if (!empty($item["quantity"])) {
+            if ($item["quantity"] > -1) {
+                $accessory->qty = $item["quantity"];
+            } else {
+                $accessory->qty = 1;
+            }
        }

        if (!$this->option('testrun')) {
            if ($accessory->save()) {
+                $accessory->logCreate('Imported using CSV Importer');
                $this->log('Accessory ' . $item["item_name"] . ' was created');
                // $this->comment('Accessory ' . $item["item_name"] . ' was created');

@@ -904,18 +995,29 @@ class ObjectImportCommand extends Command
     */
    public function createConsumableIfNotExists(array $item)
    {
+        $consumable = null;
+        $editingConsumable = false;
        $this->log("Creating Consumable");
        foreach ($this->consumables as $tempconsumable) {
            if (strcasecmp($tempconsumable->name, $item["item_name"]) == 0) {
                $this->log("A matching consumable " . $item["item_name"] . " already exists");
-                //TODO: Adjust quantity if different maybe?
-                return;
+                if (!$this->option('update')) {
+                    $this->log("Skipping consumable.");
+                    return;
+                }
+                $this->log('Updating matching consumable with new values');
+                $editingConsumable = true;
+                $consumable = $tempconsumable;
            }
        }

-        $consumable = new Consumable();
-        $consumable->name = $item["item_name"];
-
+        if (is_null($consumable)) {
+            $this->log("No matching consumable, creating one");
+            $consumable = new Consumable();
+        }
+        if (!$editingConsumable) {
+            $consumable->name = $item["item_name"];
+        }
        if (!empty($item["purchase_date"])) {
            $consumable->purchase_date = $item["purchase_date"];
        } else {
@@ -923,27 +1025,39 @@ class ObjectImportCommand extends Command
        }

        if (!empty($item["purchase_cost"])) {
-            $consumable->purchase_cost = number_format(e($item["purchase_cost"]), 2);
-        } else {
-            $consumable->purchase_cost = 0.00;
+            $consumable->purchase_cost = Helper::ParseFloat($item["purchase_cost"]);
+        }
+        if (isset($item["location"])) {
+            $consumable->location_id = $item["location"]->id;
        }
-        $consumable->location_id = $item["location"]->id;
        $consumable->user_id = $this->option('user_id');
-        $consumable->company_id = $item["company"]->id;
-        $consumable->order_number = $item["order_number"];
-        $consumable->category_id = $item["category"]->id;
+        if (isset($item["company"])) {
+            $consumable->company_id = $item["company"]->id;
+        }
+        if (!empty($item["order_number"])) {
+            $consumable->order_number = $item["order_number"];
+        }
+        if (isset($item["category"])) {
+            $consumable->category_id = $item["category"]->id;
+        }
        // TODO:Implement
        //$consumable->notes= e($item_notes);
-        $consumable->requestable = filter_var($item["requestable"], FILTER_VALIDATE_BOOLEAN);
+        if (!empty($item["requestable"])) {
+            $consumable->requestable = filter_var($item["requestable"], FILTER_VALIDATE_BOOLEAN);
+        }

-        if ($item["quantity"] > -1) {
-            $consumable->qty = $item["quantity"];
-        } else {
-            $consumable->qty = 1;
+        if (!empty($item["quantity"])) {
+            if ($item["quantity"] > -1) {
+                $consumable->qty = $item["quantity"];
+            } else {
+                $consumable->qty = 1;
+            }
        }

        if (!$this->option("testrun")) {
+            // dd($consumable);
            if ($consumable->save()) {
+                $consumable->logCreate('Imported using CSV Importer');
                $this->log("Consumable " . $item["item_name"] . ' was created');
                // $this->comment("Consumable " . $item["item_name"] . ' was created');

@@ -985,8 +1099,9 @@ class ObjectImportCommand extends Command
        array('testrun', null, InputOption::VALUE_NONE, 'If set, will parse and output data without adding to database', null),
        array('logfile', null, InputOption::VALUE_REQUIRED, 'The path to log output to.  storage/logs/importer.log by default', storage_path('logs/importer.log') ),
        array('item-type', null, InputOption::VALUE_REQUIRED, 'Item Type To import.  Valid Options are Asset, Consumable, Or Accessory', 'Asset'),
-                array('web-importer', null, InputOption::VALUE_NONE, 'Internal: packages output for use with the web importer'),
-                array('user_id', null, InputOption::VALUE_REQUIRED, 'ID of user creating items', 1)
+        array('web-importer', null, InputOption::VALUE_NONE, 'Internal: packages output for use with the web importer'),
+        array('user_id', null, InputOption::VALUE_REQUIRED, 'ID of user creating items', 1),
+        array('update', null, InputOption::VALUE_NONE, 'If a matching item is found, update item information'),
        );

    }
@@ -77,6 +77,8 @@ class PaveIt extends Command
                DB::statement('delete from asset_logs');
                DB::statement('delete from asset_maintenances');
                DB::statement('delete from asset_uploads');
+                DB::statement('delete from action_logs');
+                DB::statement('delete from checkout_requests');
                DB::statement('delete from consumables_users');
                DB::statement('delete from custom_field_custom_fieldset');
                DB::statement('delete from custom_fields');
@@ -92,10 +94,12 @@ class PaveIt extends Command
                \DB::statement('drop table IF EXISTS accessories_users');
                \DB::statement('drop table IF EXISTS accessories');
                \DB::statement('drop table IF EXISTS asset_logs');
+                \DB::statement('drop table IF EXISTS action_logs');
                \DB::statement('drop table IF EXISTS asset_maintenances');
                \DB::statement('drop table IF EXISTS asset_uploads');
                \DB::statement('drop table IF EXISTS assets');
                \DB::statement('drop table IF EXISTS categories');
+                \DB::statement('drop table IF EXISTS checkout_requests');
                \DB::statement('drop table IF EXISTS companies');
                \DB::statement('drop table IF EXISTS consumables_users');
                \DB::statement('drop table IF EXISTS consumables');
@@ -62,15 +62,19 @@ class Purge extends Command
            $assetcount = $assets->count();
            $this->info($assets->count().' assets purged.');
            $asset_assoc = 0;
+            $asset_maintenances = 0;

            foreach ($assets as $asset) {
                $this->info('- Asset "'.$asset->showAssetName().'" deleted.');
                $asset_assoc += $asset->assetlog()->count();
                $asset->assetlog()->forceDelete();
+                $asset_maintenances += $asset->assetmaintenances()->count();
+                $asset->assetmaintenances()->forceDelete();
                $asset->forceDelete();
            }

            $this->info($asset_assoc.' corresponding log records purged.');
+            $this->info($asset_maintenances.' corresponding maintenance records purged.');

            $locations = Location::whereNotNull('deleted_at')->withTrashed()->get();
            $this->info($locations->count().' locations purged.');
@@ -66,7 +66,7 @@ class SendExpirationAlerts extends Command
            $asset_data['email_content'] .= '<td><a href="'.config('app.url').'/hardware/'.e($asset->id).'/view">';
            $asset_data['email_content'] .= $asset->showAssetName().'</a></td><td>'.e($asset->asset_tag).'</td>';
            $asset_data['email_content'] .= '<td>'.e($asset->warrantee_expires()).'</td>';
-            $asset_data['email_content'] .= '<td>'.$difference.' days</td>';
+            $asset_data['email_content'] .= '<td>'.$difference.' '.trans('mail.days').'</td>';
            $asset_data['email_content'] .= '<td>'.($asset->supplier ? e($asset->supplier->name) : '').'</td>';
            $asset_data['email_content'] .= '<td>'.($asset->assigneduser ? e($asset->assigneduser->fullName()) : '').'</td>';
            $asset_data['email_content'] .= '</tr>';
@@ -100,17 +100,21 @@ class SendExpirationAlerts extends Command


            if (count($expiring_assets) > 0) {
+                $this->info('Report sent to '.Setting::getSettings()->alert_email);
                \Mail::send('emails.expiring-assets-report', $asset_data, function ($m) {
                    $m->to(explode(',', Setting::getSettings()->alert_email), Setting::getSettings()->site_name);
-                    $m->subject('Expiring Assets Report');
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.Expiring_Assets_Report'));
                });

            }

            if (count($expiring_licenses) > 0) {
+                $this->info('Report sent to '.Setting::getSettings()->alert_email);
                \Mail::send('emails.expiring-licenses-report', $license_data, function ($m) {
                    $m->to(explode(',', Setting::getSettings()->alert_email), Setting::getSettings()->site_name);
-                    $m->subject('Expiring Licenses Report');
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.Expiring_Licenses_Report'));
                });

            }
@@ -50,7 +50,8 @@ class SendInventoryAlerts extends Command
            if (count($data['data']) > 0) {
                \Mail::send('emails.low-inventory', $data, function ($m) {
                    $m->to(explode(',', Setting::getSettings()->alert_email), Setting::getSettings()->site_name);
-                    $m->subject('Low Inventory Report');
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.Low_Inventory_Report'));
                });

            }
@@ -23,6 +23,7 @@ class Kernel extends ConsoleKernel
        Commands\SystemBackup::class,
        Commands\DisableLDAP::class,
        Commands\Purge::class,
+        Commands\LdapSync::class,
    ];

    /**
@@ -17,16 +17,20 @@ use App\Models\Component;
 use App\Models\Accessory;
 use App\Models\Consumable;
 use App\Models\Asset;
+use Crypt;
+use Illuminate\Contracts\Encryption\DecryptException;

-/*
- * To change this license header, choose License Headers in Project Properties.
- * To change this template file, choose Tools | Templates
- * and open the template in the editor.
- */
 class Helper
 {


+    /**
+     * Simple helper to invoke the markdown parser
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.0]
+     * @return String
+     */
    public static function parseEscapedMarkedown($str) {
        $Parsedown = new \Parsedown();

@@ -36,20 +40,33 @@ class Helper
    }


-    // This doesn't do anything yet
-    public static function parseEmailList($emails)
+    /**
+     * The importer has formatted number strings since v3,
+     * so the value might be a string, or an integer.
+     * If it's a number, format it as a string.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.0]
+     * @return String
+     */
+    public static function formatCurrencyOutput($cost)
    {
-        $emails_array = explode(',', $emails);
-        return array_walk($emails_array, 'trim_value');
+        if (is_numeric($cost)) {
+            return number_format($cost, 2, '.', '');
+        }
+        // It's already been parsed.
+        return $cost;
    }

-    // This doesn't do anything yet
-    public static function trim_value(&$value)
-    {
-        return trim($value);
-    }

-    // Static colors for pie charts
+    /**
+     * Static colors for pie charts.
+     * This is inelegant, and could be refactored later.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.3]
+     * @return Array
+     */
    public static function chartColors()
    {
        $colors = [
@@ -67,8 +84,15 @@ class Helper
        return $colors;
    }

-    // Static background (highlight) colors for pie charts
-    // This is not currently used, but might be in the near future.
+
+    /**
+     * Static background (highlight) colors for pie charts
+     * This is inelegant, and could be refactored later.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.2]
+     * @return Array
+     */
    public static function chartBackgroundColors()
    {
        $colors = [
@@ -87,10 +111,15 @@ class Helper
    }


-
+    /**
+     * Format currency using comma for thousands until local info is property used.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.7]
+     * @return String
+     */
    public static function ParseFloat($floatString)
    {
-        // use comma for thousands until local info is property used
        $LocaleInfo = localeconv();
        $floatString = str_replace(",", "", $floatString);
        $floatString = str_replace($LocaleInfo["decimal_point"], ".", $floatString);
@@ -98,6 +127,13 @@ class Helper
    }


+    /**
+     * Get the list of models in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
    public static function modelList()
    {
        $models = AssetModel::with('manufacturer')->get();
@@ -108,6 +144,13 @@ class Helper
        return $model_array;
    }

+    /**
+     * Get the list of companies in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
    public static function companyList()
    {
        $company_list = array('0' => trans('general.select_company')) + DB::table('companies')
@@ -117,6 +160,13 @@ class Helper
    }


+    /**
+     * Get the list of categories in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
    public static function categoryList($category_type = null)
    {
        $categories = Category::orderBy('name', 'asc')
@@ -128,6 +178,13 @@ class Helper
        return $category_list;
    }

+    /**
+     * Get the list of suppliers in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
    public static function suppliersList()
    {
        $supplier_list = array('' => trans('general.select_supplier')) + Supplier::orderBy('name', 'asc')
@@ -136,6 +193,14 @@ class Helper
        return $supplier_list;
    }

+
+    /**
+     * Get the list of status labels in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
    public static function statusLabelList()
    {
        $statuslabel_list = array('' => trans('general.select_statuslabel')) + Statuslabel::orderBy('name', 'asc')
@@ -143,6 +208,14 @@ class Helper
        return $statuslabel_list;
    }

+
+    /**
+     * Get the list of locations in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
    public static function locationsList()
    {
        $location_list = array('' => trans('general.select_location')) + Location::orderBy('name', 'asc')
@@ -150,6 +223,14 @@ class Helper
        return $location_list;
    }

+
+    /**
+     * Get the list of manufacturers in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
    public static function manufacturerList()
    {
        $manufacturer_list = array('' => trans('general.select_manufacturer')) +
@@ -158,12 +239,26 @@ class Helper
        return $manufacturer_list;
    }

+    /**
+     * Get the list of status label types in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
    public static function statusTypeList()
    {
        $statuslabel_types = array('' => trans('admin/hardware/form.select_statustype')) + array('undeployable' => trans('admin/hardware/general.undeployable')) + array('pending' => trans('admin/hardware/general.pending')) + array('archived' => trans('admin/hardware/general.archived')) + array('deployable' => trans('admin/hardware/general.deployable'));
        return $statuslabel_types;
    }

+    /**
+     * Get the list of managers in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
    public static function managerList()
    {
        $manager_list = array('' => trans('general.select_user')) +
@@ -175,6 +270,13 @@ class Helper
        return $manager_list;
    }

+    /**
+     * Get the list of depreciations in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
    public static function depreciationList()
    {
        $depreciation_list = ['' => 'Do Not Depreciate'] + Depreciation::orderBy('name', 'asc')
@@ -182,16 +284,30 @@ class Helper
        return $depreciation_list;
    }

+    /**
+     * Get the list of category types in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
    public static function categoryTypeList()
    {
        $category_types = array('' => '','accessory' => 'Accessory', 'asset' => 'Asset', 'consumable' => 'Consumable','component' => 'Component');
        return $category_types;
    }

+    /**
+     * Get the list of users in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
    public static function usersList()
    {
        $users_list =   array( '' => trans('general.select_user')) +
-                        User::where('deleted_at', '=', null)
+                        Company::scopeCompanyables(User::where('deleted_at', '=', null))
                        ->where('show_in_list','=',1)
                        ->orderBy('last_name', 'asc')
                        ->orderBy('first_name', 'asc')->get()
@@ -200,6 +316,13 @@ class Helper
        return $users_list;
    }

+    /**
+     * Get the list of assets in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
    public static function assetsList()
    {
        $assets_list = array('' => trans('general.select_asset')) + Asset::orderBy('name', 'asc')
@@ -208,27 +331,54 @@ class Helper
        return $assets_list;
    }

+    /**
+     * Get the detailed list of assets in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
    public static function detailedAssetList()
    {
-
-        $assets = array('' => trans('general.select_asset')) + Company::scopeCompanyables(Asset::all(), 'assets.company_id')->lists('detailed_name', 'id')->toArray();
+        $assets = array('' => trans('general.select_asset')) + Company::scopeCompanyables(Asset::with('assignedUser', 'model'), 'assets.company_id')->get()->lists('detailed_name', 'id')->toArray();
        return $assets;
    }


+    /**
+     * Get the list of custom fields in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
    public static function customFieldsetList()
    {
        $customfields = array('' => trans('admin/models/general.no_custom_field')) + CustomFieldset::pluck('name', 'id')->toArray();
        return  $customfields;
    }

+    /**
+     * Get the list of custom field formats in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.4]
+     * @return Array
+     */
    public static function predefined_formats()
    {
        $keys=array_keys(CustomField::$PredefinedFormats);
        $stuff=array_combine($keys, $keys);
-        return $stuff+["" => "Custom Format..."];
+        return $stuff+["" => trans('admin/custom_fields/general.custom_format')];
    }

+    /**
+     * Get the list of barcode dimensions
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.3]
+     * @return Array
+     */
    public static function barcodeDimensions($barcode_type = 'QRCODE')
    {
        if ($barcode_type == 'C128') {
@@ -244,6 +394,13 @@ class Helper
        return $size;
    }

+    /**
+     * Generates a random string
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return Array
+     */
    public static function generateRandomString($length = 10)
    {
        $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
@@ -255,10 +412,15 @@ class Helper
        return $randomString;
    }

+
    /**
     * This nasty little method gets the low inventory info for the
     * alert dropdown
-     **/
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return Array
+     */
    public static function checkLowInventory()
    {
        $consumables = Consumable::with('users')->whereNotNull('min_amt')->get();
@@ -339,9 +501,16 @@ class Helper
    }


+    /**
+     * Check if the file is an image, so we can show a preview
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @param File $file
+     * @return String | Boolean
+     */
    public static function checkUploadIsImage($file)
    {
-        // Check if the file is an image, so we can show a preview
        $finfo = @finfo_open(FILEINFO_MIME_TYPE); // return mime type ala mimetype extension
        $filetype = @finfo_file($finfo, $file);
        finfo_close($finfo);
@@ -429,4 +598,91 @@ class Helper
        }
    }

+
+    /**
+     * Check to see if the given key exists in the array, and trim excess white space before returning it
+     *
+     * @author Daniel Melzter
+     * @since 3.0
+     * @param $array array
+     * @param $key string
+     * @param $default string
+     * @return string
+     */
+    public static function array_smart_fetch(array $array, $key, $default = '')
+    {
+       array_change_key_case($array, CASE_LOWER);
+        return array_key_exists(strtolower($key), array_change_key_case($array)) ? e(trim($array[ $key ])) : $default;
+    }
+
+    /**
+     * Check to see if the given key exists in the array, and trim excess white space before returning it
+     *
+     * @author A. Gianotto
+     * @since 3.2
+     * @param $array array
+     * @return string
+     */
+    public static function getLastDateFromHistoryArray(array $array)
+    {
+        foreach ($array as $key => $value) {
+//            echo '<pre>';
+//            echo 'last:'.$key;
+//            print_r($array);
+//            echo '</pre>';
+        }
+    }
+
+
+    /**
+     * Gracefully handle decrypting the legacy data (encrypted via mcrypt) and use the new
+     * decryption method instead.
+     *
+     * This is not currently used, but will be.
+     *
+     * @author A. Gianotto
+     * @since 3.6
+     * @param CustomField $field
+     * @param String $string
+     * @return string
+     */
+    public static function gracefulDecrypt(CustomField $field, $string) {
+
+        if ($field->isFieldDecryptable($string)) {
+
+            try {
+                Crypt::decrypt($string);
+                return Crypt::decrypt($string);
+
+            } catch (DecryptException $e) {
+                return 'Error Decrypting: '.$e->getMessage();
+            }
+
+        }
+        return $string;
+
+    }
+
+    /**
+     * Strip HTML out of returned JSON. This is pretty gross, and I'd like to find a better way
+     * to handle this, but the REST API will solve some of these problems anyway.
+     *
+     * This is not currently used, but will be.
+     *
+     * @author A. Gianotto
+     * @since 3.4
+     * @param $array array
+     * @return Array
+     */
+    public static function stripTagsFromJSON(Array $array) {
+
+        foreach ($array as $key => $value) {
+            $clean_value = strip_tags($value);
+            $clean_array[$key] = $clean_value;
+        }
+        return $clean_array;
+
+    }
+
+
 }
@@ -53,14 +53,12 @@ class AccessoriesController extends Controller
    public function getCreate(Request $request)
    {
        // Show the page
-        $category_list = Helper::categoryList('accessory');
-        $company_list = Helper::companyList();
-        $location_list = Helper::locationsList();
        return View::make('accessories/edit')
          ->with('accessory', new Accessory)
-          ->with('category_list', $category_list)
-          ->with('company_list', $company_list)
-          ->with('location_list', $location_list);
+          ->with('category_list', Helper::categoryList('accessory'))
+          ->with('company_list', Helper::companyList())
+          ->with('location_list', Helper::locationsList())
+          ->with('manufacturer_list', Helper::manufacturerList());
    }


@@ -77,12 +75,13 @@ class AccessoriesController extends Controller
        $accessory = new Accessory();

        // Update the accessory data
-        $accessory->name                  = e(Input::get('name'));
-        $accessory->category_id               = e(Input::get('category_id'));
-        $accessory->location_id               = e(Input::get('location_id'));
-        $accessory->min_amt               = e(Input::get('min_amt'));
+        $accessory->name                    = e(Input::get('name'));
+        $accessory->category_id             = e(Input::get('category_id'));
+        $accessory->location_id             = e(Input::get('location_id'));
+        $accessory->min_amt                 = e(Input::get('min_amt'));
        $accessory->company_id              = Company::getIdForCurrentUser(Input::get('company_id'));
        $accessory->order_number            = e(Input::get('order_number'));
+        $accessory->manufacturer_id         = e(Input::get('manufacturer_id'));

        if (e(Input::get('purchase_date')) == '') {
            $accessory->purchase_date       =  null;
@@ -93,14 +92,15 @@ class AccessoriesController extends Controller
        if (e(Input::get('purchase_cost')) == '0.00') {
            $accessory->purchase_cost       =  null;
        } else {
-            $accessory->purchase_cost       = e(Input::get('purchase_cost'));
+            $accessory->purchase_cost       = Helper::ParseFloat(e(Input::get('purchase_cost')));
        }

-        $accessory->qty                       = e(Input::get('qty'));
-        $accessory->user_id               = Auth::user()->id;
+        $accessory->qty                     = e(Input::get('qty'));
+        $accessory->user_id                 = Auth::user()->id;

        // Was the accessory created?
        if ($accessory->save()) {
+            $accessory->logCreate();
            // Redirect to the new accessory  page
            return redirect()->to("admin/accessories")->with('success', trans('admin/accessories/message.create.success'));
        }
@@ -126,14 +126,11 @@ class AccessoriesController extends Controller
            return redirect()->to('admin/accessories')->with('error', trans('general.insufficient_permissions'));
        }

-        $category_list = Helper::categoryList('accessory');
-        $company_list = Helper::companyList();
-        $location_list = Helper::locationsList();
-
        return View::make('accessories/edit', compact('accessory'))
-          ->with('category_list', $category_list)
-          ->with('company_list', $company_list)
-          ->with('location_list', $location_list);
+          ->with('category_list', Helper::categoryList('accessory'))
+          ->with('company_list', Helper::companyList())
+          ->with('location_list', Helper::locationsList())
+          ->with('manufacturer_list', Helper::manufacturerList());
    }


@@ -146,9 +143,9 @@ class AccessoriesController extends Controller
   */
    public function postEdit(Request $request, $accessoryId = null)
    {
-      // Check if the blog post exists
+      // Check if the accessory exists
        if (is_null($accessory = Accessory::find($accessoryId))) {
-            // Redirect to the blogs management page
+            // Redirect to the accessory index page
            return redirect()->to('admin/accessories')->with('error', trans('admin/accessories/message.does_not_exist'));
        } elseif (!Company::isCurrentUserHasAccess($accessory)) {
            return redirect()->to('admin/accessories')->with('error', trans('general.insufficient_permissions'));
@@ -160,11 +157,12 @@ class AccessoriesController extends Controller
        if (e(Input::get('location_id')) == '') {
            $accessory->location_id = null;
        } else {
-            $accessory->location_id     = e(Input::get('location_id'));
+            $accessory->location_id         = e(Input::get('location_id'));
        }
-        $accessory->min_amt             = e(Input::get('min_amt'));
+        $accessory->min_amt                 = e(Input::get('min_amt'));
        $accessory->category_id             = e(Input::get('category_id'));
        $accessory->company_id              = Company::getIdForCurrentUser(Input::get('company_id'));
+        $accessory->manufacturer_id         = e(Input::get('manufacturer_id'));
        $accessory->order_number            = e(Input::get('order_number'));

        if (e(Input::get('purchase_date')) == '') {
@@ -181,9 +179,9 @@ class AccessoriesController extends Controller

        $accessory->qty                     = e(Input::get('qty'));

-      // Was the accessory created?
+      // Was the accessory updated?
        if ($accessory->save()) {
-            // Redirect to the new accessory page
+            // Redirect to the updated accessory page
            return redirect()->to("admin/accessories")->with('success', trans('admin/accessories/message.update.success'));
        }

@@ -312,14 +310,7 @@ class AccessoriesController extends Controller
        'user_id' => Auth::user()->id,
        'assigned_to' => e(Input::get('assigned_to'))));

-        $logaction = new Actionlog();
-        $logaction->accessory_id = $accessory->id;
-        $logaction->asset_id = 0;
-        $logaction->checkedout_to = $accessory->assigned_to;
-        $logaction->asset_type = 'accessory';
-        $logaction->location_id = $user->location_id;
-        $logaction->user_id = Auth::user()->id;
-        $logaction->note = e(Input::get('note'));
+        $logaction = $accessory->logCheckout(e(Input::get('note')));



@@ -343,11 +334,11 @@ class AccessoriesController extends Controller
                'fields' => [
                  [
                  'title' => 'Checked Out:',
-                  'value' => strtoupper($logaction->asset_type).' <'.config('app.url').'/admin/accessories/'.$accessory->id.'/view'.'|'.$accessory->name.'> checked out to <'.config('app.url').'/admin/users/'.$user->id.'/view|'.$user->fullName().'> by <'.config('app.url').'/admin/users/'.$admin_user->id.'/view'.'|'.$admin_user->fullName().'>.'
+                  'value' => 'Accessory <'.config('app.url').'/admin/accessories/'.$accessory->id.'/view'.'|'.$accessory->name.'> checked out to <'.config('app.url').'/admin/users/'.$user->id.'/view|'.$user->fullName().'> by <'.config('app.url').'/admin/users/'.$admin_user->id.'/view'.'|'.$admin_user->fullName().'>.'
                  ],
                  [
                      'title' => 'Note:',
-                      'value' => e($logaction->note)
+                      'value' => e(Input::get('note'))
                  ],
                ]
                ])->send('Accessory Checked Out');
@@ -358,9 +349,6 @@ class AccessoriesController extends Controller
        }


-
-        $log = $logaction->logaction('checkout');
-
        $accessory_user = DB::table('accessories_users')->where('assigned_to', '=', $accessory->assigned_to)->where('accessory_id', '=', $accessory->id)->first();

        $data['log_id'] = $logaction->id;
@@ -378,7 +366,8 @@ class AccessoriesController extends Controller

            Mail::send('emails.accept-accessory', $data, function ($m) use ($user) {
                $m->to($user->email, $user->first_name . ' ' . $user->last_name);
-                $m->subject('Confirm accessory delivery');
+                $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                $m->subject(trans('mail.Confirm_accessory_delivery'));
            });
        }

@@ -438,8 +427,7 @@ class AccessoriesController extends Controller
            return redirect()->to('admin/accessories')->with('error', trans('general.insufficient_permissions'));
        }

-        $logaction = new Actionlog();
-        $logaction->checkedout_to = e($accessory_user->assigned_to);
+        $logaction = $accessory->logCheckin(e(Input::get('note')));
        $return_to = e($accessory_user->assigned_to);
        $admin_user = Auth::user();

@@ -447,12 +435,6 @@ class AccessoriesController extends Controller
      // Was the accessory updated?
        if (DB::table('accessories_users')->where('id', '=', $accessory_user->id)->delete()) {

-            $logaction->accessory_id = e($accessory->id);
-            $logaction->location_id = null;
-            $logaction->asset_type = 'accessory';
-            $logaction->user_id = e($admin_user->id);
-            $logaction->note = e(Input::get('note'));
-
            $settings = Setting::getSettings();

            if ($settings->slack_endpoint) {
@@ -472,7 +454,7 @@ class AccessoriesController extends Controller
                        'fields' => [
                            [
                                'title' => 'Checked In:',
-                                'value' => strtoupper($logaction->asset_type).' <'.config('app.url').'/admin/accessories/'.e($accessory->id).'/view'.'|'.e($accessory->name).'> checked in by <'.config('app.url').'/admin/users/'.e($admin_user->id).'/view'.'|'.e($admin_user->fullName()).'>.'
+                                'value' => class_basename(strtoupper($logaction->item_type)).' <'.config('app.url').'/admin/accessories/'.e($accessory->id).'/view'.'|'.e($accessory->name).'> checked in by <'.config('app.url').'/admin/users/'.e($admin_user->id).'/view'.'|'.e($admin_user->fullName()).'>.'
                            ],
                            [
                                'title' => 'Note:',
@@ -488,9 +470,6 @@ class AccessoriesController extends Controller

            }

-
-            $log = $logaction->logaction('checkin from');
-
            if (!is_null($accessory_user->assigned_to)) {
                $user = User::find($accessory_user->assigned_to);
            }
@@ -506,7 +485,8 @@ class AccessoriesController extends Controller

                Mail::send('emails.checkin-asset', $data, function ($m) use ($user) {
                    $m->to($user->email, $user->first_name . ' ' . $user->last_name);
-                    $m->subject('Confirm Accessory Checkin');
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.Confirm_Accessory_Checkin'));
                });
            }

@@ -550,9 +530,11 @@ class AccessoriesController extends Controller
    **/
    public function getDatatable(Request $request)
    {
-        $accessories = Company::scopeCompanyables(Accessory::select('accessories.*')->with('category', 'company'))
-        ->whereNull('accessories.deleted_at');
-
+        $accessories = Company::scopeCompanyables(
+            Accessory::select('accessories.*')
+            ->whereNull('accessories.deleted_at')
+            ->with('category', 'company', 'manufacturer', 'users', 'location')
+        );
        if (Input::has('search')) {
            $accessories = $accessories->TextSearch(e(Input::get('search')));
        }
@@ -617,10 +599,12 @@ class AccessoriesController extends Controller
            'min_amt'  => e($accessory->min_amt),
            'location'      => ($accessory->location) ? e($accessory->location->name): '',
            'purchase_date' => e($accessory->purchase_date),
-            'purchase_cost' => number_format($accessory->purchase_cost, 2),
+            'purchase_cost' => Helper::formatCurrencyOutput($accessory->purchase_cost),
            'numRemaining'  => $accessory->numRemaining(),
            'actions'       => $actions,
-            'companyName'   => is_null($company) ? '' : e($company->name)
+            'companyName'   => is_null($company) ? '' : e($company->name),
+            'manufacturer'      => $accessory->manufacturer ? (string) link_to('/admin/settings/manufacturers/'.$accessory->manufacturer_id.'/view', $accessory->manufacturer->name) : ''
+
            );
        }

@@ -0,0 +1,18 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Helpers\Helper;
+use Response;
+
+class ActionlogController extends Controller
+{
+    public function displaySig($filename)
+    {
+
+        $file = config('app.private_uploads') . '/signatures/' . $filename;
+        $filetype = Helper::checkUploadIsImage($file);
+        $contents = file_get_contents($file);
+        return Response::make($contents)->header('Content-Type', $filetype);
+    }
+}
@@ -122,20 +122,18 @@ class AssetMaintenancesController extends Controller

            $actions = '<nobr><a href="'.route('update/asset_maintenance', $maintenance->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/asset_maintenance', $maintenance->id).'" data-content="'.trans('admin/asset_maintenances/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($maintenance->title).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></nobr>';

-            if (($maintenance->cost) && ($maintenance->asset->assetloc) &&  ($maintenance->asset->assetloc->currency!='')) {
+            if (($maintenance->cost) && (isset($maintenance->asset)) && ($maintenance->asset->assetloc) &&  ($maintenance->asset->assetloc->currency!='')) {
                $maintenance_cost = $maintenance->asset->assetloc->currency.$maintenance->cost;
            } else {
                $maintenance_cost = $settings->default_currency.$maintenance->cost;
            }
-
-            $company = $maintenance->asset->company;
-
+            
            $rows[] = array(
                'id'            => $maintenance->id,
-                'asset_name'    =>  (string)link_to('/hardware/'.$maintenance->asset->id.'/view', $maintenance->asset->showAssetName()) ,
+                'asset_name'    =>  ($maintenance->asset) ? (string)link_to('/hardware/'.$maintenance->asset->id.'/view', $maintenance->asset->showAssetName()) : 'Deleted Asset' ,
                'title'         => $maintenance->title,
                'notes'         => $maintenance->notes,
-                'supplier'      => $maintenance->supplier->name,
+                'supplier'      => ($maintenance->supplier) ? (string)link_to('/admin/settings/suppliers/'.$maintenance->supplier->id.'/view', $maintenance->supplier->name) : 'Deleted Supplier',
                'cost'          => $maintenance_cost,
                'asset_maintenance_type'          => e($maintenance->asset_maintenance_type),
                'start_date'         => $maintenance->start_date,
@@ -143,7 +141,7 @@ class AssetMaintenancesController extends Controller
                'completion_date'     => $maintenance->completion_date,
                'user_id'       => ($maintenance->admin) ? (string)link_to('/admin/users/'.$maintenance->admin->id.'/view', $maintenance->admin->fullName()) : '',
                'actions'       => $actions,
-                'companyName'   => is_null($company) ? '' : $company->name
+                'companyName'   => ($maintenance->asset->company) ? $maintenance->asset->company->name : ''
            );
        }

@@ -217,7 +215,7 @@ class AssetMaintenancesController extends Controller
        if (e(Input::get('cost')) == '') {
            $assetMaintenance->cost = '';
        } else {
-            $assetMaintenance->cost =  e(Input::get('cost'));
+            $assetMaintenance->cost =  Helper::ParseFloat(e(Input::get('cost')));
        }

        if (e(Input::get('notes')) == '') {
@@ -309,7 +307,7 @@ class AssetMaintenancesController extends Controller
                                    '' => 'Select an improvement type',
                                ] + AssetMaintenance::getImprovementOptions();

-        $assets = Company::scopeCompanyables(Asset::all(), 'assets.company_id')->lists('detailed_name', 'id');
+        $assets = Company::scopeCompanyables(Asset::with('model','assignedUser')->get(), 'assets.company_id')->lists('detailed_name', 'id');
        // Get Supplier List
        $supplier_list = Helper::suppliersList();

@@ -365,7 +363,7 @@ class AssetMaintenancesController extends Controller
        if (e(Input::get('cost')) == '') {
            $assetMaintenance->cost = '';
        } else {
-            $assetMaintenance->cost =  e(Input::get('cost'));
+            $assetMaintenance->cost =  Helper::ParseFloat(e(Input::get('cost')));
        }

        if (e(Input::get('notes')) == '') {
@@ -92,19 +92,19 @@ class AssetModelsController extends Controller
            $model->eol = e(Input::get('eol'));
        }

-            // Save the model data
-            $model->name                = e(Input::get('name'));
-            $model->modelno             = e(Input::get('modelno'));
-            $model->manufacturer_id     = e(Input::get('manufacturer_id'));
-            $model->category_id         = e(Input::get('category_id'));
-            $model->note            = e(Input::get('note'));
-            $model->user_id             = Auth::user()->id;
+        // Save the model data
+        $model->name                = e(Input::get('name'));
+        $model->modelno             = e(Input::get('modelno'));
+        $model->manufacturer_id     = e(Input::get('manufacturer_id'));
+        $model->category_id         = e(Input::get('category_id'));
+        $model->note                = e(Input::get('note'));
+        $model->user_id             = Auth::user()->id;
+        $model->requestable         = Input::has('requestable');
+
        if (Input::get('custom_fieldset')!='') {
            $model->fieldset_id = e(Input::get('custom_fieldset'));
        }

-            //$model->show_mac_address 	= e(Input::get('show_mac_address', '0'));
-

        if (Input::file('image')) {
            $image = Input::file('image');
@@ -141,7 +141,7 @@ class AssetModelsController extends Controller
        $model = new AssetModel;

        $settings=Input::all();
-        $settings['eol']=0;
+        $settings['eol']= null;

        $model->name=e(Input::get('name'));
        $model->manufacturer_id = e(Input::get('manufacturer_id'));
@@ -149,7 +149,7 @@ class AssetModelsController extends Controller
        $model->modelno = e(Input::get('modelno'));
        $model->user_id = Auth::user()->id;
        $model->note            = e(Input::get('note'));
-        $model->eol=0;
+        $model->eol= null;

        if (Input::get('fieldset_id')=='') {
            $model->fieldset_id = null;
@@ -217,7 +217,7 @@ class AssetModelsController extends Controller
        }

        if (e(Input::get('eol')) == '') {
-            $model->eol =  0;
+            $model->eol =  null;
        } else {
            $model->eol = e(Input::get('eol'));
        }
@@ -227,7 +227,10 @@ class AssetModelsController extends Controller
        $model->modelno             = e(Input::get('modelno'));
        $model->manufacturer_id     = e(Input::get('manufacturer_id'));
        $model->category_id         = e(Input::get('category_id'));
-        $model->note            = e(Input::get('note'));
+        $model->note                = e(Input::get('note'));
+
+        $model->requestable = Input::has('requestable');
+
        if (Input::get('custom_fieldset')=='') {
            $model->fieldset_id = null;
        } else {
@@ -413,7 +416,7 @@ class AssetModelsController extends Controller

    public function getDatatable($status = null)
    {
-        $models = AssetModel::with('category', 'assets', 'depreciation');
+        $models = AssetModel::with('category', 'assets', 'depreciation', 'manufacturer');

        switch ($status) {
            case 'Deleted':
@@ -488,7 +491,7 @@ class AssetModelsController extends Controller
    */
    public function getDataView($modelID)
    {
-        $assets = Asset::where('model_id', '=', $modelID)->with('company');
+        $assets = Asset::where('model_id', '=', $modelID)->with('company', 'assetstatus');

        if (Input::has('search')) {
            $assets = $assets->TextSearch(e(Input::get('search')));
@@ -23,6 +23,7 @@ use Validator;
 use Artisan;
 use Auth;
 use Config;
+use League\Csv\Reader;
 use DB;
 use Image;
 use Input;
@@ -177,7 +178,7 @@ class AssetsController extends Controller
        if (e(Input::get('purchase_cost')) == '') {
            $asset->purchase_cost =  null;
        } else {
-            $asset->purchase_cost = (e(Input::get('purchase_cost')));
+            $asset->purchase_cost = Helper::ParseFloat(e(Input::get('purchase_cost')));
        }

        if (e(Input::get('purchase_date')) == '') {
@@ -230,7 +231,7 @@ class AssetsController extends Controller
            $directory= public_path('uploads/assets/');
            // Check if the uploads directory exists.  If not, try to create it.
            if (!file_exists($directory)) {
-                mkdir($directory, 0755);
+                mkdir($directory, 0755, true);
            }
            $path = public_path('uploads/assets/'.$file_name);
            try {
@@ -239,7 +240,7 @@ class AssetsController extends Controller
                    $constraint->upsize();
                })->save($path);
                $asset->image = $file_name;
-            } catch(\Exception $e) {
+            } catch (\Exception $e) {
                \Input::flash();
                $messageBag = new \Illuminate\Support\MessageBag();
                $messageBag->add('image', $e->getMessage());
@@ -263,10 +264,10 @@ class AssetsController extends Controller

