Merge remote-tracking branch 'origin/develop'

Signed-off-by: snipe <snipe@snipe.net> # Conflicts: # config/version.php
Updated language strings
2022-05-24 15:10:46 -07:00 · 2022-05-24 15:07:14 -07:00 · 2022-05-24 14:41:44 -07:00 · 2022-05-24 14:39:01 -07:00 · 2022-05-24 14:31:40 -07:00 · 2022-05-24 16:27:55 -05:00
3495 changed files with 126674 additions and 59854 deletions
@@ -2361,6 +2361,15 @@
        "code"
      ]
    },
+    {
+      "login": "Delta5",
+      "name": "Evan Taylor",
+      "avatar_url": "https://avatars.githubusercontent.com/u/1975640?v=4",
+      "profile": "https://github.com/Delta5",
+      "contributions": [
+        "code"
+      ]
+    },
    {
      "login": "PetriAsi",
      "name": "Petri Asikainen",
@@ -2378,6 +2387,240 @@
      "contributions": [
        "code"
      ]
+    },
+    {
+      "login": "vapier",
+      "name": "Mike Frysinger",
+      "avatar_url": "https://avatars.githubusercontent.com/u/176950?v=4",
+      "profile": "https://wh0rd.org/",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "AL4AL",
+      "name": "ALPHA",
+      "avatar_url": "https://avatars.githubusercontent.com/u/22044358?v=4",
+      "profile": "https://github.com/AL4AL",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "FliegenKLATSCH",
+      "name": "FliegenKLATSCH",
+      "avatar_url": "https://avatars.githubusercontent.com/u/1042587?v=4",
+      "profile": "https://www.ifern.de",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "jerm",
+      "name": "Jeremy Price",
+      "avatar_url": "https://avatars.githubusercontent.com/u/442138?v=4",
+      "profile": "https://github.com/jerm",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "Toreg87",
+      "name": "Toreg87",
+      "avatar_url": "https://avatars.githubusercontent.com/u/84392209?v=4",
+      "profile": "https://github.com/Toreg87",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "Computroniks",
+      "name": "Matthew Nickson",
+      "avatar_url": "https://avatars.githubusercontent.com/u/67638596?v=4",
+      "profile": "https://github.com/Computroniks",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "jethron",
+      "name": "Jethro Nederhof",
+      "avatar_url": "https://avatars.githubusercontent.com/u/1646397?v=4",
+      "profile": "https://jethron.id.au",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "01ste02",
+      "name": "Oskar Stenberg",
+      "avatar_url": "https://avatars.githubusercontent.com/u/23289826?v=4",
+      "profile": "https://github.com/01ste02",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "Robert-Azelis",
+      "name": "Robert-Azelis",
+      "avatar_url": "https://avatars.githubusercontent.com/u/82208283?v=4",
+      "profile": "https://github.com/Robert-Azelis",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "alwism",
+      "name": "Alexander William Smith",
+      "avatar_url": "https://avatars.githubusercontent.com/u/60648387?v=4",
+      "profile": "https://github.com/alwism",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "leitwerk-ag",
+      "name": "LEITWERK AG",
+      "avatar_url": "https://avatars.githubusercontent.com/u/24418301?v=4",
+      "profile": "https://www.leitwerk.de/",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "adamboutcher",
+      "name": "Adam",
+      "avatar_url": "https://avatars.githubusercontent.com/u/1911435?v=4",
+      "profile": "http://www.aboutcher.co.uk",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "sneak-it",
+      "name": "Ian",
+      "avatar_url": "https://avatars.githubusercontent.com/u/16104273?v=4",
+      "profile": "https://snksrv.com",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "bestlong",
+      "name": "Shao Yu-Lung (Allen)",
+      "avatar_url": "https://avatars.githubusercontent.com/u/4023909?v=4",
+      "profile": "http://blog.bestlong.idv.tw/",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "Haxatron",
+      "name": "Haxatron",
+      "avatar_url": "https://avatars.githubusercontent.com/u/76475453?v=4",
+      "profile": "https://github.com/Haxatron",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "PlaneNuts",
+      "name": "PlaneNuts",
+      "avatar_url": "https://avatars.githubusercontent.com/u/88776392?v=4",
+      "profile": "https://github.com/PlaneNuts",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "exula",
+      "name": "Bradley Coudriet",
+      "avatar_url": "https://avatars.githubusercontent.com/u/3842948?v=4",
+      "profile": "http://bjcpgd.cias.rit.edu",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "UniversalSuperBox",
+      "name": "Dalton Durst",
+      "avatar_url": "https://avatars.githubusercontent.com/u/21966173?v=4",
+      "profile": "https://daltondur.st",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "adagioajanes",
+      "name": "Alex Janes",
+      "avatar_url": "https://avatars.githubusercontent.com/u/38761237?v=4",
+      "profile": "https://adagiohealth.org",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "nuraeil",
+      "name": "Nuraeil",
+      "avatar_url": "https://avatars.githubusercontent.com/u/32387849?v=4",
+      "profile": "https://github.com/nuraeil",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "TenOfTens",
+      "name": "TenOfTens",
+      "avatar_url": "https://avatars.githubusercontent.com/u/48162670?v=4",
+      "profile": "https://github.com/TenOfTens",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "insert-waffle",
+      "name": "waffle",
+      "avatar_url": "https://avatars.githubusercontent.com/u/9415391?v=4",
+      "profile": "https://ditisjens.be/",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "QveenSi",
+      "name": "Yevhenii Huzii",
+      "avatar_url": "https://avatars.githubusercontent.com/u/19945501?v=4",
+      "profile": "https://github.com/QveenSi",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "veenone",
+      "name": "Achmad Fienan Rahardianto",
+      "avatar_url": "https://avatars.githubusercontent.com/u/3839381?v=4",
+      "profile": "https://github.com/veenone",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "QveenSi",
+      "name": "Yevhenii Huzii",
+      "avatar_url": "https://avatars.githubusercontent.com/u/19945501?v=4",
+      "profile": "https://github.com/QveenSi",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "chrisweirich",
+      "name": "Christian Weirich",
+      "avatar_url": "https://avatars.githubusercontent.com/u/97299851?v=4",
+      "profile": "https://github.com/chrisweirich",
+      "contributions": [
+        "code"
+      ]
    }
  ]
 }
@@ -138,6 +138,13 @@ PRIVATE_AWS_BUCKET=null
 PRIVATE_AWS_URL=null
 PRIVATE_AWS_BUCKET_ROOT=null

+# --------------------------------------------
+# OPTIONAL: AWS Settings
+# --------------------------------------------
+AWS_ACCESS_KEY_ID=null
+AWS_SECRET_ACCESS_KEY=null
+AWS_DEFAULT_REGION=null
+
 # --------------------------------------------
 # OPTIONAL: LOGIN THROTTLING
 # --------------------------------------------
@@ -0,0 +1,105 @@
+# --------------------------------------------
+# REQUIRED: BASIC APP SETTINGS
+# --------------------------------------------
+APP_ENV=local
+APP_DEBUG=false
+APP_KEY=base64:hTUIUh9CP6dQx+6EjSlfWTgbaMaaRvlpEwk45vp+xmk=
+APP_URL=http://127.0.0.1:8000
+APP_TIMEZONE='US/Eastern'
+APP_LOCALE=en
+APP_LOCKED=false
+MAX_RESULTS=200
+
+# --------------------------------------------
+# REQUIRED: UPLOADED FILE STORAGE SETTINGS
+# --------------------------------------------
+PRIVATE_FILESYSTEM_DISK=local
+PUBLIC_FILESYSTEM_DISK=local_public
+
+# --------------------------------------------
+# REQUIRED: DATABASE SETTINGS
+# --------------------------------------------
+DB_CONNECTION=mysql
+DB_HOST=localhost
+DB_DATABASE=snipeit-local
+DB_USERNAME=snipeit-local
+DB_PASSWORD=snipeit-local
+DB_PREFIX=null
+DB_DUMP_PATH='/Applications/MAMP/Library/bin'
+
+# --------------------------------------------
+# OPTIONAL: SSL DATABASE SETTINGS
+# --------------------------------------------
+DB_SSL=false
+DB_SSL_KEY_PATH=null
+DB_SSL_CERT_PATH=null
+DB_SSL_CA_PATH=null
+DB_SSL_CIPHER=null
+
+# --------------------------------------------
+# REQUIRED: OUTGOING MAIL SERVER SETTINGS
+# --------------------------------------------
+MAIL_DRIVER="log"
+
+
+# --------------------------------------------
+# REQUIRED: IMAGE LIBRARY
+# This should be gd or imagick
+# --------------------------------------------
+IMAGE_LIB=gd
+
+
+# --------------------------------------------
+# OPTIONAL: SESSION SETTINGS
+# --------------------------------------------
+SESSION_LIFETIME=12000
+EXPIRE_ON_CLOSE=false
+ENCRYPT=true
+COOKIE_NAME=snipeit_v5_local
+SECURE_COOKIES=true
+
+# --------------------------------------------
+# OPTIONAL: SECURITY HEADER SETTINGS
+# --------------------------------------------
+REFERRER_POLICY=same-origin
+ENABLE_CSP=true
+CORS_ALLOWED_ORIGINS="*"
+
+# --------------------------------------------
+# OPTIONAL: CACHE SETTINGS
+# --------------------------------------------
+CACHE_DRIVER=file
+SESSION_DRIVER=file
+QUEUE_DRIVER=sync
+
+# --------------------------------------------
+# OPTIONAL: LOGIN THROTTLING
+# --------------------------------------------
+LOGIN_MAX_ATTEMPTS=50000
+LOGIN_LOCKOUT_DURATION=1000
+RESET_PASSWORD_LINK_EXPIRES=15
+
+# --------------------------------------------
+# OPTIONAL: API
+# --------------------------------------------
+API_MAX_REQUESTS_PER_HOUR=200
+
+# --------------------------------------------
+# OPTIONAL: SAML SETTINGS
+# --------------------------------------------
+DISABLE_NOSAML_LOCAL_LOGIN=true
+
+
+# --------------------------------------------
+# OPTIONAL: MISC
+# --------------------------------------------
+APP_LOG=single
+LOG_LEVEL=debug
+LOG_CHANNEL=stack
+LOG_SLACK_WEBHOOK_URL=null
+APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1
+ALLOW_IFRAMING=true
+ENABLE_HSTS=false
+WARN_DEBUG=false
+APP_CIPHER=AES-256-CBC
+
@@ -15,6 +15,10 @@ MAX_RESULTS=500
 PRIVATE_FILESYSTEM_DISK=local
 PUBLIC_FILESYSTEM_DISK=local_public

+#PRIVATE_FILESYSTEM_DISK=s3_private
+#PUBLIC_FILESYSTEM_DISK=s3_public
+
+
 # --------------------------------------------
 # REQUIRED: DATABASE SETTINGS
 # --------------------------------------------
@@ -130,6 +134,13 @@ PRIVATE_AWS_BUCKET=null
 PRIVATE_AWS_URL=null
 PRIVATE_AWS_BUCKET_ROOT=null

+# --------------------------------------------
+# OPTIONAL: AWS Settings
+# --------------------------------------------
+AWS_ACCESS_KEY_ID=null
+AWS_SECRET_ACCESS_KEY=null
+AWS_DEFAULT_REGION=null
+
 # --------------------------------------------
 # OPTIONAL: LOGIN THROTTLING
 # --------------------------------------------
@@ -145,10 +156,12 @@ APP_LOG_MAX_FILES=10
 APP_LOCKED=false
 APP_CIPHER=AES-256-CBC
 APP_FORCE_TLS=false
+APP_ALLOW_INSECURE_HOSTS=false
 GOOGLE_MAPS_API=
 LDAP_MEM_LIM=500M
 LDAP_TIME_LIM=600
 IMPORT_TIME_LIMIT=600
 IMPORT_MEMORY_LIMIT=500M
 REPORT_TIME_LIMIT=12000
-
+REQUIRE_SAML=false
+API_THROTTLE_PER_MINUTE=120
@@ -38,7 +38,7 @@ IMAGE_LIB=gd


 # --------------------------------------------
-# OPTIONAL: AWS S3 SETTINGS
+# OPTIONAL: AWS SETTINGS
 # --------------------------------------------
 AWS_SECRET_ACCESS_KEY=null
 AWS_ACCESS_KEY_ID=null
@@ -1,10 +1,10 @@
 # --------------------------------------------
 # REQUIRED: BASIC APP SETTINGS
 # --------------------------------------------
-APP_ENV=testing-ci
+APP_ENV='testing-ci'
 APP_DEBUG=false
-APP_KEY=ChangeMe
-APP_URL=http://localhost:8000
+APP_KEY='base64:glJpcM7BYwWiBggp3SQ/+NlRkqsBQMaGEOjemXqJzOU='
+APP_URL='http://localhost:8000'
 APP_TIMEZONE='US/Pacific'
 APP_LOCALE=en
 FILESYSTEM_DISK=local
@@ -12,9 +12,9 @@ FILESYSTEM_DISK=local
 # --------------------------------------------
 # REQUIRED: DATABASE SETTINGS
 # --------------------------------------------
-DB_CONNECTION=mysql
+DB_CONNECTION=sqlite
 DB_HOST=localhost
-DB_DATABASE=snipeit_unit
+DB_DATABASE='sqlite_testing'
 DB_USERNAME=root
 DB_PASSWORD=null

@@ -22,13 +22,7 @@ DB_PASSWORD=null
 # REQUIRED: OUTGOING MAIL SERVER SETTINGS
 # --------------------------------------------
 MAIL_DRIVER=log
-MAIL_HOST=email-smtp.us-west-2.amazonaws.com
-MAIL_PORT=587
-MAIL_USERNAME=YOURUSERNAME
-MAIL_PASSWORD=YOURPASSWORD
-MAIL_ENCRYPTION=null
-MAIL_FROM_ADDR=you@example.com
-MAIL_FROM_NAME=Snipe-IT
+

 # --------------------------------------------
 # REQUIRED: IMAGE LIBRARY
@@ -37,37 +31,7 @@ MAIL_FROM_NAME=Snipe-IT
 IMAGE_LIB=gd


-# --------------------------------------------
-# OPTIONAL: AWS S3 SETTINGS
-# --------------------------------------------
-AWS_SECRET_ACCESS_KEY=null
-AWS_ACCESS_KEY_ID=null
-AWS_DEFAULT_REGION=null
-AWS_BUCKET=null
-AWS_BUCKET_ROOT=null
-AWS_URL=null
-
-
-# --------------------------------------------
-# OPTIONAL: CACHE SETTINGS
-# --------------------------------------------
-CACHE_DRIVER=file
-SESSION_DRIVER=file
-QUEUE_DRIVER=sync
-
-
-# --------------------------------------------
-# OPTIONAL: SESSION SETTINGS
-# --------------------------------------------
-SESSION_LIFETIME=12000
-EXPIRE_ON_CLOSE=false
-ENCRYPT=false
-COOKIE_NAME=snipeittest_session
-COOKIE_DOMAIN=null
-SECURE_COOKIES=false
-
-
 # --------------------------------------------
 # OPTIONAL: APP LOG FORMAT
 # --------------------------------------------
-APP_LOG=single
+APP_LOG=single
@@ -1,62 +0,0 @@
---
-name: Bug report
-about: Create a report to help us improve
-
---
-
-#### Please confirm you have done the following before posting your bug report:
-
- [ ] I have enabled debug mode 
- [ ] I have read [checked the Common Issues page](https://snipe-it.readme.io/docs/common-issues)
-
-**Describe the bug**
-A clear and concise description of what the bug is.
-
-**To Reproduce**
-Steps to reproduce the behavior:
-1. Go to '...'
-2. Click on '....'
-3. Scroll down to '....'
-4. See error
-
-**Expected behavior**
-A clear and concise description of what you expected to happen.
-
-**Screenshots**
-If applicable, add screenshots to help explain your problem.
-
-**Server (please complete the following information):**
- - Snipe-IT Version 
- - OS: [e.g. Ubuntu, CentOS]
- - Web Server: [e.g. Apache, IIS]
- - PHP Version 
-
-**Desktop (please complete the following information):**
- - OS: [e.g. iOS]
- - Browser [e.g. chrome, safari]
- - Version [e.g. 22]
-
-**Smartphone (please complete the following information):**
- - Device: [e.g. iPhone6]
- - OS: [e.g. iOS8.1]
- - Browser [e.g. stock browser, safari]
- - Version [e.g. 22]
-
-**Error Messages**
- WITH DEBUG TURNED ON, if you're getting an error in your browser, include that error
- If a stacktrace is provided in the error, include that too.
- Any errors that appear in your browser's error console.
- Confirm whether the error is reproducible on the demo: https://snipeitapp.com/demo.
- Include any additional information you can find in `storage/logs` and your webserver's logs.
- Include the output from `php -m` (this should display what modules you have enabled.)
-
-**Additional context**
- Is this a fresh install or an upgrade? 
- What OS and web server you're running Snipe-IT on
- What method you used to install Snipe-IT (install.sh, manual installation, docker, etc)
- Include what you've done so far in the installation, and if you got any error messages along the way.
- Indicate whether or not you've manually edited any data directly in the database
-
-Add any other context about the problem here.
-
-Please do not post an issue without answering the related questions above. If you have opened a different issue and already answered these questions, answer them again, once for every ticket. It will be next to impossible for us to help you.
@@ -1,23 +0,0 @@
---
-name: Feature request
-about: Suggest an idea for this project
-
---
-
-**Server (please complete the following information):**
- - Snipe-IT Version 
- - OS: [e.g. Ubuntu, CentOS]
- - Web Server: [e.g. Apache, IIS]
- - PHP Version 
-
-**Is your feature request related to a problem? Please describe.**
-A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
-
-**Describe the solution you'd like**
-A clear and concise description of what you want to happen.
-
-**Describe alternatives you've considered**
-A clear and concise description of any alternative solutions or features you've considered.
-
-**Additional context**
-Add any other context or screenshots about the feature request here.
@@ -0,0 +1,129 @@
+name: Bug Report
+description: Create a report to help us improve
+body:
+  - type: checkboxes
+    attributes:
+      label: Debug mode
+      description: Please confirm you have done the following before posting your bug report
+      options:
+        - label: I have enabled debug mode
+          required: true
+        - label: I have read [checked the Common Issues page](https://snipe-it.readme.io/docs/common-issues)
+          required: true
+  - type: textarea
+    attributes:
+      label: Describe the bug
+      description: A clear and concise description of what the bug is.
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Reproduction steps
+      description: Steps to reproduce the behavior.
+      value: |
+        1.
+        2.
+        3.
+        ...
+    validations:
+        required: true
+  - type: textarea
+    attributes:
+      label: Expected behavior
+      description: A clear and concise description of what you expected to happen.
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Screenshots
+      description: 'If applicable, add screenshots to help explain your problem.'
+  - type: markdown
+    attributes:
+      value: "### Server"
+  - type: input
+    attributes:
+      label: Snipe-IT Version
+    validations:
+      required: true
+  - type: input
+    id: server_operatingSystem
+    attributes:
+      label: Operating System
+      description: 'e.g. Ubuntu, Windows'
+    validations:
+      required: true
+  - type: input
+    attributes:
+      label: Web Server
+      description: 'e.g. Apache, IIS'
+    validations:
+      required: true
+  - type: input
+    attributes:
+      label: PHP Version
+    validations:
+      required: true
+  - type: markdown
+    attributes:
+      value: "### Desktop"
+  - type: input
+    id: desktop_operatingSystem
+    attributes:
+      label: Operating System
+      description: 'e.g. Ubuntu, Windows'
+  - type: input
+    id: desktop_browser
+    attributes:
+      label: Browser
+      description: 'e.g. Google Chrome, Safari'
+  - type: input
+    id: desktop_version
+    attributes:
+      label: Version
+      description: 'e.g. 93'
+  - type: markdown
+    attributes:
+      value: "### Mobile"
+  - type: input
+    attributes:
+      label: Device
+      description: 'e.g. iPhone 6, Pixel 4a'
+  - type: input
+    id: mobile_operatingSystem
+    attributes:
+      label: Operating System
+      description: 'e.g. iOS 8.1, Android 9'
+  - type: input
+    id: mobile_browser
+    attributes:
+      label: Browser
+      description: 'e.g. Google Chrome, Safari'
+  - type: input
+    id: mobile_version
+    attributes:
+      label: Version
+      description: 'e.g. 93'
+  - type: textarea
+    attributes:
+      label: Error messages
+      description: |
+        WITH DEBUG TURNED ON, if you're getting an error in your browser, include that error
+        If a stacktrace is provided in the error, include that too.
+        Any errors that appear in your browser's error console.
+        Confirm whether the error is reproducible on the demo: https://snipeitapp.com/demo.
+        Include any additional information you can find in `storage/logs` and your webserver's logs.
+        Include the output from `php -m` (this should display what modules you have enabled.)
+      render: shell
+  - type: textarea
+    attributes:
+      label: Additional context
+      description: |
+        Is this a fresh install or an upgrade?
+        What OS and web server you're running Snipe-IT on
+        What method you used to install Snipe-IT (install.sh, manual installation, docker, etc)
+        Include what you've done so far in the installation, and if you got any error messages along the way.
+        Indicate whether or not you've manually edited any data directly in the database
+        Add any other context about the problem here.
+  - type: markdown
+    attributes:
+      value: Please do not post an issue without answering the related questions above. If you have opened a different issue and already answered these questions, answer them again, once for every ticket. It will be next to impossible for us to help you.
@@ -0,0 +1 @@
+blank_issues_enabled: false
@@ -0,0 +1,27 @@
+name: Feature Request
+description: Suggest an idea for this project
+title: "[Feature Request]: "
+labels: ["feature request"]
+assignees:
+  - snipe
+body:
+  - type: textarea
+    attributes:
+      label: Is your feature request related to a problem? Please describe.
+      description: A clear and concise description of what the problem is. The more information you can provide about your use-case, the more liklely we are to consider your feature.
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Describe the solution you'd like
+      description: A clear and concise description of what you want to happen.
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Describe alternatives you've considered
+      description: A clear and concise description of any alternative solutions or features you've considered.
+  - type: textarea
+    attributes:
+      label: Additional context
+      description: Add any other context or screenshots about the feature request here.
@@ -0,0 +1,39 @@
+# This workflow checks out code, performs a CodeQL analysis (for JavaScript) and integrates the results
+# with the GitHub Advanced Security code scanning feature.
+# More information: https://codeql.github.com/
+name: CodeQL Security Scan
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+#   schedule:
+#     - cron: '15 17 * * 1'
+
+jobs:
+  analyze:
+    name: CodeQL Security Scan
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'javascript' ]
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      with:
+        languages: ${{ matrix.language }}
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v1
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1
@@ -0,0 +1,82 @@
+# Snipe-IT (Alpine) Docker image build for hub.docker.com
+name: Docker images (Alpine)
+
+# Run this Build for all pushes to 'master' or develop branch, or tagged releases.
+# Also run for PRs to ensure PR doesn't break Docker build process
+on:
+  push:
+    branches:
+      - master
+      - develop
+    tags:
+      - 'v**'
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
+
+  pull_request:
+
+jobs:
+  docker:
+    # Ensure this job never runs on forked repos. It's only executed for 'snipe/snipe-it'
+    if: github.repository == 'snipe/snipe-it'
+    runs-on: ubuntu-latest
+    env:
+      # Define tags to use for Docker images based on Git tags/branches (for docker/metadata-action)
+      # For a new commit on default branch (master), use the literal tag 'latest' on Docker image.
+      # For a new commit on other branches, use the branch name as the tag for Docker image.
+      # For a new tag, copy that tag name as the tag for Docker image.
+      IMAGE_TAGS: |
+        type=raw,value=latest,enable=${{ endsWith(github.ref, github.event.repository.default_branch) }},suffix=-alpine
+        type=ref,event=branch,enable=${{ !endsWith(github.ref, github.event.repository.default_branch) }},suffix=-alpine
+        type=ref,event=tag,suffix=-alpine
+      # Define default tag "flavor" for docker/metadata-action per
+      # https://github.com/docker/metadata-action#flavor-input
+      # We turn off 'latest' tag by default.
+      TAGS_FLAVOR: |
+        latest=false
+
+    steps:
+      # https://github.com/actions/checkout
+      - name: Checkout codebase
+        uses: actions/checkout@v2
+
+      # https://github.com/docker/setup-buildx-action
+      - name: Setup Docker Buildx
+        uses: docker/setup-buildx-action@v1
+
+      # https://github.com/docker/login-action
+      - name: Login to DockerHub
+        # Only login if not a PR, as PRs only trigger a Docker build and not a push
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_ACCESS_TOKEN }}
+
+      ###############################################
+      # Build/Push the 'snipe/snipe-it' image
+      ###############################################
+      # https://github.com/docker/metadata-action
+      # Get Metadata for docker_build step below
+      - name: Sync metadata (tags, labels) from GitHub to Docker for 'snipe-it' image
+        id: meta_build
+        uses: docker/metadata-action@v3
+        with:
+          images: snipe/snipe-it
+          tags: ${{ env.IMAGE_TAGS }}
+          flavor: ${{ env.TAGS_FLAVOR }}
+
+      # https://github.com/docker/build-push-action
+      - name: Build and push 'snipe-it' image
+        id: docker_build
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          file: ./Dockerfile.alpine
+          platforms: linux/amd64
+          # For pull requests, we run the Docker build (to ensure no PR changes break the build),
+          # but we ONLY do an image push to DockerHub if it's NOT a PR
+          push: ${{ github.event_name != 'pull_request' }}
+          # Use tags / labels provided by 'docker/metadata-action' above
+          tags: ${{ steps.meta_build.outputs.tags }}
+          labels: ${{ steps.meta_build.outputs.labels }}
@@ -0,0 +1,82 @@
+# Snipe-IT Docker image build for hub.docker.com
+name: Docker images
+
+# Run this Build for all pushes to 'master' or develop branch, or tagged releases.
+# Also run for PRs to ensure PR doesn't break Docker build process
+on:
+  push:
+    branches:
+      - master
+      - develop
+    tags:
+      - 'v**'
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
+
+  pull_request:
+
+jobs:
+  docker:
+    # Ensure this job never runs on forked repos. It's only executed for 'snipe/snipe-it'
+    if: github.repository == 'snipe/snipe-it'
+    runs-on: ubuntu-latest
+    env:
+      # Define tags to use for Docker images based on Git tags/branches (for docker/metadata-action)
+      # For a new commit on default branch (master), use the literal tag 'latest' on Docker image.
+      # For a new commit on other branches, use the branch name as the tag for Docker image.
+      # For a new tag, copy that tag name as the tag for Docker image.
+      IMAGE_TAGS: |
+        type=raw,value=latest,enable=${{ endsWith(github.ref, github.event.repository.default_branch) }}
+        type=ref,event=branch,enable=${{ !endsWith(github.ref, github.event.repository.default_branch) }}
+        type=ref,event=tag
+      # Define default tag "flavor" for docker/metadata-action per
+      # https://github.com/docker/metadata-action#flavor-input
+      # We turn off 'latest' tag by default.
+      TAGS_FLAVOR: |
+        latest=false
+
+    steps:
+      # https://github.com/actions/checkout
+      - name: Checkout codebase
+        uses: actions/checkout@v2
+
+      # https://github.com/docker/setup-buildx-action
+      - name: Setup Docker Buildx
+        uses: docker/setup-buildx-action@v1
+
+      # https://github.com/docker/login-action
+      - name: Login to DockerHub
+        # Only login if not a PR, as PRs only trigger a Docker build and not a push
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_ACCESS_TOKEN }}
+
+      ###############################################
+      # Build/Push the 'snipe/snipe-it' image
+      ###############################################
+      # https://github.com/docker/metadata-action
+      # Get Metadata for docker_build step below
+      - name: Sync metadata (tags, labels) from GitHub to Docker for 'snipe-it' image
+        id: meta_build
+        uses: docker/metadata-action@v3
+        with:
+          images: snipe/snipe-it
+          tags: ${{ env.IMAGE_TAGS }}
+          flavor: ${{ env.TAGS_FLAVOR }}
+
+      # https://github.com/docker/build-push-action
+      - name: Build and push 'snipe-it' image
+        id: docker_build
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          file: ./Dockerfile
+          platforms: linux/amd64
+          # For pull requests, we run the Docker build (to ensure no PR changes break the build),
+          # but we ONLY do an image push to DockerHub if it's NOT a PR
+          push: ${{ github.event_name != 'pull_request' }}
+          # Use tags / labels provided by 'docker/metadata-action' above
+          tags: ${{ steps.meta_build.outputs.tags }}
+          labels: ${{ steps.meta_build.outputs.labels }}
@@ -63,3 +63,5 @@ _ide_helper.php
 .phpstorm.meta.php
 _ide_helper_models.php
 /.phplint-cache
+storage/ldap_client_tls.cert
+storage/ldap_client_tls.key
@@ -1 +1 @@
-v10.15.1
+v12.22.1
@@ -1,5 +1,5 @@
-FROM ubuntu:bionic
-LABEL maintainer Brady Wetherington <uberbrady@gmail.com>
+FROM ubuntu:20.04
+LABEL maintainer="Brady Wetherington <bwetherington@grokability.com>"

 # No need to add `apt-get clean` here, reference:
 # - https://github.com/snipe/snipe-it/pull/9201
@@ -14,15 +14,15 @@ RUN export DEBIAN_FRONTEND=noninteractive; \
 apt-utils \
 apache2 \
 apache2-bin \
-libapache2-mod-php7.2 \
-php7.2-curl \
-php7.2-ldap \
-php7.2-mysql \
-php7.2-gd \
-php7.2-xml \
-php7.2-mbstring \
-php7.2-zip \
-php7.2-bcmath \
+libapache2-mod-php7.4 \
+php7.4-curl \
+php7.4-ldap \
+php7.4-mysql \
+php7.4-gd \
+php7.4-xml \
+php7.4-mbstring \
+php7.4-zip \
+php7.4-bcmath \
 patch \
 curl \
 wget  \
@@ -38,25 +38,26 @@ autoconf \
 libc-dev \
 pkg-config \
 libmcrypt-dev \
-php7.2-dev \
+php7.4-dev \
 ca-certificates \
 unzip \
+dnsutils \
 && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*


 RUN curl -L -O https://github.com/pear/pearweb_phars/raw/master/go-pear.phar
 RUN php go-pear.phar

-RUN pecl install mcrypt-1.0.2
+RUN pecl install mcrypt-1.0.3

-RUN bash -c "echo extension=/usr/lib/php/20170718/mcrypt.so > /etc/php/7.2/mods-available/mcrypt.ini"
+RUN bash -c "echo extension=/usr/lib/php/20190902/mcrypt.so > /etc/php/7.4/mods-available/mcrypt.ini"

 RUN phpenmod mcrypt
 RUN phpenmod gd
 RUN phpenmod bcmath

-RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php/7.2/apache2/php.ini
-RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php/7.2/cli/php.ini
+RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php/7.4/apache2/php.ini
+RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php/7.4/cli/php.ini

 RUN useradd -m --uid 1000 --gid 50 docker

@@ -77,6 +78,8 @@ COPY . /var/www/html

 RUN a2enmod rewrite

+COPY docker/column-statistics.cnf /etc/mysql/conf.d/column-statistics.cnf
+
 ############ INITIAL APPLICATION SETUP #####################

 WORKDIR /var/www/html
@@ -96,6 +99,8 @@ RUN \
      && rm -r "/var/www/html/storage/app/backups" && ln -fs "/var/lib/snipeit/dumps" "/var/www/html/storage/app/backups" \
      && mkdir -p "/var/lib/snipeit/keys" && ln -fs "/var/lib/snipeit/keys/oauth-private.key" "/var/www/html/storage/oauth-private.key" \
      && ln -fs "/var/lib/snipeit/keys/oauth-public.key" "/var/www/html/storage/oauth-public.key" \
+      && ln -fs "/var/lib/snipeit/keys/ldap_client_tls.cert" "/var/www/html/storage/ldap_client_tls.cert" \
+      && ln -fs "/var/lib/snipeit/keys/ldap_client_tls.key" "/var/www/html/storage/ldap_client_tls.key" \
      && chown docker "/var/lib/snipeit/keys/" \
      && chown -h docker "/var/www/html/storage/" \
      && chmod +x /var/www/html/artisan \
@@ -133,4 +138,4 @@ RUN chmod +x /startup.sh /usr/bin/supervisor-exit-event-listener
 CMD ["/startup.sh"]

 EXPOSE 80
-EXPOSE 443
+EXPOSE 443
@@ -1,4 +1,4 @@
-FROM alpine:3.13
+FROM alpine:3.14.2
 # Apache + PHP
 RUN  apk add --no-cache \
        apache2 \
@@ -25,6 +25,8 @@ RUN  apk add --no-cache \
        php7-session \
        php7-dom \
        php7-xmlwriter \
+        php7-xmlreader \
+        php7-sodium \
        curl \
        wget \
        vim \
@@ -32,6 +34,8 @@ RUN  apk add --no-cache \
        mysql-client \
        tini

+COPY docker/column-statistics.cnf /etc/mysql/conf.d/column-statistics.cnf
+
 # Where apache's PID lives
 RUN mkdir -p /run/apache2 && chown apache:apache /run/apache2

@@ -80,4 +84,4 @@ ENTRYPOINT ["/sbin/tini", "--"]

 CMD ["/entrypoint.sh"]

-EXPOSE 80
+EXPOSE 80
@@ -98,5 +98,6 @@ VOLUME [ "/var/lib/snipeit" ]

 COPY --chown=www-data:www-data docker/docker-secrets.env /var/www/html/.env
 COPY --chmod=655 docker/docker-entrypoint.sh /usr/local/bin/docker-snipeit-entrypoint
+COPY docker/column-statistics.cnf /etc/mysql/conf.d/column-statistics.cnf
 ENTRYPOINT [ "/usr/local/bin/docker-snipeit-entrypoint" ]
 CMD [ "/usr/local/bin/docker-php-entrypoint", "php-fpm" ]
@@ -0,0 +1 @@
+web: php heroku/startup.php && heroku-php-apache2 public/
@@ -1,11 +1,11 @@
-![Build Status](https://app.chipperci.com/projects/0e5f8979-31eb-4ee6-9abf-050b76ab0383/status/master) [![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.svg)](https://crowdin.com/project/snipe-it) [![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/snipe/snipe-it?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeitapp.svg?style=social)](https://twitter.com/snipeitapp)  [![Codacy Badge](https://api.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://www.codacy.com/app/snipe/snipe-it?utm_source=github.com&amp;utm_medium=referral&amp;utm_content=snipe/snipe-it&amp;utm_campaign=Badge_Grade)
-[![All Contributors](https://img.shields.io/badge/all_contributors-261-orange.svg?style=flat-square)](#contributors) 
+![Build Status](https://app.chipperci.com/projects/0e5f8979-31eb-4ee6-9abf-050b76ab0383/status/master) [![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.svg)](https://crowdin.com/project/snipe-it) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeitapp.svg?style=social)](https://twitter.com/snipeitapp)  [![Codacy Badge](https://api.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://www.codacy.com/app/snipe/snipe-it?utm_source=github.com&amp;utm_medium=referral&amp;utm_content=snipe/snipe-it&amp;utm_campaign=Badge_Grade)
+[![All Contributors](https://img.shields.io/badge/all_contributors-286-orange.svg?style=flat-square)](#contributors) [![Discord](https://badgen.net/badge/icon/discord?icon=discord&label)](https://discord.gg/yZFtShAcKk) [![huntr](https://cdn.huntr.dev/huntr_security_badge_mono.svg)](https://huntr.dev)

 ## Snipe-IT - Open Source Asset Management System

 This is a FOSS project for asset management in IT Operations. Knowing who has which laptop, when it was purchased in order to depreciate it correctly, handling software licenses, etc.

-It is built on [Laravel 6](http://laravel.com).
+It is built on [Laravel 8](http://laravel.com).

 Snipe-IT is actively developed and we [release quite frequently](https://github.com/snipe/snipe-it/releases). ([Check out the live demo here](https://snipeitapp.com/demo/).)

@@ -19,6 +19,8 @@ For instructions on installing and configuring Snipe-IT on your server, check ou

 If you're having trouble with the installation, please check the [Common Issues](https://snipe-it.readme.io/docs/common-issues) and [Getting Help](https://snipe-it.readme.io/docs/getting-help) documentation, and search this repository's open *and* closed issues for help.

+[![Deploy](https://www.herokucdn.com/deploy/button.svg)](https://heroku.com/deploy)
+
 -----
 ### User's Manual
 For help using Snipe-IT, check out the [user's manual](https://snipe-it.readme.io/docs/overview).
@@ -55,11 +57,11 @@ Since the release of the JSON REST API, several third-party developers have been

 - [Python Module](https://github.com/jbloomer/SnipeIT-PythonAPI) by [@jbloomer](https://github.com/jbloomer)
 - [SnipeSharp - .NET module in C#](https://github.com/barrycarey/SnipeSharp) by [@barrycarey](https://github.com/barrycarey)
- [InQRy](https://github.com/Microsoft/InQRy) by [@Microsoft](https://github.com/Microsoft)
+- [InQRy -unmaintained-](https://github.com/Microsoft/InQRy) by [@Microsoft](https://github.com/Microsoft)
 - [SnipeitPS](https://github.com/snazy2000/SnipeitPS) by [@snazy2000](https://github.com/snazy2000) - Powershell API Wrapper for Snipe-it
 - [jamf2snipe](https://github.com/ParadoxGuitarist/jamf2snipe) by [@ParadoxGuitarist](https://github.com/ParadoxGuitarist) - Python script to sync assets between a JAMFPro instance and a Snipe-IT instance
 - [Marksman](https://github.com/Scope-IT/marksman) - A Windows agent for Snipe-IT
- [Snipe-IT plugin for Jira Service Desk (beta)](https://marketplace.atlassian.com/apps/1220379/snipe-it-for-jira-service-desk-beta?hosting=cloud&tab=overview) - for the upcoming Snipe-IT v5 only
+- [Snipe-IT plugin for Jira Service Desk](https://marketplace.atlassian.com/apps/1220964/snipe-it-for-jira)
 - [Python 3 CSV importer](https://github.com/gastamper/snipeit-csvimporter) - allows importing assets into Snipe-IT based on Item Name rather than Asset Tag.
 - [Snipe-IT Kubernetes Helm Chart](https://github.com/t3n/helm-charts/tree/master/snipeit) - For more information, [click here](https://hub.helm.sh/charts/t3n/snipeit).
 - [Snipe-IT Bulk Edit](https://github.com/bricelabelle/snipe-it-bulkedit) - Google Script files to use Google Sheets as a bulk checkout/checkin/edit tool for Snipe-it.
@@ -126,7 +128,10 @@ Thanks goes to all of these wonderful people ([emoji key](https://github.com/ken
 | [<img src="https://avatars.githubusercontent.com/u/9255772?v=4" width="110px;"/><br /><sub>Mark Stenglein</sub>](https://markstenglein.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ocelotsloth "Code") | [<img src="https://avatars.githubusercontent.com/u/35658596?v=4" width="110px;"/><br /><sub>ajsy</sub>](https://github.com/ajsy)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ajsy "Code") | [<img src="https://avatars.githubusercontent.com/u/3628035?v=4" width="110px;"/><br /><sub>Jan Kiesewetter</sub>](https://github.com/t3easy)<br />[💻](https://github.com/snipe/snipe-it/commits?author=t3easy "Code") | [<img src="https://avatars.githubusercontent.com/u/79449630?v=4" width="110px;"/><br /><sub>Tetrachloromethane250</sub>](https://github.com/Tetrachloromethane250)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Tetrachloromethane250 "Code") | [<img src="https://avatars.githubusercontent.com/u/22004482?v=4" width="110px;"/><br /><sub>Lars Kajes</sub>](https://www.kajes.se/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=kajes "Code") | [<img src="https://avatars.githubusercontent.com/u/13993216?v=4" width="110px;"/><br /><sub>Joly0</sub>](https://github.com/Joly0)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Joly0 "Code") | [<img src="https://avatars.githubusercontent.com/u/1501022?v=4" width="110px;"/><br /><sub>theburger</sub>](https://github.com/limeless)<br />[💻](https://github.com/snipe/snipe-it/commits?author=limeless "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/36065681?v=4" width="110px;"/><br /><sub>David Valin Alonso</sub>](https://github.com/deivishome)<br />[💻](https://github.com/snipe/snipe-it/commits?author=deivishome "Code") | [<img src="https://avatars.githubusercontent.com/u/8290389?v=4" width="110px;"/><br /><sub>andreaci</sub>](https://github.com/andreaci)<br />[💻](https://github.com/snipe/snipe-it/commits?author=andreaci "Code") | [<img src="https://avatars.githubusercontent.com/u/1828542?v=4" width="110px;"/><br /><sub>Jelle Sebreghts</sub>](http://www.jellesebreghts.be)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Jelle-S "Code") | [<img src="https://avatars.githubusercontent.com/u/11180862?v=4" width="110px;"/><br /><sub>Michael Pietsch</sub>](https://github.com/Skywalker-11)<br /> | [<img src="https://avatars.githubusercontent.com/u/22068886?v=4" width="110px;"/><br /><sub>Masudul Haque Shihab</sub>](https://github.com/sh1hab)<br />[💻](https://github.com/snipe/snipe-it/commits?author=sh1hab "Code") | [<img src="https://avatars.githubusercontent.com/u/16099942?v=4" width="110px;"/><br /><sub>Supapong Areeprasertkul</sub>](http://www.freedomdive.com/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=zybersup "Code") | [<img src="https://avatars.githubusercontent.com/u/207358?v=4" width="110px;"/><br /><sub>Peter Sarossy</sub>](https://github.com/psarossy)<br />[💻](https://github.com/snipe/snipe-it/commits?author=psarossy "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/11823649?v=4" width="110px;"/><br /><sub>Renee Margaret McConahy</sub>](https://github.com/nepella)<br />[💻](https://github.com/snipe/snipe-it/commits?author=nepella "Code") | [<img src="https://avatars.githubusercontent.com/u/5553884?v=4" width="110px;"/><br /><sub>JohnnyPicnic</sub>](https://github.com/JohnnyPicnic)<br />[💻](https://github.com/snipe/snipe-it/commits?author=JohnnyPicnic "Code") | [<img src="https://avatars.githubusercontent.com/u/8799594?v=4" width="110px;"/><br /><sub>markbrule</sub>](https://github.com/markbrule)<br />[💻](https://github.com/snipe/snipe-it/commits?author=markbrule "Code") | [<img src="https://avatars.githubusercontent.com/u/1962801?v=4" width="110px;"/><br /><sub>Mike Campbell</sub>](https://github.com/mikecmpbll)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mikecmpbll "Code") | [<img src="https://avatars.githubusercontent.com/u/11973217?v=4" width="110px;"/><br /><sub>tbrconnect</sub>](https://github.com/tbrconnect)<br />[💻](https://github.com/snipe/snipe-it/commits?author=tbrconnect "Code") | [<img src="https://avatars.githubusercontent.com/u/12447225?v=4" width="110px;"/><br /><sub>kcoyo</sub>](https://github.com/kcoyo)<br />[💻](https://github.com/snipe/snipe-it/commits?author=kcoyo "Code") | [<img src="https://avatars.githubusercontent.com/u/494017?v=4" width="110px;"/><br /><sub>Travis Miller</sub>](https://travismiller.com/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=travismiller "Code") |
-| [<img src="https://avatars.githubusercontent.com/u/8735148?v=4" width="110px;"/><br /><sub>Petri Asikainen</sub>](https://github.com/PetriAsi)<br />[💻](https://github.com/snipe/snipe-it/commits?author=PetriAsi "Code") | [<img src="https://avatars.githubusercontent.com/u/11424540?v=4" width="110px;"/><br /><sub>derdeagle</sub>](https://github.com/derdeagle)<br />[💻](https://github.com/snipe/snipe-it/commits?author=derdeagle "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/1975640?v=4" width="110px;"/><br /><sub>Evan Taylor</sub>](https://github.com/Delta5)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Delta5 "Code") | [<img src="https://avatars.githubusercontent.com/u/8735148?v=4" width="110px;"/><br /><sub>Petri Asikainen</sub>](https://github.com/PetriAsi)<br />[💻](https://github.com/snipe/snipe-it/commits?author=PetriAsi "Code") | [<img src="https://avatars.githubusercontent.com/u/11424540?v=4" width="110px;"/><br /><sub>derdeagle</sub>](https://github.com/derdeagle)<br />[💻](https://github.com/snipe/snipe-it/commits?author=derdeagle "Code") | [<img src="https://avatars.githubusercontent.com/u/176950?v=4" width="110px;"/><br /><sub>Mike Frysinger</sub>](https://wh0rd.org/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=vapier "Code") | [<img src="https://avatars.githubusercontent.com/u/22044358?v=4" width="110px;"/><br /><sub>ALPHA</sub>](https://github.com/AL4AL)<br />[💻](https://github.com/snipe/snipe-it/commits?author=AL4AL "Code") | [<img src="https://avatars.githubusercontent.com/u/1042587?v=4" width="110px;"/><br /><sub>FliegenKLATSCH</sub>](https://www.ifern.de)<br />[💻](https://github.com/snipe/snipe-it/commits?author=FliegenKLATSCH "Code") | [<img src="https://avatars.githubusercontent.com/u/442138?v=4" width="110px;"/><br /><sub>Jeremy Price</sub>](https://github.com/jerm)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jerm "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/84392209?v=4" width="110px;"/><br /><sub>Toreg87</sub>](https://github.com/Toreg87)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Toreg87 "Code") | [<img src="https://avatars.githubusercontent.com/u/67638596?v=4" width="110px;"/><br /><sub>Matthew Nickson</sub>](https://github.com/Computroniks)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Computroniks "Code") | [<img src="https://avatars.githubusercontent.com/u/1646397?v=4" width="110px;"/><br /><sub>Jethro Nederhof</sub>](https://jethron.id.au)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jethron "Code") | [<img src="https://avatars.githubusercontent.com/u/23289826?v=4" width="110px;"/><br /><sub>Oskar Stenberg</sub>](https://github.com/01ste02)<br />[💻](https://github.com/snipe/snipe-it/commits?author=01ste02 "Code") | [<img src="https://avatars.githubusercontent.com/u/82208283?v=4" width="110px;"/><br /><sub>Robert-Azelis</sub>](https://github.com/Robert-Azelis)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Robert-Azelis "Code") | [<img src="https://avatars.githubusercontent.com/u/60648387?v=4" width="110px;"/><br /><sub>Alexander William Smith</sub>](https://github.com/alwism)<br />[💻](https://github.com/snipe/snipe-it/commits?author=alwism "Code") | [<img src="https://avatars.githubusercontent.com/u/24418301?v=4" width="110px;"/><br /><sub>LEITWERK AG</sub>](https://www.leitwerk.de/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=leitwerk-ag "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/1911435?v=4" width="110px;"/><br /><sub>Adam</sub>](http://www.aboutcher.co.uk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=adamboutcher "Code") | [<img src="https://avatars.githubusercontent.com/u/16104273?v=4" width="110px;"/><br /><sub>Ian</sub>](https://snksrv.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=sneak-it "Code") | [<img src="https://avatars.githubusercontent.com/u/4023909?v=4" width="110px;"/><br /><sub>Shao Yu-Lung (Allen)</sub>](http://blog.bestlong.idv.tw/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=bestlong "Code") | [<img src="https://avatars.githubusercontent.com/u/76475453?v=4" width="110px;"/><br /><sub>Haxatron</sub>](https://github.com/Haxatron)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Haxatron "Code") | [<img src="https://avatars.githubusercontent.com/u/88776392?v=4" width="110px;"/><br /><sub>PlaneNuts</sub>](https://github.com/PlaneNuts)<br />[💻](https://github.com/snipe/snipe-it/commits?author=PlaneNuts "Code") | [<img src="https://avatars.githubusercontent.com/u/3842948?v=4" width="110px;"/><br /><sub>Bradley Coudriet</sub>](http://bjcpgd.cias.rit.edu)<br />[💻](https://github.com/snipe/snipe-it/commits?author=exula "Code") | [<img src="https://avatars.githubusercontent.com/u/21966173?v=4" width="110px;"/><br /><sub>Dalton Durst</sub>](https://daltondur.st)<br />[💻](https://github.com/snipe/snipe-it/commits?author=UniversalSuperBox "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/38761237?v=4" width="110px;"/><br /><sub>Alex Janes</sub>](https://adagiohealth.org)<br />[💻](https://github.com/snipe/snipe-it/commits?author=adagioajanes "Code") | [<img src="https://avatars.githubusercontent.com/u/32387849?v=4" width="110px;"/><br /><sub>Nuraeil</sub>](https://github.com/nuraeil)<br />[💻](https://github.com/snipe/snipe-it/commits?author=nuraeil "Code") | [<img src="https://avatars.githubusercontent.com/u/48162670?v=4" width="110px;"/><br /><sub>TenOfTens</sub>](https://github.com/TenOfTens)<br />[💻](https://github.com/snipe/snipe-it/commits?author=TenOfTens "Code") | [<img src="https://avatars.githubusercontent.com/u/9415391?v=4" width="110px;"/><br /><sub>waffle</sub>](https://ditisjens.be/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=insert-waffle "Code") | [<img src="https://avatars.githubusercontent.com/u/19945501?v=4" width="110px;"/><br /><sub>Yevhenii Huzii</sub>](https://github.com/QveenSi)<br />[💻](https://github.com/snipe/snipe-it/commits?author=QveenSi "Code") | [<img src="https://avatars.githubusercontent.com/u/3839381?v=4" width="110px;"/><br /><sub>Achmad Fienan Rahardianto</sub>](https://github.com/veenone)<br />[💻](https://github.com/snipe/snipe-it/commits?author=veenone "Code") |
 <!-- ALL-CONTRIBUTORS-LIST:END -->

 This project follows the [all-contributors](https://github.com/kentcdodds/all-contributors) specification. Contributions of any kind welcome!
@@ -199,7 +199,7 @@
        - { regexp: '^DB_PASSWORD=', line: 'DB_PASSWORD=vagrant' }
        - { regexp: '^APP_URL=', line: "APP_URL=http://{{ fqdn }}" }
        - { regexp: '^APP_ENV=', line: "APP_ENV=development" }
-        - { regexp: '^APP_DEBUG=', line: "APP_ENV=true" }
+        - { regexp: '^APP_DEBUG=', line: "APP_DEBUG=true" }
    - name: Generate application key
      shell: "php {{ app_path }}/artisan key:generate --force"
    - name: Artisan Migrate
@@ -0,0 +1,154 @@
+{
+    "name": "Snipe-IT",
+    "description": "Open source asset management.",
+    "keywords": [
+      "asset management",
+      "it asset"
+    ],
+    "website": "https://snipeitapp.com/",
+    "repository": "https://github.com/snipe/snipe-it",
+    "logo": "https://pbs.twimg.com/profile_images/976748875733020672/K-HnZCCK_400x400.jpg",
+    "success_url": "/setup",
+    "env": {
+      "APP_ENV": {
+        "description": "Laravel environment mode. Unless developing the application, this should be production.",
+        "value": "production"
+      },
+      "APP_DEBUG": {
+        "description": "Laravel debug mode. Unless developing the application or actively debugging a problem, this should be set to false.",
+        "value": "false"
+      },
+      "APP_KEY": {
+        "description": "A secret key for verifying the integrity of signed cookies. (See either https://snipe-it.readme.io/docs/generate-your-app-key or generate at https://coderstoolbox.online/toolbox/generate-symfony-secret)",
+        "value": ""
+      },
+      "APP_URL": {
+        "description": "URL where your Snipe-IT install will be available at.",
+        "value": "https://your-app-name.herokuapp.com"
+      },
+      "APP_TIMEZONE": {
+        "description": "Which timezone do you want to use for your install? (http://php.net/manual/en/timezones.php)",
+        "value": "UTC"
+      },
+      "APP_LOCALE": {
+        "description": "Which language do you want to use for your install? (https://snipe-it.readme.io/docs/configuration#setting-a-language)",
+        "value": "en"
+      },
+      "MAX_RESULTS": {
+        "description": "The maximum number of search results that can be returned at one time.",
+        "value": "500"
+      },
+      "MAIL_DRIVER": {
+        "description": "Mail driver - Generally SMTP on Heroku - https://snipe-it.readme.io/docs/configuration#required-outgoing-mail-settings",
+        "value": "smtp"
+      },
+      "MAIL_HOST": {
+        "description": "SMTP Server Hostname",
+        "value": "smtp.your.domain.name"
+      },
+      "MAIL_PORT": {
+        "description": "SMTP Server Port",
+        "value": "25"
+      },
+      "MAIL_USERNAME": {
+        "description": "SMTP Server Username",
+        "value": "YOURUSERNAME"
+      },
+      "MAIL_PASSWORD": {
+        "description": "SMTP Server Password",
+        "value": "YOURPASSWORD"
+      },
+      "MAIL_ENCRYPTION": {
+        "description": "Encryption protocol for email sending.",
+        "value": "null"
+      },
+      "MAIL_FROM_ADDR": {
+        "description": "Email from address",
+        "value": "no-reply@domain.name"
+      },
+      "MAIL_FROM_NAME": {
+        "description": "Email from Name",
+        "value": "Snipe-IT"
+      },
+      "MAIL_REPLYTO_ADDR": {
+        "description": "Email Reply-To address",
+        "value": "your@domain.name"
+      },
+      "MAIL_REPLYTO_NAME": {
+        "description": "Email Reply-To Name",
+        "value": "Snipe-IT"
+      },
+      "MAIL_AUTO_EMBED": {
+        "description": "Whether or not to embed images in emails (via CID or base64) versus linking to them.",
+        "value": "true"
+      },
+      "MAIL_AUTO_EMBED_METHOD": {
+        "description": "Method that should be used for attaching inline images.",
+        "value": "base64"
+      },
+      "SESSION_LIFETIME": {
+        "description": "Specify the time in minutes that the session should remain valid.",
+        "value": "12000"
+      },
+      "EXPIRE_ON_CLOSE": {
+        "description": "Specify whether or not the logged in session should be expired when the user closes their browser window.",
+        "value": "false"
+      },
+      "ENCRYPT": {
+        "description": "Specify whether you wish to use encrypted cookies for your Snipe-IT sessions.",
+        "value": "true"
+      },
+      "COOKIE_NAME": {
+        "description": "The name of the cookie set by Snipe-IT for session management.",
+        "value": "snipeit_session"
+      },
+      "COOKIE_DOMAIN": {
+        "description": "The domain name that the session cookie should be sent for.",
+        "value": "your-app-name.herokuapp.com"
+      },
+      "SECURE_COOKIES": {
+        "description": "Should cookies only be sent for HTTPS connections? Generally true on Heroku.",
+        "value": "true"
+      },
+      "LOGIN_MAX_ATTEMPTS": {
+        "description": "The maximum number of failed attempts allowed before the user is throttled.",
+        "value": "5"
+      },
+      "LOGIN_LOCKOUT_DURATION": {
+        "description": "The duration (in seconds) that the user should be blocked from attempting to authenticate again.",
+        "value": "60"
+      },
+      "APP_LOG": {
+        "description": "Driver to send logs to. (errorlog for stderr)",
+        "value": "errorlog"
+      },
+      "ALLOW_IFRAMING": {
+        "description": "Allow Snipe-IT to be loaded using an iFrame?",
+        "value": "false"
+      },
+      "GOOGLE_MAPS_API": {
+        "description": "Include your Google Maps API key here if you'd like Snipe-IT to load maps from Google on your locations and suppliers pages.",
+        "required": false
+      },
+      "BACKUP_ENV": {
+        "description": "Set this to true if you wish to backup your .env file in your Admin > Backups process.",
+        "value": "true"
+      },
+      "ENABLE_HSTS": {
+        "description": "Whether or not to send the HSTS security policy header.",
+        "value": "false"
+      }
+    },
+    "formation": {
+      "web": {
+        "quantity": 1,
+        "size": "free"
+      }
+    },
+    "image": "heroku/php",
+    "addons": [
+      "cleardb:ignite",
+      "heroku-redis:hobby-dev",
+      "papertrail:choklad"
+    ]
+  }
@@ -2,10 +2,10 @@

 namespace App\Console\Commands;

-use App\Models\LicenseSeat;
-use Illuminate\Console\Command;
-use App\Models\User;
 use App\Models\License;
+use App\Models\LicenseSeat;
+use App\Models\User;
+use Illuminate\Console\Command;
 use Illuminate\Database\Eloquent\Model;

 class CheckinLicensesFromAllUsers extends Command
@@ -41,55 +41,48 @@ class CheckinLicensesFromAllUsers extends Command
     */
    public function handle()
    {
-
        $license_id = $this->option('license_id');
        $notify = $this->option('notify');

-        if (!$license_id) {
+        if (! $license_id) {
            $this->error('ERROR: License ID is required.');
+
            return false;
        }