            // Was the asset created?
        if ($asset->save()) {
-
+            $asset->logCreate();
            if (Input::get('assigned_to')!='') {
                $user = User::find(e(Input::get('assigned_to')));
-                $asset->checkOutToUser($user, Auth::user(), date('Y-m-d h:i:s'), '', 'Checked out on asset creation', e(Input::get('name')));
+                $asset->checkOutToUser($user, Auth::user(), date('Y-m-d H:i:s'), '', 'Checked out on asset creation', e(Input::get('name')));
            }
            // Redirect to the asset listing page
            \Session::flash('success', trans('admin/hardware/message.create.success'));
@@ -287,7 +288,7 @@ class AssetsController extends Controller
    */
    public function getEdit($assetId = null)
    {
-        
+
        // Check if the asset exists
        if (!$asset = Asset::find($assetId)) {
            // Redirect to the asset management page
@@ -353,7 +354,7 @@ class AssetsController extends Controller
        }

        if ($request->has('purchase_cost')) {
-            $asset->purchase_cost = e(number_format($request->input('purchase_cost'), 2, '.', ''));
+            $asset->purchase_cost = Helper::ParseFloat(e($request->input('purchase_cost')));
        } else {
            $asset->purchase_cost =  null;
        }
@@ -406,7 +407,7 @@ class AssetsController extends Controller
            $directory= public_path('uploads/assets/');
            // Check if the uploads directory exists.  If not, try to create it.
            if (!file_exists($directory)) {
-                mkdir($directory, 0755);
+                mkdir($directory, 0755, true);
            }

            $file_name = str_random(25).".".$extension;
@@ -417,7 +418,7 @@ class AssetsController extends Controller
                    $constraint->upsize();
                })->save($path);
                $asset->image = $file_name;
-            } catch(\Exception $e) {
+            } catch (\Exception $e) {
                \Input::flash();
                $messageBag = new \Illuminate\Support\MessageBag();
                $messageBag->add('image', $e->getMessage());
@@ -435,14 +436,22 @@ class AssetsController extends Controller
        $model = AssetModel::find($request->get('model_id'));
        if ($model->fieldset) {
            foreach ($model->fieldset->fields as $field) {
-                $asset->{\App\Models\CustomField::name_to_db_name($field->name)} = e($request->input(\App\Models\CustomField::name_to_db_name($field->name)));
-    //                LOG::debug($field->name);
-    //                LOG::debug(\App\Models\CustomField::name_to_db_name($field->name));
-    //                LOG::debug($field->db_column_name());
+
+
+                if ($field->field_encrypted=='1') {
+                    if (Gate::allows('admin')) {
+                        $asset->{\App\Models\CustomField::name_to_db_name($field->name)} = \Crypt::encrypt(e($request->input(\App\Models\CustomField::name_to_db_name($field->name))));
+                    }
+
+                } else {
+                    $asset->{\App\Models\CustomField::name_to_db_name($field->name)} = e($request->input(\App\Models\CustomField::name_to_db_name($field->name)));
+                }
+

            }
        }

+
        if ($asset->save()) {
            // Redirect to the new asset page
            \Session::flash('success', trans('admin/hardware/message.update.success'));
@@ -529,6 +538,8 @@ class AssetsController extends Controller
            return redirect()->to('hardware')->with('error', trans('admin/hardware/message.does_not_exist'));
        } elseif (!Company::isCurrentUserHasAccess($asset)) {
            return redirect()->to('hardware')->with('error', trans('general.insufficient_permissions'));
+        } elseif (!$asset->availableForCheckout()) {
+            return redirect()->to('hardware')->with('error', trans('admin/hardware/message.checkout.not_available'));
        }

        $user = User::find(e(Input::get('assigned_to')));
@@ -648,7 +659,7 @@ class AssetsController extends Controller
                            'fields' => [
                                [
                                    'title' => 'Checked In:',
-                                    'value' => strtoupper($logaction->asset_type).' asset <'.config('app.url').'/hardware/'.$asset->id.'/view'.'|'.e($asset->showAssetName()).'> checked in by <'.config('app.url').'/admin/users/'.Auth::user()->id.'/view'.'|'.e(Auth::user()->fullName()).'>.'
+                                    'value' => class_basename(strtoupper($logaction->item_type)).' asset <'.config('app.url').'/hardware/'.$asset->id.'/view'.'|'.e($asset->showAssetName()).'> checked in by <'.config('app.url').'/admin/users/'.Auth::user()->id.'/view'.'|'.e(Auth::user()->fullName()).'>.'
                                ],
                                [
                                    'title' => 'Note:',
@@ -675,7 +686,8 @@ class AssetsController extends Controller
            if ((($asset->checkin_email()=='1')) && ($user) && (!config('app.lock_passwords'))) {
                Mail::send('emails.checkin-asset', $data, function ($m) use ($user) {
                    $m->to($user->email, $user->first_name . ' ' . $user->last_name);
-                    $m->subject('Confirm Asset Checkin');
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.Confirm_Asset_Checkin'));
                });
            }

@@ -767,7 +779,7 @@ class AssetsController extends Controller
                } else {
                    $barcode = new \Com\Tecnick\Barcode\Barcode();
                    $barcode_obj =  $barcode->getBarcodeObj($settings->barcode_type, route('view/hardware', $asset->id), $size['height'], $size['width'], 'black', array(-2, -2, -2, -2));
-                    file_put_contents($qr_file,$barcode_obj->getPngData());
+                    file_put_contents($qr_file, $barcode_obj->getPngData());
                    return response($barcode_obj->getPngData())->header('Content-type', 'image/png');
                }

@@ -801,7 +813,7 @@ class AssetsController extends Controller
            } else {
                $barcode = new \Com\Tecnick\Barcode\Barcode();
                $barcode_obj = $barcode->getBarcodeObj($settings->alt_barcode, $asset->asset_tag, 250, 20);
-                file_put_contents($barcode_file,$barcode_obj->getPngData());
+                file_put_contents($barcode_file, $barcode_obj->getPngData());
                return response($barcode_obj->getPngData())->header('Content-type', 'image/png');
            }
        }
@@ -828,7 +840,7 @@ class AssetsController extends Controller

        // Check if the uploads directory exists.  If not, try to create it.
        if (!file_exists($path)) {
-            mkdir($path, 0755);
+            mkdir($path, 0755, true);
        }
        if ($handle = opendir($path)) {

@@ -889,11 +901,11 @@ class AssetsController extends Controller
                try {
                    $file->move($path, $date.'-'.$fixed_filename);
                } catch (\Symfony\Component\HttpFoundation\File\Exception\FileException $exception) {
-                        $results['error']=trans('admin/hardware/message.upload.error');
-                        if( config('app.debug')) {
-                            $results['error'].= ' ' . $exception->getMessage();
-                        }
-                        return $results;
+                    $results['error']=trans('admin/hardware/message.upload.error');
+                    if (config('app.debug')) {
+                        $results['error'].= ' ' . $exception->getMessage();
+                    }
+                    return $results;
                }
                $name = date('Y-m-d-his').'-'.$fixed_filename;
                $filesize = Setting::fileSizeConvert(filesize($path.'/'.$name));
@@ -916,6 +928,18 @@ class AssetsController extends Controller

    }

+    public function getDeleteImportFile($filename)
+    {
+        if (!Company::isCurrentUserAuthorized()) {
+            return redirect()->to('hardware')->with('error', trans('general.insufficient_permissions'));
+        }
+
+        if (unlink(config('app.private_uploads').'/imports/assets/'.$filename)) {
+            return redirect()->back()->with('success', trans('admin/hardware/message.import.file_delete_success'));
+        }
+        return redirect()->back()->with('error', trans('admin/hardware/message.import.file_delete_error'));
+    }
+

    /**
    * Process the uploaded file
@@ -925,28 +949,47 @@ class AssetsController extends Controller
    * @since [v2.0]
    * @return Redirect
    */
-    public function getProcessImportFile($filename)
+    public function postProcessImportFile()
    {
        // php artisan asset-import:csv path/to/your/file.csv --domain=yourdomain.com --email_format=firstname.lastname
+        $filename = Input::get('filename');
+        $itemType = Input::get('import-type');
+        $updateItems  = Input::get('import-update');

        if (!Company::isCurrentUserAuthorized()) {
            return redirect()->to('hardware')->with('error', trans('general.insufficient_permissions'));
        }
-
-        $return = Artisan::call(
-            'snipeit:import',
-            ['filename'=> config('app.private_uploads').'/imports/assets/'.$filename,
+        $importOptions =    ['filename'=> config('app.private_uploads').'/imports/assets/'.$filename,
                                '--email_format'=>'firstname.lastname',
                                '--username_format'=>'firstname.lastname',
                                '--web-importer' => true,
-                                '--user_id' => Auth::user()->id
-                                ]
-        );
+                                '--user_id' => Auth::user()->id,
+                                '--item-type' => $itemType,
+                            ];
+        if ($updateItems) {
+            $importOptions['--update'] = true;
+        }
+
+        $return = Artisan::call('snipeit:import', $importOptions);
        $display_output =  Artisan::output();
        $file = config('app.private_uploads').'/imports/assets/'.str_replace('.csv', '', $filename).'-output-'.date("Y-m-d-his").'.txt';
        file_put_contents($file, $display_output);
+        // We use hardware instead of asset in the url
+        $redirectTo = "hardware";
+        switch($itemType) {
+            case "asset":
+                $redirectTo = "hardware";
+                break;
+            case "accessory":
+                $redirectTo = "accessories";
+                break;
+            case "consumable":
+                $redirectTo = "consumables";
+                break;
+        }
+
        if ($return === 0) { //Success
-            return redirect()->to('hardware')->with('success', trans('admin/hardware/message.import.success'));
+            return redirect()->to(route($redirectTo))->with('success', trans('admin/hardware/message.import.success'));
        } elseif ($return === 1) { // Failure
            return redirect()->back()->with('import_errors', json_decode($display_output))->with('error', trans('admin/hardware/message.import.error'));
        }
@@ -1004,6 +1047,178 @@ class AssetsController extends Controller
    }


+    /**
+     * Return history import view
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @return View
+     */
+    public function getImportHistory()
+    {
+
+        return View::make('hardware/history');
+    }
+
+    /**
+     * Import history
+     *
+     * This needs a LOT of love. It's done very inelegantly right now, and there are
+     * a ton of optimizations that could (and should) be done.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.3]
+     * @return View
+     */
+    public function postImportHistory(Request $request)
+    {
+
+        if (!ini_get("auto_detect_line_endings")) {
+            ini_set("auto_detect_line_endings", '1');
+        }
+
+        $assets = Asset::all(['asset_tag']);
+
+        $csv = Reader::createFromPath(Input::file('user_import_csv'));
+        $csv->setNewline("\r\n");
+        //get the first row, usually the CSV header
+        //$headers = $csv->fetchOne();
+
+        $results = $csv->fetchAssoc();
+        $item = array();
+        $status = array();
+        $status['error'] = array();
+        $status['success'] = array();
+
+
+        foreach($results as $row) {
+
+            if (is_array($row)) {
+
+                $row = array_change_key_case($row, CASE_LOWER);
+                $asset_tag = Helper::array_smart_fetch($row, "asset tag");
+                if (!array_key_exists($asset_tag, $item)) {
+                    $item[$asset_tag] = array();
+                }
+                $batch_counter = count($item[$asset_tag]);
+
+                $item[$asset_tag][$batch_counter]['checkout_date'] = Carbon::parse(Helper::array_smart_fetch($row, "date"))->format('Y-m-d H:i:s');
+
+                $item[$asset_tag][$batch_counter]['asset_tag'] = Helper::array_smart_fetch($row, "asset tag");
+                $item[$asset_tag][$batch_counter]['name'] = Helper::array_smart_fetch($row, "name");
+                $item[$asset_tag][$batch_counter]['email'] = Helper::array_smart_fetch($row, "email");
+
+                if ($asset = Asset::where('asset_tag','=',$asset_tag)->first()) {
+
+                    $item[$asset_tag][$batch_counter]['asset_id'] = $asset->id;
+
+                    $base_username = User::generateFormattedNameFromFullName(Setting::getSettings()->username_format,$item[$asset_tag][$batch_counter]['name']);
+                    $user = User::where('username','=',$base_username['username']);
+                    $user_query = ' on username '.$base_username['username'];
+
+                    if ($request->input('match_firstnamelastname')=='1') {
+                        $firstnamedotlastname = User::generateFormattedNameFromFullName('firstname.lastname',$item[$asset_tag][$batch_counter]['name']);
+                        $item[$asset_tag][$batch_counter]['username'][] = $firstnamedotlastname['username'];
+                        $user->orWhere('username','=',$firstnamedotlastname['username']);
+                        $user_query .= ', or on username '.$firstnamedotlastname['username'];
+                    }
+
+                    if ($request->input('match_flastname')=='1') {
+                        $flastname = User::generateFormattedNameFromFullName('filastname',$item[$asset_tag][$batch_counter]['name']);
+                        $item[$asset_tag][$batch_counter]['username'][] = $flastname['username'];
+                        $user->orWhere('username','=',$flastname['username']);
+                        $user_query .= ', or on username '.$flastname['username'];
+                    }
+                    if ($request->input('match_firstname')=='1') {
+                        $firstname = User::generateFormattedNameFromFullName('firstname',$item[$asset_tag][$batch_counter]['name']);
+                        $item[$asset_tag][$batch_counter]['username'][] = $firstname['username'];
+                        $user->orWhere('username','=',$firstname['username']);
+                        $user_query .= ', or on username '.$firstname['username'];
+                    }
+                    if ($request->input('match_email')=='1') {
+                        if ($item[$asset_tag][$batch_counter]['email']=='') {
+                            $item[$asset_tag][$batch_counter]['username'][] = $user_email = User::generateEmailFromFullName($item[$asset_tag][$batch_counter]['name']);
+                            $user->orWhere('username','=',$user_email);
+                            $user_query .= ', or on username '.$user_email;
+                        }
+                    }
+
+                    // A matching user was found
+                    if ($user = $user->first()) {
+                        $item[$asset_tag][$batch_counter]['checkedout_to'] = $user->id;
+                        $item[$asset_tag][$batch_counter]['user_id'] = $user->id;
+
+                        Actionlog::firstOrCreate(array(
+                                'item_id' => $asset->id,
+                                'item_type' => Asset::class,
+                                'user_id' =>  Auth::user()->id,
+                                'note' => 'Checkout imported by '.Auth::user()->fullName().' from history importer',
+                                'target_id' => $item[$asset_tag][$batch_counter]['user_id'],
+                                'target_type' => User::class,
+                                'created_at' =>  $item[$asset_tag][$batch_counter]['checkout_date'],
+                                'action_type'   => 'checkout',
+                            )
+                        );
+
+                        $asset->assigned_to = $user->id;
+
+                        if ($asset->save()) {
+                            $status['success'][]['asset'][$asset_tag]['msg'] = 'Asset successfully matched for '.Helper::array_smart_fetch($row, "name").$user_query.' on '.$item[$asset_tag][$batch_counter]['checkout_date'];
+                        } else {
+                            $status['error'][]['asset'][$asset_tag]['msg'] = 'Asset and user was matched but could not be saved.';
+                        }
+
+                    } else {
+                        $item[$asset_tag][$batch_counter]['checkedout_to'] = null;
+                        $status['error'][]['user'][Helper::array_smart_fetch($row, "name")]['msg'] = 'User does not exist so no checkin log was created.';
+                    }
+
+                } else {
+                    $item[$asset_tag][$batch_counter]['asset_id'] = null;
+                    $status['error'][]['asset'][$asset_tag]['msg'] = 'Asset does not exist so no match was attempted.';
+                }
+
+
+
+
+            }
+        }
+
+        // Loop through and backfill the checkins
+        foreach ($item as $key => $asset_batch) {
+            $total_in_batch = count($asset_batch);
+            for($x = 0; $x < $total_in_batch; $x++) {
+                $next = $x + 1;
+
+                // Only do this if a matching user was found
+                if ((array_key_exists('checkedout_to',$asset_batch[$x])) && ($asset_batch[$x]['checkedout_to']!='')) {
+
+                    if (($total_in_batch > 1) && ($x < $total_in_batch) && (array_key_exists($next,$asset_batch))) {
+                        $checkin_date = Carbon::parse($asset_batch[$next]['checkout_date'])->subDay(1)->format('Y-m-d H:i:s');
+                        $asset_batch[$x]['real_checkin'] = $checkin_date;
+
+                        Actionlog::firstOrCreate(array(
+                                'item_id' => $asset_batch[$x]['asset_id'],
+                                'item_type' => Asset::class,
+                                'user_id' => Auth::user()->id,
+                                'note' => 'Checkin imported by ' . Auth::user()->fullName() . ' from history importer',
+                                'target_id' => null,
+                                'created_at' => $checkin_date,
+                                'action_type' => 'checkin'
+                            )
+                        );
+                    }
+                }
+
+
+            }
+        }
+
+
+        return View::make('hardware/history')->with('status',$status);
+    }
+
+
    /**
    * Retore a deleted asset.
    *
@@ -1065,15 +1280,8 @@ class AssetsController extends Controller
                $upload_success = $file->move($destinationPath, $filename);

                //Log the deletion of seats to the log
-                $logaction = new Actionlog();
-                $logaction->asset_id = $asset->id;
-                $logaction->asset_type = 'hardware';
-                $logaction->user_id = Auth::user()->id;
-                $logaction->note = e(Input::get('notes'));
-                $logaction->checkedout_to =  null;
-                $logaction->created_at =  date("Y-m-d H:i:s");
-                $logaction->filename =  $filename;
-                $log = $logaction->logaction('uploaded');
+                $asset->logUpload($filename, e(Input::get('notes')));
+
            }
        } else {
            return redirect()->back()->with('error', trans('admin/hardware/message.upload.nofiles'));
@@ -1216,7 +1424,7 @@ class AssetsController extends Controller

                    return View::make('hardware/labels')->with('assets', $assets)->with('settings', $settings)->with('count', $count)->with('settings', $settings);

-                
+

            } elseif (Input::get('bulk_actions')=='delete') {

@@ -1284,7 +1492,7 @@ class AssetsController extends Controller
                    }

                    if (Input::has('purchase_cost')) {
-                        $update_array['purchase_cost'] =  e(Input::get('purchase_cost'));
+                        $update_array['purchase_cost'] =  Helper::ParseFloat(e(Input::get('purchase_cost')));
                    }

                    if (Input::has('supplier_id')) {
@@ -1330,8 +1538,8 @@ class AssetsController extends Controller
                    ->update($update_array)) {

                        $logaction = new Actionlog();
-                        $logaction->asset_id = $key;
-                        $logaction->asset_type = 'hardware';
+                        $logaction->item_type = Asset::class;
+                        $logaction->item_id = $key;
                        $logaction->created_at =  date("Y-m-d H:i:s");

                        if (Input::has('rtd_location_id')) {
@@ -1380,7 +1588,7 @@ class AssetsController extends Controller

            foreach ($assets as $asset) {
          //echo '<li>'.$asset;
-                $update_array['deleted_at'] = date('Y-m-d h:i:s');
+                $update_array['deleted_at'] = date('Y-m-d H:i:s');
                $update_array['assigned_to'] = null;

                if (DB::table('assets')
@@ -1388,8 +1596,8 @@ class AssetsController extends Controller
                ->update($update_array)) {

                    $logaction = new Actionlog();
-                    $logaction->asset_id = $asset->id;
-                    $logaction->asset_type = 'hardware';
+                    $logaction->item_type = Asset::class;
+                    $logaction->item_id = $asset->id;
                    $logaction->created_at =  date("Y-m-d H:i:s");
                    $logaction->user_id = Auth::user()->id;
                    $log = $logaction->logaction('deleted');
@@ -1420,31 +1628,31 @@ class AssetsController extends Controller
    * @since [v2.0]
    * @return String JSON
    */
-    public function getDatatable($status = null)
+    public function getDatatable(Request $request, $status = null)
    {


        $assets = Company::scopeCompanyables(Asset::select('assets.*'))->with('model', 'assigneduser', 'assigneduser.userloc', 'assetstatus', 'defaultLoc', 'assetlog', 'model', 'model.category', 'model.manufacturer', 'model.fieldset', 'assetstatus', 'assetloc', 'company')
        ->Hardware();

-        if (Input::has('search')) {
-             $assets = $assets->TextSearch(e(Input::get('search')));
+        if ($request->has('search')) {
+             $assets = $assets->TextSearch(e($request->get('search')));
        }

-        if (Input::has('offset')) {
-             $offset = e(Input::get('offset'));
+        if ($request->has('offset')) {
+             $offset = e($request->get('offset'));
        } else {
             $offset = 0;
        }

-        if (Input::has('limit')) {
-             $limit = e(Input::get('limit'));
+        if ($request->has('limit')) {
+             $limit = e($request->get('limit'));
        } else {
             $limit = 50;
        }

-        if (Input::has('order_number')) {
-            $assets->where('order_number', '=', e(Input::get('order_number')));
+        if ($request->has('order_number')) {
+            $assets->where('order_number', '=', e($request->get('order_number')));
        }

        switch ($status) {
@@ -1469,9 +1677,14 @@ class AssetsController extends Controller
            case 'Deployed':
                $assets->Deployed();
                break;
-
        }

+        if ($request->has('status_id')) {
+            $assets->where('status_id','=', e($request->get('status_id')));
+        }
+
+
+
        $allowed_columns = [
        'id',
        'name',
@@ -1501,8 +1714,8 @@ class AssetsController extends Controller
            $allowed_columns[]=$field->db_column_name();
        }

-        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'asset_tag';
+        $order = $request->get('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array($request->get('sort'), $allowed_columns) ? $request->get('sort') : 'asset_tag';

        switch ($sort) {
            case 'model':
@@ -1541,40 +1754,42 @@ class AssetsController extends Controller
        $rows = array();
        foreach ($assets as $asset) {
            $inout = '';
-            $actions = '';
+            $actions = '<div style="white-space: nowrap;">';
            if ($asset->deleted_at=='') {
                if (Gate::allows('assets.create')) {
-                    $actions = '<div style=" white-space: nowrap;"><a href="' . route('clone/hardware',
-                            $asset->id) . '" class="btn btn-info btn-sm" title="Clone asset" data-toggle="tooltip"><i class="fa fa-clone"></i>';
+                    $actions .= '<a href="' . route('clone/hardware',
+                            $asset->id) . '" class="btn btn-info btn-sm" title="Clone asset" data-toggle="tooltip"><i class="fa fa-clone"></i></a> ';
                }
                if (Gate::allows('assets.edit')) {
-                    $actions .= '</a> <a href="' . route('update/hardware',
+                    $actions .= '<a href="' . route('update/hardware',
                            $asset->id) . '" class="btn btn-warning btn-sm" title="Edit asset" data-toggle="tooltip"><i class="fa fa-pencil icon-white"></i></a> ';
                }
                if (Gate::allows('assets.delete')) {
                    $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/hardware',
-                            $asset->id) . '" data-content="' . trans('admin/hardware/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($asset->asset_tag) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
+                            $asset->id) . '" data-content="' . trans('admin/hardware/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($asset->asset_tag) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
                }
            } elseif ($asset->model->deleted_at=='') {
-                $actions = '<a href="'.route('restore/hardware', $asset->id).'" title="Restore asset" data-toggle="tooltip" class="btn btn-warning btn-sm"><i class="fa fa-recycle icon-white"></i></a>';
+                $actions .= '<a href="'.route('restore/hardware', $asset->id).'" title="Restore asset" data-toggle="tooltip" class="btn btn-warning btn-sm"><i class="fa fa-recycle icon-white"></i></a>';
            }

-            if ($asset->assetstatus) {
-                if (($asset->assetstatus->deployable != 0) && ($asset->deleted_at=='')) {
-                    if (($asset->assigned_to !='') && ($asset->assigned_to > 0)) {
-                        if (Gate::allows('assets.checkin')) {
-                            $inout = '<a href="' . route('checkin/hardware',
-                                    $asset->id) . '" class="btn btn-primary btn-sm" title="Checkin this asset" data-toggle="tooltip">' . trans('general.checkin') . '</a>';
-                        }
-                    } else {
-                        if (Gate::allows('assets.checkout')) {
-                            $inout = '<a href="' . route('checkout/hardware',
-                                    $asset->id) . '" class="btn btn-info btn-sm" title="Checkout this asset to a user" data-toggle="tooltip">' . trans('general.checkout') . '</a>';
-                        }
-                    }
+            $actions .= '</div>';
+
+            if (($asset->availableForCheckout()))
+            {
+                if (Gate::allows('assets.checkout')) {
+                    $inout = '<a href="' . route('checkout/hardware',
+                            $asset->id) . '" class="btn btn-info btn-sm" title="Checkout this asset to a user" data-toggle="tooltip">' . trans('general.checkout') . '</a>';
+                }
+
+            } else {
+                if (Gate::allows('assets.checkin')) {
+                    $inout = '<a href="' . route('checkin/hardware',
+                            $asset->id) . '" class="btn btn-primary btn-sm" title="Checkin this asset" data-toggle="tooltip">' . trans('general.checkin') . '</a>';
                }
            }

+            $purchase_cost = Helper::formatCurrencyOutput($asset->purchase_cost);
+
            $row = array(
            'checkbox'      =>'<div class="text-center"><input type="checkbox" name="edit_asset['.$asset->id.']" class="one_required"></div>',
            'id'        => $asset->id,
@@ -1586,11 +1801,11 @@ class AssetsController extends Controller
            'model_number'  => ($asset->model && $asset->model->modelno) ? (string)$asset->model->modelno : '',
            'status_label'        => ($asset->assigneduser) ? 'Deployed' : ((e($asset->assetstatus)) ? e($asset->assetstatus->name) : ''),
            'assigned_to'        => ($asset->assigneduser) ? (string)link_to(config('app.url').'/admin/users/'.$asset->assigned_to.'/view', e($asset->assigneduser->fullName())) : '',
-            'location'      => (($asset->assigneduser) && ($asset->assigneduser->userloc!='')) ? (string)link_to('admin/settings/locations/'.$asset->assigneduser->userloc->id.'/view', e($asset->assigneduser->userloc->name)) : (($asset->defaultLoc!='') ? (string)link_to('admin/settings/locations/'.$asset->defaultLoc->id.'/edit', e($asset->defaultLoc->name)) : ''),
+            'location'      => (($asset->assigneduser) && ($asset->assigneduser->userloc!='')) ? (string)link_to('admin/settings/locations/'.$asset->assigneduser->userloc->id.'/view', e($asset->assigneduser->userloc->name)) : (($asset->defaultLoc!='') ? (string)link_to('admin/settings/locations/'.$asset->defaultLoc->id.'/view', e($asset->defaultLoc->name)) : ''),
            'category'      => (($asset->model) && ($asset->model->category)) ?(string)link_to('/admin/settings/categories/'.$asset->model->category->id.'/view', e($asset->model->category->name)) : '',
            'manufacturer'      => (($asset->model) && ($asset->model->manufacturer)) ? (string)link_to('/admin/settings/manufacturers/'.$asset->model->manufacturer->id.'/view', e($asset->model->manufacturer->name)) : '',
            'eol'           => ($asset->eol_date()) ? $asset->eol_date() : '',
-            'purchase_cost'           => ($asset->purchase_cost) ? number_format($asset->purchase_cost, 2) : '',
+            'purchase_cost'           => $purchase_cost,
            'purchase_date'           => ($asset->purchase_date) ? $asset->purchase_date : '',
            'notes'         => e($asset->notes),
            'order_number'  => ($asset->order_number!='') ? '<a href="'.config('app.url').'/hardware?order_number='.e($asset->order_number).'">'.e($asset->order_number).'</a>' : '',
@@ -1602,9 +1817,36 @@ class AssetsController extends Controller
            'companyName'   => is_null($asset->company) ? '' : e($asset->company->name)
            );
            foreach ($all_custom_fields as $field) {
-                $row[$field->db_column_name()]=$asset->{$field->db_column_name()};
+                $column_name = $field->db_column_name();
+
+                if ($field->isFieldDecryptable($asset->{$column_name})) {
+
+                    if (Gate::allows('admin')) {
+                        if (($field->format=='URL') && ($asset->{$column_name}!='')) {
+                            $row[$column_name] = '<a href="'.Helper::gracefulDecrypt($field, $asset->{$column_name}).'" target="_blank">'.Helper::gracefulDecrypt($field, $asset->{$column_name}).'</a>';
+                        } else {
+                            $row[$column_name] = Helper::gracefulDecrypt($field, $asset->{$column_name});
+                        }
+
+                    } else {
+                        $row[$field->db_column_name()] = strtoupper(trans('admin/custom_fields/general.encrypted'));
+                    }
+                } else {
+                    if (($field->format=='URL') && ($asset->{$field->db_column_name()}!='')) {
+                        $row[$field->db_column_name()] = '<a href="'.$asset->{$field->db_column_name()}.'" target="_blank">'.$asset->{$field->db_column_name()}.'</a>';
+                    } else {
+                        $row[$field->db_column_name()] = e($asset->{$field->db_column_name()});
+                    }
+                }
+
            }
-            $rows[]=$row;
+
+            if (($request->has('report')) && ($request->get('report')=='true')) {
+                $rows[]= Helper::stripTagsFromJSON($row);
+            } else {
+                $rows[]= $row;
+            }
+
        }

        $data = array('total'=>$assetCount, 'rows'=>$rows);
@@ -1618,12 +1860,12 @@ class AssetsController extends Controller
          $users_list = Helper::usersList();
          // Filter out assets that are not deployable.
          $assets = Asset::RTD()->get();
-  
+
          $assets_list = Company::scopeCompanyables($assets, 'assets.company_id')->lists('detailed_name', 'id')->toArray();
-  
+
          return View::make('hardware/bulk-checkout')->with('users_list', $users_list)->with('assets_list', $assets_list);
      }
-  
+
      public function postBulkCheckout(Request $request)
      {

@@ -1633,31 +1875,31 @@ class AssetsController extends Controller

          $user = User::find(e(Input::get('assigned_to')));
          $admin = Auth::user();
-  
+
          $asset_ids = array_filter(Input::get('selected_assets'));
-  
+
          if ((Input::has('checkout_at')) && (Input::get('checkout_at')!= date("Y-m-d"))) {
              $checkout_at = e(Input::get('checkout_at'));
          } else {
              $checkout_at = date("Y-m-d H:i:s");
          }
-  
+
          if (Input::has('expected_checkin')) {
              $expected_checkin = e(Input::get('expected_checkin'));
          } else {
              $expected_checkin = '';
          }
-  
+
          $has_errors = false;
          $errors = [];
          DB::transaction(function() use ($user, $admin, $checkout_at, $expected_checkin, $errors, $asset_ids)
-          {          
+          {
              foreach($asset_ids as $asset_id)
              {
                  $asset = Asset::find($asset_id);
-  
+
                  $error = $asset->checkOutToUser($user, $admin, $checkout_at, $expected_checkin, e(Input::get('note')), null);
-  
+
                  if($error)
                  {
                      $has_errors = true;
@@ -1665,12 +1907,12 @@ class AssetsController extends Controller
                  }
              }
            });
-  
+
          if (!$errors) {
            // Redirect to the new asset page
              return redirect()->to("hardware")->with('success', trans('admin/hardware/message.checkout.success'));
          }
-  
+
        // Redirect to the asset management page with error
          return redirect()->to("hardware/bulk-checkout")->with('error', trans('admin/hardware/message.checkout.error'))->withErrors($errors);
      }
@@ -15,6 +15,7 @@ use Input;
 use Redirect;
 use Log;
 use View;
+use PragmaRX\Google2FA\Google2FA;



@@ -48,7 +49,7 @@ class AuthController extends Controller
     */
    public function __construct()
    {
-        $this->middleware('guest', ['except' => 'logout']);
+        $this->middleware('guest', ['except' => ['logout','postTwoFactorAuth','getTwoFactorAuth','getTwoFactorEnroll']]);
    }


@@ -63,6 +64,51 @@ class AuthController extends Controller
        return View::make('auth.login');
    }

+    private function login_via_ldap(Request $request)
+    {
+        LOG::debug("Binding user to LDAP.");
+        $ldap_user = Ldap::findAndBindUserLdap($request->input('username'), $request->input('password'));
+        if(!$ldap_user) {
+            LOG::debug("LDAP user ".$request->input('username')." not found in LDAP or could not bind");
+            throw new \Exception("Could not find user in LDAP directory");
+        } else {
+            LOG::debug("LDAP user ".$request->input('username')." successfully bound to LDAP");
+        }
+
+        // Check if the user exists in the database
+        $user = User::where('username', '=', Input::get('username'))->whereNull('deleted_at')->first();
+        LOG::debug("Local auth lookup complete");
+
+        // The user does not exist in the database. Try to get them from LDAP.
+        // If user does not exist and authenticates successfully with LDAP we
+        // will create it on the fly and sign in with default permissions
+        if (!$user) {
+            LOG::debug("Local user ".Input::get('username')." does not exist");
+            LOG::debug("Creating local user ".Input::get('username'));
+
+            if ($user = Ldap::createUserFromLdap($ldap_user)) { //this handles passwords on its own
+                LOG::debug("Local user created.");
+            } else {
+                LOG::debug("Could not create local user.");
+                throw new \Exception("Could not create local user");
+            }
+            // If the user exists and they were imported from LDAP already
+        } else {
+            LOG::debug("Local user ".$request->input('username')." exists in database. Updating existing user against LDAP.");
+
+            $ldap_attr = Ldap::parseAndMapLdapAttributes($ldap_user);
+
+            if (Setting::getSettings()->ldap_pw_sync=='1') {
+                $user->password = bcrypt($request->input('password'));
+            }
+
+            $user->email = $ldap_attr['email'];
+            $user->first_name = $ldap_attr['firstname'];
+            $user->last_name = $ldap_attr['lastname'];
+            $user->save();
+        } // End if(!user)
+        return $user;
+    }


    /**
@@ -77,81 +123,28 @@ class AuthController extends Controller
        if ($validator->fails()) {
            return redirect()->back()->withInput()->withErrors($validator);
        }
-
+        $user = null;
        // Should we even check for LDAP users?
        if (Setting::getSettings()->ldap_enabled=='1') {
-
            LOG::debug("LDAP is enabled.");
-            // Check if the user exists in the database
-            $user = User::where('username', '=', Input::get('username'))->whereNull('deleted_at')->first();
-            LOG::debug("Local auth lookup complete");
-
            try {
-                Ldap::findAndBindUserLdap($request->input('username'), $request->input('password'));
-                LOG::debug("Binding user to LDAP.");
+              $user = $this->login_via_ldap($request);
+              Auth::login($user, true);
            } catch (\Exception $e) {
-                LOG::debug("User ".Input::get('username').' did not authenticate successfully against LDAP.');
-                //$ldap_error = $e->getMessage();
-                // return redirect()->back()->withInput()->with('error',$e->getMessage());
+              if(Setting::getSettings()->ldap_pw_sync!='1') {
+                return redirect()->back()->withInput()->with('error',$e->getMessage());
+              }
            }
-
-
-            // The user does not exist in the database. Try to get them from LDAP.
-            // If user does not exist and authenticates sucessfully with LDAP we
-            // will create it on the fly and sign in with default permissions
-            if (!$user) {
-                LOG::debug("Local user ".Input::get('username')." does not exist");
-
-                try {
-
-                    if ($userattr = Ldap::findAndBindUserLdap($request->input('username'), $request->input('password'))) {
-                        LOG::debug("Creating local user ".Input::get('username'));
-
-                        if ($newuser = Ldap::createUserFromLdap($userattr)) {
-                            LOG::debug("Local user created..");
-                        } else {
-                            LOG::debug("Could not create local user.");
-                        }
-
-                    } else {
-                        LOG::debug("User did not authenticate correctly against LDAP. No local user was created.");
-                    }
-
-                } catch (\Exception $e) {
-                    return redirect()->back()->withInput()->with('error',$e->getMessage());
-                }
-
-            // If the user exists and they were imported from LDAP already
-            } else {
-
-                LOG::debug("Local user ".Input::get('username')." exists in database. Authenticating existing user against LDAP.");
-
-                if ($ldap_user = Ldap::findAndBindUserLdap($request->input('username'), $request->input('password'))) {
-                    $ldap_attr = Ldap::parseAndMapLdapAttributes($ldap_user);
-
-                    LOG::debug("Valid LDAP login. Updating the local data.");
-
-                    $user->password = bcrypt($request->input('password'));
-                    $user->email = $ldap_attr['email'];
-                    $user->first_name = $ldap_attr['firstname'];
-                    $user->last_name = $ldap_attr['lastname'];
-                    $user->save();
-
-                } else {
-                    LOG::debug("User ".Input::get('username')." did not authenticate correctly against LDAP. Local user was not updated.");
-                }// End LDAP auth
-
-            } // End if(!user)
-
-        // NO LDAP enabled - just try to login the user normally
        }

-        LOG::debug("Authenticating user against database.");
-        // Try to log the user in
-        if (!Auth::attempt(Input::only('username', 'password'), Input::get('remember-me', 0))) {
-            LOG::debug("Local authentication failed.");
-          // throw new Cartalyst\Sentry\Users\UserNotFoundException();
-            return redirect()->back()->withInput()->with('error', trans('auth/message.account_not_found'));
+        // If the user wasn't authenticated via LDAP, skip to local auth
+        if(!$user) {
+          LOG::debug("Authenticating user against database.");
+          // Try to log the user in
+          if (!Auth::attempt(Input::only('username', 'password'), Input::get('remember-me', 0))) {
+              LOG::debug("Local authentication failed.");
+              return redirect()->back()->withInput()->with('error', trans('auth/message.account_not_found'));
+          }
        }

        // Get the page we were before
@@ -160,25 +153,93 @@ class AuthController extends Controller
        // Unset the page we were before from the session
        \Session::forget('loginRedirect');

+
+
        // Redirect to the users page
        return redirect()->to($redirect)->with('success', trans('auth/message.signin.success'));
-
-        // Ooops.. something went wrong
-        return redirect()->back()->withInput()->withErrors($this->messageBag);
    }

+
+    /**
+     * Two factor enrollment page
+     *
+     * @return Redirect
+     */
+    public function getTwoFactorEnroll()
+    {
+
+        if (!Auth::check()) {
+            return redirect()->route('login')->with('error', 'You must be logged in.');
+        }
+
+        $user = Auth::user();
+        $google2fa = app()->make('PragmaRX\Google2FA\Contracts\Google2FA');
+
+        if ($user->two_factor_secret=='') {
+            $user->two_factor_secret = $google2fa->generateSecretKey(32);
+            $user->save();
+        }
+
+
+        $google2fa_url = $google2fa->getQRCodeGoogleUrl(
+            urlencode(Setting::getSettings()->site_name),
+            urlencode($user->username),
+            $user->two_factor_secret
+        );
+
+        return View::make('auth.two_factor_enroll')->with('google2fa_url',$google2fa_url);
+
+    }
+
+
+    /**
+     * Two factor code form page
+     *
+     * @return Redirect
+     */
+    public function getTwoFactorAuth() {
+        return View::make('auth.two_factor');
+    }
+
+    /**
+     * Two factor code submission
+     *
+     * @return Redirect
+     */
+    public function postTwoFactorAuth(Request $request) {
+
+        if (!Auth::check()) {
+            return redirect()->route('login')->with('error', 'You must be logged in.');
+        }
+
+        $user = Auth::user();
+        $secret = $request->get('two_factor_secret');
+        $google2fa = app()->make('PragmaRX\Google2FA\Contracts\Google2FA');
+        $valid = $google2fa->verifyKey($user->two_factor_secret, $secret);
+
+        if ($valid) {
+            $user->two_factor_enrolled = 1;
+            $user->save();
+            $request->session()->put('2fa_authed', 'true');
+            return redirect()->route('home')->with('success', 'You are logged in!');
+        }
+
+        return redirect()->route('two-factor')->with('error', 'Invalid two-factor code');
+
+
+    }
+
+
    /**
     * Logout page.
     *
     * @return Redirect
     */
-    public function logout()
+    public function logout(Request $request)
    {
-        // Log the user out
+        $request->session()->forget('2fa_authed');
        Auth::logout();
-
-        // Redirect to the users page
-        return redirect()->route('home')->with('success', 'You have successfully logged out!');
+        return redirect()->route('login')->with('success', 'You have successfully logged out!');
    }


@@ -37,4 +37,13 @@ class PasswordController extends Controller
    {
        $this->middleware('guest');
    }
+
+    /**
+     * Get the e-mail subject line to be used for the reset link email.
+     * Overriding method "getEmailSubject()" from trait "use ResetsPasswords"
+     * @return string
+     */
+    public function getEmailSubject(){
+        return property_exists($this, 'subject') ? $this->subject : \Lang::get('mail.reset_link');
+    }
 }
@@ -1,13 +1,14 @@
 <?php
 namespace App\Http\Controllers;

-use Illuminate\Http\Request;
 use App\Helpers\Helper;
 use App\Models\Category as Category;
 use App\Models\Company;
 use App\Models\Setting;
 use Auth;
 use DB;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Gate;
 use Input;
 use Lang;
 use Redirect;
@@ -306,9 +307,9 @@ class CategoriesController extends Controller
    public function getDataViewAssets($categoryID)
    {

-        $category = Category::with('assets.company')->find($categoryID);
+        $category = Category::find($categoryID);
+        $category = $category->load('assets.company', 'assets.model', 'assets.assetstatus', 'assets.assigneduser');
        $category_assets = $category->assets();
-
        if (Input::has('search')) {
            $category_assets = $category_assets->TextSearch(e(Input::get('search')));
        }
@@ -332,7 +333,6 @@ class CategoriesController extends Controller
        $count = $category_assets->count();
        $category_assets = $category_assets->skip($offset)->take($limit)->get();
        $rows = array();
-
        foreach ($category_assets as $asset) {

            $actions = '';
@@ -344,13 +344,13 @@ class CategoriesController extends Controller
                $actions = '<a href="'.route('restore/hardware', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-recycle icon-white"></i></a>';
            }

-            if ($asset->assetstatus) {
-                if ($asset->assetstatus->deployable != 0) {
-                    if (($asset->assigned_to !='') && ($asset->assigned_to > 0)) {
-                        $inout = '<a href="'.route('checkin/hardware', $asset->id).'" class="btn btn-primary btn-sm">'.trans('general.checkin').'</a>';
-                    } else {
-                        $inout = '<a href="'.route('checkout/hardware', $asset->id).'" class="btn btn-info btn-sm">'.trans('general.checkout').'</a>';
-                    }
+            if ($asset->availableForCheckout()) {
+                if (Gate::allows('assets.checkout')) {
+                    $inout = '<a href="'.route('checkout/hardware', $asset->id).'" class="btn btn-info btn-sm">'.trans('general.checkout').'</a>';
+                }
+            } else {
+                if (Gate::allows('assets.checkin')) {
+                    $inout = '<a href="'.route('checkin/hardware', $asset->id).'" class="btn btn-primary btn-sm">'.trans('general.checkin').'</a>';
                }
            }

@@ -363,7 +363,7 @@ class CategoriesController extends Controller
                'assigned_to' => ($asset->assigneduser) ? (string)link_to('/admin/users/'.$asset->assigneduser->id.'/view', $asset->assigneduser->fullName()): '',
                'change' => $inout,
                'actions' => $actions,
-                'companyName' => Company::getName($asset),
+                'companyName'   => is_null($asset->company) ? '' : e($asset->company->name)
            );
        }

@@ -89,6 +89,7 @@ class ComponentsController extends Controller
        $component->company_id             = Company::getIdForCurrentUser(Input::get('company_id'));
        $component->order_number           = e(Input::get('order_number'));
        $component->min_amt                = e(Input::get('min_amt'));
+        $component->serial_number             = e(Input::get('serial_number'));

        if (e(Input::get('purchase_date')) == '') {
            $component->purchase_date       =  null;
@@ -99,7 +100,7 @@ class ComponentsController extends Controller
        if (e(Input::get('purchase_cost')) == '0.00') {
            $component->purchase_cost       =  null;
        } else {
-            $component->purchase_cost       = e(Input::get('purchase_cost'));
+            $component->purchase_cost       = Helper::ParseFloat(e(Input::get('purchase_cost')));
        }

        $component->total_qty                    = e(Input::get('total_qty'));
@@ -107,6 +108,7 @@ class ComponentsController extends Controller

        // Was the component created?
        if ($component->save()) {
+            $component->logCreate();
            // Redirect to the new component  page
            return redirect()->to("admin/components")->with('success', trans('admin/components/message.create.success'));
        }
@@ -173,6 +175,7 @@ class ComponentsController extends Controller
        $component->company_id             = Company::getIdForCurrentUser(Input::get('company_id'));
        $component->order_number           = e(Input::get('order_number'));
        $component->min_amt             = e(Input::get('min_amt'));
+        $component->serial_number             = e(Input::get('serial_number'));

        if (e(Input::get('purchase_date')) == '') {
            $component->purchase_date       =  null;
@@ -183,7 +186,7 @@ class ComponentsController extends Controller
        if (e(Input::get('purchase_cost')) == '0.00') {
            $component->purchase_cost       =  null;
        } else {
-            $component->purchase_cost       = e(Input::get('purchase_cost'));
+            $component->purchase_cost       = Helper::ParseFloat(e(Input::get('purchase_cost')));
        }

        $component->total_qty                    = e(Input::get('total_qty'));
@@ -345,17 +348,11 @@ class ComponentsController extends Controller
        $component->assets()->attach($component->id, array(
        'component_id' => $component->id,
        'user_id' => $admin_user->id,
-        'created_at' => date('Y-m-d h:i:s'),
+        'created_at' => date('Y-m-d H:i:s'),
        'assigned_qty' => e(Input::get('assigned_qty')),
        'asset_id' => $asset_id));

-        $logaction = new Actionlog();
-        $logaction->component_id = $component->id;
-        $logaction->asset_id = $asset_id;
-        $logaction->asset_type = 'component';
-        $logaction->location_id = $asset->location_id;
-        $logaction->user_id = Auth::user()->id;
-        $logaction->note = e(Input::get('note'));
+        $logaction = $component->logCheckout(e(Input::get('note')), $asset_id);

        $settings = Setting::getSettings();

@@ -375,7 +372,7 @@ class ComponentsController extends Controller
                        'fields' => [
                            [
                                'title' => 'Checked Out:',
-                                'value' => strtoupper($logaction->asset_type).' <'.config('app.url').'/admin/components/'.$component->id.'/view'.'|'.$component->name.'> checked out to <'.config('app.url').'/hardware/'.$asset->id.'/view|'.$asset->name.'> by <'.config('app.url').'/admin/users/'.$admin_user->id.'/view'.'|'.$admin_user->fullName().'>.'
+                                'value' => class_basename(strtoupper($logaction->item_type)).' <'.config('app.url').'/admin/components/'.$component->id.'/view'.'|'.$component->name.'> checked out to <'.config('app.url').'/hardware/'.$asset->id.'/view|'.$asset->showAssetName().'> by <'.config('app.url').'/admin/users/'.$admin_user->id.'/view'.'|'.$admin_user->fullName().'>.'
                            ],
                            [
                                'title' => 'Note:',
@@ -389,9 +386,6 @@ class ComponentsController extends Controller
            }
        }

-
-        $log = $logaction->logaction('checkout');
-
      // Redirect to the new component page
        return redirect()->to("admin/components")->with('success', trans('admin/components/message.checkout.success'));

@@ -430,7 +424,7 @@ class ComponentsController extends Controller
            $limit = 50;
        }

-        $allowed_columns = ['id','name','min_amt','order_number','purchase_date','purchase_cost','companyName','category','total_qty'];
+        $allowed_columns = ['id','name','min_amt','order_number','serial_number','purchase_date','purchase_cost','companyName','category','total_qty'];
        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';

@@ -478,13 +472,14 @@ class ComponentsController extends Controller
                'checkbox'      =>'<div class="text-center"><input type="checkbox" name="component['.$component->id.']" class="one_required"></div>',
                'id'            => $component->id,
                'name'          => (string)link_to('admin/components/'.$component->id.'/view', e($component->name)),
+                'serial_number'          => $component->serial_number,
                'location'   => ($component->location) ? e($component->location->name) : '',
                'total_qty'           => e($component->total_qty),
                'min_amt'           => e($component->min_amt),
                'category'           => ($component->category) ? e($component->category->name) : 'Missing category',
                'order_number'  => e($component->order_number),
                'purchase_date'  => e($component->purchase_date),
-                'purchase_cost'  => ($component->purchase_cost!='') ? number_format($component->purchase_cost, 2): '' ,
+                'purchase_cost'  => Helper::formatCurrencyOutput($component->purchase_cost),
                'numRemaining'  => $component->numRemaining(),
                'actions'       => $actions,
                'companyName'   => is_null($company) ? '' : e($company->name),
@@ -97,7 +97,7 @@ class ConsumablesController extends Controller
        if (e(Input::get('purchase_cost')) == '0.00') {
            $consumable->purchase_cost       =  null;
        } else {
-            $consumable->purchase_cost       = e(Input::get('purchase_cost'));
+            $consumable->purchase_cost       = Helper::ParseFloat(e(Input::get('purchase_cost')));
        }

        $consumable->qty                    = e(Input::get('qty'));
@@ -105,6 +105,7 @@ class ConsumablesController extends Controller

        // Was the consumable created?
        if ($consumable->save()) {
+            $consumable->logCreate();
            // Redirect to the new consumable  page
            return redirect()->to("admin/consumables")->with('success', trans('admin/consumables/message.create.success'));
        }
@@ -182,10 +183,10 @@ class ConsumablesController extends Controller
        if (e(Input::get('purchase_cost')) == '0.00') {
            $consumable->purchase_cost       =  null;
        } else {
-            $consumable->purchase_cost       = e(Input::get('purchase_cost'));
+            $consumable->purchase_cost       = Helper::ParseFloat(e(Input::get('purchase_cost')));
        }

-        $consumable->qty                    = e(Input::get('qty'));
+        $consumable->qty                    = Helper::ParseFloat(e(Input::get('qty')));

        if ($consumable->save()) {
            return redirect()->to("admin/consumables")->with('success', trans('admin/consumables/message.update.success'));
@@ -316,14 +317,7 @@ class ConsumablesController extends Controller
        'user_id' => $admin_user->id,
        'assigned_to' => e(Input::get('assigned_to'))));

-        $logaction = new Actionlog();
-        $logaction->consumable_id = $consumable->id;
-        $logaction->checkedout_to = $consumable->assigned_to;
-        $logaction->asset_type = 'consumable';
-        $logaction->asset_id = 0;
-        $logaction->location_id = $user->location_id;
-        $logaction->user_id = Auth::user()->id;
-        $logaction->note = e(Input::get('note'));
+        $logaction = $consumable->logCheckout(e(Input::get('note')));

        $settings = Setting::getSettings();

@@ -343,7 +337,7 @@ class ConsumablesController extends Controller
                        'fields' => [
                            [
                                'title' => 'Checked Out:',
-                                'value' => strtoupper($logaction->asset_type).' <'.config('app.url').'/admin/consumables/'.$consumable->id.'/view'.'|'.$consumable->name.'> checked out to <'.config('app.url').'/admin/users/'.$user->id.'/view|'.$user->fullName().'> by <'.config('app.url').'/admin/users/'.$admin_user->id.'/view'.'|'.$admin_user->fullName().'>.'
+                                'value' => 'Consumable <'.config('app.url').'/admin/consumables/'.$consumable->id.'/view'.'|'.$consumable->name.'> checked out to <'.config('app.url').'/admin/users/'.$user->id.'/view|'.$user->fullName().'> by <'.config('app.url').'/admin/users/'.$admin_user->id.'/view'.'|'.$admin_user->fullName().'>.'
                            ],
                            [
                                'title' => 'Note:',
@@ -357,9 +351,6 @@ class ConsumablesController extends Controller
            }
        }

-
-        $log = $logaction->logaction('checkout');
-
        $consumable_user = DB::table('consumables_users')->where('assigned_to', '=', $consumable->assigned_to)->where('consumable_id', '=', $consumable->id)->first();

        $data['log_id'] = $logaction->id;
@@ -375,7 +366,8 @@ class ConsumablesController extends Controller

            Mail::send('emails.accept-asset', $data, function ($m) use ($user) {
                $m->to($user->email, $user->first_name . ' ' . $user->last_name);
-                $m->subject('Confirm consumable delivery');
+                $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                $m->subject(trans('mail.Confirm_consumable_delivery'));
            });
        }

@@ -398,8 +390,11 @@ class ConsumablesController extends Controller
    */
    public function getDatatable()
    {
-        $consumables = Company::scopeCompanyables(Consumable::select('consumables.*')->whereNull('consumables.deleted_at')
-            ->with('company', 'location', 'category', 'users'));
+        $consumables = Company::scopeCompanyables(
+            Consumable::select('consumables.*')
+            ->whereNull('consumables.deleted_at')
+            ->with('company', 'location', 'category', 'users', 'manufacturer')
+        );

        if (Input::has('search')) {
            $consumables = $consumables->TextSearch(e(Input::get('search')));
@@ -470,13 +465,13 @@ class ConsumablesController extends Controller
                'location'   => ($consumable->location) ? e($consumable->location->name) : '',
                'min_amt'           => e($consumable->min_amt),
                'qty'           => e($consumable->qty),
-                'manufacturer'           => ($consumable->manufacturer) ? e($consumable->manufacturer->name) : '',
-                'model_no'           => e($consumable->model_no),
-                'item_no'           => e($consumable->item_no),
-                'category'           => ($consumable->category) ? e($consumable->category->name) : 'Missing category',
+                'manufacturer'  => ($consumable->manufacturer) ? (string) link_to('/admin/settings/manufacturers/'.$consumable->manufacturer_id.'/view', $consumable->manufacturer->name): '',
+                'model_no'      => e($consumable->model_no),
+                'item_no'       => e($consumable->item_no),
+                'category'      => ($consumable->category) ? (string) link_to('/admin/settings/categories/'.$consumable->category_id.'/view', $consumable->category->name) : 'Missing category',
                'order_number'  => e($consumable->order_number),
                'purchase_date'  => e($consumable->purchase_date),
-                'purchase_cost'  => ($consumable->purchase_cost!='') ? number_format($consumable->purchase_cost, 2): '' ,
+                'purchase_cost'  => Helper::formatCurrencyOutput($consumable->purchase_cost),
                'numRemaining'  => $consumable->numRemaining(),
                'actions'       => $actions,
                'companyName'   => is_null($company) ? '' : e($company->name),
@@ -10,6 +10,8 @@ use Redirect;
 use App\Models\AssetModel;
 use Lang;
 use Auth;
+use Illuminate\Http\Request;
+use Log;

 /**
 * This controller handles all actions related to Custom Asset Fields for
@@ -63,10 +65,15 @@ class CustomFieldsController extends Controller
    * @since [v1.8]
    * @return Redirect
    */
-    public function store()
+    public function store(Request $request)
    {
        //
-        $cfset=new CustomFieldset(["name" => Input::get("name"),"user_id" => Auth::user()->id]);
+        $cfset = new CustomFieldset(
+            [
+                "name" => e($request->get("name")),
+                "user_id" => Auth::user()->id]
+            );
+
        $validator=Validator::make(Input::all(), $cfset->rules);
        if ($validator->passes()) {
            $cfset->save();
@@ -122,24 +129,33 @@ class CustomFieldsController extends Controller
    * @since [v1.8]
    * @return Redirect
    */
-    public function storeField()
+    public function storeField(Request $request)
    {
-        $field=new CustomField(["name" => Input::get("name"),"element" => Input::get("element"),"user_id" => Auth::user()->id]);
+        $field = new CustomField([
+            "name" => e($request->get("name")),
+            "element" => e($request->get("element")),
+            "field_values" => e($request->get("field_values")),
+            "field_encrypted" => e($request->get("field_encrypted", 0)),
+            "user_id" => Auth::user()->id
+        ]);
+


        if (!in_array(Input::get('format'), array_keys(CustomField::$PredefinedFormats))) {
-            $field->format=Input::get("custom_format");
+            $field->format = e($request->get("custom_format"));
        } else {
-            $field->format=Input::get('format');
+            $field->format = e($request->get("format"));
        }

+
+
        $validator=Validator::make(Input::all(), $field->rules);
        if ($validator->passes()) {
-            $results=$field->save();
-            //return "postCreateField: $results";
+            $results = $field->save();
            if ($results) {
                return redirect()->route("admin.custom_fields.index")->with("success", trans('admin/custom_fields/message.field.create.success'));
            } else {
+                dd($field);
                return redirect()->back()->withInput()->with('error', trans('admin/custom_fields/message.field.create.error'));
            }
        } else {
@@ -175,9 +191,7 @@ class CustomFieldsController extends Controller
    */
    public function deleteField($field_id)
    {
-        $field=CustomField::find($field_id);
-
-
+        $field = CustomField::find($field_id);

        if ($field->fieldset->count()>0) {
            return redirect()->back()->withErrors(['message' => "Field is in-use"]);
@@ -197,21 +211,15 @@ class CustomFieldsController extends Controller
    */
    public function show($id)
    {
-        //$id=$parameters[0];
-        $cfset=CustomFieldset::find($id);
+        $cfset = CustomFieldset::with('fields')->where('id','=',$id)->orderBy('id','ASC')->first();
+        $custom_fields_list = ["" => "Add New Field to Fieldset"] + CustomField::lists("name", "id")->toArray();

-        //print_r($parameters);
-        //
-        $custom_fields_list=["" => "Add New Field to Fieldset"] + CustomField::lists("name", "id")->toArray();
-        // print_r($custom_fields_list);
-        $maxid=0;
-        foreach ($cfset->fields as $field) {
-            // print "Looking for: ".$field->id;
+        $maxid = 0;
+        foreach ($cfset->fields() as $field) {
            if ($field->pivot->order > $maxid) {
                $maxid=$field->pivot->order;
            }
            if (isset($custom_fields_list[$field->id])) {
-                // print "Found ".$field->id.", so removing it.<br>";
                unset($custom_fields_list[$field->id]);
            }
        }
@@ -261,14 +269,14 @@ class CustomFieldsController extends Controller
    public function destroy($id)
    {
        //
-        $fieldset=CustomFieldset::find($id);
+        $fieldset = CustomFieldset::find($id);

        $models = AssetModel::where("fieldset_id", "=", $id);
-        if ($models->count()==0) {
+        if ($models->count() == 0) {
            $fieldset->delete();
            return redirect()->route("admin.custom_fields.index")->with("success", trans('admin/custom_fields/message.fieldset.delete.success'));
        } else {
-            return redirect()->route("admin.custom_fields.index")->with("error", trans('admin/custom_fields/message.fieldset.delete.in_use')); //->with("models",$models);
+            return redirect()->route("admin.custom_fields.index")->with("error", trans('admin/custom_fields/message.fieldset.delete.in_use'));
        }
    }

@@ -281,18 +289,23 @@ class CustomFieldsController extends Controller
     * @since [v3.0]
     * @return Array
     */
-    public function postReorder($id)
+    public function postReorder(Request $request, $id)
    {
-        $fieldset=CustomFieldset::find($id);
+        $fieldset = CustomFieldset::find($id);
        $fields = array();
+        $order_array = array();

-        $items = Input::get('item');
-        foreach ($fieldset->fields as $field) {
-            $value = array_shift($items);
-            $fields[$field->id] = ['required' => $field->pivot->required, 'order' => $value];
+        $items = $request->input('item');
+
+        foreach ($items as $order => $field_id) {
+            $order_array[$field_id] = $order;
        }
-        return $fieldset->fields()->sync($fields);

+        foreach ($fieldset->fields as $field) {
+            $fields[$field->id] = ['required' => $field->pivot->required, 'order' => $order_array[$field->id]];
+        }
+
+        return $fieldset->fields()->sync($fields);

    }
 }
@@ -30,12 +30,6 @@ class DashboardController extends Controller
        // Show the page
        if (Auth::user()->hasAccess('admin')) {

-            $recent_activity = Actionlog::orderBy('created_at', 'DESC')
-                ->with('accessorylog', 'consumablelog', 'licenselog', 'assetlog', 'adminlog', 'userlog', 'componentlog')
-                ->take(30)
-                ->get();
-
-
            $asset_stats['total'] = Asset::Hardware()->count();

            $asset_stats['rtd']['total'] = Asset::Hardware()->RTD()->count();
@@ -82,10 +76,10 @@ class DashboardController extends Controller
            }


-            return View::make('dashboard')->with('asset_stats', $asset_stats)->with('recent_activity', $recent_activity);
+            return View::make('dashboard')->with('asset_stats', $asset_stats);
        } else {
        // Redirect to the profile page
-            return redirect()->route('view-assets');
+            return redirect()->intended('account/view-assets');
        }
    }
 }
@@ -61,18 +61,17 @@ class LicensesController extends Controller
    public function getCreate()
    {

-        $depreciation_list = Helper::depreciationList();
-        $supplier_list = Helper::suppliersList();
        $maintained_list = array('' => 'Maintained', '1' => 'Yes', '0' => 'No');
-        $company_list = Helper::companyList();

        return View::make('licenses/edit')
            //->with('license_options',$license_options)
-            ->with('depreciation_list', $depreciation_list)
-            ->with('supplier_list', $supplier_list)
+            ->with('depreciation_list', Helper::depreciationList())
+            ->with('supplier_list', Helper::suppliersList())
            ->with('maintained_list', $maintained_list)
-            ->with('company_list', $company_list)
+            ->with('company_list', Helper::companyList())
+            ->with('manufacturer_list', Helper::manufacturerList())
            ->with('license', new License);
+
    }


@@ -88,17 +87,13 @@ class LicensesController extends Controller
    public function postCreate()
    {

-
-        // get the POST data
-        $new = Input::all();
-
        // create a new model instance
        $license = new License();

        if (e(Input::get('purchase_cost')) == '') {
            $license->purchase_cost =  null;
        } else {
-            $license->purchase_cost = e(Input::get('purchase_cost'));
+            $license->purchase_cost = Helper::ParseFloat(e(Input::get('purchase_cost')));
        }

        if (e(Input::get('supplier_id')) == '') {
@@ -125,6 +120,12 @@ class LicensesController extends Controller
            $license->purchase_order = e(Input::get('purchase_order'));
        }

+        if (empty(e(Input::get('manufacturer_id')))) {
+            $license->manufacturer_id = null;
+        } else {
+            $license->manufacturer_id = e(Input::get('manufacturer_id'));
+        }
+
        // Save the license data
        $license->name              = e(Input::get('name'));
        $license->serial            = e(Input::get('serial'));
@@ -154,7 +155,7 @@ class LicensesController extends Controller

            // Was the license created?
        if ($license->save()) {
-
+            $license->logCreate();
            $insertedId = $license->id;
          // Save the license seat data
            DB::transaction(function () use (&$insertedId, &$license) {
@@ -206,17 +207,15 @@ class LicensesController extends Controller

        // Show the page
        $license_options = array('' => 'Top Level') + DB::table('assets')->where('id', '!=', $licenseId)->pluck('name', 'id');
-        $depreciation_list = array('0' => trans('admin/licenses/form.no_depreciation')) + Depreciation::pluck('name', 'id')->toArray();
-        $supplier_list = array('' => 'Select Supplier') + Supplier::orderBy('name', 'asc')->pluck('name', 'id')->toArray();
        $maintained_list = array('' => 'Maintained', '1' => 'Yes', '0' => 'No');
-        $company_list = Helper::companyList();

        return View::make('licenses/edit', compact('license'))
            ->with('license_options', $license_options)
-            ->with('depreciation_list', $depreciation_list)
-            ->with('supplier_list', $supplier_list)
-            ->with('company_list', $company_list)
-            ->with('maintained_list', $maintained_list);
+            ->with('depreciation_list', Helper::depreciationList())
+            ->with('supplier_list', Helper::suppliersList())
+            ->with('company_list', Helper::companyList())
+            ->with('maintained_list', $maintained_list)
+            ->with('manufacturer_list', Helper::manufacturerList());
    }


@@ -253,6 +252,13 @@ class LicensesController extends Controller
        $license->maintained        = e(Input::get('maintained'));
        $license->reassignable      = e(Input::get('reassignable'));

+        if (empty(e(Input::get('manufacturer_id')))) {
+            $license->manufacturer_id = null;
+        } else {
+            $license->manufacturer_id = e(Input::get('manufacturer_id'));
+        }
+
+
        if (e(Input::get('supplier_id')) == '') {
            $license->supplier_id = null;
        } else {
@@ -279,10 +285,9 @@ class LicensesController extends Controller
        }

        if (e(Input::get('purchase_cost')) == '') {
-              $license->purchase_cost =  null;
+            $license->purchase_cost =  null;
        } else {
-              $license->purchase_cost = e(Input::get('purchase_cost'));
-              //$license->purchase_cost = e(Input::get('purchase_cost'));
+            $license->purchase_cost = Helper::ParseFloat(e(Input::get('purchase_cost')));
        }

        if (e(Input::get('maintained')) == '') {
@@ -324,11 +329,11 @@ class LicensesController extends Controller

                  //Log the deletion of seats to the log
                    $logaction = new Actionlog();
-                    $logaction->asset_id = $license->id;
-                    $logaction->asset_type = 'software';
+                    $logaction->item_type = License::class;
+                    $logaction->item_id = $license->id;
                    $logaction->user_id = Auth::user()->id;
-                    $logaction->note = abs($difference)." seats";
-                    $logaction->checkedout_to =  null;
+                    $logaction->note = '-'.abs($difference)." seats";
+                    $logaction->target_id =  null;
                    $log = $logaction->logaction('delete seats');

                } else {
@@ -349,10 +354,11 @@ class LicensesController extends Controller

                //Log the addition of license to the log.
                $logaction = new Actionlog();
-                $logaction->asset_id = $license->id;
-                $logaction->asset_type = 'software';
+                $logaction->item_type = License::class;
+                $logaction->item_id = $license->id;
                $logaction->user_id = Auth::user()->id;
-                $logaction->note = abs($difference)." seats";
+                $logaction->note = '+'.abs($difference)." seats";
+                $logaction->target_id =  null;
                $log = $logaction->logaction('add seats');
            }
            $license->seats             = e(Input::get('seats'));
@@ -502,7 +508,7 @@ class LicensesController extends Controller
            }


-            if (($asset->assigned_to!='') && (($asset->assigned_to!=$assigned_to)) && ($assigned_to!='') ) {
+            if (($asset->assigned_to!='') && (($asset->assigned_to!=$assigned_to)) && ($assigned_to!='')) {
                return redirect()->to('admin/licenses')->with('error', trans('admin/licenses/message.owner_doesnt_match_asset'));
            }

@@ -533,14 +539,10 @@ class LicensesController extends Controller
        // Was the asset updated?
        if ($licenseseat->save()) {

-            $logaction = new Actionlog();
-
-            //$logaction->location_id = $assigned_to->location_id;
-            $logaction->asset_type = 'software';
-            $logaction->user_id = Auth::user()->id;
-            $logaction->note = e(Input::get('note'));
-            $logaction->asset_id = $licenseseat->license_id;
+            $licenseseat->logCheckout(e(Input::get('note')));

+            $data['license_id'] =$licenseseat->license_id;
+            $data['note'] = e(Input::get('note'));

            $license = License::find($licenseseat->license_id);
            $settings = Setting::getSettings();
@@ -548,11 +550,9 @@ class LicensesController extends Controller

            // Update the asset data
            if (e(Input::get('assigned_to')) == '') {
-                $logaction->checkedout_to = null;
-                $slack_msg = strtoupper($logaction->asset_type).' license <'.config('app.url').'/admin/licenses/'.$license->id.'/view'.'|'.$license->name.'> checked out to <'.config('app.url').'/hardware/'.$asset->id.'/view|'.$asset->showAssetName().'> by <'.config('app.url').'/admin/users/'.$user->id.'/view'.'|'.$user->fullName().'>.';
+                $slack_msg = 'License <'.config('app.url').'/admin/licenses/'.$license->id.'/view'.'|'.$license->name.'> checked out to <'.config('app.url').'/hardware/'.$asset->id.'/view|'.$asset->showAssetName().'> by <'.config('app.url').'/admin/users/'.$user->id.'/view'.'|'.$user->fullName().'>.';
            } else {
-                $logaction->checkedout_to = e(Input::get('assigned_to'));
-                $slack_msg = strtoupper($logaction->asset_type).' license <'.config('app.url').'/admin/licenses/'.$license->id.'/view'.'|'.$license->name.'> checked out to <'.config('app.url').'/admin/users/'.$user->id.'/view|'.$is_assigned_to->fullName().'> by <'.config('app.url').'/admin/users/'.$user->id.'/view'.'|'.$user->fullName().'>.';
+                $slack_msg = 'License <'.config('app.url').'/admin/licenses/'.$license->id.'/view'.'|'.$license->name.'> checked out to <'.config('app.url').'/admin/users/'.$user->id.'/view|'.$is_assigned_to->fullName().'> by <'.config('app.url').'/admin/users/'.$user->id.'/view'.'|'.$user->fullName().'>.';
            }


@@ -578,7 +578,7 @@ class LicensesController extends Controller
                                ],
                                [
                                    'title' => 'Note:',
-                                    'value' => e($logaction->note)
+                                    'value' => e(Input::get('note'))
                                ],


@@ -592,9 +592,6 @@ class LicensesController extends Controller

            }

-            $log = $logaction->logaction('checkout');
-
-
            // Redirect to the new asset page
            return redirect()->to("admin/licenses")->with('success', trans('admin/licenses/message.checkout.success'));
        }
@@ -673,8 +670,6 @@ class LicensesController extends Controller
            return redirect()->back()->withInput()->withErrors($validator);
        }
        $return_to = $licenseseat->assigned_to;
-        $logaction = new Actionlog();
-        $logaction->checkedout_to = $licenseseat->assigned_to;

        // Update the asset data
        $licenseseat->assigned_to                   = null;
@@ -684,11 +679,7 @@ class LicensesController extends Controller

        // Was the asset updated?
        if ($licenseseat->save()) {
-            $logaction->asset_id = $licenseseat->license_id;
-            $logaction->location_id = null;
-            $logaction->asset_type = 'software';
-            $logaction->note = e(Input::get('note'));
-            $logaction->user_id = $user->id;
+            $licenseseat->logCheckin(e(Input::get('note')));

            $settings = Setting::getSettings();

@@ -709,11 +700,11 @@ class LicensesController extends Controller
                            'fields' => [
                                [
                                    'title' => 'Checked In:',
-                                    'value' => strtoupper($logaction->asset_type).' <'.config('app.url').'/admin/licenses/'.$license->id.'/view'.'|'.$license->name.'> checked in by <'.config('app.url').'/admin/users/'.$user->id.'/view'.'|'.$user->fullName().'>.'
+                                    'value' => 'License: <'.config('app.url').'/admin/licenses/'.$license->id.'/view'.'|'.$license->name.'> checked in by <'.config('app.url').'/admin/users/'.$user->id.'/view'.'|'.$user->fullName().'>.'
                                ],
                                [
                                    'title' => 'Note:',
-                                    'value' => e($logaction->note)
+                                    'value' => e(Input::get('note'))
                                ],

                            ]
@@ -726,9 +717,6 @@ class LicensesController extends Controller
            }


-            $log = $logaction->logaction('checkin from');
-
-

            if ($backto=='user') {
                return redirect()->to("admin/users/".$return_to.'/view')->with('success', trans('admin/licenses/message.checkin.success'));
@@ -754,6 +742,7 @@ class LicensesController extends Controller
    {

        $license = License::find($licenseId);
+        $license = $license->load('assignedusers', 'licenseSeats.user', 'licenseSeats.asset');

        if (isset($license->id)) {

@@ -799,7 +788,8 @@ class LicensesController extends Controller
        ->with('supplier_list', $supplier_list)
        ->with('license', $license)
        ->with('maintained_list', $maintained_list)
-        ->with('company_list', $company_list);
+        ->with('company_list', $company_list)
+        ->with('manufacturer_list', Helper::manufacturerList());

    }

@@ -832,7 +822,7 @@ class LicensesController extends Controller
                foreach (Input::file('licensefile') as $file) {

                    $rules = array(
-                    'licensefile' => 'required|mimes:png,gif,jpg,jpeg,doc,docx,pdf,txt,zip,rar|max:2000'
+                    'licensefile' => 'required|mimes:png,gif,jpg,jpeg,doc,docx,pdf,txt,zip,rar,rtf|max:2000'
                    );
                    $validator = Validator::make(array('licensefile'=> $file), $rules);

@@ -843,16 +833,8 @@ class LicensesController extends Controller
                        $filename .= '-'.str_slug($file->getClientOriginalName()).'.'.$extension;
                        $upload_success = $file->move($destinationPath, $filename);

-                        //Log the deletion of seats to the log
-                        $logaction = new Actionlog();
-                        $logaction->asset_id = $license->id;
-                        $logaction->asset_type = 'software';
-                        $logaction->user_id = Auth::user()->id;
-                        $logaction->note = e(Input::get('notes'));
-                        $logaction->checkedout_to =  null;
-                        $logaction->created_at =  date("Y-m-d h:i:s");
-                        $logaction->filename =  $filename;
-                        $log = $logaction->logaction('uploaded');
+                        //Log the upload to the log
+                        $license->logUpload($filename, e(Input::get('notes')));
                    } else {
                         return redirect()->back()->with('error', trans('admin/licenses/message.upload.invalidfiles'));
                    }
@@ -966,17 +948,28 @@ class LicensesController extends Controller
    */
    public function getDatatable()
    {
-        $licenses = Company::scopeCompanyables(License::with('company'));
+        $licenses = Company::scopeCompanyables(License::with('company', 'licenseSeatsRelation', 'manufacturer'));

        if (Input::has('search')) {
            $licenses = $licenses->TextSearch(Input::get('search'));
        }

-        $allowed_columns = ['id','name','purchase_cost','expiration_date','purchase_order','order_number','notes','purchase_date','serial'];
+        $allowed_columns = ['id','name','purchase_cost','expiration_date','purchase_order','order_number','notes','purchase_date','serial','manufacturer','company'];
        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array(Input::get('sort'), $allowed_columns) ? e(Input::get('sort')) : 'created_at';

-        $licenses = $licenses->orderBy($sort, $order);
+        switch ($sort) {
+            case 'manufacturer':
+                $licenses = $licenses->OrderManufacturer($order);
+                break;
+            case 'company':
+                $licenses = $licenses->OrderCompany($order);
+                break;
+            default:
+                $licenses = $licenses->orderBy($sort, $order);
+                break;
+        }
+

        $licenseCount = $licenses->count();
        $licenses = $licenses->skip(Input::get('offset'))->take(Input::get('limit'))->get();
@@ -987,21 +980,22 @@ class LicensesController extends Controller
            $actions = '<span style="white-space: nowrap;">';

            if (Gate::allows('licenses.checkout')) {
-                $actions .= '<a href="' . route('freecheckout/license',
-                        $license->id) . '" class="btn btn-primary btn-sm' . (($license->remaincount() > 0) ? '' : ' disabled') . '" style="margin-right:5px;">' . trans('general.checkout') . '</a> ';
+                $actions .= '<a href="' . route('freecheckout/license', $license->id)
+                . '" class="btn btn-primary btn-sm' . (($license->remaincount() > 0) ? '' : ' disabled') . '" style="margin-right:5px;">' . trans('general.checkout') . '</a> ';
            }

            if (Gate::allows('licenses.create')) {
-                $actions .= '<a href="' . route('clone/license',
-                        $license->id) . '" class="btn btn-info btn-sm" style="margin-right:5px;" title="Clone asset"><i class="fa fa-files-o"></i></a>';
+                $actions .= '<a href="' . route('clone/license', $license->id)
+                . '" class="btn btn-info btn-sm" style="margin-right:5px;" title="Clone license"><i class="fa fa-files-o"></i></a>';
            }
            if (Gate::allows('licenses.edit')) {
-                $actions .= '<a href="' . route('update/license',
-                        $license->id) . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
+                $actions .= '<a href="' . route('update/license', $license->id)
+                . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
            }
            if (Gate::allows('licenses.delete')) {
-                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/license',
-                        $license->id) . '" data-content="' . trans('admin/licenses/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($license->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
+                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'
+                 . route('delete/license', $license->id)
+                 . '" data-content="' . trans('admin/licenses/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($license->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
            }
            $actions .='</span>';