-
-        if (!$license = License::where('id','=',$license_id)->first()) {
+        if (! $license = License::where('id', '=', $license_id)->first()) {
            $this->error('Invalid license ID');
+
            return false;
        }

        $this->info('Checking in ALL seats for '.$license->name);

-
        $licenseSeats = LicenseSeat::where('license_id', '=', $license_id)
            ->whereNotNull('assigned_to')
            ->with('user')
            ->get();

-        $this->info(' There are ' .$licenseSeats->count(). ' seats checked out: ');
+        $this->info(' There are '.$licenseSeats->count().' seats checked out: ');

-        if (!$notify) {
+        if (! $notify) {
            $this->info('No mail will be sent.');
        }

        foreach ($licenseSeats as $seat) {
-            $this->info($seat->user->username .' has a license seat for '.$license->name);
+            $this->info($seat->user->username.' has a license seat for '.$license->name);
            $seat->assigned_to = null;

            if ($seat->save()) {

                // Override the email address so we don't notify on checkin
-                if (!$notify) {
+                if (! $notify) {
                    $seat->user->email = null;
                }

                // Log the checkin
                $seat->logCheckin($seat->user, 'Checked in via cli tool');
            }
-
-
-
-
        }
-        
-
    }
 }
@@ -2,10 +2,10 @@

 namespace App\Console\Commands;

-use App\Models\LicenseSeat;
-use Illuminate\Console\Command;
-use App\Models\User;
 use App\Models\License;
+use App\Models\LicenseSeat;
+use App\Models\User;
+use Illuminate\Console\Command;
 use Illuminate\Database\Eloquent\Model;

 class CheckoutLicenseToAllUsers extends Command
@@ -41,18 +41,18 @@ class CheckoutLicenseToAllUsers extends Command
     */
    public function handle()
    {
-
        $license_id = $this->option('license_id');
        $notify = $this->option('notify');

-        if (!$license_id) {
-             $this->error('ERROR: License ID is required.');
-             return false;
+        if (! $license_id) {
+            $this->error('ERROR: License ID is required.');
+
+            return false;
        }

-
-        if (!$license = License::where('id','=',$license_id)->with('assignedusers')->first()) {
+        if (! $license = License::where('id', '=', $license_id)->with('assignedusers')->first()) {
            $this->error('Invalid license ID');
+
            return false;
        }

@@ -64,7 +64,7 @@ class CheckoutLicenseToAllUsers extends Command

        $this->info('Checking out '.$users->count().' of '.$license->getAvailSeatsCountAttribute().' seats for '.$license->name);

-        if (!$notify) {
+        if (! $notify) {
            $this->info('No mail will be sent.');
        }

@@ -74,14 +74,14 @@ class CheckoutLicenseToAllUsers extends Command
            // to them

            if ($user->licenses->where('id', '=', $license_id)->count()) {
-                $this->info($user->username .' already has this license checked out to them. Skipping... ');
+                $this->info($user->username.' already has this license checked out to them. Skipping... ');
                continue;
            }

-            
            // If the license is valid, check that there is an available seat
            if ($license->availCount()->count() < 1) {
                $this->error('ERROR: No available seats');
+
                return false;
            }

@@ -89,13 +89,12 @@ class CheckoutLicenseToAllUsers extends Command
            // Get the seat ID
            $licenseSeat = $license->freeSeat();

-
            // Update the seat with checkout info,
-           $licenseSeat->assigned_to = $user->id;
+            $licenseSeat->assigned_to = $user->id;
            if ($licenseSeat->save()) {

                // Temporarily null the user's email address so we don't send mail if we're not supposed to
-                if (!$notify) {
+                if (! $notify) {
                    $user->email = null;
                }

@@ -103,10 +102,6 @@ class CheckoutLicenseToAllUsers extends Command
                $licenseSeat->logCheckout('Checked out via cli tool', $user);
                $this->info('License '.$license_id.' seat '.$licenseSeat->id.' checked out to '.$user->username);
            }
-
        }
-
-
-
    }
 }
@@ -37,7 +37,6 @@ class CreateAdmin extends Command
     */
    public function handle()
    {
-
        $first_name = $this->option('first_name');
        $last_name = $this->option('last_name');
        $username = $this->option('username');
@@ -45,7 +44,7 @@ class CreateAdmin extends Command
        $password = $this->option('password');
        $show_in_list = $this->argument('show_in_list');

-        if (($first_name=='') || ($last_name=='') || ($username=='') || ($email=='') || ($password=='')) {
+        if (($first_name == '') || ($last_name == '') || ($username == '') || ($email == '') || ($password == '')) {
            $this->info('ERROR: All fields are required.');
        } else {
            $user = new \App\Models\User;
@@ -68,12 +67,9 @@ class CreateAdmin extends Command
                $errors = $user->getErrors();

                foreach ($errors->all() as $error) {
-                    $this->info('ERROR:'. $error);
+                    $this->info('ERROR:'.$error);
                }
-
            }
        }
-
    }
-
 }
@@ -38,9 +38,7 @@ class DisableLDAP extends Command
     */
    public function handle()
    {
-
        if ($this->confirm("\n****************************************************\nThis will disable LDAP support. You will not be able \nto login with an account that does not exist \nlocally in the Snipe-IT local database. \n****************************************************\n\nDo you wish to continue? [y|N]")) {
-
            $setting = Setting::getSettings();
            $setting->ldap_enabled = 0;
            if ($setting->save()) {
@@ -51,6 +49,5 @@ class DisableLDAP extends Command
        } else {
            $this->info('Canceled. No actions taken.');
        }
-
    }
 }
@@ -37,49 +37,43 @@ class FixDoubleEscape extends Command
     */
    public function handle()
    {
-
        $tables = [
-            '\App\Models\Asset' => ['name'],
-            '\App\Models\License' => ['name'],
-            '\App\Models\Consumable' => ['name'],
-            '\App\Models\Accessory' => ['name'],
-            '\App\Models\Component' => ['name'],
-            '\App\Models\Company' => ['name'],
-            '\App\Models\Manufacturer' => ['name'],
-            '\App\Models\Supplier' => ['name'],
-            '\App\Models\Statuslabel' => ['name'],
-            '\App\Models\Depreciation' => ['name'],
-            '\App\Models\AssetModel' => ['name'],
-            '\App\Models\Group' => ['name'],
-            '\App\Models\Department' => ['name'],
-            '\App\Models\Location' => ['name'],
-            '\App\Models\User' => ['first_name', 'last_name'],
+            \App\Models\Asset::class => ['name'],
+            \App\Models\License::class => ['name'],
+            \App\Models\Consumable::class => ['name'],
+            \App\Models\Accessory::class => ['name'],
+            \App\Models\Component::class => ['name'],
+            \App\Models\Company::class => ['name'],
+            \App\Models\Manufacturer::class => ['name'],
+            \App\Models\Supplier::class => ['name'],
+            \App\Models\Statuslabel::class => ['name'],
+            \App\Models\Depreciation::class => ['name'],
+            \App\Models\AssetModel::class => ['name'],
+            \App\Models\Group::class => ['name'],
+            \App\Models\Department::class => ['name'],
+            \App\Models\Location::class => ['name'],
+            \App\Models\User::class => ['first_name', 'last_name'],
        ];

-        $count = array();
+        $count = [];

+        foreach ($tables as $classname => $fields) {
+            $count[$classname] = [];
+            $count[$classname]['classname'] = 0;

+            foreach ($fields as $field) {
+                $count[$classname]['classname']++;
+                $count[$classname][$field] = 0;

-            foreach ($tables as $classname => $fields) {
-                $count[$classname] = array();
-                $count[$classname]['classname'] = 0;
-
-                foreach($fields as $field) {
-
-                    $count[$classname]['classname']++;
-                    $count[$classname][$field] = 0;
-
-                    foreach($classname::where("$field",'LIKE','%&%')->get() as $row) {
-                        $this->info('Updating '.$field.' for '.$classname);
-                        $row->{$field} = html_entity_decode($row->{$field},ENT_QUOTES);
-                        $row->save();
-                        $count[$classname][$field]++;
-
-                    }
+                foreach ($classname::where("$field", 'LIKE', '%&%')->get() as $row) {
+                    $this->info('Updating '.$field.' for '.$classname);
+                    $row->{$field} = html_entity_decode($row->{$field}, ENT_QUOTES);
+                    $row->save();
+                    $count[$classname][$field]++;
                }
            }
+        }

        $this->info('Update complete');
-
    }
 }
@@ -29,7 +29,6 @@ class FixMismatchedAssetsAndLogs extends Command
     */
    private $dryrun = false;

-
    /**
     * Create a new command instance.
     *
@@ -47,30 +46,29 @@ class FixMismatchedAssetsAndLogs extends Command
     */
    public function handle()
    {
-
        if ($this->option('dryrun')) {
            $this->dryrun = true;
        }

        if ($this->dryrun) {
-            $this->info('This is a DRY RUN - no changes will be saved.' );
+            $this->info('This is a DRY RUN - no changes will be saved.');
        }

        $mismatch_count = 0;
        $assets = Asset::whereNotNull('assigned_to')
-            ->where('assigned_type', '=', 'App\\Models\\User')
+            ->where('assigned_type', '=', \App\Models\User::class)
            ->orderBy('id', 'ASC')->get();
        foreach ($assets as $asset) {

            // get the last checkout of the asset
-            if ($checkout_log = Actionlog::where('target_type', '=', 'App\\Models\\User')
+            if ($checkout_log = Actionlog::where('target_type', '=', \App\Models\User::class)
                ->where('action_type', '=', 'checkout')
                ->where('item_id', '=', $asset->id)
                ->orderBy('created_at', 'DESC')
                ->first()) {

                    // Now check for a subsequent checkin log - we want to ignore those
-                    if (!$checkin_log = Actionlog::where('target_type', '=', 'App\\Models\\User')
+                if (! $checkin_log = Actionlog::where('target_type', '=', \App\Models\User::class)
                        ->where('action_type', '=', 'checkin from')
                        ->where('item_id', '=', $asset->id)
                        ->whereDate('created_at', '>', $checkout_log->created_at)
@@ -78,28 +76,24 @@ class FixMismatchedAssetsAndLogs extends Command
                        ->first()) {

                        //print_r($asset);
-                        if ($checkout_log->target_id != $asset->assigned_to) {
-                            $this->error('Log ID: '.$checkout_log->id.' -- Asset ID '. $checkout_log->item_id.' SHOULD BE checked out to User '.$checkout_log->target_id.' but its assigned_to is '.$asset->assigned_to );
+                    if ($checkout_log->target_id != $asset->assigned_to) {
+                        $this->error('Log ID: '.$checkout_log->id.' -- Asset ID '.$checkout_log->item_id.' SHOULD BE checked out to User '.$checkout_log->target_id.' but its assigned_to is '.$asset->assigned_to);

-                            if (!$this->dryrun) {
-                                $asset->assigned_to = $checkout_log->target_id;
-                                if ($asset->save()) {
-                                    $this->info('Asset record updated.');
-                                } else {
-                                    $this->error('Error updating asset: '.$asset->getErrors());
-                                }
+                        if (! $this->dryrun) {
+                            $asset->assigned_to = $checkout_log->target_id;
+                            if ($asset->save()) {
+                                $this->info('Asset record updated.');
+                            } else {
+                                $this->error('Error updating asset: '.$asset->getErrors());
                            }
-                            $mismatch_count++;
                        }
-                    } else {
-                        //$this->info('Asset ID '.$asset->id.': There is a checkin '.$checkin_log->created_at.' after this checkout '.$checkout_log->created_at);
-
+                        $mismatch_count++;
                    }
-
+                } else {
+                    //$this->info('Asset ID '.$asset->id.': There is a checkin '.$checkin_log->created_at.' after this checkout '.$checkout_log->created_at);
+                }
            }
-
        }
        $this->info($mismatch_count.' mismatched assets.');
-
    }
 }
@@ -2,9 +2,9 @@

 namespace App\Console\Commands;

+use App\Models\Location;
 use Illuminate\Console\Command;
 use League\Csv\Reader;
-use App\Models\Location;

 class ImportLocations extends Command
 {
@@ -39,10 +39,8 @@ class ImportLocations extends Command
     */
    public function handle()
    {
-
-
-        if (!ini_get("auto_detect_line_endings")) {
-            ini_set("auto_detect_line_endings", '1');
+        if (! ini_get('auto_detect_line_endings')) {
+            ini_set('auto_detect_line_endings', '1');
        }

        $filename = $this->argument('filename');
@@ -53,18 +51,17 @@ class ImportLocations extends Command

        // Import parent location names first if they don't exist
        foreach ($results as $parent_index => $parent_row) {
-
            if (array_key_exists('Parent Name', $parent_row)) {
                $parent_name = trim($parent_row['Parent Name']);
                if (array_key_exists('Name', $parent_row)) {
-                    $this->info('- Parent: ' . $parent_name . ' in row as: ' . trim($parent_row['Parent Name']));
+                    $this->info('- Parent: '.$parent_name.' in row as: '.trim($parent_row['Parent Name']));
                }

                // Save parent location name
                // This creates a sort of name-stub that we'll update later on in this script
-                $parent_location = Location::firstOrCreate(array('name' => $parent_name));
+                $parent_location = Location::firstOrCreate(['name' => $parent_name]);
                if (array_key_exists('Name', $parent_row)) {
-                    $this->info('Parent for ' . $parent_row['Name'] . ' is ' . $parent_name . '. Attempting to save ' . $parent_name . '.');
+                    $this->info('Parent for '.$parent_row['Name'].' is '.$parent_name.'. Attempting to save '.$parent_name.'.');
                }

                // Check if the record was updated or created.
@@ -74,18 +71,15 @@ class ImportLocations extends Command
                } else {
                    $this->info('- Parent location '.$parent_name.' was created.');
                }
-
            } else {
                $this->info('- No Parent Name provided, so no parent location will be created.');
            }
-
        }

        $this->info('----- Parents Created.... backfilling additional details... --------');
        // Loop through ALL records and add/update them if there are additional fields
        // besides name
        foreach ($results as $index => $row) {
-
            if (array_key_exists('Parent Name', $row)) {
                $parent_name = trim($row['Parent Name']);
            } else {
@@ -94,11 +88,12 @@ class ImportLocations extends Command

            // Set the location attributes to save
            if (array_key_exists('Name', $row)) {
-                $location = Location::firstOrCreate(array('name' => trim($row['Name'])));
+                $location = Location::firstOrCreate(['name' => trim($row['Name'])]);
                $location->name = trim($row['Name']);
                $this->info('Checking location: '.$location->name);
            } else {
                $this->error('Location name is required and is missing from at least one row in this dataset. Check your CSV for extra trailing rows and try again.');
+
                return false;
            }
            if (array_key_exists('Currency', $row)) {
@@ -126,7 +121,6 @@ class ImportLocations extends Command
                $location->ldap_ou = trim($row['OU']);
            }

-
            // If a parent name is provided, we created it earlier in the script,
            // so let's grab that ID
            if ($parent_name) {
@@ -142,21 +136,15 @@ class ImportLocations extends Command
                // Check if the record was updated or created.
                // This is mostly for clearer debugging.
                if ($location->exists) {
-                    $this->info('Location ' . $location->name . ' already exists. Updating...');
+                    $this->info('Location '.$location->name.' already exists. Updating...');
                } else {
                    $this->info('- Location '.$location->name.' was created. ');
                }

-            // If there's a validation error, display that
+                // If there's a validation error, display that
            } else {
-                $this->error('- Non-parent Location '.$location->name.' could not be created: '.$location->getErrors() );
+                $this->error('- Non-parent Location '.$location->name.' could not be created: '.$location->getErrors());
            }
-
-
-
-
        }
-
-
    }
 }
@@ -0,0 +1,59 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+
+class KillAllSessions extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:global-logout  {--force : Skip the danger prompt; assuming you enter "y"} ';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This command will destroy all web sessions on disk and will force a re-login for all users.';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+        if (!$this->option('force') && !$this->confirm("****************************************************\nTHIS WILL FORCE A LOGIN FOR ALL LOGGED IN USERS.\n\nAre you SURE you wish to continue? ")) {
+            return $this->error("Session loss not confirmed");
+        }
+
+        $session_files = glob(storage_path("framework/sessions/*"));
+
+        $count = 0;
+        foreach ($session_files as $file) {
+
+            if (is_file($file))
+                unlink($file);
+                $count++;
+        }
+        \DB::table('users')->update(['remember_token' => null]);
+
+        $this->info($count. ' sessions cleared!');
+
+    }
+}
@@ -54,22 +54,24 @@ class LdapSync extends Command
        $ldap_result_email = Setting::getSettings()->ldap_email;
        $ldap_result_phone = Setting::getSettings()->ldap_phone_field;
        $ldap_result_jobtitle = Setting::getSettings()->ldap_jobtitle;
-        $ldap_result_country      = Setting::getSettings()->ldap_country;
+        $ldap_result_country = Setting::getSettings()->ldap_country;
        $ldap_result_dept = Setting::getSettings()->ldap_dept;
+        $ldap_result_manager = Setting::getSettings()->ldap_manager;

        try {
            $ldapconn = Ldap::connectToLdap();
            Ldap::bindAdminToLdap($ldapconn);
        } catch (\Exception $e) {
            if ($this->option('json_summary')) {
-                $json_summary = [ "error" => true, "error_message" => $e->getMessage(), "summary" => [] ];
+                $json_summary = ['error' => true, 'error_message' => $e->getMessage(), 'summary' => []];
                $this->info(json_encode($json_summary));
            }
            LOG::info($e);
+
            return [];
        }

-        $summary = array();
+        $summary = [];

        try {
            if ($this->option('base_dn') != '') {
@@ -81,78 +83,78 @@ class LdapSync extends Command
            $results = Ldap::findLdapUsers($search_base);
        } catch (\Exception $e) {
            if ($this->option('json_summary')) {
-                $json_summary = [ "error" => true, "error_message" => $e->getMessage(), "summary" => [] ];
+                $json_summary = ['error' => true, 'error_message' => $e->getMessage(), 'summary' => []];
                $this->info(json_encode($json_summary));
            }
            LOG::info($e);
+
            return [];
        }

        /* Determine which location to assign users to by default. */
-        $location = NULL; // FIXME - this would be better called "$default_location", which is more explicit about its purpose
+        $location = null; // TODO - this would be better called "$default_location", which is more explicit about its purpose

-        if ($this->option('location')!='') {
+        if ($this->option('location') != '') {
            $location = Location::where('name', '=', $this->option('location'))->first();
            LOG::debug('Location name '.$this->option('location').' passed');
            LOG::debug('Importing to '.$location->name.' ('.$location->id.')');
-        } elseif ($this->option('location_id')!='') {
+        } elseif ($this->option('location_id') != '') {
            $location = Location::where('id', '=', $this->option('location_id'))->first();
            LOG::debug('Location ID '.$this->option('location_id').' passed');
            LOG::debug('Importing to '.$location->name.' ('.$location->id.')');
        }

-        if (!isset($location)) {
+        if (! isset($location)) {
            LOG::debug('That location is invalid or a location was not provided, so no location will be assigned by default.');
        }

        /* Process locations with explicitly defined OUs, if doing a full import. */
-        if ($this->option('base_dn')=='') {
+        if ($this->option('base_dn') == '') {
            // Retrieve locations with a mapped OU, and sort them from the shallowest to deepest OU (see #3993)
            $ldap_ou_locations = Location::where('ldap_ou', '!=', '')->get()->toArray();
-            $ldap_ou_lengths = array();
+            $ldap_ou_lengths = [];

            foreach ($ldap_ou_locations as $ou_loc) {
-                $ldap_ou_lengths[] = strlen($ou_loc["ldap_ou"]);
+                $ldap_ou_lengths[] = strlen($ou_loc['ldap_ou']);
            }

            array_multisort($ldap_ou_lengths, SORT_ASC, $ldap_ou_locations);

-            if (sizeof($ldap_ou_locations) > 0) {
+            if (count($ldap_ou_locations) > 0) {
                LOG::debug('Some locations have special OUs set. Locations will be automatically set for users in those OUs.');
            }

            // Inject location information fields
-            for ($i = 0; $i < $results["count"]; $i++) {
-                $results[$i]["ldap_location_override"] = false;
-                $results[$i]["location_id"] = 0;
+            for ($i = 0; $i < $results['count']; $i++) {
+                $results[$i]['ldap_location_override'] = false;
+                $results[$i]['location_id'] = 0;
            }

            // Grab subsets based on location-specific DNs, and overwrite location for these users.
            foreach ($ldap_ou_locations as $ldap_loc) {
                try {
-                    $location_users = Ldap::findLdapUsers($ldap_loc["ldap_ou"]);
-                } catch (\Exception $e) { // FIXME: this is stolen from line 77 or so above
+                    $location_users = Ldap::findLdapUsers($ldap_loc['ldap_ou']);
+                } catch (\Exception $e) { // TODO: this is stolen from line 77 or so above
                    if ($this->option('json_summary')) {
-                        $json_summary = [ "error" => true, "error_message" => trans('admin/users/message.error.ldap_could_not_search')." Location: ".$ldap_loc['name']." (ID: ".$ldap_loc['id'].") cannot connect to \"".$ldap_loc["ldap_ou"]."\" - ".$e->getMessage(), "summary" => [] ];
+                        $json_summary = ['error' => true, 'error_message' => trans('admin/users/message.error.ldap_could_not_search').' Location: '.$ldap_loc['name'].' (ID: '.$ldap_loc['id'].') cannot connect to "'.$ldap_loc['ldap_ou'].'" - '.$e->getMessage(), 'summary' => []];
                        $this->info(json_encode($json_summary));
                    }
                    LOG::info($e);
+
                    return [];
                }
-                $usernames = array();
-                for ($i = 0; $i < $location_users["count"]; $i++) {
-
+                $usernames = [];
+                for ($i = 0; $i < $location_users['count']; $i++) {
                    if (array_key_exists($ldap_result_username, $location_users[$i])) {
-                        $location_users[$i]["ldap_location_override"] = true;
-                        $location_users[$i]["location_id"] = $ldap_loc["id"];
+                        $location_users[$i]['ldap_location_override'] = true;
+                        $location_users[$i]['location_id'] = $ldap_loc['id'];
                        $usernames[] = $location_users[$i][$ldap_result_username][0];
                    }
-
                }

                // Delete located users from the general group.
                foreach ($results as $key => $generic_entry) {
-                   if ((is_array($generic_entry)) && (array_key_exists($ldap_result_username, $generic_entry))) {
+                    if ((is_array($generic_entry)) && (array_key_exists($ldap_result_username, $generic_entry))) {
                        if (in_array($generic_entry[$ldap_result_username][0], $usernames)) {
                            unset($results[$key]);
                        }
@@ -166,55 +168,64 @@ class LdapSync extends Command
        }

        /* Create user account entries in Snipe-IT */
-        $tmp_pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
+        $tmp_pass = substr(str_shuffle('0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'), 0, 20);
        $pass = bcrypt($tmp_pass);

-        for ($i = 0; $i < $results["count"]; $i++) {
-            if (empty($ldap_result_active_flag) || $results[$i][$ldap_result_active_flag][0] == "TRUE") {
-
-                $item = array();
-                $item["username"] = isset($results[$i][$ldap_result_username][0]) ? $results[$i][$ldap_result_username][0] : "";
-                $item["employee_number"] = isset($results[$i][$ldap_result_emp_num][0]) ? $results[$i][$ldap_result_emp_num][0] : "";
-                $item["lastname"] = isset($results[$i][$ldap_result_last_name][0]) ? $results[$i][$ldap_result_last_name][0] : "";
-                $item["firstname"] = isset($results[$i][$ldap_result_first_name][0]) ? $results[$i][$ldap_result_first_name][0] : "";
-                $item["email"] = isset($results[$i][$ldap_result_email][0]) ? $results[$i][$ldap_result_email][0] : "" ;
-                $item["ldap_location_override"] = isset($results[$i]["ldap_location_override"]) ? $results[$i]["ldap_location_override"]:"";
-                $item["location_id"] = isset($results[$i]["location_id"]) ? $results[$i]["location_id"]:"";
-                $item["telephone"] = isset($results[$i][$ldap_result_phone][0]) ? $results[$i][$ldap_result_phone][0] : "";
-                $item["jobtitle"] = isset($results[$i][$ldap_result_jobtitle][0]) ? $results[$i][$ldap_result_jobtitle][0] : "";
-                $item["country"] = isset($results[$i][$ldap_result_country][0]) ? $results[$i][$ldap_result_country][0] : "";
-                $item["department"] = isset($results[$i][$ldap_result_dept][0]) ? $results[$i][$ldap_result_dept][0] : "";
-
+        for ($i = 0; $i < $results['count']; $i++) {
+            if (empty($ldap_result_active_flag) || $results[$i][$ldap_result_active_flag][0] == 'TRUE') {
+                $item = [];
+                $item['username'] = isset($results[$i][$ldap_result_username][0]) ? $results[$i][$ldap_result_username][0] : '';
+                $item['employee_number'] = isset($results[$i][$ldap_result_emp_num][0]) ? $results[$i][$ldap_result_emp_num][0] : '';
+                $item['lastname'] = isset($results[$i][$ldap_result_last_name][0]) ? $results[$i][$ldap_result_last_name][0] : '';
+                $item['firstname'] = isset($results[$i][$ldap_result_first_name][0]) ? $results[$i][$ldap_result_first_name][0] : '';
+                $item['email'] = isset($results[$i][$ldap_result_email][0]) ? $results[$i][$ldap_result_email][0] : '';
+                $item['ldap_location_override'] = isset($results[$i]['ldap_location_override']) ? $results[$i]['ldap_location_override'] : '';
+                $item['location_id'] = isset($results[$i]['location_id']) ? $results[$i]['location_id'] : '';
+                $item['telephone'] = isset($results[$i][$ldap_result_phone][0]) ? $results[$i][$ldap_result_phone][0] : '';
+                $item['jobtitle'] = isset($results[$i][$ldap_result_jobtitle][0]) ? $results[$i][$ldap_result_jobtitle][0] : '';
+                $item['country'] = isset($results[$i][$ldap_result_country][0]) ? $results[$i][$ldap_result_country][0] : '';
+                $item['department'] = isset($results[$i][$ldap_result_dept][0]) ? $results[$i][$ldap_result_dept][0] : '';
+                $item['manager'] = isset($results[$i][$ldap_result_manager][0]) ? $results[$i][$ldap_result_manager][0] : '';

                $department = Department::firstOrCreate([
-                    'name' => $item["department"],
+                    'name' => $item['department'],
                ]);

-
-                $user = User::where('username', $item["username"])->first();
+                $user = User::where('username', $item['username'])->first();
                if ($user) {
                    // Updating an existing user.
-                    $item["createorupdate"] = 'updated';
+                    $item['createorupdate'] = 'updated';
                } else {
                    // Creating a new user.
                    $user = new User;
                    $user->password = $pass;
                    $user->activated = 0;
-                    $item["createorupdate"] = 'created';
+                    $item['createorupdate'] = 'created';
                }

-                $user->first_name = $item["firstname"];
-                $user->last_name = $item["lastname"];
-                $user->username = $item["username"];
-                $user->email = $item["email"];
-                $user->employee_num = e($item["employee_number"]);
-                $user->phone = $item["telephone"];
-                $user->jobtitle = $item["jobtitle"];
-                $user->country = $item["country"];
+                $user->first_name = $item['firstname'];
+                $user->last_name = $item['lastname'];
+                $user->username = $item['username'];
+                $user->email = $item['email'];
+                $user->employee_num = e($item['employee_number']);
+                $user->phone = $item['telephone'];
+                $user->jobtitle = $item['jobtitle'];
+                $user->country = $item['country'];
                $user->department_id = $department->id;

+                if($item['manager'] != null) {
+                    //Captures only the Canonical Name
+                    $item['manager'] = ltrim($item['manager'], "CN=");
+                    $item['manager'] = substr($item['manager'],0, strpos($item['manager'], ','));
+                    $ldap_manager = User::where('username', $item['manager'])->first();
+                    if ( $ldap_manager && isset($ldap_manager->id) ) {
+                        $user->manager_id = $ldap_manager->id;
+                    }
+                }
+
+
                // Sync activated state for Active Directory.
-                if ( array_key_exists('useraccountcontrol', $results[$i]) ) {
+                if (array_key_exists('useraccountcontrol', $results[$i])) {
                    /* The following is _probably_ the correct logic, but we can't use it because
                       some users may have been dependent upon the previous behavior, and this
                       could cause additional access to be available to users they don't want
@@ -231,7 +242,7 @@ class LdapSync extends Command
                    } else {
                        $user->activated = 0;
                    } */
-                  $enabled_accounts = [
+                    $enabled_accounts = [
                    '512',    // 0x200    NORMAL_ACCOUNT
                    '544',    // 0x220    NORMAL_ACCOUNT, PASSWD_NOTREQD
                    '66048',  // 0x10200  NORMAL_ACCOUNT, DONT_EXPIRE_PASSWORD
@@ -240,27 +251,26 @@ class LdapSync extends Command
                    '262688', // 0x40220  NORMAL_ACCOUNT, PASSWD_NOTREQD, SMARTCARD_REQUIRED
                    '328192', // 0x50200  NORMAL_ACCOUNT, SMARTCARD_REQUIRED, DONT_EXPIRE_PASSWORD
                    '328224', // 0x50220  NORMAL_ACCOUNT, PASSWD_NOT_REQD, SMARTCARD_REQUIRED, DONT_EXPIRE_PASSWORD
-                    '4260352',// 0x410200 NORMAL_ACCOUNT, DONT_EXPIRE_PASSWORD, DONT_REQ_PREAUTH
-                    '1049088',// 0x100200 NORMAL_ACCOUNT, NOT_DELEGATED
+                    '4194816',// 0x400200 NORMAL_ACCOUNT, DONT_REQ_PREAUTH
+                    '4260352', // 0x410200 NORMAL_ACCOUNT, DONT_EXPIRE_PASSWORD, DONT_REQ_PREAUTH
+                    '1049088', // 0x100200 NORMAL_ACCOUNT, NOT_DELEGATED
                  ];
-                  $user->activated = ( in_array($results[$i]['useraccountcontrol'][0], $enabled_accounts) ) ? 1 : 0;
+                    $user->activated = (in_array($results[$i]['useraccountcontrol'][0], $enabled_accounts)) ? 1 : 0;
                }

                // If we're not using AD, and there isn't an activated flag set, activate all users
                elseif (empty($ldap_result_active_flag)) {
-                  $user->activated = 1;
+                    $user->activated = 1;
                }

                if ($item['ldap_location_override'] == true) {
                    $user->location_id = $item['location_id'];
-                } elseif ((isset($location)) && (!empty($location))) {
-
+                } elseif ((isset($location)) && (! empty($location))) {
                    if ((is_array($location)) && (array_key_exists('id', $location))) {
                        $user->location_id = $location['id'];
                    } elseif (is_object($location)) {
                        $user->location_id = $location->id;
                    }
-
                }

                $user->ldap_import = 1;
@@ -268,31 +278,30 @@ class LdapSync extends Command
                $errors = '';

                if ($user->save()) {
-                    $item["note"] = $item["createorupdate"];
-                    $item["status"]='success';
+                    $item['note'] = $item['createorupdate'];
+                    $item['status'] = 'success';
                } else {
                    foreach ($user->getErrors()->getMessages() as $key => $err) {
                        $errors .= $err[0];
                    }
-                    $item["note"] = $errors;
-                    $item["status"]='error';
+                    $item['note'] = $errors;
+                    $item['status'] = 'error';
                }

                array_push($summary, $item);
            }
-
        }

        if ($this->option('summary')) {
            for ($x = 0; $x < count($summary); $x++) {
-                if ($summary[$x]['status']=='error') {
+                if ($summary[$x]['status'] == 'error') {
                    $this->error('ERROR: '.$summary[$x]['firstname'].' '.$summary[$x]['lastname'].' (username:  '.$summary[$x]['username'].') was not imported: '.$summary[$x]['note']);
                } else {
                    $this->info('User '.$summary[$x]['firstname'].' '.$summary[$x]['lastname'].' (username:  '.$summary[$x]['username'].') was '.strtoupper($summary[$x]['createorupdate']).'.');
                }
            }
-        } else if ($this->option('json_summary')) {
-            $json_summary = [ "error" => false, "error_message" => "", "summary" => $summary ]; // hardcoding the error to false and the error_message to blank seems a bit weird
+        } elseif ($this->option('json_summary')) {
+            $json_summary = ['error' => false, 'error_message' => '', 'summary' => $summary]; // hardcoding the error to false and the error_message to blank seems a bit weird
            $this->info(json_encode($json_summary));
        } else {
            return $summary;
@@ -1,399 +0,0 @@
-<?php
-
-declare(strict_types=1);
-
-namespace App\Console\Commands;
-
-use Log;
-use Exception;
-use App\Models\User;
-use App\Services\LdapAd;
-use App\Models\Location;
-use Illuminate\Console\Command;
-use Adldap\Models\User as AdldapUser;
-
-/**
- * LDAP / AD sync command.
- *
- * @author Wes Hulette <jwhulette@gmail.com>
- *
- * @since 5.0.0
- */
-class LdapSyncNg extends Command
-{
-    /**
-     * The name and signature of the console command.
-     *
-     * @var string
-     */
-    protected $signature = 'snipeit:ldap-sync-ng 
-                {--location= : A location name } 
-                {--location_id= : A location id} 
-                {--base_dn= : A diffrent base DN to use } 
-                {--summary : Print summary } 
-                {--json_summary : Print summary in json format } 
-                {--dryrun : Run the sync process but don\'t update the database}';
-
-    /**
-     * The console command description.
-     *
-     * @var string
-     */
-    protected $description = 'Command line LDAP/AD sync';
-
-    /**
-     * An LdapAd instance.
-     *
-     * @var \App\Models\LdapAd
-     */
-    private $ldap;
-
-    /**
-     * LDAP settings collection.
-     *
-     * @var \Illuminate\Support\Collection
-     */
-    private $settings = null;
-
-    /**
-     * A default location collection.
-     *
-     * @var \Illuminate\Support\Collection
-     */
-    private $defaultLocation = null;
-
-    /**
-     * Mapped locations collection.
-     *
-     * @var \Illuminate\Support\Collection
-     */
-    private $mappedLocations = null;
-
-    /**
-     * The summary collection.
-     *
-     * @var \Illuminate\Support\Collection
-     */
-    private $summary;
-
-    /**
-     * Is dry-run?
-     *
-     * @var bool
-     */
-    private $dryrun = false;
-
-    /**
-     * Show users to be imported.
-     *
-     * @var array
-     */
-    private $userlist = [];
-
-    /**
-     * Create a new command instance.
-     */
-    public function __construct(LdapAd $ldap)
-    {
-        parent::__construct();
-        $this->ldap     = $ldap;
-        $this->settings = $this->ldap->ldapSettings;
-        $this->summary  = collect();
-    }
-
-    /**
-     * Execute the console command.
-     *
-     * @return mixed
-     */
-    public function handle()
-    {
-
-        $dispatcher =  \Adldap\Adldap::getEventDispatcher();
-
-        // Listen for all model events.
-        $dispatcher->listen('Adldap\Models\Events\*', function ($eventName, array $data) {
-            echo $eventName; // Returns 'Adldap\Models\Events\Updating'
-            var_dump($data); // Returns [0] => (object) Adldap\Models\Events\Updating;
-            \Log::debug("Event: ".$eventName." data - ".print_r($data, true));
-        });
-        $dispatcher->listen('Adldap\Auth\Events\*', function ($eventName, array $data) {
-            echo $eventName; // Returns 'Adldap\Models\Events\Updating'
-            var_dump($data); // Returns [0] => (object) Adldap\Models\Events\Updating;
-            \Log::debug("Event: ".$eventName." data - ".print_r($data, true));
-        });
-
-        ini_set('max_execution_time', env('LDAP_TIME_LIM', "600")); //600 seconds = 10 minutes
-        ini_set('memory_limit', '500M');
-        $old_error_reporting = error_reporting(); // grab old error_reporting .ini setting, for later re-enablement
-        error_reporting($old_error_reporting & ~E_DEPRECATED); // disable deprecation warnings, for LDAP in PHP 7.4 (and greater)
-
-        if ($this->option('dryrun')) {
-            $this->dryrun = true;
-        }
-        $this->checkIfLdapIsEnabled();
-        $this->checkLdapConnection();
-        $this->setBaseDn();
-        $this->getUserDefaultLocation();
-        /*
-         * Use the default location if set, this is needed for the LDAP users sync page
-         */
-        if (!$this->option('base_dn') && null == $this->defaultLocation) {
-            $this->getMappedLocations();
-        }
-        $this->processLdapUsers();
-        // Print table of users
-        if ($this->dryrun) {
-            $this->info('The following users will be synced!');
-            $headers = ['First Name', 'Last Name', 'Username', 'Email', 'Employee #', 'Location Id', 'Status'];
-            $this->table($headers, $this->summary->toArray());
-        }
-
-        error_reporting($old_error_reporting); // re-enable deprecation warnings.
-        return $this->getSummary();
-    }
-
-    /**
-     * Generate the LDAP sync summary.
-     *
-     * @author Wes Hulette <jwhulette@gmail.com>
-     *
-     * @since 5.0.0
-     *
-     * @return string
-     */
-    private function getSummary(): string
-    {
-        if ($this->option('summary') && null === $this->dryrun) {
-            $this->summary->each(function ($item) {
-                $this->info('USER: '.$item['note']);
-
-                if ('ERROR' === $item['status']) {
-                    $this->error('ERROR: '.$item['note']);
-                }
-            });
-        } elseif ($this->option('json_summary')) {
-            $json_summary = [
-                'error' => false,
-                'error_message' => '',
-                'summary' => $this->summary->toArray(),
-            ];
-            $this->info(json_encode($json_summary));
-        }
-
-        return '';
-    }
-
-    /**
-     * Create a new user or update an existing user.
-     *
-     * @author Wes Hulette <jwhulette@gmail.com>
-     *
-     * @since 5.0.0
-     *
-     * @param \Adldap\Models\User $snipeUser
-     */
-    private function updateCreateUser(AdldapUser $snipeUser): void
-    {
-        $user = $this->ldap->processUser($snipeUser, $this->defaultLocation, $this->mappedLocations);
-        $summary = [
-            'firstname'       => $user->first_name,
-            'lastname'        => $user->last_name,
-            'username'        => $user->username,
-            'employee_number' => $user->employee_num,
-            'email'           => $user->email,
-            'location_id'     => $user->location_id,
-        ];
-        // Only update the database if is not a dry run
-        if (!$this->dryrun) {
-            if ($user->isDirty()) { //if nothing on the user changed, don't bother trying to save anything nor put anything in the summary
-                if ($user->save()) {
-                    $summary['note']   = ($user->wasRecentlyCreated ? 'CREATED' : 'UPDATED');
-                    $summary['status'] = 'SUCCESS';
-                } else {
-                    $errors = '';
-                    foreach ($user->getErrors()->getMessages() as  $error) {
-                        $errors .= implode(", ",$error);
-                    }
-                    $summary['note']   = $snipeUser->getDN().' was not imported. REASON: '.$errors;
-                    $summary['status'] = 'ERROR';
-                }
-            } else {
-                $summary = null;
-            }
-        }
-
-        // $summary['note'] = ($user->getOriginal('username') ? 'UPDATED' : 'CREATED'); // this seems, kinda, like, superfluous, relative to the $summary['note'] thing above, yeah?
-        if($summary) { //if the $user wasn't dirty, $summary was set to null so that we will skip the following push()
-            $this->summary->push($summary);
-        }
-    }
-
-    /**
-     * Process the users to update / create.
-     *
-     * @author Wes Hulette <jwhulette@gmail.com>
-     *
-     * @since 5.0.0
-     *
-     */
-    private function processLdapUsers(): void
-    {
-        try {
-            \Log::debug("CAL:LING GET LDAP SUSERS");
-            $ldapUsers = $this->ldap->getLdapUsers();
-            \Log::debug("END CALLING GET LDAP USERS");
-        } catch (Exception $e) {
-            $this->outputError($e);
-            exit($e->getMessage());
-        }
-
-        if (0 == $ldapUsers->count()) {
-            $msg = 'ERROR: No users found!';
-            Log::error($msg);
-            if ($this->dryrun) {
-                $this->error($msg);
-            }
-            exit($msg);
-        }
-
-        // Process each individual users
-        foreach ($ldapUsers->getResults() as $user) { // AdLdap2's paginate() method is weird, it gets *everything* and ->getResults() returns *everything*
-            $this->updateCreateUser($user);
-        }
-    }
-
-    /**
-     * Get the mapped locations if a base_dn is provided.
-     *
-     * @author Wes Hulette <jwhulette@gmail.com>
-     *
-     * @since 5.0.0
-     */
-    private function getMappedLocations()
-    {
-        $ldapOuLocation = Location::where('ldap_ou', '!=', '')->select(['id', 'ldap_ou'])->get();
-        $locations = $ldapOuLocation->sortBy(function ($ou, $key) {
-            return strlen($ou->ldap_ou);
-        });
-        if ($locations->count() > 0) {
-            $msg = 'Some locations have special OUs set. Locations will be automatically set for users in those OUs.';
-            LOG::debug($msg);
-            if ($this->dryrun) {
-                $this->info($msg);
-            }
-
-            $this->mappedLocations = $locations->pluck('ldap_ou', 'id'); // TODO: this seems ok-ish, but the key-> value is going location_id -> OU name, and the primary action here is the opposite of that - going from OU's to location ID's.
-        }
-    }
-
-    /**
-     * Set the base dn if supplied.
-     *
-     * @author Wes Hulette <jwhulette@gmail.com>
-     *
-     * @since 5.0.0
-     */
-    private function setBaseDn(): void
-    {
-        if ($this->option('base_dn')) {
-            $this->ldap->baseDn = $this->option('base_dn');
-            $msg = sprintf('Importing users from specified base DN: "%s"', $this->ldap->baseDn);
-            LOG::debug($msg);
-            if ($this->dryrun) {
-                $this->info($msg);
-            }
-        }
-    }
-
-    /**
-     * Get a default location id for imported users.
-     *
-     * @author Wes Hulette <jwhulette@gmail.com>
-     *
-     * @since 5.0.0
-     */
-    private function getUserDefaultLocation(): void
-    {
-        $location = $this->option('location_id') ?? $this->option('location');
-        if ($location) {
-            $userLocation = Location::where('name', '=', $location)
-                ->orWhere('id', '=', intval($location))
-                ->select(['name', 'id'])
-                ->first();
-            if ($userLocation) {
-                $msg = 'Importing users with default location: '.$userLocation->name.' ('.$userLocation->id.')';
-                LOG::debug($msg);
-
-                if ($this->dryrun) {
-                    $this->info($msg);
-                }
-
-                $this->defaultLocation = collect([
-                    $userLocation->id => $userLocation->name,
-                ]);
-            } else {
-                $msg = 'The supplied location is invalid!';
-                LOG::error($msg);
-                if ($this->dryrun) {
-                    $this->error($msg);
-                }
-                exit(0);
-            }
-        }
-    }
-
-    /**
-     * Check if LDAP intergration is enabled.
-     *
-     * @author Wes Hulette <jwhulette@gmail.com>
-     *
-     * @since 5.0.0
-     */
-    private function checkIfLdapIsEnabled(): void
-    {
-        if (false === $this->settings['ldap_enabled']) {
-            $msg = 'LDAP intergration is not enabled. Exiting sync process.';
-            $this->info($msg);
-            Log::info($msg);
-            exit(0);
-        }
-    }
-
-    /**
-     * Check to make sure we can access the server.
-     *
-     * @author Wes Hulette <jwhulette@gmail.com>
-     *
-     * @since 5.0.0
-     */
-    private function checkLdapConnection(): void
-    {
-        try {
-            $this->ldap->testLdapAdUserConnection();
-            $this->ldap->testLdapAdBindConnection();
-        } catch (Exception $e) {
-            $this->outputError($e);
-            exit(0);
-        }
-    }
-
-    /**
-     * Output the json summary to the screen if enabled.
-     *
-     * @param Exception $error
-     */
-    private function outputError($error): void
-    {
-        if ($this->option('json_summary')) {
-            $json_summary = [
-                'error' => true,
-                'error_message' => $error->getMessage(),
-                'summary' => [],
-            ];
-            $this->info(json_encode($json_summary));
-        }
-        $this->error($error->getMessage());
-        LOG::error($error);
-    }
-}
@@ -0,0 +1,503 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+use App\Models\Setting;
+use Exception;
+use Crypt;
+
+/**
+ * Check if a given ip is in a network
+ * @param  string $ip    IP to check in IPV4 format eg. 127.0.0.1
+ * @param  string $range IP/CIDR netmask eg. 127.0.0.0/24, also 127.0.0.1 is accepted and /32 assumed
+ * @return boolean true if the ip is in this range / false if not.
+ */
+function ip_in_range( $ip, $range ) {
+	if ( strpos( $range, '/' ) == false ) {
+		$range .= '/32';
+	}
+	// $range is in IP/CIDR format eg 127.0.0.1/24
+	list( $range, $netmask ) = explode( '/', $range, 2 );
+	$range_decimal = ip2long( $range );
+	$ip_decimal = ip2long( $ip );
+	$wildcard_decimal = pow( 2, ( 32 - $netmask ) ) - 1;
+	$netmask_decimal = ~ $wildcard_decimal;
+	return ( ( $ip_decimal & $netmask_decimal ) == ( $range_decimal & $netmask_decimal ) );
+}
+// NOTE - this function was shamelessly stolen from this gist: https://gist.github.com/tott/7684443
+
+class LdapTroubleshooter extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'ldap:troubleshoot
+                            {--ldap-search : Output an ldapsearch command-line for testing your LDAP config}
+                            {--force : Skip the interactive yes/no prompt for confirmation}
+                            {--debug : Include debugging output (verbose)}
+                            {--trace : Include extremely verbose LDAP trace output}
+                            {--timeout=15 : Timeout for LDAP Bind operations}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Runs a series of non-destructive LDAP commands to help try and determine correct LDAP settings for your environment.';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Output something *only* if debug is enabled
+     * 
+     * @return void
+     */
+    public function debugout($string)
+    {
+        if($this->option('debug')) {
+            $this->line($string);
+        }
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+        if($this->option('trace')) {
+    	    ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7);
+        }
+
+        $settings = Setting::getSettings();
+        $this->settings = $settings;
+        if($this->option('ldap-search')) {
+            if(!$this->option('force')) {
+                $confirmation = $this->confirm('WARNING: This command will display your LDAP password on your terminal. Are you sure this is ok?');
+                if(!$confirmation) {
+                    $this->error('ABORTING');
+                    exit(-1);
+                }
+            }
+            $output = [];
+            if($settings->ldap_server_cert_ignore) {
+                $this->line("# Ignoring server certificate validity");
+                $output[] = "LDAPTLS_REQCERT=never";
+            }
+            if($settings->ldap_client_tls_cert && $settings->ldap_client_tls_key) {
+                $this->line("# Adding LDAP Client Certificate and Key");
+                $output[] = "LDAPTLS_CERT=storage/ldap_client_tls.cert";
+                $output[] = "LDAPTLS_KEY=storage/ldap_client_tls.key";
+            }
+            $output[] = "ldapsearch";
+            $output[] = $settings->ldap_server;
+            $output[] = "-x";
+            $output[] = "-b ".escapeshellarg($settings->ldap_basedn);
+            $output[] = "-D ".escapeshellarg($settings->ldap_uname);
+            $output[] = "-w ".escapeshellarg(\Crypt::Decrypt($settings->ldap_pword));
+            if(substr($settings->ldap_filter,0,1) == "(" ) {
+                $output[] = escapeshellarg($settings->ldap_filter);
+            } else {
+                $output[] = escapeshellarg("(".$settings->ldap_filter.")");
+            }
+            if($settings->ldap_tls) {
+                $this->line("# adding STARTTLS option");
+                $output[] = "-Z";
+            }
+            $output[] = "-v";
+            $this->line("\n");
+            $this->line(implode(" \\\n",$output));
+            exit(0);
+        }
+        if(!$this->option('force')) {
+            $confirmation = $this->confirm('WARNING: This command will make several attempts to connect to your LDAP server. Are you sure this is ok?');
+            if(!$confirmation) {
+                $this->error('ABORTING');
+                exit(-1);
+            }
+        }
+        //$this->line(print_r($settings,true));
+        $this->info("STAGE 1: Checking settings");
+        if(!$settings->ldap_enabled) {
+            $this->error("WARNING: Snipe-IT's LDAP setting is not turned on. (That may be OK if you're still trying to figure out settings)");
+        }
+
+        $ldap_conn = false;
+        try {
+            $ldap_conn = ldap_connect($settings->ldap_server);
+        } catch (Exception $e) {
+            $this->error("WARNING: Exception caught when executing 'ldap_connect()' - ".$e->getMessage().". We will try to guess.");
+        }
+
+        if(!$ldap_conn) {
+            $this->error("WARNING: LDAP Server setting of: ".$settings->ldap_server." cannot be parsed. We will try to guess.");
+            //exit(-1);
+        }
+        //since we never use $ldap_conn again, we don't have to ldap_unbind() it (it's not even connected, tbh - that only happens at bind-time)
+
+        $parsed = parse_url($settings->ldap_server);
+
+        if(@$parsed['scheme'] != 'ldap' && @$parsed['scheme'] != 'ldaps') {
+            $this->error("WARNING: LDAP URL Scheme of '".@$parsed['scheme']."' is probably incorrect; should usually be ldap or ldaps");
+        }
+
+        if(!@$parsed['host']) {
+            $this->error("ERROR: Cannot determine hostname or IP from ldap URL: ".$settings->ldap_server.". ABORTING.");
+            exit(-1);
+        } else {
+            $this->info("Determined LDAP hostname to be: ".$parsed['host']);
+        }
+
+        $this->info("Performing DNS lookup of: ".$parsed['host']);
+        $ips = dns_get_record($parsed['host']);
+        $raw_ips = [];
+
+        //$this->info("Host IP is: ".print_r($ips,true));
+
+        if(!$ips || count($ips) == 0) {
+            $this->error("ERROR: DNS lookup of host: ".$parsed['host']." has failed. ABORTING.");
+            exit(-1);
+        }
+        $this->debugout("IP's? ".print_r($ips,true));
+        foreach($ips as $ip) {
+            if(!isset($ip['ip'])) {
+                continue;
+            }
+            $raw_ips[]=$ip['ip'];
+            if($ip['ip'] == "127.0.0.1") {
+                $this->error("WARNING: Using the localhost IP as the LDAP server. This is usually wrong");
+            }
+            if(ip_in_range($ip['ip'],'10.0.0.0/8') || ip_in_range($ip['ip'],'192.168.0.0/16') || ip_in_range($ip['ip'], '172.16.0.0/12')) {
+                $this->error("WARNING: Using an RFC1918 Private address for LDAP server. This may be correct, but it can be a problem if your Snipe-IT instance is not hosted on your private network");
+            }
+        }
+
+        $this->info("STAGE 2: Checking basic network connectivity");
+        $ports = [389,636];
+        if(@$parsed['port'] && !in_array($parsed['port'],$ports)) {
+            $ports[] = $parsed['port'];
+        }
+
+        $open_ports=[];
+        foreach($ports as $port ) {
+            $errno = 0;
+            $errstr = '';
+            $timeout = 30.0;
+            $result = '';
+            $this->info("Attempting to connect to port: ".$port." - may take up to $timeout seconds");
+            try {
+                $result = fsockopen($parsed['host'], $port, $errno, $errstr, 30.0);
+            } catch(Exception $e) {
+                $this->error("Exception: ".$e->getMessage());
+            }
+            if($result) {
+                $this->info("Success!");
+                $open_ports[] = $port;
+            } else {
+                $this->error("WARNING: Cannot connect to port: $port - $errstr ($errno)");
+            }
+        }
+
+        if(count($open_ports) == 0) {
+            $this->error("ERROR - no open ports. ABORTING.");
+            exit(-1);
+        }
+
+        $this->info("STAGE 3: Determine encryption algorithm, if any");
+
+        $ldap_urls = [];
+        $pretty_ldap_urls = [];
+        foreach($open_ports as $port) {
+            $this->line("Trying TLS first for port $port");
+            $ldap_url = "ldaps://".$parsed['host'].":$port";
+            if($this->test_anonymous_bind($ldap_url)) {
+                $this->info("Anonymous bind succesful to $ldap_url!");
+                $ldap_urls[] = [ $ldap_url, true, false ];
+                $pretty_ldap_urls[] = [ $ldap_url, "YES", "no" ];
+                continue; // TODO - lots of copypasta in these if(test_anonymous_bind()) routines...
+            } else {
+                $this->error("WARNING: Failed to bind to $ldap_url - trying without certificate checks.");
+            }
+
+            if($this->test_anonymous_bind($ldap_url, false)) {
+                $this->info("Anonymous bind succesful to $ldap_url with certifcate-checks disabled");
+                $ldap_urls[] = [ $ldap_url, false, false ]; 
+                $pretty_ldap_urls[] = [ $ldap_url, "no", "no" ]; 
+                continue;
+            } else {
+                $this->error("WARNING: Failed to bind to $ldap_url with certificate checks disabled. Trying unencrypted with STARTTLS");
+            }
+
+            $ldap_url = "ldap://".$parsed['host'].":$port";
+            if($this->test_anonymous_bind($ldap_url, true, true)) {
+                $this->info("Plain connection to $ldap_url with STARTTLS succesful!");
+                $ldap_urls[] = [ $ldap_url, true, true ];
+                $pretty_ldap_urls[] = [ $ldap_url, "YES", "YES" ];
+                continue;
+            } else {
+                $this->error("WARNING: Failed to bind to $ldap_url with STARTTLS enabled. Trying without STARTTLS");
+            }
+
+            if($this->test_anonymous_bind($ldap_url)) {
+                $this->info("Plain connection to $ldap_url succesful!");
+                $ldap_urls[] = [ $ldap_url, true, false ];
+                $pretty_ldap_urls[] = [ $ldap_url, "YES", "no" ];
+                continue;
+            } else {
+                $this->error("WARNING: Failed to bind to $ldap_url. Giving up on port $port");
+            }
+        }
+
+        $this->debugout(print_r($ldap_urls,true));
+
+        if(count($ldap_urls) > 0 ) {
+            $this->info("Found working LDAP URL's: ");
+            foreach($ldap_urls as $ldap_url) { // TODO maybe do this as a $this->table() instead?
+                $this->info("LDAP URL: ".$ldap_url[0]);
+                $this->info($ldap_url[0]. ($ldap_url[1] ? " certificate checks enabled" : " certificate checks disabled"). ($ldap_url[2] ? " STARTTLS Enabled ": " STARTTLS Disabled"));
+            }
+            $this->table(["URL", "Cert Checks Enabled?", "STARTTLS Enabled?"],$pretty_ldap_urls);
+        } else {
+            $this->error("ERROR - no valid LDAP URL's available - ABORTING");
+            exit(1);
+        }
+
+        $this->info("STAGE 4: Test Administrative Bind for LDAP Sync");
+        foreach($ldap_urls AS $ldap_url) {
+            $this->test_authed_bind($ldap_url[0], $ldap_url[1], $ldap_url[2], $settings->ldap_uname, Crypt::decrypt($settings->ldap_pword));
+        }
+
+        $this->info("STAGE 5: Test BaseDN");
+        //grab all LDAP_ constants and fill up a reversed array mapping from weird LDAP dotted-strings to (Constant Name)
+        $all_defined_constants = get_defined_constants();
+        $ldap_constants = [];
+        foreach($all_defined_constants AS $key => $val) {
+            if(starts_with($key,"LDAP_") && is_string($val)) {
+                $ldap_constants[$val] = $key; // INVERT the meaning here!
+            }
+        }
+        $this->debugout("LDAP constants are: ".print_r($ldap_constants,true));
+
+        // recursive function that 'cleans' the returned array from ldap_get_entries which are formatted awfully
+        $cleaner = function ($array) {
+            $cleaned = [];
+            for($i = 0; $i < $array['count']; $i++) {
+                $row = $array[$i];
+                $clean_row = [];
+                foreach($row AS $key => $val ) {
+                    $this->debugout("Key is: ".$key);
+                    if($key == "count" || is_int($key) || $key == "dn") {
+                        $this->debugout(" and we're gonna skip it\n");
+                        continue;
+                    }
+                    $this->debugout(" And that seems fine.\n");
+                    if(array_key_exists('count',$val)) {
+                        if($val['count'] == 1) {
+                            $clean_row[$key] = $val[0];
+                        } else {
+                            unset($val['count']); //these counts are annoying
+                            $elements = [];
+                            foreach($val as $entry) {
+                                if(isset($ldap_constants[$entry])) {
+                                    $elements[] = $ldap_constants[$entry];
+                                } else {
+                                    $elements[] = $entry;
+                                }
+                            }
+                            $clean_row[$key] = $elements;
+                        }
+                    } else {
+                        $clean_row[$key] = $val;
+                    }
+                }
+                $cleaned[$i] = $clean_row;
+            }
+            return $cleaned;
+        };
+        
+        foreach($ldap_urls AS $ldap_url) {
+            if($this->test_informational_bind($ldap_url[0],$ldap_url[1],$ldap_url[2],$settings->ldap_uname,Crypt::decrypt($settings->ldap_pword))) {
+                $this->info("Success getting informational bind!");
+            } else {
+                $this->error("Unable to get information from bind.");
+            }
+        }
+
+        $this->info("STAGE 6: Test LDAP Login to Snipe-IT");
+        foreach($ldap_urls AS $ldap_url) {
+            $this->info("Starting auth to ".$ldap_url[0]);
+            while(true) {
+                $with_tls = $ldap_url[1] ? "with": "without";
+                $with_startssl = $ldap_url[2] ? "using": "not using";
+                if(!$this->confirm('Do you wish to try to authenticate to this directory: '.$ldap_url[0]." $with_tls TLS and $with_startssl STARTSSL?")) {
+                    break;
+                }
+                $username = $this->ask("Username");
+                $password = $this->secret("Password");
+                $this->test_authed_bind($ldap_url[0], $ldap_url[1], $ldap_url[2], $username, $password); // FIXME - should do some other stuff here, maybe with the concatenating or something? maybe? and/or should put up some results?
+            }
+        }
+
+        $this->info("LDAP TROUBLESHOOTING COMPLETE!");
+    }
+
+    public function connect_to_ldap($ldap_url, $check_cert, $start_tls) 
+    {
+        $lconn = ldap_connect($ldap_url);
+        ldap_set_option($lconn, LDAP_OPT_PROTOCOL_VERSION, 3); // should we 'test' different protocol versions here? Does anyone even use anything other than LDAPv3?
+                                                             // no - it's formally deprecated: https://tools.ietf.org/html/rfc3494
+        if(!$check_cert) {
+            putenv('LDAPTLS_REQCERT=never'); // This is horrible; is this *really* the only way to do it?
+        } else {
+            putenv('LDAPTLS_REQCERT'); // have to very explicitly and manually *UN* set the env var here to ensure it works
+        }
+        if($this->settings->ldap_client_tls_cert && $this->settings->ldap_client_tls_key) {
+            // client-side TLS certificate support for LDAP (Google Secure LDAP)
+            putenv('LDAPTLS_CERT=storage/ldap_client_tls.cert');
+            putenv('LDAPTLS_KEY=storage/ldap_client_tls.key');
+        }
+        if($start_tls) {
+            if(!ldap_start_tls($lconn)) {
+                $this->error("WARNING: Unable to start TLS");
+                return false;
+            }
+        }
+        if(!$lconn) {
+            $this->error("WARNING: Failed to generate connection string - using: ".$ldap_url);
+            return false;
+        }
+        $net = ldap_set_option($lconn, LDAP_OPT_NETWORK_TIMEOUT, $this->option('timeout'));
+        $time = ldap_set_option($lconn, LDAP_OPT_TIMELIMIT, $this->option('timeout'));
+        if(!$net || !$time) {
+            $this->error("Unable to set timeouts!");
+        }
+        return $lconn;
+    }
+
+    public function test_anonymous_bind($ldap_url, $check_cert = true, $start_tls = false)
+    {
+        return $this->timed_boolean_execute(function () use ($ldap_url, $check_cert , $start_tls) {
+            try {
+                $lconn = $this->connect_to_ldap($ldap_url, $check_cert, $start_tls);
+                $this->info("gonna try to bind now, this can take a while if we mess it up");
+                $bind_results = ldap_bind($lconn);
+                $this->info("Bind results are: ".$bind_results." which translate into boolean: ".(bool)$bind_results);
+                return (bool)$bind_results;
+            } catch (Exception $e) {
+                $this->error("WARNING: Exception caught during bind - ".$e->getMessage());
+                return false;
+            }
+        });
+    }
+
+    public function test_authed_bind($ldap_url, $check_cert, $start_tls, $username, $password) 
+    {
+        return $this->timed_boolean_execute(function () use ($ldap_url, $check_cert, $start_tls, $username, $password) {
+            try {
+                $lconn = $this->connect_to_ldap($ldap_url, $check_cert, $start_tls);
+                $bind_results = ldap_bind($lconn, $username, $password);
+                if(!$bind_results) {
+                    $this->error("WARNING: Failed to bind to $ldap_url as $username");
+                    return false;
+                } else {
+                    $this->info("SUCCESS - Able to bind to $ldap_url as $username");
+                    return (bool)$lconn;
+                }
+            } catch (Exception $e) {
+                $this->error("WARNING: Exception caught during Authed bind to $username - ".$e->getMessage());
+                return false;
+            }
+        });
+    }
+
+    public function test_informational_bind($ldap_url, $check_cert, $start_tls, $username, $password)
+    {
+        return $this->timed_boolean_execute(function () use ($ldap_url, $check_cert, $start_tls, $username, $password) {
+            try { // TODO - copypasta'ed from test_authed_bind
+                $conn = $this->connect_to_ldap($ldap_url, $check_cert, $start_tls);
+                $bind_results = ldap_bind($conn, $username, $password);
+                if(!$bind_results) {
+                    $this->error("WARNING: Failed to bind to $ldap_url as $username");
+                    return false;
+                }
+                $this->info("SUCCESS - Able to bind to $ldap_url as $username");
+                $result = ldap_read($conn, '', '(objectClass=*)'/* , ['supportedControl']*/);
+                $results = ldap_get_entries($conn, $result);
+                $cleaned_results = $cleaner($results);
+                $this->line(print_r($cleaned_results,true));
+                //okay, great - now how do we display those results? I have no idea.
+                // I don't see why this throws an Exception for Google LDAP, but I guess we ought to try and catch it?
+                $this->comment("I guess we're trying to do the ldap search here, but sometimes it takes too long?");
+                $search_results = ldap_search($conn, $settings->base_dn, $settings->filter);
+                $this->info("Printing first 10 results: ");
+                for($i=0;$i<10;$i++) {
+                    $this->info($search_results[$i]);
+                }
+            } catch (\Exception $e) {
+                $this->error("WARNING: Exception caught during Authed bind to $username - ".$e->getMessage());
+                return false;
+            }
+        });
+    }
+
+    /***********************************************
+     * 
+     * This function executes $function - which is expected to be some kind of executable function - 
+     * with a timeout set. It respects the timeout by forking execution and setting a strict timer
+     * for which to get back a SIGUSR1 or SIGUSR2 signal from the forked process.
+     * 
+     ***********************************************/
+    private function timed_boolean_execute($function)
+    {
+        if(!(function_exists('pcntl_sigtimedwait') && function_exists('posix_getpid') && function_exists('pcntl_fork') && function_exists('posix_kill') && function_exists('pcntl_wifsignaled'))) {
+            // POSIX functions needed for forking aren't present, just run the function inline (ignoring timeout)
+            $this->info('WARNING: Unable to execute POSIX fork() commands, timeout may not be respected');
+            return $function();
+        } else {
+            $parent_pid = posix_getpid();
+            $pid = pcntl_fork();
+            switch($pid) {
+                case 0:
+                    //we're the 'child'
+                    if($function()) {
+                        //SUCCESS = SIGUSR1
+                        posix_kill($parent_pid, SIGUSR1);
+                    } else {
+                        //FAILURE = SIGUSR2
+                        posix_kill($parent_pid, SIGUSR2);
+                    }
+                    exit();
+                    break; //yes I know we don't need it.
+                case -1:
+                    //couldn't fork
+                    $this->error("COULD NOT FORK - assuming failure");
+                    return false;
+                    break; //I still know that we don't need it
+                default:
+                    //we remain the 'parent', $pid is the PID of the forked process.
+                    $siginfo = [];
+                    $exit_status = pcntl_sigtimedwait ([SIGUSR1, SIGUSR2], $siginfo, $this->option('timeout'));
+                    if ($exit_status == SIGUSR1) {
+                        return true;
+                    } else {
+                        posix_kill($pid, SIGKILL); //make sure we don't have processes hanging around that might try and send signals during later executions, confusing us
+                        return false;
+                    }
+                    break; //Yeah I get it already, shush.
+            }
+        }
+
+    }
+}
@@ -2,10 +2,9 @@

 namespace App\Console\Commands;