@@ -1009,18 +1003,19 @@ class LicensesController extends Controller
                'id'                => $license->id,
                'name'              => (string) link_to('/admin/licenses/'.$license->id.'/view', $license->name),
                'serial'            => (string) link_to('/admin/licenses/'.$license->id.'/view', mb_strimwidth($license->serial, 0, 50, "...")),
-                'totalSeats'        => $license->totalSeatsByLicenseID(),
+                'totalSeats'        => $license->licenseSeatsCount,
                'remaining'         => $license->remaincount(),
                'license_name'      => e($license->license_name),
-                'license_email'      => e($license->license_email),
+                'license_email'     => e($license->license_email),
                'purchase_date'     => ($license->purchase_date) ? $license->purchase_date : '',
                'expiration_date'     => ($license->expiration_date) ? $license->expiration_date : '',
-                'purchase_cost'     => ($license->purchase_cost) ? number_format($license->purchase_cost, 2) : '',
+                'purchase_cost'     => Helper::formatCurrencyOutput($license->purchase_cost),
                'purchase_order'     => ($license->purchase_order) ? e($license->purchase_order) : '',
                'order_number'     => ($license->order_number) ? e($license->order_number) : '',
                'notes'     => ($license->notes) ? e($license->notes) : '',
                'actions'           => $actions,
-                'companyName'       => is_null($license->company) ? '' : e($license->company->name)
+                'company'       => is_null($license->company) ? '' : e($license->company->name),
+                'manufacturer'      => $license->manufacturer ? (string) link_to('/admin/settings/manufacturers/'.$license->manufacturer_id.'/view', $license->manufacturer->name) : ''
            );
        }

@@ -2,14 +2,15 @@
 namespace App\Http\Controllers;

 use App\Models\Company;
+use App\Models\Manufacturer;
+use App\Models\Setting;
+use Auth;
+use Gate;
 use Input;
 use Lang;
-use App\Models\Manufacturer;
 use Redirect;
-use App\Models\Setting;
 use Str;
 use View;
-use Auth;

 /**
 * This controller handles all actions related to Manufacturers for
@@ -254,10 +255,28 @@ class ManufacturersController extends Controller
    * @since [v1.0]
    * @return String JSON
    */
-    public function getDataView($manufacturerId)
+    public function getDataView($manufacturerId, $itemtype = null)
    {
+        $manufacturer = Manufacturer::find($manufacturerId);

-        $manufacturer = Manufacturer::with('assets.company')->find($manufacturerId);
+        switch ($itemtype) {
+            case "assets":
+                return $this->getDataAssetsView($manufacturer);
+            case "licenses":
+                return $this->getDataLicensesView($manufacturer);
+            case "accessories":
+                return $this->getDataAccessoriesView($manufacturer);
+            case "consumables":
+                return $this->getDataConsumablesView($manufacturer);
+        }
+
+        throw new Exception("We shouldn't be here");
+
+    }
+
+    protected function getDataAssetsView(Manufacturer $manufacturer)
+    {
+        $manufacturer = $manufacturer->load('assets.model', 'assets.assigneduser', 'assets.assetstatus', 'assets.company');
        $manufacturer_assets = $manufacturer->assets;

        if (Input::has('search')) {
@@ -293,35 +312,229 @@ class ManufacturersController extends Controller
                $actions = '<a href="'.route('restore/hardware', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-recycle icon-white"></i></a>';
            }

-            if ($asset->assetstatus) {
-                if ($asset->assetstatus->deployable != 0) {
-                    if (($asset->assigned_to !='') && ($asset->assigned_to > 0)) {
-                        $inout = '<a href="'.route('checkin/hardware', $asset->id).'" class="btn btn-primary btn-sm">'.trans('general.checkin').'</a>';
-                    } else {
-                        $inout = '<a href="'.route('checkout/hardware', $asset->id).'" class="btn btn-info btn-sm">'.trans('general.checkout').'</a>';
-                    }
+            if ($asset->availableForCheckout()) {
+                if (Gate::allows('assets.checkout')) {
+                    $inout = '<a href="'.route('checkout/hardware', $asset->id).'" class="btn btn-info btn-sm">'.trans('general.checkout').'</a>';
+                }
+            } else {
+                if (Gate::allows('assets.checkin')) {
+                    $inout = '<a href="'.route('checkin/hardware', $asset->id).'" class="btn btn-primary btn-sm">'.trans('general.checkin').'</a>';
                }
            }

-            $row = array(
-            'id' => $asset->id,
-            'name' => (string)link_to('/hardware/'.$asset->id.'/view', e($asset->showAssetName())),
-            'model' => e($asset->model->name),
-            'asset_tag' => e($asset->asset_tag),
-            'serial' => e($asset->serial),
-            'assigned_to' => ($asset->assigneduser) ? (string)link_to('/admin/users/'.$asset->assigneduser->id.'/view', e($asset->assigneduser->fullName())): '',
-            'actions' => $actions,
-            'companyName' => e(Company::getName($asset)),
-            );
+            $rows[] = array(
+                'id' => $asset->id,
+                'name' => (string)link_to('/hardware/'.$asset->id.'/view', e($asset->showAssetName())),
+                'model' => e($asset->model->name),
+                'asset_tag' => e($asset->asset_tag),
+                'serial' => e($asset->serial),
+                'assigned_to' => ($asset->assigneduser) ? (string)link_to('/admin/users/'.$asset->assigneduser->id.'/view', e($asset->assigneduser->fullName())): '',
+                'actions' => $actions,
+                // 'companyName' => e(Company::getName($asset)),
+                'companyName' => is_null($asset->company) ? '' : $asset->company->name
+                );

            if (isset($inout)) {
                $row['change'] = $inout;
            }
-
-            $rows[] = $row;
        }

        $data = array('total' => $count, 'rows' => $rows);
        return $data;
    }
+
+    protected function getDataLicensesView(Manufacturer $manufacturer)
+    {
+        $manufacturer = $manufacturer->load('licenses.company', 'licenses.manufacturer', 'licenses.licenseSeatsRelation');
+        $licenses = $manufacturer->licenses;
+
+        if (Input::has('search')) {
+            $licenses = $licenses->TextSearch(Input::get('search'));
+        }
+
+        $licenseCount = $licenses->count();
+
+        $rows = array();
+
+        foreach ($licenses as $license) {
+            $actions = '<span style="white-space: nowrap;">';
+
+            if (Gate::allows('licenses.checkout')) {
+                $actions .= '<a href="' . route('freecheckout/license', $license->id)
+                . '" class="btn btn-primary btn-sm' . (($license->remaincount() > 0) ? '' : ' disabled') . '" style="margin-right:5px;">' . trans('general.checkout') . '</a> ';
+            }
+
+            if (Gate::allows('licenses.create')) {
+                $actions .= '<a href="' . route('clone/license', $license->id)
+                . '" class="btn btn-info btn-sm" style="margin-right:5px;" title="Clone asset"><i class="fa fa-files-o"></i></a>';
+            }
+            if (Gate::allows('licenses.edit')) {
+                $actions .= '<a href="' . route('update/license', $license->id)
+                . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
+            }
+            if (Gate::allows('licenses.delete')) {
+                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'
+                 . route('delete/license', $license->id)
+                 . '" data-content="' . trans('admin/licenses/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($license->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
+            }
+            $actions .='</span>';
+
+            $rows[] = array(
+                'id'                => $license->id,
+                'name'              => (string) link_to('/admin/licenses/'.$license->id.'/view', $license->name),
+                'serial'            => (string) link_to('/admin/licenses/'.$license->id.'/view', mb_strimwidth($license->serial, 0, 50, "...")),
+                'totalSeats'        => $license->licenseSeatCount,
+                'remaining'         => $license->remaincount(),
+                'license_name'      => e($license->license_name),
+                'license_email'     => e($license->license_email),
+                'purchase_date'     => ($license->purchase_date) ? $license->purchase_date : '',
+                'expiration_date'   => ($license->expiration_date) ? $license->expiration_date : '',
+                'purchase_cost'     => ($license->purchase_cost) ? number_format($license->purchase_cost, 2) : '',
+                'purchase_order'    => ($license->purchase_order) ? e($license->purchase_order) : '',
+                'order_number'      => ($license->order_number) ? e($license->order_number) : '',
+                'notes'             => ($license->notes) ? e($license->notes) : '',
+                'actions'           => $actions,
+                'companyName'       => is_null($license->company) ? '' : e($license->company->name),
+                'manufacturer'      => $license->manufacturer ? (string) link_to('/admin/settings/manufacturers/'.$license->manufacturer_id.'/view', $license->manufacturer->name) : ''
+            );
+        }
+
+        $data = array('total' => $licenseCount, 'rows' => $rows);
+
+        return $data;
+    }
+
+    public function getDataAccessoriesView(Manufacturer $manufacturer)
+    {
+        $manufacturer = $manufacturer->load(
+            'accessories.location',
+            'accessories.company',
+            'accessories.category',
+            'accessories.manufacturer',
+            'accessories.users'
+            );
+        $accessories = $manufacturer->accessories;
+
+        if (Input::has('search')) {
+            $accessories = $accessories->TextSearch(e(Input::get('search')));
+        }
+
+        if (Input::has('limit')) {
+            $limit = e(Input::get('limit'));
+        } else {
+            $limit = 50;
+        }
+
+        $accessCount = $accessories->count();
+
+        $rows = array();
+
+        foreach ($accessories as $accessory) {
+
+            $actions = '<nobr>';
+            if (Gate::allows('accessories.checkout')) {
+                $actions .= '<a href="' . route('checkout/accessory',
+                        $accessory->id) . '" style="margin-right:5px;" class="btn btn-info btn-sm" ' . (($accessory->numRemaining() > 0) ? '' : ' disabled') . '>' . trans('general.checkout') . '</a>';
+            }
+            if (Gate::allows('accessories.edit')) {
+                $actions .= '<a href="' . route('update/accessory',
+                        $accessory->id) . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
+            }
+            if (Gate::allows('accessories.delete')) {
+                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/accessory',
+                        $accessory->id) . '" data-content="' . trans('admin/accessories/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($accessory->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
+            }
+            $actions .= '</nobr>';
+            $company = $accessory->company;
+
+            $rows[] = array(
+            'name'          => '<a href="'.url('admin/accessories/'.$accessory->id).'/view">'. $accessory->name.'</a>',
+            'category'      => ($accessory->category) ? (string)link_to('admin/settings/categories/'.$accessory->category->id.'/view', $accessory->category->name) : '',
+            'qty'           => e($accessory->qty),
+            'order_number'  => e($accessory->order_number),
+            'min_amt'  => e($accessory->min_amt),
+            'location'      => ($accessory->location) ? e($accessory->location->name): '',
+            'purchase_date' => e($accessory->purchase_date),
+            'purchase_cost' => number_format($accessory->purchase_cost, 2),
+            'numRemaining'  => $accessory->numRemaining(),
+            'actions'       => $actions,
+            'companyName'   => is_null($company) ? '' : e($company->name),
+            'manufacturer'      => $accessory->manufacturer ? (string) link_to('/admin/settings/manufacturers/'.$accessory->manufacturer_id.'/view', $accessory->manufacturer->name) : ''
+
+            );
+        }
+
+        $data = array('total'=>$accessCount, 'rows'=>$rows);
+
+        return $data;
+    }
+
+    public function getDataConsumablesView($manufacturer)
+    {
+        $manufacturer = $manufacturer->load(
+            'consumables.location',
+            'consumables.company',
+            'consumables.category',
+            'consumables.manufacturer',
+            'consumables.users'
+        );
+        $consumables = $manufacturer->consumables;
+
+        if (Input::has('search')) {
+            $consumables = $consumables->TextSearch(e(Input::get('search')));
+        }
+
+        if (Input::has('limit')) {
+            $limit = e(Input::get('limit'));
+        } else {
+            $limit = 50;
+        }
+
+        $consumCount = $consumables->count();
+
+        $rows = array();
+
+        foreach ($consumables as $consumable) {
+            $actions = '<nobr>';
+            if (Gate::allows('consumables.checkout')) {
+                $actions .= '<a href="' . route('checkout/consumable',
+                        $consumable->id) . '" style="margin-right:5px;" class="btn btn-info btn-sm" ' . (($consumable->numRemaining() > 0) ? '' : ' disabled') . '>' . trans('general.checkout') . '</a>';
+            }
+
+            if (Gate::allows('consumables.edit')) {
+                $actions .= '<a href="' . route('update/consumable',
+                        $consumable->id) . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
+            }
+            if (Gate::allows('consumables.delete')) {
+                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/consumable',
+                        $consumable->id) . '" data-content="' . trans('admin/consumables/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($consumable->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
+            }
+
+            $actions .='</nobr>';
+
+            $company = $consumable->company;
+
+            $rows[] = array(
+                'id'            => $consumable->id,
+                'name'          => (string)link_to('admin/consumables/'.$consumable->id.'/view', e($consumable->name)),
+                'location'      => ($consumable->location) ? e($consumable->location->name) : '',
+                'min_amt'       => e($consumable->min_amt),
+                'qty'           => e($consumable->qty),
+                'manufacturer'  => ($consumable->manufacturer) ? (string) link_to('/admin/settings/manufacturers/'.$consumable->manufacturer_id.'/view', $consumable->manufacturer->name): '',
+                'model_no'      => e($consumable->model_no),
+                'item_no'       => e($consumable->item_no),
+                'category'      => ($consumable->category) ? (string) link_to('/admin/settings/categories/'.$consumable->category_id.'/view', $consumable->category->name) : 'Missing category',
+                'order_number'  => e($consumable->order_number),
+                'purchase_date' => e($consumable->purchase_date),
+                'purchase_cost' => ($consumable->purchase_cost!='') ? number_format($consumable->purchase_cost, 2): '' ,
+                'numRemaining'  => $consumable->numRemaining(),
+                'actions'       => $actions,
+                'companyName'   => is_null($company) ? '' : e($company->name),
+            );
+        }
+
+        $data = array('total' => $consumCount, 'rows' => $rows);
+
+        return $data;
+    }
 }
@@ -8,6 +8,8 @@ use App\Models\Location;
 use View;
 use Auth;
 use App\Helpers\Helper;
+use App\Models\Setting;
+use Gate;

 /**
 * This controller handles all actions related to User Profiles for
@@ -53,9 +55,14 @@ class ProfileController extends Controller
        $user->gravatar   = e(Input::get('gravatar'));
        $user->locale = e(Input::get('locale'));

+
+        if ((Gate::allows('self.two_factor')) && ((Setting::getSettings()->two_factor_enabled=='1') && (!config('app.lock_passwords')))) {
+            $user->two_factor_optin = e(Input::get('two_factor_optin', '0'));
+        }
+        
        if (Input::file('avatar')) {
            $image = Input::file('avatar');
-            $file_name = $user->first_name."-".$user->last_name.".".$image->getClientOriginalExtension();
+            $file_name = str_slug($user->first_name."-".$user->last_name).".".$image->getClientOriginalExtension();
            $path = public_path('uploads/avatars/'.$file_name);
            Image::make($image->getRealPath())->resize(84, 84)->save($path);
            $user->avatar = $file_name;
@@ -1,25 +1,27 @@
 <?php
 namespace App\Http\Controllers;

+use App\Helpers\Helper;
 use App\Models\Accessory;
 use App\Models\Actionlog;
 use App\Models\Asset;
 use App\Models\AssetMaintenance;
-use Carbon\Carbon;
+use App\Models\AssetModel;
 use App\Models\Company;
+use App\Models\CustomField;
+use App\Models\License;
+use App\Models\Location;
+use App\Models\Setting;
+use App\Models\User;
+use Carbon\Carbon;
 use Illuminate\Support\Facades\Lang;
 use Illuminate\Support\Facades\Log;
 use Illuminate\Support\Facades\Response;
 use Illuminate\Support\Facades\View;
 use Input;
 use League\Csv\Reader;
-use App\Models\License;
-use App\Models\Location;
-use App\Models\AssetModel;
-use App\Models\CustomField;
 use Redirect;
-use App\Models\Setting;
-use App\Models\User;
+use Symfony\Component\HttpFoundation\StreamedResponse;

 /**
 * This controller handles all actions related to Reports for
@@ -31,7 +33,7 @@ class ReportsController extends Controller
 {

    /**
-    * Returns a view that displaysthe accessories report.
+    * Returns a view that displays the accessories report.
    *
    * @author [A. Gianotto] [<snipe@snipe.net>]
    * @since [v1.0]
@@ -87,7 +89,7 @@ class ReportsController extends Controller
    }

    /**
-    * Display asset report.
+    * Display asset report view.
    *
    * @author [A. Gianotto] [<snipe@snipe.net>]
    * @since [v1.0]
@@ -96,23 +98,11 @@ class ReportsController extends Controller
    public function getAssetsReport()
    {
        $settings = \App\Models\Setting::first();
-        // Grab all the assets
-        $assets = Asset::with(
-            'model',
-            'assigneduser.userLoc',
-            'assetstatus',
-            'defaultLoc',
-            'assetlog',
-            'supplier',
-            'model.manufacturer',
-            'company'
-        )
-                       ->orderBy('created_at', 'DESC')
-                       ->get();
-
        return View::make('reports/asset', compact('assets'))->with('settings', $settings);
    }

+
+
    /**
    * Exports the assets to CSV
    *
@@ -122,103 +112,76 @@ class ReportsController extends Controller
    */
    public function exportAssetReport()
    {
-        // Grab all the assets
-        $assets = Asset::orderBy('created_at', 'DESC')->get();

-        $rows = [ ];
+         \Debugbar::disable();

-        // Create the header row
-        $header = [
-            trans('admin/hardware/table.asset_tag'),
-            trans('admin/hardware/form.manufacturer'),
-            trans('admin/hardware/form.model'),
-            trans('general.model_no'),
-            trans('general.name'),
-            trans('admin/hardware/table.serial'),
-            trans('general.status'),
-            trans('admin/hardware/table.purchase_date'),
-            trans('admin/hardware/table.purchase_cost'),
-            trans('admin/hardware/form.order'),
-            trans('admin/hardware/form.supplier'),
-            trans('admin/hardware/table.checkoutto'),
-            trans('admin/hardware/table.location'),
-            trans('general.notes'),
-        ];
-        $header = array_map('trim', $header);
-        $rows[] = implode($header, ',');
+        $customfields = CustomField::get();

-        // Create a row per asset
-        foreach ($assets as $asset) {
-            $row   = [ ];
-            $row[] = e($asset->asset_tag);
-            if ($asset->model->manufacturer) {
-                $row[] = e($asset->model->manufacturer->name);
-            } else {
-                $row[] = '';
-            }
-            $row[] = '"' . e($asset->model->name) . '"';
-            $row[] = '"' . e($asset->model->modelno) . '"';
-            $row[] = e($asset->name);
-            $row[] = e($asset->serial);
-            if ($asset->assetstatus) {
-                $row[] = e($asset->assetstatus->name);
-            } else {
-                $row[] = '';
-            }
-            $row[] = $asset->purchase_date;
-            $row[] = '"' . number_format($asset->purchase_cost, 2) . '"';
-            if ($asset->order_number) {
-                $row[] = e($asset->order_number);
-            } else {
-                $row[] = '';
-            }
-            if ($asset->supplier_id) {
-                $row[] = e($asset->supplier->name);
-            } else {
-                $row[] = '';
-            }
+        $response = new StreamedResponse(function() use ($customfields) {
+            // Open output stream
+            $handle = fopen('php://output', 'w');

-            if ($asset->assigned_to > 0) {
-                $user  = User::find($asset->assigned_to);
-                $row[] = e($user->fullName());
-            } else {
-                $row[] = ''; // Empty string if unassigned
-            }
-
-            if (( $asset->assigned_to > 0 ) && ( $asset->assigneduser->location_id > 0 )) {
-                $location = Location::find($asset->assigneduser->location_id);
-                if ($location) {
-                    $row[] = e($location->name);
-                } else {
-                    $row[] = '';
+            Asset::with('assigneduser', 'assetloc','defaultLoc','assigneduser.userloc','model','supplier','assetstatus','model.manufacturer')->orderBy('created_at', 'DESC')->chunk(500, function($assets) use($handle, $customfields) {
+                $headers=[
+                    trans('general.company'),
+                    trans('admin/hardware/table.asset_tag'),
+                    trans('admin/hardware/form.manufacturer'),
+                    trans('admin/hardware/form.model'),
+                    trans('general.model_no'),
+                    trans('general.name'),
+                    trans('admin/hardware/table.serial'),
+                    trans('general.status'),
+                    trans('admin/hardware/table.purchase_date'),
+                    trans('admin/hardware/table.purchase_cost'),
+                    trans('admin/hardware/form.order'),
+                    trans('admin/hardware/form.supplier'),
+                    trans('admin/hardware/table.checkoutto'),
+                    trans('admin/hardware/table.checkout_date'),
+                    trans('admin/hardware/table.location'),
+                    trans('general.notes'),
+                ];
+                foreach($customfields as $field) {
+                    $headers[]=$field->name;
                }
-            } elseif ($asset->rtd_location_id) {
-                $location = Location::find($asset->rtd_location_id);
-                if ($location->name) {
-                    $row[] = e($location->name);
-                } else {
-                    $row[] = '';
+                fputcsv($handle, $headers);
+
+                foreach ($assets as $asset) {
+                    // Add a new row with data
+                    $values=[
+                        ($asset->company) ? $asset->company->name : '',
+                        $asset->asset_tag,
+                        ($asset->model->manufacturer) ? $asset->model->manufacturer->name : '',
+                        ($asset->model) ? $asset->model->name : '',
+                        ($asset->model->modelno) ? $asset->model->modelno : '',
+                        ($asset->name) ? $asset->name : '',
+                        ($asset->serial) ? $asset->serial : '',
+                        ($asset->assetstatus) ? e($asset->assetstatus->name) : '',
+                        ($asset->purchase_date) ? e($asset->purchase_date) : '',
+                        ($asset->purchase_cost > 0) ? Helper::formatCurrencyOutput($asset->purchase_cost) : '',
+                        ($asset->order_number) ? e($asset->order_number) : '',
+                        ($asset->supplier) ? e($asset->supplier->name) : '',
+                        ($asset->assigneduser) ? e($asset->assigneduser->fullName()) : '',
+                        ($asset->last_checkout!='') ? e($asset->last_checkout) : '',
+                        ($asset->assigneduser && $asset->assigneduser->userloc!='') ?
+                            e($asset->assigneduser->userloc->name) : ( ($asset->defaultLoc!='') ? e($asset->defaultLoc->name) : ''),
+                        ($asset->notes) ? e($asset->notes) : '',
+                    ];
+                    foreach($customfields as $field) {
+                        $values[]=$asset->{$field->db_column_name()};
+                    }
+                    fputcsv($handle, $values);
                }
-            } else {
-                $row[] = '';  // Empty string if location is not set
-            }
+            });

-            if ($asset->notes) {
-                $row[] = '"' . e($asset->notes) . '"';
-            } else {
-                $row[] = '';
-            }
-
-            $rows[] = implode($row, ',');
-        }
-
-        // spit out a csv
-        $csv      = implode($rows, "\n");
-        $response = Response::make($csv, 200);
-        $response->header('Content-Type', 'text/csv');
-        $response->header('Content-disposition', 'attachment;filename=report.csv');
+            // Close the output stream
+            fclose($handle);
+        }, 200, [
+            'Content-Type' => 'text/csv',
+            'Content-Disposition' => 'attachment; filename="assets-'.date('Y-m-d-his').'.csv"',
+        ]);

        return $response;
+
    }

    /**
@@ -308,9 +271,9 @@ class ReportsController extends Controller
            }

            $row[] = $asset->purchase_date;
-            $row[] = $currency . number_format($asset->purchase_cost, 2);
-            $row[] = $currency . number_format($asset->getDepreciatedValue(), 2);
-            $row[] = $currency . number_format(( $asset->purchase_cost - $asset->getDepreciatedValue() ), 2);
+            $row[] = $currency . Helper::formatCurrencyOutput($asset->purchase_cost);
+            $row[] = $currency . Helper::formatCurrencyOutput($asset->getDepreciatedValue());
+            $row[] = $currency . Helper::formatCurrencyOutput(( $asset->purchase_cost - $asset->getDepreciatedValue() ));
            $csv->insertOne($row);
        }

@@ -329,11 +292,7 @@ class ReportsController extends Controller
    public function getActivityReport()
    {
        $log_actions = Actionlog::orderBy('created_at', 'DESC')
-                                ->with('adminlog')
-                                ->with('accessorylog')
-                                ->with('assetlog')
-                                ->with('licenselog')
-                                ->with('userlog')
+                                ->with('item')
                                ->orderBy('created_at', 'DESC')
                                ->get();

@@ -341,16 +300,134 @@ class ReportsController extends Controller
    }

    /**
-    * Displays license report
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @since [v1.0]
-    * @return View
-    */
+     * Returns Activity Report JSON.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @return View
+     */
+    public function getActivityReportDataTable()
+    {
+        $activitylogs = Company::scopeCompanyables(Actionlog::with('item', 'user', 'target'))->orderBy('created_at', 'DESC');
+
+        if (Input::has('search')) {
+            $activitylogs = $activitylogs->TextSearch(e(Input::get('search')));
+        }
+
+        if (Input::has('offset')) {
+            $offset = e(Input::get('offset'));
+        } else {
+            $offset = 0;
+        }
+
+        if (Input::has('limit')) {
+            $limit = e(Input::get('limit'));
+        } else {
+            $limit = 50;
+        }
+
+
+        $allowed_columns = ['created_at'];
+        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array(Input::get('sort'), $allowed_columns) ? e(Input::get('sort')) : 'created_at';
+
+
+        $activityCount = $activitylogs->count();
+        $activitylogs = $activitylogs->offset($offset)->limit($limit)->get();
+
+        $rows = array();
+        foreach ($activitylogs as $activity) {
+
+            if ($activity->itemType() == "asset") {
+                $activity_icons = '<i class="fa fa-barcode"></i>';
+            } elseif ($activity->itemType() == "accessory") {
+                $activity_icons = '<i class="fa fa-keyboard-o"></i>';
+            } elseif ($activity->itemType()=="consumable") {
+                $activity_icons = '<i class="fa fa-tint"></i>';
+            } elseif ($activity->itemType()=="license"){
+                $activity_icons = '<i class="fa fa-floppy-o"></i>';
+            } elseif ($activity->itemType()=="component") {
+                $activity_icons = '<i class="fa fa-hdd-o"></i>';
+            } else {
+                $activity_icons = '<i class="fa fa-paperclip"></i>';
+            }
+
+            if (($activity->item) && ($activity->itemType()=="asset")) {
+              $activity_item = '<a href="'.route('view/hardware', $activity->item_id).'">'.e($activity->item->asset_tag).' - '. e($activity->item->showAssetName()).'</a>';
+                $item_type = 'asset';
+            } elseif ($activity->item) {
+                $activity_item = '<a href="' . route('view/' . $activity->itemType(),
+                        $activity->item_id) . '">' . e($activity->item->name) . '</a>';
+                $item_type = $activity->itemType();
+
+            } else {
+                $activity_item = "unkonwn";
+                $item_type = "null";
+            }
+            
+
+            if (($activity->user) && ($activity->action_type=="uploaded") && ($activity->itemType()=="user")) {
+                $activity_target = '<a href="'.route('view/user', $activity->target_id).'">'.$activity->user->fullName().'</a>';
+            } elseif ($activity->target_type === "App\Models\Asset") {
+                if($activity->target) {
+                    $activity_target = '<a href="'.route('view/hardware', $activity->target_id).'">'.$activity->target->showAssetName().'</a>';
+                } else {
+                    $activity_target = "";
+                }
+            } elseif ( $activity->target_type === "App\Models\User") {
+                if($activity->target) {
+                   $activity_target = '<a href="'.route('view/user', $activity->target_id).'">'.$activity->target->fullName().'</a>';
+                } else {
+                    $activity_target = '';
+                }
+            } elseif (($activity->action_type=='accepted') || ($activity->action_type=='declined')) {
+                $activity_target = '<a href="' . route('view/user', $activity->item->assigneduser->id) . '">' . e($activity->item->assigneduser->fullName()) . '</a>';
+
+            } elseif ($activity->action_type=='requested') {
+                if ($activity->user) {
+                    $activity_target =  '<a href="'.route('view/user', $activity->user_id).'">'.$activity->user->fullName().'</a>';
+                } else {
+                    $activity_target = '';
+                }
+            } else {
+                if($activity->target) {
+                    $activity_target = $activity->target->id;
+                } else {
+                    $activity_target = "";
+                }
+            }
+
+            
+            $rows[] = array(
+                'icon'          => $activity_icons,
+                'created_at'    => date("M d, Y g:iA", strtotime($activity->created_at)),
+                'action_type'              => strtolower(trans('general.'.str_replace(' ','_',$activity->action_type))),
+                'admin'         =>  $activity->user ? (string) link_to('/admin/users/'.$activity->user_id.'/view', $activity->user->fullName()) : '',
+                'target'          => $activity_target,
+                'item'          => $activity_item,
+                'item_type'     => $item_type,
+                'note'     => e($activity->note),
+
+            );
+        }
+
+        $data = array('total'=>$activityCount, 'rows'=>$rows);
+
+        return $data;
+
+    }
+
+    /**
+     * Displays license report
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @return View
+     */
    public function getLicenseReport()
    {

-        $licenses = License::orderBy('created_at', 'DESC')
+        $licenses = License::with('depreciation')->orderBy('created_at', 'DESC')
                           ->with('company')
                           ->get();

@@ -377,6 +454,7 @@ class ReportsController extends Controller
            trans('admin/licenses/form.remaining_seats'),
            trans('admin/licenses/form.expiration'),
            trans('admin/licenses/form.date'),
+            trans('admin/licenses/form.depreciation'),
            trans('admin/licenses/form.cost')
        ];

@@ -392,7 +470,8 @@ class ReportsController extends Controller
            $row[] = $license->remaincount();
            $row[] = $license->expiration_date;
            $row[] = $license->purchase_date;
-            $row[] = '"' . number_format($license->purchase_cost, 2) . '"';
+            $row[] = ($license->depreciation!='') ? '' : e($license->depreciation->name);
+            $row[] = '"' . Helper::formatCurrencyOutput($license->purchase_cost) . '"';

            $rows[] = implode($row, ',');
        }
@@ -416,25 +495,29 @@ class ReportsController extends Controller
    public function getCustomReport()
    {
        $customfields = CustomField::get();
-        return View::make('reports/custom')->with('customfields',$customfields);
+        return View::make('reports/custom')->with('customfields', $customfields);
    }

    /**
-    * Exports the custom report to CSV
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see ReportsController::getCustomReport() method that generates form view
-    * @since [v1.0]
-    * @return \Illuminate\Http\Response
-    */
+     * Exports the custom report to CSV
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @see ReportsController::getCustomReport() method that generates form view
+     * @since [v1.0]
+     * @return \Illuminate\Http\Response
+     */
    public function postCustom()
    {
-        $assets = Asset::orderBy('created_at', 'DESC')->get();
+        $assets = Asset::orderBy('created_at', 'DESC')->with('company','assigneduser', 'assetloc','defaultLoc','assigneduser.userloc','model','supplier','assetstatus','model.manufacturer')->get();
        $customfields = CustomField::get();

        $rows   = [ ];
        $header = [ ];

+        if (e(Input::get('company')) == '1') {
+            $header[] = 'Company Name';
+        }
+
        if (e(Input::get('asset_name')) == '1') {
            $header[] = 'Asset Name';
        }
@@ -460,6 +543,9 @@ class ReportsController extends Controller
        if (( e(Input::get('purchase_cost')) == '1' ) && ( e(Input::get('depreciation')) != '1' )) {
            $header[] = 'Purchase Cost';
        }
+        if (e(Input::get('eol')) == '1') {
+            $header[] = 'EOL';
+        }
        if (e(Input::get('order')) == '1') {
            $header[] = 'Order Number';
        }
@@ -487,6 +573,10 @@ class ReportsController extends Controller
            $header[] = 'Value';
            $header[] = 'Diff';
        }
+        if (e(Input::get('expected_checkin')) == '1') {
+            $header[] = trans('admin/hardware/form.expected_checkin');
+        }
+

        foreach ($customfields as $customfield) {
            if (e(Input::get($customfield->db_column_name())) == '1') {
@@ -500,6 +590,11 @@ class ReportsController extends Controller

        foreach ($assets as $asset) {
            $row = [ ];
+
+            if (e(Input::get('company')) == '1') {
+                $row[] = is_null($asset->company) ? '' : '"'.$asset->company->name.'"';
+            }
+
            if (e(Input::get('asset_name')) == '1') {
                $row[] = '"' .e($asset->name) . '"';
            }
@@ -528,7 +623,10 @@ class ReportsController extends Controller
                $row[] = e($asset->purchase_date);
            }
            if (e(Input::get('purchase_cost')) == '1' && ( e(Input::get('depreciation')) != '1' )) {
-                $row[] = '"' . number_format($asset->purchase_cost, 2) . '"';
+                $row[] = '"' . Helper::formatCurrencyOutput($asset->purchase_cost) . '"';
+            }
+            if (e(Input::get('eol')) == '1') {
+                $row[] = '"' .($asset->eol_date()) ? $asset->eol_date() : ''. '"';
            }
            if (e(Input::get('order')) == '1') {
                if ($asset->order_number) {
@@ -538,21 +636,19 @@ class ReportsController extends Controller
                }
            }
            if (e(Input::get('supplier')) == '1') {
-                if ($asset->supplier_id) {
+                if ($asset->supplier) {
                    $row[] = '"' .e($asset->supplier->name) . '"';
                } else {
                    $row[] = '';
                }
            }
+
            if (e(Input::get('location')) == '1') {
                $show_loc = '';
-                if (( $asset->assigned_to > 0 ) && ( $asset->assigneduser->location_id !='' )) {
-                    $location = Location::find($asset->assigneduser->location_id);
-                    if ($location) {
-                        $show_loc .= '"' .e($location->name). '"';
-                    } else {
-                        $show_loc .= 'User location '.$asset->assigneduser->location_id.' is invalid';
-                    }
+
+
+                if (($asset->assigned_to > 0) && ($asset->assigneduser) && ($asset->assigneduser->location)) {
+                    $show_loc .= '"' .e($asset->assigneduser->location->name). '"';
                } elseif ($asset->rtd_location_id!='') {
                    $location = Location::find($asset->rtd_location_id);
                    if ($location) {
@@ -565,19 +661,19 @@ class ReportsController extends Controller
                $row[] = $show_loc;

            }
+
+
            if (e(Input::get('assigned_to')) == '1') {
-                if ($asset->assigned_to > 0) {
-                    $user  = User::find($asset->assigned_to);
-                    $row[] = '"' .e($user->fullName()). '"';
+                if ($asset->assigneduser) {
+                    $row[] = '"' .e($asset->assigneduser->fullName()). '"';
                } else {
                    $row[] = ''; // Empty string if unassigned
                }
            }

            if (e(Input::get('username')) == '1') {
-                if ($asset->assigned_to > 0) {
-                    $user  = User::find($asset->assigned_to);
-                    $row[] = '"' .e($user->username). '"';
+                if ($asset->assigneduser) {
+                    $row[] = '"' .e($asset->assigneduser->username). '"';
                } else {
                    $row[] = ''; // Empty string if unassigned
                }
@@ -605,15 +701,22 @@ class ReportsController extends Controller
            }
            if (e(Input::get('depreciation')) == '1') {
                $depreciation = $asset->getDepreciatedValue();
-                $row[]        = '"' . number_format($asset->purchase_cost, 2) . '"';
-                $row[]        = '"' . number_format($depreciation, 2) . '"';
-                $row[]        = '"' . number_format($asset->purchase_cost - $depreciation, 2) . '"';
+                $row[]        = '"' . Helper::formatCurrencyOutput($asset->purchase_cost) . '"';
+                $row[]        = '"' . Helper::formatCurrencyOutput($depreciation) . '"';
+                $row[]        = '"' . Helper::formatCurrencyOutput($asset->purchase_cost) . '"';
+            }
+            if (e(Input::get('expected_checkin')) == '1') {
+                if ($asset->expected_checkin) {
+                    $row[] = '"' .e($asset->expected_checkin). '"';
+                } else {
+                    $row[] = ''; // Empty string if blankd
+                }
            }

            foreach ($customfields as $customfield) {
                $column_name = $customfield->db_column_name();
                if (e(Input::get($customfield->db_column_name())) == '1') {
-                    $row[] = $asset->$column_name;
+                    $row[] = str_replace(",", "\,", $asset->$column_name);
                }
            }

@@ -626,14 +729,15 @@ class ReportsController extends Controller
            $csv      = implode($rows, "\n");
            $response = Response::make($csv, 200);
            $response->header('Content-Type', 'text/csv');
-            $response->header('Content-disposition', 'attachment;filename=report.csv');
+            $response->header('Content-disposition', 'attachment;filename='.date('Y-m-d-His').'-custom-asset-report.csv');

            return $response;
        } else {
            return redirect()->to("reports/custom")
-                           ->with('error', trans('admin/reports/message.error'));
+                ->with('error', trans('admin/reports/message.error'));
        }
    }
+    

    /**
     * getImprovementsReport
@@ -670,6 +774,7 @@ class ReportsController extends Controller
        $rows = [ ];

        $header = [
+            trans('admin/hardware/table.asset_tag'),
            trans('admin/asset_maintenances/table.asset_name'),
            trans('admin/asset_maintenances/table.supplier_name'),
            trans('admin/asset_maintenances/form.asset_maintenance_type'),
@@ -685,6 +790,7 @@ class ReportsController extends Controller

        foreach ($assetMaintenances as $assetMaintenance) {
            $row   = [ ];
+            $row[] = str_replace(',', '', e($assetMaintenance->asset->asset_tag));
            $row[] = str_replace(',', '', e($assetMaintenance->asset->name));
            $row[] = str_replace(',', '', e($assetMaintenance->supplier->name));
            $row[] = e($assetMaintenance->improvement_type);
@@ -698,7 +804,7 @@ class ReportsController extends Controller
                $improvementTime = intval($assetMaintenance->asset_maintenance_time);
            }
            $row[]  = $improvementTime;
-            $row[]  = trans('general.currency') . number_format($assetMaintenance->cost, 2);
+            $row[]  = trans('general.currency') . Helper::formatCurrencyOutput($assetMaintenance->cost);
            $rows[] = implode($row, ',');
        }

@@ -52,29 +52,18 @@ class SettingsController extends Controller

        $protocol = array_key_exists('HTTPS', $_SERVER) && ( $_SERVER['HTTPS'] == "on") ? 'https://' : 'http://';

-
-        $pageURL = $protocol;
-        if ($_SERVER["SERVER_PORT"] != "80") {
-            $main_page = $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"];
-            $pageURL .= $main_page.$_SERVER["REQUEST_URI"];
-        } else {
-            $main_page = $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
-            $pageURL .= $main_page;
+        $host = $_SERVER['SERVER_NAME'];
+        if (($protocol === 'http://' && $_SERVER['SERVER_PORT'] != '80') || ($protocol === 'https://' && $_SERVER['SERVER_PORT'] != '443')) {
+          $host .= ':' . $_SERVER['SERVER_PORT'];
        }
+        $pageURL = $protocol . $host . $_SERVER['REQUEST_URI'];

-        $start_settings['env_location'] = $pageURL.'../.env';
+        $start_settings['url_valid'] = (config('app.url').'/setup' === $pageURL);

+        $start_settings['url_config'] = config('app.url');
+        $start_settings['real_url'] = $pageURL;

-        if (config('app.url').'/setup'!=$pageURL) {
-            $start_settings['url_valid']= false;
-        } else {
-            $start_settings['url_valid']= true;
-        }
-
-        $start_settings['url_config']= config('app.url');
-        $start_settings['real_url']= $pageURL;
-
-        $exposed_env = @file_get_contents($main_page.'/.env');
+        $exposed_env = @file_get_contents($protocol . $host.'/.env');

        if ($exposed_env) {
            $start_settings['env_exposed'] = true;
@@ -147,7 +136,8 @@ class SettingsController extends Controller
        try {
            Mail::send('emails.test', [], function ($m) {
                $m->to(config('mail.from.address'), config('mail.from.name'));
-                $m->subject('Test Email from Snipe-IT');
+                $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                $m->subject(trans('mail.test_email'));
            });
            return 'success';
        } catch (Exception $e) {
@@ -195,11 +185,12 @@ class SettingsController extends Controller
        } else {
            $user->save();
            $settings->save();
-            
+
            if (Input::get('email_creds')=='1') {
                Mail::send(['text' => 'emails.firstadmin'], $data, function ($m) use ($data) {
                    $m->to($data['email'], $data['first_name']);
-                    $m->subject('Your Snipe-IT credentials');
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.your_credentials'));
                });
            }

@@ -269,10 +260,7 @@ class SettingsController extends Controller
    */
    public function getIndex()
    {
-        // Grab all the settings
        $settings = Setting::all();
-
-        // Show the page
        return View::make('settings/index', compact('settings'));
    }

@@ -323,12 +311,19 @@ class SettingsController extends Controller
                $setting->logo = $file_name;
            }
        }
-        

-        if (config('app.lock_passwords')==false) {
+
+        if (!config('app.lock_passwords')) {
            $setting->site_name = e(Input::get('site_name'));
            $setting->brand = e(Input::get('brand'));
            $setting->custom_css = e(Input::get('custom_css'));
+
+            if (Input::get('two_factor_enabled')=='') {
+                $setting->two_factor_enabled = null;
+            } else {
+                $setting->two_factor_enabled = e(Input::get('two_factor_enabled'));
+            }
+
        }

        if (Input::get('per_page')!='') {
@@ -354,6 +349,7 @@ class SettingsController extends Controller
        $setting->email_domain = e(Input::get('email_domain'));
        $setting->email_format = e(Input::get('email_format'));
        $setting->username_format = e(Input::get('username_format'));
+        $setting->require_accept_signature = e(Input::get('require_accept_signature'));


        $setting->labels_per_page = e(Input::get('labels_per_page'));
@@ -369,6 +365,7 @@ class SettingsController extends Controller
        $setting->labels_pagewidth = e(Input::get('labels_pagewidth'));
        $setting->labels_pageheight = e(Input::get('labels_pageheight'));

+
        if (Input::has('labels_display_name')) {
            $setting->labels_display_name = 1;
        } else {
@@ -388,7 +385,7 @@ class SettingsController extends Controller
        }

        $alert_email = rtrim(Input::get('alert_email'), ',');
-        $alert_email = trim(Input::get('alert_email'));
+        $alert_email = trim($alert_email);

        $setting->alert_email = e($alert_email);
        $setting->alerts_enabled = e(Input::get('alerts_enabled', '0'));
@@ -417,11 +414,10 @@ class SettingsController extends Controller
        $setting->ad_domain = e(Input::get('ad_domain'));
        $setting->is_ad = e(Input::get('is_ad', '0'));
        $setting->ldap_tls = e(Input::get('ldap_tls', '0'));
+        $setting->ldap_pw_sync = e(Input::get('ldap_pw_sync', '0'));

-        // If validation fails, we'll exit the operation now.
        if ($setting->save()) {
            return redirect()->to("admin/settings/app")->with('success', trans('admin/settings/message.update.success'));
-
        } else {
            return redirect()->back()->withInput()->withErrors($setting->getErrors());
        }
@@ -481,7 +477,7 @@ class SettingsController extends Controller

            }
            closedir($handle);
-            $files = array_reverse($files);
+            rsort($files);
        }


@@ -120,6 +120,7 @@ class StatuslabelsController extends Controller
        $statuslabel->pending          =  $statustype['pending'];
        $statuslabel->archived          =  $statustype['archived'];
        $statuslabel->color          =  e(Input::get('color'));
+        $statuslabel->show_in_nav          =  e(Input::get('show_in_nav'),0);


        // Was the asset created?
@@ -208,6 +209,7 @@ class StatuslabelsController extends Controller
        $statuslabel->pending          =  $statustype['pending'];
        $statuslabel->archived          =  $statustype['archived'];
        $statuslabel->color          =  e(Input::get('color'));
+        $statuslabel->show_in_nav          =  e(Input::get('show_in_nav'),0);


        // Was the asset created?
@@ -258,7 +260,7 @@ class StatuslabelsController extends Controller

    public function getDatatable()
    {
-        $statuslabels = Statuslabel::select(array('id','name','deployable','pending','archived','color'))
+        $statuslabels = Statuslabel::select(array('id','name','deployable','pending','archived','color','show_in_nav'))
        ->whereNull('deleted_at');

        if (Input::has('search')) {
@@ -314,6 +316,7 @@ class StatuslabelsController extends Controller
                'type'          => e($label_type),
                'name'          => e($statuslabel->name),
                'color'          => $color,
+                'show_in_nav' => ($statuslabel->show_in_nav=='1') ? trans('general.yes') : trans('general.no'),
                'actions'       => $actions
            );
        }
@@ -242,7 +242,7 @@ class SuppliersController extends Controller

    public function getDatatable()
    {
-        $suppliers = Supplier::select(array('id','name','address','address2','city','state','country','fax', 'phone','email','contact'))
+        $suppliers = Supplier::with('assets', 'licenses')->select(array('id','name','address','address2','city','state','country','fax', 'phone','email','contact'))
        ->whereNull('deleted_at');

        if (Input::has('search')) {
@@ -283,8 +283,8 @@ class SuppliersController extends Controller
                'phone'             => e($supplier->phone),
                'fax'             => e($supplier->fax),
                'email'             => ($supplier->email!='') ? '<a href="mailto:'.e($supplier->email).'">'.e($supplier->email).'</a>' : '',
-                'assets'            => $supplier->num_assets(),
-                'licenses'          => $supplier->num_licenses(),
+                'assets'            => $supplier->assets->count(),
+                'licenses'          => $supplier->licenses->count(),
                'actions'           => $actions
            );
        }
@@ -14,6 +14,7 @@ use App\Models\Setting;
 use App\Models\Statuslabel;
 use App\Http\Requests\SaveUserRequest;
 use App\Http\Requests\UpdateUserRequest;
+use Symfony\Component\HttpFoundation\StreamedResponse;
 use App\Models\User;
 use App\Models\Ldap;
 use Auth;
@@ -81,6 +82,7 @@ class UsersController extends Controller

        $permissions = config('permissions');
        $userPermissions = Helper::selectedPermissionsArray($permissions, Input::old('permissions', array()));
+        $permissions = $this->filterDisplayable($permissions);

        $location_list = Helper::locationsList();
        $manager_list = Helper::managerList();
@@ -123,7 +125,16 @@ class UsersController extends Controller
        $user->company_id = e(Company::getIdForUser($request->input('company_id')));
        $user->manager_id = e($request->input('manager_id'));
        $user->notes = e($request->input('notes'));
-        $user->permissions = json_encode($request->input('permission'));
+
+        // Strip out the superuser permission if the user isn't a superadmin
+        $permissions_array = $request->input('permission');
+
+        if (!Auth::user()->isSuperUser()) {
+            unset($permissions_array['superuser']);
+        }
+
+        $user->permissions =  json_encode($permissions_array);
+


        if ($user->manager_id == "") {
@@ -157,7 +168,8 @@ class UsersController extends Controller

                Mail::send('emails.send-login', $data, function ($m) use ($user) {
                    $m->to($user->email, $user->first_name . ' ' . $user->last_name);
-                    $m->subject('Welcome ' . $user->first_name);
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.welcome', ['name' => $user->first_name]));
                });
            }
            return redirect::route('users')->with('success', trans('admin/users/message.success.create'));
@@ -209,7 +221,8 @@ class UsersController extends Controller

                Mail::send('emails.send-login', $data, function ($m) use ($user) {
                    $m->to($user->email, $user->first_name . ' ' . $user->last_name);
-                    $m->subject('Welcome ' . $user->first_name);
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.welcome', ['name' => $user->first_name]));
                });
            }

@@ -231,6 +244,17 @@ class UsersController extends Controller
    * @param int $id
    * @return View
    */
+
+    private function filterDisplayable($permissions) {
+        $output = null;
+        foreach($permissions as $key=>$permission) {
+                $output[$key] = array_filter($permission, function($p) {
+                    return $p['display'] === true;
+                });
+            }
+        return $output;
+    }
+
    public function getEdit($id = null)
    {
        try {
@@ -247,7 +271,7 @@ class UsersController extends Controller
            $userGroups = $user->groups()->pluck('name', 'id');
            $user->permissions = $user->decodePermissions();
            $userPermissions = Helper::selectedPermissionsArray($permissions, $user->permissions);
-
+            $permissions = $this->filterDisplayable($permissions);
            $location_list = Helper::locationsList();
            $company_list = Helper::companyList();
            $manager_list = Helper::managerList();
@@ -280,33 +304,48 @@ class UsersController extends Controller
        // permissions here before we update the user.
        $permissions = $request->input('permissions', array());
        app('request')->request->set('permissions', $permissions);
-
        // Only update the email address if locking is set to false
        if (config('app.lock_passwords')) {
            return redirect()->route('users')->with('error', 'Denied! You cannot update user information on the demo.');
        }

        try {
-            // Get the user information
+
            $user = User::find($id);

+            // Figure out of this user was an admin before this edit
+            $orig_permissions_array = $user->decodePermissions();
+
+            if (is_array($orig_permissions_array)) {
+                if (array_key_exists('superuser', $orig_permissions_array)) {
+                    $orig_superuser = $orig_permissions_array['superuser'];
+                } else {
+                    $orig_superuser = '0';
+                }
+            } else {
+                $orig_superuser = '0';
+            }
+
+
            if (!Company::isCurrentUserHasAccess($user)) {
                return redirect()->route('users')->with('error', trans('general.insufficient_permissions'));
            }
+            
        } catch (UserNotFoundException $e) {
-            // Prepare the error message
            $error = trans('admin/users/message.user_not_found', compact('id'));
-
-            // Redirect to the user management page
            return redirect()->route('users')->with('error', $error);
        }

-        // First handle anything exclusive to editing.
-        if ($request->has('groups')) {
-            $user->groups()->sync($request->input('groups'));
-        } else {
-            $user->groups()->sync(array());
+
+        // Only save groups if the user is a super user
+        if (Auth::user()->isSuperUser()) {
+            if ($request->has('groups')) {
+                $user->groups()->sync($request->input('groups'));
+            } else {
+                $user->groups()->sync(array());
+            }
        }
+
        // Do we want to update the user password?
        if ($request->has('password')) {
            $user->password = bcrypt($request->input('password'));
@@ -320,6 +359,7 @@ class UsersController extends Controller
       // Update the user
        $user->first_name = e($request->input('first_name'));
        $user->last_name = e($request->input('last_name'));
+        $user->two_factor_optin = e($request->input('two_factor_optin'));
        $user->locale = e($request->input('locale'));
        $user->employee_num = e($request->input('employee_num'));
        $user->activated = e($request->input('activated', $user->activated));
@@ -329,8 +369,17 @@ class UsersController extends Controller
        $user->company_id = e(Company::getIdForUser($request->input('company_id')));
        $user->manager_id = e($request->input('manager_id'));
        $user->notes = e($request->input('notes'));
-        $user->permissions = json_encode($request->input('permission'));

+        // Strip out the superuser permission if the user isn't a superadmin
+        $permissions_array = $request->input('permission');
+
+        if (!Auth::user()->isSuperUser()) {
+            unset($permissions_array['superuser']);
+            $permissions_array['superuser'] = $orig_superuser;
+       }
+
+
+        $user->permissions =  json_encode($permissions_array);

        if ($user->manager_id == "") {
            $user->manager_id = null;
@@ -495,9 +544,10 @@ class UsersController extends Controller

                    // Update the asset log
                    $logaction = new Actionlog();
-                    $logaction->asset_id = $asset->id;
-                    $logaction->checkedout_to = $asset->assigned_to;
-                    $logaction->asset_type = 'hardware';
+                    $logaction->item_id = $asset->id;
+                    $logaction->item_type = Asset::class;
+                    $logaction->target_id = $asset->assigned_to;
+                    $logaction->target_type = User::class;
                    $logaction->user_id = Auth::user()->id;
                    $logaction->note = 'Bulk checkin asset and delete user';
                    $logaction->logaction('checkin from');
@@ -514,9 +564,10 @@ class UsersController extends Controller
                    $accessory_array[] = $accessory->accessory_id;
                    // Update the asset log
                    $logaction = new Actionlog();
-                    $logaction->accessory_id = $accessory->id;
-                    $logaction->checkedout_to = $accessory->assigned_to;
-                    $logaction->asset_type = 'accessory';
+                    $logaction->item_id = $accessory->id;
+                    $logaction->item_type = Accessory::class;
+                    $logaction->target_id = $accessory->assigned_to;
+                    $logaction->target_type = User::class;
                    $logaction->user_id = Auth::user()->id;
                    $logaction->note = 'Bulk checkin accessory and delete user';
                    $logaction->logaction('checkin from');
@@ -528,9 +579,10 @@ class UsersController extends Controller
                    $license_array[] = $license->id;
                    // Update the asset log
                    $logaction = new Actionlog();
-                    $logaction->asset_id = $license->id;
-                    $logaction->checkedout_to = $license->assigned_to;
-                    $logaction->asset_type = 'software';
+                    $logaction->item_id = $license->id;
+                    $logaction->item_type = License::class;
+                    $logaction->target_id = $license->assigned_to;
+                    $logaction->target_type = User::class;
                    $logaction->user_id = Auth::user()->id;
                    $logaction->note = 'Bulk checkin license and delete user';
                    $logaction->logaction('checkin from');
@@ -598,7 +650,7 @@ class UsersController extends Controller

        $user = User::with('assets', 'assets.model', 'consumables', 'accessories', 'licenses', 'userloc')->withTrashed()->find($userId);

-        $userlog = $user->userlog->load('assetlog', 'consumablelog', 'assetlog.model', 'licenselog', 'accessorylog', 'userlog', 'adminlog');
+        $userlog = $user->userlog->load('item');

        if (isset($user->id)) {

@@ -809,7 +861,7 @@ class UsersController extends Controller
                            'phone' => trim(e($row[5])),
                            'jobtitle' => trim(e($row[6])),
                            'employee_num' => trim(e($row[7])),
-                            //'company_id' => Company::getIdForUser($row[8]),
+                            'company_id' => Company::getIdForUser($row[8]),
                            'permissions' => '{"user":1}',
                            'notes' => 'Imported user'
                        );
@@ -829,7 +881,8 @@ class UsersController extends Controller
                                if ($newuser['email']) {
                                    Mail::send('emails.send-login', $data, function ($m) use ($newuser) {
                                        $m->to($newuser['email'], $newuser['first_name'] . ' ' . $newuser['last_name']);
-                                        $m->subject('Welcome ' . $newuser['first_name']);
+                                        $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                                        $m->subject(trans('mail.welcome', ['name' => $newuser['first_name']]));
                                    });
                                }
                            }
@@ -875,7 +928,7 @@ class UsersController extends Controller
            $sort = e(Input::get('sort'));
        }

-        $users = User::select(array('users.id','users.employee_num','users.email','users.username','users.location_id','users.manager_id','users.first_name','users.last_name','users.created_at','users.notes','users.company_id', 'users.deleted_at','users.activated'))
+        $users = User::select(array('users.id','users.employee_num','users.two_factor_enrolled','users.jobtitle','users.email','users.username','users.location_id','users.manager_id','users.first_name','users.last_name','users.created_at','users.notes','users.company_id', 'users.deleted_at','users.activated'))
        ->with('assets', 'accessories', 'consumables', 'licenses', 'manager', 'groups', 'userloc', 'company','throttle');
        $users = Company::scopeCompanyables($users);

@@ -901,8 +954,9 @@ class UsersController extends Controller
            default:
                $allowed_columns =
                [
-                 'last_name','first_name','email','username','employee_num',
-                 'assets','accessories', 'consumables','licenses','groups','activated','created_at'
+                 'last_name','first_name','email','jobtitle','username','employee_num',
+                 'assets','accessories', 'consumables','licenses','groups','activated','created_at',
+                 'two_factor_enrolled','two_factor_optin'
                ];

                $sort = in_array($sort, $allowed_columns) ? $sort : 'first_name';
@@ -952,7 +1006,7 @@ class UsersController extends Controller
                            $actions .= ' <span class="btn delete-asset btn-danger btn-sm disabled"><i class="fa fa-trash icon-white"></i></span>';
                        }
                    } else {
-                        $actions.='foo';
+                        $actions.='';
                    }
                }

@@ -961,14 +1015,15 @@ class UsersController extends Controller
            $rows[] = array(
                'id'         => $user->id,
                'checkbox'      => ($status!='deleted') ? '<div class="text-center hidden-xs hidden-sm"><input type="checkbox" name="edit_user['.e($user->id).']" class="one_required"></div>' : '',
-                'name'          => '<a title="'.e($user->fullName()).'" href="../admin/users/'.e($user->id).'/view">'.e($user->fullName()).'</a>',
+                'name'          => '<a title="'.e($user->fullName()).'" href="'.config('app.url').'/admin/users/'.e($user->id).'/view">'.e($user->fullName()).'</a>',
+                'jobtitle'          => e($user->jobtitle),
                'email'         => ($user->email!='') ?
                            '<a href="mailto:'.e($user->email).'" class="hidden-md hidden-lg">'.e($user->email).'</a>'
                            .'<a href="mailto:'.e($user->email).'" class="hidden-xs hidden-sm"><i class="fa fa-envelope"></i></a>'
                            .'</span>' : '',
                'username'         => e($user->username),
                'location'      => ($user->userloc) ? e($user->userloc->name) : '',
-                'manager'         => ($user->manager) ? '<a title="' . e($user->manager->fullName()) . '" href="users/' . e($user->manager->id) . '/view">' . e($user->manager->fullName()) . '</a>' : '',
+                'manager'         => ($user->manager) ? '<a title="' . e($user->manager->fullName()) . '" href="'.config('app.url').'/' . e($user->manager->id) . '/view">' . e($user->manager->fullName()) . '</a>' : '',
                'assets'        => $user->assets->count(),
                'employee_num'  => e($user->employee_num),
                'licenses'        => $user->licenses->count(),
@@ -976,8 +1031,10 @@ class UsersController extends Controller
                'consumables'        => $user->consumables->count(),
                'groups'        => $group_names,
                'notes'         => e($user->notes),
+                'two_factor_enrolled'        => ($user->two_factor_enrolled=='1') ? '<i class="fa fa-check text-success"></i>' : '<i class="fa fa-times  text-danger"></i>',
+                'two_factor_optin'        => (($user->two_factor_optin=='1') || (Setting::getSettings()->two_factor_enabled=='2') ) ? '<i class="fa fa-check text-success"></i>' : '<i class="fa fa-times  text-danger"></i>',
                'created_at' => ($user->created_at!='')  ? e($user->created_at->format('F j, Y h:iA')) : '',
-                'activated'      => ($user->activated=='1') ? '<i class="fa fa-check"></i>' : '<i class="fa fa-times"></i>',
+                'activated'      => ($user->activated=='1') ? '<i class="fa fa-check text-success"></i>' : '<i class="fa fa-times  text-danger"></i>',
                'actions'       => ($actions) ? $actions : '',
                'companyName'   => is_null($user->company) ? '' : e($user->company->name)
            );
@@ -1017,12 +1074,12 @@ class UsersController extends Controller

              //Log the deletion of seats to the log
                $logaction = new Actionlog();
-                $logaction->asset_id = $user->id;
-                $logaction->asset_type = 'user';
+                $logaction->item_id = $user->id;
+                $logaction->item_type = User::class;
                $logaction->user_id = Auth::user()->id;
                $logaction->note = e(Input::get('notes'));
-                $logaction->checkedout_to = null;
-                $logaction->created_at = date("Y-m-d h:i:s");
+                $logaction->target_id = null;
+                $logaction->created_at = date("Y-m-d H:i:s");
                $logaction->filename = $filename;
                $logaction->action_type = 'uploaded';
                $logaction->save();
@@ -1262,4 +1319,110 @@ class UsersController extends Controller
        $assets = Asset::where('assigned_to', '=', $userId)->with('model')->get();
        return response()->json($assets);
    }
+
+    /**
+     * Exports users to CSV
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.5]
+     * @return \Illuminate\Http\Response
+     */
+    public function getExportUserCsv()
+    {
+
+        \Debugbar::disable();
+
+
+        $response = new StreamedResponse(function() {
+            // Open output stream
+            $handle = fopen('php://output', 'w');
+
+            User::with('assets', 'accessories', 'consumables', 'licenses', 'manager', 'groups', 'userloc', 'company','throttle')->orderBy('created_at', 'DESC')->chunk(500, function($users) use($handle) {
+                $headers=[
+                    // strtolower to prevent Excel from trying to open it as a SYLK file
+                    strtolower(trans('general.id')),
+                    trans('admin/companies/table.title'),
+                    trans('admin/users/table.title'),
+                    trans('admin/users/table.employee_num'),
+                    trans('admin/users/table.name'),
+                    trans('admin/users/table.username'),
+                    trans('admin/users/table.email'),
+                    trans('admin/users/table.manager'),
+                    trans('admin/users/table.location'),
+                    trans('general.assets'),
+                    trans('general.licenses'),
+                    trans('general.accessories'),
+                    trans('general.consumables'),
+                    trans('admin/users/table.groups'),
+                    trans('general.notes'),
+                    trans('admin/users/table.activated'),
+                    trans('general.created_at')
+                ];
+                
+                fputcsv($handle, $headers);
+
+                foreach ($users as $user) {
+                    $user_groups = '';
+
+                    foreach ($user->groups as $user_group) {
+                        $user_groups .= $user_group->name.', ';
+                    }
+
+                    // Add a new row with data
+                    $values = [
+                        $user->id,
+                        ($user->company) ? $user->company->name : '',
+                        $user->jobtitle,
+                        $user->employee_num,
+                        $user->fullName(),
+                        $user->username,
+                        $user->email,
+                        ($user->manager) ? $user->manager->fullName() : '',
+                        ($user->location) ? $user->location->name : '',
+                        $user->assets->count(),
+                        $user->licenses->count(),
+                        $user->accessories->count(),
+                        $user->consumables->count(),
+                        $user_groups,
+                        $user->notes,
+                        ($user->activated=='1') ?  trans('general.yes') : trans('general.no'),
+                        $user->created_at,
+
+                    ];
+
+                    fputcsv($handle, $values);
+                }
+            });
+
+            // Close the output stream
+            fclose($handle);
+        }, 200, [
+            'Content-Type' => 'text/csv',
+            'Content-Disposition' => 'attachment; filename="users-'.date('Y-m-d-his').'.csv"',
+        ]);
+
+        return $response;
+
+    }
+
+
+    public function postTwoFactorReset(Request $request)
+    {
+        if (Gate::denies('users.edit')) {
+            return response()->json(['message' => trans('general.insufficient_permissions')], 500);
+        }
+
+        try {
+            $user = User::find($request->get('id'));
+            $user->two_factor_secret = null;
+            $user->two_factor_enrolled = 0;
+            $user->save();
+            return response()->json(['message' => trans('admin/settings/general.two_factor_reset_success')], 200);
+        } catch (\Exception $e) {
+            return response()->json(['message' => trans('admin/settings/general.two_factor_reset_error')], 500);
+        }
+
+    }
+
+
 }
@@ -4,12 +4,14 @@ namespace App\Http\Controllers;
 use App\Models\Accessory;
 use App\Models\Actionlog;
 use App\Models\Asset;
+use App\Models\AssetModel;
+use App\Models\CheckoutRequest;
 use App\Models\Company;
-use App\Models\Consumable;
 use App\Models\Component;
+use App\Models\Consumable;
+use App\Models\License;
 use App\Models\Setting;
 use App\Models\User;
-use App\Models\License;
 use Auth;
 use Config;
 use DB;
@@ -20,6 +22,7 @@ use Redirect;
 use Slack;
 use Validator;
 use View;
+use Illuminate\Http\Request;

 /**
 * This controller handles all actions related to the ability for users
@@ -37,11 +40,18 @@ class ViewAssetsController extends Controller
    public function getIndex()
    {

-        $user = User::with('assets', 'assets.model', 'consumables', 'accessories', 'licenses', 'userloc')->withTrashed()->find(Auth::user()->id);
-
-        $userlog = $user->userlog->load('assetlog', 'consumablelog', 'assetlog.model', 'licenselog', 'accessorylog', 'userlog', 'adminlog');
+        $user = User::with(
+            'assets',
+            'assets.model',
+            'consumables',
+            'accessories',
+            'licenses',
+            'userloc',
+            'userlog'
+        )->withTrashed()->find(Auth::user()->id);


+        $userlog = $user->userlog->load('item', 'user', 'target');

        if (isset($user->id)) {
            return View::make('account/view-assets', compact('user', 'userlog'));
@@ -60,11 +70,132 @@ class ViewAssetsController extends Controller
    {

        $assets = Asset::with('model', 'defaultLoc', 'assetloc', 'assigneduser')->Hardware()->RequestableAssets()->get();
+        $models = AssetModel::with('category')->RequestableModels()->get();

-        return View::make('account/requestable-assets', compact('user', 'assets'));
+        return View::make('account/requestable-assets', compact('user', 'assets', 'models'));
+    }
+
+    public function getRequestedIndex()
+    {
+        $requestedItems = CheckoutRequest::with('user', 'requestedItem')->get();
+        return View::make('admin/requested-assets', compact('requestedItems'));
    }


+    public function getRequestItem($itemType, $itemId = null)
+    {
+        $item = null;
+        $fullItemType = 'App\\Models\\' . studly_case($itemType);
+        if ($itemType == "asset_model") {
+            $itemType = "model";
+        }
+        $item = call_user_func(array($fullItemType, 'find'), $itemId);
+        $user = Auth::user();
+        $quantity = $data['item_quantity'] = Input::has('request-quantity') ? e(Input::get('request-quantity')) : 1;
+
+        $logaction = new Actionlog();
+        $logaction->item_id = $data['asset_id'] = $item->id;
+        $logaction->item_type = $fullItemType;
+        $logaction->created_at = $data['requested_date'] = date("Y-m-d H:i:s");
+        if ($user->location_id) {
+            $logaction->location_id = $user->location_id;
+        }
+        $logaction->target_id = $data['user_id'] = Auth::user()->id;
+        $logaction->target_type = User::class;
+
+        $data['requested_by'] = $user->fullName();
+        $data['item_name'] = $item->name;
+        $data['item_type'] = $itemType;
+
+        if ($fullItemType == Asset::class) {
+            $data['item_url'] = route('view/hardware', $item->id);
+            $slackMessage = ' Asset <'.config('app.url').'/hardware/'.$item->id.'/view'.'|'.$item->showAssetName().'> requested by <'.config('app.url').'/users/'.$item->user_id.'/view'.'|'.$user->fullName().'>.';
+        } else {
+            $data['item_url'] = route("view/${itemType}", $item->id);
+            $slackMessage = $quantity. ' ' . class_basename(strtoupper($logaction->item_type)).' <'.$data['item_url'].'|'.$item->name.'> requested by <'.config('app.url').'/user/'.$item->id.'/view'.'|'.$user->fullName().'>.';
+        }
+
+        $settings = Setting::getSettings();
+
+        if ($settings->slack_endpoint) {
+
+            $slack_settings = [
+                'username' => $settings->botname,
+                'channel' => $settings->slack_channel,
+                'link_names' => true
+            ];
+
+            $slackClient = new \Maknz\Slack\Client($settings->slack_endpoint, $slack_settings);
+        }
+
+        if ($item->isRequestedBy($user)) {
+
+            $item->cancelRequest();
+            $log = $logaction->logaction('request_canceled');
+
+            if (($settings->alert_email!='')  && ($settings->alerts_enabled=='1') && (!config('app.lock_passwords'))) {
+                Mail::send('emails.asset-canceled', $data, function ($m) use ($user, $settings) {
+                    $m->to(explode(',', $settings->alert_email), $settings->site_name);
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.Item_Request_Canceled'));
+                });
+            }
+
+            if ($settings->slack_endpoint) {
+                try {
+                        $slackClient->attach([
+                            'color' => 'good',
+                            'fields' => [
+                                [
+                                    'title' => 'CANCELED:',
+                                    'value' => $slackMessage
+                                ]
+
+                            ]
+                        ])->send('Item Request Canceled');
+
+                } catch (Exception $e) {
+
+                }
+            }
+
+            return redirect()->route('requestable-assets')->with('success')->with('success', trans('admin/hardware/message.requests.canceled'));
+
+        } else {
+            $item->request();
+
+            $log = $logaction->logaction('requested');
+
+
+            if (($settings->alert_email!='')  && ($settings->alerts_enabled=='1') && (!config('app.lock_passwords'))) {
+                Mail::send('emails.asset-requested', $data, function ($m) use ($user, $settings) {
+                    $m->to(explode(',', $settings->alert_email), $settings->site_name);
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.Item_Requested'));
+                });
+            }
+
+            if ($settings->slack_endpoint) {
+                try {
+                        $slackClient->attach([
+                            'color' => 'good',
+                            'fields' => [
+                                [
+                                    'title' => 'REQUESTED:',
+                                    'value' => $slackMessage
+                                ]
+
+                            ]
+                        ])->send('Item Requested');
+
+                } catch (Exception $e) {
+
+                }
+            }
+
+            return redirect()->route('requestable-assets')->with('success')->with('success', trans('admin/hardware/message.requests.success'));
+        }
+    }
    public function getRequestAsset($assetId = null)
    {

@@ -76,17 +207,23 @@ class ViewAssetsController extends Controller
            return redirect()->route('requestable-assets')->with('error', trans('admin/hardware/message.does_not_exist_or_not_requestable'));
        } elseif (!Company::isCurrentUserHasAccess($asset)) {
            return redirect()->route('requestable-assets')->with('error', trans('general.insufficient_permissions'));
+        }
+        // If it's requested, cancel the request.
+        if ($asset->isRequestedBy(Auth::user())) {
+            $asset->cancelRequest();
+            return redirect()->route('requestable-assets')->with('success')->with('success', trans('admin/hardware/message.requests.success'));
        } else {

            $logaction = new Actionlog();
-            $logaction->asset_id = $data['asset_id'] = $asset->id;
-            $logaction->asset_type = $data['asset_type']  = 'hardware';
-            $logaction->created_at = $data['requested_date'] = date("Y-m-d h:i:s");
-
+            $logaction->item_id = $data['asset_id'] = $asset->id;
+            $logaction->item_type = Asset::class;
+            $logaction->created_at = $data['requested_date'] = date("Y-m-d H:i:s");
+            $data['asset_type'] = 'hardware';
            if ($user->location_id) {
                $logaction->location_id = $user->location_id;
            }
-            $logaction->user_id = $data['user_id'] = Auth::user()->id;
+            $logaction->target_id = $data['user_id'] = Auth::user()->id;
+            $logaction->target_type = User::class;
            $log = $logaction->logaction('requested');

            $data['requested_by'] = $user->fullName();
@@ -97,10 +234,13 @@ class ViewAssetsController extends Controller
            if (($settings->alert_email!='')  && ($settings->alerts_enabled=='1') && (!config('app.lock_passwords'))) {
                Mail::send('emails.asset-requested', $data, function ($m) use ($user, $settings) {
                    $m->to(explode(',', $settings->alert_email), $settings->site_name);
-                    $m->subject('Asset Requested');
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.asset_requested'));
                });
            }

+            $asset->request();
+

            if ($settings->slack_endpoint) {

@@ -119,7 +259,7 @@ class ViewAssetsController extends Controller
                            'fields' => [
                                [
                                    'title' => 'REQUESTED:',
-                                    'value' => strtoupper($logaction->asset_type).' asset <'.config('app.url').'/hardware/'.$asset->id.'/view'.'|'.$asset->showAssetName().'> requested by <'.config('app.url').'/hardware/'.$asset->id.'/view'.'|'.Auth::user()->fullName().'>.'
+                                    'value' => class_basename(strtoupper($logaction->item_type)).' asset <'.config('app.url').'/hardware/'.$asset->id.'/view'.'|'.$asset->showAssetName().'> requested by <'.config('app.url').'/hardware/'.$asset->id.'/view'.'|'.Auth::user()->fullName().'>.'
                                ]

                            ]
@@ -137,41 +277,36 @@ class ViewAssetsController extends Controller

    }

+    public function getRequestedAssets()
+    {
+        $checkoutrequests = CheckoutRequest::all();
+
+        return View::make('account/requested-items', compact($checkoutrequests));
+    }
+


    // Get the acceptance screen
    public function getAcceptAsset($logID = null)
    {

-        if (!$findlog = DB::table('asset_logs')->where('id', '=', $logID)->first()) {
+        if (!$findlog = Actionlog::where('id', $logID)->first()) {
            echo 'no record';
            //return redirect()->to('account')->with('error', trans('admin/hardware/message.does_not_exist'));
        }

+        if ($findlog->accepted_id!='') {
+            return redirect()->to('account/view-assets')->with('error', trans('admin/users/message.error.asset_already_accepted'));
+        }

        $user = Auth::user();

-        if ($user->id != $findlog->checkedout_to) {
+
+        if ($user->id != $findlog->item->assigned_to) {
            return redirect()->to('account/view-assets')->with('error', trans('admin/users/message.error.incorrect_user_accepted'));
        }

-        // Asset
-        if (($findlog->asset_id!='') && ($findlog->asset_type=='hardware')) {
-            $item = Asset::find($findlog->asset_id);
-
-        // software
-        } elseif (($findlog->asset_id!='') && ($findlog->asset_type=='software')) {
-            $item = License::find($findlog->asset_id);
-        // accessories
-        } elseif ($findlog->accessory_id!='') {
-            $item = Accessory::find($findlog->accessory_id);
-        // consumable
-        } elseif ($findlog->consumable_id!='') {
-            $item = Consumable::find($findlog->consumable_id);
-        // components
-        } elseif ($findlog->component_id!='') {
-            $item = Component::find($findlog->component_id);
-        }
+        $item = $findlog->item;

        // Check if the asset exists
        if (is_null($item)) {
@@ -180,20 +315,20 @@ class ViewAssetsController extends Controller
        } elseif (!Company::isCurrentUserHasAccess($item)) {
            return redirect()->route('requestable-assets')->with('error', trans('general.insufficient_permissions'));
        } else {
-            return View::make('account/accept-asset', compact('item'))->with('findlog', $findlog);
+            return View::make('account/accept-asset', compact('item'))->with('findlog', $findlog)->with('item',$item);
        }
    }

    // Save the acceptance
-    public function postAcceptAsset($logID = null)
+    public function postAcceptAsset(Request $request, $logID = null)
    {

        // Check if the asset exists
-        if (is_null($findlog = DB::table('asset_logs')->where('id', '=', $logID)->first())) {
+        if (is_null($findlog = Actionlog::where('id', $logID)->first())) {
            // Redirect to the asset management page
            return redirect()->to('account/view-assets')->with('error', trans('admin/hardware/message.does_not_exist'));
        }
-        
+

        if ($findlog->accepted_id!='') {
            // Redirect to the asset management page
@@ -201,15 +336,25 @@ class ViewAssetsController extends Controller
        }

        if (!Input::has('asset_acceptance')) {
-            return redirect()->to('account/view-assets')->with('error', trans('admin/users/message.error.accept_or_decline'));
+            return redirect()->back()->with('error', trans('admin/users/message.error.accept_or_decline'));
        }

        $user = Auth::user();

-        if ($user->id != $findlog->checkedout_to) {
+        if ($user->id != $findlog->item->assigned_to) {
            return redirect()->to('account/view-assets')->with('error', trans('admin/users/message.error.incorrect_user_accepted'));
        }

+        if ($request->has('signature_output')) {
+            $path = config('app.private_uploads').'/signatures';
+            $sig_filename = "siglog-".$findlog->id.'-'.date('Y-m-d-his').".png";
+            $data_uri = e($request->get('signature_output'));
+            $encoded_image = explode(",", $data_uri);
+            $decoded_image = base64_decode($encoded_image[1]);
+            file_put_contents($path."/".$sig_filename, $decoded_image);
+        }
+
+
        $logaction = new Actionlog();

        if (Input::get('asset_acceptance')=='accepted') {
@@ -221,61 +366,34 @@ class ViewAssetsController extends Controller
            $accepted="rejected";
            $return_msg = trans('admin/users/message.declined');
        }
+            $logaction->item_id      = $findlog->item_id;
+            $logaction->item_type    = $findlog->item_type;