-use Illuminate\Console\Command;
 use App\Models\User;
 use Carbon\Carbon;
-
+use Illuminate\Console\Command;

 class MergeUsersByUsername extends Command
 {
@@ -42,71 +41,75 @@ class MergeUsersByUsername extends Command
    {
        // Get the list of users who have an email address as their username
        $users = User::where('username', 'LIKE', '%@%')->whereNull('deleted_at')->get();
+        $this->info($users->count().' total non-deleted users whose usernames contain a @ symbol.');
+

        foreach ($users as $user) {
-            $parts = explode("@", $user->username);
-            $bad_users = User::where('username', '=', $parts[0])->whereNull('deleted_at')->with('assets', 'manager', 'userlog', 'licenses', 'consumables', 'accessories', 'managedLocations')->get();
+            $parts = explode('@', trim($user->username));
+            $this->info('Checking against username '.trim($parts[0]).'.');
+
+
+            $bad_users = User::where('username', '=', trim($parts[0]))
+                ->whereNull('deleted_at')
+                ->with('assets', 'manager', 'userlog', 'licenses', 'consumables', 'accessories', 'managedLocations')
+                ->get();
+
+

            foreach ($bad_users as $bad_user) {
                $this->info($bad_user->username.' ('.$bad_user->id.')  will be merged into '.$user->username.'  ('.$user->id.') ');

                // Walk the list of assets
                foreach ($bad_user->assets as $asset) {
-                    $this->info( 'Updating asset '.$asset->asset_tag.' '.$asset->id.' to user '.$user->id);
+                    $this->info('Updating asset '.$asset->asset_tag.' '.$asset->id.' to user '.$user->id);
                    $asset->assigned_to = $user->id;
-                    if (!$asset->save()) {
-                        $this->error( 'Could not update assigned_to field on asset '.$asset->asset_tag.' '.$asset->id.' to user '.$user->id);
-                        $this->error( 'Error saving: '.$asset->getErrors());
+                    if (! $asset->save()) {
+                        $this->error('Could not update assigned_to field on asset '.$asset->asset_tag.' '.$asset->id.' to user '.$user->id);
+                        $this->error('Error saving: '.$asset->getErrors());
                    }
                }

                // Walk the list of licenses
                foreach ($bad_user->licenses as $license) {
-                    $this->info( 'Updating license '.$license->name.' '.$license->id.' to user '.$user->id);
+                    $this->info('Updating license '.$license->name.' '.$license->id.' to user '.$user->id);
                    $bad_user->licenses()->updateExistingPivot($license->id, ['assigned_to' => $user->id]);
                }

                // Walk the list of consumables
                foreach ($bad_user->consumables as $consumable) {
-                    $this->info( 'Updating consumable '.$consumable->id.' to user '.$user->id);
+                    $this->info('Updating consumable '.$consumable->id.' to user '.$user->id);
                    $bad_user->consumables()->updateExistingPivot($consumable->id, ['assigned_to' => $user->id]);
                }

                // Walk the list of accessories
                foreach ($bad_user->accessories as $accessory) {
-                    $this->info( 'Updating accessory '.$accessory->id.' to user '.$user->id);
+                    $this->info('Updating accessory '.$accessory->id.' to user '.$user->id);
                    $bad_user->accessories()->updateExistingPivot($accessory->id, ['assigned_to' => $user->id]);
                }

                // Walk the list of logs
                foreach ($bad_user->userlog as $log) {
-                    $this->info( 'Updating action log record '.$log->id.' to user '.$user->id);
+                    $this->info('Updating action log record '.$log->id.' to user '.$user->id);
                    $log->target_id = $user->id;
                    $log->save();
                }

                // Update any manager IDs
-                $this->info( 'Updating managed user records to user '.$user->id);
+                $this->info('Updating managed user records to user '.$user->id);
                User::where('manager_id', '=', $bad_user->id)->update(['manager_id' => $user->id]);

-
                // Update location manager IDs
                foreach ($bad_user->managedLocations as $managedLocation) {
-                    $this->info( 'Updating managed location record '.$managedLocation->name.' to manager '.$user->id);
+                    $this->info('Updating managed location record '.$managedLocation->name.' to manager '.$user->id);
                    $managedLocation->manager_id = $user->id;
                    $managedLocation->save();
                }

                // Mark the user as deleted
-                $this->info( 'Marking the user as deleted');
+                $this->info('Marking the user as deleted');
                $bad_user->deleted_at = Carbon::now()->timestamp;
                $bad_user->save();
-
-
            }
-
        }
-
-
    }
 }
@@ -2,7 +2,6 @@

 namespace App\Console\Commands;

-
 use Illuminate\Console\Command;
 use Illuminate\Support\Facades\Storage;

@@ -39,49 +38,46 @@ class MoveUploadsToNewDisk extends Command
     */
    public function handle()
    {
-
-        if (config('filesystems.default')=='local') {
+        if (config('filesystems.default') == 'local') {
            $this->error('Your current disk is set to local so we cannot proceed.');
            $this->warn("Please configure your .env settings for S3. \nChange your PUBLIC_FILESYSTEM_DISK value to 's3_public' and your PRIVATE_FILESYSTEM_DISK to s3_private.");
+
            return false;
        }
        $delete_local = $this->argument('delete_local');

-        $public_uploads['accessories'] = glob('public/accessories'."/*.*");
-        $public_uploads['assets'] = glob('public/assets'."/*.*");
-        $public_uploads['avatars'] = glob('public/avatars'."/*.*");
-        $public_uploads['categories'] = glob('public/categories'."/*.*");
-        $public_uploads['companies'] = glob('public/companies'."/*.*");
-        $public_uploads['components'] = glob('public/components'."/*.*");
-        $public_uploads['consumables'] = glob('public/consumables'."/*.*");
-        $public_uploads['departments'] = glob('public/departments'."/*.*");
-        $public_uploads['locations'] = glob('public/locations'."/*.*");
-        $public_uploads['manufacturers'] = glob('public/manufacturers'."/*.*");
-        $public_uploads['suppliers'] = glob('public/suppliers'."/*.*");
-        $public_uploads['assetmodels'] = glob('public/models'."/*.*");
+        $public_uploads['accessories'] = glob('public/uploads/accessories'."/*.*");
+        $public_uploads['assets'] = glob('public/uploads/assets'."/*.*");
+        $public_uploads['avatars'] = glob('public/uploads/avatars'."/*.*");
+        $public_uploads['categories'] = glob('public/uploads/categories'."/*.*");
+        $public_uploads['companies'] = glob('public/uploads/companies'."/*.*");
+        $public_uploads['components'] = glob('public/uploads/components'."/*.*");
+        $public_uploads['consumables'] = glob('public/uploads/consumables'."/*.*");
+        $public_uploads['departments'] = glob('public/uploads/departments'."/*.*");
+        $public_uploads['locations'] = glob('public/uploads/locations'."/*.*");
+        $public_uploads['manufacturers'] = glob('public/uploads/manufacturers'."/*.*");
+        $public_uploads['suppliers'] = glob('public/uploads/suppliers'."/*.*");
+        $public_uploads['assetmodels'] = glob('public/uploads/models'."/*.*");


        // iterate files
-        foreach($public_uploads as $public_type => $public_upload)
-        {
+        foreach ($public_uploads as $public_type => $public_upload) {
            $type_count = 0;
-            $this->info("- There are ".count($public_upload).' PUBLIC '.$public_type.' files.');
+            $this->info('- There are ' . count($public_upload) . ' PUBLIC ' . $public_type . ' files.');

            for ($i = 0; $i < count($public_upload); $i++) {
                $type_count++;
                $filename = basename($public_upload[$i]);

                try  {
-                    Storage::disk('public')->put('uploads/'.public_type.'/'.$filename, file_get_contents($public_upload[$i]));
+                    Storage::disk('public')->put('uploads/'.$public_type.'/'.$filename, file_get_contents($public_upload[$i]));
                    $new_url = Storage::disk('public')->url('uploads/'.$public_type.'/'.$filename, $filename);
                    $this->info($type_count.'. PUBLIC: '.$filename.' was copied to '.$new_url);
                } catch (\Exception $e) {
                    \Log::debug($e);
                    $this->error($e);
                }
-
            }
-
        }

        $logos = glob("public/uploads/setting*.*");
@@ -92,8 +88,8 @@ class MoveUploadsToNewDisk extends Command
            $this->info($logo);
            $type_count++;
            $filename = basename($logo);
-            Storage::disk('public')->put('uploads/'.$filename, file_get_contents($logo));
-            $this->info($type_count.'. LOGO: '.$filename.' was copied to '.env('PUBLIC_AWS_URL').'/uploads/'.$filename);
+            Storage::disk('public')->put('uploads/' . $filename, file_get_contents($logo));
+            $this->info($type_count . '. LOGO: ' . $filename . ' was copied to ' . env('PUBLIC_AWS_URL') . '/uploads/' . $filename);
        }

        $private_uploads['assets'] = glob('storage/private_uploads/assets'."/*.*");
@@ -103,81 +99,69 @@ class MoveUploadsToNewDisk extends Command
        $private_uploads['imports'] = glob('storage/private_uploads/imports'."/*.*");
        $private_uploads['licenses'] = glob('storage/private_uploads/licenses'."/*.*");
        $private_uploads['users'] = glob('storage/private_uploads/users'."/*.*");
-        $private_uploads['backups'] = glob('storage/private_uploads/users'."/*.*");
+        $private_uploads['backups'] = glob('storage/private_uploads/backups'."/*.*");
+        

+        foreach ($private_uploads as $private_type => $private_upload) {
+            {
+                $this->info('- There are ' . count($private_upload) . ' PRIVATE ' . $private_type . ' files.');

-        foreach($private_uploads as $private_type => $private_upload)
-        {
-            $this->info("- There are ".count($private_upload).' PRIVATE '.$private_type.' files.');
-
-            $type_count = 0;
-            for ($x = 0; $x < count($private_upload); $x++) {
-                $type_count++;
-                $filename = basename($private_upload[$x]);
-
-                try  {
-                    Storage::put($private_type.'/'.$filename, file_get_contents($private_upload[$i]));
-                    $new_url = Storage::url($private_type.'/'.$filename, $filename);
-                    $this->info($type_count.'. PRIVATE: '.$filename.' was copied to '.$new_url);
-
-                } catch (\Exception $e) {
-                    \Log::debug($e);
-                    $this->error($e);
-                }
-
-            }
-
-        }
-
-
-        if ($delete_local=='true') {
-            $public_delete_count = 0;
-            $private_delete_count = 0;
-
-            $this->info("\n\n");
-            $this->error('!!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!');
-            $this->warn("\nTHIS WILL DELETE ALL OF YOUR LOCAL UPLOADED FILES. \n\nThis cannot be undone, so you should take a backup of your system before you proceed.\n");
-            $this->error('!!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!');
-
-            if ($this->confirm("Do you wish to continue?")) {
-
-                foreach($public_uploads as $public_type => $public_upload) {
-
-                    for ($i = 0; $i < count($public_upload); $i++) {
-                        $filename = $public_upload[$i];
-                        try {
-                            unlink($filename);
-                            $public_delete_count++;
-                        } catch (\Exception $e) {
-                            \Log::debug($e);
-                            $this->error($e);
-                        }
+                $type_count = 0;
+                for ($x = 0; $x < count($private_upload); $x++) {
+                    $type_count++;
+                    $filename = basename($private_upload[$x]);

+                    try {
+                        Storage::put($private_type . '/' . $filename, file_get_contents($private_upload[$i]));
+                        $new_url = Storage::url($private_type . '/' . $filename, $filename);
+                        $this->info($type_count . '. PRIVATE: ' . $filename . ' was copied to ' . $new_url);
+                    } catch (\Exception $e) {
+                        \Log::debug($e);
+                        $this->error($e);
                    }
                }
+            }

-                foreach($private_uploads as $private_type => $private_upload)
-                {

-                    for ($i = 0; $i < count($private_upload); $i++) {
-                        $filename = $private_upload[$i];
-                        try {
-                            unlink($filename);
-                            $private_delete_count++;
-                        } catch (\Exception $e) {
-                            \Log::debug($e);
-                            $this->error($e);
+            if ($delete_local == 'true') {
+                $public_delete_count = 0;
+                $private_delete_count = 0;
+
+                $this->info("\n\n");
+                $this->error('!!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!');
+                $this->warn("\nTHIS WILL DELETE ALL OF YOUR LOCAL UPLOADED FILES. \n\nThis cannot be undone, so you should take a backup of your system before you proceed.\n");
+                $this->error('!!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!');
+
+                if ($this->confirm('Do you wish to continue?')) {
+                    foreach ($public_uploads as $public_type => $public_upload) {
+                        for ($i = 0; $i < count($public_upload); $i++) {
+                            $filename = $public_upload[$i];
+                            try {
+                                unlink($filename);
+                                $public_delete_count++;
+                            } catch (\Exception $e) {
+                                \Log::debug($e);
+                                $this->error($e);
+                            }
                        }
-
                    }
-                }

-                $this->info($public_delete_count." PUBLIC local files and ".$private_delete_count." PRIVATE local files were deleted from your filesystem.");
+                    foreach ($private_uploads as $private_type => $private_upload) {
+                        for ($i = 0; $i < count($private_upload); $i++) {
+                            $filename = $private_upload[$i];
+                            try {
+                                unlink($filename);
+                                $private_delete_count++;
+                            } catch (\Exception $e) {
+                                \Log::debug($e);
+                                $this->error($e);
+                            }
+                        }
+                    }
+
+                    $this->info($public_delete_count . ' PUBLIC local files and ' . $private_delete_count . ' PRIVATE local files were deleted from your filesystem.');
+                }
            }
        }
-
-
-
-
    }
 }
@@ -1,4 +1,5 @@
 <?php
+
 namespace App\Console\Commands;

 use Illuminate\Console\Command;
@@ -13,7 +14,6 @@ ini_set('memory_limit', env('IMPORT_MEMORY_LIMIT', '500M'));
 */
 class ObjectImportCommand extends Command
 {
-
    /**
     * The console command name.
     *
@@ -37,7 +37,9 @@ class ObjectImportCommand extends Command
    {
        parent::__construct();
    }
+
    private $bar;
+
    /**
     * Execute the console command.
     *
@@ -55,7 +57,6 @@ class ObjectImportCommand extends Command
                 ->setShouldNotify($this->option('send-welcome'))
                 ->setUsernameFormat($this->option('username_format'));

-
        // This $logFile/useFiles() bit is currently broken, so commenting it out for now
        // $logFile = $this->option('logfile');
        // \Log::useFiles($logFile);
@@ -64,29 +65,28 @@ class ObjectImportCommand extends Command

        $this->bar = null;

-        if (!empty($this->errors)) {
-            $this->comment("The following Errors were encountered.");
+        if (! empty($this->errors)) {
+            $this->comment('The following Errors were encountered.');
            foreach ($this->errors as $asset => $error) {
-                $this->comment('Error: Item: ' . $asset . ' failed validation: ' . json_encode($error));
+                $this->comment('Error: Item: '.$asset.' failed validation: '.json_encode($error));
            }
        } else {
-            $this->comment("All Items imported successfully!");
+            $this->comment('All Items imported successfully!');
        }
-        $this->comment("");
-
-        return;
+        $this->comment('');
    }

    public function errorCallback($item, $field, $errorString)
    {
        $this->errors[$item->name][$field] = $errorString;
    }
+
    public function progress($count)
    {
-        if (!$this->bar) {
+        if (! $this->bar) {
            $this->bar = $this->output->createProgressBar($count);
        }
-        static $index =0;
+        static $index = 0;
        $index++;
        if ($index < $count) {
            $this->bar->advance();
@@ -94,12 +94,12 @@ class ObjectImportCommand extends Command
            $this->bar->finish();
        }
    }
+
    // Tracks the current item for error messages
    private $updating;
    // An array of errors encountered while parsing
    private $errors;

-
    /**
     * Log a message to file, configurable by the --log-file parameter.
     * If a warning message is passed, we'll spit it to the console as well.
@@ -108,7 +108,7 @@ class ObjectImportCommand extends Command
     * @since 3.0
     * @param string $string
     * @param string $level
-    */
+     */
    public function log($string, $level = 'info')
    {
        if ($level === 'warning') {
@@ -121,6 +121,7 @@ class ObjectImportCommand extends Command
            }
        }
    }
+
    /**
     * Get the console command arguments.
     *
@@ -130,12 +131,11 @@ class ObjectImportCommand extends Command
     */
    protected function getArguments()
    {
-        return array(
-            array('filename', InputArgument::REQUIRED, 'File for the CSV import.'),
-        );
+        return [
+            ['filename', InputArgument::REQUIRED, 'File for the CSV import.'],
+        ];
    }

-
    /**
     * Get the console command options.
     *
@@ -145,16 +145,15 @@ class ObjectImportCommand extends Command
     */
    protected function getOptions()
    {
-        return array(
-        array('email_format', null, InputOption::VALUE_REQUIRED, 'The format of the email addresses that should be generated. Options are firstname.lastname, firstname, filastname', null),
-        array('username_format', null, InputOption::VALUE_REQUIRED, 'The format of the username that should be generated. Options are firstname.lastname, firstname, filastname, email', null),
-        array('logfile', null, InputOption::VALUE_REQUIRED, 'The path to log output to.  storage/logs/importer.log by default', storage_path('logs/importer.log') ),
-        array('item-type', null, InputOption::VALUE_REQUIRED, 'Item Type To import.  Valid Options are Asset, Consumable, Accessory, License, or User', 'Asset'),
-        array('web-importer', null, InputOption::VALUE_NONE, 'Internal: packages output for use with the web importer'),
-        array('user_id', null, InputOption::VALUE_REQUIRED, 'ID of user creating items', 1),
-        array('update', null, InputOption::VALUE_NONE, 'If a matching item is found, update item information'),
-        array('send-welcome', null, InputOption::VALUE_NONE, 'Whether to send a welcome email to any new users that are created.'),
-        );
-
+        return [
+        ['email_format', null, InputOption::VALUE_REQUIRED, 'The format of the email addresses that should be generated. Options are firstname.lastname, firstname, filastname', null],
+        ['username_format', null, InputOption::VALUE_REQUIRED, 'The format of the username that should be generated. Options are firstname.lastname, firstname, filastname, email', null],
+        ['logfile', null, InputOption::VALUE_REQUIRED, 'The path to log output to.  storage/logs/importer.log by default', storage_path('logs/importer.log')],
+        ['item-type', null, InputOption::VALUE_REQUIRED, 'Item Type To import.  Valid Options are Asset, Consumable, Accessory, License, or User', 'Asset'],
+        ['web-importer', null, InputOption::VALUE_NONE, 'Internal: packages output for use with the web importer'],
+        ['user_id', null, InputOption::VALUE_REQUIRED, 'ID of user creating items', 1],
+        ['update', null, InputOption::VALUE_NONE, 'If a matching item is found, update item information'],
+        ['send-welcome', null, InputOption::VALUE_NONE, 'Whether to send a welcome email to any new users that are created.'],
+        ];
    }
 }
@@ -2,23 +2,9 @@

 namespace App\Console\Commands;

-use App\Models\Accessory;
 use App\Models\Asset;
-use App\Models\AssetModel;
-use App\Models\Category;
-use App\Models\Company;
-use App\Models\Component;
-use App\Models\Consumable;
-use App\Models\Department;
-use App\Models\Depreciation;
-use App\Models\Group;
-use App\Models\Import;
-use App\Models\License;
-use App\Models\LicenseSeat;
-use App\Models\Location;
-use App\Models\Manufacturer;
-use App\Models\Statuslabel;
-use App\Models\Supplier;
+use App\Models\CustomField;
+use Schema;
 use DB;
 use Illuminate\Console\Command;

@@ -29,15 +15,14 @@ class PaveIt extends Command
     *
     * @var string
     */
-    protected $signature = 'snipeit:pave
-              {--soft : Perform a "Soft" Delete, leaving all migrations, table structure, and the first user in place.}';
+    protected $signature = 'snipeit:pave  {--force : Skip the interactive yes/no prompt for confirmation}';

    /**
     * The console command description.
     *
     * @var string
     */
-    protected $description = 'Pave the database to start over. This should ALMOST NEVER BE USED. (It is primarily a quick tool for developers.)';
+    protected $description = 'Clear the database tables, leaving all migrations, table structure, and the first user in place. (It is primarily a quick tool for developers.) If you want to destroy all tables as well, use php artisan db:wipe.';

    /**
     * Create a new command instance.
@@ -56,106 +41,51 @@ class PaveIt extends Command
     */
    public function handle()
    {
-        if ($this->confirm("\n****************************************************\nTHIS WILL DELETE ALL OF THE DATA IN YOUR DATABASE. \nThere is NO undo. This WILL destroy ALL of your data. \n****************************************************\n\nDo you wish to continue? No backsies! [y|N]")) {
-            if ($this->option('soft')) {
-                Accessory::getQuery()->delete();
-                Asset::getQuery()->delete();
-                Category::getQuery()->delete();
-                Company::getQuery()->delete();
-                Component::getQuery()->delete();
-                Consumable::getQuery()->delete();
-                Department::getQuery()->delete();
-                Depreciation::getQuery()->delete();
-                License::getQuery()->delete();
-                LicenseSeat::getQuery()->delete();
-                Location::getQuery()->delete();
-                Manufacturer::getQuery()->delete();
-                AssetModel::getQuery()->delete();
-                Statuslabel::getQuery()->delete();
-                Supplier::getQuery()->delete();
-                Group::getQuery()->delete();
-                Import::getQuery()->delete();

-                DB::statement('delete from accessories_users');
-                DB::statement('delete from asset_logs');
-                DB::statement('delete from asset_maintenances');
-                DB::statement('delete from login_attempts');
-                DB::statement('delete from asset_uploads');
-                DB::statement('delete from action_logs');
-                DB::statement('delete from checkout_requests');
-                DB::statement('delete from checkout_acceptances');
-                DB::statement('delete from consumables_users');
-                DB::statement('delete from custom_field_custom_fieldset');
-                DB::statement('delete from custom_fields');
-                DB::statement('delete from custom_fieldsets');
-                DB::statement('delete from components_assets');
-                DB::statement('delete from kits');
-                DB::statement('delete from kits_accessories');
-                DB::statement('delete from kits_consumables');
-                DB::statement('delete from kits_licenses');
-                DB::statement('delete from kits_models');
-                DB::statement('delete from login_attempts');
-                DB::statement('delete from models_custom_fields');
-                DB::statement('delete from permission_groups');
-                DB::statement('delete from password_resets');
-                DB::statement('delete from requested_assets');
-                DB::statement('delete from requests');
-                DB::statement('delete from throttle');
-                DB::statement('delete from users_groups');
-                DB::statement('delete from users WHERE id!=1');
-            } else {
-                \DB::statement('drop table IF EXISTS accessories_users');
-                \DB::statement('drop table IF EXISTS accessories');
-                \DB::statement('drop table IF EXISTS asset_logs');
-                \DB::statement('drop table IF EXISTS action_logs');
-                \DB::statement('drop table IF EXISTS asset_maintenances');
-                \DB::statement('drop table IF EXISTS asset_uploads');
-                \DB::statement('drop table IF EXISTS assets');
-                \DB::statement('drop table IF EXISTS categories');
-                \DB::statement('drop table IF EXISTS checkout_requests');
-                \DB::statement('drop table IF EXISTS checkout_acceptances');
-                \DB::statement('drop table IF EXISTS companies');
-                \DB::statement('drop table IF EXISTS components');
-                \DB::statement('drop table IF EXISTS components_assets');
-                \DB::statement('drop table IF EXISTS consumables_users');
-                \DB::statement('drop table IF EXISTS consumables');
-                \DB::statement('drop table IF EXISTS custom_field_custom_fieldset');
-                \DB::statement('drop table IF EXISTS custom_fields');
-                \DB::statement('drop table IF EXISTS custom_fieldsets');
-                \DB::statement('drop table IF EXISTS depreciations');
-                \DB::statement('drop table IF EXISTS departments');
-                \DB::statement('drop table IF EXISTS groups');
-                \DB::statement('drop table IF EXISTS history');
-                \DB::statement('drop table IF EXISTS kits');
-                \DB::statement('drop table IF EXISTS kits_accessories');
-                \DB::statement('drop table IF EXISTS kits_consumables');
-                \DB::statement('drop table IF EXISTS kits_licenses');
-                \DB::statement('drop table IF EXISTS kits_models');
-                \DB::statement('drop table IF EXISTS models_custom_fields');
-                \DB::statement('drop table IF EXISTS permission_groups');
-                \DB::statement('drop table IF EXISTS license_seats');
-                \DB::statement('drop table IF EXISTS licenses');
-                \DB::statement('drop table IF EXISTS locations');
-                \DB::statement('drop table IF EXISTS login_attempts');
-                \DB::statement('drop table IF EXISTS manufacturers');
-                \DB::statement('drop table IF EXISTS models');
-                \DB::statement('drop table IF EXISTS migrations');
-                \DB::statement('drop table IF EXISTS oauth_access_tokens');
-                \DB::statement('drop table IF EXISTS oauth_auth_codes');
-                \DB::statement('drop table IF EXISTS oauth_clients');
-                \DB::statement('drop table IF EXISTS oauth_personal_access_clients');
-                \DB::statement('drop table IF EXISTS oauth_refresh_tokens');
-                \DB::statement('drop table IF EXISTS password_resets');
-                \DB::statement('drop table IF EXISTS requested_assets');
-                \DB::statement('drop table IF EXISTS requests');
-                \DB::statement('drop table IF EXISTS settings');
-                \DB::statement('drop table IF EXISTS status_labels');
-                \DB::statement('drop table IF EXISTS suppliers');
-                \DB::statement('drop table IF EXISTS throttle');
-                \DB::statement('drop table IF EXISTS users_groups');
-                \DB::statement('drop table IF EXISTS users');
-                \DB::statement('drop table IF EXISTS imports');
+        if (!$this->option('force')) {
+            $confirmation = $this->confirm("\n****************************************************\nTHIS WILL DELETE ALL OF THE DATA IN YOUR DATABASE. \nThere is NO undo. This WILL destroy ALL of your data, \nINCLUDING ANY non-Snipe-IT tables you have in this database. \n****************************************************\n\nDo you wish to continue? No backsies! ");
+            if (!$confirmation) {
+                $this->error('ABORTING');
+                exit(-1);
            }
        }
+
+        // List all the tables in the database so we don't have to worry about missing some as the app grows
+        $tables = DB::connection()->getDoctrineSchemaManager()->listTableNames();
+
+        $except_tables = [
+            'oauth_access_tokens',
+            'oauth_clients',
+            'oauth_personal_access_clients',
+            'migrations',
+            'settings',
+            'users',
+        ];
+
+        // We only need to find out what these are so we can nuke these columns on the assets table.
+        $custom_fields = CustomField::get();
+        foreach ($custom_fields as $custom_field) {
+            $this->info('DROP the '.$custom_field->db_column.' column from assets as well.');
+
+            if (\Schema::hasColumn('assets', $custom_field->db_column)) {
+                \Schema::table('assets', function ($table) use ($custom_field) {
+                    $table->dropColumn($custom_field->db_column);
+                });
+            }
+        }
+
+        foreach ($tables as $table) {
+            if (in_array($table, $except_tables)) {
+                $this->info($table. ' is SKIPPED.');
+            } else {
+                \DB::statement('truncate '.$table);
+                $this->info($table. ' is TRUNCATED.');
+            }
+        }
+
+        // Leave in the demo oauth keys so we don't have to reset them every day in the demos
+        \DB::statement('delete from oauth_clients WHERE id > 2');
+        \DB::statement('delete from oauth_access_tokens WHERE id > 2');
+    
    }
-}
+}
@@ -50,7 +50,7 @@ class Purge extends Command
    public function handle()
    {
        $force = $this->option('force');
-        if (($this->confirm("\n****************************************************\nTHIS WILL PURGE ALL SOFT-DELETED ITEMS IN YOUR SYSTEM. \nThere is NO undo. This WILL permanently destroy \nALL of your deleted data. \n****************************************************\n\nDo you wish to continue? No backsies! [y|N]")) ||  $force == 'true') {
+        if (($this->confirm("\n****************************************************\nTHIS WILL PURGE ALL SOFT-DELETED ITEMS IN YOUR SYSTEM. \nThere is NO undo. This WILL permanently destroy \nALL of your deleted data. \n****************************************************\n\nDo you wish to continue? No backsies! [y|N]")) || $force == 'true') {

            /**
             * Delete assets
@@ -80,9 +80,8 @@ class Purge extends Command
                $location->forceDelete();
            }

-
            $accessories = Accessory::whereNotNull('deleted_at')->withTrashed()->get();
-            $accessory_assoc=0;
+            $accessory_assoc = 0;
            $this->info($accessories->count().' accessories purged.');
            foreach ($accessories as $accessory) {
                $this->info('- Accessory "'.$accessory->name.'" deleted.');
@@ -92,7 +91,6 @@ class Purge extends Command
            }
            $this->info($accessory_assoc.' corresponding log records purged.');

-
            $consumables = Consumable::whereNotNull('deleted_at')->withTrashed()->get();
            $this->info($consumables->count().' consumables purged.');
            foreach ($consumables as $consumable) {
@@ -101,7 +99,6 @@ class Purge extends Command
                $consumable->forceDelete();
            }

-
            $components = Component::whereNotNull('deleted_at')->withTrashed()->get();
            $this->info($components->count().' components purged.');
            foreach ($components as $component) {
@@ -126,7 +123,6 @@ class Purge extends Command
                $model->forceDelete();
            }

-
            $categories = Category::whereNotNull('deleted_at')->withTrashed()->get();
            $this->info($categories->count().' categories purged.');
            foreach ($categories as $category) {
@@ -165,11 +161,8 @@ class Purge extends Command
                $this->info('- Status Label "'.$status_label->name.'" deleted.');
                $status_label->forceDelete();
            }
-
-
        } else {
            $this->info('Action canceled. Nothing was purged.');
        }
-
    }
 }
@@ -38,7 +38,7 @@ class PurgeLoginAttempts extends Command
    public function handle()
    {
        if ($this->confirm("\n****************************************************\nTHIS WILL DELETE ALL OF THE YOUR LOGIN ATTEMPT RECORDS. \nThere is NO undo! \n****************************************************\n\nDo you wish to continue? No backsies! [y|N]")) {
-                \DB::statement('delete from login_attempts');
+            \DB::statement('delete from login_attempts');
        }
    }
 }
@@ -48,15 +48,13 @@ class ReEncodeCustomFieldNames extends Command
     */
    public function handle()
    {
-
-        if ($this->confirm('This will regenerate all of the custom field database fieldnames in your database. THIS WILL CHANGE YOUR SCHEMA AND SHOULD NOT BE DONE WITHOUT MAKING A BACKUP FIRST. Do you wish to continue?'))
-        {
+        if ($this->confirm('This will regenerate all of the custom field database fieldnames in your database. THIS WILL CHANGE YOUR SCHEMA AND SHOULD NOT BE DONE WITHOUT MAKING A BACKUP FIRST. Do you wish to continue?')) {

            /** Get all of the custom fields */
            $fields = CustomField::get();

            $asset_columns = \DB::getSchemaBuilder()->getColumnListing('assets');
-            $custom_field_columns = array();
+            $custom_field_columns = [];

            /** Loop through the columns on the assets table */
            foreach ($asset_columns as $asset_column) {
@@ -71,18 +69,16 @@ class ReEncodeCustomFieldNames extends Command
                     * Then use that ID as the array key for use comparing the actual assets field name
                     * and the db_column value from the custom fields table.
                     */
-                    $last_part = substr(strrchr($asset_column, "_snipeit_"), 1);
+                    $last_part = substr(strrchr($asset_column, '_snipeit_'), 1);
                    $custom_field_columns[$last_part] = $asset_column;
                }
            }

            foreach ($fields as $field) {
-
-                $this->info($field->name .' ('.$field->id.') column should be '. $field->convertUnicodeDbSlug().'');
+                $this->info($field->name.' ('.$field->id.') column should be '.$field->convertUnicodeDbSlug().'');

                /** The assets table has the column it should have, all is well */
-                if (\Schema::hasColumn('assets', $field->convertUnicodeDbSlug()))
-                {
+                if (\Schema::hasColumn('assets', $field->convertUnicodeDbSlug())) {
                    $this->info('-- ✓ This field exists - all good');

                /**
@@ -90,24 +86,23 @@ class ReEncodeCustomFieldNames extends Command
                 * what $field->convertUnicodeDbSlug() is *now* expecting.
                 */
                } else {
-                        $this->warn('-- X Field mismatch: updating... ');
+                    $this->warn('-- X Field mismatch: updating... ');

-                        /** Make sure the custom_field_columns array has the ID */
-                        if (array_key_exists($field->id, $custom_field_columns)) {
+                    /** Make sure the custom_field_columns array has the ID */
+                    if (array_key_exists($field->id, $custom_field_columns)) {

-                            /**
-                             * Update the asset schema to the corrected fieldname that will be recognized by the
-                             *  system elsewhere that we use $field->convertUnicodeDbSlug()
-                             */
-                            \Schema::table('assets', function($table) use ($custom_field_columns, $field) {
-                                $table->renameColumn($custom_field_columns[$field->id], $field->convertUnicodeDbSlug());
-                            });
+                        /**
+                         * Update the asset schema to the corrected fieldname that will be recognized by the
+                         *  system elsewhere that we use $field->convertUnicodeDbSlug()
+                         */
+                        \Schema::table('assets', function ($table) use ($custom_field_columns, $field) {
+                            $table->renameColumn($custom_field_columns[$field->id], $field->convertUnicodeDbSlug());
+                        });

-                            $this->warn('-- ✓ Field updated from '.$custom_field_columns[$field->id].' to '.$field->convertUnicodeDbSlug());
-
-                        } else {
-                            $this->warn('-- X WARNING: There is no field on the assets table ending in  '.$field->id.'. This may require more in-depth investigation and may mean the schema was altered manually.');
-                        }
+                        $this->warn('-- ✓ Field updated from '.$custom_field_columns[$field->id].' to '.$field->convertUnicodeDbSlug());
+                    } else {
+                        $this->warn('-- X WARNING: There is no field on the assets table ending in  '.$field->id.'. This may require more in-depth investigation and may mean the schema was altered manually.');
+                    }
                }

                /** Update the db_column property in the custom fields table, just in case it doesn't match the other
@@ -115,12 +110,7 @@ class ReEncodeCustomFieldNames extends Command
                 */
                $field->db_column = $field->convertUnicodeDbSlug();
                $field->save();
-
-
            }
-
        }
-
-
    }
 }
@@ -44,37 +44,35 @@ class RecryptFromMcrypt extends Command
    public function handle()
    {

-
        // Check and see if they have a legacy app key listed in their .env
        // If not, we can try to use the current APP_KEY if looks like it's old
        $legacy_key = env('LEGACY_APP_KEY');
        $key_parts = explode(':', $legacy_key);
        $legacy_cipher = env('LEGACY_CIPHER', 'rijndael-256');
-        $errors = array();
+        $errors = [];

-        if (!$legacy_key) {
+        if (! $legacy_key) {
            $this->error('ERROR: You do not have a LEGACY_APP_KEY set in your .env file. Please locate your old APP_KEY and ADD a line to your .env file like: LEGACY_APP_KEY=YOUR_OLD_APP_KEY');
+
            return false;
        }

-
        // Do some basic legacy app key length checks
        if (strlen($legacy_key) == 32) {
            $legacy_length_check = true;
-        } elseif (array_key_exists('1', $key_parts) && (strlen($key_parts[1])==44)) {
-            $legacy_key = base64_decode($key_parts[1],true);
+        } elseif (array_key_exists('1', $key_parts) && (strlen($key_parts[1]) == 44)) {
+            $legacy_key = base64_decode($key_parts[1], true);
            $legacy_length_check = true;
        } else {
            $legacy_length_check = false;
        }
-   
-

        // Check that the app key is 32 characters
        if ($legacy_length_check === true) {
            $this->comment('INFO: Your LEGACY_APP_KEY looks correct. Okay to continue.');
        } else {
            $this->error('ERROR: Your LEGACY_APP_KEY is not the correct length (32 characters or base64 followed by 44 characters for later versions). Please locate your old APP_KEY and use that as your LEGACY_APP_KEY in your .env file to continue.');
+
            return false;
        }

@@ -84,8 +82,7 @@ class RecryptFromMcrypt extends Command

        $force = ($this->option('force')) ? true : false;

-        if ($force || ($this->confirm("Are you SURE you wish to continue?"))) {
-
+        if ($force || ($this->confirm('Are you SURE you wish to continue?'))) {
            $backup_file = 'backups/env-backups/'.'app_key-'.date('Y-m-d-gis');

            try {
@@ -95,15 +92,14 @@ class RecryptFromMcrypt extends Command
                $this->info('WARNING: Could not backup app keys');
            }

-
-            if ($legacy_cipher){
-                $mcrypter = new McryptEncrypter($legacy_key,$legacy_cipher);
-            }else{
+            if ($legacy_cipher) {
+                $mcrypter = new McryptEncrypter($legacy_key, $legacy_cipher);
+            } else {
                $mcrypter = new McryptEncrypter($legacy_key);
            }
            $settings = Setting::getSettings();

-            if ($settings->ldap_pword=='') {
+            if ($settings->ldap_pword == '') {
                $this->comment('INFO: No LDAP password found. Skipping... ');
            } else {
                $decrypted_ldap_pword = $mcrypter->decrypt($settings->ldap_pword);
@@ -111,30 +107,28 @@ class RecryptFromMcrypt extends Command
                $settings->save();
            }
            /** @var CustomField[] $custom_fields */
-            $custom_fields = CustomField::where('field_encrypted','=', 1)->get();
+            $custom_fields = CustomField::where('field_encrypted', '=', 1)->get();
            $this->comment('INFO: Retrieving encrypted custom fields...');

            $query = Asset::withTrashed();

            foreach ($custom_fields as $custom_field) {
-                $this->comment('FIELD TO RECRYPT:  '.$custom_field->name .' ('.$custom_field->db_column.')');
+                $this->comment('FIELD TO RECRYPT:  '.$custom_field->name.' ('.$custom_field->db_column.')');
                $query->orWhereNotNull($custom_field->db_column);
            }

-
            // Get all assets with a value in any of the fields that were encrypted
            /** @var Asset[] $assets */
            $assets = $query->get();

            $bar = $this->output->createProgressBar(count($assets));

-
            foreach ($assets as $asset) {
                foreach ($custom_fields as $encrypted_field) {
                    $columnName = $encrypted_field->db_column;

                    // Make sure the value isn't null
-                    if ($asset->{$columnName}!='') {
+                    if ($asset->{$columnName} != '') {
                        // Try to decrypt the payload using the legacy app key
                        try {
                            $decrypted_field = $mcrypter->decrypt($asset->{$columnName});
@@ -144,14 +138,11 @@ class RecryptFromMcrypt extends Command
                            $errors[] = ' - ERROR: Could not decrypt field ['.$encrypted_field->name.']: '.$e->getMessage();
                        }
                    }
-
                }
                $asset->save();
                $bar->advance();
            }

-
-
            $bar->finish();

            if (count($errors) > 0) {
@@ -162,6 +153,5 @@ class RecryptFromMcrypt extends Command
                }
            }
        }
-
    }
 }
@@ -40,31 +40,27 @@ class RegenerateAssetTags extends Command
     */
    public function handle()
    {
-
-        if ($this->confirm('This will regenerate all of the asset tags within your system. This action is data-destructive and should be used with caution. Do you wish to continue?'))
-        {
-
+        if ($this->confirm('This will regenerate all of the asset tags within your system. This action is data-destructive and should be used with caution. Do you wish to continue?')) {
            $output['info'] = [];
            $output['warn'] = [];
            $output['error'] = [];
            $settings = Setting::getSettings();

-            $start_tag = ($this->option('start')) ? $this->option('start') : (($settings->next_auto_tag_base) ? Setting::getSettings()->next_auto_tag_base : 1) ;
+            $start_tag = ($this->option('start')) ? $this->option('start') : (($settings->next_auto_tag_base) ? Setting::getSettings()->next_auto_tag_base : 1);

            $this->info('Starting at '.$start_tag);

-            $total_assets = Asset::orderBy('id','asc')->get();
+            $total_assets = Asset::orderBy('id', 'asc')->get();
            $bar = $this->output->createProgressBar(count($total_assets));

-            try  {
+            try {
                Artisan::call('backup:run');
            } catch (\Exception $e) {
                $output['error'][] = $e;
            }

            foreach ($total_assets as $asset) {
-                
-                $start_tag++;
+
                $output['info'][] = 'Asset tag:'.$asset->asset_tag;
                $asset->asset_tag = $settings->auto_increment_prefix.$settings->auto_increment_prefix.$start_tag;

@@ -76,29 +72,33 @@ class RegenerateAssetTags extends Command

                // Use forceSave here to override model level validation
                $asset->forceSave();
+                $start_tag++;
+                if ($bar) {
+                    $bar->advance();
+                }
            }

+            $settings->next_auto_tag_base = Asset::zerofill($start_tag, $settings->zerofill_count);
+            $settings->save();
+
            $bar->finish();
            $this->info("\n");

-
-            if (($this->option('output')=='all') || ($this->option('output')=='info')) {
+            if (($this->option('output') == 'all') || ($this->option('output') == 'info')) {
                foreach ($output['info'] as $key => $output_text) {
                    $this->info($output_text);
                }
            }
-            if (($this->option('output')=='all') || ($this->option('output')=='warn')) {
+            if (($this->option('output') == 'all') || ($this->option('output') == 'warn')) {
                foreach ($output['warn'] as $key => $output_text) {
                    $this->warn($output_text);
                }
            }
-            if (($this->option('output')=='all') || ($this->option('output')=='error')) {
+            if (($this->option('output') == 'all') || ($this->option('output') == 'error')) {
                foreach ($output['error'] as $key => $output_text) {
                    $this->error($output_text);
                }
            }
        }
-
-
    }
 }
@@ -48,6 +48,7 @@ class ResetDemoSettings extends Command
        $settings->auto_increment_assets = 1;
        $settings->logo = 'snipe-logo.png';
        $settings->alert_email = 'service@snipe-it.io';
+        $settings->login_note = 'Use `admin` / `password` to login to the demo.';
        $settings->header_color = null;
        $settings->barcode_type = 'QRCODE';
        $settings->default_currency = 'USD';
@@ -81,8 +82,8 @@ class ResetDemoSettings extends Command
            $user->save();
        }

-        \Storage::disk('local_public')->put('snipe-logo.png', file_get_contents(public_path('img/demo/snipe-logo.png')));
-        \Storage::disk('local_public')->put('snipe-logo-lg.png', file_get_contents(public_path('img/demo/snipe-logo-lg.png')));
+        \Storage::disk('public')->put('snipe-logo.png', file_get_contents(public_path('img/demo/snipe-logo.png')));
+        \Storage::disk('public')->put('snipe-logo-lg.png', file_get_contents(public_path('img/demo/snipe-logo-lg.png')));

    }

@@ -43,16 +43,15 @@ class RestoreDeletedUsers extends Command
     */
    public function handle()
    {
-
        $start_date = $this->option('start_date');
        $end_date = $this->option('end_date');
        $asset_totals = 0;
        $license_totals = 0;
        $user_count = 0;

-
-        if (($start_date=='') || ($end_date=='')) {
+        if (($start_date == '') || ($end_date == '')) {
            $this->info('ERROR: All fields are required.');
+
            return false;
        }

@@ -63,15 +62,15 @@ class RestoreDeletedUsers extends Command

        foreach ($users as $user) {
            $user_count++;
-            $user_logs = Actionlog::where('target_id', $user->id)->where('target_type',User::class)
-                ->where('action_type','checkout')->with('item')->get();
+            $user_logs = Actionlog::where('target_id', $user->id)->where('target_type', User::class)
+                ->where('action_type', 'checkout')->with('item')->get();

-            $this->info($user_count.'. '.$user->username.' ('.$user->id.') was deleted at '.$user->deleted_at. ' and has '.$user_logs->count().' checkouts associated.');
+            $this->info($user_count.'. '.$user->username.' ('.$user->id.') was deleted at '.$user->deleted_at.' and has '.$user_logs->count().' checkouts associated.');

            foreach ($user_logs as $user_log) {
                $this->info('  * '.$user_log->item_type.': '.$user_log->item->name.' - item_id: '.$user_log->item_id);

-                if ($user_log->item_type==Asset::class) {
+                if ($user_log->item_type == Asset::class) {
                    $asset_totals++;

                    DB::table('assets')
@@ -79,11 +78,10 @@ class RestoreDeletedUsers extends Command
                        ->update(['assigned_to' => $user->id, 'assigned_type'=> User::class]);

                    $this->info('      ** Asset '.$user_log->item->id.' ('.$user_log->item->asset_tag.') restored to user '.$user->id.'');
-
-                } elseif ($user_log->item_type==License::class) {
+                } elseif ($user_log->item_type == License::class) {
                    $license_totals++;

-                    $avail_seat = DB::table('license_seats')->where('license_id','=',$user_log->item->id)
+                    $avail_seat = DB::table('license_seats')->where('license_id', '=', $user_log->item->id)
                        ->whereNull('assigned_to')->whereNull('asset_id')->whereBetween('updated_at', [$start_date, $end_date])->first();
                    if ($avail_seat) {
                        $this->info('      ** Allocating seat '.$avail_seat->id.' for this License');
@@ -91,27 +89,17 @@ class RestoreDeletedUsers extends Command
                        DB::table('license_seats')
                            ->where('id', $avail_seat->id)
                            ->update(['assigned_to' => $user->id]);
-
                    } else {
                        $this->warn('ERROR: No available seats for '.$user_log->item->name);
                    }
-
                }
-
            }

            $this->warn('Restoring user '.$user->username.'!');
            $user->restore();
-
-
        }

        $this->info($asset_totals.' assets affected');
        $this->info($license_totals.' licenses affected');
-
-
-
    }
-
-
 }
@@ -3,7 +3,6 @@
 namespace App\Console\Commands;

 use Illuminate\Console\Command;
-
 use ZipArchive;

 class RestoreFromBackup extends Command
@@ -14,7 +13,7 @@ class RestoreFromBackup extends Command
     * @var string
     */
    protected $signature = 'snipeit:restore 
-                                            {--force : Skip the danger prompt; assuming you hit "y"} 
+                                            {--force : Skip the danger prompt; assuming you enter "y"} 
                                            {filename : The zip file to be migrated}
                                            {--no-progress : Don\'t show a progress bar}';

@@ -23,7 +22,7 @@ class RestoreFromBackup extends Command
     *
     * @var string
     */
-    protected $description = 'Restore from a previously created backup';
+    protected $description = 'Restore from a previously created Snipe-IT backup file';

    /**
     * Create a new command instance.
@@ -35,6 +34,8 @@ class RestoreFromBackup extends Command
        parent::__construct();
    }

+    public static $buffer_size = 1024 * 1024;  // use a 1MB buffer, ought to work fine for most cases?
+
    /**
     * Execute the console command.
     *
@@ -43,39 +44,42 @@ class RestoreFromBackup extends Command
    public function handle()
    {
        $dir = getcwd();
-        print "Current working directory is: $dir\n";
+        if( $dir != base_path() ) { // usually only the case when running via webserver, not via command-line
+            \Log::debug("Current working directory is: $dir, changing directory to: ".base_path());
+            chdir(base_path()); // TODO - is this *safe* to change on a running script?!
+        }
        //
        $filename = $this->argument('filename');

-        if (!$filename) {
-            return $this->error("Missing required filename");
+        if (! $filename) {
+            return $this->error('Missing required filename');
        }

-        if (!$this->option('force') && !$this->confirm('Are you sure you wish to restore from the given backup file? This can lead to MASSIVE DATA LOSS!')) {
-            return $this->error("Data loss not confirmed");
+        if (! $this->option('force') && ! $this->confirm('Are you sure you wish to restore from the given backup file? This can lead to MASSIVE DATA LOSS!')) {
+            return $this->error('Data loss not confirmed');
        }

        if (config('database.default') != 'mysql') {
-            return $this->error("DB_CONNECTION must be MySQL in order to perform a restore. Detected: ".config('database.default'));
+            return $this->error('DB_CONNECTION must be MySQL in order to perform a restore. Detected: '.config('database.default'));
        }

        $za = new ZipArchive();

-        $errcode = $za->open($filename, ZipArchive::RDONLY);
+        $errcode = $za->open($filename/* , ZipArchive::RDONLY */); // that constant only exists in PHP 7.4 and higher
        if ($errcode !== true) {
            $errors = [
-                ZipArchive::ER_EXISTS => "File already exists.",
-                ZipArchive::ER_INCONS => "Zip archive inconsistent.",
-                ZipArchive::ER_INVAL => "Invalid argument.",
-                ZipArchive::ER_MEMORY => "Malloc failure.",
-                ZipArchive::ER_NOENT => "No such file.",
-                ZipArchive::ER_NOZIP => "Not a zip archive.",
+                ZipArchive::ER_EXISTS => 'File already exists.',
+                ZipArchive::ER_INCONS => 'Zip archive inconsistent.',
+                ZipArchive::ER_INVAL => 'Invalid argument.',
+                ZipArchive::ER_MEMORY => 'Malloc failure.',
+                ZipArchive::ER_NOENT => 'No such file ('.$filename.') in directory '.$dir.'.',
+                ZipArchive::ER_NOZIP => 'Not a zip archive.',
                ZipArchive::ER_OPEN => "Can't open file.",
-                ZipArchive::ER_READ => "Read error.",
-                ZipArchive::ER_SEEK => "Seek error."
+                ZipArchive::ER_READ => 'Read error.',
+                ZipArchive::ER_SEEK => 'Seek error.',
            ];

-            return $this->error("Could not access file: ".$filename." - ".array_key_exists($errcode,$errors) ? $errors[$errcode] : " Unknown reason: $errcode");
+            return $this->error('Could not access file: '.$filename.' - '.array_key_exists($errcode, $errors) ? $errors[$errcode] : " Unknown reason: $errcode");
        }


@@ -86,11 +90,11 @@ class RestoreFromBackup extends Command
            'storage/private_uploads/assetmodels',
            'storage/private_uploads/users',
            'storage/private_uploads/licenses',
-            'storage/private_uploads/signatures'
+            'storage/private_uploads/signatures',
        ];
        $private_files = [
            'storage/oauth-private.key',
-            'storage/oauth-public.key'
+            'storage/oauth-public.key',
        ];
        $public_dirs = [
            'public/uploads/companies',
@@ -108,16 +112,16 @@ class RestoreFromBackup extends Command
            'public/uploads/models',
            'public/uploads/categories',
            'public/uploads/avatars',
-            'public/uploads/manufacturers'
+            'public/uploads/manufacturers',
        ];
-        
+
        $public_files = [
            'public/uploads/logo.*',
            'public/uploads/setting-email_logo*',
            'public/uploads/setting-label_logo*',
            'public/uploads/setting-logo*',
            'public/uploads/favicon.*',
-            'public/uploads/favicon-uploaded.*'
+            'public/uploads/favicon-uploaded.*',
        ];

        $all_files = $private_dirs + $public_dirs;
@@ -127,64 +131,64 @@ class RestoreFromBackup extends Command

        $interesting_files = [];
        $boring_files = [];
-        
-        for ($i=0; $i<$za->numFiles;$i++) {
+
+        for ($i = 0; $i < $za->numFiles; $i++) {
            $stat_results = $za->statIndex($i);
            // echo "index: $i\n";
            // print_r($stat_results);
-        
+
            $raw_path = $stat_results['name'];
-            if(strpos($raw_path,'\\')!==false) { //found a backslash, swap it to forward-slash
-                $raw_path = strtr($raw_path,'\\','/');
+            if (strpos($raw_path, '\\') !== false) { //found a backslash, swap it to forward-slash
+                $raw_path = strtr($raw_path, '\\', '/');
                //print "Translating file: ".$stat_results['name']." to: ".$raw_path."\n";
            }
-        
+
            // skip macOS resource fork files (?!?!?!)
-            if(strpos($raw_path,"__MACOSX")!==false && strpos($raw_path,"._") !== false) {
+            if (strpos($raw_path, '__MACOSX') !== false && strpos($raw_path, '._') !== false) {
                //print "SKIPPING macOS Resource fork file: $raw_path\n";
                $boring_files[] = $raw_path;
                continue;
            }
-            if(@pathinfo($raw_path)['extension'] == "sql") {
-                print "Found a sql file!\n";
+            if (@pathinfo($raw_path)['extension'] == 'sql') {
+                \Log::debug("Found a sql file!");
                $sqlfiles[] = $raw_path;
                $sqlfile_indices[] = $i;
                continue;
            }
-        
-            foreach(array_merge($private_dirs,$public_dirs) as $dir) {
-                $last_pos = strrpos($raw_path,$dir.'/');
-                if($last_pos !== false ) {
+
+            foreach (array_merge($private_dirs, $public_dirs) as $dir) {
+                $last_pos = strrpos($raw_path, $dir.'/');
+                if ($last_pos !== false) {
                    //print("INTERESTING - last_pos is $last_pos when searching $raw_path for $dir - last_pos+strlen(\$dir) is: ".($last_pos+strlen($dir))." and strlen(\$rawpath) is: ".strlen($raw_path)."\n");
                    //print("We would copy $raw_path to $dir.\n"); //FIXME append to a path?
                    $interesting_files[$raw_path] = ['dest' =>$dir, 'index' => $i];
                    continue 2;
-                    if($last_pos + strlen($dir) +1 == strlen($raw_path)) {
+                    if ($last_pos + strlen($dir) + 1 == strlen($raw_path)) {
                        // we don't care about that; we just want files with the appropriate prefix
                        //print("FOUND THE EXACT DIRECTORY: $dir AT: $raw_path!!!\n");
                    }
                }
            }
-            $good_extensions = ["png","gif","jpg","svg","jpeg","doc","docx","pdf","txt",
-                                "zip","rar","xls","xlsx","lic","xml","rtf", "webp","key","ico"];
-            foreach(array_merge($private_files, $public_files) as $file) {
-                $has_wildcard = (strpos($file,"*") !== false);
-                if($has_wildcard) {
-                    $file = substr($file,0,-1); //trim last character (which should be the wildcard)
+            $good_extensions = ['png', 'gif', 'jpg', 'svg', 'jpeg', 'doc', 'docx', 'pdf', 'txt',
+                                'zip', 'rar', 'xls', 'xlsx', 'lic', 'xml', 'rtf', 'webp', 'key', 'ico', ];
+            foreach (array_merge($private_files, $public_files) as $file) {
+                $has_wildcard = (strpos($file, '*') !== false);
+                if ($has_wildcard) {
+                    $file = substr($file, 0, -1); //trim last character (which should be the wildcard)
                }
-                $last_pos = strrpos($raw_path,$file); // no trailing slash!
-                if($last_pos !== false ) {
+                $last_pos = strrpos($raw_path, $file); // no trailing slash!
+                if ($last_pos !== false) {
                    $extension = strtolower(pathinfo($raw_path, PATHINFO_EXTENSION));
-                    if(!in_array($extension, $good_extensions)) {
-                        $this->warn("Potentially unsafe file ".$raw_path." is being skipped");
+                    if (! in_array($extension, $good_extensions)) {
+                        $this->warn('Potentially unsafe file '.$raw_path.' is being skipped');
                        $boring_files[] = $raw_path;
                        continue 2;
                    }
                    //print("INTERESTING - last_pos is $last_pos when searching $raw_path for $file - last_pos+strlen(\$file) is: ".($last_pos+strlen($file))." and strlen(\$rawpath) is: ".strlen($raw_path)."\n");
                    //no wildcards found in $file, process 'normally'
-                    if($last_pos + strlen($file) == strlen($raw_path) || $has_wildcard) { //again, no trailing slash. or this is a wildcard and we just take it.
+                    if ($last_pos + strlen($file) == strlen($raw_path) || $has_wildcard) { //again, no trailing slash. or this is a wildcard and we just take it.
                        // print("FOUND THE EXACT FILE: $file AT: $raw_path!!!\n"); //we *do* care about this, though.
-                        $interesting_files[$raw_path] = ['dest' => dirname($file),'index' => $i];
+                        $interesting_files[$raw_path] = ['dest' => dirname($file), 'index' => $i];
                        continue 2;
                    }
                }
@@ -194,11 +198,11 @@ class RestoreFromBackup extends Command

        // print_r($interesting_files);exit(-1);

-        if( count($sqlfiles) != 1) {
-            return $this->error("There should be exactly *one* sql backup file found, found: ".( count($sqlfiles) == 0 ? "None" : implode(", ",$sqlfiles)));
+        if (count($sqlfiles) != 1) {
+            return $this->error('There should be exactly *one* sql backup file found, found: '.(count($sqlfiles) == 0 ? 'None' : implode(', ', $sqlfiles)));
        }

-        if( strpos($sqlfiles[0], "db-dumps") === false ) {
+        if (strpos($sqlfiles[0], 'db-dumps') === false) {
            //return $this->error("SQL backup file is missing 'db-dumps' component of full pathname: ".$sqlfiles[0]);
            //older Snipe-IT installs don't have the db-dumps subdirectory component
        }
@@ -207,16 +211,25 @@ class RestoreFromBackup extends Command
        $pipes = [];

        $env_vars = getenv();
-        $env_vars['MYSQL_PWD'] = config("database.connections.mysql.password");
-        $proc_results = proc_open("mysql -h ".escapeshellarg(config('database.connections.mysql.host'))." -u ".escapeshellarg(config('database.connections.mysql.username'))." ".escapeshellarg(config('database.connections.mysql.database')), // yanked -p since we pass via ENV
-                                  [0 => ['pipe','r'],1 => ['pipe','w'],2 => ['pipe','w']],
+        $env_vars['MYSQL_PWD'] = config('database.connections.mysql.password');
+        // TODO notes: we are stealing the dump_binary_path (which *probably* also has your copy of the mysql binary in it. But it might not, so we might need to extend this)
+        //             we unilaterally prepend a slash to the `mysql` command. This might mean your path could look like /blah/blah/blah//mysql - which should be fine. But maybe in some environments it isn't?
+        $mysql_binary = config('database.connections.mysql.dump.dump_binary_path').'/mysql';
+        if( ! file_exists($mysql_binary) ) {
+            return $this->error("mysql tool at: '$mysql_binary' does not exist, cannot restore. Please edit DB_DUMP_PATH in your .env to point to a directory that contains the mysqldump and mysql binary");
+        }
+        $proc_results = proc_open("$mysql_binary -h ".escapeshellarg(config('database.connections.mysql.host')).' -u '.escapeshellarg(config('database.connections.mysql.username')).' '.escapeshellarg(config('database.connections.mysql.database')), // yanked -p since we pass via ENV
+                                  [0 => ['pipe', 'r'], 1 => ['pipe', 'w'], 2 => ['pipe', 'w']],
                                  $pipes,
                                  null,
                                  $env_vars); // this is not super-duper awesome-secure, but definitely more secure than showing it on the CLI, or dropping temporary files with passwords in them.
-        if($proc_results === false) {
-            return $this->error("Unable to invoke mysql via CLI");
+        if ($proc_results === false) {
+            return $this->error('Unable to invoke mysql via CLI');
        }

+        stream_set_blocking($pipes[1], false); // use non-blocking reads for stdout
+        stream_set_blocking($pipes[2], false); // use non-blocking reads for stderr
+
        // $this->info("Stdout says? ".fgets($pipes[1])); //FIXME: I think we might need to set non-blocking mode to use this properly?
        // $this->info("Stderr says? ".fgets($pipes[2])); //FIXME: ditto, same.
        // should we read stdout?
@@ -232,61 +245,81 @@ class RestoreFromBackup extends Command
            $this->info($stdout);
            $stderr = fgets($pipes[2]);
            $this->info($stderr);
+
            return false;
        }
+        $bytes_read = 0;

-        while(($buffer = fgets($sql_contents)) !== false ) {
-            //$this->info("Buffer is: '$buffer'");
-            $bytes_written = fwrite($pipes[0],$buffer);
-            if($bytes_written === false) {
-                $stdout = fgets($pipes[1]);
-                $this->info($stdout);
-                $stderr = fgets($pipes[2]);
-                $this->info($stderr);
-                return false;
+        try {
+            while (($buffer = fgets($sql_contents, self::$buffer_size)) !== false) {
+                $bytes_read += strlen($buffer);
+                // \Log::debug("Buffer is: '$buffer'");
+                    $bytes_written = fwrite($pipes[0], $buffer);
+
+                if ($bytes_written === false) {
+                    throw new Exception("Unable to write to pipe");
+                }
            }
-        }
-        fclose($pipes[0]);
-        fclose($sql_contents);
-        fclose($pipes[1]);
-        fclose($pipes[2]);
-        //wait, have to do fclose() on all pipes first?
-        $close_results = proc_close($proc_results);
-        if($close_results != 0) {
-            return $this->error("There may have been a problem with the database import: Error number ".$close_results);
+        } catch (\Exception $e) {
+            \Log::error("Error during restore!!!! ".$e->getMessage());
+            $err_out = fgets($pipes[1]);
+            $err_err = fgets($pipes[2]);
+            \Log::error("Error OUTPUT: ".$err_out);
+            $this->info($err_out);
+            \Log::error("Error ERROR : ".$err_err);
+            $this->error($err_err);
+            throw $e;
        }
        
+        if (!feof($sql_contents) || $bytes_read == 0) {
+            return $this->error("Not at end of file for sql file, or zero bytes read. aborting!");
+        }
+    
+        fclose($pipes[0]);
+        fclose($sql_contents);
+        
+        $this->line(stream_get_contents($pipes[1]));
+        fclose($pipes[1]);
+
+        $this->error(stream_get_contents($pipes[2]));
+        fclose($pipes[2]);
+
+        //wait, have to do fclose() on all pipes first?
+        $close_results = proc_close($proc_results);
+        if ($close_results != 0) {
+            return $this->error('There may have been a problem with the database import: Error number '.$close_results);
+        }
+
        //and now copy the files over too (right?)
        //FIXME - we don't prune the filesystem space yet!!!!
-        if($this->option('no-progress')) {
+        if ($this->option('no-progress')) {
            $bar = null;
        } else {
            $bar = $this->output->createProgressBar(count($interesting_files));
        }
-        foreach($interesting_files AS $pretty_file_name => $file_details) {
+        foreach ($interesting_files as $pretty_file_name => $file_details) {
            $ugly_file_name = $za->statIndex($file_details['index'])['name'];
            $fp = $za->getStream($ugly_file_name);
            //$this->info("Weird problem, here are file details? ".print_r($file_details,true));
-            $migrated_file = fopen($file_details['dest']."/".basename($pretty_file_name),"w");
-            while(($buffer = fgets($fp))!== false) {
-                fwrite($migrated_file,$buffer);
+            $migrated_file = fopen($file_details['dest'].'/'.basename($pretty_file_name), 'w');
+            while (($buffer = fgets($fp, self::$buffer_size)) !== false) {
+                fwrite($migrated_file, $buffer);
            }
            fclose($migrated_file);
            fclose($fp);
            //$this->info("Wrote $ugly_file_name to $pretty_file_name");
-            if($bar) {
+            if ($bar) {
                $bar->advance();
            }
        }
-        if($bar) {
+        if ($bar) {
            $bar->finish();
-            $this->line("");
+            $this->line('');
        } else {
-            $this->info(count($interesting_files)." files were succesfully transferred");
+            $this->info(count($interesting_files).' files were succesfully transferred');
        }
-        foreach($boring_files as $boring_file) {
-            $this->warn($boring_file." was skipped.");
+        foreach ($boring_files as $boring_file) {
+            $this->warn($boring_file.' was skipped.');
        }
-        
    }
 }
@@ -2,12 +2,12 @@

 namespace App\Console\Commands;

-use Illuminate\Console\Command;
-use Artisan;
-use App\Models\CustomField;
 use App\Models\Asset;
+use App\Models\CustomField;
 use App\Models\Setting;
-use \Illuminate\Encryption\Encrypter;
+use Artisan;
+use Illuminate\Console\Command;
+use Illuminate\Encryption\Encrypter;

 class RotateAppKey extends Command
 {
@@ -42,9 +42,7 @@ class RotateAppKey extends Command
     */
    public function handle()
    {
-        if ($this->confirm("\n****************************************************\nTHIS WILL MODIFY YOUR APP_KEY AND DE-CRYPT YOUR ENCRYPTED CUSTOM FIELDS AND \nRE-ENCRYPT THEM WITH A NEWLY GENERATED KEY. \n\nThere is NO undo. \n\nMake SURE you have a database backup and a backup of your .env generated BEFORE running this command. \n\nIf you do not save the newly generated APP_KEY to your .env in this process, \nyour encrypted data will no longer be decryptable. \n\nAre you SURE you wish to continue, and have confirmed you have a database backup and an .env backup? "))  {
-
-
+        if ($this->confirm("\n****************************************************\nTHIS WILL MODIFY YOUR APP_KEY AND DE-CRYPT YOUR ENCRYPTED CUSTOM FIELDS AND \nRE-ENCRYPT THEM WITH A NEWLY GENERATED KEY. \n\nThere is NO undo. \n\nMake SURE you have a database backup and a backup of your .env generated BEFORE running this command. \n\nIf you do not save the newly generated APP_KEY to your .env in this process, \nyour encrypted data will no longer be decryptable. \n\nAre you SURE you wish to continue, and have confirmed you have a database backup and an .env backup? ")) {

            // Get the existing app_key and ciphers
            // We put them in a variable since we clear the cache partway through here.
@@ -73,33 +71,26 @@ class RotateAppKey extends Command

            $fields = CustomField::where('field_encrypted', '1')->get();

-
            foreach ($fields as $field) {
-
                $assets = Asset::whereNotNull($field->db_column)->get();

                foreach ($assets as $asset) {
-
                    $asset->{$field->db_column} = $oldEncrypter->decrypt($asset->{$field->db_column});
-                    $this->line('DECRYPTED: '. $field->db_column);
+                    $this->line('DECRYPTED: '.$field->db_column);
                    $asset->{$field->db_column} = $newEncrypter->encrypt($asset->{$field->db_column});
                    $this->line('ENCRYPTED: '.$field->db_column);
                    $asset->save();
-
                }
-
            }

            // Handle the LDAP password if one is provided
            $setting = Setting::first();
-            if ($setting->ldap_pword!='') {
-                $setting->ldap_pword =  $oldEncrypter->decrypt($setting->ldap_pword);
-                $setting->ldap_pword =  $newEncrypter->encrypt($setting->ldap_pword);
+            if ($setting->ldap_pword != '') {
+                $setting->ldap_pword = $oldEncrypter->decrypt($setting->ldap_pword);
+                $setting->ldap_pword = $newEncrypter->encrypt($setting->ldap_pword);
                $setting->save();
                $this->warn('LDAP password has been re-encrypted.');
            }
-
-
        } else {
            $this->info('This operation has been canceled. No changes have been made.');
        }
@@ -113,7 +104,6 @@ class RotateAppKey extends Command
     */
    protected function writeNewEnvironmentFileWith($key)
    {
-
        file_put_contents($this->laravel->environmentFilePath(), preg_replace(
            $this->keyReplacementPattern(),
            'APP_KEY='.$key,
@@ -129,7 +119,7 @@ class RotateAppKey extends Command
    protected function keyReplacementPattern()
    {
        $escaped = preg_quote('='.$this->laravel['config']['app.key'], '/');
+
        return "/^APP_KEY{$escaped}/m";
    }
-
 }
@@ -39,22 +39,16 @@ class SendCurrentInventoryToUsers extends Command
     */
    public function handle()
    {
-
        $users = User::whereNull('deleted_at')->whereNotNull('email')->with('assets', 'accessories', 'licenses')->get();

        $count = 0;
        foreach ($users as $user) {
-
-            if (($user->assets->count() > 0) || ($user->accessories->count() > 0) || ($user->licenses->count() > 0))
-            {
+            if (($user->assets->count() > 0) || ($user->accessories->count() > 0) || ($user->licenses->count() > 0)) {
                $count++;
                $user->notify((new CurrentInventory($user)));
            }
-
        }

        $this->info($count.' users notified.');
-
-
    }
 }
@@ -3,12 +3,12 @@
 namespace App\Console\Commands;

 use App\Models\Asset;
+use App\Models\Recipients\AlertRecipient;
 use App\Models\Setting;
 use App\Notifications\ExpectedCheckinAdminNotification;
 use App\Notifications\ExpectedCheckinNotification;
 use Carbon\Carbon;
 use Illuminate\Console\Command;
-use App\Models\Recipients\AlertRecipient;

 class SendExpectedCheckinAlerts extends Command
 {
@@ -41,12 +41,12 @@ class SendExpectedCheckinAlerts extends Command
     */
    public function handle()
    {
-        $settings   = Setting::getSettings();
+        $settings = Setting::getSettings();
        $whenNotify = Carbon::now()->addDays(7);
-        $assets     = Asset::with('assignedTo')->whereNotNull('assigned_to')->whereNotNull('expected_checkin')->where('expected_checkin', '<=', $whenNotify)->get();
+        $assets = Asset::with('assignedTo')->whereNotNull('assigned_to')->whereNotNull('expected_checkin')->where('expected_checkin', '<=', $whenNotify)->get();

-        $this->info($whenNotify . ' is deadline');
-        $this->info($assets->count() . ' assets');
+        $this->info($whenNotify.' is deadline');
+        $this->info($assets->count().' assets');

        foreach ($assets as $asset) {
            if ($asset->assigned && $asset->checkedOutToUser()) {
@@ -41,7 +41,7 @@ class SendExpirationAlerts extends Command
     */
    public function handle()
    {
-        $settings  = Setting::getSettings();
+        $settings = Setting::getSettings();
        $threshold = $settings->alert_interval;

        if (($settings->alert_email != '') && ($settings->alerts_enabled == 1)) {
@@ -4,13 +4,13 @@ namespace App\Console\Commands;

 use App\Models\Asset;
 use App\Models\License;
+use App\Models\Recipients;
 use App\Models\Setting;
 use App\Notifications\ExpiringAssetsNotification;
-use App\Models\Recipients;
-use DB;
-use Illuminate\Console\Command;
 use App\Notifications\SendUpcomingAuditNotification;
 use Carbon\Carbon;
+use DB;
+use Illuminate\Console\Command;

 class SendUpcomingAuditReport extends Command
 {
@@ -54,7 +54,6 @@ class SendUpcomingAuditReport extends Command
                return new \App\Models\Recipients\AlertRecipient($item);
            });

-
            // Assets due for auditing

            $assets = Asset::whereNotNull('next_audit_date')
@@ -62,7 +61,6 @@ class SendUpcomingAuditReport extends Command
                    ->orderBy('last_audit_date', 'asc')->get();

            if ($assets->count() > 0) {
-
                $this->info(trans_choice('mail.upcoming-audits', $assets->count(),
                    ['count' => $assets->count(), 'threshold' => $settings->audit_warning_days]));
                \Notification::send($recipients, new SendUpcomingAuditNotification($assets, $settings->audit_warning_days));
@@ -70,14 +68,11 @@ class SendUpcomingAuditReport extends Command
            } else {
                $this->info('No assets to be audited. No report sent.');
            }
-
-
-
-        } elseif ($settings->alert_email=='') {
+        } elseif ($settings->alert_email == '') {
            $this->error('Could not send email. No alert email configured in settings');
-        } elseif (!$settings->audit_warning_days) {
+        } elseif (! $settings->audit_warning_days) {
            $this->error('No audit warning days set in Admin Notifications. No mail will be sent.');
-        } elseif ($settings->alerts_enabled!=1) {
+        } elseif ($settings->alerts_enabled != 1) {
            $this->info('Alerts are disabled in the settings. No mail will be sent');
        } else {
            $this->error('Something went wrong. :( ');
@@ -85,7 +80,5 @@ class SendUpcomingAuditReport extends Command
            $this->error('Admin Audit Warning Setting: '.$settings->audit_warning_days);
            $this->error('Admin Alerts Emnabled: '.$settings->alerts_enabled);
        }
-
-
    }
 }
@@ -45,14 +45,14 @@ class SyncAssetCounters extends Command
        if ($assets) {
            if ($assets->count() > 0) {
                $bar = $this->output->createProgressBar($assets->count());
-                
+
                foreach ($assets as $asset) {
                    $asset->checkin_counter = (int) $asset->checkins_count;
                    $asset->checkout_counter = (int) $asset->checkouts_count;
                    $asset->requests_counter = (int) $asset->user_requests_count;
                    $asset->unsetEventDispatcher();
                    $asset->save();
-                    $output['info'][] = 'Asset: ' . $asset->id . ' has ' . $asset->checkin_counter . ' checkins, ' . $asset->checkout_counter . ' checkouts, and ' . $asset->requests_counter . ' requests';
+                    $output['info'][] = 'Asset: '.$asset->id.' has '.$asset->checkin_counter.' checkins, '.$asset->checkout_counter.' checkouts, and '.$asset->requests_counter.' requests';
                    $bar->advance();
                }
                $bar->finish();
@@ -62,15 +62,10 @@ class SyncAssetCounters extends Command
                }

                $time_elapsed_secs = microtime(true) - $start;
-                $this->info('Sync executed in ' . $time_elapsed_secs . ' seconds');
-
+                $this->info('Sync executed in '.$time_elapsed_secs.' seconds');
            } else {
                $this->info('No assets to sync');
            }
-
        }
-
-
-
    }
 }
@@ -38,7 +38,6 @@ class SyncAssetLocations extends Command
     */
    public function handle()
    {
-
        $output['info'] = [];
        $output['warn'] = [];
        $output['error'] = [];
@@ -51,96 +50,89 @@ class SyncAssetLocations extends Command
        $output['info'][] = 'There are '.$rtd_assets->count().' unassigned assets.';

        foreach ($rtd_assets as $rtd_asset) {
-             $output['info'][] = 'Setting Unassigned Asset ' . $rtd_asset->id . ' ('.$rtd_asset->asset_tag.') to  location: ' . $rtd_asset->rtd_location_id . " because their default location is: " . $rtd_asset->rtd_location_id;
-            $rtd_asset->location_id=$rtd_asset->rtd_location_id;
+            $output['info'][] = 'Setting Unassigned Asset '.$rtd_asset->id.' ('.$rtd_asset->asset_tag.') to  location: '.$rtd_asset->rtd_location_id.' because their default location is: '.$rtd_asset->rtd_location_id;
+            $rtd_asset->location_id = $rtd_asset->rtd_location_id;
            $rtd_asset->unsetEventDispatcher();
            $rtd_asset->save();
            $bar->advance();
        }

-        $assigned_user_assets = Asset::where('assigned_type','App\Models\User')->whereNotNull('assigned_to')->whereNull('deleted_at')->get();
+        $assigned_user_assets = Asset::where('assigned_type', \App\Models\User::class)->whereNotNull('assigned_to')->whereNull('deleted_at')->get();
        $output['info'][] = 'There are '.$assigned_user_assets->count().' assets checked out to users.';
        foreach ($assigned_user_assets as $assigned_user_asset) {
            if (($assigned_user_asset->assignedTo) && ($assigned_user_asset->assignedTo->userLoc)) {
                $new_location = $assigned_user_asset->assignedTo->userLoc->id;
-                $output['info'][] ='Setting User Asset ' . $assigned_user_asset->id . ' ('.$assigned_user_asset->asset_tag.') to  ' . $assigned_user_asset->assignedTo->userLoc->name . ' which is id: ' . $new_location;
+                $output['info'][] = 'Setting User Asset '.$assigned_user_asset->id.' ('.$assigned_user_asset->asset_tag.') to  '.$assigned_user_asset->assignedTo->userLoc->name.' which is id: '.$new_location;
            } else {
-                $output['warn'][] ='Asset ' . $assigned_user_asset->id . ' ('.$assigned_user_asset->asset_tag.') still has no location! ';
+                $output['warn'][] = 'Asset '.$assigned_user_asset->id.' ('.$assigned_user_asset->asset_tag.') still has no location! ';
                $new_location = $assigned_user_asset->rtd_location_id;
            }
-            $assigned_user_asset->location_id=$new_location;
+            $assigned_user_asset->location_id = $new_location;
            $assigned_user_asset->unsetEventDispatcher();
            $assigned_user_asset->save();
            $bar->advance();
-
        }

-        $assigned_location_assets = Asset::where('assigned_type','App\Models\Location')
+        $assigned_location_assets = Asset::where('assigned_type', \App\Models\Location::class)
            ->whereNotNull('assigned_to')->whereNull('deleted_at')->get();
        $output['info'][] = 'There are '.$assigned_location_assets->count().' assets checked out to locations.';

        foreach ($assigned_location_assets as $assigned_location_asset) {
            if ($assigned_location_asset->assignedTo) {
                $assigned_location_asset->location_id = $assigned_location_asset->assignedTo->id;
-                $output['info'][] ='Setting Location Assigned  asset ' . $assigned_location_asset->id . ' ('.$assigned_location_asset->asset_tag.') that is checked out to '.$assigned_location_asset->assignedTo->name.' (#'.$assigned_location_asset->assignedTo->id.') to location: ' . $assigned_location_asset->assetLoc()->id;
+                $output['info'][] = 'Setting Location Assigned  asset '.$assigned_location_asset->id.' ('.$assigned_location_asset->asset_tag.') that is checked out to '.$assigned_location_asset->assignedTo->name.' (#'.$assigned_location_asset->assignedTo->id.') to location: '.$assigned_location_asset->assetLoc()->id;
                $assigned_location_asset->unsetEventDispatcher();
                $assigned_location_asset->save();
            } else {
-                $output['warn'][] ='Asset ' . $assigned_location_asset->id . ' ('.$assigned_location_asset->asset_tag.') did not return a valid associated location - perhaps it was deleted?';
+                $output['warn'][] = 'Asset '.$assigned_location_asset->id.' ('.$assigned_location_asset->asset_tag.') did not return a valid associated location - perhaps it was deleted?';
            }
            $bar->advance();
-
        }

-
        // Assigned to assets
-        $assigned_asset_assets = Asset::where('assigned_type','App\Models\Asset')
+        $assigned_asset_assets = Asset::where('assigned_type', \App\Models\Asset::class)
            ->whereNotNull('assigned_to')->whereNull('deleted_at')->get();
-            $output['info'][] ='Asset-assigned assets: '.$assigned_asset_assets->count();
+        $output['info'][] = 'Asset-assigned assets: '.$assigned_asset_assets->count();

-            foreach ($assigned_asset_assets as $assigned_asset_asset) {
+        foreach ($assigned_asset_assets as $assigned_asset_asset) {

                // Check to make sure there aren't any invalid relationships
-                if ($assigned_asset_asset->assetLoc()) {
-                    $assigned_asset_asset->location_id = $assigned_asset_asset->assetLoc()->id;
-                    $output['info'][] ='Setting Asset Assigned asset ' . $assigned_asset_asset->assetLoc()->id. ' ('.$assigned_asset_asset->asset_tag.') location to: ' . $assigned_asset_asset->assetLoc()->id;
-                    $assigned_asset_asset->unsetEventDispatcher();
-                    $assigned_asset_asset->save();
-                } else {
-                    $output['warn'][] ='Asset Assigned asset ' . $assigned_asset_asset->id. ' ('.$assigned_asset_asset->asset_tag.') does not seem to have a valid location';
-                }
-
-                $bar->advance();
-
+            if ($assigned_asset_asset->assetLoc()) {
+                $assigned_asset_asset->location_id = $assigned_asset_asset->assetLoc()->id;
+                $output['info'][] = 'Setting Asset Assigned asset '.$assigned_asset_asset->assetLoc()->id.' ('.$assigned_asset_asset->asset_tag.') location to: '.$assigned_asset_asset->assetLoc()->id;
+                $assigned_asset_asset->unsetEventDispatcher();
+                $assigned_asset_asset->save();
+            } else {
+                $output['warn'][] = 'Asset Assigned asset '.$assigned_asset_asset->id.' ('.$assigned_asset_asset->asset_tag.') does not seem to have a valid location';
            }

-        $unlocated_assets = Asset::whereNull("location_id")->whereNull('deleted_at')->get();
-        $output['info'][] ='Assets still without a location: '.$unlocated_assets->count();
-        foreach($unlocated_assets as $unlocated_asset) {
-            $output['warn'][] ='Asset: '.$unlocated_asset->id.' still has no location. ';
+            $bar->advance();
+        }
+
+        $unlocated_assets = Asset::whereNull('location_id')->whereNull('deleted_at')->get();
+        $output['info'][] = 'Assets still without a location: '.$unlocated_assets->count();
+        foreach ($unlocated_assets as $unlocated_asset) {
+            $output['warn'][] = 'Asset: '.$unlocated_asset->id.' still has no location. ';
            $bar->advance();
        }

        $bar->finish();
        $this->info("\n");

-
-        if (($this->option('output')=='all') || ($this->option('output')=='info')) {
+        if (($this->option('output') == 'all') || ($this->option('output') == 'info')) {
            foreach ($output['info'] as $key => $output_text) {
                $this->info($output_text);
            }
        }
-        if (($this->option('output')=='all') || ($this->option('output')=='warn')) {
+        if (($this->option('output') == 'all') || ($this->option('output') == 'warn')) {
            foreach ($output['warn'] as $key => $output_text) {
                $this->warn($output_text);
            }
        }
-        if (($this->option('output')=='all') || ($this->option('output')=='error')) {
+        if (($this->option('output') == 'all') || ($this->option('output') == 'error')) {
            foreach ($output['error'] as $key => $output_text) {
                $this->error($output_text);
            }
        }
-
-
    }
 }
@@ -6,7 +6,6 @@ use Illuminate\Console\Command;

 class SystemBackup extends Command
 {
-
    /**
     * The console command name.
     *
@@ -40,6 +39,5 @@ class SystemBackup extends Command
    {
        //
        $this->call('backup:run');
-
    }
 }
@@ -37,7 +37,6 @@ class Version extends Command
     */
    public function handle()
    {
-
        $use_branch = $this->option('branch');
        $use_type = $this->option('type');
        $git_branch = trim(shell_exec('git rev-parse --abbrev-ref HEAD'));
@@ -54,72 +53,66 @@ class Version extends Command
        $this->line('Type is: '.$use_type);
        $this->line('Current version is: '.$full_hash_version);

-        if (count($version)==3) {
+        if (count($version) == 3) {
            $this->line('This does not look like an alpha/beta release.');
        } else {
-            if (array_key_exists('3',$version)) {
+            if (array_key_exists('3', $version)) {
                $this->line('The current version looks like a beta release.');
                $prerelease_version = $version[1];
                $hash_version = $version[3];
            }
        }

-
        $app_version_raw = explode('.', $app_version);

        $maj = str_replace('v', '', $app_version_raw[0]);
        $min = $app_version_raw[1];
        $patch = '';

-
-
        // This is a major release that might not have a third .0
        if (array_key_exists(2, $app_version_raw)) {
            $patch = $app_version_raw[2];
        }

-        if ($use_type=='major') {
-            $app_version = "v".($maj + 1).".$min.$patch";
-        } elseif ($use_type=='minor') {
-            $app_version = "v"."$maj.".($min + 1).".$patch";
-        } elseif ($use_type=='pre') {
-            $pre_raw = str_replace('beta','', $prerelease_version);
-            $pre_raw = str_replace('alpha','', $pre_raw);
-            $pre_raw = str_ireplace('rc','', $pre_raw);
+        if ($use_type == 'major') {
+            $app_version = 'v'.($maj + 1).".$min.$patch";
+        } elseif ($use_type == 'minor') {
+            $app_version = 'v'."$maj.".($min + 1).".$patch";
+        } elseif ($use_type == 'pre') {
+            $pre_raw = str_replace('beta', '', $prerelease_version);
+            $pre_raw = str_replace('alpha', '', $pre_raw);
+            $pre_raw = str_ireplace('rc', '', $pre_raw);
            $pre_raw = $pre_raw++;
-            $this->line('Setting the pre-release to '. $prerelease_version.'-'.$pre_raw);
-            $app_version = "v"."$maj.".($min + 1).".$patch";
-        } elseif ($use_type=='patch') {
-            $app_version = "v" . "$maj.$min." . ($patch + 1);
+            $this->line('Setting the pre-release to '.$prerelease_version.'-'.$pre_raw);
+            $app_version = 'v'."$maj.".($min + 1).".$patch";
+        } elseif ($use_type == 'patch') {
+            $app_version = 'v'."$maj.$min.".($patch + 1);
        // If nothing is passed, leave the version as it is, just increment the build
        } else {
-            $app_version = "v" . "$maj.$min." . $patch;
+            $app_version = 'v'."$maj.$min.".$patch;
        }

        // Determine if this tag already exists, or if this prior to a release
        $this->line('Running: git rev-parse master '.$current_app_version);
        // $pre_release = trim(shell_exec('git rev-parse '.$use_branch.' '.$current_app_version.' 2>&1 1> /dev/null'));

-        if ($use_branch=='develop') {
+        if ($use_branch == 'develop') {
            $app_version = $app_version.'-pre';
        }

        $full_app_version = $app_version.' - build '.$build_version.'-'.$hash_version;

-
        $array = var_export(
-            array(
+            [
                'app_version' => $app_version,
                'full_app_version' => $full_app_version,
                'build_version' => $build_version,
                'prerelease_version' => $prerelease_version,
                'hash_version' => $hash_version,
                'full_hash' => $full_hash_version,
-                'branch' => $git_branch),
+                'branch' => $git_branch, ],
            true
        );
-        
-

        // Construct our file content
        $content = <<<CON
@@ -129,7 +122,6 @@ CON;

        // And finally write the file and output the current version
        \File::put($versionFile, $content);
-        $this->info('Setting NEW version: '. $full_app_version.' ('.$git_branch.')');
+        $this->info('Setting NEW version: '.$full_app_version.' ('.$git_branch.')');
    }
-
 }
@@ -10,7 +10,6 @@ use Illuminate\Foundation\Console\Kernel as ConsoleKernel;

 class Kernel extends ConsoleKernel
 {
-
    /**
     * Define the application's command schedule.
     *
@@ -18,6 +18,6 @@ class CheckoutAccepted
     */
    public function __construct(CheckoutAcceptance $acceptance)
    {
-        $this->acceptance       = $acceptance;
+        $this->acceptance = $acceptance;
    }
 }
@@ -10,7 +10,7 @@ use Illuminate\Queue\SerializesModels;
 class CheckoutDeclined
 {
    use Dispatchable, SerializesModels;
-    
+
    /**
     * Create a new event instance.
     *
@@ -18,6 +18,6 @@ class CheckoutDeclined
     */
    public function __construct(CheckoutAcceptance $acceptance)
    {
-        $this->acceptance       = $acceptance;
+        $this->acceptance = $acceptance;
    }
 }
@@ -25,8 +25,8 @@ class CheckoutableCheckedIn
    {
        $this->checkoutable = $checkoutable;
        $this->checkedOutTo = $checkedOutTo;
-        $this->checkedInBy  = $checkedInBy;
-        $this->note         = $note;
-        $this->action_date  = $action_date ?? date('Y-m-d');
+        $this->checkedInBy = $checkedInBy;
+        $this->note = $note;
+        $this->action_date = $action_date ?? date('Y-m-d');
    }
 }
@@ -25,6 +25,6 @@ class CheckoutableCheckedOut
        $this->checkoutable = $checkoutable;
        $this->checkedOutTo = $checkedOutTo;
        $this->checkedOutBy = $checkedOutBy;
-        $this->note         = $note;
+        $this->note = $note;
    }
 }
@@ -6,17 +6,17 @@ use Exception;

 class CheckoutNotAllowed extends Exception
 {
-
    private $errorMessage;

-    function __construct($errorMessage = null)
+    public function __construct($errorMessage = null)
    {
        $this->errorMessage = $errorMessage;

        parent::__construct($errorMessage);
    }
+
    public function __toString()
    {
-       return is_null($this->errorMessage) ? "A checkout is not allowed under these circumstances" : $this->errorMessage;
+        return is_null($this->errorMessage) ? 'A checkout is not allowed under these circumstances' : $this->errorMessage;
    }
 }
@@ -2,18 +2,19 @@

 namespace App\Exceptions;

-use Exception;
-use Illuminate\Auth\AuthenticationException;
 use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
 use App\Helpers\Helper;
 use Illuminate\Validation\ValidationException;
+use Illuminate\Auth\AuthenticationException;
 use Log;
+use Throwable;
+use JsonException;


 class Handler extends ExceptionHandler
 {
    /**
-     * A list of the exception types that should not be reported.
+     * A list of the exception types that are not reported.
     *
     * @var array
     */
@@ -26,6 +27,7 @@ class Handler extends ExceptionHandler
        \Illuminate\Validation\ValidationException::class,
        \Intervention\Image\Exception\NotSupportedException::class,
        \League\OAuth2\Server\Exception\OAuthServerException::class,
+        JsonException::class,
    ];

    /**
@@ -33,10 +35,10 @@ class Handler extends ExceptionHandler
     *
     * This is a great spot to send exceptions to Sentry, Bugsnag, etc.
     *
-     * @param  \Exception  $exception
+     * @param  \Throwable  $exception
     * @return void
     */
-    public function report(Exception $exception)
+    public function report(Throwable $exception)
    {
        if ($this->shouldReport($exception)) {
            \Log::error($exception);
@@ -46,12 +48,12 @@ class Handler extends ExceptionHandler

    /**
     * Render an exception into an HTTP response.
-     *
+     * 
     * @param  \Illuminate\Http\Request  $request
     * @param  \Exception  $e
     * @return \Illuminate\Http\Response
     */
-    public function render($request, Exception $e)
+    public function render($request, Throwable $e)
    {


@@ -60,6 +62,12 @@ class Handler extends ExceptionHandler
            return redirect()->back()->with('error', trans('general.token_expired'));
        }

+        // Invalid JSON exception
+        // TODO: don't understand why we have to do this when we have the invalidJson() method, below, but, well, whatever
+        if ($e instanceof JsonException) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'invalid JSON'), 422);
+        }
+

        // Handle Ajax requests that fail because the model doesn't exist
        if ($request->ajax() || $request->wantsJson()) {
@@ -76,10 +84,12 @@ class Handler extends ExceptionHandler
                switch ($e->getStatusCode()) {
                    case '404':
                       return response()->json(Helper::formatStandardApiResponse('error', null, $statusCode . ' endpoint not found'), 404);
-                    case '405':
+                    case '429':
+                        return response()->json(Helper::formatStandardApiResponse('error', null, 'Too many requests'), 429);
+                     case '405':
                        return response()->json(Helper::formatStandardApiResponse('error', null, 'Method not allowed'), 405);
                    default:
-                        return response()->json(Helper::formatStandardApiResponse('error', null, $statusCode), 405);
+                        return response()->json(Helper::formatStandardApiResponse('error', null, $statusCode), $statusCode);

                }
            }
@@ -96,7 +106,7 @@ class Handler extends ExceptionHandler

    }

-    /**
+ /**
     * Convert an authentication exception into an unauthenticated response.
     *
     * @param  \Illuminate\Http\Request  $request
@@ -112,15 +122,27 @@ class Handler extends ExceptionHandler
        return redirect()->guest('login');
    }

-    /**
-     * Convert a validation exception into a JSON response.
+
+    /** 
+     * A list of the inputs that are never flashed for validation exceptions.
     *
-     * @param  \Illuminate\Http\Request  $request
-     * @param  \Illuminate\Validation\ValidationException  $exception
-     * @return \Illuminate\Http\JsonResponse
+     * @var array
     */
-    protected function invalidJson($request, ValidationException $exception)
+    protected $dontFlash = [
+        'current_password',
+        'password',
+        'password_confirmation',
+    ];
+
+    /**
+     * Register the exception handling callbacks for the application.
+     *
+     * @return void
+     */
+    public function register()
    {
-        return response()->json(Helper::formatStandardApiResponse('error', null, $exception->errors(), 400));
+        $this->reportable(function (Throwable $e) {
+            //
+        });
    }
-}
+}
@@ -1,15 +1,17 @@
 <?php

 namespace App\Helpers;
+
 use Illuminate\Support\Facades\Storage;

 class StorageHelper
 {
-    static function downloader($filename, $disk = 'default') {
-        if($disk == 'default') {
+    public static function downloader($filename, $disk = 'default')
+    {
+        if ($disk == 'default') {
            $disk = config('filesystems.default');
        }
-        switch(config("filesystems.disks.$disk.driver")) {
+        switch (config("filesystems.disks.$disk.driver")) {
            case 'local':
                return response()->download(Storage::disk($disk)->path($filename)); //works for PRIVATE or public?!

@@ -20,4 +22,4 @@ class StorageHelper
                return Storage::disk($disk)->download($filename);
        }
    }
-}
+}
@@ -1,4 +1,5 @@
 <?php
+
 namespace App\Http\Controllers\Accessories;

 use App\Helpers\Helper;
@@ -30,10 +31,10 @@ class AccessoriesController extends Controller
    public function index()
    {
        $this->authorize('index', Accessory::class);
+
        return view('accessories/index');
    }

-
    /**
     * Returns a view with a form to create a new Accessory.
     *
@@ -45,11 +46,11 @@ class AccessoriesController extends Controller
    {
        $this->authorize('create', Accessory::class);
        $category_type = 'accessory';
+
        return view('accessories/edit')->with('category_type', $category_type)
          ->with('item', new Accessory);
    }

-
    /**
     * Validate and save new Accessory from form post
     *
@@ -74,18 +75,21 @@ class AccessoriesController extends Controller
        $accessory->manufacturer_id         = request('manufacturer_id');
        $accessory->model_number            = request('model_number');
        $accessory->purchase_date           = request('purchase_date');
-        $accessory->purchase_cost           = Helper::ParseFloat(request('purchase_cost'));
+        $accessory->purchase_cost           = Helper::ParseCurrency(request('purchase_cost'));
        $accessory->qty                     = request('qty');
        $accessory->user_id                 = Auth::user()->id;
        $accessory->supplier_id             = request('supplier_id');
+        $accessory->notes                   = request('notes');
+

        $accessory = $request->handleImages($accessory);
-        
+
        // Was the accessory created?
        if ($accessory->save()) {
            // Redirect to the new accessory  page
            return redirect()->route('accessories.index')->with('success', trans('admin/accessories/message.create.success'));
        }
+
        return redirect()->back()->withInput()->withErrors($accessory->getErrors());
    }

@@ -102,6 +106,7 @@ class AccessoriesController extends Controller

        if ($item = Accessory::find($accessoryId)) {
            $this->authorize($item);
+
            return view('accessories/edit', compact('item'))->with('category_type', 'accessory');
        }

@@ -137,9 +142,10 @@ class AccessoriesController extends Controller
        $accessory->order_number            = request('order_number');
        $accessory->model_number            = request('model_number');
        $accessory->purchase_date           = request('purchase_date');
-        $accessory->purchase_cost           = request('purchase_cost');
+        $accessory->purchase_cost           = Helper::ParseCurrency(request('purchase_cost'));
        $accessory->qty                     = request('qty');
        $accessory->supplier_id             = request('supplier_id');
+        $accessory->notes                   = request('notes');

        $accessory = $request->handleImages($accessory);

@@ -147,6 +153,7 @@ class AccessoriesController extends Controller
        if ($accessory->save()) {
            return redirect()->route('accessories.index')->with('success', trans('admin/accessories/message.update.success'));
        }
+
        return redirect()->back()->withInput()->withErrors($accessory->getErrors());
    }

@@ -168,11 +175,11 @@ class AccessoriesController extends Controller


        if ($accessory->hasUsers() > 0) {
-             return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.assoc_users', array('count'=> $accessory->hasUsers())));
+            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.assoc_users', ['count'=> $accessory->hasUsers()]));
        }

        if ($accessory->image) {
-            try  {
+            try {
                Storage::disk('public')->delete('accessories'.'/'.$accessory->image);
            } catch (\Exception $e) {
                \Log::debug($e);
@@ -180,6 +187,7 @@ class AccessoriesController extends Controller
        }

        $accessory->delete();
+
        return redirect()->route('accessories.index')->with('success', trans('admin/accessories/message.delete.success'));
    }

@@ -202,6 +210,7 @@ class AccessoriesController extends Controller
        if (isset($accessory->id)) {
            return view('accessories/view', compact('accessory'));
        }
+
        return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist', ['id' => $accessoryID]));
    }
 }
@@ -17,7 +17,7 @@ class AccessoryCheckinController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param Request $request
-     * @param integer $accessoryUserId
+     * @param int $accessoryUserId
     * @param string $backto
     * @return View
     * @internal param int $accessoryId
@@ -33,6 +33,7 @@ class AccessoryCheckinController extends Controller

        $accessory = Accessory::find($accessory_user->accessory_id);
        $this->authorize('checkin', $accessory);
+
        return view('accessories/checkin', compact('accessory'))->with('backto', $backto);
    }

@@ -49,7 +50,7 @@ class AccessoryCheckinController extends Controller
     */
    public function store(Request $request, $accessoryUserId = null, $backto = null)
    {
-      // Check if the accessory exists
+        // Check if the accessory exists
        if (is_null($accessory_user = DB::table('accessories_users')->find($accessoryUserId))) {
            // Redirect to the accessory management page with error
            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist'));
@@ -60,7 +61,7 @@ class AccessoryCheckinController extends Controller
        $this->authorize('checkin', $accessory);

        $checkin_at = date('Y-m-d');
-        if($request->filled('checkin_at')){
+        if ($request->filled('checkin_at')) {
            $checkin_at = $request->input('checkin_at');
        }

@@ -70,7 +71,7 @@ class AccessoryCheckinController extends Controller

            event(new CheckoutableCheckedIn($accessory, User::find($return_to), Auth::user(), $request->input('note'), $checkin_at));

-            return redirect()->route("accessories.show", $accessory->id)->with('success', trans('admin/accessories/message.checkin.success'));
+            return redirect()->route('accessories.show', $accessory->id)->with('success', trans('admin/accessories/message.checkin.success'));
        }
        // Redirect to the accessory management page with error
        return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.checkin.error'));
@@ -14,7 +14,6 @@ use Illuminate\Support\Facades\Input;

 class AccessoryCheckoutController extends Controller
 {
-
    /**
     * Return the form to checkout an Accessory to a user.
     *
@@ -32,7 +31,6 @@ class AccessoryCheckoutController extends Controller
        }

        if ($accessory->category) {
-
            $this->authorize('checkout', $accessory);

            // Get the dropdown of users and then pass it to the checkout view
@@ -56,7 +54,7 @@ class AccessoryCheckoutController extends Controller
     */
    public function store(Request $request, $accessoryId)
    {
-      // Check if the accessory exists
+        // Check if the accessory exists
        if (is_null($accessory = Accessory::find($accessoryId))) {
            // Redirect to the accessory management page with error
            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.user_not_found'));
@@ -64,11 +62,11 @@ class AccessoryCheckoutController extends Controller

        $this->authorize('checkout', $accessory);

-        if (!$user = User::find($request->input('assigned_to'))) {
+        if (! $user = User::find($request->input('assigned_to'))) {
            return redirect()->route('checkout/accessory', $accessory->id)->with('error', trans('admin/accessories/message.checkout.user_does_not_exist'));
        }

-      // Update the accessory data
+        // Update the accessory data
        $accessory->assigned_to = e($request->input('assigned_to'));

        $accessory->users()->attach($accessory->id, [
@@ -76,14 +74,14 @@ class AccessoryCheckoutController extends Controller
            'created_at' => Carbon::now(),
            'user_id' => Auth::id(),
            'assigned_to' => $request->get('assigned_to'),
-            'note' => $request->input('note')
+            'note' => $request->input('note'),
        ]);

        DB::table('accessories_users')->where('assigned_to', '=', $accessory->assigned_to)->where('accessory_id', '=', $accessory->id)->first();

        event(new CheckoutableCheckedOut($accessory, $user, Auth::user(), $request->input('note')));

-      // Redirect to the new accessory page
+        // Redirect to the new accessory page
        return redirect()->route('accessories.index')->with('success', trans('admin/accessories/message.checkout.success'));
    }
 }
@@ -1,4 +1,5 @@
-<?php 
+<?php
+
 namespace App\Http\Controllers\Account;

 use App\Events\CheckoutAccepted;
@@ -6,22 +7,32 @@ use App\Events\CheckoutDeclined;
 use App\Events\ItemAccepted;
 use App\Events\ItemDeclined;
 use App\Http\Controllers\Controller;
+use App\Models\Actionlog;
+use App\Models\Asset;
 use App\Models\CheckoutAcceptance;
 use App\Models\Company;
 use App\Models\Contracts\Acceptable;
+use App\Models\User;
+use App\Models\AssetModel;
+use App\Models\Accessory;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\DB;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Str;
+use App\Http\Controllers\SettingsController;
+use Barryvdh\DomPDF\Facade\Pdf;
+use Carbon\Carbon;

-class AcceptanceController extends Controller {
-	
+class AcceptanceController extends Controller
+{
    /**
     * Show a listing of pending checkout acceptances for the current user
-     * 
+     *
     * @return View
     */
-    public function index() {
+    public function index()
+    {
        $acceptances = CheckoutAcceptance::forUser(Auth::user())->pending()->get();

        return view('account/accept.index', compact('acceptances'));
@@ -29,42 +40,43 @@ class AcceptanceController extends Controller {

    /**
     * Shows a form to either accept or decline the checkout acceptance
-     * 
+     *
     * @param  int  $id
     * @return mixed
     */
-	public function create($id) {
-
+    public function create($id)
+    {
        $acceptance = CheckoutAcceptance::find($id);

+
        if (is_null($acceptance)) {
            return redirect()->route('account.accept')->with('error', trans('admin/hardware/message.does_not_exist'));
        }

        if (! $acceptance->isPending()) {
            return redirect()->route('account.accept')->with('error', trans('admin/users/message.error.asset_already_accepted'));
-        }        
+        }

        if (! $acceptance->isCheckedOutTo(Auth::user())) {
            return redirect()->route('account.accept')->with('error', trans('admin/users/message.error.incorrect_user_accepted'));
        }

-        if (!Company::isCurrentUserHasAccess($acceptance->checkoutable)) {
+        if (! Company::isCurrentUserHasAccess($acceptance->checkoutable)) {
            return redirect()->route('account.accept')->with('error', trans('general.insufficient_permissions'));
-        }        
+        }

        return view('account/accept.create', compact('acceptance'));
-	}
+    }

    /**
     * Stores the accept/decline of the checkout acceptance
-     * 
+     *
     * @param  Request $request
     * @param  int  $id
     * @return Redirect
     */
-    public function store(Request $request, $id) {
-        
+    public function store(Request $request, $id)
+    {
        $acceptance = CheckoutAcceptance::find($id);

        if (is_null($acceptance)) {
@@ -73,55 +85,106 @@ class AcceptanceController extends Controller {

        if (! $acceptance->isPending()) {
            return redirect()->route('account.accept')->with('error', trans('admin/users/message.error.asset_already_accepted'));
-        }        
+        }

        if (! $acceptance->isCheckedOutTo(Auth::user())) {
            return redirect()->route('account.accept')->with('error', trans('admin/users/message.error.incorrect_user_accepted'));
        }

-        if (!Company::isCurrentUserHasAccess($acceptance->checkoutable)) {
+        if (! Company::isCurrentUserHasAccess($acceptance->checkoutable)) {
            return redirect()->route('account.accept')->with('error', trans('general.insufficient_permissions'));
-        }   
+        }

-        if (!$request->filled('asset_acceptance')) {
+        if (! $request->filled('asset_acceptance')) {
            return redirect()->back()->with('error', trans('admin/users/message.error.accept_or_decline'));
        }

        /**
         * Get the signature and save it
         */
-
-        if (!Storage::exists('private_uploads/signatures'))  Storage::makeDirectory('private_uploads/signatures', 775);
-
-
-        $sig_filename = '';
-        if ($request->filled('signature_output')) {
-            $sig_filename = "siglog-" .Str::uuid() . '-'.date('Y-m-d-his').".png";
-            $data_uri = e($request->input('signature_output'));
-            $encoded_image = explode(",", $data_uri);
-            $decoded_image = base64_decode($encoded_image[1]);
-            Storage::put('private_uploads/signatures/'.$sig_filename, (string)$decoded_image);
+        if (! Storage::exists('private_uploads/signatures')) {
+            Storage::makeDirectory('private_uploads/signatures', 775);
        }

+        /**
+         * Check for the eula-pdfs directory
+         */
+        if (! Storage::exists('private_uploads/eula-pdfs')) {
+            Storage::makeDirectory('private_uploads/eula-pdfs', 775);
+        }
+
+        $item = $acceptance->checkoutable_type::find($acceptance->checkoutable_id);
+        $display_model = '';
+        $pdf_view_route = '';
+        $pdf_filename = 'accepted-eula-'.date('Y-m-d-h-i-s').'.pdf';
+        $sig_filename='';
+

        if ($request->input('asset_acceptance') == 'accepted') {

-            $acceptance->accept($sig_filename);
+            // The item was accepted, check for a signature
+            if ($request->filled('signature_output')) {
+                $sig_filename = 'siglog-'.Str::uuid().'-'.date('Y-m-d-his').'.png';
+                $data_uri = $request->input('signature_output');
+                $encoded_image = explode(',', $data_uri);
+                $decoded_image = base64_decode($encoded_image[1]);
+                Storage::put('private_uploads/signatures/'.$sig_filename, (string) $decoded_image);
+            }