        // Asset
-        if (($findlog->asset_id!='') && ($findlog->asset_type=='hardware')) {
-            $logaction->asset_id = $findlog->asset_id;
-            $logaction->accessory_id = null;
-            $logaction->asset_type = 'hardware';
-
+        if (($findlog->item_id!='') && ($findlog->item_type==Asset::class)) {
            if (Input::get('asset_acceptance')!='accepted') {
                DB::table('assets')
-                ->where('id', $findlog->asset_id)
+                ->where('id', $findlog->item_id)
                ->update(array('assigned_to' => null));
            }
-
-
-        // software
-        } elseif (($findlog->asset_id!='') && ($findlog->asset_type=='software')) {
-            $logaction->asset_id = $findlog->asset_id;
-            $logaction->accessory_id = null;
-            $logaction->component_id = null;
-            $logaction->asset_type = 'software';
-
-        // accessories
-        } elseif ($findlog->accessory_id!='') {
-            $logaction->asset_id = null;
-            $logaction->component_id = null;
-            $logaction->accessory_id = $findlog->accessory_id;
-            $logaction->asset_type = 'accessory';
-            // accessories
-        } elseif ($findlog->consumable_id!='') {
-            $logaction->asset_id = null;
-            $logaction->accessory_id = null;
-            $logaction->component_id = null;
-            $logaction->consumable_id = $findlog->consumable_id;
-            $logaction->asset_type = 'consumable';
-        } elseif ($findlog->component_id!='') {
-            $logaction->asset_id = null;
-            $logaction->accessory_id = null;
-            $logaction->consumable_id = null;
-            $logaction->component_id = $findlog->component_id;
-            $logaction->asset_type = 'component';
        }

-        $logaction->checkedout_to = $findlog->checkedout_to;
-
+        $logaction->target_id = $findlog->target_id;
        $logaction->note = e(Input::get('note'));
-        $logaction->user_id = $user->id;
-        $logaction->accepted_at = date("Y-m-d h:i:s");
+        $logaction->updated_at = date("Y-m-d H:i:s");
+
+
+        if ($sig_filename) {
+            $logaction->accept_signature = $sig_filename;
+        }
        $log = $logaction->logaction($logaction_msg);

-        $update_checkout = DB::table('asset_logs')
+        $update_checkout = DB::table('action_logs')
        ->where('id', $findlog->id)
        ->update(array('accepted_id' => $logaction->id));

-            $affected_asset=$logaction->assetlog;
-            $affected_asset->accepted=$accepted;
+            $affected_asset = $logaction->item;
+            $affected_asset->accepted = $accepted;
            $affected_asset->save();

        if ($update_checkout) {
@@ -14,7 +14,7 @@ class Kernel extends HttpKernel
     * @var array
     */
    protected $middleware = [
-        \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
+        \MisterPhilip\MaintenanceMode\Http\Middleware\CheckForMaintenanceMode::class,
        \Illuminate\Session\Middleware\StartSession::class,
        \Illuminate\View\Middleware\ShareErrorsFromSession::class,
        \App\Http\Middleware\FrameGuard::class,
@@ -35,6 +35,7 @@ class Kernel extends HttpKernel
            \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
            \App\Http\Middleware\VerifyCsrfToken::class,
            \App\Http\Middleware\CheckLocale::class,
+            \App\Http\Middleware\CheckForTwoFactor::class,
        ],

        'api' => [
@@ -23,7 +23,7 @@ class CheckForSetup
            }

        } else {
-            if (!$request->is('setup*')) {
+            if (!($request->is('setup*')) && !($request->is('.env'))) {
                return redirect(config('app.url').'/setup')->with('Request', $request);
            }

@@ -0,0 +1,52 @@
+<?php
+namespace App\Http\Middleware;
+
+use App\Models\Setting;
+use Auth;
+use Closure;
+use Illuminate\Support\Facades\Schema;
+use Log;
+
+class CheckForTwoFactor
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+
+        // Skip the logic if the user is on the two factor pages
+        if (($request->route()->getName()=='two-factor') || ($request->route()->getName()=='two-factor-enroll') || ($request->route()->getName()=='logout')) {
+            return $next($request);
+        }
+
+        // Two-factor is enabled (either optional or required)
+        if (Schema::hasTable('settings')) {
+            if (Auth::check() && (Setting::getSettings()->two_factor_enabled!='')) {
+
+                // This user is already 2fa-authed
+                if ($request->session()->get('2fa_authed')) {
+                    return $next($request);
+                }
+
+                // Two-factor is optional and the user has NOT opted in, let them through
+                if ((Setting::getSettings()->two_factor_enabled=='1') && (Auth::user()->two_factor_optin!='1')) {
+                    return $next($request);
+                }
+
+                // Otherwise make sure they're enrolled and show them the 2FA code screen
+                if ((Auth::user()->two_factor_secret!='') && (Auth::user()->two_factor_enrolled=='1')) {
+                    return redirect()->route('two-factor')->with('info', 'Please enter your two-factor authentication code.');
+                }
+
+                return redirect()->route('two-factor-enroll')->with('success', 'Please enroll a device in two-factor authentication.');
+            }
+        }
+        return $next($request);
+
+    }
+}
@@ -22,7 +22,8 @@ class CheckPermissions
   */
    public function handle($request, Closure $next, $section = null)
    {
-        
+
+
        if (Gate::allows($section)) {
            return $next($request);
        }
@@ -15,7 +15,10 @@ class FrameGuard
    public function handle($request, Closure $next)
    {
        $response = $next($request);
-        $response->headers->set('X-Frame-Options', 'SAMEORIGIN', false);
+        if (config('app.allow_iframing') == false) {
+            $response->headers->set('X-Frame-Options', 'SAMEORIGIN', false);
+        }
        return $response;
+
    }
 }
@@ -18,7 +18,7 @@ class RedirectIfAuthenticated
    public function handle($request, Closure $next, $guard = null)
    {
        if (Auth::guard($guard)->check()) {
-            return redirect('/');
+            return redirect()->intended('/');
        }

        return $next($request);
@@ -37,6 +37,7 @@ class AssetRequest extends Request
          'supplier_id'     => 'integer',
          'status'          => 'integer',
          'asset_tag'       => 'required',
+          'purchase_cost'   => 'numeric',
    
        ];

@@ -25,10 +25,10 @@ class SaveUserRequest extends Request
    {
        return [
            'first_name'              => 'required|string|min:1',
-            'last_name'               => 'required|string|min:1',
            'email'                   => 'email',
            'password'                => 'required|min:6',
            'password_confirm'        => 'sometimes|required_with:password',
+            'username'                => 'required|string|min:2|unique:users,username,NULL,deleted_at',
        ];
    }
 }
@@ -1,6 +1,7 @@
 <?php
-use App\Models\Statuslabel;
+use App\Models\CheckoutRequest;
 use App\Models\Location;
+use App\Models\Statuslabel;

 /*
 |--------------------------------------------------------------------------
@@ -78,7 +79,7 @@ Route::group([ 'prefix' => 'api', 'middleware' => 'auth' ], function () {
    /*---Manufacturers API---*/
    Route::group(array('prefix'=>'manufacturers'), function () {
        Route::get('list', array('as'=>'api.manufacturers.list', 'uses'=>'ManufacturersController@getDatatable'));
-        Route::get('{manufacturerID}/view', array('as'=>'api.manufacturers.view', 'uses'=>'ManufacturersController@getDataView'));
+        Route::get('{manufacturerID}/view/{itemtype}', array('as'=>'api.manufacturers.view', 'uses'=>'ManufacturersController@getDataView'));
    });

    /*---Suppliers API---*/
@@ -89,6 +90,7 @@ Route::group([ 'prefix' => 'api', 'middleware' => 'auth' ], function () {
    /*---Users API---*/
    Route::group([ 'prefix' => 'users' ], function () {
        Route::post('/', [ 'as' => 'api.users.store', 'uses' => 'UsersController@store' ]);
+        Route::post('two_factor_reset', [ 'as' => 'api.users.two_factor_reset', 'uses' => 'UsersController@postTwoFactorReset' ]);
        Route::get('list/{status?}', [ 'as' => 'api.users.list', 'uses' => 'UsersController@getDatatable' ]);
        Route::get('{userId}/assets', [ 'as' => 'api.users.assetlist', 'uses' => 'UsersController@getAssetList' ]);
        Route::post('{userId}/upload', [ 'as' => 'upload/user', 'uses' => 'UsersController@postUpload' ]);
@@ -187,6 +189,19 @@ Route::group(
    'auth']],
    function () {

+        Route::get('history', [
+            'as' => 'asset.import-history',
+            'middleware' => 'authorize:assets.checkout',
+            'uses' => 'AssetsController@getImportHistory'
+        ]);
+
+        Route::post('history', [
+            'as' => 'asset.process-import-history',
+            'middleware' => 'authorize:assets.checkout',
+            'uses' => 'AssetsController@postImportHistory'
+        ]);
+
+
        Route::get('create/{model?}', [
                'as'   => 'create/hardware',
                'middleware' => 'authorize:assets.create',
@@ -280,9 +295,13 @@ Route::group(
                'uses' => 'AssetsController@getDeleteImportFile'
        ]);

-        Route::get( 'import/process/{filename}', [ 'as' => 'assets/import/process-file',
+        Route::post( 'import/process/', [ 'as' => 'assets/import/process-file',
                'middleware' => 'authorize:assets.create',
-                'uses' => 'AssetsController@getProcessImportFile'
+                'uses' => 'AssetsController@postProcessImportFile'
+        ]);
+        Route::get( 'import/delete/{filename}', [ 'as' => 'assets/import/delete-file',
+                'middleware' => 'authorize:assets.create', // TODO What permissions should this require?
+                'uses' => 'AssetsController@getDeleteImportFile'
        ]);

        Route::get('import',[
@@ -336,19 +355,19 @@ Route::group(
        ]);

        # Asset Model Management
-        Route::group([ 'prefix' => 'models', 'middleware' => 'auth' ], function () {
+        Route::group([ 'prefix' => 'models', 'middleware' => ['auth'] ], function () {

-            Route::get('/', [ 'as' => 'models', 'uses' => 'AssetModelsController@getIndex' ]);
-            Route::get('create', [ 'as' => 'create/model', 'uses' => 'AssetModelsController@getCreate' ]);
+            Route::get('create', [ 'as' => 'create/model', 'uses' => 'AssetModelsController@getCreate', 'middleware' => ['authorize:superuser'] ]);
            Route::post('create', 'AssetModelsController@postCreate');
-            Route::get('{modelId}/edit', [ 'as' => 'update/model', 'uses' => 'AssetModelsController@getEdit' ]);
-            Route::post('{modelId}/edit', 'AssetModelsController@postEdit');
+            Route::get('{modelId}/edit', [ 'as' => 'update/model', 'uses' => 'AssetModelsController@getEdit' , 'middleware' => ['authorize:superuser']]);
+            Route::post('{modelId}/edit', [ 'uses' => 'AssetModelsController@postEdit', 'middleware' => ['authorize:superuser']]);
            Route::get('{modelId}/clone', [ 'as' => 'clone/model', 'uses' => 'AssetModelsController@getClone' ]);
            Route::post('{modelId}/clone', 'AssetModelsController@postCreate');
-            Route::get('{modelId}/delete', [ 'as' => 'delete/model', 'uses' => 'AssetModelsController@getDelete' ]);
+            Route::get('{modelId}/delete', [ 'as' => 'delete/model', 'uses' => 'AssetModelsController@getDelete', 'middleware' => ['authorize:superuser'] ]);
            Route::get('{modelId}/view', [ 'as' => 'view/model', 'uses' => 'AssetModelsController@getView' ]);
-            Route::get('{modelID}/restore', [ 'as' => 'restore/model', 'uses' => 'AssetModelsController@getRestore' ]);
+            Route::get('{modelID}/restore', [ 'as' => 'restore/model', 'uses' => 'AssetModelsController@getRestore', 'middleware' => ['authorize:superuser'] ]);
            Route::get('{modelId}/custom_fields', ['as' => 'custom_fields/model','uses' => 'AssetModelsController@getCustomFields']);
+            Route::get('/', [ 'as' => 'models', 'uses' => 'AssetModelsController@getIndex' ,'middleware' => ['authorize:superuser'] ]);
        });

        Route::get('/', [
@@ -360,6 +379,30 @@ Route::group(
    }
 );

+/*
+|--------------------------------------------------------------------------
+| Log Routes
+|--------------------------------------------------------------------------
+|
+| Register all the admin routes.
+|
+*/
+
+Route::group(['middleware' => 'auth'], function () {
+
+    Route::get(
+        'display-sig/{filename}',
+        [
+            'as' => 'log.signature.view',
+            'middleware' => 'authorize:assets.view',
+            'uses' => 'ActionlogController@displaySig' ]
+    );
+
+
+});
+
+
+
 /*
 |--------------------------------------------------------------------------
 | Admin Routes
@@ -371,6 +414,14 @@ Route::group(

 Route::group([ 'prefix' => 'admin','middleware' => ['web','auth']], function () {

+    Route::get('requests',
+        // foreach( CheckoutRequest::with('user')->get() as $requestedItem) {
+        //     echo $requestedItem->user->username . ' requested ' . $requestedItem->requestedItem->name;
+            [
+            'as' => 'requests',
+            'middleware' => 'authorize:admin',
+            'uses' => 'ViewAssetsController@getRequestedIndex'
+            ]);
    # Licenses
    Route::group([ 'prefix' => 'licenses', 'middleware'=>'authorize:licenses.view' ], function () {

@@ -704,7 +755,7 @@ Route::group([ 'prefix' => 'admin','middleware' => ['web','auth']], function ()
                [ 'as' => 'update/location', 'uses' => 'LocationsController@getEdit' ]
            );
            Route::post('{locationId}/edit', 'LocationsController@postEdit');
-            Route::get('{locationId}/view', 'LocationsController@getView');
+            Route::get('{locationId}/view', [ 'as' => 'view/location', 'uses' => 'LocationsController@getView' ]);
            Route::get(
                '{locationId}/delete',
                [ 'as' => 'delete/location', 'uses' => 'LocationsController@getDelete' ]
@@ -748,6 +799,7 @@ Route::group([ 'prefix' => 'admin','middleware' => ['web','auth']], function ()
        Route::post('create', [ 'uses' => 'UsersController@postCreate', 'middleware' => ['authorize:users.edit']  ]);
        Route::get('import', [ 'as' => 'import/user', 'uses' => 'UsersController@getImport', 'middleware' => ['authorize:users.edit']  ]);
        Route::post('import', [ 'uses' => 'UsersController@postImport', 'middleware' => ['authorize:users.edit']  ]);
+        Route::get('export', [ 'uses' => 'UsersController@getExportUserCsv', 'middleware' => ['authorize:users.view']  ]);
        Route::get('{userId}/edit', [ 'as' => 'update/user', 'uses' => 'UsersController@getEdit', 'middleware' => ['authorize:users.edit']  ]);
        Route::post('{userId}/edit', [ 'uses' => 'UsersController@postEdit', 'middleware' => ['authorize:users.edit']  ]);
        Route::get('{userId}/clone', [ 'as' => 'clone/user', 'uses' => 'UsersController@getClone', 'middleware' => ['authorize:users.edit']  ]);
@@ -841,6 +893,11 @@ Route::group([ 'prefix' => 'account', 'middleware' => ['web', 'auth']], function
        [ 'as' => 'account/request-asset', 'uses' => 'ViewAssetsController@getRequestAsset' ]
    );

+    Route::post(
+        'request/{itemType}/{itemId}',
+        [ 'as' => 'account/request-item', 'uses' => 'ViewAssetsController@getRequestItem']
+    );
+
    # Account Dashboard
    Route::get('/', [ 'as' => 'account', 'uses' => 'ViewAssetsController@getIndex' ]);

@@ -893,6 +950,12 @@ Route::group(['middleware' => ['web','auth','authorize:reports.view']], function
        'reports/activity',
        [ 'as' => 'reports/activity', 'uses' => 'ReportsController@getActivityReport' ]
    );
+
+    Route::get(
+        'reports/activity/json',
+        [ 'as' => 'api.activity.list', 'uses' => 'ReportsController@getActivityReportDataTable' ]
+    );
+    
    Route::get(
        'reports/unaccepted_assets',
        [ 'as' => 'reports/unaccepted_assets', 'uses' => 'ReportsController@getAssetAcceptanceReport' ]
@@ -959,6 +1022,29 @@ Route::group([ 'prefix' => 'setup', 'middleware' => 'web'], function () {

 });

+Route::get(
+    'two-factor-enroll',
+    [
+        'as' => 'two-factor-enroll',
+        'middleware' => ['web'],
+        'uses' => 'Auth\AuthController@getTwoFactorEnroll' ]
+);
+
+Route::get(
+    'two-factor',
+    [
+        'as' => 'two-factor',
+        'middleware' => ['web'],
+        'uses' => 'Auth\AuthController@getTwoFactorAuth' ]
+);
+
+Route::post(
+    'two-factor',
+    [
+        'as' => 'two-factor',
+        'middleware' => ['web'],
+        'uses' => 'Auth\AuthController@postTwoFactorAuth' ]
+);

 Route::get(
    '/',
@@ -968,8 +1054,24 @@ Route::get(
    'uses' => 'DashboardController@getIndex' ]
 );

+
+
 Route::group(['middleware' => 'web'], function () {
    Route::auth();
+    Route::get(
+        'login',
+        [
+            'as' => 'login',
+            'middleware' => ['web'],
+            'uses' => 'Auth\AuthController@showLoginForm' ]
+    );
+    Route::get(
+        'logout',
+        [
+            'as' => 'logout',
+            'uses' => 'Auth\AuthController@logout' ]
+    );
+
 });

 Route::get('home', function () {
@@ -1,6 +1,7 @@
 <?php
 namespace App\Models;

+use App\Models\Loggable;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;
 use Watson\Validating\ValidatingTrait;
@@ -12,8 +13,9 @@ use Watson\Validating\ValidatingTrait;
 */
 class Accessory extends Model
 {
-    use SoftDeletes;
    use CompanyableTrait;
+    use Loggable;
+    use SoftDeletes;

    protected $dates = ['deleted_at'];
    protected $table = 'accessories';
@@ -22,11 +24,12 @@ class Accessory extends Model
    * Accessory validation rules
    */
    public $rules = array(
-      'name'        => 'required|min:3|max:255',
-      'qty'         => 'required|integer|min:1',
-      'category_id' => 'required|integer',
-      'company_id'  => 'integer',
-      'min_amt'     => 'integer|min:1',
+        'name'              => 'required|min:3|max:255',
+        'qty'               => 'required|integer|min:1',
+        'category_id'       => 'required|integer',
+        'company_id'        => 'integer',
+        'min_amt'           => 'integer|min:0',
+        'purchase_cost'     => 'numeric',
    );


@@ -67,7 +70,7 @@ class Accessory extends Model
    */
    public function assetlog()
    {
-        return $this->hasMany('\App\Models\Actionlog', 'accessory_id')->where('asset_type', '=', 'accessory')->orderBy('created_at', 'desc')->withTrashed();
+        return $this->hasMany('\App\Models\Actionlog', 'item_id')->where('item_type', Accessory::class)->orderBy('created_at', 'desc')->withTrashed();
    }


@@ -81,6 +84,11 @@ class Accessory extends Model
        return $this->belongsToMany('\App\Models\User', 'accessories_users', 'accessory_id', 'assigned_to')->count();
    }

+    public function manufacturer()
+    {
+        return $this->belongsTo('\App\Models\Manufacturer', 'manufacturer_id');
+    }
+
    public function checkin_email()
    {
        return $this->category->checkin_email;
@@ -2,9 +2,9 @@
 namespace App\Models;

 use Illuminate\Database\Eloquent\Model;
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Log;
 use Illuminate\Database\Eloquent\SoftDeletes;
+use Illuminate\Support\Facades\Auth;
+use Response;

 /**
 * Model for the Actionlog (the table that keeps a historical log of
@@ -12,110 +12,96 @@ use Illuminate\Database\Eloquent\SoftDeletes;
 *
 * @version    v1.0
 */
-class Actionlog extends Model implements ICompanyableChild
+class Actionlog extends Model
 {
    use SoftDeletes;
-    use CompanyableChildTrait;

    protected $dates = [ 'deleted_at' ];

-    protected $table      = 'asset_logs';
+    protected $table      = 'action_logs';
    public $timestamps = true;
-    protected $fillable   = [ 'created_at', 'asset_type' ];
+    protected $fillable   = [ 'created_at', 'item_type','user_id','item_id','action_type','note','target_id', 'target_type' ];

-    public function getCompanyableParents()
+    // Overridden from Builder to automatically add the company
+    public static function boot()
    {
-        return [ 'accessorylog', 'assetlog', 'licenselog', 'consumablelog' ];
+        parent::boot();
+        static::creating( function (Actionlog $actionlog) {
+            // If the admin is a superadmin, let's see if the target instead has a company.
+            if (Auth::user() && Auth::user()->isSuperUser()) {
+                if ($actionlog->target) {
+                    $actionlog->company_id = $actionlog->target->company_id;
+                } else if ($actionlog->item) {
+                    $actionlog->company_id = $actionlog->item->company_id;
+                }
+            } else if (Auth::user() && Auth::user()->company) {
+                $actionlog->company_id = Auth::user()->company_id;
+            }
+        });
+    }
+    // Eloquent Relationships below
+    public function item()
+    {
+        return $this->morphTo('item')->withTrashed();
    }

-    public function assetlog()
+    public function company() {
+        return $this->hasMany('\App\Models\Company', 'id','company_id');
+    }
+
+    public function itemType()
    {

-        return $this->belongsTo('\App\Models\Asset', 'asset_id')
-                    ->withTrashed();
+        if($this->item_type == AssetModel::class) {
+            return "model";
+        }
+        return camel_case(class_basename($this->item_type));
    }

    public function uploads()
    {
-
-        return $this->belongsTo('\App\Models\Asset', 'asset_id')
+        return $this->morphTo('item')
                    ->where('action_type', '=', 'uploaded')
                    ->withTrashed();
    }

-    public function licenselog()
-    {
-
-        return $this->belongsTo('\App\Models\License', 'asset_id')
-                    ->withTrashed();
-    }
-
-    public function componentlog()
-    {
-
-        return $this->belongsTo('\App\Models\Component', 'component_id')
-            ->withTrashed();
-    }
-
-    public function accessorylog()
-    {
-
-        return $this->belongsTo('\App\Models\Accessory', 'accessory_id')
-                    ->withTrashed();
-    }
-
-    public function consumablelog()
-    {
-
-        return $this->belongsTo('\App\Models\Consumable', 'consumable_id')
-                    ->withTrashed();
-    }
-
-    public function adminlog()
-    {
-
-        return $this->belongsTo('\App\Models\User', 'user_id')
-                    ->withTrashed();
-    }
-
    public function userlog()
    {
+        return $this->target();
+    }

-        return $this->belongsTo('\App\Models\User', 'checkedout_to')
+    public function user()
+    {
+        return $this->belongsTo(User::class, 'user_id')
                    ->withTrashed();
    }

-    public function userasassetlog()
+    public function target()
    {
-
-        return $this->belongsTo('\App\Models\User', 'asset_id')
-            ->withTrashed();
+        return $this->morphTo('target');
    }

    public function childlogs()
    {
-
        return $this->hasMany('\App\Models\ActionLog', 'thread_id');
    }

    public function parentlog()
    {
-
        return $this->belongsTo('\App\Models\ActionLog', 'thread_id');
    }

    /**
       * Check if the file exists, and if it does, force a download
       **/
-    public function get_src($type = 'assets')
+    public function get_src($type = 'assets', $fieldname = 'filename')
    {
-
-        $file = config('app.private_uploads') . '/' . $type . '/' . $this->filename;
-
+        $file = config('app.private_uploads') . '/' . $type . '/' . $this->{$fieldname};
        return $file;
-
    }

+
+
    /**
       * Get the parent category name
       */
@@ -141,44 +127,36 @@ class Actionlog extends Model implements ICompanyableChild
    public function getListingOfActionLogsChronologicalOrder()
    {

-        return DB::table('asset_logs')
-                 ->select('*')
+        return $this->all()
                 ->where('action_type', '!=', 'uploaded')
-                 ->orderBy('asset_id', 'asc')
+                 ->orderBy('item_id', 'asc')
                 ->orderBy('created_at', 'asc')
                 ->get();
    }

    /**
-       * getLatestCheckoutActionForAssets
-       *
-       * @return mixed
-       * @author  Vincent Sposato <vincent.sposato@gmail.com>
-       * @version v1.0
-       */
-    public function getLatestCheckoutActionForAssets()
+     * Query builder scope to search on text for complex Bootstrap Tables API
+     *
+     * @param  Illuminate\Database\Query\Builder  $query  Query builder instance
+     * @param  text                              $search      Search term
+     *
+     * @return Illuminate\Database\Query\Builder          Modified query builder
+     */
+    public function scopeTextSearch($query, $search)
    {
+        $search = explode(' OR ', $search);

-        return DB::table('asset_logs')
-                 ->select(DB::raw('asset_id, MAX(created_at) as last_created'))
-                 ->where('action_type', '=', 'checkout')
-                 ->groupBy('asset_id')
-                 ->get();
-    }
+        return $query->where(function ($query) use ($search) {

-    /**
-       * scopeCheckoutWithoutAcceptance
-       *
-       * @param $query
-       *
-       * @return mixed
-       * @author  Vincent Sposato <vincent.sposato@gmail.com>
-       * @version v1.0
-       */
-    public function scopeCheckoutWithoutAcceptance($query)
-    {
+            foreach ($search as $search) {
+                $query->where(function ($query) use ($search) {
+                    $query->whereHas('company', function ($query) use ($search) {
+                        $query->where('companies.name', 'LIKE', '%'.$search.'%');
+                    });
+                })->orWhere('action_type', 'LIKE', '%'.$search.'%')
+                    ->orWhere('note', 'LIKE', '%'.$search.'%');
+            }

-        return $query->where('action_type', '=', 'checkout')
-                     ->where('accepted_id', '=', null);
+        });
    }
 }
@@ -1,20 +1,22 @@
 <?php
 namespace App\Models;

+use App\Helpers\Helper;
+use App\Http\Traits\UniqueUndeletedTrait;
 use App\Models\Actionlog;
 use App\Models\Company;
 use App\Models\Location;
+use App\Models\Loggable;
+use App\Models\Requestable;
+use App\Models\Setting;
+use Auth;
 use Config;
+use DateTime;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;
 use Log;
 use Parsedown;
 use Watson\Validating\ValidatingTrait;
-use App\Http\Traits\UniqueUndeletedTrait;
-use DateTime;
-use App\Models\Setting;
-use App\Helpers\Helper;
-use Auth;

 /**
 * Model for Assets.
@@ -23,7 +25,9 @@ use Auth;
 */
 class Asset extends Depreciable
 {
+    use Loggable;
    use SoftDeletes;
+    use Requestable;

  /**
  * The database table used by the model.
@@ -55,6 +59,7 @@ class Asset extends Depreciable
    'supplier_id'     => 'integer',
    'asset_tag'       => 'required|min:1|max:255|unique_undeleted',
    'status'          => 'integer',
+    'purchase_cost'   => 'numeric',
    ];


@@ -72,22 +77,36 @@ class Asset extends Depreciable
    }


-
+    public function availableForCheckout()
+    {
+      return (
+          empty($this->assigned_to) &&
+          $this->assetstatus->deployable == 1 &&
+          empty($this->deleted_at)
+        );
+    }

  /**
  * Checkout asset
  */
    public function checkOutToUser($user, $admin, $checkout_at = null, $expected_checkin = null, $note = null, $name = null)
    {
+        if (!$user) {
+            return false;
+        }

        if ($expected_checkin) {
-            $this->expected_checkin = $expected_checkin ;
+            $this->expected_checkin = $expected_checkin;
        }

        $this->last_checkout = $checkout_at;

        $this->assigneduser()->associate($user);
-        $this->name = $name;
+
+        if($name != null)
+        {
+            $this->name = $name;
+        }

        $settings = Setting::getSettings();

@@ -95,9 +114,7 @@ class Asset extends Depreciable
            $this->accepted="pending";
        }

-        if (!$user) {
-            return false;
-        }
+

        if ($this->save()) {

@@ -135,7 +152,8 @@ class Asset extends Depreciable

            \Mail::send('emails.accept-asset', $data, function ($m) use ($user) {
                $m->to($user->email, $user->first_name . ' ' . $user->last_name);
-                $m->subject('Confirm asset delivery');
+                $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                $m->subject(trans('mail.Confirm_asset_delivery'));
            });
        }

@@ -196,10 +214,12 @@ class Asset extends Depreciable
    {

        $logaction = new Actionlog();
-        $logaction->asset_id = $this->id;
-        $logaction->checkedout_to = $this->assigned_to;
-        $logaction->asset_type = 'hardware';
+        $logaction->item_type = Asset::class;
+        $logaction->item_id = $this->id;
+        $logaction->target_type = User::class;
+        $logaction->target_id = $this->assigned_to;
        $logaction->note = $note;
+        $logaction->user_id = $admin->id;
        if ($checkout_at!='') {
            $logaction->created_at = \Carbon\Carbon::createFromFormat('Y-m-d H:i:s', date('Y-m-d H:i:s', strtotime($checkout_at)));
        } else {
@@ -212,15 +232,10 @@ class Asset extends Depreciable
            }
        } else {
            // Update the asset data to null, since it's being checked in
-            $logaction->checkedout_to = $asset->assigned_to;
-            $logaction->checkedout_to = '';
-            $logaction->asset_id = $asset->id;
+            $logaction->target_id = '';
            $logaction->location_id = null;
-            $logaction->asset_type = 'hardware';
-            $logaction->note = $note;
-            $logaction->user_id = $admin->id;
        }
-        $logaction->adminlog()->associate($admin);
+        $logaction->user()->associate($admin);
        $log = $logaction->logaction($action);

        return $logaction;
@@ -257,8 +272,8 @@ class Asset extends Depreciable
    public function uploads()
    {

-        return $this->hasMany('\App\Models\Actionlog', 'asset_id')
-                  ->where('asset_type', '=', 'hardware')
+        return $this->hasMany('\App\Models\Actionlog', 'item_id')
+                  ->where('item_type', '=', Asset::class)
                  ->where('action_type', '=', 'uploaded')
                  ->whereNotNull('filename')
                  ->orderBy('created_at', 'desc');
@@ -295,8 +310,8 @@ class Asset extends Depreciable
   */
    public function assetlog()
    {
-        return $this->hasMany('\App\Models\Actionlog', 'asset_id')
-                  ->where('asset_type', '=', 'hardware')
+        return $this->hasMany('\App\Models\Actionlog', 'item_id')
+                  ->where('item_type', '=', Asset::class)
                  ->orderBy('created_at', 'desc')
                  ->withTrashed();
    }
@@ -563,12 +578,12 @@ public function checkin_email()
    public function scopeAssetsByLocation($query, $location)
    {
        return $query->where(function ($query) use ($location) {
-        
+
            $query->whereHas('assigneduser', function ($query) use ($location) {
-            
+
                $query->where('users.location_id', '=', $location->id);
            })->orWhere(function ($query) use ($location) {
-            
+
                $query->where('assets.rtd_location_id', '=', $location->id);
                $query->whereNull('assets.assigned_to');
            });
@@ -615,6 +630,23 @@ public function checkin_email()
        });
    }

+    /**
+     * Query builder scope for non-Archived assets
+     *
+     * @param  Illuminate\Database\Query\Builder $query Query builder instance
+     *
+     * @return Illuminate\Database\Query\Builder          Modified query builder
+     */
+
+    public function scopeNotArchived($query)
+    {
+
+        return $query->whereHas('assetstatus', function ($query) {
+
+            $query->where('archived', '=', 0);
+        });
+    }
+
  /**
   * Query builder scope for Archived assets
   *
@@ -828,17 +860,17 @@ public function checkin_email()
    }


-        /**
-        * Query builder scope to order on assigned user
-        *
-        * @param  Illuminate\Database\Query\Builder  $query  Query builder instance
-        * @param  text                              $order       Order
-        *
-        * @return Illuminate\Database\Query\Builder          Modified query builder
-        */
+    /**
+    * Query builder scope to order on assigned user
+    *
+    * @param  Illuminate\Database\Query\Builder  $query  Query builder instance
+    * @param  text                              $order       Order
+    *
+    * @return Illuminate\Database\Query\Builder          Modified query builder
+    */
    public function scopeOrderAssigned($query, $order)
    {
-        return $query->join('users', 'assets.assigned_to', '=', 'users.id')->orderBy('users.first_name', $order)->orderBy('users.last_name', $order);
+        return $query->leftJoin('users', 'assets.assigned_to', '=', 'users.id')->select('assets.*')->orderBy('users.first_name', $order)->orderBy('users.last_name', $order);
    }

    /**
@@ -1,6 +1,7 @@
 <?php
 namespace App\Models;

+use App\Models\Requestable;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;
 use Watson\Validating\ValidatingTrait;
@@ -14,6 +15,7 @@ use Watson\Validating\ValidatingTrait;
 class AssetModel extends Model
 {
    use SoftDeletes;
+    use Requestable;
    protected $dates = ['deleted_at'];
    protected $table = 'models';

@@ -131,6 +133,22 @@ class AssetModel extends Model
        return $query->whereIn('category_id', $categoryIdListing);
    }

+    /**
+     * scopeRequestable
+     * Get all models that are requestable by a user.
+     *
+     * @param       $query
+     *
+     * @return $query
+     * @author  Daniel Meltzer <parallelgrapefruit@gmail.com
+     * @version v3.5
+     */
+    public function scopeRequestableModels($query)
+    {
+
+        return $query->where('requestable', '1');
+    }
+
    /**
    * Query builder scope to search on text
    *
@@ -0,0 +1,59 @@
+<?php
+
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Model;
+
+class CheckoutRequest extends Model
+{
+    //
+    protected $fillable = ['user_id'];
+    protected $table = 'checkout_requests';
+
+    public function user()
+    {
+        return $this->belongsTo(User::class);
+    }
+
+    public function requestingUser()
+    {
+        return $this->user()->first();
+    }
+
+    public function requestedItem()
+    {
+        return $this->morphTo('requestable');
+    }
+
+    public function itemRequested() // Workaround for laravel polymorphic issue that's not being solved :(
+    {
+        return $this->requestedItem()->first();
+    }
+
+    public function itemType()
+    {
+        return snake_case(class_basename($this->requestable_type));
+    }
+
+    public function location()
+    {
+        if ($this->itemType() == "asset") {
+            $asset = $this->itemRequested();
+            if ($asset->assigneduser && $asset->assetloc) {
+                return $asset->assetloc;
+            } elseif ($asset->defaultLoc) {
+                return $asset->defaultLoc;
+            }
+        }
+        return $this->itemRequested()->location;
+    }
+
+    public function name()
+    {
+        if ($this->itemType() == "asset") {
+            return $this->itemRequested()->showAssetName();
+        }
+        return $this->itemRequested()->name;
+
+    }
+}
@@ -136,7 +136,8 @@ final class Company extends Model

    public static function scopeCompanyables($query, $column = 'company_id')
    {
-        if (!static::isFullMultipleCompanySupportEnabled() || (Auth::check() && Auth::user()->isSuperUser())) {
+        // If not logged in and hitting this, assume we are on the command line and don't scope?'
+        if (!static::isFullMultipleCompanySupportEnabled() || (Auth::check() && Auth::user()->isSuperUser()) || (!Auth::check())) {
            return $query;
        } else {
            return static::scopeCompanyablesDirectly($query, $column);
@@ -176,4 +177,27 @@ final class Company extends Model
            return e($company->name);
        }
    }
+
+    public function users() {
+        return $this->hasMany(User::class);
+    }
+
+    public function assets() {
+        return $this->hasMany(Asset::class);
+    }
+
+    public function licenses() {
+        return $this->hasMany(License::class);
+    }
+    public function accessories() {
+        return $this->hasMany(Accessory::class);
+    }
+
+    public function consumables() {
+        return $this->hasMany(Consumable::class);
+    }
+
+    public function components() {
+        return $this->hasMany(Component::class);
+    }
 }
@@ -1,12 +1,13 @@
 <?php
 namespace App\Models;

-use App\Models\User;
-use App\Models\ConsumableAssignment;
-use App\Models\Company;
-use App\Models\Location;
-use App\Models\Category;
 use App\Models\ActionLog;
+use App\Models\Category;
+use App\Models\Company;
+use App\Models\ConsumableAssignment;
+use App\Models\Location;
+use App\Models\Loggable;
+use App\Models\User;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;
 use Watson\Validating\ValidatingTrait;
@@ -18,8 +19,9 @@ use Watson\Validating\ValidatingTrait;
 */
 class Component extends Model
 {
-    use SoftDeletes;
    use CompanyableTrait;
+    use Loggable;
+    use SoftDeletes;

    protected $dates = ['deleted_at'];
    protected $table = 'components';
@@ -34,6 +36,7 @@ class Component extends Model
        'category_id' => 'required|integer',
        'company_id'  => 'integer',
        'purchase_date'  => 'date',
+        'purchase_cost'   => 'numeric',
    );

    /**
@@ -84,7 +87,7 @@ class Component extends Model
    */
    public function assetlog()
    {
-        return $this->hasMany('\App\Models\Actionlog', 'component_id')->where('asset_type', '=', 'component')->orderBy('created_at', 'desc')->withTrashed();
+        return $this->hasMany('\App\Models\Actionlog', 'item_id')->where('item_type', Component::class)->orderBy('created_at', 'desc')->withTrashed();
    }


@@ -138,6 +141,7 @@ class Component extends Model
                        });
                    })->orWhere('components.name', 'LIKE', '%'.$search.'%')
                            ->orWhere('components.order_number', 'LIKE', '%'.$search.'%')
+                            ->orWhere('components.serial_number', 'LIKE', '%'.$search.'%')
                            ->orWhere('components.purchase_cost', 'LIKE', '%'.$search.'%')
                            ->orWhere('components.purchase_date', 'LIKE', '%'.$search.'%');
            }
@@ -1,20 +1,22 @@
 <?php
 namespace App\Models;

-use App\Models\User;
-use App\Models\ConsumableAssignment;
-use App\Models\Company;
-use App\Models\Location;
-use App\Models\Category;
 use App\Models\ActionLog;
+use App\Models\Category;
+use App\Models\Company;
+use App\Models\ConsumableAssignment;
+use App\Models\Location;
+use App\Models\Loggable;
+use App\Models\User;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;
 use Watson\Validating\ValidatingTrait;

 class Consumable extends Model
 {
-    use SoftDeletes;
    use CompanyableTrait;
+    use Loggable;
+    use SoftDeletes;

    protected $dates = ['deleted_at'];
    protected $table = 'consumables';
@@ -29,6 +31,7 @@ class Consumable extends Model
        'category_id' => 'required|integer',
        'company_id'  => 'integer',
        'min_amt'     => 'integer|min:1',
+        'purchase_cost'   => 'numeric',
    );