+
+            // this is horrible
+            if ($acceptance->checkoutable_type == 'App\Models\Asset') {
+                $pdf_view_route ='account.accept.accept-asset-eula';
+                $asset_model = AssetModel::find($item->model_id);
+                $display_model = $asset_model->name;
+                $assigned_to = User::find($item->assigned_to)->present()->fullName;
+
+            } elseif ($acceptance->checkoutable_type== 'App\Models\Accessory') {
+                $pdf_view_route ='account.accept.accept-accessory-eula';
+                $accessory = Accessory::find($item->id);
+                $display_model = $accessory->name;
+                $assigned_to = User::find($item->assignedTo);
+
+            }
+
+            /**
+             * Gather the data for the PDF. We fire this whether there is a signature required or not,
+             * since we want the moment-in-time proof of what the EULA was when they accepted it.
+             */
+            $branding_settings = SettingsController::getPDFBranding();
+            $data = [
+                'item_tag' => $item->asset_tag,
+                'item_model' => $display_model,
+                'item_serial' => $item->serial,
+                'eula' => $item->getEula(),
+                'check_out_date' => Carbon::parse($acceptance->created_at)->format($branding_settings->date_display_format),
+                'accepted_date' => Carbon::parse($acceptance->accepted_at)->format($branding_settings->date_display_format),
+                'assigned_to' => $assigned_to,
+                'company_name' => $branding_settings->site_name,
+                'signature' => ($sig_filename) ? storage_path() . '/private_uploads/signatures/' . $sig_filename : null,
+                'logo' => public_path() . '/uploads/' . $branding_settings->logo,
+                'date_settings' => $branding_settings->date_display_format,
+            ];
+
+            if ($pdf_view_route!='') {
+                \Log::debug($pdf_filename.' is the filename, and the route was specified.');
+                $pdf = Pdf::loadView($pdf_view_route, $data);
+                Storage::put('private_uploads/eula-pdfs/' .$pdf_filename, $pdf->output());
+            }
+
+            $acceptance->accept($sig_filename, $item->getEula(), $pdf_filename);
            event(new CheckoutAccepted($acceptance));

            $return_msg = trans('admin/users/message.accepted');

        } else {
-
-            $acceptance->decline($sig_filename);         
-
+            $acceptance->decline($sig_filename);
            event(new CheckoutDeclined($acceptance));
-
            $return_msg = trans('admin/users/message.declined');
-
        }

+
        return redirect()->to('account/accept')->with('success', $return_msg);
-    }	
-}
+
+    }
+}
@@ -3,16 +3,34 @@
 namespace App\Http\Controllers;

 use App\Helpers\Helper;
+use App\Models\Actionlog;
 use Response;

 class ActionlogController extends Controller
 {
    public function displaySig($filename)
    {
+        // PHP doesn't let you handle file not found errors well with 
+        // file_get_contents, so we set the error reporting for just this class
+        error_reporting(0);
+
        $this->authorize('view', \App\Models\Asset::class);
-        $file = config('app.private_uploads') . '/signatures/' . $filename;
+        $file = config('app.private_uploads').'/signatures/'.$filename;
        $filetype = Helper::checkUploadIsImage($file);
-        $contents = file_get_contents($file);
-        return Response::make($contents)->header('Content-Type', $filetype);
+
+        $contents = file_get_contents($file, false, stream_context_create(['http' => ['ignore_errors' => true]]));
+        if ($contents === false) {
+            \Log::warn('File '.$file.' not found');
+            return false;
+        } else {
+            return Response::make($contents)->header('Content-Type', $filetype);
+        }
+       
+    }
+    public function getStoredEula($filename){
+        $this->authorize('view', \App\Models\Asset::class);
+        $file = config('app.private_uploads').'/eula-pdfs/'.$filename;
+
+        return Response::download($file);
    }
 }
@@ -9,10 +9,11 @@ use App\Http\Transformers\SelectlistTransformer;
 use App\Models\Accessory;
 use App\Models\Company;
 use App\Models\User;
-use Carbon\Carbon;
 use Auth;
+use Carbon\Carbon;
 use DB;
 use Illuminate\Http\Request;
+use App\Http\Requests\ImageUploadRequest;

 class AccessoriesController extends Controller
 {
@@ -26,28 +27,52 @@ class AccessoriesController extends Controller
    public function index(Request $request)
    {
        $this->authorize('view', Accessory::class);
-        $allowed_columns = ['id','name','model_number','eol','notes','created_at','min_amt','company_id'];
+        $allowed_columns = ['id', 'name', 'model_number', 'eol', 'notes', 'created_at', 'min_amt', 'company_id'];
+        
+        // This array is what determines which fields should be allowed to be sorted on ON the table itself, no relations
+        // Relations will be handled in query scopes a little further down.
+        $allowed_columns = 
+            [
+                'id',
+                'name',
+                'model_number',
+                'eol',
+                'notes',
+                'created_at',
+                'min_amt',
+                'company_id',
+                'notes',
+            ];

-        $accessories = Accessory::with('category', 'company', 'manufacturer', 'users', 'location');
+
+        $accessories = Accessory::select('accessories.*')->with('category', 'company', 'manufacturer', 'users', 'location', 'supplier');

        if ($request->filled('search')) {
            $accessories = $accessories->TextSearch($request->input('search'));
        }

        if ($request->filled('company_id')) {
-            $accessories->where('company_id','=',$request->input('company_id'));
+            $accessories->where('company_id', '=', $request->input('company_id'));
        }

        if ($request->filled('category_id')) {
-            $accessories->where('category_id','=',$request->input('category_id'));
+            $accessories->where('category_id', '=', $request->input('category_id'));
        }

        if ($request->filled('manufacturer_id')) {
-            $accessories->where('manufacturer_id','=',$request->input('manufacturer_id'));
+            $accessories->where('manufacturer_id', '=', $request->input('manufacturer_id'));
        }

        if ($request->filled('supplier_id')) {
-            $accessories->where('supplier_id','=',$request->input('supplier_id'));
+            $accessories->where('supplier_id', '=', $request->input('supplier_id'));
+        }
+
+        if ($request->filled('location_id')) {
+            $accessories->where('location_id','=',$request->input('location_id'));
+        }
+
+        if ($request->filled('notes')) {
+            $accessories->where('notes','=',$request->input('notes'));
        }

        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
@@ -57,26 +82,34 @@ class AccessoriesController extends Controller
        // Check to make sure the limit is not higher than the max allowed
        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');

-
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+        $sort_override =  $request->input('sort');
+        $column_sort = in_array($sort_override, $allowed_columns) ? $sort_override : 'created_at';

-        switch ($sort) {
+        switch ($sort_override) {
            case 'category':
                $accessories = $accessories->OrderCategory($order);
                break;
            case 'company':
                $accessories = $accessories->OrderCompany($order);
                break;
+            case 'location':
+                $accessories = $accessories->OrderLocation($order);
+                break;
+            case 'manufacturer':
+                $accessories = $accessories->OrderManufacturer($order);
+                break;    
+            case 'supplier':
+                $accessories = $accessories->OrderSupplier($order);
+                break;       
            default:
-                $accessories = $accessories->orderBy($sort, $order);
+                $accessories = $accessories->orderBy($column_sort, $order);
                break;
        }
-
-        $accessories->orderBy($sort, $order);
-
+ 
        $total = $accessories->count();
        $accessories = $accessories->skip($offset)->take($limit)->get();
+
        return (new AccessoriesTransformer)->transformAccessories($accessories, $total);
    }

@@ -86,18 +119,20 @@ class AccessoriesController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest $request
     * @return \Illuminate\Http\Response
     */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
    {
        $this->authorize('create', Accessory::class);
        $accessory = new Accessory;
        $accessory->fill($request->all());
+        $accessory = $request->handleImages($accessory);

        if ($accessory->save()) {
            return response()->json(Helper::formatStandardApiResponse('success', $accessory, trans('admin/accessories/message.create.success')));
        }
+
        return response()->json(Helper::formatStandardApiResponse('error', null, $accessory->getErrors()));

    }
@@ -114,6 +149,7 @@ class AccessoriesController extends Controller
    {
        $this->authorize('view', Accessory::class);
        $accessory = Accessory::findOrFail($id);
+
        return (new AccessoriesTransformer)->transformAccessory($accessory);
    }

@@ -130,6 +166,7 @@ class AccessoriesController extends Controller
    {
        $this->authorize('view', Accessory::class);
        $accessory = Accessory::findOrFail($id);
+
        return (new AccessoriesTransformer)->transformAccessory($accessory);
    }

@@ -147,7 +184,7 @@ class AccessoriesController extends Controller
        $this->authorize('view', Accessory::class);

        $accessory = Accessory::with('lastCheckout')->findOrFail($id);
-        if (!Company::isCurrentUserHasAccess($accessory)) {
+        if (! Company::isCurrentUserHasAccess($accessory)) {
            return ['total' => 0, 'rows' => []];
        }

@@ -157,7 +194,7 @@ class AccessoriesController extends Controller
        $accessory_users = $accessory->users;
        $total = $accessory_users->count();

-        if($total < $offset){
+        if ($total < $offset) {
            $offset = 0;
        }

@@ -165,9 +202,13 @@ class AccessoriesController extends Controller

        if ($request->filled('search')) {
            $accessory_users = $accessory->users()
-                                ->where('first_name', 'like', '%'.$request->input('search').'%')
-                                ->orWhere('last_name', 'like', '%'.$request->input('search').'%')
-                                ->get();
+                                         ->where(function ($query) use ($request) {
+                                             $search_str = '%' . $request->input('search') . '%';
+                                             $query->where('first_name', 'like', $search_str)
+                                                   ->orWhere('last_name', 'like', $search_str)
+                                                   ->orWhere('note', 'like', $search_str);
+                                         })
+                                         ->get();
            $total = $accessory_users->count();
        }

@@ -180,15 +221,16 @@ class AccessoriesController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest $request
     * @param  int  $id
     * @return \Illuminate\Http\Response
     */
-    public function update(Request $request, $id)
+    public function update(ImageUploadRequest $request, $id)
    {
        $this->authorize('update', Accessory::class);
        $accessory = Accessory::findOrFail($id);
        $accessory->fill($request->all());
+        $accessory = $request->handleImages($accessory);

        if ($accessory->save()) {
            return response()->json(Helper::formatStandardApiResponse('success', $accessory, trans('admin/accessories/message.update.success')));
@@ -212,12 +254,12 @@ class AccessoriesController extends Controller
        $this->authorize($accessory);

        if ($accessory->hasUsers() > 0) {
-            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/accessories/message.assoc_users', array('count'=> $accessory->hasUsers()))));
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/accessories/message.assoc_users', ['count'=> $accessory->hasUsers()])));
        }

        $accessory->delete();
-        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/accessories/message.delete.success')));

+        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/accessories/message.delete.success')));
    }


@@ -243,7 +285,7 @@ class AccessoriesController extends Controller

        if ($accessory->numRemaining() > 0) {

-            if (!$user = User::find($request->input('assigned_to'))) {
+            if (! $user = User::find($request->input('assigned_to'))) {
                return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/accessories/message.checkout.user_does_not_exist')));
            }

@@ -255,12 +297,12 @@ class AccessoriesController extends Controller
                'created_at' => Carbon::now(),
                'user_id' => Auth::id(),
                'assigned_to' => $request->get('assigned_to'),
-                'note' => $request->get('note')
+                'note' => $request->get('note'),
            ]);

            $accessory->logCheckout($request->input('note'), $user);

-            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/accessories/message.checkout.success')));
+            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/accessories/message.checkout.success')));
        }

        return response()->json(Helper::formatStandardApiResponse('error', null, 'No accessories remaining'));
@@ -273,7 +315,7 @@ class AccessoriesController extends Controller
     * @uses Accessory::checkin_email() to determine if an email can and should be sent
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param Request $request
-     * @param integer $accessoryUserId
+     * @param int $accessoryUserId
     * @param string $backto
     * @return Redirect
     * @internal param int $accessoryId
@@ -291,7 +333,7 @@ class AccessoriesController extends Controller

        // Was the accessory updated?
        if (DB::table('accessories_users')->where('id', '=', $accessory_user->id)->delete()) {
-            if (!is_null($accessory_user->assigned_to)) {
+            if (! is_null($accessory_user->assigned_to)) {
                $user = User::find($accessory_user->assigned_to);
            }

@@ -306,7 +348,7 @@ class AccessoriesController extends Controller
            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/accessories/message.checkin.success')));
        }

-        return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/accessories/message.checkin.error')));
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/accessories/message.checkin.error')));

    }

@@ -322,7 +364,7 @@ class AccessoriesController extends Controller

        $accessories = Accessory::select([
            'accessories.id',
-            'accessories.name'
+            'accessories.name',
        ]);

        if ($request->filled('search')) {
@@ -331,10 +373,7 @@ class AccessoriesController extends Controller

        $accessories = $accessories->orderBy('name', 'ASC')->paginate(50);

-
        return (new SelectlistTransformer)->transformSelectlist($accessories);
    }

-
-
 }
@@ -1,4 +1,5 @@
 <?php
+
 namespace App\Http\Controllers\Api;

 use App\Helpers\Helper;
@@ -29,11 +30,12 @@ class AssetMaintenancesController extends Controller
     * @author  Vincent Sposato <vincent.sposato@gmail.com>
     * @version v1.0
     * @since [v1.8]
-     * @return String JSON
+     * @return string JSON
     */
    public function index(Request $request)
    {
-        $maintenances = AssetMaintenance::with('asset', 'asset.model','asset.location', 'supplier', 'asset.company', 'admin');
+        $this->authorize('view', Asset::class);
+        $maintenances = AssetMaintenance::with('asset', 'asset.model', 'asset.location', 'supplier', 'asset.company', 'admin');

        if ($request->filled('search')) {
            $maintenances = $maintenances->TextSearch($request->input('search'));
@@ -50,7 +52,6 @@ class AssetMaintenancesController extends Controller
        // Check to make sure the limit is not higher than the max allowed
        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');

-
        $allowed_columns = [
                                'id',
                                'title',
@@ -62,7 +63,7 @@ class AssetMaintenancesController extends Controller
                                'notes',
                                'asset_tag',
                                'asset_name',
-                                'user_id'
+                                'user_id',
                            ];
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
@@ -97,36 +98,37 @@ class AssetMaintenancesController extends Controller
     * @author  Vincent Sposato <vincent.sposato@gmail.com>
     * @version v1.0
     * @since [v1.8]
-     * @return String JSON
+     * @return string JSON
     */
    public function store(Request $request)
    {
+        $this->authorize('update', Asset::class);
        // create a new model instance
        $assetMaintenance = new AssetMaintenance();
        $assetMaintenance->supplier_id = $request->input('supplier_id');
        $assetMaintenance->is_warranty = $request->input('is_warranty');
-        $assetMaintenance->cost =  e($request->input('cost'));
+        $assetMaintenance->cost =  Helper::ParseCurrency($request->input('cost'));
        $assetMaintenance->notes = e($request->input('notes'));
        $asset = Asset::find(e($request->input('asset_id')));

-        if (!Company::isCurrentUserHasAccess($asset)) {
+        if (! Company::isCurrentUserHasAccess($asset)) {
            return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot add a maintenance for that asset'));
        }

        // Save the asset maintenance data
-        $assetMaintenance->asset_id               = $request->input('asset_id');
+        $assetMaintenance->asset_id = $request->input('asset_id');
        $assetMaintenance->asset_maintenance_type = $request->input('asset_maintenance_type');
-        $assetMaintenance->title                  = $request->input('title');
-        $assetMaintenance->start_date             = $request->input('start_date');
-        $assetMaintenance->completion_date        = $request->input('completion_date');
-        $assetMaintenance->user_id                = Auth::id();
+        $assetMaintenance->title = $request->input('title');
+        $assetMaintenance->start_date = $request->input('start_date');
+        $assetMaintenance->completion_date = $request->input('completion_date');
+        $assetMaintenance->user_id = Auth::id();

-        if (( $assetMaintenance->completion_date !== null )
-            && ( $assetMaintenance->start_date !== "" )
-            && ( $assetMaintenance->start_date !== "0000-00-00" )
+        if (($assetMaintenance->completion_date !== null)
+            && ($assetMaintenance->start_date !== '')
+            && ($assetMaintenance->start_date !== '0000-00-00')
        ) {
-            $startDate                                = Carbon::parse($assetMaintenance->start_date);
-            $completionDate                           = Carbon::parse($assetMaintenance->completion_date);
+            $startDate = Carbon::parse($assetMaintenance->start_date);
+            $completionDate = Carbon::parse($assetMaintenance->completion_date);
            $assetMaintenance->asset_maintenance_time = $completionDate->diffInDays($startDate);
        }

@@ -140,7 +142,6 @@ class AssetMaintenancesController extends Controller

    }

-
    /**
     *  Validates and stores an update to an asset maintenance
     *
@@ -149,59 +150,60 @@ class AssetMaintenancesController extends Controller
     * @param int $request
     * @version v1.0
     * @since [v4.0]
-     * @return String JSON
+     * @return string JSON
     */
    public function update(Request $request, $assetMaintenanceId = null)
    {
+        $this->authorize('update', Asset::class);
        // Check if the asset maintenance exists
        $assetMaintenance = AssetMaintenance::findOrFail($assetMaintenanceId);

-        if (!Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
+        if (! Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
            return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot edit a maintenance for that asset'));
        }

        $assetMaintenance->supplier_id = e($request->input('supplier_id'));
        $assetMaintenance->is_warranty = e($request->input('is_warranty'));
-        $assetMaintenance->cost =  Helper::ParseFloat(e($request->input('cost')));
+        $assetMaintenance->cost =  Helper::ParseCurrency($request->input('cost'));
        $assetMaintenance->notes = e($request->input('notes'));

        $asset = Asset::find(request('asset_id'));

-        if (!Company::isCurrentUserHasAccess($asset)) {
+        if (! Company::isCurrentUserHasAccess($asset)) {
            return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot edit a maintenance for that asset'));
        }

        // Save the asset maintenance data
-        $assetMaintenance->asset_id               = $request->input('asset_id');
+        $assetMaintenance->asset_id = $request->input('asset_id');
        $assetMaintenance->asset_maintenance_type = $request->input('asset_maintenance_type');
-        $assetMaintenance->title                  = $request->input('title');
-        $assetMaintenance->start_date             = $request->input('start_date');
-        $assetMaintenance->completion_date        = $request->input('completion_date');
+        $assetMaintenance->title = $request->input('title');
+        $assetMaintenance->start_date = $request->input('start_date');
+        $assetMaintenance->completion_date = $request->input('completion_date');

-        if (( $assetMaintenance->completion_date == null )
+        if (($assetMaintenance->completion_date == null)
        ) {
-            if (( $assetMaintenance->asset_maintenance_time !== 0 )
-                || ( !is_null($assetMaintenance->asset_maintenance_time) )
+            if (($assetMaintenance->asset_maintenance_time !== 0)
+                || (! is_null($assetMaintenance->asset_maintenance_time))
            ) {
                $assetMaintenance->asset_maintenance_time = null;
            }
        }

-        if (( $assetMaintenance->completion_date !== null )
-            && ( $assetMaintenance->start_date !== "" )
-            && ( $assetMaintenance->start_date !== "0000-00-00" )
+        if (($assetMaintenance->completion_date !== null)
+            && ($assetMaintenance->start_date !== '')
+            && ($assetMaintenance->start_date !== '0000-00-00')
        ) {
-            $startDate                                = Carbon::parse($assetMaintenance->start_date);
-            $completionDate                           = Carbon::parse($assetMaintenance->completion_date);
+            $startDate = Carbon::parse($assetMaintenance->start_date);
+            $completionDate = Carbon::parse($assetMaintenance->completion_date);
            $assetMaintenance->asset_maintenance_time = $completionDate->diffInDays($startDate);
        }

        // Was the asset maintenance created?
        if ($assetMaintenance->save()) {
-
            return response()->json(Helper::formatStandardApiResponse('success', $assetMaintenance, trans('admin/asset_maintenances/message.edit.success')));

        }
+
        return response()->json(Helper::formatStandardApiResponse('error', null, $assetMaintenance->getErrors()));
    }

@@ -212,14 +214,15 @@ class AssetMaintenancesController extends Controller
     * @param int $assetMaintenanceId
     * @version v1.0
     * @since [v4.0]
-     * @return String JSON
+     * @return string JSON
     */
    public function destroy($assetMaintenanceId)
    {
+        $this->authorize('update', Asset::class);
        // Check if the asset maintenance exists
        $assetMaintenance = AssetMaintenance::findOrFail($assetMaintenanceId);

-        if (!Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
+        if (! Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
            return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot delete a maintenance for that asset'));
        }

@@ -237,14 +240,16 @@ class AssetMaintenancesController extends Controller
     * @param int $assetMaintenanceId
     * @version v1.0
     * @since [v4.0]
-     * @return String JSON
+     * @return string JSON
     */
    public function show($assetMaintenanceId)
    {
+        $this->authorize('view', Asset::class);
        $assetMaintenance = AssetMaintenance::findOrFail($assetMaintenanceId);
-        if (!Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
+        if (! Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
            return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot view a maintenance for that asset'));
        }
+
        return (new AssetMaintenancesTransformer())->transformAssetMaintenance($assetMaintenance);

    }
@@ -1,4 +1,5 @@
 <?php
+
 namespace App\Http\Controllers\Api;

 use App\Helpers\Helper;
@@ -9,6 +10,7 @@ use App\Http\Transformers\SelectlistTransformer;
 use App\Models\Asset;
 use App\Models\AssetModel;
 use Illuminate\Http\Request;
+use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Storage;

 /**
@@ -42,7 +44,7 @@ class AssetModelsController extends Controller
                'manufacturer',
                'requestable',
                'assets_count',
-                'category'
+                'category',
            ];

        $assetmodels = AssetModel::select([
@@ -61,12 +63,10 @@ class AssetModelsController extends Controller
            'models.deleted_at',
            'models.updated_at',
         ])
-            ->with('category','depreciation', 'manufacturer','fieldset')
+            ->with('category', 'depreciation', 'manufacturer', 'fieldset')
            ->withCount('assets as assets_count');

-
-
-        if ($request->filled('status')) {
+        if ($request->input('status')=='deleted') {
            $assetmodels->onlyTrashed();
        }

@@ -98,6 +98,7 @@ class AssetModelsController extends Controller

        $total = $assetmodels->count();
        $assetmodels = $assetmodels->skip($offset)->take($limit)->get();
+
        return (new AssetModelsTransformer)->transformAssetModels($assetmodels, $total);
    }

@@ -107,20 +108,22 @@ class AssetModelsController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest  $request
     * @return \Illuminate\Http\Response
     */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
    {
        $this->authorize('create', AssetModel::class);
        $assetmodel = new AssetModel;
        $assetmodel->fill($request->all());
+        $assetmodel = $request->handleImages($assetmodel);

        if ($assetmodel->save()) {
            return response()->json(Helper::formatStandardApiResponse('success', $assetmodel, trans('admin/models/message.create.success')));
        }
        return response()->json(Helper::formatStandardApiResponse('error', null, $assetmodel->getErrors()));

+
    }

    /**
@@ -135,6 +138,7 @@ class AssetModelsController extends Controller
    {
        $this->authorize('view', AssetModel::class);
        $assetmodel = AssetModel::withCount('assets as assets_count')->findOrFail($id);
+
        return (new AssetModelsTransformer)->transformAssetModel($assetmodel);
    }

@@ -149,7 +153,8 @@ class AssetModelsController extends Controller
    public function assets($id)
    {
        $this->authorize('view', AssetModel::class);
-        $assets = Asset::where('model_id','=',$id)->get();
+        $assets = Asset::where('model_id', '=', $id)->get();
+
        return (new AssetsTransformer)->transformAssets($assets, $assets->count());
    }

@@ -159,16 +164,17 @@ class AssetModelsController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest  $request
     * @param  int  $id
     * @return \Illuminate\Http\Response
     */
-    public function update(Request $request, $id)
+    public function update(ImageUploadRequest $request, $id)
    {
        $this->authorize('update', AssetModel::class);
        $assetmodel = AssetModel::findOrFail($id);
        $assetmodel->fill($request->all());
-
+        $assetmodel = $request->handleImages($assetmodel);
+        
        /**
         * Allow custom_fieldset_id to override and populate fieldset_id.
         * This is stupid, but required for legacy API support.
@@ -178,7 +184,7 @@ class AssetModelsController extends Controller
         * it, but I'll be damned if I can think of one. - snipe
         */
        if ($request->filled('custom_fieldset_id')) {
-            $assetmodel->fieldset_id = $request->get("custom_fieldset_id");
+            $assetmodel->fieldset_id = $request->get('custom_fieldset_id');
        }


@@ -204,11 +210,11 @@ class AssetModelsController extends Controller
        $this->authorize('delete', $assetmodel);

        if ($assetmodel->assets()->count() > 0) {
-            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/models/message.assoc_users')));
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/models/message.assoc_users')));
        }

        if ($assetmodel->image) {
-            try  {
+            try {
                Storage::disk('public')->delete('assetmodels/'.$assetmodel->image);
            } catch (\Exception $e) {
                \Log::info($e);
@@ -216,8 +222,8 @@ class AssetModelsController extends Controller
        }

        $assetmodel->delete();
-        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/models/message.delete.success')));

+        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/models/message.delete.success')));
    }

    /**
@@ -226,11 +232,11 @@ class AssetModelsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0.16]
     * @see \App\Http\Transformers\SelectlistTransformer
-     *
     */
    public function selectlist(Request $request)
    {

+        $this->authorize('view.selectlists');
        $assetmodels = AssetModel::select([
            'models.id',
            'models.name',
@@ -238,7 +244,7 @@ class AssetModelsController extends Controller
            'models.model_number',
            'models.manufacturer_id',
            'models.category_id',
-        ])->with('manufacturer','category');
+        ])->with('manufacturer', 'category');

        $settings = \App\Models\Setting::getSettings();

@@ -249,7 +255,6 @@ class AssetModelsController extends Controller
        $assetmodels = $assetmodels->OrderCategory('ASC')->OrderManufacturer('ASC')->orderby('models.name', 'asc')->orderby('models.model_number', 'asc')->paginate(50);

        foreach ($assetmodels as $assetmodel) {
-
            $assetmodel->use_text = '';

            if ($settings->modellistCheckedValue('category')) {
@@ -260,10 +265,10 @@ class AssetModelsController extends Controller
                $assetmodel->use_text .= (($assetmodel->manufacturer) ? $assetmodel->manufacturer->name.' ' : '');
            }

-            $assetmodel->use_text .=  $assetmodel->name;
+            $assetmodel->use_text .= $assetmodel->name;

-            if (($settings->modellistCheckedValue('model_number')) && ($assetmodel->model_number!='')) {
-                $assetmodel->use_text .=  ' (#'.$assetmodel->model_number.')';
+            if (($settings->modellistCheckedValue('model_number')) && ($assetmodel->model_number != '')) {
+                $assetmodel->use_text .= ' (#'.$assetmodel->model_number.')';
            }

            $assetmodel->use_image = ($settings->modellistCheckedValue('image') && ($assetmodel->image)) ? Storage::disk('public')->url('models/'.e($assetmodel->image)) : null;
@@ -271,5 +276,4 @@ class AssetModelsController extends Controller

        return (new SelectlistTransformer)->transformSelectlist($assetmodels);
    }
-
 }
@@ -1,4 +1,5 @@
 <?php
+
 namespace App\Http\Controllers\Api;

 use App\Events\CheckoutableCheckedIn;
@@ -7,8 +8,10 @@ use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Http\Requests\AssetCheckoutRequest;
 use App\Http\Transformers\AssetsTransformer;
+use App\Http\Transformers\DepreciationReportTransformer;
 use App\Http\Transformers\LicensesTransformer;
 use App\Http\Transformers\SelectlistTransformer;
+use App\Models\Actionlog;
 use App\Models\Asset;
 use App\Models\AssetModel;
 use App\Models\Company;
@@ -21,13 +24,14 @@ use Auth;
 use Carbon\Carbon;
 use DB;
 use Illuminate\Http\Request;
+use App\Http\Requests\ImageUploadRequest;
 use Input;
 use Paginator;
 use Slack;
 use Str;
 use TCPDF;
 use Validator;
-
+use Route;

 /**
 * This class controls all actions related to assets for
@@ -38,7 +42,6 @@ use Validator;
 */
 class AssetsController extends Controller
 {
-
    /**
     * Returns JSON listing of all assets
     *
@@ -47,10 +50,32 @@ class AssetsController extends Controller
     * @since [v4.0]
     * @return JsonResponse
     */
-    public function index(Request $request, $audit = null)
+    public function index(Request $request, $audit = null) 
    {

-        $this->authorize('index', Asset::class);
+        $filter_non_deprecable_assets = false;
+
+        /**
+         * This looks MAD janky (and it is), but the AssetsController@index does a LOT of heavy lifting throughout the 
+         * app. This bit here just makes sure that someone without permission to view assets doesn't 
+         * end up with priv escalations because they asked for a different endpoint. 
+         * 
+         * Since we never gave the specification for which transformer to use before, it should default 
+         * gracefully to just use the AssetTransformer by default, which shouldn't break anything. 
+         * 
+         * It was either this mess, or repeating ALL of the searching and sorting and filtering code, 
+         * which would have been far worse of a mess. *sad face*  - snipe (Sept 1, 2021)
+         */
+        if (Route::currentRouteName()=='api.depreciation-report.index') {
+            $filter_non_deprecable_assets = true;
+            $transformer = 'App\Http\Transformers\DepreciationReportTransformer';
+            $this->authorize('reports.view');
+        } else {
+            $transformer = 'App\Http\Transformers\AssetsTransformer';
+            $this->authorize('index', Asset::class);          
+        }
+        
+       
        $settings = Setting::getSettings();

        $allowed_columns = [
@@ -77,7 +102,7 @@ class AssetsController extends Controller
            'requests_counter',
        ];

-        $filter = array();
+        $filter = [];

        if ($request->filled('filter')) {
            $filter = json_decode($request->input('filter'), true);
@@ -85,22 +110,38 @@ class AssetsController extends Controller

        $all_custom_fields = CustomField::all(); //used as a 'cache' of custom fields throughout this page load
        foreach ($all_custom_fields as $field) {
-            $allowed_columns[]=$field->db_column_name();
+            $allowed_columns[] = $field->db_column_name();
        }

-        $assets = Company::scopeCompanyables(Asset::select('assets.*'),"company_id","assets")
-            ->with('location', 'assetstatus', 'assetlog', 'company', 'defaultLoc','assignedTo',
-                'model.category', 'model.manufacturer', 'model.fieldset','supplier');
+        $assets = Company::scopeCompanyables(Asset::select('assets.*'), 'company_id', 'assets')
+            ->with('location', 'assetstatus', 'company', 'defaultLoc','assignedTo',
+                'model.category', 'model.manufacturer', 'model.fieldset','supplier'); //it might be tempting to add 'assetlog' here, but don't. It blows up update-heavy users.


+        if ($filter_non_deprecable_assets) {
+            $non_deprecable_models = AssetModel::select('id')->whereNotNull('depreciation_id')->get();
+
+            $assets->InModelList($non_deprecable_models->toArray());
+        }
+
        // These are used by the API to query against specific ID numbers.
        // They are also used by the individual searches on detail pages like
        // locations, etc.
+
+
+        // Search custom fields by column name
+        foreach ($all_custom_fields as $field) {
+            if ($request->filled($field->db_column_name())) {
+                $assets->where($field->db_column_name(), '=', $request->input($field->db_column_name()));
+            }
+        }
+
+
        if ($request->filled('status_id')) {
            $assets->where('assets.status_id', '=', $request->input('status_id'));
        }

-        if ($request->input('requestable')=='true') {
+        if ($request->input('requestable') == 'true') {
            $assets->where('assets.requestable', '=', '1');
        }

@@ -155,7 +196,6 @@ class AssetsController extends Controller

        // This is used by the audit reporting routes
        if (Gate::allows('audit', Asset::class)) {
-
            switch ($audit) {
                case 'due':
                    $assets->DueOrOverdueForAudit($settings);
@@ -178,19 +218,19 @@ class AssetsController extends Controller
                $assets->onlyTrashed();
                break;
            case 'Pending':
-                $assets->join('status_labels AS status_alias',function ($join) {
-                    $join->on('status_alias.id', "=", "assets.status_id")
-                        ->where('status_alias.deployable','=',0)
-                        ->where('status_alias.pending','=',1)
+                $assets->join('status_labels AS status_alias', function ($join) {
+                    $join->on('status_alias.id', '=', 'assets.status_id')
+                        ->where('status_alias.deployable', '=', 0)
+                        ->where('status_alias.pending', '=', 1)
                        ->where('status_alias.archived', '=', 0);
                });
                break;
            case 'RTD':
                $assets->whereNull('assets.assigned_to')
-                    ->join('status_labels AS status_alias',function ($join) {
-                        $join->on('status_alias.id', "=", "assets.status_id")
-                            ->where('status_alias.deployable','=',1)
-                            ->where('status_alias.pending','=',0)
+                    ->join('status_labels AS status_alias', function ($join) {
+                        $join->on('status_alias.id', '=', 'assets.status_id')
+                            ->where('status_alias.deployable', '=', 1)
+                            ->where('status_alias.pending', '=', 0)
                            ->where('status_alias.archived', '=', 0);
                    });
                break;
@@ -198,19 +238,19 @@ class AssetsController extends Controller
                $assets->Undeployable();
                break;
            case 'Archived':
-                $assets->join('status_labels AS status_alias',function ($join) {
-                    $join->on('status_alias.id', "=", "assets.status_id")
-                        ->where('status_alias.deployable','=',0)
-                        ->where('status_alias.pending','=',0)
+                $assets->join('status_labels AS status_alias', function ($join) {
+                    $join->on('status_alias.id', '=', 'assets.status_id')
+                        ->where('status_alias.deployable', '=', 0)
+                        ->where('status_alias.pending', '=', 0)
                        ->where('status_alias.archived', '=', 1);
                });
                break;
            case 'Requestable':
                $assets->where('assets.requestable', '=', 1)
-                    ->join('status_labels AS status_alias',function ($join) {
-                        $join->on('status_alias.id', "=", "assets.status_id")
-                            ->where('status_alias.deployable','=',1)
-                            ->where('status_alias.pending','=',0)
+                    ->join('status_labels AS status_alias', function ($join) {
+                        $join->on('status_alias.id', '=', 'assets.status_id')
+                            ->where('status_alias.deployable', '=', 1)
+                            ->where('status_alias.pending', '=', 0)
                            ->where('status_alias.archived', '=', 0);
                    });

@@ -221,24 +261,24 @@ class AssetsController extends Controller
                break;
            default:

-                if ((!$request->filled('status_id')) && ($settings->show_archived_in_list!='1')) {
+                if ((! $request->filled('status_id')) && ($settings->show_archived_in_list != '1')) {
                    // terrible workaround for complex-query Laravel bug in fulltext
-                    $assets->join('status_labels AS status_alias',function ($join) {
-                        $join->on('status_alias.id', "=", "assets.status_id")
+                    $assets->join('status_labels AS status_alias', function ($join) {
+                        $join->on('status_alias.id', '=', 'assets.status_id')
                            ->where('status_alias.archived', '=', 0);
                    });

                    // If there is a status ID, don't take show_archived_in_list into consideration
                } else {
-                    $assets->join('status_labels AS status_alias',function ($join) {
-                        $join->on('status_alias.id', "=", "assets.status_id");
+                    $assets->join('status_labels AS status_alias', function ($join) {
+                        $join->on('status_alias.id', '=', 'assets.status_id');
                    });
                }

        }


-        if ((!is_null($filter)) && (count($filter)) > 0) {
+        if ((! is_null($filter)) && (count($filter)) > 0) {
            $assets->ByFilter($filter);
        } elseif ($request->filled('search')) {
            $assets->TextSearch($request->input('search'));
@@ -248,7 +288,7 @@ class AssetsController extends Controller
        // This is kinda gross, but we need to do this because the Bootstrap Tables
        // API passes custom field ordering as custom_fields.fieldname, and we have to strip
        // that out to let the default sorter below order them correctly on the assets table.
-        $sort_override = str_replace('custom_fields.','', $request->input('sort')) ;
+        $sort_override = str_replace('custom_fields.', '', $request->input('sort'));

        // This handles all of the pivot sorting (versus the assets.* fields
        // in the allowed_columns array)
@@ -293,8 +333,24 @@ class AssetsController extends Controller

        $total = $assets->count();
        $assets = $assets->skip($offset)->take($limit)->get();
-        // dd($assets);
-        return (new AssetsTransformer)->transformAssets($assets, $total);
+        
+
+        /**
+         * Include additional associated relationships
+         */  
+        if ($request->input('components')) {
+            $assets->loadMissing(['components' => function ($query) {
+                $query->orderBy('created_at', 'desc');
+            }]);
+        }
+
+
+
+        /**
+         * Here we're just determining which Transformer (via $transformer) to use based on the 
+         * variables we set earlier on in this method - we default to AssetsTransformer.
+         */
+        return (new $transformer)->transformAssets($assets, $total, $request);
    }


@@ -306,11 +362,12 @@ class AssetsController extends Controller
     * @since [v4.2.1]
     * @return JsonResponse
     */
-    public function showByTag($tag)
+    public function showByTag(Request $request, $tag)
    {
-        if ($asset = Asset::with('assetstatus')->with('assignedTo')->where('asset_tag',$tag)->first()) {
+        if ($asset = Asset::with('assetstatus')->with('assignedTo')->where('asset_tag', $tag)->first()) {
            $this->authorize('view', $asset);
-            return (new AssetsTransformer)->transformAsset($asset);
+
+            return (new AssetsTransformer)->transformAsset($asset, $request);
        }
        return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 200);

@@ -324,17 +381,28 @@ class AssetsController extends Controller
     * @since [v4.2.1]
     * @return JsonResponse
     */
-    public function showBySerial($serial)
+    public function showBySerial(Request $request, $serial)
    {
        $this->authorize('index', Asset::class);
        if ($assets = Asset::with('assetstatus')->with('assignedTo')
-            ->withTrashed()->where('serial',$serial)->get()) {
+            ->withTrashed()->where('serial', $serial)->get()) {
                return (new AssetsTransformer)->transformAssets($assets, $assets->count());
        }
        return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 200);

+        $assets = Asset::with('assetstatus')->with('assignedTo');
+
+        if ($request->input('deleted', 'false') === 'true') {
+            $assets = $assets->withTrashed();
    }

+        $assets = $assets->where('serial', $serial)->get();
+        if ($assets) {
+            return (new AssetsTransformer)->transformAssets($assets, $assets->count());
+        } else {
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 200);
+        }
+    }

    /**
     * Returns JSON with information about an asset for detail view.
@@ -344,22 +412,25 @@ class AssetsController extends Controller
     * @since [v4.0]
     * @return JsonResponse
     */
-    public function show($id)
+    public function show(Request $request, $id)
    {
        if ($asset = Asset::with('assetstatus')->with('assignedTo')->withTrashed()
            ->withCount('checkins as checkins_count', 'checkouts as checkouts_count', 'userRequests as user_requests_count')->findOrFail($id)) {
            $this->authorize('view', $asset);
-            return (new AssetsTransformer)->transformAsset($asset);
+
+            return (new AssetsTransformer)->transformAsset($asset, $request->input('components') );
        }


    }
-    public function licenses($id)
+
+    public function licenses(Request $request, $id)
    {
        $this->authorize('view', Asset::class);
        $this->authorize('view', License::class);
        $asset = Asset::where('id', $id)->withTrashed()->first();
        $licenses = $asset->licenses()->get();
+
        return (new LicensesTransformer())->transformLicenses($licenses, $licenses->count());
     }

@@ -382,7 +453,7 @@ class AssetsController extends Controller
            'assets.model_id',
            'assets.assigned_to',
            'assets.assigned_type',
-            'assets.status_id'
+            'assets.status_id',
            ])->with('model', 'assetstatus', 'assignedTo')->NotArchived(), 'company_id', 'assets');

        if ($request->filled('assetStatusType') && $request->input('assetStatusType') === 'RTD') {
@@ -409,15 +480,14 @@ class AssetsController extends Controller
            }


-            if ($asset->assetstatus->getStatuslabelType()=='pending') {
-                $asset->use_text .=  '('.$asset->assetstatus->getStatuslabelType().')';
+            if ($asset->assetstatus->getStatuslabelType() == 'pending') {
+                $asset->use_text .= '('.$asset->assetstatus->getStatuslabelType().')';
            }

            $asset->use_image = ($asset->getImageUrl()) ? $asset->getImageUrl() : null;
        }

        return (new SelectlistTransformer)->transformSelectlist($assets);
-
    }


@@ -425,13 +495,12 @@ class AssetsController extends Controller
     * Accepts a POST request to create a new asset
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @param Request $request
+     * @param \App\Http\Requests\ImageUploadRequest $request
     * @since [v4.0]
     * @return JsonResponse
     */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
    {
-
        $this->authorize('create', Asset::class);

        $asset = new Asset();
@@ -450,29 +519,23 @@ class AssetsController extends Controller
        $asset->depreciate              = '0';
        $asset->status_id               = $request->get('status_id', 0);
        $asset->warranty_months         = $request->get('warranty_months', null);
-        $asset->purchase_cost           = Helper::ParseFloat($request->get('purchase_cost'));
+        $asset->purchase_cost           = Helper::ParseCurrency($request->get('purchase_cost')); // this is the API's store method, so I don't know that I want to do this? Confusing. FIXME (or not?!)
        $asset->purchase_date           = $request->get('purchase_date', null);
        $asset->assigned_to             = $request->get('assigned_to', null);
-        $asset->supplier_id             = $request->get('supplier_id', 0);
+        $asset->supplier_id             = $request->get('supplier_id');
        $asset->requestable             = $request->get('requestable', 0);
        $asset->rtd_location_id         = $request->get('rtd_location_id', null);
        $asset->location_id             = $request->get('rtd_location_id', null);

-        if ($request->has('image_source') && $request->input('image_source') != "") {
-            $saved_image_path = Helper::processUploadedImage(
-                $request->input('image_source'), 'uploads/assets/'
-            );
+        /**
+        * this is here just legacy reasons. Api\AssetController
+        * used image_source  once to allow encoded image uploads.
+        */
+        if ($request->has('image_source')) {
+            $request->offsetSet('image', $request->offsetGet('image_source'));
+        }     

-            if (!$saved_image_path) {
-                return response()->json(Helper::formatStandardApiResponse(
-                        'error',
-                        null,
-                        trans('admin/hardware/message.create.error')
-                    ), 200);
-            }
-
-            $asset->image = $saved_image_path;
-        }
+        $asset = $request->handleImages($asset);

        // Update custom fields in the database.
        // Validation for these fields is handled through the AssetRequest form request
@@ -492,13 +555,12 @@ class AssetsController extends Controller

                // if the field is set to encrypted, make sure we encrypt the value
                if ($field->field_encrypted == '1') {
-
                    \Log::debug('This model field is encrypted in this fieldset.');

                    if (Gate::allows('admin')) {

                        // If input value is null, use custom field's default value
-                        if (($field_val == null) && ($request->has('model_id')!='')){
+                        if (($field_val == null) && ($request->has('model_id') != '')) {
                            $field_val = \Crypt::encrypt($field->defaultValue($request->get('model_id')));
                        } else {
                            $field_val = \Crypt::encrypt($request->input($field->convertUnicodeDbSlug()));
@@ -508,12 +570,10 @@ class AssetsController extends Controller


                $asset->{$field->convertUnicodeDbSlug()} = $field_val;
-
            }
        }

        if ($asset->save()) {
-
            if ($request->get('assigned_user')) {
                $target = User::find(request('assigned_user'));
            } elseif ($request->get('assigned_asset')) {
@@ -540,11 +600,11 @@ class AssetsController extends Controller
     * Accepts a POST request to update an asset
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @param Request $request
+     * @param \App\Http\Requests\ImageUploadRequest $request
     * @since [v4.0]
     * @return JsonResponse
     */
-    public function update(Request $request, $id)
+    public function update(ImageUploadRequest $request, $id)
    {
        $this->authorize('update', Asset::class);

@@ -558,37 +618,24 @@ class AssetsController extends Controller
            ($request->filled('company_id')) ?
                $asset->company_id = Company::getIdForCurrentUser($request->get('company_id')) : '';

-($request->filled('rtd_location_id')) ?
-                $asset->location_id = $request->get('rtd_location_id') : null;
-
-
-            if ($request->filled('image_source')) {
-                if ($request->input('image_source') == "") {
            ($request->filled('rtd_location_id')) ?
                $asset->location_id = $request->get('rtd_location_id') : null;
-                    $asset->image = null;
-                } else {
-                    $saved_image_path = Helper::processUploadedImage(
-                        $request->input('image_source'), 'uploads/assets/'
-                    );

-                    if (!$saved_image_path) {
-                        return response()->json(Helper::formatStandardApiResponse(
-                            'error',
-                            null,
-                            trans('admin/hardware/message.update.error')
-                        ), 200);
-                    }
-
-                    $asset->image = $saved_image_path;
-                }
-            }
+            /**
+            * this is here just legacy reasons. Api\AssetController
+            * used image_source  once to allow encoded image uploads.
+            */
+            if ($request->has('image_source')) {
+                $request->offsetSet('image', $request->offsetGet('image_source'));
+            }     

+            $asset = $request->handleImages($asset); 
+            
            // Update custom fields
            if (($model = AssetModel::find($asset->model_id)) && (isset($model->fieldset))) {
                foreach ($model->fieldset->fields as $field) {
                    if ($request->has($field->convertUnicodeDbSlug())) {
-                        if ($field->field_encrypted=='1') {
+                        if ($field->field_encrypted == '1') {
                            if (Gate::allows('admin')) {
                                $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt($request->input($field->convertUnicodeDbSlug()));
                            }
@@ -601,15 +648,13 @@ class AssetsController extends Controller


            if ($asset->save()) {
-
                if (($request->filled('assigned_user')) && ($target = User::find($request->get('assigned_user')))) {
                        $location = $target->location_id;
                } elseif (($request->filled('assigned_asset')) && ($target = Asset::find($request->get('assigned_asset')))) {
                    $location = $target->location_id;

-                    Asset::where('assigned_type', '\\App\\Models\\Asset')->where('assigned_to', $id)
+                    Asset::where('assigned_type', \App\Models\Asset::class)->where('assigned_to', $id)
                        ->update(['location_id' => $target->location_id]);
-
                } elseif (($request->filled('assigned_location')) && ($target = Location::find($request->get('assigned_location')))) {
                    $location = $target->id;
                }
@@ -624,8 +669,10 @@ class AssetsController extends Controller

                return response()->json(Helper::formatStandardApiResponse('success', $asset, trans('admin/hardware/message.update.success')));
            }
+
            return response()->json(Helper::formatStandardApiResponse('error', null, $asset->getErrors()), 200);
        }
+
        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 200);
    }

@@ -643,12 +690,11 @@ class AssetsController extends Controller
        $this->authorize('delete', Asset::class);

        if ($asset = Asset::find($id)) {
-
            $this->authorize('delete', $asset);

            DB::table('assets')
                ->where('id', $asset->id)
-                ->update(array('assigned_to' => null));
+                ->update(['assigned_to' => null]);

            $asset->delete();

@@ -658,6 +704,39 @@ class AssetsController extends Controller
        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 200);
    }

+    
+
+    /**
+     * Restore a soft-deleted asset.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $assetId
+     * @since [v5.1.18]
+     * @return JsonResponse
+     */
+    public function restore($assetId = null)
+    {
+        // Get asset information
+        $asset = Asset::withTrashed()->find($assetId);
+        $this->authorize('delete', $asset);
+        if (isset($asset->id)) {
+            // Restore the asset
+            Asset::withTrashed()->where('id', $assetId)->restore();
+
+            $logaction = new Actionlog();
+            $logaction->item_type = Asset::class;
+            $logaction->item_id = $asset->id;
+            $logaction->created_at =  date("Y-m-d H:i:s");
+            $logaction->user_id = Auth::user()->id;
+            $logaction->logaction('restored');
+
+            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/hardware/message.restore.success')));
+        
+
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 200);
+    }
+


    /**
@@ -673,7 +752,7 @@ class AssetsController extends Controller
        $this->authorize('checkout', Asset::class);
        $asset = Asset::findOrFail($asset_id);

-        if (!$asset->availableForCheckout()) {
+        if (! $asset->availableForCheckout()) {
            return response()->json(Helper::formatStandardApiResponse('error', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkout.not_available')));
        }

@@ -687,21 +766,21 @@ class AssetsController extends Controller


        // This item is checked out to a location
-        if (request('checkout_to_type')=='location') {
+        if (request('checkout_to_type') == 'location') {
            $target = Location::find(request('assigned_location'));
            $asset->location_id = ($target) ? $target->id : '';
            $error_payload['target_id'] = $request->input('assigned_location');
            $error_payload['target_type'] = 'location';

-        } elseif (request('checkout_to_type')=='asset') {
-            $target = Asset::where('id','!=',$asset_id)->find(request('assigned_asset'));
+        } elseif (request('checkout_to_type') == 'asset') {
+            $target = Asset::where('id', '!=', $asset_id)->find(request('assigned_asset'));
            $asset->location_id = $target->rtd_location_id;
            // Override with the asset's location_id if it has one
            $asset->location_id = (($target) && (isset($target->location_id))) ? $target->location_id : '';
            $error_payload['target_id'] = $request->input('assigned_asset');
            $error_payload['target_type'] = 'asset';

-        } elseif (request('checkout_to_type')=='user') {
+        } elseif (request('checkout_to_type') == 'user') {
            // Fetch the target and set the asset's new location_id
            $target = User::find(request('assigned_user'));
            $asset->location_id = (($target) && (isset($target->location_id))) ? $target->location_id : '';
@@ -709,15 +788,18 @@ class AssetsController extends Controller
            $error_payload['target_type'] = 'user';
        }

+        if ($request->filled('status_id')) {
+            $asset->status_id = $request->get('status_id');
+        }


-        if (!isset($target)) {
+        if (! isset($target)) {
            return response()->json(Helper::formatStandardApiResponse('error', $error_payload, 'Checkout target for asset '.e($asset->asset_tag).' is invalid - '.$error_payload['target_type'].' does not exist.'));
        }



-        $checkout_at = request('checkout_at', date("Y-m-d H:i:s"));
+        $checkout_at = request('checkout_at', date('Y-m-d H:i:s'));
        $expected_checkin = request('expected_checkin', null);
        $note = request('note', null);
        $asset_name = request('name', null);
@@ -756,8 +838,8 @@ class AssetsController extends Controller
        $this->authorize('checkin', $asset);


-        $user = $asset->assignedUser;
-        if (is_null($target = $asset->assignedTo)) {
+        $target = $asset->assignedTo;
+        if (is_null($target)) {
            return response()->json(Helper::formatStandardApiResponse('error', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkin.already_checked_in')));
        }

@@ -770,25 +852,50 @@ class AssetsController extends Controller
        if ($request->filled('name')) {
            $asset->name = $request->input('name');
        }
-        
-        $asset->location_id =  $asset->rtd_location_id;
+
+        $asset->location_id = $asset->rtd_location_id;

        if ($request->filled('location_id')) {
-            $asset->location_id =  $request->input('location_id');
+            $asset->location_id = $request->input('location_id');
        }

        if ($request->has('status_id')) {
-            $asset->status_id =  $request->input('status_id');
+            $asset->status_id = $request->input('status_id');
+        }
+
+        $checkin_at = null;
+        if ($request->filled('checkin_at')) {
+            $checkin_at = $request->input('checkin_at');
        }

        if ($asset->save()) {
-            $asset->logCheckin($target, e($request->input('note')));
-            event(new CheckoutableCheckedIn($asset, $target, Auth::user(), $request->input('note')));
+            event(new CheckoutableCheckedIn($asset, $target, Auth::user(), $request->input('note'), $checkin_at));

            return response()->json(Helper::formatStandardApiResponse('success', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkin.success')));
        }

-        return response()->json(Helper::formatStandardApiResponse('success', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkin.error')));
+        return response()->json(Helper::formatStandardApiResponse('error', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkin.error')));
+    }
+
+    /**
+     * Checkin an asset by asset tag
+     *
+     * @author [A. Janes] [<ajanes@adagiohealth.org>]
+     * @since [v6.0]
+     * @return JsonResponse
+     */
+    public function checkinByTag(Request $request)
+    {
+        $this->authorize('checkin', Asset::class);
+        $asset = Asset::where('asset_tag', $request->input('asset_tag'))->first();
+
+        if($asset) {
+            return $this->checkin($request, $asset->id);
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', [
+            'asset'=> e($request->input('asset_tag'))
+        ], 'Asset with tag '.e($request->input('asset_tag')).' not found'));
    }


@@ -800,15 +907,15 @@ class AssetsController extends Controller
     * @since [v4.0]
     * @return JsonResponse
     */
-    public function audit(Request $request) {
-
+    public function audit(Request $request)

+    {
        $this->authorize('audit', Asset::class);
-        $rules = array(
+        $rules = [
            'asset_tag' => 'required',
            'location_id' => 'exists:locations,id|nullable|numeric',
-            'next_audit_date' => 'date|nullable'
-        );
+            'next_audit_date' => 'date|nullable',
+        ];

        $validator = Validator::make($request->all(), $rules);
        if ($validator->fails()) {
@@ -818,7 +925,7 @@ class AssetsController extends Controller
        $settings = Setting::getSettings();
        $dt = Carbon::now()->addMonths($settings->audit_interval)->toDateString();

-        $asset = Asset::where('asset_tag','=', $request->input('asset_tag'))->first();
+        $asset = Asset::where('asset_tag', '=', $request->input('asset_tag'))->first();


        if ($asset) {
@@ -832,28 +939,24 @@ class AssetsController extends Controller

            // Check to see if they checked the box to update the physical location,
            // not just note it in the audit notes
-            if ($request->input('update_location')=='1') {
+            if ($request->input('update_location') == '1') {
                $asset->location_id = $request->input('location_id');
            }

            $asset->last_audit_date = date('Y-m-d H:i:s');

            if ($asset->save()) {
-                $log = $asset->logAudit(request('note'),request('location_id'));
+                $log = $asset->logAudit(request('note'), request('location_id'));
+
                return response()->json(Helper::formatStandardApiResponse('success', [
                    'asset_tag'=> e($asset->asset_tag),
                    'note'=> e($request->input('note')),
-                    'next_audit_date' => Helper::getFormattedDateObject($asset->next_audit_date)
+                    'next_audit_date' => Helper::getFormattedDateObject($asset->next_audit_date),
                ], trans('admin/hardware/message.audit.success')));
            }
        }

-        return response()->json(Helper::formatStandardApiResponse('error', ['asset_tag'=> e($request->input('asset_tag'))], 'Asset with tag '.$request->input('asset_tag').' not found'));
-
-
-
-
-
+        return response()->json(Helper::formatStandardApiResponse('error', ['asset_tag'=> e($request->input('asset_tag'))], 'Asset with tag '.e($request->input('asset_tag')).' not found'));
    }


@@ -869,14 +972,16 @@ class AssetsController extends Controller
    {
        $this->authorize('viewRequestable', Asset::class);

-        $assets = Company::scopeCompanyables(Asset::select('assets.*'),"company_id","assets")
+        $assets = Company::scopeCompanyables(Asset::select('assets.*'), 'company_id', 'assets')
            ->with('location', 'assetstatus', 'assetlog', 'company', 'defaultLoc','assignedTo',
-                'model.category', 'model.manufacturer', 'model.fieldset','supplier')->where('assets.requestable', '=', '1');
+                'model.category', 'model.manufacturer', 'model.fieldset', 'supplier')->requestableAssets();

        $offset = request('offset', 0);
        $limit = $request->input('limit', 50);
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
-        $assets->TextSearch($request->input('search'));
+        if ($request->filled('search')) {
+            $assets->TextSearch($request->input('search'));
+        }

        switch ($request->input('sort')) {
            case 'model':
@@ -896,9 +1001,9 @@ class AssetsController extends Controller
                break;
        }

-
        $total = $assets->count();
        $assets = $assets->skip($offset)->take($limit)->get();
+
        return (new AssetsTransformer)->transformRequestedAssets($assets, $total);
    }
 }
@@ -8,6 +8,7 @@ use App\Http\Transformers\CategoriesTransformer;
 use App\Http\Transformers\SelectlistTransformer;
 use App\Models\Category;
 use Illuminate\Http\Request;
+use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Storage;

 class CategoriesController extends Controller
@@ -22,10 +23,10 @@ class CategoriesController extends Controller
    public function index(Request $request)
    {
        $this->authorize('view', Category::class);
-        $allowed_columns = ['id', 'name','category_type', 'category_type','use_default_eula','eula_text', 'require_acceptance','checkin_email', 'assets_count', 'accessories_count', 'consumables_count', 'components_count','licenses_count', 'image'];
+        $allowed_columns = ['id', 'name', 'category_type', 'category_type', 'use_default_eula', 'eula_text', 'require_acceptance', 'checkin_email', 'assets_count', 'accessories_count', 'consumables_count', 'components_count', 'licenses_count', 'image'];

-        $categories = Category::select(['id', 'created_at', 'updated_at', 'name','category_type','use_default_eula','eula_text', 'require_acceptance','checkin_email','image'])
-            ->withCount('assets as assets_count', 'accessories as accessories_count', 'consumables as consumables_count', 'components as components_count','licenses as licenses_count');
+        $categories = Category::select(['id', 'created_at', 'updated_at', 'name', 'category_type', 'use_default_eula', 'eula_text', 'require_acceptance', 'checkin_email', 'image'])
+            ->withCount('assets as assets_count', 'accessories as accessories_count', 'consumables as consumables_count', 'components as components_count', 'licenses as licenses_count');

        if ($request->filled('search')) {
            $categories = $categories->TextSearch($request->input('search'));
@@ -44,6 +45,7 @@ class CategoriesController extends Controller

        $total = $categories->count();
        $categories = $categories->skip($offset)->take($limit)->get();
+
        return (new CategoriesTransformer)->transformCategories($categories, $total);

    }
@@ -54,14 +56,16 @@ class CategoriesController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest $request
     * @return \Illuminate\Http\Response
     */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
    {
        $this->authorize('create', Category::class);
        $category = new Category;
        $category->fill($request->all());
+        $category->category_type = strtolower($request->input('category_type'));
+        $category = $request->handleImages($category);

        if ($category->save()) {
            return response()->json(Helper::formatStandardApiResponse('success', $category, trans('admin/categories/message.create.success')));
@@ -92,15 +96,17 @@ class CategoriesController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest  $request
     * @param  int  $id
     * @return \Illuminate\Http\Response
     */
-    public function update(Request $request, $id)
+    public function update(ImageUploadRequest $request, $id)
    {
        $this->authorize('update', Category::class);
        $category = Category::findOrFail($id);
        $category->fill($request->all());
+        $category->category_type = strtolower($request->input('category_type'));
+        $category = $request->handleImages($category);

        if ($category->save()) {
            return response()->json(Helper::formatStandardApiResponse('success', $category, trans('admin/categories/message.update.success')));
@@ -122,14 +128,14 @@ class CategoriesController extends Controller
        $this->authorize('delete', Category::class);
        $category = Category::findOrFail($id);

-        if (!$category->isDeletable()) {
+        if (! $category->isDeletable()) {
            return response()->json(
-                Helper::formatStandardApiResponse('error', null,  trans('admin/categories/message.assoc_items', ['asset_type'=>$category->category_type]))
+                Helper::formatStandardApiResponse('error', null, trans('admin/categories/message.assoc_items', ['asset_type'=>$category->category_type]))
            );
        }
        $category->delete();
-        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/categories/message.delete.success')));

+        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/categories/message.delete.success')));
    }


@@ -139,11 +145,10 @@ class CategoriesController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0.16]
     * @see \App\Http\Transformers\SelectlistTransformer
-     *
     */
    public function selectlist(Request $request, $category_type = 'asset')
    {
-
+        $this->authorize('view.selectlists');
        $categories = Category::select([
            'id',
            'name',
@@ -164,7 +169,5 @@ class CategoriesController extends Controller
        }

        return (new SelectlistTransformer)->transformSelectlist($categories);
-
    }
-
 }
@@ -8,6 +8,7 @@ use App\Http\Transformers\CompaniesTransformer;
 use App\Http\Transformers\SelectlistTransformer;
 use App\Models\Company;
 use Illuminate\Http\Request;
+use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Storage;

 class CompaniesController extends Controller
@@ -36,7 +37,7 @@ class CompaniesController extends Controller
            'components_count',
        ];

-        $companies = Company::withCount('assets as assets_count','licenses as licenses_count','accessories as accessories_count','consumables as consumables_count','components as components_count','users as users_count');
+        $companies = Company::withCount('assets as assets_count', 'licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count', 'components as components_count', 'users as users_count');

        if ($request->filled('search')) {
            $companies->TextSearch($request->input('search'));
@@ -65,21 +66,22 @@ class CompaniesController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest $request
     * @return \Illuminate\Http\Response
     */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
    {
        $this->authorize('create', Company::class);
        $company = new Company;
        $company->fill($request->all());
-
+        $company = $request->handleImages($company);
+        
        if ($company->save()) {
            return response()->json(Helper::formatStandardApiResponse('success', (new CompaniesTransformer)->transformCompany($company), trans('admin/companies/message.create.success')));
        }
+
        return response()
            ->json(Helper::formatStandardApiResponse('error', null, $company->getErrors()));
-
    }

    /**
@@ -104,15 +106,16 @@ class CompaniesController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest  $request
     * @param  int  $id
     * @return \Illuminate\Http\Response
     */
-    public function update(Request $request, $id)
+    public function update(ImageUploadRequest $request, $id)
    {
        $this->authorize('update', Company::class);
        $company = Company::findOrFail($id);
        $company->fill($request->all());
+        $company = $request->handleImages($company);

        if ($company->save()) {
            return response()
@@ -137,13 +140,14 @@ class CompaniesController extends Controller
        $company = Company::findOrFail($id);
        $this->authorize('delete', $company);

-        if ( !$company->isDeletable() ) {
+        if (! $company->isDeletable()) {
            return response()
-                    ->json(Helper::formatStandardApiResponse('error', null,  trans('admin/companies/message.assoc_users')));
+                    ->json(Helper::formatStandardApiResponse('error', null, trans('admin/companies/message.assoc_users')));
        }
        $company->delete();
+
        return response()
-            ->json(Helper::formatStandardApiResponse('success', null,  trans('admin/companies/message.delete.success')));
+            ->json(Helper::formatStandardApiResponse('success', null, trans('admin/companies/message.delete.success')));
    }

    /**
@@ -152,11 +156,10 @@ class CompaniesController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0.16]
     * @see \App\Http\Transformers\SelectlistTransformer
-     *
     */
    public function selectlist(Request $request)
    {
-
+        $this->authorize('view.selectlists');
        $companies = Company::select([
            'companies.id',
            'companies.name',
@@ -8,6 +8,10 @@ use App\Http\Transformers\ComponentsTransformer;
 use App\Models\Company;
 use App\Models\Component;
 use Illuminate\Http\Request;
+use App\Http\Requests\ImageUploadRequest;
+use App\Events\CheckoutableCheckedIn;
+use App\Events\ComponentCheckedIn;
+use App\Models\Asset;

 class ComponentsController extends Controller
 {
@@ -22,23 +26,45 @@ class ComponentsController extends Controller
    public function index(Request $request)
    {
        $this->authorize('view', Component::class);
+
+        // This array is what determines which fields should be allowed to be sorted on ON the table itself, no relations
+        // Relations will be handled in query scopes a little further down.
+        $allowed_columns = 
+            [
+                'id',
+                'name',
+                'min_amt',
+                'order_number',
+                'serial',
+                'purchase_date',
+                'purchase_cost',
+                'qty',
+                'image',
+                'notes',
+            ];
+
+
        $components = Company::scopeCompanyables(Component::select('components.*')
-            ->with('company', 'location', 'category'));
+            ->with('company', 'location', 'category', 'assets'));

        if ($request->filled('search')) {
            $components = $components->TextSearch($request->input('search'));
        }

        if ($request->filled('company_id')) {
-            $components->where('company_id','=',$request->input('company_id'));
+            $components->where('company_id', '=', $request->input('company_id'));
        }

        if ($request->filled('category_id')) {
-            $components->where('category_id','=',$request->input('category_id'));
+            $components->where('category_id', '=', $request->input('category_id'));
        }

        if ($request->filled('location_id')) {
-            $components->where('location_id','=',$request->input('location_id'));
+            $components->where('location_id', '=', $request->input('location_id'));
+        }
+
+        if ($request->filled('notes')) {
+            $components->where('notes','=',$request->input('notes'));
        }

        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
@@ -48,11 +74,12 @@ class ComponentsController extends Controller
        // Check to make sure the limit is not higher than the max allowed
        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');

-        $allowed_columns = ['id','name','min_amt','order_number','serial','purchase_date','purchase_cost','company','category','qty','location','image'];
+        
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+        $sort_override =  $request->input('sort');
+        $column_sort = in_array($sort_override, $allowed_columns) ? $sort_override : 'created_at';

-        switch ($sort) {
+        switch ($sort_override) {
            case 'category':
                $components = $components->OrderCategory($order);
                break;
@@ -63,12 +90,13 @@ class ComponentsController extends Controller
                $components = $components->OrderCompany($order);
                break;
            default:
-                $components = $components->orderBy($sort, $order);
+                $components = $components->orderBy($column_sort, $order);
                break;
        }

        $total = $components->count();
        $components = $components->skip($offset)->take($limit)->get();
+
        return (new ComponentsTransformer)->transformComponents($components, $total);
    }

@@ -78,18 +106,20 @@ class ComponentsController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest  $request
     * @return \Illuminate\Http\Response
     */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
    {
        $this->authorize('create', Component::class);
        $component = new Component;
        $component->fill($request->all());
+        $component = $request->handleImages($component);

        if ($component->save()) {
            return response()->json(Helper::formatStandardApiResponse('success', $component, trans('admin/components/message.create.success')));
        }
+
        return response()->json(Helper::formatStandardApiResponse('error', null, $component->getErrors()));
    }

@@ -110,21 +140,22 @@ class ComponentsController extends Controller
        }
    }

-
    /**
     * Update the specified resource in storage.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param   \App\Http\Requests\ImageUploadRequest  $request
     * @param  int  $id
     * @return \Illuminate\Http\Response
     */
-    public function update(Request $request, $id)
+    public function update(ImageUploadRequest $request, $id)
    {
        $this->authorize('update', Component::class);
        $component = Component::findOrFail($id);
        $component->fill($request->all());
+        $component = $request->handleImages($component);
+        

        if ($component->save()) {
            return response()->json(Helper::formatStandardApiResponse('success', $component, trans('admin/components/message.update.success')));
@@ -147,6 +178,7 @@ class ComponentsController extends Controller
        $component = Component::findOrFail($id);
        $this->authorize('delete', $component);
        $component->delete();
+
        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/components/message.delete.success')));
    }

@@ -170,6 +202,122 @@ class ComponentsController extends Controller
        $limit = $request->input('limit', 50);
        $total = $assets->count();
        $assets = $assets->skip($offset)->take($limit)->get();
+
        return (new ComponentsTransformer)->transformCheckedoutComponents($assets, $total);
    }
+
+
+    /**
+     * Validate and checkout the component.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * t
+     * @since [v5.1.8]
+     * @param Request $request
+     * @param int $componentId
+     * @return \Illuminate\Http\RedirectResponse
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function checkout(Request $request, $componentId)
+    {
+        // Check if the component exists
+        if (is_null($component = Component::find($componentId))) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/components/message.does_not_exist')));
+        }
+
+        $this->authorize('checkout', $component);
+
+
+        if ($component->numRemaining() >= $request->get('assigned_qty')) {
+
+            if (!$asset = Asset::find($request->input('assigned_to'))) {
+                return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')));
+            }
+
+            // Update the accessory data
+            $component->assigned_to = $request->input('assigned_to');
+
+            $component->assets()->attach($component->id, [
+                'component_id' => $component->id,
+                'created_at' => \Carbon::now(),
+                'assigned_qty' => $request->get('assigned_qty', 1),
+                'user_id' => \Auth::id(),
+                'asset_id' => $request->get('assigned_to')
+            ]);
+
+            $component->logCheckout($request->input('note'), $asset);
+
+            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/components/message.checkout.success')));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, 'Not enough components remaining: '.$component->numRemaining().' remaining, '.$request->get('assigned_qty').' requested.'));
+    }
+
+    /**
+     * Validate and store checkin data.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v5.1.8]
+     * @param Request $request
+     * @param $component_asset_id
+     * @return \Illuminate\Http\RedirectResponse
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function checkin(Request $request, $component_asset_id)
+    {
+        if ($component_assets = \DB::table('components_assets')->find($component_asset_id)) {
+
+            if (is_null($component = Component::find($component_assets->component_id))) {
+
+                return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/components/message.not_found')));
+            }
+
+            $this->authorize('checkin', $component);
+
+            $max_to_checkin = $component_assets->assigned_qty;
+
+            if ($max_to_checkin > 1) {
+                
+                $validator = \Validator::make($request->all(), [
+                    "checkin_qty" => "required|numeric|between:1,$max_to_checkin"
+                ]);
+    
+                if ($validator->fails()) {
+                    return response()->json(Helper::formatStandardApiResponse('error', null, 'Checkin quantity must be between 1 and '.$max_to_checkin));
+                }
+            }
+            
+
+            // Validation passed, so let's figure out what we have to do here.
+            $qty_remaining_in_checkout = ($component_assets->assigned_qty - (int)$request->input('checkin_qty', 1));
+
+            // We have to modify the record to reflect the new qty that's
+            // actually checked out.
+            $component_assets->assigned_qty = $qty_remaining_in_checkout;
+
+            \Log::debug($component_asset_id.' - '.$qty_remaining_in_checkout.' remaining in record '.$component_assets->id);
+            
+            \DB::table('components_assets')->where('id',
+                $component_asset_id)->update(['assigned_qty' => $qty_remaining_in_checkout]);
+
+            // If the checked-in qty is exactly the same as the assigned_qty,
+            // we can simply delete the associated components_assets record
+            if ($qty_remaining_in_checkout == 0) {
+                \DB::table('components_assets')->where('id', '=', $component_asset_id)->delete();
+            }
+            
+
+            $asset = Asset::find($component_assets->asset_id);
+
+            event(new CheckoutableCheckedIn($component, $asset, \Auth::user(), $request->input('note'), \Carbon::now()));
+
+            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/components/message.checkin.success')));
+
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, 'No matching checkouts for that component join record'));
+
+    
+    }
+
 }
@@ -10,6 +10,7 @@ use App\Models\Company;
 use App\Models\Consumable;
 use App\Models\User;
 use Illuminate\Http\Request;
+use App\Http\Requests\ImageUploadRequest;

 class ConsumablesController extends Controller
 {
@@ -24,6 +25,27 @@ class ConsumablesController extends Controller
    public function index(Request $request)
    {
        $this->authorize('index', Consumable::class);
+
+        // This array is what determines which fields should be allowed to be sorted on ON the table itself, no relations
+        // Relations will be handled in query scopes a little further down.
+        $allowed_columns = 
+            [
+                'id',
+                'name',
+                'order_number',
+                'min_amt',
+                'purchase_date',
+                'purchase_cost',
+                'company',
+                'category',
+                'model_number', 
+                'item_no', 
+                'qty',
+                'image',
+                'notes',
+                ];
+
+
        $consumables = Company::scopeCompanyables(
            Consumable::select('consumables.*')
                ->with('company', 'location', 'category', 'users', 'manufacturer')
@@ -34,15 +56,27 @@ class ConsumablesController extends Controller
        }

        if ($request->filled('company_id')) {
-            $consumables->where('company_id','=',$request->input('company_id'));
+            $consumables->where('company_id', '=', $request->input('company_id'));
        }

        if ($request->filled('category_id')) {
-            $consumables->where('category_id','=',$request->input('category_id'));
+            $consumables->where('category_id', '=', $request->input('category_id'));
+        }
+
+        if ($request->filled('model_number')) {
+            $consumables->where('model_number','=',$request->input('model_number'));
        }

        if ($request->filled('manufacturer_id')) {
-            $consumables->where('manufacturer_id','=',$request->input('manufacturer_id'));
+            $consumables->where('manufacturer_id', '=', $request->input('manufacturer_id'));
+        }
+
+        if ($request->filled('location_id')) {
+            $consumables->where('location_id','=',$request->input('location_id'));
+        }
+
+        if ($request->filled('notes')) {
+            $consumables->where('notes','=',$request->input('notes'));
        }


@@ -53,12 +87,14 @@ class ConsumablesController extends Controller
        // Check to make sure the limit is not higher than the max allowed
        ((config('app.max_results') >= $request->input('limit')) && ($request->filled('limit'))) ? $limit = $request->input('limit') : $limit = config('app.max_results');

-        $allowed_columns = ['id','name','order_number','min_amt','purchase_date','purchase_cost','company','category','model_number', 'item_no', 'manufacturer','location','qty','image'];
+        $allowed_columns = ['id', 'name', 'order_number', 'min_amt', 'purchase_date', 'purchase_cost', 'company', 'category', 'model_number', 'item_no', 'manufacturer', 'location', 'qty', 'image'];
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
+
+        $sort_override =  $request->input('sort');
+        $column_sort = in_array($sort_override, $allowed_columns) ? $sort_override : 'created_at';


-        switch ($sort) {
+        switch ($sort_override) {
            case 'category':
                $consumables = $consumables->OrderCategory($order);
                break;
@@ -72,36 +108,35 @@ class ConsumablesController extends Controller
                $consumables = $consumables->OrderCompany($order);
                break;
            default:
-                $consumables = $consumables->orderBy($sort, $order);
+                $consumables = $consumables->orderBy($column_sort, $order);
                break;
        }

-
-
        $total = $consumables->count();
        $consumables = $consumables->skip($offset)->take($limit)->get();
+
        return (new ConsumablesTransformer)->transformConsumables($consumables, $total);
-
    }

-
    /**
     * Store a newly created resource in storage.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
-     * @param  \Illuminate\Http\Request $request
+     * @param  \App\Http\Requests\ImageUploadRequest $request
     * @return \Illuminate\Http\Response
     */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
    {
        $this->authorize('create', Consumable::class);
        $consumable = new Consumable;
        $consumable->fill($request->all());
+        $consumable = $request->handleImages($consumable);

        if ($consumable->save()) {
            return response()->json(Helper::formatStandardApiResponse('success', $consumable, trans('admin/consumables/message.create.success')));
        }
+
        return response()->json(Helper::formatStandardApiResponse('error', null, $consumable->getErrors()));
    }

@@ -116,25 +151,26 @@ class ConsumablesController extends Controller
    {
        $this->authorize('view', Consumable::class);
        $consumable = Consumable::findOrFail($id);
+
        return (new ConsumablesTransformer)->transformConsumable($consumable);
    }

-
    /**
     * Update the specified resource in storage.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
-     * @param  \Illuminate\Http\Request $request
+     * @param  \App\Http\Requests\ImageUploadRequest $request
     * @param  int $id
     * @return \Illuminate\Http\Response
     */
-    public function update(Request $request, $id)
+    public function update(ImageUploadRequest $request, $id)
    {
        $this->authorize('update', Consumable::class);
        $consumable = Consumable::findOrFail($id);
        $consumable->fill($request->all());
-
+        $consumable = $request->handleImages($consumable);
+        
        if ($consumable->save()) {
            return response()->json(Helper::formatStandardApiResponse('success', $consumable, trans('admin/consumables/message.update.success')));
        }
@@ -156,7 +192,8 @@ class ConsumablesController extends Controller
        $consumable = Consumable::findOrFail($id);
        $this->authorize('delete', $consumable);
        $consumable->delete();
-        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/consumables/message.delete.success')));
+
+        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/consumables/message.delete.success')));
    }

    /**
@@ -170,21 +207,20 @@ class ConsumablesController extends Controller
     */
    public function getDataView($consumableId)
    {
-        $consumable = Consumable::with(array('consumableAssignments'=>
-        function ($query) {
+        $consumable = Consumable::with(['consumableAssignments'=> function ($query) {
            $query->orderBy($query->getModel()->getTable().'.created_at', 'DESC');
        },
        'consumableAssignments.admin'=> function ($query) {
        },
        'consumableAssignments.user'=> function ($query) {
        },
-        ))->find($consumableId);
+        ])->find($consumableId);

-        if (!Company::isCurrentUserHasAccess($consumable)) {
+        if (! Company::isCurrentUserHasAccess($consumable)) {
            return ['total' => 0, 'rows' => []];
        }
        $this->authorize('view', Consumable::class);
-        $rows = array();
+        $rows = [];

        foreach ($consumable->consumableAssignments as $consumable_assignment) {
            $rows[] = [
@@ -195,7 +231,8 @@ class ConsumablesController extends Controller
        }

        $consumableCount = $consumable->users->count();
-        $data = array('total' => $consumableCount, 'rows' => $rows);
+        $data = ['total' => $consumableCount, 'rows' => $rows];
+
        return $data;
    }

@@ -231,7 +268,7 @@ class ConsumablesController extends Controller
            $consumable->users()->attach($consumable->id, [
                'consumable_id' => $consumable->id,
                'user_id' => $user->id,
-                'assigned_to' => $assigned_to
+                'assigned_to' => $assigned_to,
            ]);

            // Log checkout event
@@ -244,7 +281,7 @@ class ConsumablesController extends Controller
            $data['note'] = $logaction->note;
            $data['require_acceptance'] = $consumable->requireAcceptance();

-            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/consumables/message.checkout.success')));
+            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/consumables/message.checkout.success')));
        }

        return response()->json(Helper::formatStandardApiResponse('error', null, 'No consumables remaining'));
@@ -254,14 +291,12 @@ class ConsumablesController extends Controller
    * Gets a paginated collection for the select2 menus
    *
    * @see \App\Http\Transformers\SelectlistTransformer
-    *
    */
    public function selectlist(Request $request)
    {
-
        $consumables = Consumable::select([
            'consumables.id',
-            'consumables.name'
+            'consumables.name',
        ]);

        if ($request->filled('search')) {
@@ -270,7 +305,6 @@ class ConsumablesController extends Controller

        $consumables = $consumables->orderBy('name', 'ASC')->paginate(50);

-
        return (new SelectlistTransformer)->transformSelectlist($consumables);
    }
 }
@@ -18,26 +18,26 @@ class CustomFieldsController extends Controller
     * @author [Brady Wetherington] [<uberbrady@gmail.com>]
     * @param  int  $id
     * @since [v3.0]
-     * @return Array
+     * @return array
     */
-
    public function index()
    {
        $this->authorize('index', CustomField::class);
        $fields = CustomField::get();
+
        return (new CustomFieldsTransformer)->transformCustomFields($fields, $fields->count());
    }

    /**
-    * Shows the given field
-    * @author [V. Cordes] [<volker@fdatek.de>]
-    * @param int $id
-    * @since [v4.1.10]
-    * @return View
-    */
+     * Shows the given field
+     * @author [V. Cordes] [<volker@fdatek.de>]
+     * @param int $id
+     * @since [v4.1.10]
+     * @return View
+     */
    public function show($id)
    {
-      $this->authorize('view', CustomField::class);
+        $this->authorize('view', CustomField::class);
        if ($field = CustomField::find($id)) {
            return (new CustomFieldsTransformer)->transformCustomField($field);
        }
@@ -45,7 +45,7 @@ class CustomFieldsController extends Controller
        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/custom_fields/message.field.invalid')), 200);
    }

-     /**
+    /**
     * Update the specified field
     *
     * @author [V. Cordes] [<volker@fdatek.de>]
@@ -80,7 +80,6 @@ class CustomFieldsController extends Controller
        return response()->json(Helper::formatStandardApiResponse('error', null, $field->getErrors()));
    }

-
    /**
     * Store a newly created field.
     *
@@ -96,9 +95,9 @@ class CustomFieldsController extends Controller

        $data = $request->all();
        $regex_format = null;
-        
-        if (str_contains($data["format"], "regex:")){
-            $regex_format = $data["format"];
+
+        if (str_contains($data['format'], 'regex:')) {
+            $regex_format = $data['format'];
        }

        $validator = Validator::make($data, $field->validationRules($regex_format));
@@ -111,8 +110,8 @@ class CustomFieldsController extends Controller
        if ($field->save()) {
            return response()->json(Helper::formatStandardApiResponse('success', $field, trans('admin/custom_fields/message.field.create.success')));
        }
-        return response()->json(Helper::formatStandardApiResponse('error', null, $field->getErrors()));

+        return response()->json(Helper::formatStandardApiResponse('error', null, $field->getErrors()));
    }

    public function postReorder(Request $request, $id)
@@ -121,8 +120,8 @@ class CustomFieldsController extends Controller

        $this->authorize('update', $fieldset);

-        $fields = array();
-        $order_array = array();
+        $fields = [];
+        $order_array = [];

        $items = $request->input('item');

@@ -135,7 +134,6 @@ class CustomFieldsController extends Controller
        }

        return $fieldset->fields()->sync($fields);
-
    }

    public function associate(Request $request, $field_id)
@@ -152,7 +150,8 @@ class CustomFieldsController extends Controller
        }

        $fieldset = CustomFieldset::findOrFail($fieldset_id);
-        $fieldset->fields()->attach($field->id, ["required" => ($request->input('required') == "on"), "order" => $request->input('order', $fieldset->fields->count())]);
+        $fieldset->fields()->attach($field->id, ['required' => ($request->input('required') == 'on'), 'order' => $request->input('order', $fieldset->fields->count())]);
+
        return response()->json(Helper::formatStandardApiResponse('success', $fieldset, trans('admin/custom_fields/message.fieldset.update.success')));
    }

@@ -166,10 +165,12 @@ class CustomFieldsController extends Controller
        foreach ($field->fieldset as $fieldset) {
            if ($fieldset->id == $fieldset_id) {
                $fieldset->fields()->detach($field->id);
+
                return response()->json(Helper::formatStandardApiResponse('success', $fieldset, trans('admin/custom_fields/message.fieldset.update.success')));
            }
        }
        $fieldset = CustomFieldset::findOrFail($fieldset_id);
+
        return response()->json(Helper::formatStandardApiResponse('success', $fieldset, trans('admin/custom_fields/message.fieldset.update.success')));
    }

@@ -186,13 +187,12 @@ class CustomFieldsController extends Controller

        $this->authorize('delete', $field);

-        if ($field->fieldset->count() >0) {
+        if ($field->fieldset->count() > 0) {
            return response()->json(Helper::formatStandardApiResponse('error', null, 'Field is in use.'));
        }

        $field->delete();
-        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/custom_fields/message.field.delete.success')));

+        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/custom_fields/message.field.delete.success')));
    }
-
 }
@@ -1,4 +1,5 @@
 <?php
+
 namespace App\Http\Controllers\Api;

 use App\Helpers\Helper;
@@ -20,47 +21,43 @@ use View;
 * @author [Brady Wetherington] [<uberbrady@gmail.com>]
 * @author [Josh Gibson]
 */
-
 class CustomFieldsetsController extends Controller
 {
-
    /**
-    * Shows the given fieldset and its fields
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @author [Josh Gibson]
-    * @param int $id
-    * @since [v1.8]
-    * @return View
-    */
+     * Shows the given fieldset and its fields
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @author [Josh Gibson]
+     * @param int $id
+     * @since [v1.8]
+     * @return View
+     */
    public function index()
    {
        $this->authorize('index', CustomFieldset::class);
        $fieldsets = CustomFieldset::withCount('fields as fields_count', 'models as models_count')->get();
-        return (new CustomFieldsetsTransformer)->transformCustomFieldsets($fieldsets, $fieldsets->count());

+        return (new CustomFieldsetsTransformer)->transformCustomFieldsets($fieldsets, $fieldsets->count());
    }

    /**
-    * Shows the given fieldset and its fields
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @author [Josh Gibson]
-    * @param int $id
-    * @since [v1.8]
-    * @return View
-    */
+     * Shows the given fieldset and its fields
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @author [Josh Gibson]
+     * @param int $id
+     * @since [v1.8]
+     * @return View
+     */
    public function show($id)
    {
-      $this->authorize('view', CustomFieldset::class);
+        $this->authorize('view', CustomFieldset::class);
        if ($fieldset = CustomFieldset::find($id)) {
            return (new CustomFieldsetsTransformer)->transformCustomFieldset($fieldset);
        }

        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/custom_fields/message.fieldset.does_not_exist')), 200);
-
    }

-
-     /**
+    /**
     * Update the specified resource in storage.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
@@ -82,7 +79,6 @@ class CustomFieldsetsController extends Controller
        return response()->json(Helper::formatStandardApiResponse('error', null, $fieldset->getErrors()));
    }

-
    /**
     * Store a newly created resource in storage.
     *
@@ -100,11 +96,10 @@ class CustomFieldsetsController extends Controller
        if ($fieldset->save()) {
            return response()->json(Helper::formatStandardApiResponse('success', $fieldset, trans('admin/custom_fields/message.fieldset.create.success')));
        }
+
        return response()->json(Helper::formatStandardApiResponse('error', null, $fieldset->getErrors()));
-
    }

-
    /**
     * Delete a custom fieldset.
     *
@@ -120,18 +115,15 @@ class CustomFieldsetsController extends Controller
        $modelsCount = $fieldset->models->count();
        $fieldsCount = $fieldset->fields->count();

-        if (($modelsCount > 0) || ($fieldsCount > 0) ){
+        if (($modelsCount > 0) || ($fieldsCount > 0)) {
            return response()->json(Helper::formatStandardApiResponse('error', null, 'Fieldset is in use.'));
        }

-         if ($fieldset->delete()) {
-             return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/custom_fields/message.fieldset.delete.success')));
-         }
+        if ($fieldset->delete()) {
+            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/custom_fields/message.fieldset.delete.success')));
+        }

        return response()->json(Helper::formatStandardApiResponse('error', null, 'Unspecified error'));
-
-
-
    }

    /**
@@ -147,6 +139,7 @@ class CustomFieldsetsController extends Controller
        $this->authorize('view', CustomFieldset::class);
        $set = CustomFieldset::findOrFail($id);
        $fields = $set->fields;
+
        return (new CustomFieldsTransformer)->transformCustomFields($fields, $fields->count());
    }

@@ -6,9 +6,11 @@ use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Http\Transformers\DepartmentsTransformer;
 use App\Http\Transformers\SelectlistTransformer;
+use App\Models\Company;
 use App\Models\Department;
 use Auth;
 use Illuminate\Http\Request;
+use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Storage;

 class DepartmentsController extends Controller
@@ -23,9 +25,9 @@ class DepartmentsController extends Controller
    public function index(Request $request)
    {
        $this->authorize('view', Department::class);
-        $allowed_columns = ['id','name','image','users_count'];
+        $allowed_columns = ['id', 'name', 'image', 'users_count'];

-        $departments = Department::select([
+        $departments = Company::scopeCompanyables(Department::select(
            'departments.id',
            'departments.name',
            'departments.location_id',
@@ -33,8 +35,8 @@ class DepartmentsController extends Controller
            'departments.manager_id',
            'departments.created_at',
            'departments.updated_at',
-            'departments.image'
-        ])->with('users')->with('location')->with('manager')->with('company')->withCount('users as users_count');
+            'departments.image'),
+             "company_id", "departments")->with('users')->with('location')->with('manager')->with('company')->withCount('users as users_count');

        if ($request->filled('search')) {
            $departments = $departments->TextSearch($request->input('search'));
@@ -73,16 +75,18 @@ class DepartmentsController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest  $request
     * @return \Illuminate\Http\Response
     */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
    {
        $this->authorize('create', Department::class);
        $department = new Department;
        $department->fill($request->all());
+        $department = $request->handleImages($department);
+
        $department->user_id = Auth::user()->id;
-        $department->manager_id = ($request->filled('manager_id' ) ? $request->input('manager_id') : null);
+        $department->manager_id = ($request->filled('manager_id') ? $request->input('manager_id') : null);

        if ($department->save()) {
            return response()->json(Helper::formatStandardApiResponse('success', $department, trans('admin/departments/message.create.success')));
@@ -103,6 +107,7 @@ class DepartmentsController extends Controller
    {
        $this->authorize('view', Department::class);
        $department = Department::findOrFail($id);
+
        return (new DepartmentsTransformer)->transformDepartment($department);
    }

@@ -111,15 +116,16 @@ class DepartmentsController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v5.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest  $request
     * @param  int  $id
     * @return \Illuminate\Http\Response
     */
-    public function update(Request $request, $id)
+    public function update(ImageUploadRequest $request, $id)
    {
        $this->authorize('update', Department::class);
        $department = Department::findOrFail($id);
        $department->fill($request->all());
+        $department = $request->handleImages($department);

        if ($department->save()) {
            return response()->json(Helper::formatStandardApiResponse('success', $department, trans('admin/departments/message.update.success')));
@@ -129,7 +135,6 @@ class DepartmentsController extends Controller
    }


-
    /**
     * Validates and deletes selected department.
     *
@@ -159,11 +164,11 @@ class DepartmentsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0.16]
     * @see \App\Http\Transformers\SelectlistTransformer
-     *
     */
    public function selectlist(Request $request)
    {

+        $this->authorize('view.selectlists');
        $departments = Department::select([
            'id',
            'name',
@@ -184,7 +189,5 @@ class DepartmentsController extends Controller
        }

        return (new SelectlistTransformer)->transformSelectlist($departments);
-
    }
-
 }
@@ -20,9 +20,9 @@ class DepreciationsController extends Controller
    public function index(Request $request)
    {
        $this->authorize('view', Depreciation::class);
-        $allowed_columns = ['id','name','months','created_at'];
+        $allowed_columns = ['id','name','months','depreciation_min','created_at'];

-        $depreciations = Depreciation::select('id','name','months','user_id','created_at','updated_at');
+        $depreciations = Depreciation::select('id','name','months','depreciation_min','user_id','created_at','updated_at');

        if ($request->filled('search')) {
            $depreciations = $depreciations->TextSearch($request->input('search'));
@@ -41,10 +41,10 @@ class DepreciationsController extends Controller

        $total = $depreciations->count();
        $depreciations = $depreciations->skip($offset)->take($limit)->get();
+
        return (new DepreciationsTransformer)->transformDepreciations($depreciations, $total);
    }

-
    /**
     * Store a newly created resource in storage.
     *
@@ -62,8 +62,8 @@ class DepreciationsController extends Controller
        if ($depreciation->save()) {
            return response()->json(Helper::formatStandardApiResponse('success', $depreciation, trans('admin/depreciations/message.create.success')));
        }
-        return response()->json(Helper::formatStandardApiResponse('error', null, $depreciation->getErrors()));

+        return response()->json(Helper::formatStandardApiResponse('error', null, $depreciation->getErrors()));
    }

    /**
@@ -78,10 +78,10 @@ class DepreciationsController extends Controller
    {
        $this->authorize('view', Depreciation::class);
        $depreciation = Depreciation::findOrFail($id);
+
        return (new DepreciationsTransformer)->transformDepreciation($depreciation);
    }

-
    /**
     * Update the specified resource in storage.
     *
@@ -123,10 +123,7 @@ class DepreciationsController extends Controller
        }

        $depreciation->delete();
-        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/depreciations/message.delete.success')));

+        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/depreciations/message.delete.success')));
    }
-
-
-
 }
@@ -20,9 +20,9 @@ class GroupsController extends Controller
    public function index(Request $request)
    {
        $this->authorize('view', Group::class);
-        $allowed_columns = ['id','name','created_at', 'users_count'];
+        $allowed_columns = ['id', 'name', 'created_at', 'users_count'];

-        $groups = Group::select('id','name','permissions','created_at','updated_at')->withCount('users as users_count');
+        $groups = Group::select('id', 'name', 'permissions', 'created_at', 'updated_at')->withCount('users as users_count');

        if ($request->filled('search')) {
            $groups = $groups->TextSearch($request->input('search'));
@@ -41,10 +41,10 @@ class GroupsController extends Controller

        $total = $groups->count();
        $groups = $groups->skip($offset)->take($limit)->get();
+
        return (new GroupsTransformer)->transformGroups($groups, $total);
    }

-
    /**
     * Store a newly created resource in storage.
     *
@@ -62,8 +62,8 @@ class GroupsController extends Controller
        if ($group->save()) {
            return response()->json(Helper::formatStandardApiResponse('success', $group, trans('admin/groups/message.create.success')));
        }
-        return response()->json(Helper::formatStandardApiResponse('error', null, $group->getErrors()));

+        return response()->json(Helper::formatStandardApiResponse('error', null, $group->getErrors()));
    }

    /**
@@ -78,10 +78,10 @@ class GroupsController extends Controller
    {
        $this->authorize('view', Group::class);
        $group = Group::findOrFail($id);
+
        return (new GroupsTransformer)->transformGroup($group);
    }

-
    /**
     * Update the specified resource in storage.
     *
@@ -118,9 +118,7 @@ class GroupsController extends Controller
        $group = Group::findOrFail($id);
        $this->authorize('delete', $group);
        $group->delete();
-        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/groups/message.delete.success')));

+        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/groups/message.delete.success')));
    }
-
-
 }
@@ -27,8 +27,8 @@ class ImportController extends Controller
    {
        $this->authorize('import');
        $imports = Import::latest()->get();
-        return (new ImportsTransformer)->transformImports($imports);

+        return (new ImportsTransformer)->transformImports($imports);
    }

    /**
@@ -40,27 +40,28 @@ class ImportController extends Controller
    public function store()
    {
        $this->authorize('import');
-        if (!config('app.lock_passwords')) {
+        if (! config('app.lock_passwords')) {
            $files = Request::file('files');
            $path = config('app.private_uploads').'/imports';
            $results = [];
            $import = new Import;
            foreach ($files as $file) {
-                if (!in_array($file->getMimeType(), array(
+                if (! in_array($file->getMimeType(), [
                    'application/vnd.ms-excel',
                    'text/csv',
                    'application/csv',
                    'text/x-Algol68', // because wtf CSV files?
                    'text/plain',
                    'text/comma-separated-values',
-                    'text/tsv'))) {
-                    $results['error']='File type must be CSV. Uploaded file is '.$file->getMimeType();
+                    'text/tsv', ])) {
+                    $results['error'] = 'File type must be CSV. Uploaded file is '.$file->getMimeType();
+
                    return response()->json(Helper::formatStandardApiResponse('error', null, $results['error']), 500);
                }

                //TODO: is there a lighter way to do this?
-                if (! ini_get("auto_detect_line_endings")) {
-                    ini_set("auto_detect_line_endings", '1');
+                if (! ini_get('auto_detect_line_endings')) {
+                    ini_set('auto_detect_line_endings', '1');
                }
                $reader = Reader::createFromFileObject($file->openFile('r')); //file pointer leak?
                $import->header_row = $reader->fetchOne(0);
@@ -68,20 +69,20 @@ class ImportController extends Controller
                //duplicate headers check
                $duplicate_headers = [];

-                for($i = 0; $i<count($import->header_row); $i++) {
+                for ($i = 0; $i < count($import->header_row); $i++) {
                    $header = $import->header_row[$i];
-                    if(in_array($header, $import->header_row)) {
+                    if (in_array($header, $import->header_row)) {
                        $found_at = array_search($header, $import->header_row);
-                        if($i > $found_at) {
+                        if ($i > $found_at) {
                            //avoid reporting duplicates twice, e.g. "1 is same as 17! 17 is same as 1!!!"
                            //as well as "1 is same as 1!!!" (which is always true)
                            //has to be > because otherwise the first result of array_search will always be $i itself(!)
-                            array_push($duplicate_headers,"Duplicate header '$header' detected, first at column: ".($found_at+1).", repeats at column: ".($i+1));
+                            array_push($duplicate_headers, "Duplicate header '$header' detected, first at column: ".($found_at + 1).', repeats at column: '.($i + 1));
                        }
                    }
                }
-                if(count($duplicate_headers) > 0) {
-                    return response()->json(Helper::formatStandardApiResponse('error',null, implode("; ",$duplicate_headers)), 500); //should this be '4xx'?
+                if (count($duplicate_headers) > 0) {
+                    return response()->json(Helper::formatStandardApiResponse('error', null, implode('; ', $duplicate_headers)), 500); //should this be '4xx'?
                }

                // Grab the first row to display via ajax as the user picks fields
@@ -92,10 +93,11 @@ class ImportController extends Controller
                try {
                    $file->move($path, $date.'-'.$fixed_filename);
                } catch (FileException $exception) {
-                    $results['error']=trans('admin/hardware/message.upload.error');
+                    $results['error'] = trans('admin/hardware/message.upload.error');
                    if (config('app.debug')) {
-                        $results['error'].= ' ' . $exception->getMessage();
+                        $results['error'] .= ' '.$exception->getMessage();
                    }
+
                    return response()->json(Helper::formatStandardApiResponse('error', null, $results['error']), 500);
                }
                $file_name = date('Y-m-d-his').'-'.$fixed_filename;
@@ -105,12 +107,15 @@ class ImportController extends Controller
                $results[] = $import;
            }
            $results = (new ImportsTransformer)->transformImports($results);
+
            return [
                'files' => $results,
            ];
        }
+
        return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.feature_disabled')), 500);
    }
+
    /**
     * Processes the specified Import.
     *
@@ -129,26 +134,33 @@ class ImportController extends Controller
            \Log::debug('NO BACKUP requested via importer');
        }

-        $errors = $request->import(Import::find($import_id));
-        $redirectTo = "hardware.index";
+        $import = Import::find($import_id);
+
+        if(is_null($import)){
+            $error[0][0] = trans("validation.exists", ["attribute" => "file"]);
+            return response()->json(Helper::formatStandardApiResponse('import-errors', null, $error), 500);
+        }
+
+        $errors = $request->import($import);
+        $redirectTo = 'hardware.index';
        switch ($request->get('import-type')) {
-            case "asset":
-                $redirectTo = "hardware.index";
+            case 'asset':
+                $redirectTo = 'hardware.index';
                break;
-            case "accessory":
-                $redirectTo = "accessories.index";
+            case 'accessory':
+                $redirectTo = 'accessories.index';
                break;
-            case "consumable":
-                $redirectTo = "consumables.index";
+            case 'consumable':
+                $redirectTo = 'consumables.index';
                break;
-            case "component":
-                $redirectTo = "components.index";
+            case 'component':
+                $redirectTo = 'components.index';
                break;
-            case "license":
-                $redirectTo = "licenses.index";
+            case 'license':
+                $redirectTo = 'licenses.index';
                break;
-            case "user":
-                $redirectTo = "users.index";
+            case 'user':
+                $redirectTo = 'users.index';
                break;
        }

@@ -157,8 +169,8 @@ class ImportController extends Controller
        }
        //Flash message before the redirect
        Session::flash('success', trans('admin/hardware/message.import.success'));
-        return response()->json(Helper::formatStandardApiResponse('success', null, ['redirect_url' => route($redirectTo)]));

+        return response()->json(Helper::formatStandardApiResponse('success', null, ['redirect_url' => route($redirectTo)]));
    }

    /**
@@ -170,20 +182,20 @@ class ImportController extends Controller
    public function destroy($import_id)
    {
        $this->authorize('create', Asset::class);
-        
+
        if ($import = Import::find($import_id)) {
            try {
                // Try to delete the file
                Storage::delete('imports/'.$import->file_path);
                $import->delete();
-                return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/hardware/message.import.file_delete_success')));

+                return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/hardware/message.import.file_delete_success')));
            } catch (\Exception $e) {
                // If the file delete didn't work, remove it from the database anyway and return a warning
                $import->delete();
+
                return response()->json(Helper::formatStandardApiResponse('warning', null, trans('admin/hardware/message.import.file_not_deleted_warning')));
            }
        }
-
    }
 }
@@ -32,7 +32,7 @@ class LicenseSeatsController extends Controller

            $order = $request->input('order') === 'asc' ? 'asc' : 'desc';

-            if ($request->input('sort')=='department') {
+            if ($request->input('sort') == 'department') {
                $seats->OrderDepartments($order);
            } else {
                $seats->orderBy('id', $order);
@@ -41,7 +41,7 @@ class LicenseSeatsController extends Controller
            $total = $seats->count();
            $offset = (($seats) && (request('offset') > $total)) ? 0 : request('offset', 0);
            $limit = request('limit', 50);
-            
+
            $seats = $seats->skip($offset)->take($limit)->get();

            if ($seats) {
@@ -65,13 +65,14 @@ class LicenseSeatsController extends Controller
        $this->authorize('view', License::class);
        // sanity checks:
        // 1. does the license seat exist?
-        if (!$licenseSeat = LicenseSeat::find($seatId)) {
+        if (! $licenseSeat = LicenseSeat::find($seatId)) {
            return response()->json(Helper::formatStandardApiResponse('error', null, 'Seat not found'));
        }
        // 2. does the seat belong to the specified license?
-        if (!$license = $licenseSeat->license()->first() || $license->id != intval($licenseId)) {
+        if (! $license = $licenseSeat->license()->first() || $license->id != intval($licenseId)) {
            return response()->json(Helper::formatStandardApiResponse('error', null, 'Seat does not belong to the specified license'));
        }
+
        return (new LicenseSeatsTransformer)->transformLicenseSeat($licenseSeat);
    }

@@ -89,11 +90,11 @@ class LicenseSeatsController extends Controller

        // sanity checks:
        // 1. does the license seat exist?
-        if (!$licenseSeat = LicenseSeat::find($seatId)) {
+        if (! $licenseSeat = LicenseSeat::find($seatId)) {
            return response()->json(Helper::formatStandardApiResponse('error', null, 'Seat not found'));
        }
        // 2. does the seat belong to the specified license?
-        if (!$license = $licenseSeat->license()->first() || $license->id != intval($licenseId)) {
+        if (! $license = $licenseSeat->license()->first() || $license->id != intval($licenseId)) {
            return response()->json(Helper::formatStandardApiResponse('error', null, 'Seat does not belong to the specified license'));
        }

@@ -103,14 +104,14 @@ class LicenseSeatsController extends Controller
        // attempt to update the license seat
        $licenseSeat->fill($request->all());
        $licenseSeat->user_id = Auth::user()->id;
-        
+
        // check if this update is a checkin operation
        // 1. are relevant fields touched at all?
        $touched = $licenseSeat->isDirty('assigned_to') || $licenseSeat->isDirty('asset_id');
        // 2. are they cleared? if yes then this is a checkin operation
        $is_checkin = ($touched && $licenseSeat->assigned_to === null && $licenseSeat->asset_id === null);

-        if (!$touched) {
+        if (! $touched) {
            // nothing to update
            return response()->json(Helper::formatStandardApiResponse('success', $licenseSeat, trans('admin/licenses/message.update.success')));
        }
@@ -128,11 +129,13 @@ class LicenseSeatsController extends Controller

            if ($is_checkin) {
                $licenseSeat->logCheckin($target, $request->input('note'));
+
                return response()->json(Helper::formatStandardApiResponse('success', $licenseSeat, trans('admin/licenses/message.update.success')));
            }

            // in this case, relevant fields are touched but it's not a checkin operation. so it must be a checkout operation.
            $licenseSeat->logCheckout($request->input('note'), $target);
+
            return response()->json(Helper::formatStandardApiResponse('success', $licenseSeat, trans('admin/licenses/message.update.success')));
        }

@@ -26,62 +26,76 @@ class LicensesController extends Controller
    public function index(Request $request)
    {
        $this->authorize('view', License::class);
-        $licenses = Company::scopeCompanyables(License::with('company', 'manufacturer', 'freeSeats', 'supplier','category')->withCount('freeSeats as free_seats_count'));
+        $licenses = Company::scopeCompanyables(License::with('company', 'manufacturer', 'supplier','category')->withCount('freeSeats as free_seats_count'));


        if ($request->filled('company_id')) {
-            $licenses->where('company_id','=',$request->input('company_id'));
+            $licenses->where('company_id', '=', $request->input('company_id'));
        }

        if ($request->filled('name')) {
-            $licenses->where('licenses.name','=',$request->input('name'));
+            $licenses->where('licenses.name', '=', $request->input('name'));
        }

        if ($request->filled('product_key')) {
-            $licenses->where('licenses.serial','=',$request->input('product_key'));
+            $licenses->where('licenses.serial', '=', $request->input('product_key'));
        }

        if ($request->filled('order_number')) {
-            $licenses->where('order_number','=',$request->input('order_number'));
+            $licenses->where('order_number', '=', $request->input('order_number'));
        }

        if ($request->filled('purchase_order')) {
-            $licenses->where('purchase_order','=',$request->input('purchase_order'));
+            $licenses->where('purchase_order', '=', $request->input('purchase_order'));
        }

        if ($request->filled('license_name')) {
-            $licenses->where('license_name','=',$request->input('license_name'));
+            $licenses->where('license_name', '=', $request->input('license_name'));
        }

        if ($request->filled('license_email')) {
-            $licenses->where('license_email','=',$request->input('license_email'));
+            $licenses->where('license_email', '=', $request->input('license_email'));
        }

        if ($request->filled('manufacturer_id')) {
-            $licenses->where('manufacturer_id','=',$request->input('manufacturer_id'));
+            $licenses->where('manufacturer_id', '=', $request->input('manufacturer_id'));
        }

        if ($request->filled('supplier_id')) {
-            $licenses->where('supplier_id','=',$request->input('supplier_id'));
+            $licenses->where('supplier_id', '=', $request->input('supplier_id'));
        }

        if ($request->filled('category_id')) {
-            $licenses->where('category_id','=',$request->input('category_id'));
+            $licenses->where('category_id', '=', $request->input('category_id'));
        }

        if ($request->filled('depreciation_id')) {
-            $licenses->where('depreciation_id','=',$request->input('depreciation_id'));
+            $licenses->where('depreciation_id', '=', $request->input('depreciation_id'));
        }

        if ($request->filled('supplier_id')) {
-            $licenses->where('supplier_id','=',$request->input('supplier_id'));
+            $licenses->where('supplier_id', '=', $request->input('supplier_id'));
        }

+        if (($request->filled('maintained')) && ($request->input('maintained')=='true')) {
+            $licenses->where('maintained','=',1);
+        } elseif (($request->filled('maintained')) && ($request->input('maintained')=='false')) {
+            $licenses->where('maintained','=',0);
+        }
+
+        if (($request->filled('expires')) && ($request->input('expires')=='true')) {
+            $licenses->whereNotNull('expiration_date');
+        } elseif (($request->filled('expires')) && ($request->input('expires')=='false')) {
+            $licenses->whereNull('expiration_date');
+        }

        if ($request->filled('search')) {
            $licenses = $licenses->TextSearch($request->input('search'));
        }

+        if ($request->input('deleted')=='true') {
+            $licenses->onlyTrashed();
+        }

        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
        // case we override with the actual count, so we should return 0 items.
@@ -92,7 +106,6 @@ class LicensesController extends Controller

        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';

-
        switch ($request->input('sort')) {
                case 'manufacturer':
                    $licenses = $licenses->leftJoin('manufacturers', 'licenses.manufacturer_id', '=', 'manufacturers.id')->orderBy('manufacturers.name', $order);
@@ -128,15 +141,13 @@ class LicensesController extends Controller
                        'free_seats_count',
                        'seats',
                        'termination_date',
-                        'depreciation_id'
+                        'depreciation_id',
                    ];
                $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
                $licenses = $licenses->orderBy($sort, $order);
                break;
        }

-
-
        $total = $licenses->count();

        $licenses = $licenses->skip($offset)->take($limit)->get();
@@ -144,9 +155,6 @@ class LicensesController extends Controller

    }

-
-
-
    /**
     * Store a newly created resource in storage.
     *
@@ -162,9 +170,10 @@ class LicensesController extends Controller
        $license = new License;
        $license->fill($request->all());

-        if($license->save()) {
+        if ($license->save()) {
            return response()->json(Helper::formatStandardApiResponse('success', $license, trans('admin/licenses/message.create.success')));
        }
+
        return response()->json(Helper::formatStandardApiResponse('error', null, $license->getErrors()));
    }

@@ -180,10 +189,10 @@ class LicensesController extends Controller
        $this->authorize('view', License::class);
        $license = License::withCount('freeSeats')->findOrFail($id);
        $license = $license->load('assignedusers', 'licenseSeats.user', 'licenseSeats.asset');
+
        return (new LicensesTransformer)->transformLicense($license);
    }

-
    /**
     * Update the specified resource in storage.
     *
@@ -222,22 +231,23 @@ class LicensesController extends Controller
        $license = License::findOrFail($id);
        $this->authorize('delete', $license);

-        if($license->assigned_seats_count == 0) {
+        if ($license->assigned_seats_count == 0) {
            // Delete the license and the associated license seats
            DB::table('license_seats')
                ->where('id', $license->id)
-                ->update(array('assigned_to' => null,'asset_id' => null));
+                ->update(['assigned_to' => null, 'asset_id' => null]);

            $licenseSeats = $license->licenseseats();
            $licenseSeats->delete();
            $license->delete();

            // Redirect to the licenses management page
-            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/licenses/message.delete.success')));
+            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/licenses/message.delete.success')));
        }
+
        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/licenses/message.assoc_users')));
    }
-    
+
    /**
     * Gets a paginated collection for the select2 menus
     *
@@ -245,10 +255,9 @@ class LicensesController extends Controller
     */
    public function selectlist(Request $request)
    {
-
        $licenses = License::select([
            'licenses.id',
-            'licenses.name'
+            'licenses.name',
        ]);

        if ($request->filled('search')) {
@@ -257,9 +266,6 @@ class LicensesController extends Controller

        $licenses = $licenses->orderBy('name', 'ASC')->paginate(50);

-
        return (new SelectlistTransformer)->transformSelectlist($licenses);
    }
-
-
 }
@@ -2,12 +2,13 @@

 namespace App\Http\Controllers\Api;

-use Illuminate\Http\Request;
-use App\Http\Controllers\Controller;
 use App\Helpers\Helper;
-use App\Models\Location;
+use App\Http\Requests\ImageUploadRequest;
+use App\Http\Controllers\Controller;
 use App\Http\Transformers\LocationsTransformer;
 use App\Http\Transformers\SelectlistTransformer;
+use App\Models\Location;
+use Illuminate\Http\Request;
 use Illuminate\Pagination\LengthAwarePaginator;
 use Illuminate\Support\Collection;

@@ -24,9 +25,9 @@ class LocationsController extends Controller
    {
        $this->authorize('view', Location::class);
        $allowed_columns = [
-            'id','name','address','address2','city','state','country','zip','created_at',
-            'updated_at','manager_id','image',
-            'assigned_assets_count','users_count','assets_count','currency','ldap_ou'];
+            'id', 'name', 'address', 'address2', 'city', 'state', 'country', 'zip', 'created_at',
+            'updated_at', 'manager_id', 'image',
+            'assigned_assets_count', 'users_count', 'assets_count', 'currency', 'ldap_ou', ];

        $locations = Location::with('parent', 'manager', 'children')->select([
            'locations.id',
@@ -43,7 +44,7 @@ class LocationsController extends Controller
            'locations.updated_at',
            'locations.image',
            'locations.ldap_ou',
-            'locations.currency'
+            'locations.currency',
        ])->withCount('assignedAssets as assigned_assets_count')
            ->withCount('assets as assets_count')
            ->withCount('users as users_count');
@@ -52,8 +53,6 @@ class LocationsController extends Controller
            $locations = $locations->TextSearch($request->input('search'));
        }

-
-
        $offset = (($locations) && (request('offset') > $locations->count())) ? $locations->count() : request('offset', 0);

        // Check to make sure the limit is not higher than the max allowed
@@ -77,6 +76,7 @@ class LocationsController extends Controller

        $total = $locations->count();
        $locations = $locations->skip($offset)->take($limit)->get();
+
        return (new LocationsTransformer)->transformLocations($locations, $total);
    }

@@ -86,18 +86,20 @@ class LocationsController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest  $request
     * @return \Illuminate\Http\Response
     */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
    {
        $this->authorize('create', Location::class);
        $location = new Location;
        $location->fill($request->all());
+        $location = $request->handleImages($location);

        if ($location->save()) {
            return response()->json(Helper::formatStandardApiResponse('success', (new LocationsTransformer)->transformLocation($location), trans('admin/locations/message.create.success')));
        }
+
        return response()->json(Helper::formatStandardApiResponse('error', null, $location->getErrors()));
    }

@@ -127,11 +129,12 @@ class LocationsController extends Controller
                'locations.created_at',
                'locations.updated_at',
                'locations.image',
-                'locations.currency'
+                'locations.currency',
            ])
            ->withCount('assignedAssets as assigned_assets_count')
            ->withCount('assets as assets_count')
            ->withCount('users as users_count')->findOrFail($id);
+
        return (new LocationsTransformer)->transformLocation($location);
    }

@@ -141,17 +144,17 @@ class LocationsController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest  $request
     * @param  int  $id
     * @return \Illuminate\Http\JsonResponse
     */
-    public function update(Request $request, $id)
+    public function update(ImageUploadRequest $request, $id)
    {
        $this->authorize('update', Location::class);
        $location = Location::findOrFail($id);