    /**
@@ -84,7 +87,7 @@ class Consumable extends Model
    */
    public function assetlog()
    {
-        return $this->hasMany('\App\Models\Actionlog', 'consumable_id')->where('asset_type', '=', 'consumable')->orderBy('created_at', 'desc')->withTrashed();
+        return $this->hasMany('\App\Models\Actionlog', 'item_id')->where('item_type', Consumable::class)->orderBy('created_at', 'desc')->withTrashed();
    }


@@ -11,14 +11,14 @@ class CustomField extends Model

    */
    public static $PredefinedFormats=[
-    "ANY" => "",
-    "ALPHA" => "alpha",
-    "EMAIL" => "email",
-    "DATE" => "date",
-    "URL" => "url",
-    "NUMERIC" => "numeric",
-    "MAC" => "regex:/^[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}$/",
-    "IP" => "ip"
+        "ANY" => "",
+        "ALPHA" => "alpha",
+        "EMAIL" => "email",
+        "DATE" => "date",
+        "URL" => "url",
+        "NUMERIC" => "numeric",
+        "MAC" => "regex:/^[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}$/",
+        "IP" => "ip",
    ];

    public $rules=[
@@ -109,4 +109,43 @@ class CustomField extends Model
            $this->attributes['format']=$value;
        }
    }
+
+    /**
+     * Format a value string as an array for select boxes and checkboxes.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.4]
+     * @return Array
+     */
+    public function formatFieldValuesAsArray() {
+        $arr = preg_split("/\\r\\n|\\r|\\n/", $this->field_values);
+
+        $result[''] = 'Select '.strtolower($this->format);
+
+        for ($x = 0; $x < count($arr); $x++) {
+            $arr_parts = explode('|', $arr[$x]);
+            if ($arr_parts[0]!='') {
+                if (key_exists('1',$arr_parts)) {
+                    $result[$arr_parts[0]] = $arr_parts[1];
+                } else {
+                    $result[$arr_parts[0]] = $arr_parts[0];
+                }
+            }
+
+        }
+
+
+        return $result;
+    }
+
+    public function isFieldDecryptable($string) {
+        if (($this->field_encrypted=='1') && ($string!='')) {
+            return true;
+        }
+        return false;
+    }
+
+
+
+
 }
@@ -2,6 +2,7 @@
 namespace App\Models;

 use Illuminate\Database\Eloquent\Model;
+use Gate;

 class CustomFieldset extends Model
 {
@@ -30,16 +31,21 @@ class CustomFieldset extends Model
    {
        $rules=[];
        foreach ($this->fields as $field) {
-            $rule=[];
-            if ($field->pivot->required) {
-                $rule[]="required";
+            $rule = [];
+
+            if (($field->field_encrypted!='1') ||
+                  (($field->field_encrypted =='1')  && (Gate::allows('admin')) ))
+                  {
+
+                if ($field->pivot->required) {
+                    $rule[]="required";
+                }
            }
+
            array_push($rule, $field->attributes['format']);
            $rules[$field->db_column_name()]=$rule;
        }
        return $rules;
    }

-  //requiredness goes *here*
-  //sequence goes here?
 }
@@ -81,11 +81,18 @@ class Ldap extends Model
        if ($settings->is_ad =='1')
        {

-            // In case they haven't added an AD domain
-            if ($settings->ad_domain == '') {
-                $userDn      = $username.'@'.$settings->email_domain;
+            // Check if they are using the userprincipalname for the username field.
+            // If they are, we can skip building the UPN to authenticate against AD
+            if ($ldap_username_field=='userprincipalname')
+            {
+                $userDn = $username;
            } else {
-               $userDn      = $username.'@'.$settings->ad_domain;
+                // In case they haven't added an AD domain
+                if ($settings->ad_domain == '') {
+                    $userDn      = $username.'@'.$settings->email_domain;
+                } else {
+                    $userDn      = $username.'@'.$settings->ad_domain;
+                }
            }

        } else {
@@ -191,6 +198,7 @@ class Ldap extends Model
    {
        $item = Ldap::parseAndMapLdapAttributes($ldapatttibutes);

+
        // Create user from LDAP data
        if (!empty($item["username"])) {
            $user = new User;
@@ -198,7 +206,14 @@ class Ldap extends Model
            $user->last_name = $item["lastname"];
            $user->username = $item["username"];
            $user->email = $item["email"];
-            $user->password = bcrypt(Input::get("password"));
+
+            if (Setting::getSettings()->ldap_pw_sync=='1') {
+                $user->password = bcrypt(Input::get("password"));
+            } else {
+                $pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 25);
+                $user->password = bcrypt($pass);
+            }
+
            $user->activated = 1;
            $user->ldap_import = 1;
            $user->notes = 'Imported on first login from LDAP';
@@ -207,7 +222,7 @@ class Ldap extends Model
                return true;
            } else {
                LOG::debug('Could not create user.'.$user->getErrors());
-                exit;
+                throw new Exception("Could not create user: ".$user->getErrors());
            }
        }

@@ -239,8 +254,12 @@ class Ldap extends Model

        // Perform the search
        do {
+
            // Paginate (non-critical, if not supported by server)
-            ldap_control_paged_result($ldapconn, $page_size, false, $cookie);
+            if (!$ldap_paging = @ldap_control_paged_result($ldapconn, $page_size, false, $cookie)) {
+                throw new Exception('Problem with your LDAP connection. Try checking the Use TLS setting in Admin > Settings. ');
+            }
+

            $search_results = ldap_search($ldapconn, $base_dn, '('.$filter.')');

@@ -2,15 +2,16 @@
 namespace App\Models;

 use App\Models\Company;
+use App\Models\Loggable;
 use DB;
-use Watson\Validating\ValidatingTrait;
-
 use Illuminate\Database\Eloquent\SoftDeletes;
+use Watson\Validating\ValidatingTrait;

 class License extends Depreciable
 {
    use SoftDeletes;
    use CompanyableTrait;
+    use Loggable;
    protected $injectUniqueIdentifier = true;
    use ValidatingTrait;

@@ -36,6 +37,11 @@ class License extends Depreciable
        return $this->belongsTo('\App\Models\Company', 'company_id');
    }

+    public function manufacturer()
+    {
+        return $this->belongsTo('\App\Models\Manufacturer', 'manufacturer_id');
+    }
+
    /**
     * Get the assigned user
     */
@@ -49,8 +55,8 @@ class License extends Depreciable
    */
    public function assetlog()
    {
-        return $this->hasMany('\App\Models\Actionlog', 'asset_id')
-            ->where('asset_type', '=', 'software')
+        return $this->hasMany('\App\Models\Actionlog', 'item_id')
+            ->where('item_type', '=', License::class)
            ->orderBy('created_at', 'desc');
    }

@@ -59,8 +65,8 @@ class License extends Depreciable
    */
    public function uploads()
    {
-        return $this->hasMany('\App\Models\Actionlog', 'asset_id')
-            ->where('asset_type', '=', 'software')
+        return $this->hasMany('\App\Models\Actionlog', 'item_id')
+            ->where('item_type', '=', License::class)
            ->where('action_type', '=', 'uploaded')
            ->whereNotNull('filename')
            ->orderBy('created_at', 'desc');
@@ -95,6 +101,20 @@ class License extends Depreciable
                   ->count();
    }

+    // We do this to eager load the "count" of seats from the controller.  Otherwise calling "count()" on each model results in n+1
+    public function licenseSeatsRelation()
+    {
+        return $this->hasMany(LicenseSeat::class)->whereNull('deleted_at')->selectRaw('license_id, count(*) as count')->groupBy('license_id');
+    }
+
+    public function getLicenseSeatsCountAttribute()
+    {
+        if ($this->licenseSeatsRelation->first()) {
+            return $this->licenseSeatsRelation->first()->count;
+        }
+
+        return 0;
+    }

    /**
    * Get total licenses not checked out
@@ -110,37 +130,47 @@ class License extends Depreciable
    /**
     * Get the number of available seats
     */
-    public function availcount()
+    public function availCount()
    {
-        return LicenseSeat::whereNull('assigned_to')
-                    ->whereNull('asset_id')
-                    ->where('license_id', '=', $this->id)
-                    ->whereNull('deleted_at')
-                    ->count();
+        return $this->licenseSeatsRelation()
+            ->whereNull('asset_id');
+    }
+
+    public function getAvailSeatsCountAttribute()
+    {
+        if ($this->availCount->first()) {
+            return $this->availCount->first()->count;
+        }
+
+        return 0;
    }

    /**
     * Get the number of assigned seats
     *
     */
-    public function assignedcount()
+    public function assignedCount()
    {
+        return $this->licenseSeatsRelation()->where(function ($query) {
+            $query->whereNotNull('assigned_to')
+            ->orWhereNotNull('asset_id');
+        });
+    }

-        return \App\Models\LicenseSeat::where('license_id', '=', $this->id)
-            ->where(function ($query) {
-
-                $query->whereNotNull('assigned_to')
-                ->orWhereNotNull('asset_id');
-            })
-        ->count();
-
+    public function getAssignedSeatsCountAttribute()
+    {
+        // dd($this->licenseSeatsRelation->first());
+        if ($this->assignedCount->first()) {
+            return $this->assignedCount->first()->count;
+        }

+        return 0;
    }

    public function remaincount()
    {
-        $total = $this->totalSeatsByLicenseID();
-        $taken =  $this->assignedcount();
+        $total = $this->licenseSeatsCount;
+        $taken =  $this->assigned_seats;
        $diff =   ($total - $taken);
        return $diff;
    }
@@ -150,7 +180,7 @@ class License extends Depreciable
     */
    public function totalcount()
    {
-        $avail =  $this->availcount();
+        $avail =  $this->availSeatsCount;
        $taken =  $this->assignedcount();
        $diff =   ($avail + $taken);
        return $diff;
@@ -204,12 +234,51 @@ class License extends Depreciable

        return $query->where(function ($query) use ($search) {

-            $query->where('name', 'LIKE', '%'.$search.'%')
-                ->orWhere('serial', 'LIKE', '%'.$search.'%')
-                ->orWhere('notes', 'LIKE', '%'.$search.'%')
-                ->orWhere('order_number', 'LIKE', '%'.$search.'%')
-                ->orWhere('purchase_date', 'LIKE', '%'.$search.'%')
-                ->orWhere('purchase_cost', 'LIKE', '%'.$search.'%');
+            $query->where('licenses.name', 'LIKE', '%'.$search.'%')
+                ->orWhere('licenses.serial', 'LIKE', '%'.$search.'%')
+                ->orWhere('licenses.notes', 'LIKE', '%'.$search.'%')
+                ->orWhere('licenses.order_number', 'LIKE', '%'.$search.'%')
+                ->orWhere('licenses.purchase_order', 'LIKE', '%'.$search.'%')
+                ->orWhere('licenses.purchase_date', 'LIKE', '%'.$search.'%')
+                ->orWhere('licenses.purchase_cost', 'LIKE', '%'.$search.'%')
+             ->orWhereHas('manufacturer', function ($query) use ($search) {
+                        $query->where(function ($query) use ($search) {
+                            $query->where('manufacturers.name', 'LIKE', '%'.$search.'%');
+                    });
+                })
+            ->orWhereHas('company', function ($query) use ($search) {
+                $query->where(function ($query) use ($search) {
+                    $query->where('companies.name', 'LIKE', '%'.$search.'%');
+                });
+            });
        });
    }
+
+    /**
+     * Query builder scope to order on manufacturer
+     *
+     * @param  Illuminate\Database\Query\Builder  $query  Query builder instance
+     * @param  text                              $order         Order
+     *
+     * @return Illuminate\Database\Query\Builder          Modified query builder
+     */
+    public function scopeOrderManufacturer($query, $order)
+    {
+        return $query->leftJoin('manufacturers', 'licenses.manufacturer_id', '=', 'manufacturers.id')->select('licenses.*')
+            ->orderBy('manufacturers.name', $order);
+    }
+
+    /**
+     * Query builder scope to order on company
+     *
+     * @param  Illuminate\Database\Query\Builder  $query  Query builder instance
+     * @param  text                              $order         Order
+     *
+     * @return Illuminate\Database\Query\Builder          Modified query builder
+     */
+    public function scopeOrderCompany($query, $order)
+    {
+        return $query->leftJoin('companies as companies', 'licenses.company_id', '=', 'companies.id')->select('licenses.*')
+            ->orderBy('companies.name', $order);
+    }
 }
@@ -1,6 +1,7 @@
 <?php
 namespace App\Models;

+use App\Models\Loggable;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;

@@ -8,6 +9,7 @@ class LicenseSeat extends Model implements ICompanyableChild
 {
    use CompanyableChildTrait;
    use SoftDeletes;
+    use Loggable;

    protected $dates = ['deleted_at'];
    protected $guarded = 'id';
@@ -0,0 +1,135 @@
+<?php
+
+namespace App\Models;
+
+use App\Models\Actionlog;
+use App\Models\Asset;
+use App\Models\CheckoutRequest;
+use App\Models\User;
+use Illuminate\Support\Facades\Auth;
+
+trait Loggable
+{
+
+    /**
+     * @author  Daniel Meltzer <parallelgrapefruit@gmail.com
+     * @since [v3.4]
+     * @return \App\Models\Actionlog
+     */
+
+    public function log()
+    {
+        return $this->morphMany(Actionlog::class, 'item');
+    }
+
+    /**
+     * @author  Daniel Meltzer <parallelgrapefruit@gmail.com
+     * @since [v3.4]
+     * @return \App\Models\Actionlog
+     */
+    public function logCheckout($note, $target = null /*target is overridable for components*/)
+    {
+        $log = new Actionlog;
+
+        // We need to special case licenses because of license_seat vs license.  So much for clean polymorphism :)
+        if (static::class == LicenseSeat::class) {
+            $log->item_type = License::class;
+            $log->item_id = $this->license_id;
+        } else {
+            $log->item_type = static::class;
+            $log->item_id = $this->id;
+        }
+
+        $log->user_id = Auth::user()->id;
+
+        if (!is_null($this->asset_id) || isset($target)) {
+            $log->target_type = Asset::class;
+            $log->target_id = $this->asset_id;
+        } else if (!is_null($this->assigned_to)) {
+            $log->target_type = User::class;
+            $log->target_id = $this->assigned_to;
+        }
+
+        $item = call_user_func(array($log->target_type, 'find'), $log->target_id);
+        $log->location_id = $item->location_id;
+        $log->note = $note;
+        $log->logaction('checkout');
+
+        return $log;
+    }
+
+    /**
+     * @author  Daniel Meltzer <parallelgrapefruit@gmail.com
+     * @since [v3.4]
+     * @return \App\Models\Actionlog
+     */
+    public function logCheckin($note)
+    {
+        $log = new Actionlog;
+        if (static::class == LicenseSeat::class) {
+            $log->item_type = License::class;
+            $log->item_id = $this->license_id;
+        } else {
+            $log->item_type = static::class;
+            $log->item_id = $this->id;
+        }
+        $log->location_id = null;
+        $log->note = $note;
+        $log->user_id = Auth::user()->id;
+        $log->logaction('checkin from');
+
+        return $log;
+    }
+
+    /**
+     * @author  Daniel Meltzer <parallelgrapefruit@gmail.com
+     * @since [v3.5]
+     * @return \App\Models\Actionlog
+     */
+    public function logCreate($note = null)
+    {
+        $user_id = -1;
+        if (Auth::user()) {
+            $user_id = Auth::user()->id;
+        }
+        $log = new Actionlog;
+        if (static::class == LicenseSeat::class) {
+            $log->item_type = License::class;
+            $log->item_id = $this->license_id;
+        } else {
+            $log->item_type = static::class;
+            $log->item_id = $this->id;
+        }
+        $log->location_id = null;
+        $log->note = $note;
+        $log->user_id = $user_id;
+        $log->logaction('created');
+        $log->save();
+        return $log;
+    }
+
+    /**
+     * @author  Daniel Meltzer <parallelgrapefruit@gmail.com
+     * @since [v3.4]
+     * @return \App\Models\Actionlog
+     */
+    public function logUpload($filename, $note)
+    {
+        $log = new Actionlog;
+        if (static::class == LicenseSeat::class) {
+            $log->item_type = License::class;
+            $log->item_id = $this->license_id;
+        } else {
+            $log->item_type = static::class;
+            $log->item_id = $this->id;
+        }
+        $log->user_id = Auth::user()->id;
+        $log->note = $note;
+        $log->target_id =  null;
+        $log->created_at =  date("Y-m-d h:i:s");
+        $log->filename =  $filename;
+        $log->logaction('uploaded');
+
+        return $log;
+    }
+}
@@ -46,6 +46,21 @@ class Manufacturer extends Model
        return $this->hasManyThrough('\App\Models\Asset', '\App\Models\AssetModel', 'manufacturer_id', 'model_id');
    }

+    public function licenses()
+    {
+        return $this->hasMany('\App\Models\License', 'manufacturer_id');
+    }
+
+    public function accessories()
+    {
+        return $this->hasMany('\App\Models\Accessory', 'manufacturer_id');
+    }
+
+    public function consumables()
+    {
+        return $this->hasMany('\App\Models\Consumable', 'manufacturer_id');
+    }
+
    /**
    * Query builder scope to search on text
    *
@@ -0,0 +1,45 @@
+<?php
+
+namespace App\Models;
+
+use App\Models\CheckoutRequest;
+use App\Models\User;
+use Illuminate\Support\Facades\Auth;
+
+// $asset->requests
+// $asset->isRequestedBy($user)
+// $asset->whereRequestedBy($user)
+trait Requestable
+{
+
+    public function requests()
+    {
+        return $this->morphMany(CheckoutRequest::class, 'requestable');
+    }
+
+    public function isRequestedBy(User $user)
+    {
+        return $this->requests()
+            ->where('user_id', $user->id)
+            ->exists();
+    }
+
+    public function scopeRequestedBy($query, User $user)
+    {
+        return $query->whereHas('requests', function ($query) use ($user) {
+            $query->where('user_id', $user->id);
+        });
+    }
+
+    public function request()
+    {
+        $this->requests()->save(
+            new CheckoutRequest(['user_id' => Auth::id()])
+        );
+    }
+
+    public function cancelRequest()
+    {
+        $this->requests()->where('user_id', Auth::id())->delete();
+    }
+}
@@ -47,6 +47,21 @@ class Supplier extends Model
    protected $fillable = ['name'];


+    // Eager load counts.
+    // We do this to eager load the "count" of seats from the controller.  Otherwise calling "count()" on each model results in n+1
+    public function assetsRelation()
+    {
+        return $this->hasMany(Asset::class)->whereNull('deleted_at')->selectRaw('supplier_id, count(*) as count')->groupBy('supplier_id');
+    }
+
+    public function getLicenseSeatsCountAttribute()
+    {
+        if ($this->licenseSeatsRelation->first()) {
+            return $this->licenseSeatsRelation->first()->count;
+        }
+
+        return 0;
+    }
    public function assets()
    {
        return $this->hasMany('\App\Models\Asset', 'supplier_id');
@@ -59,7 +74,11 @@ class Supplier extends Model

    public function num_assets()
    {
-        return $this->hasMany('\App\Models\Asset', 'supplier_id')->count();
+        if ($this->assetsRelation->first()) {
+            return $this->assetsRelation->first()->count;
+        }
+
+        return 0;
    }

    public function licenses()
@@ -69,7 +88,7 @@ class Supplier extends Model

    public function num_licenses()
    {
-        return $this->hasMany('\App\Models\License', 'supplier_id')->count();
+        return $this->licenses()->count();
    }

    public function addhttp($url)
@@ -9,6 +9,7 @@ use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
 use Watson\Validating\ValidatingTrait;
 use Illuminate\Database\Eloquent\SoftDeletes;
 use App\Http\Traits\UniqueUndeletedTrait;
+use App\Models\Setting;

 class User extends Model implements AuthenticatableContract, CanResetPasswordContract
 {
@@ -67,7 +68,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon

        // Loop through the groups to see if any of them grant this permission
        foreach ($user_groups as $user_group) {
-            $group_permissions = json_decode($user_group->permissions, true);
+            $group_permissions = (array) json_decode($user_group->permissions, true);
            if (((array_key_exists($section, $group_permissions)) && ($group_permissions[$section]=='1'))) {
                return true;
            }
@@ -84,7 +85,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon

        foreach ($this->groups as $user_group) {
            $group_permissions = json_decode($user_group->permissions, true);
-            $group_array = $group_permissions;
+            $group_array = (array)$group_permissions;
            if ((array_key_exists('superuser', $group_array)) && ($group_permissions['superuser']=='1')) {
                return true;
            }
@@ -146,10 +147,8 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
            return config('app.url').'/uploads/avatars/'.$this->avatar;
        }

-        if ($this->email) {
-            // Generate the Gravatar hash
+        if ((Setting::getSettings()->load_remote=='1') && ($this->email!='')) {
            $gravatar = md5(strtolower(trim($this->email)));
-            // Return the Gravatar url
            return "//gravatar.com/avatar/".$gravatar;
        }

@@ -202,7 +201,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
     */
    public function userlog()
    {
-        return $this->hasMany('\App\Models\Actionlog', 'checkedout_to')->orderBy('created_at', 'DESC')->withTrashed();
+        return $this->hasMany('\App\Models\Actionlog', 'target_id')->orderBy('created_at', 'DESC')->withTrashed();
    }

    /**
@@ -255,13 +254,21 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
     */
    public function uploads()
    {
-        return $this->hasMany('\App\Models\Actionlog', 'asset_id')
-            ->where('asset_type', '=', 'user')
+        return $this->hasMany('\App\Models\Actionlog', 'item_id')
+            ->where('item_type', User::class)
            ->where('action_type', '=', 'uploaded')
            ->whereNotNull('filename')
            ->orderBy('created_at', 'desc');
    }

+    /**
+     * Fetch Items User has requested
+     */
+    public function checkoutRequests()
+    {
+        return $this->belongsToMany(Asset::class, 'checkout_requests');
+    }
+
    public function throttle()
    {
        return $this->hasOne('\App\Models\Throttle');
@@ -302,6 +309,10 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
            ->orWhere('username', '=', $user_email);
    }

+    public static function generateEmailFromFullName($name) {
+        $username = User::generateFormattedNameFromFullName(Setting::getSettings()->email_format, $name);
+        return $username['username'].'@'.Setting::getSettings()->email_domain;
+    }

    public static function generateFormattedNameFromFullName($format = 'filastname', $users_name)
    {
@@ -333,8 +344,9 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
            } elseif ($format=='firstname') {
                $email_last_name.=str_replace(' ', '', $last_name);
                $email_prefix = $first_name;
-
            }
+
+
        }

        $user_username = $email_prefix;
@@ -370,12 +382,18 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
                ->orWhere('users.email', 'LIKE', "%$search%")
                ->orWhere('users.username', 'LIKE', "%$search%")
                ->orWhere('users.notes', 'LIKE', "%$search%")
+                ->orWhere('users.jobtitle', 'LIKE', "%$search%")
                ->orWhere('users.employee_num', 'LIKE', "%$search%")
                ->orWhere(function ($query) use ($search) {
                    $query->whereHas('userloc', function ($query) use ($search) {
                        $query->where('locations.name', 'LIKE', '%'.$search.'%');
                    });
                })
+                ->orWhere(function ($query) use ($search) {
+                    $query->whereHas('groups', function ($query) use ($search) {
+                        $query->where('groups.name', 'LIKE', '%'.$search.'%');
+                    });
+                })

                // Ugly, ugly code because Laravel sucks at self-joins
                ->orWhere(function ($query) use ($search) {
@@ -91,6 +91,12 @@ class AuthServiceProvider extends ServiceProvider
            }
        });

+        $gate->define('assets.edit', function ($user) {
+            if (($user->hasAccess('assets.edit')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
        // Checks for some level of management
        $gate->define('assets.manage', function ($user) {
            if (($user->hasAccess('assets.checkin')) || ($user->hasAccess('assets.edit')) || ($user->hasAccess('assets.delete')) || ($user->hasAccess('assets.checkout')) || ($user->hasAccess('admin'))) {
@@ -249,6 +255,18 @@ class AuthServiceProvider extends ServiceProvider
            }
        });

+        $gate->define('components.checkout', function ($user) {
+            if (($user->hasAccess('components.checkout')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        $gate->define('components.checkout', function ($user) {
+            if (($user->hasAccess('components.checkout')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
        // Checks for some level of management
        $gate->define('components.manage', function ($user) {
            if (($user->hasAccess('components.edit')) || ($user->hasAccess('components.delete')) || ($user->hasAccess('components.checkout')) || ($user->hasAccess('admin'))) {
@@ -310,5 +328,15 @@ class AuthServiceProvider extends ServiceProvider
        });


+        # -----------------------------------------
+        # Self
+        # -----------------------------------------
+        $gate->define('self.two_factor', function ($user) {
+            if (($user->hasAccess('self.two_factor')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+
    }
 }
@@ -21,7 +21,10 @@
      "doctrine/common": "v2.5.3",
      "doctrine/dbal": "v2.4.2",
      "barryvdh/laravel-debugbar": "^2.1",
-      "spatie/laravel-backup": "3.8.1"
+      "spatie/laravel-backup": "3.8.1",
+      "misterphilip/maintenance-mode": "1.0.*",
+      "neitanod/forceutf8": "dev-master",
+      "pragmarx/google2fa": "^1.0"
    },
    "require-dev": {
      "fzaninotto/faker": "~1.4",
@@ -127,6 +127,20 @@ return [
    'private_uploads' => storage_path().'/private_uploads',


+    /*
+    |--------------------------------------------------------------------------
+    | ALLOW I-FRAMING
+    |--------------------------------------------------------------------------
+    |
+    | Normal users will never need to edit this. This option lets you run
+    | Snipe-IT within an I-Frame, which is normally disabled by default for
+    | security reasons, to prevent clickjacking. It should normally be set to false.
+    |
+    */
+
+    'allow_iframing' => env('ALLOW_IFRAMING', false),
+
+
    /*
    |--------------------------------------------------------------------------
    | Demo Mode Lockdown
@@ -140,7 +154,6 @@ return [
    'lock_passwords' => env('APP_LOCKED', false),


-
    /*
    |--------------------------------------------------------------------------
    | Autoloaded Service Providers
@@ -197,7 +210,9 @@ return [
        Collective\Html\HtmlServiceProvider::class,
        Spatie\Backup\BackupServiceProvider::class,
        Fideloper\Proxy\TrustedProxyServiceProvider::class,
-
+        MisterPhilip\MaintenanceMode\MaintenanceModeServiceProvider::class,
+        MisterPhilip\MaintenanceMode\MaintenanceCommandServiceProvider::class,
+        PragmaRX\Google2FA\Vendor\Laravel\ServiceProvider::class,
        /*
         * Custom service provider
         */
@@ -254,6 +269,7 @@ return [
        'View'      => Illuminate\Support\Facades\View::class,
        'Form'      => 'Collective\Html\FormFacade',
        'Html'      => 'Collective\Html\HtmlFacade',
+        'Google2FA' => PragmaRX\Google2FA\Vendor\Laravel\Facade::class,
    ],

 ];
@@ -3,6 +3,12 @@
 return [

    /*
+    | ***************************************************************************
+    | DO NOT MAKE CHANGES DIRECTLY TO THIS FILE.
+    |
+    | Instead use your .env file to set your application configuration settings.
+    | See https://snipe-it.readme.io/docs/configuration for more info.
+    |
    |--------------------------------------------------------------------------
    | Mail Driver
    |--------------------------------------------------------------------------
@@ -11,6 +17,7 @@ return [
    | sending of e-mail. You may specify which one you're using throughout
    | your application here. By default, Laravel is setup for SMTP mail.
    |
+    |
    | Supported: "smtp", "mail", "sendmail", "mailgun", "mandrill", "ses", "log"
    |
    */
@@ -56,6 +63,23 @@ return [

    'from' => ['address' => env('MAIL_FROM_ADDR', null), 'name' => env('MAIL_FROM_NAME', null)],

+
+    /*
+    |--------------------------------------------------------------------------
+    | Global "Reply-To" Address
+    |--------------------------------------------------------------------------
+    |
+    | You may wish for all e-mails sent by your application to have a different "Reply-to"
+    | address than the "From" address. If this is left blank, the application will use
+    | your MAIL_FROM information. 
+    |
+    */
+
+    'reply_to' => [
+        'address' => env('MAIL_REPLYTO_ADDR', env('MAIL_FROM_ADDR', null)),
+        'name' => env('MAIL_REPLYTO_NAME', env('MAIL_FROM_NAME', null))
+    ],
+
    /*
    |--------------------------------------------------------------------------
    | E-Mail Encryption Protocol
@@ -106,7 +106,7 @@ return array(
            'display'    => true,
        ),
        array(
-            'permission' => 'accessory.create',
+            'permission' => 'accessories.create',
            'label'      => 'Create ',
            'note'       => '',
            'display'    => true,
@@ -279,6 +279,16 @@ return array(

    ),

+    'Self' => array(
+        array(
+            'permission' => 'self.two_factor',
+            'label'      => 'Two-Factor Authentication',
+            'note'       => 'The user may disable/enable two-factor authentication themselves if two-factor is enabled and set to selective.',
+            'display'    => true,
+        ),
+
+    ),
+