        $location->fill($request->all());
-
+        $location = $request->handleImages($location);

        if ($location->isValid()) {

@@ -180,12 +183,13 @@ class LocationsController extends Controller
    {
        $this->authorize('delete', Location::class);
        $location = Location::findOrFail($id);
-        if(!$location->isDeletable()) {
+        if (! $location->isDeletable()) {
            return response()
-                    ->json(Helper::formatStandardApiResponse('error', null,  trans('admin/companies/message.assoc_users')));
+                    ->json(Helper::formatStandardApiResponse('error', null, trans('admin/companies/message.assoc_users')));
        }
        $this->authorize('delete', $location);
        $location->delete();
+
        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/locations/message.delete.success')));
    }

@@ -216,11 +220,12 @@ class LocationsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0.16]
     * @see \App\Http\Transformers\SelectlistTransformer
-     *
     */
    public function selectlist(Request $request)
    {

+        $this->authorize('view.selectlists');
+
        $locations = Location::select([
            'locations.id',
            'locations.name',
@@ -242,26 +247,22 @@ class LocationsController extends Controller
        $locations_with_children = [];

        foreach ($locations as $location) {
-            if (!array_key_exists($location->parent_id, $locations_with_children)) {
+            if (! array_key_exists($location->parent_id, $locations_with_children)) {
                $locations_with_children[$location->parent_id] = [];
            }
            $locations_with_children[$location->parent_id][] = $location;
        }

        if ($request->filled('search')) {
-            $locations_formatted =  $locations;
+            $locations_formatted = $locations;
        } else {
            $location_options = Location::indenter($locations_with_children);
            $locations_formatted = new Collection($location_options);
-
        }

-        $paginated_results =  new LengthAwarePaginator($locations_formatted->forPage($page, 500), $locations_formatted->count(), 500, $page, []);
+        $paginated_results = new LengthAwarePaginator($locations_formatted->forPage($page, 500), $locations_formatted->count(), 500, $page, []);

        //return [];
        return (new SelectlistTransformer)->transformSelectlist($paginated_results);
-
    }
-
-
 }
@@ -8,6 +8,7 @@ use App\Http\Transformers\ManufacturersTransformer;
 use App\Http\Transformers\SelectlistTransformer;
 use App\Models\Manufacturer;
 use Illuminate\Http\Request;
+use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Storage;

 class ManufacturersController extends Controller
@@ -22,13 +23,13 @@ class ManufacturersController extends Controller
    public function index(Request $request)
    {
        $this->authorize('view', Manufacturer::class);
-        $allowed_columns = ['id','name','url','support_url','support_email','support_phone','created_at','updated_at','image', 'assets_count', 'consumables_count', 'components_count', 'licenses_count'];
+        $allowed_columns = ['id', 'name', 'url', 'support_url', 'support_email', 'support_phone', 'created_at', 'updated_at', 'image', 'assets_count', 'consumables_count', 'components_count', 'licenses_count'];

        $manufacturers = Manufacturer::select(
-            array('id','name','url','support_url','support_email','support_phone','created_at','updated_at','image', 'deleted_at')
+            ['id', 'name', 'url', 'support_url', 'support_email', 'support_phone', 'created_at', 'updated_at', 'image', 'deleted_at']
        )->withCount('assets as assets_count')->withCount('licenses as licenses_count')->withCount('consumables as consumables_count')->withCount('accessories as accessories_count');

-        if ($request->input('deleted')=='true') {
+        if ($request->input('deleted') == 'true') {
            $manufacturers->onlyTrashed();
        }

@@ -36,7 +37,6 @@ class ManufacturersController extends Controller
            $manufacturers = $manufacturers->TextSearch($request->input('search'));
        }

-
        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
        // case we override with the actual count, so we should return 0 items.
        $offset = (($manufacturers) && ($request->get('offset') > $manufacturers->count())) ? $manufacturers->count() : $request->get('offset', 0);
@@ -50,23 +50,24 @@ class ManufacturersController extends Controller

        $total = $manufacturers->count();
        $manufacturers = $manufacturers->skip($offset)->take($limit)->get();
+
        return (new ManufacturersTransformer)->transformManufacturers($manufacturers, $total);
    }

-
    /**
     * Store a newly created resource in storage.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest $request
     * @return \Illuminate\Http\Response
     */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
    {
        $this->authorize('create', Manufacturer::class);
        $manufacturer = new Manufacturer;
        $manufacturer->fill($request->all());
+        $manufacturer = $request->handleImages($manufacturer);

        if ($manufacturer->save()) {
            return response()->json(Helper::formatStandardApiResponse('success', $manufacturer, trans('admin/manufacturers/message.create.success')));
@@ -87,24 +88,25 @@ class ManufacturersController extends Controller
    {
        $this->authorize('view', Manufacturer::class);
        $manufacturer = Manufacturer::withCount('assets as assets_count')->withCount('licenses as licenses_count')->withCount('consumables as consumables_count')->withCount('accessories as accessories_count')->findOrFail($id);
+
        return (new ManufacturersTransformer)->transformManufacturer($manufacturer);
    }

-
    /**
     * Update the specified resource in storage.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest  $request
     * @param  int  $id
     * @return \Illuminate\Http\Response
     */
-    public function update(Request $request, $id)
+    public function update(ImageUploadRequest $request, $id)
    {
        $this->authorize('update', Manufacturer::class);
        $manufacturer = Manufacturer::findOrFail($id);
        $manufacturer->fill($request->all());
+        $manufacturer = $request->handleImages($manufacturer);

        if ($manufacturer->save()) {
            return response()->json(Helper::formatStandardApiResponse('success', $manufacturer, trans('admin/manufacturers/message.update.success')));
@@ -123,7 +125,6 @@ class ManufacturersController extends Controller
     */
    public function destroy($id)
    {
-
        $this->authorize('delete', Manufacturer::class);
        $manufacturer = Manufacturer::findOrFail($id);
        $this->authorize('delete', $manufacturer);
@@ -135,10 +136,6 @@ class ManufacturersController extends Controller

        return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/manufacturers/message.assoc_users')));

-
-
-
-
    }

    /**
@@ -147,11 +144,11 @@ class ManufacturersController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0.16]
     * @see \App\Http\Transformers\SelectlistTransformer
-     *
     */
    public function selectlist(Request $request)
    {

+        $this->authorize('view.selectlists');
        $manufacturers = Manufacturer::select([
            'id',
            'name',
@@ -173,6 +170,5 @@ class ManufacturersController extends Controller
        }

        return (new SelectlistTransformer)->transformSelectlist($manufacturers);
-
    }
 }
@@ -31,17 +31,16 @@ class PredefinedKitsController extends Controller

        $offset = $request->input('offset', 0);
        $limit = $request->input('limit', 50);
-        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
-        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'assets_count';
+        $order = $request->input('order') === 'desc' ? 'desc' : 'asc';
+        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'name';
        $kits->orderBy($sort, $order);

        $total = $kits->count();
        $kits = $kits->skip($offset)->take($limit)->get();
+
        return (new PredefinedKitsTransformer)->transformPredefinedKits($kits, $total);
-
    }

-
    /**
     * Store a newly created resource in storage.
     *
@@ -57,8 +56,8 @@ class PredefinedKitsController extends Controller
        if ($kit->save()) {
            return response()->json(Helper::formatStandardApiResponse('success', $kit, trans('admin/kits/general.create_success')));
        }
-        return response()->json(Helper::formatStandardApiResponse('error', null, $kit->getErrors()));

+        return response()->json(Helper::formatStandardApiResponse('error', null, $kit->getErrors()));
    }

    /**
@@ -71,10 +70,10 @@ class PredefinedKitsController extends Controller
    {
        $this->authorize('view', PredefinedKit::class);
        $kit = PredefinedKit::findOrFail($id);
+
        return (new PredefinedKitsTransformer)->transformPredefinedKit($kit);
    }

-
    /**
     * Update the specified resource in storage.
     *
@@ -89,7 +88,7 @@ class PredefinedKitsController extends Controller
        $kit->fill($request->all());

        if ($kit->save()) {
-            return response()->json(Helper::formatStandardApiResponse('success', $kit, trans('admin/kits/general.update_success')));      // TODO: trans
+            return response()->json(Helper::formatStandardApiResponse('success', $kit, trans('admin/kits/general.update_success')));
        }

        return response()->json(Helper::formatStandardApiResponse('error', null, $kit->getErrors()));
@@ -113,23 +112,20 @@ class PredefinedKitsController extends Controller
        $kit->accessories()->detach();

        $kit->delete();
-        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/kits/general.delete_success')));     // TODO: trans

+        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/kits/general.delete_success')));
    }

-
    /**
     * Gets a paginated collection for the select2 menus
     *
     * @see \App\Http\Transformers\SelectlistTransformer
-     *
     */
    public function selectlist(Request $request)
    {
-
        $kits = PredefinedKit::select([
            'id',
-            'name'
+            'name',
        ]);

        if ($request->filled('search')) {
@@ -139,7 +135,6 @@ class PredefinedKitsController extends Controller
        $kits = $kits->orderBy('name', 'ASC')->paginate(50);

        return (new SelectlistTransformer)->transformSelectlist($kits);
-
    }

    /**
@@ -148,38 +143,40 @@ class PredefinedKitsController extends Controller
     * @param  int  $id
     * @return \Illuminate\Http\Response
     */
-    public function indexLicenses($kit_id) {
+    public function indexLicenses($kit_id)
+    {
        $this->authorize('view', PredefinedKit::class);
        $kit = PredefinedKit::findOrFail($kit_id);
        $licenses = $kit->licenses;
+
        return (new PredefinedKitsTransformer)->transformElements($licenses, $licenses->count());
    }

-    
    /**
     * Store the specified resource.
     *
     * @param  int  $id
     * @return \Illuminate\Http\Response
     */
-     public function storeLicense(Request $request, $kit_id)
-     {
-         $this->authorize('update', PredefinedKit::class);
-         
-         $kit = PredefinedKit::findOrFail($kit_id);        
-         $quantity = $request->input('quantity', 1);
-         if( $quantity < 1) {
-             $quantity = 1;
-         }
+    public function storeLicense(Request $request, $kit_id)
+    {
+        $this->authorize('update', PredefinedKit::class);

-         $license_id = $request->get('license');
-         $relation = $kit->licenses();
-         if( $relation->find($license_id) ) {
-             return response()->json(Helper::formatStandardApiResponse('error', null, ['license' => 'License already attached to kit']));
-         }
+        $kit = PredefinedKit::findOrFail($kit_id);
+        $quantity = $request->input('quantity', 1);
+        if ($quantity < 1) {
+            $quantity = 1;
+        }

-         $relation->attach( $license_id, ['quantity' => $quantity]);
-         return response()->json(Helper::formatStandardApiResponse('success', $kit, 'License added successfull'));     // TODO: trans
+        $license_id = $request->get('license');
+        $relation = $kit->licenses();
+        if ($relation->find($license_id)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, ['license' => trans('admin/kits/general.license_error')]));
+        }
+
+        $relation->attach($license_id, ['quantity' => $quantity]);
+
+        return response()->json(Helper::formatStandardApiResponse('success', $kit, trans('admin/kits/general.license_added_success')));
    }

    /**
@@ -189,20 +186,20 @@ class PredefinedKitsController extends Controller
     * @param  int  $kit_id
     * @return \Illuminate\Http\Response
     */
-     public function updateLicense(Request $request, $kit_id, $license_id)
-     {
-         $this->authorize('update', PredefinedKit::class);
-         $kit = PredefinedKit::findOrFail($kit_id);
-         $quantity = $request->input('quantity', 1);
-         if( $quantity < 1) {
-             $quantity = 1;
-         }
-         $kit->licenses()->syncWithoutDetaching([$license_id => ['quantity' =>  $quantity]]);
- 
-         return response()->json(Helper::formatStandardApiResponse('success', $kit, 'License updated'));  // TODO: trans
-     }
+    public function updateLicense(Request $request, $kit_id, $license_id)
+    {
+        $this->authorize('update', PredefinedKit::class);
+        $kit = PredefinedKit::findOrFail($kit_id);
+        $quantity = $request->input('quantity', 1);
+        if ($quantity < 1) {
+            $quantity = 1;
+        }
+        $kit->licenses()->syncWithoutDetaching([$license_id => ['quantity' =>  $quantity]]);

-     /**
+        return response()->json(Helper::formatStandardApiResponse('success', $kit, trans('admin/kits/general.license_updated')));
+    }
+
+    /**
     * Remove the specified resource from storage.
     *
     * @param  int  $kit_id
@@ -214,48 +211,49 @@ class PredefinedKitsController extends Controller
        $kit = PredefinedKit::findOrFail($kit_id);

        $kit->licenses()->detach($license_id);
-        return response()->json(Helper::formatStandardApiResponse('success', $kit,  trans('admin/kits/general.delete_success')));
+
+        return response()->json(Helper::formatStandardApiResponse('success', $kit, trans('admin/kits/general.delete_success')));
    }
-    
+
    /**
     * Display the specified resource.
     *
     * @param  int  $kit_id
     * @return \Illuminate\Http\Response
     */
-     public function indexModels($kit_id) {
+    public function indexModels($kit_id)
+    {
        $this->authorize('view', PredefinedKit::class);
        $kit = PredefinedKit::findOrFail($kit_id);
        $models = $kit->models;
+
        return (new PredefinedKitsTransformer)->transformElements($models, $models->count());
    }
-    
+
    /**
     * Store the specified resource.
     *
     * @param  int  $id
     * @return \Illuminate\Http\Response
     */
-     public function storeModel(Request $request, $kit_id)
-     {
-
-
+    public function storeModel(Request $request, $kit_id)
+    {
        $this->authorize('update', PredefinedKit::class);
-        
-        $kit = PredefinedKit::findOrFail($kit_id);        
-        
+
+        $kit = PredefinedKit::findOrFail($kit_id);
+
        $model_id = $request->get('model');
        $quantity = $request->input('quantity', 1);
-        if( $quantity < 1) {
+        if ($quantity < 1) {
            $quantity = 1;
        }
-        
+
        $relation = $kit->models();
-        if( $relation->find($model_id) ) {
+        if ($relation->find($model_id)) {
            return response()->json(Helper::formatStandardApiResponse('error', null, ['model' => 'Model already attached to kit']));
        }
        $relation->attach($model_id, ['quantity' => $quantity]);
-        
+
        return response()->json(Helper::formatStandardApiResponse('success', $kit, 'Model added successfull'));
    }

@@ -266,20 +264,20 @@ class PredefinedKitsController extends Controller
     * @param  int  $kit_id
     * @return \Illuminate\Http\Response
     */
-     public function updateModel(Request $request, $kit_id, $model_id)
-     {
-         $this->authorize('update', PredefinedKit::class);
-         $kit = PredefinedKit::findOrFail($kit_id);
-         $quantity = $request->input('quantity', 1);
-         if( $quantity < 1) {
-             $quantity = 1;
-         }
-         $kit->models()->syncWithoutDetaching([$model_id => ['quantity' =>  $quantity]]);
- 
-         return response()->json(Helper::formatStandardApiResponse('success', $kit, 'License updated'));  // TODO: trans
-     }
+    public function updateModel(Request $request, $kit_id, $model_id)
+    {
+        $this->authorize('update', PredefinedKit::class);
+        $kit = PredefinedKit::findOrFail($kit_id);
+        $quantity = $request->input('quantity', 1);
+        if ($quantity < 1) {
+            $quantity = 1;
+        }
+        $kit->models()->syncWithoutDetaching([$model_id => ['quantity' =>  $quantity]]);

-     /**
+        return response()->json(Helper::formatStandardApiResponse('success', $kit, trans('admin/kits/general.license_updated')));
+    }
+
+    /**
     * Remove the specified resource from storage.
     *
     * @param  int  $kit_id
@@ -291,49 +289,50 @@ class PredefinedKitsController extends Controller
        $kit = PredefinedKit::findOrFail($kit_id);

        $kit->models()->detach($model_id);
-        return response()->json(Helper::formatStandardApiResponse('success', $kit,  trans('admin/kits/general.model_removed_success')));
+
+        return response()->json(Helper::formatStandardApiResponse('success', $kit, trans('admin/kits/general.model_removed_success')));
    }

-
-    
    /**
     * Display the specified resource.
     *
     * @param  int  $kit_id
     * @return \Illuminate\Http\Response
     */
-    public function indexConsumables($kit_id) {
+    public function indexConsumables($kit_id)
+    {
        $this->authorize('view', PredefinedKit::class);
        $kit = PredefinedKit::findOrFail($kit_id);
        $consumables = $kit->consumables;
+
        return (new PredefinedKitsTransformer)->transformElements($consumables, $consumables->count());
    }

-    
    /**
     * Store the specified resource.
     *
     * @param  int  $id
     * @return \Illuminate\Http\Response
     */
-     public function storeConsumable(Request $request, $kit_id)
-     {
-         $this->authorize('update', PredefinedKit::class);
-         
-         $kit = PredefinedKit::findOrFail($kit_id);        
-         $quantity = $request->input('quantity', 1);
-         if( $quantity < 1) {
-             $quantity = 1;
-         }
+    public function storeConsumable(Request $request, $kit_id)
+    {
+        $this->authorize('update', PredefinedKit::class);

-         $consumable_id = $request->get('consumable');
-         $relation = $kit->consumables();
-         if( $relation->find($consumable_id) ) {
-             return response()->json(Helper::formatStandardApiResponse('error', null, ['consumable' => 'Consumable already attached to kit']));
-         }
+        $kit = PredefinedKit::findOrFail($kit_id);
+        $quantity = $request->input('quantity', 1);
+        if ($quantity < 1) {
+            $quantity = 1;
+        }

-         $relation->attach( $consumable_id, ['quantity' => $quantity]);
-         return response()->json(Helper::formatStandardApiResponse('success', $kit, 'Consumable added successfull'));     // TODO: trans
+        $consumable_id = $request->get('consumable');
+        $relation = $kit->consumables();
+        if ($relation->find($consumable_id)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, ['consumable' => trans('admin/kits/general.consumable_error')]));
+        }
+
+        $relation->attach($consumable_id, ['quantity' => $quantity]);
+
+        return response()->json(Helper::formatStandardApiResponse('success', $kit, trans('admin/kits/general.consumable_added_success')));
    }

    /**
@@ -343,20 +342,20 @@ class PredefinedKitsController extends Controller
     * @param  int  $kit_id
     * @return \Illuminate\Http\Response
     */
-     public function updateConsumable(Request $request, $kit_id, $consumable_id)
-     {
-         $this->authorize('update', PredefinedKit::class);
-         $kit = PredefinedKit::findOrFail($kit_id);
-         $quantity = $request->input('quantity', 1);
-         if( $quantity < 1) {
-             $quantity = 1;
-         }
-         $kit->consumables()->syncWithoutDetaching([$consumable_id => ['quantity' =>  $quantity]]);
- 
-         return response()->json(Helper::formatStandardApiResponse('success', $kit, 'Consumable updated'));  // TODO: trans
-     }
+    public function updateConsumable(Request $request, $kit_id, $consumable_id)
+    {
+        $this->authorize('update', PredefinedKit::class);
+        $kit = PredefinedKit::findOrFail($kit_id);
+        $quantity = $request->input('quantity', 1);
+        if ($quantity < 1) {
+            $quantity = 1;
+        }
+        $kit->consumables()->syncWithoutDetaching([$consumable_id => ['quantity' =>  $quantity]]);

-     /**
+        return response()->json(Helper::formatStandardApiResponse('success', $kit, trans('admin/kits/general.consumable_updated')));
+    }
+
+    /**
     * Remove the specified resource from storage.
     *
     * @param  int  $kit_id
@@ -368,48 +367,50 @@ class PredefinedKitsController extends Controller
        $kit = PredefinedKit::findOrFail($kit_id);

        $kit->consumables()->detach($consumable_id);
-        return response()->json(Helper::formatStandardApiResponse('success', $kit,  'Delete was successfull'));     // TODO: trans
+
+        return response()->json(Helper::formatStandardApiResponse('success', $kit, trans('admin/kits/general.consumable_deleted')));
    }

-    
    /**
     * Display the specified resource.
     *
     * @param  int  $kit_id
     * @return \Illuminate\Http\Response
     */
-    public function indexAccessories($kit_id) {
+    public function indexAccessories($kit_id)
+    {
        $this->authorize('view', PredefinedKit::class);
        $kit = PredefinedKit::findOrFail($kit_id);
        $accessories = $kit->accessories;
+
        return (new PredefinedKitsTransformer)->transformElements($accessories, $accessories->count());
    }

-    
    /**
     * Store the specified resource.
     *
     * @param  int  $kit_id
     * @return \Illuminate\Http\Response
     */
-     public function storeAccessory(Request $request, $kit_id)
-     {
-         $this->authorize('update', PredefinedKit::class);
-         
-         $kit = PredefinedKit::findOrFail($kit_id);        
-         $quantity = $request->input('quantity', 1);
-         if( $quantity < 1) {
-             $quantity = 1;
-         }
+    public function storeAccessory(Request $request, $kit_id)
+    {
+        $this->authorize('update', PredefinedKit::class);

-         $accessory_id = $request->get('accessory');
-         $relation = $kit->accessories();
-         if( $relation->find($accessory_id) ) {
-             return response()->json(Helper::formatStandardApiResponse('error', null, ['accessory' => 'Accessory already attached to kit']));
-         }
+        $kit = PredefinedKit::findOrFail($kit_id);
+        $quantity = $request->input('quantity', 1);
+        if ($quantity < 1) {
+            $quantity = 1;
+        }

-         $relation->attach( $accessory_id, ['quantity' => $quantity]);
-         return response()->json(Helper::formatStandardApiResponse('success', $kit, 'Accessory added successfull'));     // TODO: trans
+        $accessory_id = $request->get('accessory');
+        $relation = $kit->accessories();
+        if ($relation->find($accessory_id)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, ['accessory' => trans('admin/kits/general.accessory_error')]));
+        }
+
+        $relation->attach($accessory_id, ['quantity' => $quantity]);
+
+        return response()->json(Helper::formatStandardApiResponse('success', $kit, trans('admin/kits/general.accessory_added_success')));
    }

    /**
@@ -419,20 +420,20 @@ class PredefinedKitsController extends Controller
     * @param  int  $kit_id
     * @return \Illuminate\Http\Response
     */
-     public function updateAccessory(Request $request, $kit_id, $accessory_id)
-     {
-         $this->authorize('update', PredefinedKit::class);
-         $kit = PredefinedKit::findOrFail($kit_id);
-         $quantity = $request->input('quantity', 1);
-         if( $quantity < 1) {
-             $quantity = 1;
-         }
-         $kit->accessories()->syncWithoutDetaching([$accessory_id => ['quantity' =>  $quantity]]);
- 
-         return response()->json(Helper::formatStandardApiResponse('success', $kit, 'Accessory updated'));  // TODO: trans
-     }
+    public function updateAccessory(Request $request, $kit_id, $accessory_id)
+    {
+        $this->authorize('update', PredefinedKit::class);
+        $kit = PredefinedKit::findOrFail($kit_id);
+        $quantity = $request->input('quantity', 1);
+        if ($quantity < 1) {
+            $quantity = 1;
+        }
+        $kit->accessories()->syncWithoutDetaching([$accessory_id => ['quantity' =>  $quantity]]);

-     /**
+        return response()->json(Helper::formatStandardApiResponse('success', $kit, trans('admin/kits/general.accessory_updated')));
+    }
+
+    /**
     * Remove the specified resource from storage.
     *
     * @param  int  $kit_id
@@ -444,6 +445,7 @@ class PredefinedKitsController extends Controller
        $kit = PredefinedKit::findOrFail($kit_id);

        $kit->accessories()->detach($accessory_id);
-        return response()->json(Helper::formatStandardApiResponse('success', $kit,  'Delete was successfull'));     // TODO: trans
+
+        return response()->json(Helper::formatStandardApiResponse('success', $kit, trans('admin/kits/general.accessory_deleted')));
    }
 }
@@ -15,7 +15,7 @@ class ProfileController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.3.0]
     *
-     * @return Array
+     * @return array
     */
    public function requestedAssets()
    {
@@ -24,25 +24,22 @@ class ProfileController extends Controller
        $results = [];
        $results['total'] = $checkoutRequests->count();

-
        foreach ($checkoutRequests as $checkoutRequest) {

            // Make sure the asset and request still exist
            if ($checkoutRequest && $checkoutRequest->itemRequested()) {
                $results['rows'][] = [
-                    'image' => $checkoutRequest->itemRequested()->present()->getImageUrl(),
-                    'name' => $checkoutRequest->itemRequested()->present()->name(),
-                    'type' => $checkoutRequest->itemType(),
-                    'qty' => $checkoutRequest->quantity,
-                    'location' => ($checkoutRequest->location()) ? $checkoutRequest->location()->name : null,
+                    'image' => e($checkoutRequest->itemRequested()->present()->getImageUrl()),
+                    'name' => e($checkoutRequest->itemRequested()->present()->name()),
+                    'type' => e($checkoutRequest->itemType()),
+                    'qty' => (int) $checkoutRequest->quantity,
+                    'location' => ($checkoutRequest->location()) ? e($checkoutRequest->location()->name) : null,
                    'expected_checkin' => Helper::getFormattedDateObject($checkoutRequest->itemRequested()->expected_checkin, 'datetime'),
                    'request_date' => Helper::getFormattedDateObject($checkoutRequest->created_at, 'datetime'),
                ];
            }
-
        }
+
        return $results;
    }
-
-
 }
@@ -19,25 +19,25 @@ class ReportsController extends Controller
    public function index(Request $request)
    {
        $this->authorize('reports.view');
-        
-        $actionlogs = Actionlog::with('item', 'user', 'target','location');
+
+        $actionlogs = Actionlog::with('item', 'user', 'target', 'location');

        if ($request->filled('search')) {
            $actionlogs = $actionlogs->TextSearch(e($request->input('search')));
        }

-        if (($request->filled('target_type'))  && ($request->filled('target_id'))) {
-            $actionlogs = $actionlogs->where('target_id','=',$request->input('target_id'))
-                ->where('target_type','=',"App\\Models\\".ucwords($request->input('target_type')));
+        if (($request->filled('target_type')) && ($request->filled('target_id'))) {
+            $actionlogs = $actionlogs->where('target_id', '=', $request->input('target_id'))
+                ->where('target_type', '=', 'App\\Models\\'.ucwords($request->input('target_type')));
        }

-        if (($request->filled('item_type'))  && ($request->filled('item_id'))) {
-            $actionlogs = $actionlogs->where('item_id','=',$request->input('item_id'))
-                ->where('item_type','=',"App\\Models\\".ucwords($request->input('item_type')));
+        if (($request->filled('item_type')) && ($request->filled('item_id'))) {
+            $actionlogs = $actionlogs->where('item_id', '=', $request->input('item_id'))
+                ->where('item_type', '=', 'App\\Models\\'.ucwords($request->input('item_type')));
        }

        if ($request->filled('action_type')) {
-            $actionlogs = $actionlogs->where('action_type','=',$request->input('action_type'))->orderBy('created_at', 'desc');
+            $actionlogs = $actionlogs->where('action_type', '=', $request->input('action_type'))->orderBy('created_at', 'desc');
        }

        if ($request->filled('uploads')) {
@@ -51,9 +51,9 @@ class ReportsController extends Controller
            'user_id',
            'accept_signature',
            'action_type',
-            'note'
+            'note',
        ];
-        
+
        $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
        $order = ($request->input('order') == 'asc') ? 'asc' : 'desc';
        $offset = request('offset', 0);
@@ -62,6 +62,5 @@ class ReportsController extends Controller
        $actionlogs = $actionlogs->orderBy($sort, $order)->skip($offset)->take($limit)->get();

        return response()->json((new ActionlogsTransformer)->transformActionlogs($actionlogs, $total), 200, ['Content-Type' => 'application/json;charset=utf8'], JSON_UNESCAPED_UNICODE);
-
    }
 }
@@ -2,125 +2,93 @@

 namespace App\Http\Controllers\Api;

-use App\Http\Controllers\Controller;
-use App\Http\Transformers\LoginAttemptsTransformer;
-use App\Models\Setting;
-use App\Notifications\MailTest;
-use App\Services\LdapAd;
-use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Models\Ldap;
+use App\Models\Setting;
+use Mail;
+use App\Notifications\SlackTest;
+use App\Notifications\MailTest;
+use GuzzleHttp\Client;
+use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Response;
 use Illuminate\Support\Facades\DB;
 use Illuminate\Support\Facades\Log;
 use Illuminate\Support\Facades\Notification;
-use GuzzleHttp\Client;
 use Illuminate\Support\Facades\Storage;
-use Illuminate\Support\Facades\Validator;
-use App\Models\Ldap; // forward-port of v4 LDAP model for Sync
+use Illuminate\Support\Facades\Validator; 
+use App\Http\Requests\SlackSettingsRequest;
+use App\Http\Transformers\LoginAttemptsTransformer;


 class SettingsController extends Controller
 {

-    /**
-     * Test the ldap settings
-     * 
-     * @author Wes Hulette <jwhulette@gmail.com>
-     * 
-     * @since 5.0.0
-     * 
-     * @param App\Models\LdapAd $ldap
-     * 
-     * @return \Illuminate\Http\JsonResponse
-     */
-    public function ldapAdSettingsTest(LdapAd $ldap): JsonResponse
+
+    public function ldaptest()
    {
-        if(!$ldap->init()) {
-            Log::info('LDAP is not enabled so we cannot test.');
+        $settings = Setting::getSettings();
+
+        if ($settings->ldap_enabled!='1') {
+            \Log::debug('LDAP is not enabled cannot test.');
            return response()->json(['message' => 'LDAP is not enabled, cannot test.'], 400);
        }

-        // The connect, bind and resulting users message
-        $message = [];
+        \Log::debug('Preparing to test LDAP connection');

-        
-        // This is all kinda fucked right now. The connection test doesn't actually do what you think,
-        // // and the way we parse the errors
-        // on the JS side is horrible. 
-        Log::info('Preparing to test LDAP user login');
-        // Test user can connect to the LDAP server
+        $message = []; //where we collect together test messages
        try {
-            $ldap->testLdapAdUserConnection();
-            $message['login'] = [
-                'message' => 'Successfully connected to LDAP server.'
-            ];
-        } catch (\Exception $ex) {
-                \Log::debug('Connection to LDAP server '.Setting::getSettings()->ldap_server.' failed. Please check your LDAP settings and try again. Server Responded with error: ' . $ex->getMessage());
-            return response()->json(
-                ['message' => 'Connection to LDAP server '.Setting::getSettings()->ldap_server." failed. Verify that the LDAP hostname is entered correctly and that it can be reached from this web server. \n\nServer Responded with error: " . $ex->getMessage()
-
-                ], 400);
-        }
-
-        Log::info('Preparing to test LDAP bind connection');
-        // Test user can bind to the LDAP server
-        try {
-            Log::info('Testing Bind');
-            $ldap->testLdapAdBindConnection();
-            $message['bind'] = [
-                'message' => 'Successfully bound to LDAP server.'
-            ];
-        } catch (\Exception $ex) {
-            Log::info('LDAP Bind failed');
-            return response()->json(['message' => 'Connection to LDAP successful, but we were unable to Bind the LDAP user '.Setting::getSettings()->ldap_uname.". Verify your that your LDAP Bind username and password are correct. \n\nServer Responded with error: " . $ex->getMessage()
-            ], 400);
-        }
-
-
-        Log::info('Preparing to get sample user set from LDAP directory');
-        // Get a sample of 10 users so user can verify the data is correct
-        $settings = Setting::getSettings();
-        try {
-            Log::info('Testing LDAP sync');
-            error_reporting(E_ALL & ~E_DEPRECATED); // workaround for php7.4, which deprecates ldap_control_paged_result
-            // $users = $ldap->testUserImportSync(); // from AdLdap2 from v5, disabling and falling back to v4's sync code
-            $users = collect(Ldap::findLdapUsers())->slice(0, 11)->filter(function ($value, $key) { //choosing ELEVEN because one is going to be the count, which we're about to filter out in the next line
-                return is_int($key);
-            })->map(function ($item) use ($settings) {
-                return (object) [
-                    'username'        => $item[$settings['ldap_username_field']][0] ?? null,
-                    'employee_number' => $item[$settings['ldap_emp_num']][0] ?? null,
-                    'lastname'        => $item[$settings['ldap_lname_field']][0] ?? null,
-                    'firstname'       => $item[$settings['ldap_fname_field']][0] ?? null,
-                    'email'           => $item[$settings['ldap_email']][0] ?? null,
+            $connection = Ldap::connectToLdap();
+            try {
+                $message['bind'] = ['message' => 'Successfully bound to LDAP server.'];
+                \Log::debug('attempting to bind to LDAP for LDAP test');
+                Ldap::bindAdminToLdap($connection);
+                $message['login'] = [
+                    'message' => 'Successfully connected to LDAP server.',
                ];
-            });
-            if ($users->count() > 0) {
-                $message['user_sync']  = [
-                    'users' => $users
-                ];
-            } else {
-                $message['user_sync']  = [
-                    'message' => 'Connection to LDAP was successful, however there were no users returned from your query. You should confirm the Base Bind DN above.'
-                ];
-                return response()->json($message, 400);
+
+                $users = collect(Ldap::findLdapUsers(null,10))->filter(function ($value, $key) {
+                    return is_int($key);
+                })->slice(0, 10)->map(function ($item) use ($settings) {
+                    return (object) [
+                        'username'        => $item[$settings['ldap_username_field']][0] ?? null,
+                        'employee_number' => $item[$settings['ldap_emp_num']][0] ?? null,
+                        'lastname'        => $item[$settings['ldap_lname_field']][0] ?? null,
+                        'firstname'       => $item[$settings['ldap_fname_field']][0] ?? null,
+                        'email'           => $item[$settings['ldap_email']][0] ?? null,
+                    ];
+                });
+                if ($users->count() > 0) {
+                    $message['user_sync'] = [
+                        'users' => $users,
+                    ];
+                } else {
+                    $message['user_sync'] = [
+                        'message' => 'Connection to LDAP was successful, however there were no users returned from your query. You should confirm the Base Bind DN above.',
+                    ];
+    
+                    return response()->json($message, 400);
+                }
+
+                return response()->json($message, 200);
+            } catch (\Exception $e) {
+                \Log::debug('Bind failed');
+                \Log::debug("Exception was: ".$e->getMessage());
+                return response()->json(['message' => $e->getMessage()], 400);
+                //return response()->json(['message' => $e->getMessage()], 500);
            }
-            
-        } catch (\Exception $ex) {
-            Log::info('LDAP sync failed');
-            $message['user_sync']  = [
-                'message' => 'Error getting users from LDAP directory, error: ' . $ex->getMessage()
-            ];
-            return response()->json($message, 400);
+        } catch (\Exception $e) {
+            \Log::debug('Connection failed but we cannot debug it any further on our end.');
+            return response()->json(['message' => $e->getMessage()], 500);
        }

-        return response()->json($message, 200);
+
    }

-    public function ldaptestlogin(Request $request, LdapAd $ldap)
+    public function ldaptestlogin(Request $request)
    {

-        if (Setting::getSettings()->ldap_enabled!='1') {
+        if (Setting::getSettings()->ldap_enabled != '1') {
            \Log::debug('LDAP is not enabled. Cannot test.');
            return response()->json(['message' => 'LDAP is not enabled, cannot test.'], 400);
        }
@@ -139,57 +107,77 @@ class SettingsController extends Controller
        }
        

+
        \Log::debug('Preparing to test LDAP login');
        try {
-            DB::beginTransaction(); //this was the easiest way to invoke a full test of an LDAP login without adding new users to the DB (which may not be desired)
+            $connection = Ldap::connectToLdap();
+            try {
+                Ldap::bindAdminToLdap($connection);
+                \Log::debug('Attempting to bind to LDAP for LDAP test');
+                try {
+                    $ldap_user = Ldap::findAndBindUserLdap($request->input('ldaptest_user'), $request->input('ldaptest_password'));
+                    if ($ldap_user) {
+                        \Log::debug('It worked! '. $request->input('ldaptest_user').' successfully binded to LDAP.');
+                        return response()->json(['message' => 'It worked! '. $request->input('ldaptest_user').' successfully binded to LDAP.'], 200);
+                    }
+                    return response()->json(['message' => 'Login Failed. '. $request->input('ldaptest_user').' did not successfully bind to LDAP.'], 400);

-            // $results = $ldap->ldap->auth()->attempt($request->input('ldaptest_username'), $request->input('ldaptest_password'), true);
-            // can't do this because that's a protected property.
+                } catch (\Exception $e) {
+                    \Log::debug('LDAP login failed');
+                    return response()->json(['message' => $e->getMessage()], 400);
+                }

-            $results = $ldap->ldapLogin($request->input('ldaptest_user'), $request->input('ldaptest_password')); // this would normally create a user on success (if they didn't already exist), but for the transaction
-            if($results) {
-                return response()->json(['message' => 'It worked! '. $request->input('ldaptest_user').' successfully binded to LDAP.'], 200);
-            } else {
-                return response()->json(['message' => 'Login Failed. '. $request->input('ldaptest_user').' did not successfully bind to LDAP.'], 400);
+            } catch (\Exception $e) {
+                \Log::debug('Bind failed');
+                return response()->json(['message' => $e->getMessage()], 400);
+                //return response()->json(['message' => $e->getMessage()], 500);
            }
        } catch (\Exception $e) {
            \Log::debug('Connection failed');
-            return response()->json(['message' => $e->getMessage()], 400);
-        } finally {
-            DB::rollBack(); // ALWAYS rollback, whether success or failure
+            return response()->json(['message' => $e->getMessage()], 500);
        }


    }

-    public function slacktest(Request $request)
+    public function slacktest(SlackSettingsRequest $request)
    {

-        $slack = new Client([
-            'base_url' => e($request->input('slack_endpoint')),
-            'defaults' => [
-                'exceptions' => false
-            ]
+        $validator = Validator::make($request->all(), [
+            'slack_endpoint'                      => 'url|required_with:slack_channel|starts_with:https://hooks.slack.com/|nullable',
+            'slack_channel'                       => 'required_with:slack_endpoint|starts_with:#|nullable',
        ]);

-
-        $payload = json_encode(
-            [
-                'channel'    => e($request->input('slack_channel')),
-                'text'       => trans('general.slack_test_msg'),
-                'username'    => e($request->input('slack_botname')),
-                'icon_emoji' => ':heart:'
-            ]);
-
-        try {
-            $slack->post($request->input('slack_endpoint'),['body' => $payload]);
-            return response()->json(['message' => 'Success'], 200);
-        } catch (\Exception $e) {
-            return response()->json(['message' => 'Oops! Please check the channel name and webhook endpoint URL. Slack responded with: '.$e->getMessage()], 400);
+        if ($validator->fails()) {
+            return response()->json(['message' => 'Validation failed', 'errors' => $validator->errors()], 422);
        }

-        return response()->json(['message' => 'Something went wrong :( '], 400);
+        // If validation passes, continue to the curl request
+            $slack = new Client([
+                'base_url' => e($request->input('slack_endpoint')),
+                'defaults' => [
+                    'exceptions' => false,
+                ],
+            ]);

+            $payload = json_encode(
+                [
+                    'channel'    => e($request->input('slack_channel')),
+                    'text'       => trans('general.slack_test_msg'),
+                    'username'    => e($request->input('slack_botname')),
+                    'icon_emoji' => ':heart:',
+                ]);
+
+            try {
+                $slack->post($request->input('slack_endpoint'), ['body' => $payload]);
+                return response()->json(['message' => 'Success'], 200);
+
+            } catch (\Exception $e) {
+                return response()->json(['message' => 'Please check the channel name and webhook endpoint URL ('.e($request->input('slack_endpoint')).'). Slack responded with: '.$e->getMessage()], 400);
+            }
+
+        //} 
+        return response()->json(['message' => 'Something went wrong :( '], 400);
    }


@@ -224,23 +212,21 @@ class SettingsController extends Controller
     */
    public function purgeBarcodes()
    {
-
        $file_count = 0;
        $files = Storage::disk('public')->files('barcodes');

        foreach ($files as $file) { // iterate files

-            $file_parts = explode(".", $file);
+            $file_parts = explode('.', $file);
            $extension = end($file_parts);
            \Log::debug($extension);

            // Only generated barcodes would have a .png file extension
-            if ($extension =='png') {
-
+            if ($extension == 'png') {
                \Log::debug('Deleting: '.$file);


-                try  {
+                try {
                    Storage::disk('public')->delete($file);
                    \Log::debug('Deleting: '.$file);
                    $file_count++;
@@ -248,11 +234,9 @@ class SettingsController extends Controller
                    \Log::debug($e);
                }
            }
-
        }

        return response()->json(['message' => 'Deleted '.$file_count.' barcodes'], 200);
-
    }


@@ -269,20 +253,16 @@ class SettingsController extends Controller
     */
    public function showLoginAttempts(Request $request)
    {
-        $allowed_columns = ['id', 'username', 'remote_ip', 'user_agent','successful','created_at'];
+        $allowed_columns = ['id', 'username', 'remote_ip', 'user_agent', 'successful', 'created_at'];

-        $login_attempts =  DB::table('login_attempts');
+        $login_attempts = DB::table('login_attempts');
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->get('sort'), $allowed_columns) ? $request->get('sort') : 'created_at';

        $total = $login_attempts->count();
        $login_attempts->orderBy($sort, $order);
-        $login_attempt_results = $login_attempts->skip(request('offset', 0))->take(request('limit',  20))->get();
+        $login_attempt_results = $login_attempts->skip(request('offset', 0))->take(request('limit', 20))->get();

        return (new LoginAttemptsTransformer)->transformLoginAttempts($login_attempt_results, $total);
-
    }
-
-
-
-}
+}
@@ -22,7 +22,7 @@ class StatuslabelsController extends Controller
    public function index(Request $request)
    {
        $this->authorize('view', Statuslabel::class);
-        $allowed_columns = ['id','name','created_at', 'assets_count','color','default_label'];
+        $allowed_columns = ['id', 'name', 'created_at', 'assets_count', 'color', 'notes', 'default_label'];

        $statuslabels = Statuslabel::withCount('assets as assets_count');

@@ -30,6 +30,20 @@ class StatuslabelsController extends Controller
            $statuslabels = $statuslabels->TextSearch($request->input('search'));
        }

+
+        // if a status_type is passed, filter by that
+        if ($request->filled('status_type')) {
+            if (strtolower($request->input('status_type')) == 'pending') {
+                $statuslabels = $statuslabels->Pending();
+            } elseif (strtolower($request->input('status_type')) == 'archived') {
+                $statuslabels = $statuslabels->Archived();
+            } elseif (strtolower($request->input('status_type')) == 'deployable') {
+                $statuslabels = $statuslabels->Deployable();
+            } elseif (strtolower($request->input('status_type')) == 'undeployable') {
+                $statuslabels = $statuslabels->Undeployable();
+            }
+        }
+
        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
        // case we override with the actual count, so we should return 0 items.
        $offset = (($statuslabels) && ($request->get('offset') > $statuslabels->count())) ? $statuslabels->count() : $request->get('offset', 0);
@@ -43,6 +57,7 @@ class StatuslabelsController extends Controller

        $total = $statuslabels->count();
        $statuslabels = $statuslabels->skip($offset)->take($limit)->get();
+
        return (new StatuslabelsTransformer)->transformStatuslabels($statuslabels, $total);
    }

@@ -58,19 +73,23 @@ class StatuslabelsController extends Controller
    public function store(Request $request)
    {
        $this->authorize('create', Statuslabel::class);
-        $request->except('deployable', 'pending','archived');
+        $request->except('deployable', 'pending', 'archived');

-        if (!$request->filled('type')) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, ["type" => ["Status label type is required."]]),500);
+        if (! $request->filled('type')) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, ['type' => ['Status label type is required.']]), 500);
        }

        $statuslabel = new Statuslabel;
        $statuslabel->fill($request->all());

        $statusType = Statuslabel::getStatuslabelTypesForDB($request->input('type'));
-        $statuslabel->deployable        =  $statusType['deployable'];
-        $statuslabel->pending           =  $statusType['pending'];
-        $statuslabel->archived          =  $statusType['archived'];
+        $statuslabel->deployable = $statusType['deployable'];
+        $statuslabel->pending = $statusType['pending'];
+        $statuslabel->archived = $statusType['archived'];
+        $statuslabel->color             =  $request->input('color');
+        $statuslabel->show_in_nav       =  $request->input('show_in_nav', 0);
+        $statuslabel->default_label     =  $request->input('default_label', 0);
+

        if ($statuslabel->save()) {
            return response()->json(Helper::formatStandardApiResponse('success', $statuslabel, trans('admin/statuslabels/message.create.success')));
@@ -91,6 +110,7 @@ class StatuslabelsController extends Controller
    {
        $this->authorize('view', Statuslabel::class);
        $statuslabel = Statuslabel::findOrFail($id);
+
        return (new StatuslabelsTransformer)->transformStatuslabel($statuslabel);
    }

@@ -109,18 +129,22 @@ class StatuslabelsController extends Controller
        $this->authorize('update', Statuslabel::class);
        $statuslabel = Statuslabel::findOrFail($id);
        
-        $request->except('deployable', 'pending','archived');
+        $request->except('deployable', 'pending', 'archived');

-        if (!$request->filled('type')) {
+
+        if (! $request->filled('type')) {
            return response()->json(Helper::formatStandardApiResponse('error', null, 'Status label type is required.'));
        }

        $statuslabel->fill($request->all());

        $statusType = Statuslabel::getStatuslabelTypesForDB($request->input('type'));
-        $statuslabel->deployable        =  $statusType['deployable'];
-        $statuslabel->pending           =  $statusType['pending'];
-        $statuslabel->archived          =  $statusType['archived'];
+        $statuslabel->deployable = $statusType['deployable'];
+        $statuslabel->pending = $statusType['pending'];
+        $statuslabel->archived = $statusType['archived'];
+        $statuslabel->color             =  $request->input('color');
+        $statuslabel->show_in_nav       =  $request->input('show_in_nav', 0);
+        $statuslabel->default_label     =  $request->input('default_label', 0);

        if ($statuslabel->save()) {
            return response()->json(Helper::formatStandardApiResponse('success', $statuslabel, trans('admin/statuslabels/message.update.success')));
@@ -146,11 +170,11 @@ class StatuslabelsController extends Controller
        // Check that there are no assets associated
        if ($statuslabel->assets()->count() == 0) {
            $statuslabel->delete();
-            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/statuslabels/message.delete.success')));
+
+            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/statuslabels/message.delete.success')));
        }

        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/statuslabels/message.assoc_assets')));
-
    }


@@ -162,41 +186,40 @@ class StatuslabelsController extends Controller
     * @since [v3.0]
     * @return \Illuminate\Http\Response
     */
-
    public function getAssetCountByStatuslabel()
    {
        $this->authorize('view', Statuslabel::class);

        $statuslabels = Statuslabel::withCount('assets')->get();

-        $labels=[];
-        $points=[];
+        $labels = [];
+        $points = [];
        $default_color_count = 0;
-        $colors_array = array();
+        $colors_array = [];

        foreach ($statuslabels as $statuslabel) {
            if ($statuslabel->assets_count > 0) {
+                $labels[] = $statuslabel->name.' ('.number_format($statuslabel->assets_count).')';
+                $points[] = $statuslabel->assets_count;

-                $labels[]=$statuslabel->name. ' ('.number_format($statuslabel->assets_count).')';
-                $points[]=$statuslabel->assets_count;
-
-                if ($statuslabel->color!='') {
+                if ($statuslabel->color != '') {
                    $colors_array[] = $statuslabel->color;
                } else {
                    $colors_array[] = Helper::defaultChartColors($default_color_count);
-                    $default_color_count++;
                }
+                $default_color_count++;
            }
        }

-        $result= [
-            "labels" => $labels,
-            "datasets" => [ [
-                "data" => $points,
-                "backgroundColor" => $colors_array,
-                "hoverBackgroundColor" =>  $colors_array
-            ]]
+        $result = [
+            'labels' => $labels,
+            'datasets' => [[
+                'data' => $points,
+                'backgroundColor' => $colors_array,
+                'hoverBackgroundColor' =>  $colors_array,
+            ]],
        ];
+
        return $result;
    }

@@ -212,7 +235,7 @@ class StatuslabelsController extends Controller
    {
        $this->authorize('view', Statuslabel::class);
        $this->authorize('index', Asset::class);
-        $assets = Asset::where('status_id','=',$id)->with('assignedTo');
+        $assets = Asset::where('status_id', '=', $id)->with('assignedTo');

        $allowed_columns = [
            'id',
@@ -242,11 +265,12 @@ class StatuslabelsController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
-     * @return Bool
+     * @return bool
     */
-    public function checkIfDeployable($id) {
+    public function checkIfDeployable($id)
+    {
        $statuslabel = Statuslabel::findOrFail($id);
-        if ($statuslabel->getStatuslabelType()=='deployable') {
+        if ($statuslabel->getStatuslabelType() == 'deployable') {
            return '1';
        }

@@ -8,6 +8,7 @@ use App\Http\Transformers\SelectlistTransformer;
 use App\Http\Transformers\SuppliersTransformer;
 use App\Models\Supplier;
 use Illuminate\Http\Request;
+use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Storage;

 class SuppliersController extends Controller
@@ -22,10 +23,10 @@ class SuppliersController extends Controller
    public function index(Request $request)
    {
        $this->authorize('view', Supplier::class);
-        $allowed_columns = ['id','name','address','phone','contact','fax','email','image','assets_count','licenses_count', 'accessories_count','url'];
+        $allowed_columns = ['id', 'name', 'address', 'phone', 'contact', 'fax', 'email', 'image', 'assets_count', 'licenses_count', 'accessories_count', 'url'];
        
        $suppliers = Supplier::select(
-                array('id','name','address','address2','city','state','country','fax', 'phone','email','contact','created_at','updated_at','deleted_at','image','notes')
+                ['id', 'name', 'address', 'address2', 'city', 'state', 'country', 'fax', 'phone', 'email', 'contact', 'created_at', 'updated_at', 'deleted_at', 'image', 'notes']
            )->withCount('assets as assets_count')->withCount('licenses as licenses_count')->withCount('accessories as accessories_count');


@@ -46,6 +47,7 @@ class SuppliersController extends Controller

        $total = $suppliers->count();
        $suppliers = $suppliers->skip($offset)->take($limit)->get();
+
        return (new SuppliersTransformer)->transformSuppliers($suppliers, $total);
    }

@@ -55,14 +57,15 @@ class SuppliersController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest  $request
     * @return \Illuminate\Http\Response
     */
-    public function store(Request $request)
+    public function store(ImageUploadRequest $request)
    {
        $this->authorize('create', Supplier::class);
        $supplier = new Supplier;
        $supplier->fill($request->all());
+        $supplier = $request->handleImages($supplier);

        if ($supplier->save()) {
            return response()->json(Helper::formatStandardApiResponse('success', $supplier, trans('admin/suppliers/message.create.success')));
@@ -83,6 +86,7 @@ class SuppliersController extends Controller
    {
        $this->authorize('view', Supplier::class);
        $supplier = Supplier::findOrFail($id);
+
        return (new SuppliersTransformer)->transformSupplier($supplier);
    }

@@ -92,15 +96,16 @@ class SuppliersController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
-     * @param  \Illuminate\Http\Request  $request
+     * @param  \App\Http\Requests\ImageUploadRequest  $request
     * @param  int  $id
     * @return \Illuminate\Http\Response
     */
-    public function update(Request $request, $id)
+    public function update(ImageUploadRequest $request, $id)
    {
        $this->authorize('update', Supplier::class);
        $supplier = Supplier::findOrFail($id);
        $supplier->fill($request->all());
+        $supplier = $request->handleImages($supplier);

        if ($supplier->save()) {
            return response()->json(Helper::formatStandardApiResponse('success', $supplier, trans('admin/suppliers/message.update.success')));
@@ -120,16 +125,16 @@ class SuppliersController extends Controller
    public function destroy($id)
    {
        $this->authorize('delete', Supplier::class);
-        $supplier = Supplier::with('asset_maintenances', 'assets', 'licenses')->withCount('asset_maintenances as asset_maintenances_count','assets as assets_count', 'licenses as licenses_count')->findOrFail($id);
+        $supplier = Supplier::with('asset_maintenances', 'assets', 'licenses')->withCount('asset_maintenances as asset_maintenances_count', 'assets as assets_count', 'licenses as licenses_count')->findOrFail($id);
        $this->authorize('delete', $supplier);


        if ($supplier->assets_count > 0) {
-            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/suppliers/message.delete.assoc_assets', ['asset_count' => (int) $supplier->assets_count])));
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/suppliers/message.delete.assoc_assets', ['asset_count' => (int) $supplier->assets_count])));
        }

        if ($supplier->asset_maintenances_count > 0) {
-            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/suppliers/message.delete.assoc_maintenances', ['asset_maintenances_count' => $supplier->asset_maintenances_count])));
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/suppliers/message.delete.assoc_maintenances', ['asset_maintenances_count' => $supplier->asset_maintenances_count])));
        }

        if ($supplier->licenses_count > 0) {
@@ -137,8 +142,8 @@ class SuppliersController extends Controller
        }

        $supplier->delete();
-        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/suppliers/message.delete.success')));

+        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/suppliers/message.delete.success')));
    }

    /**
@@ -147,11 +152,12 @@ class SuppliersController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0.16]
     * @see \App\Http\Transformers\SelectlistTransformer
-     *
     */
    public function selectlist(Request $request)
    {

+        $this->authorize('view.selectlists');
+
        $suppliers = Supplier::select([
            'id',
            'name',
@@ -173,7 +179,5 @@ class SuppliersController extends Controller
        }

        return (new SelectlistTransformer)->transformSelectlist($suppliers);
-
    }
-
 }
@@ -7,6 +7,7 @@ use App\Http\Controllers\Controller;
 use App\Http\Requests\SaveUserRequest;
 use App\Http\Transformers\AccessoriesTransformer;
 use App\Http\Transformers\AssetsTransformer;
+use App\Http\Transformers\ConsumablesTransformer;
 use App\Http\Transformers\LicensesTransformer;
 use App\Http\Transformers\SelectlistTransformer;
 use App\Http\Transformers\UsersTransformer;
@@ -16,6 +17,7 @@ use App\Models\License;
 use App\Models\User;
 use Auth;
 use Illuminate\Http\Request;
+use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Storage;

 class UsersController extends Controller
@@ -61,19 +63,24 @@ class UsersController extends Controller
            'users.updated_at',
            'users.username',
            'users.zip',
+            'users.remote',
            'users.ldap_import',

-        ])->with('manager', 'groups', 'userloc', 'company', 'department','assets','licenses','accessories','consumables')
-            ->withCount('assets as assets_count','licenses as licenses_count','accessories as accessories_count','consumables as consumables_count');
+        ])->with('manager', 'groups', 'userloc', 'company', 'department', 'assets', 'licenses', 'accessories', 'consumables')
+            ->withCount('assets as assets_count', 'licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count');
        $users = Company::scopeCompanyables($users);


-        if (($request->filled('deleted')) && ($request->input('deleted')=='true')) {
+        if (($request->filled('deleted')) && ($request->input('deleted') == 'true')) {
            $users = $users->onlyTrashed();
-        } elseif (($request->filled('all')) && ($request->input('all')=='true')) {
+        } elseif (($request->filled('all')) && ($request->input('all') == 'true')) {
            $users = $users->withTrashed();
        }

+        if ($request->filled('activated')) {
+            $users = $users->where('users.activated', '=', $request->input('activated'));
+        }
+
        if ($request->filled('company_id')) {
            $users = $users->where('users.company_id', '=', $request->input('company_id'));
        }
@@ -90,12 +97,64 @@ class UsersController extends Controller
            $users = $users->where('users.username', '=', $request->input('username'));
        }