@@ -1,5 +1,5 @@
 <?php
 return array (
-  'app_version' => 'v3.2.0',
-  'hash_version' => 'v3.2.0-53-gfff2bce',
+  'app_version' => 'v3.6.0',
+  'hash_version' => 'v3.6.0-g91caba0',
 );
@@ -1,636 +0,0 @@
-<?php
-
-//
-// NOTE Migration Created: 2016-02-13 07:10:06
-// --------------------------------------------------
-
-class CreateSnipeitLaravelDatabase {
-//
-// NOTE - Make changes to the database.
-// --------------------------------------------------
-
-public function up()
-{
-
-//
-// NOTE -- accessories
-// --------------------------------------------------
-
-Schema::create('accessories', function($table) {
- $table->increments('id')->unsigned();
- $table->string('name', 255)->nullable();
- $table->integer('category_id')->nullable();
- $table->integer('user_id')->nullable();
- $table->integer('qty');
- $table->boolean('requestable');
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->timestamp('deleted_at')->nullable();
- $table->integer('location_id')->nullable();
- $table->date('purchase_date')->nullable();
- $table->decimal('purchase_cost', 13,4)->nullable();
- $table->string('order_number', 255)->nullable();
- $table->integer('company_id')->nullable()->unsigned();
- });
-
-
-//
-// NOTE -- accessories_users
-// --------------------------------------------------
-
-Schema::create('accessories_users', function($table) {
- $table->increments('id')->unsigned();
- $table->integer('user_id')->nullable();
- $table->integer('accessory_id')->nullable();
- $table->integer('assigned_to')->nullable();
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- });
-
-
-//
-// NOTE -- asset_logs
-// --------------------------------------------------
-
-Schema::create('asset_logs', function($table) {
- $table->increments('id')->unsigned();
- $table->integer('user_id');
- $table->string('action_type', 255);
- $table->integer('asset_id')->nullable();
- $table->integer('checkedout_to')->nullable();
- $table->integer('location_id')->nullable();
- $table->dateTime('created_at')->default("0000-00-00 00:00:00");
- $table->string('asset_type', 100)->nullable();
- $table->text('note')->nullable();
- $table->text('filename')->nullable();
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->timestamp('deleted_at')->nullable();
- $table->dateTime('requested_at')->nullable();
- $table->dateTime('accepted_at')->nullable();
- $table->integer('accessory_id')->nullable();
- $table->integer('accepted_id')->nullable();
- $table->integer('consumable_id')->nullable();
- $table->date('expected_checkin')->nullable();
- $table->integer('thread_id')->nullable();
- });
-
-
-//
-// NOTE -- asset_maintenances
-// --------------------------------------------------
-
-Schema::create('asset_maintenances', function($table) {
- $table->increments('id')->unsigned();
- $table->integer('asset_id')->unsigned();
- $table->integer('supplier_id')->unsigned();
- $table->enum('asset_maintenance_type', array('Maintenance','Repair','Upgrade'));
- $table->string('title', 100);
- $table->boolean('is_warranty');
- $table->date('start_date');
- $table->date('completion_date')->nullable();
- $table->integer('asset_maintenance_time')->nullable();
- $table->string('notes')->nullable();
- $table->decimal('cost', 10,2)->nullable();
- $table->dateTime('deleted_at')->nullable();
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- });
-
-
-//
-// NOTE -- asset_uploads
-// --------------------------------------------------
-
-Schema::create('asset_uploads', function($table) {
- $table->increments('id')->unsigned();
- $table->integer('user_id');
- $table->string('filename', 255);
- $table->integer('asset_id');
- $table->string('filenotes', 255);
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->timestamp('deleted_at')->nullable();
- });
-
-
-//
-// NOTE -- assets
-// --------------------------------------------------
-
-Schema::create('assets', function($table) {
- $table->increments('id')->unsigned();
- $table->string('name', 255)->nullable();
- $table->string('asset_tag', 255);
- $table->integer('model_id');
- $table->string('serial', 255);
- $table->date('purchase_date')->nullable();
- $table->decimal('purchase_cost', 13,4)->default("0.0000");
- $table->string('order_number', 255)->nullable();
- $table->integer('assigned_to')->nullable();
- $table->text('notes')->nullable();
- $table->text('image')->nullable();
- $table->integer('user_id');
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->boolean('physical')->default("1");
- $table->timestamp('deleted_at')->nullable();
- $table->integer('status_id')->nullable();
- $table->boolean('archived');
- $table->integer('warranty_months')->nullable();
- $table->boolean('depreciate');
- $table->integer('supplier_id')->nullable();
- $table->boolean('requestable');
- $table->integer('rtd_location_id')->nullable();
- $table->string('_snipeit_mac_address', 255)->nullable();
- $table->enum('accepted', array('pending','accepted','rejected'))->nullable();
- $table->dateTime('last_checkout')->nullable();
- $table->date('expected_checkin')->nullable();
- $table->integer('company_id')->nullable()->unsigned();
- });
-
-
-//
-// NOTE -- categories
-// --------------------------------------------------
-
-Schema::create('categories', function($table) {
- $table->increments('id')->unsigned();
- $table->string('name', 255);
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->integer('user_id');
- $table->timestamp('deleted_at')->nullable();
- $table->text('eula_text')->nullable();
- $table->boolean('use_default_eula');
- $table->boolean('require_acceptance');
- $table->string('category_type', 255)->nullable()->default("asset");
- $table->boolean('checkin_email');
- });
-
-
-//
-// NOTE -- companies
-// --------------------------------------------------
-
-Schema::create('companies', function($table) {
- $table->increments('id')->unsigned();
- $table->string('name', 255)->unique();
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- });
-
-
-//
-// NOTE -- consumables
-// --------------------------------------------------
-
-Schema::create('consumables', function($table) {
- $table->increments('id')->unsigned();
- $table->string('name', 255)->nullable();
- $table->integer('category_id')->nullable();
- $table->integer('location_id')->nullable();
- $table->integer('user_id')->nullable();
- $table->integer('qty');
- $table->boolean('requestable');
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->timestamp('deleted_at')->nullable();
- $table->date('purchase_date')->nullable();
- $table->decimal('purchase_cost', 13,4)->nullable();
- $table->string('order_number', 255)->nullable();
- $table->integer('company_id')->nullable()->unsigned();
- });
-
-
-//
-// NOTE -- consumables_users
-// --------------------------------------------------
-
-Schema::create('consumables_users', function($table) {
- $table->increments('id')->unsigned();
- $table->integer('user_id')->nullable();
- $table->integer('consumable_id')->nullable();
- $table->integer('assigned_to')->nullable();
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- });
-
-
-//
-// NOTE -- custom_field_custom_fieldset
-// --------------------------------------------------
-
-Schema::create('custom_field_custom_fieldset', function($table) {
- $table->integer('custom_field_id');
- $table->integer('custom_fieldset_id');
- $table->integer('order');
- $table->boolean('required');
- });
-
-
-//
-// NOTE -- custom_fields
-// --------------------------------------------------
-
-Schema::create('custom_fields', function($table) {
- $table->increments('id')->unsigned();
- $table->string('name', 255);
- $table->string('format', 255);
- $table->string('element', 255);
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->integer('user_id')->nullable();
- });
-
-
-//
-// NOTE -- custom_fieldsets
-// --------------------------------------------------
-
-Schema::create('custom_fieldsets', function($table) {
- $table->increments('id')->unsigned();
- $table->string('name', 255);
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->integer('user_id')->nullable();
- });
-
-
-//
-// NOTE -- depreciations
-// --------------------------------------------------
-
-Schema::create('depreciations', function($table) {
- $table->increments('id')->unsigned();
- $table->string('name', 255);
- $table->integer('months');
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->integer('user_id');
- });
-
-
-//
-// NOTE -- groups
-// --------------------------------------------------
-
-Schema::create('groups', function($table) {
- $table->increments('id')->unsigned();
- $table->string('name', 255)->unique();
- $table->text('permissions')->nullable();
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- });
-
-
-//
-// NOTE -- history
-// --------------------------------------------------
-
-Schema::create('history', function($table) {
- $table->increments('id')->unsigned();
- $table->integer('checkedout_to');
- $table->integer('location_id');
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->integer('user_id');
- });
-
-
-//
-// NOTE -- license_seats
-// --------------------------------------------------
-
-Schema::create('license_seats', function($table) {
- $table->increments('id')->unsigned();
- $table->integer('license_id');
- $table->integer('assigned_to')->nullable();
- $table->text('notes')->nullable();
- $table->integer('user_id');
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->timestamp('deleted_at')->nullable();
- $table->integer('asset_id')->nullable();
- });
-
-
-//
-// NOTE -- licenses
-// --------------------------------------------------
-
-Schema::create('licenses', function($table) {
- $table->increments('id')->unsigned();
- $table->string('name', 255);
- $table->text('serial')->nullable();
- $table->date('purchase_date')->nullable();
- $table->decimal('purchase_cost', 13,4)->nullable();
- $table->string('order_number', 50)->nullable();
- $table->integer('seats')->default("1");
- $table->text('notes')->nullable();
- $table->integer('user_id');
- $table->boolean('depreciation_id');
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->timestamp('deleted_at')->nullable();
- $table->string('license_name', 100)->nullable();
- $table->string('license_email', 120)->nullable();
- $table->boolean('depreciate')->nullable();
- $table->integer('supplier_id')->nullable();
- $table->date('expiration_date')->nullable();
- $table->string('purchase_order', 255)->nullable();
- $table->date('termination_date')->nullable();
- $table->boolean('maintained');
- $table->boolean('reassignable')->default("1");
- $table->integer('company_id')->nullable()->unsigned();
- });
-
-
-//
-// NOTE -- locations
-// --------------------------------------------------
-
-Schema::create('locations', function($table) {
- $table->increments('id')->unsigned();
- $table->string('name', 255);
- $table->string('city', 255);
- $table->string('state', 255);
- $table->string('country', 2);
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->integer('user_id');
- $table->string('address', 80);
- $table->string('address2', 255)->nullable();
- $table->string('zip', 10)->nullable();
- $table->timestamp('deleted_at')->nullable();
- $table->integer('parent_id')->nullable();
- $table->string('currency', 10)->nullable();
- });
-
-
-//
-// NOTE -- manufacturers
-// --------------------------------------------------
-
-Schema::create('manufacturers', function($table) {
- $table->increments('id')->unsigned();
- $table->string('name', 255);
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->integer('user_id');
- $table->timestamp('deleted_at')->nullable();
- });
-
-
-//
-// NOTE -- models
-// --------------------------------------------------
-
-Schema::create('models', function($table) {
- $table->increments('id')->unsigned();
- $table->string('name', 255);
- $table->string('modelno', 255)->nullable();
- $table->integer('manufacturer_id');
- $table->integer('category_id');
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->integer('depreciation_id');
- $table->integer('user_id');
- $table->integer('eol')->nullable();
- $table->string('image', 255)->nullable();
- $table->boolean('deprecated_mac_address');
- $table->timestamp('deleted_at')->nullable();
- $table->integer('fieldset_id')->nullable();
- $table->text('note')->nullable();
- });
-
-
-//
-// NOTE -- requested_assets
-// --------------------------------------------------
-
-Schema::create('requested_assets', function($table) {
- $table->increments('id')->unsigned();
- $table->integer('asset_id');
- $table->integer('user_id');
- $table->dateTime('accepted_at')->nullable();
- $table->dateTime('denied_at')->nullable();
- $table->string('notes', 255);
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- });
-
-
-//
-// NOTE -- requests
-// --------------------------------------------------
-
-Schema::create('requests', function($table) {
- $table->increments('id')->unsigned();
- $table->integer('asset_id');
- $table->integer('user_id');
- $table->text('request_code');
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->timestamp('deleted_at')->nullable();
- });
-
-
-//
-// NOTE -- settings
-// --------------------------------------------------
-
-Schema::create('settings', function($table) {
- $table->increments('id')->unsigned();
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->integer('user_id');
- $table->integer('per_page')->default("20");
- $table->string('site_name', 100)->default("Snipe IT Asset Management");
- $table->integer('qr_code')->nullable();
- $table->string('qr_text', 32)->nullable();
- $table->integer('display_asset_name')->nullable();
- $table->integer('display_checkout_date')->nullable();
- $table->integer('display_eol')->nullable();
- $table->integer('auto_increment_assets');
- $table->string('auto_increment_prefix', 255);
- $table->boolean('load_remote')->default("1");
- $table->string('logo', 255)->nullable();
- $table->string('header_color', 255)->nullable();
- $table->string('alert_email', 255)->nullable();
- $table->boolean('alerts_enabled')->default("1");
- $table->text('default_eula_text')->nullable();
- $table->string('barcode_type', 255)->nullable()->default("QRCODE");
- $table->string('slack_endpoint', 255)->nullable();
- $table->string('slack_channel', 255)->nullable();
- $table->string('slack_botname', 255)->nullable();
- $table->string('default_currency', 10)->nullable();
- $table->text('custom_css')->nullable();
- $table->boolean('brand')->default("1");
- $table->string('ldap_enabled', 255)->nullable();
- $table->string('ldap_server', 255)->nullable();
- $table->string('ldap_uname', 255)->nullable();
- $table->string('ldap_pword')->nullable();
- $table->string('ldap_basedn', 255)->nullable();
- $table->string('ldap_filter', 255)->nullable()->default("cn=*");
- $table->string('ldap_username_field', 255)->nullable()->default("samaccountname");
- $table->string('ldap_lname_field', 255)->nullable()->default("sn");
- $table->string('ldap_fname_field', 255)->nullable()->default("givenname");
- $table->string('ldap_auth_filter_query', 255)->nullable()->default("uid=samaccountname");
- $table->integer('ldap_version')->nullable()->default("3");
- $table->string('ldap_active_flag', 255)->nullable();
- $table->string('ldap_emp_num', 255)->nullable();
- $table->string('ldap_email', 255)->nullable();
- $table->boolean('full_multiple_companies_support');
- $table->boolean('ldap_server_cert_ignore');
- });
-
-
-//
-// NOTE -- status_labels
-// --------------------------------------------------
-
-Schema::create('status_labels', function($table) {
- $table->increments('id')->unsigned();
- $table->string('name', 100);
- $table->integer('user_id');
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->timestamp('deleted_at')->nullable();
- $table->boolean('deployable');
- $table->boolean('pending');
- $table->boolean('archived');
- $table->text('notes')->nullable();
- });
-
-
-//
-// NOTE -- suppliers
-// --------------------------------------------------
-
-Schema::create('suppliers', function($table) {
- $table->increments('id')->unsigned();
- $table->string('name', 255);
- $table->string('address', 50)->nullable();
- $table->string('address2', 50)->nullable();
- $table->string('city', 255)->nullable();
- $table->string('state', 32)->nullable();
- $table->string('country', 2)->nullable();
- $table->string('phone', 20)->nullable();
- $table->string('fax', 20)->nullable();
- $table->string('email', 150)->nullable();
- $table->string('contact', 100)->nullable();
- $table->string('notes', 255)->nullable();
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->integer('user_id');
- $table->timestamp('deleted_at')->nullable();
- $table->string('zip', 10)->nullable();
- $table->string('url', 250)->nullable();
- $table->string('image', 255)->nullable();
- });
-
-
-//
-// NOTE -- throttle
-// --------------------------------------------------
-
-Schema::create('throttle', function($table) {
- $table->increments('id')->unsigned();
- $table->integer('user_id')->nullable()->unsigned();
- $table->string('ip_address', 255)->nullable();
- $table->integer('attempts');
- $table->boolean('suspended');
- $table->boolean('banned');
- $table->timestamp('last_attempt_at')->nullable();
- $table->timestamp('suspended_at')->nullable();
- $table->timestamp('banned_at')->nullable();
- });
-
-
-//
-// NOTE -- users
-// --------------------------------------------------
-
-Schema::create('users', function($table) {
- $table->increments('id')->unsigned();
- $table->string('email', 255)->nullable();
- $table->string('password', 255);
- $table->text('permissions')->nullable();
- $table->boolean('activated');
- $table->string('activation_code', 255)->nullable();
- $table->timestamp('activated_at')->nullable();
- $table->timestamp('last_login')->nullable();
- $table->string('persist_code', 255)->nullable();
- $table->string('reset_password_code', 255)->nullable();
- $table->string('first_name', 255);
- $table->string('last_name', 255);
- $table->timestamp('created_at')->default("0000-00-00 00:00:00");
- $table->timestamp('updated_at')->default("0000-00-00 00:00:00");
- $table->timestamp('deleted_at')->nullable();
- $table->string('website', 255)->nullable();
- $table->string('country', 255)->nullable();
- $table->string('gravatar', 255)->nullable();
- $table->integer('location_id')->nullable();
- $table->string('phone', 20)->nullable();
- $table->string('jobtitle', 100)->nullable();
- $table->integer('manager_id')->nullable();
- $table->text('employee_num')->nullable();
- $table->string('avatar', 255)->nullable();
- $table->string('username', 255)->nullable();
- $table->string('notes', 255)->nullable();
- $table->integer('company_id')->nullable()->unsigned();
- });
-
-
-//
-// NOTE -- users_groups
-// --------------------------------------------------
-
-Schema::create('users_groups', function($table) {
- $table->increments('user_id')->unsigned();
- $table->integer('group_id')->unsigned();
- });
-
-
-
-}
-
-//
-// NOTE - Revert the changes to the database.
-// --------------------------------------------------
-
-public function down()
-{
-
-Schema::drop('accessories');
-Schema::drop('accessories_users');
-Schema::drop('asset_logs');
-Schema::drop('asset_maintenances');
-Schema::drop('asset_uploads');
-Schema::drop('assets');
-Schema::drop('categories');
-Schema::drop('companies');
-Schema::drop('consumables');
-Schema::drop('consumables_users');
-Schema::drop('custom_field_custom_fieldset');
-Schema::drop('custom_fields');
-Schema::drop('custom_fieldsets');
-Schema::drop('depreciations');
-Schema::drop('groups');
-Schema::drop('history');
-Schema::drop('license_seats');
-Schema::drop('licenses');
-Schema::drop('locations');
-Schema::drop('manufacturers');
-Schema::drop('models');
-Schema::drop('requested_assets');
-Schema::drop('requests');
-Schema::drop('settings');
-Schema::drop('status_labels');
-Schema::drop('suppliers');
-Schema::drop('throttle');
-Schema::drop('users');
-Schema::drop('users_groups');
-
-}
-}
@@ -25,6 +25,7 @@ $factory->defineAs(App\Models\Asset::class, 'asset', function (Faker\Generator $
    'order_number' => $faker->numberBetween(1000000,50000000),
    'supplier_id' => $faker->numberBetween(1,5),
    'requestable' => $faker->numberBetween(0,1),
+    'company_id' => \App\Models\Company::inRandomOrder()->first()->id
  ];
 });

@@ -96,6 +97,7 @@ $factory->defineAs(App\Models\Component::class, 'component', function (Faker\Gen
    'category_id' => $faker->numberBetween(21,25),
    'total_qty' => $faker->numberBetween(3, 10),
    'min_amt' => $faker->numberBetween($min = 1, $max = 2),
+    'company_id' => \App\Models\Company::inRandomOrder()->first()->id
  ];
 });

@@ -113,6 +115,7 @@ $factory->defineAs(App\Models\Accessory::class, 'accessory', function (Faker\Gen
    'qty' => $faker->numberBetween(5, 10),
    'location_id' => $faker->numberBetween(1,5),
    'min_amt' => $faker->numberBetween($min = 1, $max = 2),
+    'company_id' => \App\Models\Company::inRandomOrder()->first()->id
  ];
 });

@@ -138,6 +141,7 @@ $factory->defineAs(App\Models\Consumable::class, 'consumable', function (Faker\G
    'company_id' => $faker->numberBetween(1, 10),
    'qty' => $faker->numberBetween(5, 10),
    'min_amt' => $faker->numberBetween($min = 1, $max = 2),
+    'company_id' => \App\Models\Company::inRandomOrder()->first()->id

  ];
 });
@@ -251,6 +255,7 @@ $factory->defineAs(App\Models\License::class, 'license', function (Faker\Generat
    'purchase_date' 		=> $faker->dateTime(),
    'purchase_cost' 		=> $faker->randomFloat(2),
    'notes'   => $faker->sentence,
+    'company_id' => \App\Models\Company::inRandomOrder()->first()->id
  ];
 });

@@ -265,18 +270,82 @@ $factory->defineAs(App\Models\LicenseSeat::class, 'license-seat', function (Fake
 });

 $factory->defineAs(App\Models\Actionlog::class, 'asset-checkout', function (Faker\Generator $faker) {
+  $company = \App\Models\Company::has('users')->has('assets')->inRandomOrder()->first();
  return [
-    'user_id'      	=> 1,
+    'user_id'      	=> $company->users()->inRandomOrder()->first()->id,
    'action_type' 		=> 'checkout',
-    'asset_id' 		=> $faker->numberBetween(1, 10),
-    'checkedout_to' => 1,
+    'item_id' 		=> $company->assets()->inRandomOrder()->first()->id,
+    'target_id' => $company->users()->inRandomOrder()->first()->id,
+    'target_type' => 'App\\Models\\User',
    'created_at'  => $faker->dateTime(),
-    'asset_type'  => 'hardware',
+    'item_type'  => 'App\\Models\\Asset',
    'note' 			=> $faker->sentence,
-    'user_id' 			=> '1',
+    'company_id' => $company->id
  ];
 });

+$factory->defineAs(App\Models\Actionlog::class, 'license-checkout-asset', function (Faker\Generator $faker) {
+  $company = \App\Models\Company::has('users')->has('licenses')->inRandomOrder()->first();
+
+  return [
+    'user_id'      	=> $company->users()->inRandomOrder()->first()->id,
+    'action_type' 		=> 'checkout',
+    'item_id' 		=> $company->licenses()->whereNotNull('company_id')->inRandomOrder()->first()->id,
+    'target_id' => $company->assets()->inRandomOrder()->first()->id,
+    'target_type' => 'App\\Models\\Asset',
+    'created_at'  => $faker->dateTime(),
+    'item_type'  => 'App\\Models\\License',
+    'note' 			=> $faker->sentence,
+    'company_id' => $company->id
+  ];
+});
+
+$factory->defineAs(App\Models\Actionlog::class, 'accessory-checkout', function (Faker\Generator $faker) {
+    $company = \App\Models\Company::has('users')->has('accessories')->inRandomOrder()->first();    
+  return [
+    'user_id'      	=> $company->users()->inRandomOrder()->first()->id,
+    'action_type' 		=> 'checkout',
+    'item_id' 		=> $company->accessories()->whereNotNull('company_id')->inRandomOrder()->first()->id,
+    'target_id' => $company->users()->inRandomOrder()->first()->id,
+    'target_type' => 'App\\Models\\User',
+    'created_at'  => $faker->dateTime(),
+    'item_type'  => 'App\\Models\\Accessory',
+    'note' 			=> $faker->sentence,
+    'company_id' => $company->id
+  ];
+});
+
+$factory->defineAs(App\Models\Actionlog::class, 'consumable-checkout', function (Faker\Generator $faker) {
+    $company = \App\Models\Company::has('users')->has('consumables')->inRandomOrder()->first();    
+
+  return [
+    'user_id'      	=> $company->users()->inRandomOrder()->first()->id,
+    'action_type' 		=> 'checkout',
+    'item_id' 		=> $company->consumables()->whereNotNull('company_id')->inRandomOrder()->first()->id,
+    'target_id' => $company->users()->inRandomOrder()->first()->id,
+    'target_type' => 'App\\Models\\User',
+    'created_at'  => $faker->dateTime(),
+    'item_type'  => 'App\\Models\\Consumable',
+    'note' 			=> $faker->sentence,
+    'company_id' => $company->id
+  ];
+});
+
+$factory->defineAs(App\Models\Actionlog::class, 'component-checkout', function (Faker\Generator $faker) {
+   $company = \App\Models\Company::has('users')->has('components')->inRandomOrder()->first();    
+
+  return [
+    'user_id'      	=> $company->users()->inRandomOrder()->first()->id,
+    'action_type' 		=> 'checkout',
+    'item_id' 		=> $company->components()->whereNotNull('company_id')->inRandomOrder()->first()->id,
+    'target_id' => $company->users()->inRandomOrder()->first()->id,
+    'target_type' => 'App\\Models\\User',
+    'created_at'  => $faker->dateTime(),
+    'item_type'  => 'App\\Models\\Component',
+    'note' 			=> $faker->sentence,
+    'company_id' => $company->id
+  ];
+});

 $factory->defineAs(App\Models\CustomField::class, 'customfield-ip', function (Faker\Generator $faker) {
  return [
@@ -294,5 +363,6 @@ $factory->defineAs(App\Models\User::class, 'valid-user', function (Faker\Generat
    'email' => $faker->safeEmail,
    'password' => $faker->password,
    'username' => $faker->username,
+    'company_id' => \App\Models\Company::inRandomOrder()->first()->id
  ];
 });
@@ -18,11 +18,11 @@ class UpdateAcceptedAtToAcceptanceId extends Migration {
 			$table->integer('accepted_id')->nullable()->default(NULL);
 		});

-		$results = DB::select('select invitation.id AS invitation_id, acceptance.id AS acceptance_id FROM asset_logs invitation INNER JOIN asset_logs acceptance ON (invitation.checkedout_to=acceptance.checkedout_to AND invitation.asset_id=acceptance.asset_id) WHERE invitation.action_type="checkout" AND acceptance.action_type="accepted"');
+		$results = DB::select('select invitation.id AS invitation_id, acceptance.id AS acceptance_id FROM '.DB::getTablePrefix().'asset_logs invitation INNER JOIN '.DB::getTablePrefix().'asset_logs acceptance ON (invitation.checkedout_to=acceptance.checkedout_to AND invitation.asset_id=acceptance.asset_id) WHERE invitation.action_type="checkout" AND acceptance.action_type="accepted"');


 		foreach ($results as $result) {
-			$update = DB::update('update asset_logs set accepted_id=? where id=?', [$result->acceptance_id, $result->invitation_id]);
+			$update = DB::update('update '.DB::getTablePrefix().'asset_logs set accepted_id=? where id=?', [$result->acceptance_id, $result->invitation_id]);
 		}

 	}
@@ -64,39 +64,39 @@
        public function up()
        {

-            if (!Schema::hasColumn('asset_logs', 'thread_id')) {
+            // if (!Schema::hasColumn('asset_logs', 'thread_id')) {

-                Schema::table( 'asset_logs', function ( Blueprint $table ) {
+            //     Schema::table( 'asset_logs', function ( Blueprint $table ) {

-                    $table->integer( 'thread_id' )
-                          ->nullable()
-                          ->default( null );
-                    $table->index( 'thread_id' );
-                } );
-            }
+            //         $table->integer( 'thread_id' )
+            //               ->nullable()
+            //               ->default( null );
+            //         $table->index( 'thread_id' );
+            //     } );
+            // }

-            $this->actionlog = new App\Models\Actionlog();
-            $this->assetLogs = $this->actionlog->getListingOfActionLogsChronologicalOrder();
+            // $this->actionlog = new App\Models\Actionlog();
+            // $this->assetLogs = $this->actionlog->getListingOfActionLogsChronologicalOrder();

-            foreach ($this->assetLogs as $assetLog) {
+            // foreach ($this->assetLogs as $assetLog) {

-                if ($this->hasAssetChanged( $assetLog )) {
-                    $this->resetCurrentAssetInformation( $assetLog );
-                }
+            //     if ($this->hasAssetChanged( $assetLog )) {
+            //         $this->resetCurrentAssetInformation( $assetLog );
+            //     }

-                if ($this->hasBegunNewChain( $assetLog )) {
-                    $this->startOfCurrentThread = false;
-                    continue;
-                }
+            //     if ($this->hasBegunNewChain( $assetLog )) {
+            //         $this->startOfCurrentThread = false;
+            //         continue;
+            //     }

-                $this->updateAssetLogWithThreadInformation( $assetLog );
+            //     $this->updateAssetLogWithThreadInformation( $assetLog );

-                if ($this->hasReachedEndOfChain( $assetLog )
-                ) {
-                    $this->clearCurrentAssetInformation();
-                }
+            //     if ($this->hasReachedEndOfChain( $assetLog )
+            //     ) {
+            //         $this->clearCurrentAssetInformation();
+            //     }

-            }
+            // }
        }


@@ -18,8 +18,8 @@ class AddCheckoutTimeAndExpectedCheckoutDateToAssets extends Migration {
 			$answer=$table->dateTime('last_checkout')->nullable();
 			$table->date('expected_checkin')->nullable();
 		});
-		DB::statement("UPDATE assets SET last_checkout=(SELECT MAX(created_at) FROM asset_logs WHERE asset_logs.id=assets.id AND action_type='checkout') WHERE assigned_to IS NOT NULL");
-		DB::statement("UPDATE assets SET expected_checkin=(SELECT expected_checkin FROM asset_logs WHERE asset_logs.id=assets.id AND action_type='checkout' ORDER BY id DESC limit 1) WHERE assigned_to IS NOT NULL");
+		DB::statement("UPDATE ".DB::getTablePrefix()."assets SET last_checkout=(SELECT MAX(created_at) FROM ".DB::getTablePrefix()."asset_logs WHERE ".DB::getTablePrefix()."asset_logs.id=".DB::getTablePrefix()."assets.id AND action_type='checkout') WHERE assigned_to IS NOT NULL");
+		DB::statement("UPDATE ".DB::getTablePrefix()."assets SET expected_checkin=(SELECT expected_checkin FROM ".DB::getTablePrefix()."asset_logs WHERE ".DB::getTablePrefix()."asset_logs.id=".DB::getTablePrefix()."assets.id AND action_type='checkout' ORDER BY id DESC limit 1) WHERE assigned_to IS NOT NULL");
 	}

 	/**
@@ -0,0 +1,31 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class AddDisallowLdapPwSyncToSettings extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('settings', function (Blueprint $table) {
+            $table->boolean('ldap_pw_sync')->default(1);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('settings', function ($table) {
+            $table->dropColumn('ldap_pw_sync');
+        });
+    }
+}
@@ -0,0 +1,32 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class AddManufacturerToLicenses extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('licenses', function (Blueprint $table) {
+            //
+            $table->integer('manufacturer_id')->nullable();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('licenses', function (Blueprint $table) {
+            //
+        });
+    }
+}
@@ -0,0 +1,33 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class AddManufacturerToAccessoriesTable extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('accessories', function (Blueprint $table) {
+            //
+            $table->integer('manufacturer_id')->nullable();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('accessories', function (Blueprint $table) {
+            //
+            $table->dropColumn('manufacturer_id');
+        });
+    }
+}
@@ -0,0 +1,34 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class AddNewFieldsToCustomFields extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('custom_fields', function (Blueprint $table) {
+            //
+            $table->string('field_values')->nullable()->default(null);
+            $table->boolean('field_encrypted')->default(0);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('custom_fields', function (Blueprint $table) {
+            //
+            $table->dropColumn('field_values', 'field_encrypted');
+        });
+    }
+}
@@ -0,0 +1,31 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class AddShowInNavToStatusLabels extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('status_labels', function (Blueprint $table) {
+            $table->boolean('show_in_nav')->default(0);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('status_labels', function (Blueprint $table) {
+            $table->dropColumn('show_in_nav', 'field_encrypted');
+        });
+    }
+}
@@ -0,0 +1,33 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class MakePurchaseCostNullable extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+
+        $platform = Schema::getConnection()->getDoctrineSchemaManager()->getDatabasePlatform();
+        $platform->registerDoctrineTypeMapping('enum', 'string');
+
+        Schema::table('assets', function ($table) {
+            $table->decimal('purchase_cost',8,2)->nullable()->default(null)->change();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        //
+    }
+}
@@ -0,0 +1,33 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class AddRequestableToAssetModel extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        //
+        Schema::table('models', function ($table) {
+            $table->tinyInteger('requestable')->default(0);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        //
+        Schema::table('models', function ($table) {
+            $table->dropColumn('requestable');
+        });
+    }
+}
@@ -0,0 +1,36 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class CreateCheckoutRequestsTable extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::create('checkout_requests', function (Blueprint $table) {
+            $table->increments('id');
+            $table->integer('user_id');
+            $table->integer('requestable_id');
+            $table->string('requestable_type');
+            $table->integer('quantity')->default(1);
+            $table->timestamps();
+
+            $table->unique(['user_id', 'requestable_id', 'requestable_type']);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::drop('checkout_requests');
+    }
+}
@@ -0,0 +1,49 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class CreateActionlogTable extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        if (!Schema::hasTable('action_logs')) {
+            Schema::create('action_logs', function (Blueprint $table) {
+                $table->increments('id');
+                $table->integer('user_id')->nullable();
+                $table->string('action_type');
+                $table->integer('target_id')->nullable();  // Was checkedout_to
+                $table->string('target_type')->nullable(); // For polymorphic thingies
+                $table->integer('location_id')->nullable();
+                $table->text('note')->nullable();
+                $table->text('filename')->nullable();
+                $table->string('item_type');
+                $table->integer('item_id');  // Replaces asset_id, accessory_id, etc.
+                $table->date('expected_checkin')->nullable()->default(null);
+                $table->integer('accepted_id')->nullable();
+                $table->timestamps();
+                $table->softDeletes();
+
+                $table->integer('thread_id')
+                    ->nullable()
+                    ->default(null);
+                $table->index('thread_id');
+            });
+        }
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::dropIfExists('action_logs');
+    }
+}
@@ -0,0 +1,79 @@
+<?php
+
+use App\Models\Actionlog;
+use App\Models\User;
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+
+class MigrateAssetLogToActionLog extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        //
+        $logs = DB::table('asset_logs')->get();
+
+        foreach ($logs as $log) {
+            // protected $fillable   = [ 'created_at', 'asset_type','user_id','asset_id','action_type','note','checkedout_to' ];
+            $a = new Actionlog(compact($log));
+            // var_dump($log);
+            $a->user_id = $log->user_id;
+
+            if (!is_null($log->asset_id)) {
+                $a->item_id = $log->asset_id;
+                if ($log->asset_type == "hardware") {
+                    $a->item_type = 'App\\Models\\Asset';
+                } else {
+                    $a->item_type = 'App\\Models\\License';
+                }
+            }
+            if (!is_null($log->accessory_id)) {
+                $a->item_id = $log->accessory_id;
+                $a->item_type = 'App\\Models\\Accessory';
+            } else if (!is_null($log->consumable_id)) {
+                $a->item_id = $log->consumable_id;
+                $a->item_type = 'App\\Models\\Consumable';
+            } else if (!is_null($log->component_id)) {
+                $a->item_id = $log->component_id;
+                $a->item_type = 'App\\Models\\Component';
+            }
+            $a->action_type = $log->action_type;
+            // $a->checkout_to = $log->checkout_to;
+            if(!is_null($log->checkedout_to)) {
+                $a->target_id = $log->checkedout_to;
+                $a->target_type = User::class;
+            }
+            if(!is_null($log->accepted_id)) {
+                $a->target_id = $log->accepted_id;
+                $a->target_type = User::class;
+            }
+            $a->location_id         = $log->location_id;
+            $a->created_at          = $log->created_at;
+            $a->updated_at          = $log->updated_at;
+            $a->deleted_at          = $log->deleted_at;
+            $a->note                = $log->note;
+            $a->expected_checkin    = $log->expected_checkin;
+            $a->thread_id           = $log->thread_id;
+            $a->accepted_id         = $log->accepted_id;
+            $a->filename            = $log->filename;
+
+            $a->save();
+
+        }
+        // dd($logs);
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        //
+    }
+}
@@ -0,0 +1,31 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class FixFieldtypeForTargetType extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('action_logs', function ($table) {
+            $table->string('target_type')->nullable()->default(null)->change();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('action_logs', function ($table) {
+            $table->integer('target_type')->nullable()->default(null)->change();
+        });
+    }
+}
@@ -0,0 +1,31 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class FixModelnoInConsumablesToString extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('consumables', function ($table) {
+            $table->string('model_no')->nullable()->default(null)->change();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('consumables', function ($table) {
+            $table->integer('model_no')->nullable()->default(null)->change();
+        });
+    }
+}
@@ -0,0 +1,44 @@
+<?php
+
+use App\Models\Actionlog;
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+
+class AddCompanyToLogs extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('action_logs', function (Blueprint $table) {
+            //
+            $table->integer('company_id')->nullable()->default(null);
+        });
+
+        $logs = Actionlog::with('item')->get();
+        foreach ($logs as $log) {
+            if($log->item) {
+                $log->company_id = $log->item->company_id;
+                $log->save();
+            } else {
+                var_dump($log);
+            }
+        }
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('action_logs', function (Blueprint $table) {
+            //
+            $table->dropColumn('company_id');
+        });
+    }
+}
@@ -0,0 +1,39 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class FixOrderNumberToVarchar extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('consumables', function ($table) {
+            $table->string('order_number')->nullable()->default(null)->change();
+        });
+
+        Schema::table('components', function ($table) {
+            $table->string('order_number')->nullable()->default(null)->change();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('consumables', function ($table) {
+            $table->integer('order_number')->nullable()->default(null)->change();
+        });
+
+        Schema::table('components', function ($table) {
+            $table->integer('order_number')->nullable()->default(null)->change();
+        });
+    }
+}
@@ -0,0 +1,31 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class FixOrderNumberInComponentsToString extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('components', function ($table) {
+            $table->string('order_number')->nullable()->default(null)->change();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('components', function ($table) {
+            $table->integer('order_number')->nullable()->default(null)->change();
+        });
+    }
+}
@@ -0,0 +1,33 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class AddSerialToComponents extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('components', function ($table) {
+            $table->string('serial_number')->nullable()->default(null);
+        });
+
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('components', function ($table) {
+            $table->dropColumn('serial_number');
+        });
+
+    }
+}
@@ -0,0 +1,31 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class IncreaseSerialFieldCapacity extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('licenses', function ($table) {
+            $table->string('serial', 2048)->nullable()->default(null)->change();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('licenses', function ($table) {
+            $table->string('serial', 255)->nullable()->default(null)->change();
+        });
+    }
+}
@@ -0,0 +1,43 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class Enable2faFields extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('settings', function ($table) {
+            $table->tinyInteger('two_factor_enabled')->nullable()->default(null);
+        });
+
+        Schema::table('users', function ($table) {
+            $table->string('two_factor_secret', 32)->nullable()->default(null);
+            $table->boolean('two_factor_enrolled')->default(0);
+            $table->boolean('two_factor_optin')->default(0);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('settings', function ($table) {
+            $table->dropColumn('two_factor_enabled');
+        });
+
+        Schema::table('users', function ($table) {
+            $table->dropColumn('two_factor_secret');
+            $table->dropColumn('two_factor_enrolled');
+            $table->dropColumn('two_factor_optin');
+        });
+    }
+}
@@ -0,0 +1,39 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class AddSignatureToAcceptance extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('settings', function ($table) {
+            $table->boolean('require_accept_signature')->default(0);
+        });
+
+        Schema::table('action_logs', function ($table) {
+            $table->string('accept_signature', 100)->nullable()->default(null);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('settings', function ($table) {
+            $table->dropColumn('require_accept_signature');
+        });
+
+        Schema::table('action_logs', function ($table) {
+            $table->dropColumn('accept_signature');
+        });
+    }
+}
@@ -0,0 +1,53 @@
+<?php
+
+use App\Models\Actionlog;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class FixForgottenFilenameInActionLogs extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('action_logs', function (Blueprint $table) {
+            $logs = DB::table('asset_logs')->where('filename', '!=', null)->get();
+            //
+            foreach($logs as $log) {
+                $matching_action_log = Actionlog::where('item_id', $log->asset_id)
+                                          ->where('created_at', $log->created_at)
+                                          ->where('note', $log->note)
+                                          ->where('filename', null)
+                                          ->withTrashed()
+                                          ->get()->first();
+
+                if($matching_action_log) {
+                    $matching_action_log->filename = $log->filename;
+                    $matching_action_log->save();
+                }else{
+                    echo("Couldn't find matching Action log row when trying to migrate".
+                         "  filename from asset log:\n".
+                         "LogDate{$log->created_at} LogForAsset:{$log->asset_id}".
+                         "LogNote:{$log->note} \n");
+                }
+            }
+
+        });
+    }
+
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('action_logs', function (Blueprint $table) {
+            //
+        });
+    }
+}
@@ -7,6 +7,10 @@ class ActionlogSeeder extends Seeder
  public function run()
  {
    Actionlog::truncate();
-    factory(Actionlog::class, 'asset-checkout',5)->create();
+    factory(Actionlog::class, 'asset-checkout',25)->create();
+    factory(Actionlog::class, 'accessory-checkout',15)->create();
+    factory(Actionlog::class, 'consumable-checkout', 15)->create();
+    factory(Actionlog::class, 'component-checkout', 15)->create();
+    factory(Actionlog::class, 'license-checkout-asset', 15)->create();
  }
 }
@@ -0,0 +1,19 @@
+<?php
+
+use App\Models\Company;
+use Illuminate\Database\Seeder;
+
+class CompanySeeder extends Seeder
+{
+    /**
+     * Run the database seeds.
+     *
+     * @return void
+     */
+    public function run()
+    {
+        //
+        Company::truncate();
+        factory(Company::class, 'company', 4)->create();
+    }
+}
@@ -14,9 +14,12 @@ class DatabaseSeeder extends Seeder
    {
        Model::unguard();

+        $this->call(CompanySeeder::class);
+        $this->call(UserSeeder::class);
        $this->call(AssetModelSeeder::class);
        $this->call(AccessorySeeder::class);
        $this->call(AssetSeeder::class);
+        $this->call(ComponentSeeder::class);
        $this->call(ConsumableSeeder::class);
        $this->call(StatuslabelSeeder::class);
        $this->call(SupplierSeeder::class);
@@ -27,7 +30,6 @@ class DatabaseSeeder extends Seeder
        $this->call(ManufacturerSeeder::class);
        $this->call(LocationSeeder::class);
        $this->call(CustomFieldSeeder::class);
-        $this->call(ComponentSeeder::class);

        Model::reguard();
    }
@@ -0,0 +1,18 @@
+<?php
+
+use App\Models\User;
+use Illuminate\Database\Seeder;
+
+class UserSeeder extends Seeder
+{
+    /**
+     * Run the database seeds.
+     *
+     * @return void
+     */
+    public function run()
+    {
+        // Don't truncate the user column, that might suck.
+        factory(User::class, 'valid-user', 10)->create();
+    }
+}
@@ -14,6 +14,8 @@ MAIL_ENV_FROM_NAME=Brady Wetherington
 MAIL_ENV_ENCRYPTION=tcp
 MAIL_ENV_USERNAME=uberbrady@gmail.com
 MAIL_ENV_PASSWORD=N7AqLufTZMULWHWYwJ0ZCw
+MAIL_ENV_REPLYTO_ADDR=you@example.com
+MAIL_ENV_REPLYTO_NAME='Snipe-IT'

 #SNIPE-IT Variables
 APP_ENV=develop
@@ -22,3 +24,5 @@ APP_KEY=Y5hJeC7x1i7OxhDrvrQPlB9KvCorvRdO
 APP_URL=http://127.0.0.1:32782
 APP_TIMEZONE=US/Pacific
 APP_LOCALE=en
+
+ALLOW_IFRAMING=false
@@ -50,7 +50,7 @@
 		#   when the CA certificates are directly appended to the server
 		#   certificate for convinience.
 		#SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt
-		SSLCertificateChainFile /etc/ssl/private/snipeit-ssl.crt
+		SSLCertificateChainFile /var/lib/snipeit/ssl/snipeit-ssl.crt

 		#   Certificate Authority (CA):
 		#   Set the CA certificate verification path where to find CA
@@ -18,6 +18,7 @@ DB_DATABASE=${MYSQL_DATABASE}
 DB_USERNAME=${MYSQL_USER}
 DB_PASSWORD=${MYSQL_PASSWORD}
 DB_PREFIX=null
+DB_DUMP_PATH='/usr/bin'


 # --------------------------------------------
@@ -0,0 +1,136 @@
+
+#signature-pad {
+  padding-top: 250px;
+  margin: auto;
+}
+.m-signature-pad {
+
+  position: relative;
+  font-size: 10px;
+  width: 100%;
+  height: 300px;
+  border: 1px solid #e8e8e8;
+  background-color: #fff;
+  box-shadow: 0 1px 4px rgba(0, 0, 0, 0.27), 0 0 40px rgba(0, 0, 0, 0.08) inset;
+  border-radius: 4px;
+}
+
+.m-signature-pad:before, .m-signature-pad:after {
+	position: absolute;
+  z-index: -1;
+  content: "";
+	width: 40%;
+	height: 10px;
+	left: 20px;
+	bottom: 10px;
+	background: transparent;
+	-webkit-transform: skew(-3deg) rotate(-3deg);
+	-moz-transform: skew(-3deg) rotate(-3deg);
+	-ms-transform: skew(-3deg) rotate(-3deg);
+	-o-transform: skew(-3deg) rotate(-3deg);
+	transform: skew(-3deg) rotate(-3deg);
+	box-shadow: 0 8px 12px rgba(0, 0, 0, 0.4);
+}
+
+.m-signature-pad:after {
+	left: auto;
+	right: 20px;
+	-webkit-transform: skew(3deg) rotate(3deg);
+	-moz-transform: skew(3deg) rotate(3deg);
+	-ms-transform: skew(3deg) rotate(3deg);
+	-o-transform: skew(3deg) rotate(3deg);
+	transform: skew(3deg) rotate(3deg);
+}
+
+.m-signature-pad--body {
+  position: absolute;
+  left: 20px;
+  right: 20px;
+  top: 20px;
+  bottom: 60px;
+  border: 1px solid #f4f4f4;
+}
+
+.m-signature-pad--body
+  canvas {
+    position: absolute;
+    left: 0;
+    top: 0;
+    width: 100%;
+    height: 100%;
+    border-radius: 4px;
+    box-shadow: 0 0 5px rgba(0, 0, 0, 0.02) inset;
+  }
+
+.m-signature-pad--footer {
+  position: absolute;
+  left: 20px;
+  right: 20px;
+  bottom: 20px;
+  height: 40px;
+}
+
+.m-signature-pad--footer
+  .description {
+    color: #C3C3C3;
+    text-align: center;
+    font-size: 1.2em;
+    margin-top: 1.8em;
+  }
+
+.m-signature-pad--footer
+  .button {
+    position: absolute;
+    bottom: 0;
+  }
+
+.m-signature-pad--footer
+  .button.clear {
+    left: 0;
+  }
+
+.m-signature-pad--footer
+  .button.save {
+    right: 0;
+  }
+
+@media screen and (max-width: 1024px) {
+  .m-signature-pad {
+    top: 0;
+    left: 0;
+    right: 0;
+    bottom: 0;
+    width: auto;
+    height: auto;
+    min-width: 250px;
+    min-height: 140px;
+    margin: 5%;
+  }
+
+}
+
+@media screen and (min-device-width: 768px) and (max-device-width: 1024px) {
+  .m-signature-pad {
+    margin: 10%;
+  }
+}
+
+@media screen and (max-height: 320px) {
+  .m-signature-pad--body {
+    left: 0;
+    right: 0;
+    top: 0;
+    bottom: 32px;
+  }
+  .m-signature-pad--footer {
+    left: 20px;
+    right: 20px;
+    bottom: 4px;
+    height: 28px;
+  }
+  .m-signature-pad--footer
+    .description {
+      font-size: 1em;
+      margin-top: 1em;
+    }
+}
--- a/Show More
+++ b/Show More