+        if ($request->filled('first_name')) {
+            $users = $users->where('users.first_name', '=', $request->input('first_name'));
+        }
+
+        if ($request->filled('last_name')) {
+            $users = $users->where('users.last_name', '=', $request->input('last_name'));
+        }
+
+        if ($request->filled('employee_num')) {
+            $users = $users->where('users.employee_num', '=', $request->input('employee_num'));
+        }
+
+        if ($request->filled('state')) {
+            $users = $users->where('users.state', '=', $request->input('state'));
+        }
+
+        if ($request->filled('country')) {
+            $users = $users->where('users.country', '=', $request->input('country'));
+        }
+
+        if ($request->filled('zip')) {
+            $users = $users->where('users.zip', '=', $request->input('zip'));
+        }
+
        if ($request->filled('group_id')) {
            $users = $users->ByGroup($request->get('group_id'));
        }

        if ($request->filled('department_id')) {
-            $users = $users->where('users.department_id','=',$request->input('department_id'));
+            $users = $users->where('users.department_id', '=', $request->input('department_id'));
+        }
+
+        if ($request->filled('manager_id')) {
+            $users = $users->where('users.manager_id','=',$request->input('manager_id'));
+        }
+
+        if ($request->filled('ldap_import')) {
+            $users = $users->where('ldap_import', '=', $request->input('ldap_import'));
+        }
+
+        if ($request->filled('remote')) {
+            $users = $users->where('remote', '=', $request->input('remote'));
+        }
+
+        if ($request->filled('assets_count')) {
+           $users->has('assets', '=', $request->input('assets_count'));
+        }
+
+        if ($request->filled('consumables_count')) {
+            $users->has('consumables', '=', $request->input('consumables_count'));
+        }
+
+        if ($request->filled('licenses_count')) {
+            $users->has('licenses', '=', $request->input('licenses_count'));
+        }
+
+        if ($request->filled('accessories_count')) {
+            $users->has('accessories', '=', $request->input('accessories_count'));
        }

        if ($request->filled('search')) {
@@ -129,11 +188,11 @@ class UsersController extends Controller
            default:
                $allowed_columns =
                    [
-                        'last_name','first_name','email','jobtitle','username','employee_num',
-                        'assets','accessories', 'consumables','licenses','groups','activated','created_at',
-                        'two_factor_enrolled','two_factor_optin','last_login', 'assets_count', 'licenses_count',
+                        'last_name', 'first_name', 'email', 'jobtitle', 'username', 'employee_num',
+                        'assets', 'accessories', 'consumables', 'licenses', 'groups', 'activated', 'created_at',
+                        'two_factor_enrolled', 'two_factor_optin', 'last_login', 'assets_count', 'licenses_count',
                        'consumables_count', 'accessories_count', 'phone', 'address', 'city', 'state',
-                        'country', 'zip', 'id', 'ldap_import'
+                        'country', 'zip', 'id', 'ldap_import', 'remote',
                    ];

                $sort = in_array($request->get('sort'), $allowed_columns) ? $request->get('sort') : 'first_name';
@@ -141,24 +200,21 @@ class UsersController extends Controller
                break;
        }

-
        $total = $users->count();
        $users = $users->skip($offset)->take($limit)->get();
+
        return (new UsersTransformer)->transformUsers($users, $total);
    }

-
    /**
     * Gets a paginated collection for the select2 menus
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0.16]
     * @see \App\Http\Transformers\SelectlistTransformer
-     *
     */
    public function selectlist(Request $request)
    {
-
        $users = User::select(
            [
                'users.id',
@@ -185,16 +241,16 @@ class UsersController extends Controller

        foreach ($users as $user) {
            $name_str = '';
-            if ($user->last_name!='') {
+            if ($user->last_name != '') {
                $name_str .= $user->last_name.', ';
            }
            $name_str .= $user->first_name;

-            if ($user->username!='') {
+            if ($user->username != '') {
                $name_str .= ' ('.$user->username.')';
            }

-            if ($user->employee_num!='') {
+            if ($user->employee_num != '') {
                $name_str .= ' - #'.$user->employee_num;
            }

@@ -203,7 +259,6 @@ class UsersController extends Controller
        }

        return (new SelectlistTransformer)->transformSelectlist($users);
-
    }


@@ -224,29 +279,30 @@ class UsersController extends Controller
        $user->fill($request->all());

        if ($request->has('permissions')) {
-
            $permissions_array = $request->input('permissions');

            // Strip out the superuser permission if the API user isn't a superadmin
-            if (!Auth::user()->isSuperUser()) {
+            if (! Auth::user()->isSuperUser()) {
                unset($permissions_array['superuser']);
            }
-            $user->permissions =  $permissions_array;
+            $user->permissions = $permissions_array;
        }

-        $tmp_pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
+        $tmp_pass = substr(str_shuffle('0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'), 0, 20);
        $user->password = bcrypt($request->get('password', $tmp_pass));

-
+        app('App\Http\Requests\ImageUploadRequest')->handleImages($user, 600, 'image', 'avatars', 'avatar');
+        
        if ($user->save()) {
            if ($request->filled('groups')) {
                $user->groups()->sync($request->input('groups'));
            } else {
-                $user->groups()->sync(array());
+                $user->groups()->sync([]);
            }
-            
+
            return response()->json(Helper::formatStandardApiResponse('success', (new UsersTransformer)->transformUser($user), trans('admin/users/message.success.create')));
        }
+
        return response()->json(Helper::formatStandardApiResponse('error', null, $user->getErrors()));
    }

@@ -260,7 +316,8 @@ class UsersController extends Controller
    public function show($id)
    {
        $this->authorize('view', User::class);
-        $user = User::withCount('assets as assets_count','licenses as licenses_count','accessories as accessories_count','consumables as consumables_count')->findOrFail($id);
+        $user = User::withCount('assets as assets_count', 'licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count')->findOrFail($id);
+
        return (new UsersTransformer)->transformUser($user);
    }

@@ -280,9 +337,15 @@ class UsersController extends Controller

        $user = User::findOrFail($id);

-        // This is a janky hack to prevent people from changing admin demo user data on the public demo.
-        // The $ids 1 and 2 are special since they are seeded as superadmins in the demo seeder.
-        // Thanks, jerks. You are why we can't have nice things. - snipe
+        /**
+         * This is a janky hack to prevent people from changing admin demo user data on the public demo.
+         * 
+         * The $ids 1 and 2 are special since they are seeded as superadmins in the demo seeder.
+         * 
+         *  Thanks, jerks. You are why we can't have nice things. - snipe
+         * 
+         */ 
+

        if ((($id == 1) || ($id == 2)) && (config('app.lock_passwords'))) {
            return response()->json(Helper::formatStandardApiResponse('error', null, 'Permission denied. You cannot update user information via API on the demo.'));
@@ -290,7 +353,7 @@ class UsersController extends Controller


        $user->fill($request->all());
-
+        
        if ($user->id == $request->input('manager_id')) {
            return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot be your own manager'));
        }
@@ -303,23 +366,24 @@ class UsersController extends Controller
        // here because we need to overwrite permissions
        // if someone needs to null them out
        if ($request->has('permissions')) {
-
            $permissions_array = $request->input('permissions');

            // Strip out the superuser permission if the API user isn't a superadmin
-            if (!Auth::user()->isSuperUser()) {
+            if (! Auth::user()->isSuperUser()) {
                unset($permissions_array['superuser']);
            }
-            $user->permissions =  $permissions_array;
+            $user->permissions = $permissions_array;
        }



-
        // Update the location of any assets checked out to this user
        Asset::where('assigned_type', User::class)
            ->where('assigned_to', $user->id)->update(['location_id' => $request->input('location_id', null)]);

+        
+        app('App\Http\Requests\ImageUploadRequest')->handleImages($user, 600, 'image', 'avatars', 'avatar');
+          
        if ($user->save()) {

            // Sync group memberships:
@@ -332,8 +396,8 @@ class UsersController extends Controller
            if ($request->filled('groups')) {
                $user->groups()->sync($request->input('groups'));
            // The groups field has been passed but it is null, so we should blank it out
-            } elseif ($request->has('groups'))  {
-                $user->groups()->sync(array());
+            } elseif ($request->has('groups')) {
+                $user->groups()->sync([]);
            }


@@ -357,36 +421,37 @@ class UsersController extends Controller
        $user = User::findOrFail($id);
        $this->authorize('delete', $user);

-
        if (($user->assets) && ($user->assets->count() > 0)) {
-            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/users/message.error.delete_has_assets')));
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.error.delete_has_assets')));
        }

        if (($user->licenses) && ($user->licenses->count() > 0)) {
-            return response()->json(Helper::formatStandardApiResponse('error', null,  'This user still has ' . $user->licenses->count() . ' license(s) associated with them and cannot be deleted.'));
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'This user still has '.$user->licenses->count().' license(s) associated with them and cannot be deleted.'));
        }

        if (($user->accessories) && ($user->accessories->count() > 0)) {
-            return response()->json(Helper::formatStandardApiResponse('error', null,  'This user still has ' . $user->accessories->count() . ' accessories associated with them.'));
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'This user still has '.$user->accessories->count().' accessories associated with them.'));
        }

        if (($user->managedLocations()) && ($user->managedLocations()->count() > 0)) {
-            return response()->json(Helper::formatStandardApiResponse('error', null,  'This user still has ' . $user->managedLocations()->count() . ' locations that they manage.'));
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'This user still has '.$user->managedLocations()->count().' locations that they manage.'));
        }

        if ($user->delete()) {

            // Remove the user's avatar if they have one
            if (Storage::disk('public')->exists('avatars/'.$user->avatar)) {
-                try  {
+                try {
                    Storage::disk('public')->delete('avatars/'.$user->avatar);
                } catch (\Exception $e) {
                    \Log::debug($e);
-               }
+                }
            }
-            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/users/message.success.delete')));
+
+            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/users/message.success.delete')));
        }
-        return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/users/message.error.delete')));
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.error.delete')));
    }

    /**
@@ -397,12 +462,31 @@ class UsersController extends Controller
     * @param $userId
     * @return string JSON
     */
-    public function assets($id)
+    public function assets(Request $request, $id)
    {
        $this->authorize('view', User::class);
        $this->authorize('view', Asset::class);
        $assets = Asset::where('assigned_to', '=', $id)->where('assigned_type', '=', User::class)->with('model')->get();
-        return (new AssetsTransformer)->transformAssets($assets, $assets->count());
+
+        return (new AssetsTransformer)->transformAssets($assets, $assets->count(), $request);
+    }
+
+
+    /**
+     * Return JSON containing a list of consumables assigned to a user.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @param $userId
+     * @return string JSON
+     */
+    public function consumables(Request $request, $id)
+    {
+        $this->authorize('view', User::class);
+        $this->authorize('view', Consumable::class);
+        $user = User::findOrFail($id);
+        $consumables = $user->consumables;
+        return (new ConsumablesTransformer)->transformConsumables($consumables, $consumables->count(), $request);
    }

    /**
@@ -419,6 +503,7 @@ class UsersController extends Controller
        $user = User::findOrFail($id);
        $this->authorize('view', Accessory::class);
        $accessories = $user->accessories;
+
        return (new AccessoriesTransformer)->transformAccessories($accessories, $accessories->count());
    }

@@ -436,12 +521,11 @@ class UsersController extends Controller
        $this->authorize('view', License::class);
        $user = User::where('id', $id)->withTrashed()->first();
        $licenses = $user->licenses()->get();
+
        return (new LicensesTransformer())->transformLicenses($licenses, $licenses->count());
    }

    /**
-
-
     * Reset the user's two-factor status
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
@@ -451,7 +535,6 @@ class UsersController extends Controller
     */
    public function postTwoFactorReset(Request $request)
    {
-
        $this->authorize('update', User::class);

        if ($request->filled('id')) {
@@ -460,6 +543,7 @@ class UsersController extends Controller
                $user->two_factor_secret = null;
                $user->two_factor_enrolled = 0;
                $user->save();
+
                return response()->json(['message' => trans('admin/settings/general.two_factor_reset_success')], 200);
            } catch (\Exception $e) {
                return response()->json(['message' => trans('admin/settings/general.two_factor_reset_error')], 500);
@@ -467,6 +551,7 @@ class UsersController extends Controller
        }
        return response()->json(['message' => 'No ID provided'], 500);

+
    }

    /**
@@ -481,4 +566,28 @@ class UsersController extends Controller
    {
        return (new UsersTransformer)->transformUser($request->user());
    }
+
+    /**
+     * Restore a soft-deleted user.
+     *
+     * @author [E. Taylor] [<dev@evantaylor.name>]
+     * @param int $userId
+     * @since [v6.0.0]
+     * @return JsonResponse
+     */
+    public function restore($userId = null)
+    {
+        // Get asset information
+        $user = User::withTrashed()->find($userId);
+        $this->authorize('delete', $user);
+        if (isset($user->id)) {
+            // Restore the user
+            User::withTrashed()->where('id', $userId)->restore();
+
+            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/users/message.success.restored')));
+        }
+        
+        $id = $userId;
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.user_not_found', compact('id'))), 200);
+    }
 }
@@ -1,4 +1,5 @@
 <?php
+
 namespace App\Http\Controllers;

 use App\Helpers\Helper;
@@ -21,7 +22,6 @@ use View;
 */
 class AssetMaintenancesController extends Controller
 {
-
    /**
    * Checks for permissions for this action.
    *
@@ -50,11 +50,10 @@ class AssetMaintenancesController extends Controller
    */
    public function index()
    {
+        $this->authorize('view', Asset::class);
        return view('asset_maintenances/index');
    }

-
-
    /**
     *  Returns a form view to create a new asset maintenance.
     *
@@ -66,6 +65,7 @@ class AssetMaintenancesController extends Controller
     */
    public function create()
    {
+        $this->authorize('update', Asset::class);
        $asset = null;

        if ($asset = Asset::find(request('asset_id'))) {
@@ -96,32 +96,33 @@ class AssetMaintenancesController extends Controller
    */
    public function store(Request $request)
    {
+        $this->authorize('update', Asset::class);
        // create a new model instance
        $assetMaintenance = new AssetMaintenance();
        $assetMaintenance->supplier_id = $request->input('supplier_id');
        $assetMaintenance->is_warranty = $request->input('is_warranty');
-        $assetMaintenance->cost =  $request->input('cost');
+        $assetMaintenance->cost = Helper::ParseCurrency($request->input('cost'));
        $assetMaintenance->notes = $request->input('notes');
        $asset = Asset::find($request->input('asset_id'));

-        if ((!Company::isCurrentUserHasAccess($asset)) && ($asset!=null)) {
+        if ((! Company::isCurrentUserHasAccess($asset)) && ($asset != null)) {
            return static::getInsufficientPermissionsRedirect();
        }

        // Save the asset maintenance data
-        $assetMaintenance->asset_id               = $request->input('asset_id');
+        $assetMaintenance->asset_id = $request->input('asset_id');
        $assetMaintenance->asset_maintenance_type = $request->input('asset_maintenance_type');
-        $assetMaintenance->title                  = $request->input('title');
-        $assetMaintenance->start_date             = $request->input('start_date');
-        $assetMaintenance->completion_date        = $request->input('completion_date');
-        $assetMaintenance->user_id                = Auth::id();
+        $assetMaintenance->title = $request->input('title');
+        $assetMaintenance->start_date = $request->input('start_date');
+        $assetMaintenance->completion_date = $request->input('completion_date');
+        $assetMaintenance->user_id = Auth::id();

-        if (( $assetMaintenance->completion_date !== null )
-            && ( $assetMaintenance->start_date !== "" )
-            && ( $assetMaintenance->start_date !== "0000-00-00" )
+        if (($assetMaintenance->completion_date !== null)
+            && ($assetMaintenance->start_date !== '')
+            && ($assetMaintenance->start_date !== '0000-00-00')
        ) {
-            $startDate                                = Carbon::parse($assetMaintenance->start_date);
-            $completionDate                           = Carbon::parse($assetMaintenance->completion_date);
+            $startDate = Carbon::parse($assetMaintenance->start_date);
+            $completionDate = Carbon::parse($assetMaintenance->completion_date);
            $assetMaintenance->asset_maintenance_time = $completionDate->diffInDays($startDate);
        }

@@ -133,7 +134,6 @@ class AssetMaintenancesController extends Controller
        }

        return redirect()->back()->withInput()->withErrors($assetMaintenance->getErrors());
-
    }

    /**
@@ -148,16 +148,16 @@ class AssetMaintenancesController extends Controller
    */
    public function edit($assetMaintenanceId = null)
    {
+        $this->authorize('update', Asset::class);
        // Check if the asset maintenance exists
        if (is_null($assetMaintenance = AssetMaintenance::find($assetMaintenanceId))) {
            // Redirect to the improvement management page
            return redirect()->route('maintenances.index')
                           ->with('error', trans('admin/asset_maintenances/message.not_found'));
-        } elseif (!$assetMaintenance->asset) {
+        } elseif (! $assetMaintenance->asset) {
            return redirect()->route('maintenances.index')
                ->with('error', 'The asset associated with this maintenance does not exist.');
-
-        } elseif (!Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
+        } elseif (! Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
            return static::getInsufficientPermissionsRedirect();
        }

@@ -184,7 +184,6 @@ class AssetMaintenancesController extends Controller
                   ->with('selectedAsset', null)
                   ->with('assetMaintenanceType', $assetMaintenanceType)
                   ->with('item', $assetMaintenance);
-
    }

    /**
@@ -200,48 +199,49 @@ class AssetMaintenancesController extends Controller
     */
    public function update(Request $request, $assetMaintenanceId = null)
    {
+        $this->authorize('update', Asset::class);
        // Check if the asset maintenance exists
        if (is_null($assetMaintenance = AssetMaintenance::find($assetMaintenanceId))) {
            // Redirect to the asset maintenance management page
            return redirect()->route('maintenances.index')
                           ->with('error', trans('admin/asset_maintenances/message.not_found'));
-        } elseif (!Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
+        } elseif (! Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
            return static::getInsufficientPermissionsRedirect();
        }

-        $assetMaintenance->supplier_id = e($request->input('supplier_id'));
-        $assetMaintenance->is_warranty = e($request->input('is_warranty'));
-        $assetMaintenance->cost =  Helper::ParseFloat(e($request->input('cost')));
-        $assetMaintenance->notes = e($request->input('notes'));
+        $assetMaintenance->supplier_id = $request->input('supplier_id');
+        $assetMaintenance->is_warranty = $request->input('is_warranty');
+        $assetMaintenance->cost =  Helper::ParseCurrency($request->input('cost'));
+        $assetMaintenance->notes = $request->input('notes');

        $asset = Asset::find(request('asset_id'));

-        if (!Company::isCurrentUserHasAccess($asset)) {
+        if (! Company::isCurrentUserHasAccess($asset)) {
            return static::getInsufficientPermissionsRedirect();
        }

        // Save the asset maintenance data
-        $assetMaintenance->asset_id               = $request->input('asset_id');
+        $assetMaintenance->asset_id = $request->input('asset_id');
        $assetMaintenance->asset_maintenance_type = $request->input('asset_maintenance_type');
-        $assetMaintenance->title                  = $request->input('title');
-        $assetMaintenance->start_date             = $request->input('start_date');
-        $assetMaintenance->completion_date        = $request->input('completion_date');
+        $assetMaintenance->title = $request->input('title');
+        $assetMaintenance->start_date = $request->input('start_date');
+        $assetMaintenance->completion_date = $request->input('completion_date');

-        if (( $assetMaintenance->completion_date == null )
+        if (($assetMaintenance->completion_date == null)
        ) {
-            if (( $assetMaintenance->asset_maintenance_time !== 0 )
-              || ( !is_null($assetMaintenance->asset_maintenance_time) )
+            if (($assetMaintenance->asset_maintenance_time !== 0)
+              || (! is_null($assetMaintenance->asset_maintenance_time))
            ) {
                $assetMaintenance->asset_maintenance_time = null;
            }
        }

-        if (( $assetMaintenance->completion_date !== null )
-          && ( $assetMaintenance->start_date !== "" )
-          && ( $assetMaintenance->start_date !== "0000-00-00" )
+        if (($assetMaintenance->completion_date !== null)
+          && ($assetMaintenance->start_date !== '')
+          && ($assetMaintenance->start_date !== '0000-00-00')
        ) {
-            $startDate                                = Carbon::parse($assetMaintenance->start_date);
-            $completionDate                           = Carbon::parse($assetMaintenance->completion_date);
+            $startDate = Carbon::parse($assetMaintenance->start_date);
+            $completionDate = Carbon::parse($assetMaintenance->completion_date);
            $assetMaintenance->asset_maintenance_time = $completionDate->diffInDays($startDate);
        }

@@ -252,6 +252,7 @@ class AssetMaintenancesController extends Controller
            return redirect()->route('maintenances.index')
                         ->with('success', trans('admin/asset_maintenances/message.edit.success'));
        }
+
        return redirect()->back()->withInput()->withErrors($assetMaintenance->getErrors());
    }

@@ -266,12 +267,13 @@ class AssetMaintenancesController extends Controller
    */
    public function destroy($assetMaintenanceId)
    {
+        $this->authorize('update', Asset::class);
        // Check if the asset maintenance exists
        if (is_null($assetMaintenance = AssetMaintenance::find($assetMaintenanceId))) {
            // Redirect to the asset maintenance management page
            return redirect()->route('maintenances.index')
                           ->with('error', trans('admin/asset_maintenances/message.not_found'));
-        } elseif (!Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
+        } elseif (! Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
            return static::getInsufficientPermissionsRedirect();
        }

@@ -294,12 +296,14 @@ class AssetMaintenancesController extends Controller
    */
    public function show($assetMaintenanceId)
    {
+        $this->authorize('view', Asset::class);
+
        // Check if the asset maintenance exists
        if (is_null($assetMaintenance = AssetMaintenance::find($assetMaintenanceId))) {
            // Redirect to the asset maintenance management page
            return redirect()->route('maintenances.index')
                           ->with('error', trans('admin/asset_maintenances/message.not_found'));
-        } elseif (!Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
+        } elseif (! Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
            return static::getInsufficientPermissionsRedirect();
        }

@@ -1,4 +1,5 @@
 <?php
+
 namespace App\Http\Controllers;

 use App\Helpers\Helper;
@@ -10,7 +11,6 @@ use Illuminate\Support\Facades\View;
 use Redirect;
 use Request;
 use Storage;
-
 use Symfony\Component\HttpFoundation\JsonResponse;

 /**
@@ -34,6 +34,7 @@ class AssetModelsController extends Controller
    public function index()
    {
        $this->authorize('index', AssetModel::class);
+
        return view('models/index');
    }

@@ -48,12 +49,12 @@ class AssetModelsController extends Controller
    public function create()
    {
        $this->authorize('create', AssetModel::class);
+
        return view('models/edit')->with('category_type', 'asset')
            ->with('depreciation_list', Helper::depreciationList())
            ->with('item', new AssetModel);
    }

-
    /**
     * Validate and process the new Asset Model data.
     *
@@ -65,7 +66,6 @@ class AssetModelsController extends Controller
     */
    public function store(ImageUploadRequest $request)
    {
-
        $this->authorize('create', AssetModel::class);
        // Create a new asset model
        $model = new AssetModel;
@@ -73,29 +73,30 @@ class AssetModelsController extends Controller
        // Save the model data
        $model->eol = $request->input('eol');
        $model->depreciation_id = $request->input('depreciation_id');
-        $model->name                = $request->input('name');
-        $model->model_number        = $request->input('model_number');
-        $model->manufacturer_id     = $request->input('manufacturer_id');
-        $model->category_id         = $request->input('category_id');
-        $model->notes               = $request->input('notes');
-        $model->user_id             = Auth::id();
-        $model->requestable         = Request::has('requestable');
+        $model->name = $request->input('name');
+        $model->model_number = $request->input('model_number');
+        $model->manufacturer_id = $request->input('manufacturer_id');
+        $model->category_id = $request->input('category_id');
+        $model->notes = $request->input('notes');
+        $model->user_id = Auth::id();
+        $model->requestable = Request::has('requestable');

-        if ($request->input('custom_fieldset')!='') {
+        if ($request->input('custom_fieldset') != '') {
            $model->fieldset_id = e($request->input('custom_fieldset'));
        }

        $model = $request->handleImages($model);

-            // Was it created?
+        // Was it created?
        if ($model->save()) {
            if ($this->shouldAddDefaultValues($request->input())) {
                $this->assignCustomFieldsDefaultValues($model, $request->input('default_values'));
            }

            // Redirect to the new model  page
-            return redirect()->route("models.index")->with('success', trans('admin/models/message.create.success'));
+            return redirect()->route('models.index')->with('success', trans('admin/models/message.create.success'));
        }
+
        return redirect()->back()->withInput()->withErrors($model->getErrors());
    }

@@ -113,13 +114,13 @@ class AssetModelsController extends Controller
        $this->authorize('update', AssetModel::class);
        if ($item = AssetModel::find($modelId)) {
            $category_type = 'asset';
-            $view = View::make('models/edit', compact('item','category_type'));
+            $view = View::make('models/edit', compact('item', 'category_type'));
            $view->with('depreciation_list', Helper::depreciationList());
+
            return $view;
        }

        return redirect()->route('models.index')->with('error', trans('admin/models/message.does_not_exist'));
-
    }


@@ -145,20 +146,18 @@ class AssetModelsController extends Controller

        $model = $request->handleImages($model);

-        $model->depreciation_id     = $request->input('depreciation_id');
-        $model->eol                 = $request->input('eol');
-        $model->name                = $request->input('name');
-        $model->model_number        = $request->input('model_number');
-        $model->manufacturer_id     = $request->input('manufacturer_id');
-        $model->category_id         = $request->input('category_id');
-        $model->notes               = $request->input('notes');
-        $model->requestable         = $request->input('requestable', '0');
-
-
+        $model->depreciation_id = $request->input('depreciation_id');
+        $model->eol = $request->input('eol');
+        $model->name = $request->input('name');
+        $model->model_number = $request->input('model_number');
+        $model->manufacturer_id = $request->input('manufacturer_id');
+        $model->category_id = $request->input('category_id');
+        $model->notes = $request->input('notes');
+        $model->requestable = $request->input('requestable', '0');

        $this->removeCustomFieldsDefaultValues($model);

-        if ($request->input('custom_fieldset')=='') {
+        if ($request->input('custom_fieldset') == '') {
            $model->fieldset_id = null;
        } else {
            $model->fieldset_id = $request->input('custom_fieldset');
@@ -168,10 +167,10 @@ class AssetModelsController extends Controller
            }
        }

-
        if ($model->save()) {
-            return redirect()->route("models.index")->with('success', trans('admin/models/message.update.success'));
+            return redirect()->route('models.index')->with('success', trans('admin/models/message.update.success'));
        }
+
        return redirect()->back()->withInput()->withErrors($model->getErrors());
    }

@@ -199,7 +198,7 @@ class AssetModelsController extends Controller
        }

        if ($model->image) {
-            try  {
+            try {
                Storage::disk('public')->delete('models/'.$model->image);
            } catch (\Exception $e) {
                \Log::info($e);
@@ -213,7 +212,6 @@ class AssetModelsController extends Controller
        return redirect()->route('models.index')->with('success', trans('admin/models/message.delete.success'));
    }

-
    /**
     * Restore a given Asset Model (mark as un-deleted)
     *
@@ -231,6 +229,7 @@ class AssetModelsController extends Controller

        if (isset($model->id)) {
            $model->restore();
+
            return redirect()->route('models.index')->with('success', trans('admin/models/message.restore.success'));
        }
        return redirect()->back()->with('error', trans('admin/models/message.not_found'));
@@ -260,15 +259,16 @@ class AssetModelsController extends Controller
    }

    /**
-    * Get the clone page to clone a model
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @since [v1.0]
-    * @param int $modelId
-    * @return View
-    */
+     * Get the clone page to clone a model
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @param int $modelId
+     * @return View
+     */
    public function getClone($modelId = null)
    {
+        $this->authorize('create', AssetModel::class);
        // Check if the model exists
        if (is_null($model_to_clone = AssetModel::find($modelId))) {
            return redirect()->route('models.index')->with('error', trans('admin/models/message.does_not_exist'));
@@ -286,21 +286,20 @@ class AssetModelsController extends Controller


    /**
-    * Get the custom fields form
-    *
-    * @author [B. Wetherington] [<uberbrady@gmail.com>]
-    * @since [v2.0]
-    * @param int $modelId
-    * @return View
-    */
+     * Get the custom fields form
+     *
+     * @author [B. Wetherington] [<uberbrady@gmail.com>]
+     * @since [v2.0]
+     * @param int $modelId
+     * @return View
+     */
    public function getCustomFields($modelId)
    {
-        return view("models.custom_fields_form")->with("model", AssetModel::find($modelId));
+        return view('models.custom_fields_form')->with('model', AssetModel::find($modelId));
    }



-
    /**
     * Returns a view that allows the user to bulk edit model attrbutes
     *
@@ -310,28 +309,25 @@ class AssetModelsController extends Controller
     */
    public function postBulkEdit(Request $request)
    {
-
        $models_raw_array = $request->input('ids');

        // Make sure some IDs have been selected
        if ((is_array($models_raw_array)) && (count($models_raw_array) > 0)) {
-
-
            $models = AssetModel::whereIn('id', $models_raw_array)->withCount('assets as assets_count')->orderBy('assets_count', 'ASC')->get();

            // If deleting....
-            if ($request->input('bulk_actions')=='delete') {
+            if ($request->input('bulk_actions') == 'delete') {
                $valid_count = 0;
                foreach ($models as $model) {
                    if ($model->assets_count == 0) {
                        $valid_count++;
                    }
                }
+
                return view('models/bulk-delete', compact('models'))->with('valid_count', $valid_count);

            // Otherwise display the bulk edit screen
            } else {
-
                $nochange = ['NC' => 'No Change'];
                $fieldset_list = $nochange + Helper::customFieldsetList();
                $depreciation_list = $nochange + Helper::depreciationList();
@@ -340,12 +336,10 @@ class AssetModelsController extends Controller
                    ->with('fieldset_list', $fieldset_list)
                    ->with('depreciation_list', $depreciation_list);
            }
-
        }

        return redirect()->route('models.index')
            ->with('error', 'You must select at least one model to edit.');
-
    }


@@ -359,35 +353,33 @@ class AssetModelsController extends Controller
     */
    public function postBulkEditSave(Request $request)
    {
-
        $models_raw_array = $request->input('ids');
-        $update_array = array();
+        $update_array = [];


-        if (($request->filled('manufacturer_id') && ($request->input('manufacturer_id')!='NC'))) {
+        if (($request->filled('manufacturer_id') && ($request->input('manufacturer_id') != 'NC'))) {
            $update_array['manufacturer_id'] = $request->input('manufacturer_id');
        }
-        if (($request->filled('category_id') && ($request->input('category_id')!='NC'))) {
+        if (($request->filled('category_id') && ($request->input('category_id') != 'NC'))) {
            $update_array['category_id'] = $request->input('category_id');
        }
-        if ($request->input('fieldset_id')!='NC') {
+        if ($request->input('fieldset_id') != 'NC') {
            $update_array['fieldset_id'] = $request->input('fieldset_id');
        }
-        if ($request->input('depreciation_id')!='NC') {
+        if ($request->input('depreciation_id') != 'NC') {
            $update_array['depreciation_id'] = $request->input('depreciation_id');
        }

-
        
        if (count($update_array) > 0) {
            AssetModel::whereIn('id', $models_raw_array)->update($update_array);
+
            return redirect()->route('models.index')
                ->with('success', trans('admin/models/message.bulkedit.success'));
        }

        return redirect()->route('models.index')
            ->with('warning', trans('admin/models/message.bulkedit.error'));
-
    }

    /**
@@ -404,7 +396,6 @@ class AssetModelsController extends Controller
        $models_raw_array = $request->input('ids');

        if ((is_array($models_raw_array)) && (count($models_raw_array) > 0)) {
-
            $models = AssetModel::whereIn('id', $models_raw_array)->withCount('assets as assets_count')->get();

            $del_error_count = 0;
@@ -426,7 +417,7 @@ class AssetModelsController extends Controller

            if ($del_error_count == 0) {
                return redirect()->route('models.index')
-                    ->with('success', trans('admin/models/message.bulkdelete.success',['success_count'=> $del_count] ));
+                    ->with('success', trans('admin/models/message.bulkdelete.success', ['success_count'=> $del_count]));
            }

            return redirect()->route('models.index')
@@ -435,7 +426,6 @@ class AssetModelsController extends Controller

        return redirect()->route('models.index')
            ->with('error', trans('admin/models/message.bulkdelete.error'));
-
    }

    /**
@@ -443,13 +433,13 @@ class AssetModelsController extends Controller
     * any default values were entered into the form.
     *
     * @param  array  $input
-     * @return boolean
+     * @return bool
     */
    private function shouldAddDefaultValues(array $input)
    {
-        return !empty($input['add_default_values'])
-            && !empty($input['default_values'])
-            && !empty($input['custom_fieldset']);
+        return ! empty($input['add_default_values'])
+            && ! empty($input['default_values'])
+            && ! empty($input['custom_fieldset']);
    }

    /**
@@ -462,7 +452,9 @@ class AssetModelsController extends Controller
    private function assignCustomFieldsDefaultValues(AssetModel $model, array $defaultValues)
    {
        foreach ($defaultValues as $customFieldId => $defaultValue) {
-            if ($defaultValue) {
+            if(is_array($defaultValue)){
+                $model->defaultValues()->attach($customFieldId, ['default_value' => implode(', ', $defaultValue)]);
+            }elseif ($defaultValue) {
                $model->defaultValues()->attach($customFieldId, ['default_value' => $defaultValue]);
            }
        }
@@ -7,13 +7,14 @@ use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Http\Requests\AssetCheckinRequest;
 use App\Models\Asset;
+use App\Models\CheckoutAcceptance;
+use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Redirect;
 use Illuminate\Support\Facades\View;

 class AssetCheckinController extends Controller
 {
-
    /**
     * Returns a view that presents a form to check an asset back into inventory.
     *
@@ -33,6 +34,7 @@ class AssetCheckinController extends Controller
        }

        $this->authorize('checkin', $asset);
+
        return view('hardware/checkin', compact('asset'))->with('statusLabel_list', Helper::statusLabelList())->with('backto', $backto);
    }

@@ -73,7 +75,7 @@ class AssetCheckinController extends Controller
        $asset->name = $request->get('name');

        if ($request->filled('status_id')) {
-            $asset->status_id =  e($request->get('status_id'));
+            $asset->status_id = e($request->get('status_id'));
        }

        // This is just meant to correct legacy issues where some user data would have 0
@@ -81,14 +83,14 @@ class AssetCheckinController extends Controller
        // rules, so it's necessary to fix this for long-time users. It's kinda gross, but will help
        // people (and their data) in the long run

-        if ($asset->rtd_location_id=='0') {
+        if ($asset->rtd_location_id == '0') {
            \Log::debug('Manually override the RTD location IDs');
            \Log::debug('Original RTD Location ID: '.$asset->rtd_location_id);
            $asset->rtd_location_id = '';
            \Log::debug('New RTD Location ID: '.$asset->rtd_location_id);
        }

-        if ($asset->location_id=='0') {
+        if ($asset->location_id == '0') {
            \Log::debug('Manually override the location IDs');
            \Log::debug('Original Location ID: '.$asset->location_id);
            $asset->location_id = '';
@@ -96,30 +98,45 @@ class AssetCheckinController extends Controller
        }

        $asset->location_id = $asset->rtd_location_id;
-        \Log::debug('After Location ID: '.$asset->location_id);
-        \Log::debug('After RTD Location ID: '.$asset->rtd_location_id);
-

        if ($request->filled('location_id')) {
            \Log::debug('NEW Location ID: '.$request->get('location_id'));
-            $asset->location_id =  e($request->get('location_id'));
+            $asset->location_id = e($request->get('location_id'));
        }

-        $checkin_at = date('Y-m-d');
-        if($request->filled('checkin_at')){
-            $checkin_at = $request->input('checkin_at');
+        $checkin_at = date('Y-m-d H:i:s');
+        if (($request->filled('checkin_at')) && ($request->get('checkin_at') != date('Y-m-d'))) {
+            $checkin_at = $request->get('checkin_at');
        }

+        if(!empty($asset->licenseseats->all())){
+            foreach ($asset->licenseseats as $seat){
+                $seat->assigned_to = null;
+                $seat->save();
+            }
+        }
+
+        // Get all pending Acceptances for this asset and delete them
+        $acceptances = CheckoutAcceptance::pending()->whereHasMorph('checkoutable',
+            [Asset::class],
+            function (Builder $query) use ($asset) {
+                $query->where('id', $asset->id);
+            })->get();
+        $acceptances->map(function($acceptance) {
+            $acceptance->delete();
+        });
+
        // Was the asset updated?
        if ($asset->save()) {
            event(new CheckoutableCheckedIn($asset, $target, Auth::user(), $request->input('note'), $checkin_at));

-            if ((isset($user)) && ($backto =='user')) {
-                return redirect()->route("users.show", $user->id)->with('success', trans('admin/hardware/message.checkin.success'));
+            if ((isset($user)) && ($backto == 'user')) {
+                return redirect()->route('users.show', $user->id)->with('success', trans('admin/hardware/message.checkin.success'));
            }
-            return redirect()->route("hardware.index")->with('success', trans('admin/hardware/message.checkin.success'));
+
+            return redirect()->route('hardware.index')->with('success', trans('admin/hardware/message.checkin.success'));
        }
        // Redirect to the asset management page with error
-        return redirect()->route("hardware.index")->with('error', trans('admin/hardware/message.checkin.error').$asset->getErrors());
+        return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkin.error').$asset->getErrors());
    }
 }
@@ -2,7 +2,6 @@

 namespace App\Http\Controllers\Assets;

-
 use App\Exceptions\CheckoutNotAllowed;
 use App\Helpers\Helper;
 use App\Http\Controllers\CheckInOutRequest;
@@ -15,15 +14,16 @@ use Illuminate\Support\Facades\Auth;
 class AssetCheckoutController extends Controller
 {
    use CheckInOutRequest;
+
    /**
-    * Returns a view that presents a form to check an asset out to a
-    * user.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @param int $assetId
-    * @since [v1.0]
-    * @return View
-    */
+     * Returns a view that presents a form to check an asset out to a
+     * user.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param int $assetId
+     * @since [v1.0]
+     * @return View
+     */
    public function create($assetId)
    {
        // Check if the asset exists
@@ -37,9 +37,8 @@ class AssetCheckoutController extends Controller
            return view('hardware/checkout', compact('asset'))
                ->with('statusLabel_list', Helper::deployableStatusLabelList());
        }
+
        return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkout.not_available'));
-
-
    }

    /**
@@ -55,9 +54,9 @@ class AssetCheckoutController extends Controller
    {
        try {
            // Check if the asset exists
-            if (!$asset = Asset::find($assetId)) {
+            if (! $asset = Asset::find($assetId)) {
                return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
-            } elseif (!$asset->availableForCheckout()) {
+            } elseif (! $asset->availableForCheckout()) {
                return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkout.not_available'));
            }
            $this->authorize('checkout', $asset);
@@ -67,8 +66,8 @@ class AssetCheckoutController extends Controller

            $asset = $this->updateAssetLocation($asset, $target);

-            $checkout_at = date("Y-m-d H:i:s");
-            if (($request->filled('checkout_at')) && ($request->get('checkout_at')!= date("Y-m-d"))) {
+            $checkout_at = date('Y-m-d H:i:s');
+            if (($request->filled('checkout_at')) && ($request->get('checkout_at') != date('Y-m-d'))) {
                $checkout_at = $request->get('checkout_at');
            }

@@ -81,8 +80,17 @@ class AssetCheckoutController extends Controller
                $asset->status_id = $request->get('status_id');
            }

+            if(!empty($asset->licenseseats->all())){
+                if(request('checkout_to_type') == 'user') {
+                    foreach ($asset->licenseseats as $seat){
+                        $seat->assigned_to = $target->id;
+                        $seat->save();
+                    }
+                }
+            }
+
            if ($asset->checkOut($target, $admin, $checkout_at, $expected_checkin, e($request->get('note')), $request->get('name'))) {
-                return redirect()->route("hardware.index")->with('success', trans('admin/hardware/message.checkout.success'));
+                return redirect()->route('hardware.index')->with('success', trans('admin/hardware/message.checkout.success'));
            }

            // Redirect to the asset management page with error
@@ -93,5 +101,4 @@ class AssetCheckoutController extends Controller
            return redirect()->back()->with('error', $e->getMessage());
        }
    }
-
 }
@@ -2,14 +2,14 @@

 namespace App\Http\Controllers\Assets;

-
+use App\Helpers\StorageHelper;
 use App\Http\Controllers\Controller;
 use App\Http\Requests\AssetFileRequest;
 use App\Models\Actionlog;
 use App\Models\Asset;
 use Illuminate\Support\Facades\Response;
 use Illuminate\Support\Facades\Storage;
-use App\Helpers\StorageHelper;
+use enshrined\svgSanitize\Sanitizer;

 class AssetFilesController extends Controller
 {
@@ -25,22 +25,44 @@ class AssetFilesController extends Controller
     */
    public function store(AssetFileRequest $request, $assetId = null)
    {
-        if (!$asset = Asset::find($assetId)) {
+        if (! $asset = Asset::find($assetId)) {
            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
        }

        $this->authorize('update', $asset);

        if ($request->hasFile('file')) {
-
-            if (!Storage::exists('private_uploads/assets')) Storage::makeDirectory('private_uploads/assets', 775);
+            if (! Storage::exists('private_uploads/assets')) {
+                Storage::makeDirectory('private_uploads/assets', 775);
+            }

            foreach ($request->file('file') as $file) {
+
                $extension = $file->getClientOriginalExtension();
                $file_name = 'hardware-'.$asset->id.'-'.str_random(8).'-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$extension;
+
+                // Check for SVG and sanitize it
+                if ($extension=='svg') {
+                    \Log::debug('This is an SVG');
+
+                        $sanitizer = new Sanitizer();
+                        $dirtySVG = file_get_contents($file->getRealPath());
+                        $cleanSVG = $sanitizer->sanitize($dirtySVG);
+
+                        try {
+                            Storage::put('private_uploads/assets/'.$file_name, $cleanSVG);
+                        } catch (\Exception $e) {
+                            \Log::debug('Upload no workie :( ');
+                            \Log::debug($e);
+                        }
+                } else {
                Storage::put('private_uploads/assets/'.$file_name, file_get_contents($file));
+                }
+               
+                
                $asset->logUpload($file_name, e($request->get('notes')));
            }
+
            return redirect()->back()->with('success', trans('admin/hardware/message.upload.success'));
        }

@@ -64,7 +86,7 @@ class AssetFilesController extends Controller
        if (isset($asset->id)) {
            $this->authorize('view', $asset);

-            if (!$log = Actionlog::find($fileId)) {
+            if (! $log = Actionlog::find($fileId)) {
                return response('No matching record for that asset/file', 500)
                    ->header('Content-Type', 'text/plain');
            }
@@ -72,21 +94,23 @@ class AssetFilesController extends Controller
            $file = 'private_uploads/assets/'.$log->filename;
            \Log::debug('Checking for '.$file);

-            if ($log->action_type =='audit') {
+            if ($log->action_type == 'audit') {
                $file = 'private_uploads/audits/'.$log->filename;
            }

-            if (!Storage::exists($file)) {
+            if (! Storage::exists($file)) {
                return response('File '.$file.' not found on server', 404)
                    ->header('Content-Type', 'text/plain');
            }

            if ($download != 'true') {
-                  if ($contents = file_get_contents(Storage::url($file))) {
-                      return Response::make(Storage::url($file)->header('Content-Type', mime_content_type($file)));
-                  }
-                return JsonResponse::create(["error" => "Failed validation: "], 500);
+                if ($contents = file_get_contents(Storage::url($file))) {
+                    return Response::make(Storage::url($file)->header('Content-Type', mime_content_type($file)));
+                }
+
+                return JsonResponse::create(['error' => 'Failed validation: '], 500);
            }
+
            return StorageHelper::downloader($file);
        }
        // Prepare the error message
@@ -117,13 +141,14 @@ class AssetFilesController extends Controller
            $this->authorize('update', $asset);
            $log = Actionlog::find($fileId);
            if ($log) {
-            if (Storage::exists($rel_path.'/'.$log->filename)) {
-                Storage::delete($rel_path.'/'.$log->filename);
+                if (Storage::exists($rel_path.'/'.$log->filename)) {
+                    Storage::delete($rel_path.'/'.$log->filename);
                }
                $log->delete();
+
                return redirect()->back()->with('success', trans('admin/hardware/message.deletefile.success'));
            }
-            $log->delete();
+
            return redirect()->back()
                ->with('success', trans('admin/hardware/message.deletefile.success'));
        }
@@ -1,4 +1,5 @@
 <?php
+
 namespace App\Http\Controllers\Assets;

 use App\Helpers\Helper;
@@ -14,13 +15,13 @@ use App\Models\Setting;
 use App\Models\User;
 use Auth;
 use Carbon\Carbon;
-use Intervention\Image\Facades\Image;
 use DB;
 use Gate;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Cache;
 use Illuminate\Support\Facades\Storage;
 use Input;
+use Intervention\Image\Facades\Image;
 use League\Csv\Reader;
 use League\Csv\Statement;
 use Paginator;
@@ -40,9 +41,8 @@ use View;
 */
 class AssetsController extends Controller
 {
-    protected $qrCodeDimensions = array( 'height' => 3.5, 'width' => 3.5);
-    protected $barCodeDimensions = array( 'height' => 2, 'width' => 22);
-
+    protected $qrCodeDimensions = ['height' => 3.5, 'width' => 3.5];
+    protected $barCodeDimensions = ['height' => 2, 'width' => 22];

    public function __construct()
    {
@@ -65,6 +65,7 @@ class AssetsController extends Controller
    {
        $this->authorize('index', Asset::class);
        $company = Company::find($request->input('company_id'));
+
        return view('hardware/index')->with('company', $company);
    }

@@ -89,6 +90,7 @@ class AssetsController extends Controller
            $selected_model = AssetModel::find($request->input('model_id'));
            $view->with('selected_model', $selected_model);
        }
+
        return $view;
    }

@@ -114,18 +116,17 @@ class AssetsController extends Controller
        $serials = $request->input('serials');

        for ($a = 1; $a <= count($asset_tags); $a++) {
-
            $asset = new Asset();
            $asset->model()->associate(AssetModel::find($request->input('model_id')));
-            $asset->name                    = $request->input('name');
+            $asset->name = $request->input('name');

            // Check for a corresponding serial
            if (($serials) && (array_key_exists($a, $serials))) {
-                $asset->serial                  = $serials[$a];
+                $asset->serial = $serials[$a];
            }

            if (($asset_tags) && (array_key_exists($a, $asset_tags))) {
-                $asset->asset_tag                  = $asset_tags[$a];
+                $asset->asset_tag = $asset_tags[$a];
            }

            $asset->company_id              = Company::getIdForCurrentUser($request->input('company_id'));
@@ -136,20 +137,20 @@ class AssetsController extends Controller
            $asset->archived                = '0';
            $asset->physical                = '1';
            $asset->depreciate              = '0';
-            $asset->status_id               = request('status_id', 0);
+            $asset->status_id               = request('status_id');
            $asset->warranty_months         = request('warranty_months', null);
-            $asset->purchase_cost           = Helper::ParseFloat($request->get('purchase_cost'));
+            $asset->purchase_cost           = Helper::ParseCurrency($request->get('purchase_cost'));
            $asset->purchase_date           = request('purchase_date', null);
            $asset->assigned_to             = request('assigned_to', null);
-            $asset->supplier_id             = request('supplier_id', 0);
+            $asset->supplier_id             = request('supplier_id', null);
            $asset->requestable             = request('requestable', 0);
            $asset->rtd_location_id         = request('rtd_location_id', null);

-            if (!empty($settings->audit_interval)) {
-                $asset->next_audit_date         = Carbon::now()->addMonths($settings->audit_interval)->toDateString();
+            if (! empty($settings->audit_interval)) {
+                $asset->next_audit_date = Carbon::now()->addMonths($settings->audit_interval)->toDateString();
            }

-            if ($asset->assigned_to=='') {
+            if ($asset->assigned_to == '') {
                $asset->location_id = $request->input('rtd_location_id', null);
            }

@@ -164,17 +165,18 @@ class AssetsController extends Controller

            if (($model) && ($model->fieldset)) {
                foreach ($model->fieldset->fields as $field) {
-                    if ($field->field_encrypted=='1') {
+                    if ($field->field_encrypted == '1') {
                        if (Gate::allows('admin')) {
-                            if(is_array($request->input($field->convertUnicodeDbSlug()))){
-                                $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt(e(implode(', ', $request->input($field->convertUnicodeDbSlug()))));
-                            }else{
-                                $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt(e($request->input($field->convertUnicodeDbSlug())));
-                            }                        }
+                            if (is_array($request->input($field->convertUnicodeDbSlug()))) {
+                                $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt(implode(', ', $request->input($field->convertUnicodeDbSlug())));
+                            } else {
+                                $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt($request->input($field->convertUnicodeDbSlug()));
+                            }
+                        }
                    } else {
-                        if(is_array($request->input($field->convertUnicodeDbSlug()))){
+                        if (is_array($request->input($field->convertUnicodeDbSlug()))) {
                            $asset->{$field->convertUnicodeDbSlug()} = implode(', ', $request->input($field->convertUnicodeDbSlug()));
-                        }else{
+                        } else {
                            $asset->{$field->convertUnicodeDbSlug()} = $request->input($field->convertUnicodeDbSlug());
                        }
                    }
@@ -183,7 +185,6 @@ class AssetsController extends Controller

            // Validate the asset before saving
            if ($asset->isValid() && $asset->save()) {
-
                if (request('assigned_user')) {
                    $target = User::find(request('assigned_user'));
                    $location = $target->location_id;
@@ -196,14 +197,11 @@ class AssetsController extends Controller
                }

                if (isset($target)) {
-                    $asset->checkOut($target, Auth::user(), date('Y-m-d H:i:s'), $request->input('expected_checkin', null), 'Checked out on asset creation', e($request->get('name')), $location);
+                    $asset->checkOut($target, Auth::user(), date('Y-m-d H:i:s'), $request->input('expected_checkin', null), 'Checked out on asset creation', $request->get('name'), $location);
                }

                $success = true;
-
-
            }
-
        }

        if ($success) {
@@ -213,7 +211,6 @@ class AssetsController extends Controller
        }

        return redirect()->back()->withInput()->withErrors($asset->getErrors());
-
    }

    /**
@@ -226,7 +223,7 @@ class AssetsController extends Controller
     */
    public function edit($assetId = null)
    {
-        if (!$item = Asset::find($assetId)) {
+        if (! $item = Asset::find($assetId)) {
            // Redirect to the asset management page with error
            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
        }
@@ -262,17 +259,17 @@ class AssetsController extends Controller
            if ($asset->location) {
                $use_currency = $asset->location->currency;
            } else {
-                if ($settings->default_currency!='') {
+                if ($settings->default_currency != '') {
                    $use_currency = $settings->default_currency;
                } else {
                    $use_currency = trans('general.currency');
                }
            }

-            $qr_code = (object) array(
+            $qr_code = (object) [
                'display' => $settings->qr_code == '1',
-                'url' => route('qr_code/hardware', $asset->id)
-            );
+                'url' => route('qr_code/hardware', $asset->id),
+            ];

            return view('hardware/view', compact('asset', 'qr_code', 'settings'))
                ->with('use_currency', $use_currency)->with('audit_log', $audit_log);
@@ -281,7 +278,6 @@ class AssetsController extends Controller
        return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
    }

-
    /**
     * Validate and process asset edit form.
     *
@@ -290,11 +286,10 @@ class AssetsController extends Controller
     * @since [v1.0]
     * @return Redirect
     */
-
    public function update(ImageUploadRequest $request, $assetId = null)
    {
        // Check if the asset exists
-        if (!$asset = Asset::find($assetId)) {
+        if (! $asset = Asset::find($assetId)) {
            // Redirect to the asset management page with error
            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
        }
@@ -302,7 +297,7 @@ class AssetsController extends Controller

        $asset->status_id = $request->input('status_id', null);
        $asset->warranty_months = $request->input('warranty_months', null);
-        $asset->purchase_cost = Helper::ParseFloat($request->input('purchase_cost', null));
+        $asset->purchase_cost = Helper::ParseCurrency($request->input('purchase_cost', null));
        $asset->purchase_date = $request->input('purchase_date', null);
        $asset->supplier_id = $request->input('supplier_id', null);
        $asset->expected_checkin = $request->input('expected_checkin', null);
@@ -311,7 +306,7 @@ class AssetsController extends Controller
        $asset->requestable = $request->filled('requestable');
        $asset->rtd_location_id = $request->input('rtd_location_id', null);

-        if ($asset->assigned_to=='') {
+        if ($asset->assigned_to == '') {
            $asset->location_id = $request->input('rtd_location_id', null);
        }

@@ -323,21 +318,19 @@ class AssetsController extends Controller
            } catch (\Exception $e) {
                \Log::info($e);
            }
-
        }

-
        // Update the asset data
-        $asset_tag           =  $request->input('asset_tags');
-        $serial              = $request->input('serials');
-        $asset->name         = $request->input('name');
-        $asset->serial       = $serial[1];
-        $asset->company_id   = Company::getIdForCurrentUser($request->input('company_id'));
-        $asset->model_id     = $request->input('model_id');
+        $asset_tag = $request->input('asset_tags');
+        $serial = $request->input('serials');
+        $asset->name = $request->input('name');
+        $asset->serial = $serial[1];
+        $asset->company_id = Company::getIdForCurrentUser($request->input('company_id'));
+        $asset->model_id = $request->input('model_id');
        $asset->order_number = $request->input('order_number');
-        $asset->asset_tag    = $asset_tag[1];
-        $asset->notes        = $request->input('notes');
-        $asset->physical     = '1';
+        $asset->asset_tag = $asset_tag[1];
+        $asset->notes = $request->input('notes');
+        $asset->physical = '1';

        $asset = $request->handleImages($asset);

@@ -348,18 +341,18 @@ class AssetsController extends Controller
        $model = AssetModel::find($request->get('model_id'));
        if (($model) && ($model->fieldset)) {
            foreach ($model->fieldset->fields as $field) {
-                if ($field->field_encrypted=='1') {
+                if ($field->field_encrypted == '1') {
                    if (Gate::allows('admin')) {
-                        if(is_array($request->input($field->convertUnicodeDbSlug()))){
-                            $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt(e(implode(', ', $request->input($field->convertUnicodeDbSlug()))));
-                        }else{
-                            $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt(e($request->input($field->convertUnicodeDbSlug())));
+                        if (is_array($request->input($field->convertUnicodeDbSlug()))) {
+                            $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt(implode(', ', $request->input($field->convertUnicodeDbSlug())));
+                        } else {
+                            $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt($request->input($field->convertUnicodeDbSlug()));
                        }
                    }
                } else {
-                    if(is_array($request->input($field->convertUnicodeDbSlug()))){
+                    if (is_array($request->input($field->convertUnicodeDbSlug()))) {
                        $asset->{$field->convertUnicodeDbSlug()} = implode(', ', $request->input($field->convertUnicodeDbSlug()));
-                    }else{
+                    } else {
                        $asset->{$field->convertUnicodeDbSlug()} = $request->input($field->convertUnicodeDbSlug());
                    }
                }
@@ -368,7 +361,7 @@ class AssetsController extends Controller


        if ($asset->save()) {
-            return redirect()->route("hardware.show", $assetId)
+            return redirect()->route('hardware.show', $assetId)
                ->with('success', trans('admin/hardware/message.update.success'));
        }

@@ -395,10 +388,10 @@ class AssetsController extends Controller

        DB::table('assets')
            ->where('id', $asset->id)
-            ->update(array('assigned_to' => null));
+            ->update(['assigned_to' => null]);

        if ($asset->image) {
-            try  {
+            try {
                Storage::disk('public')->delete('assets'.'/'.$asset->image);
            } catch (\Exception $e) {
                \Log::debug($e);
@@ -410,7 +403,23 @@ class AssetsController extends Controller
        return redirect()->route('hardware.index')->with('success', trans('admin/hardware/message.delete.success'));
    }

+    /**
+     * Searches the assets table by serial, and redirects if it finds one
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return Redirect
+     */
+    public function getAssetBySerial(Request $request)
+    {
+        $topsearch = ($request->get('topsearch')=="true");

+        if (!$asset = Asset::where('serial', '=', $request->get('serial'))->first()) {
+            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+        }
+        $this->authorize('view', $asset);
+        return redirect()->route('hardware.show', $asset->id)->with('topsearch', $topsearch);
+    }

    /**
     * Searches the assets table by asset tag, and redirects if it finds one
@@ -421,14 +430,17 @@ class AssetsController extends Controller
     */
    public function getAssetByTag(Request $request)
    {
-        $topsearch = ($request->get('topsearch')=="true");
+        $topsearch = ($request->get('topsearch') == 'true');

-        if (!$asset = Asset::where('asset_tag', '=', $request->get('assetTag'))->first()) {
+        if (! $asset = Asset::where('asset_tag', '=', $request->get('assetTag'))->first()) {
            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
        }
        $this->authorize('view', $asset);
+
        return redirect()->route('hardware.show', $asset->id)->with('topsearch', $topsearch);
    }
+
+
    /**
     * Return a QR code for the asset
     *
@@ -450,20 +462,22 @@ class AssetsController extends Controller
                if (isset($asset->id, $asset->asset_tag)) {
                    if (file_exists($qr_file)) {
                        $header = ['Content-type' => 'image/png'];
+
                        return response()->file($qr_file, $header);
                    } else {
                        $barcode = new \Com\Tecnick\Barcode\Barcode();
-                        $barcode_obj =  $barcode->getBarcodeObj($settings->barcode_type, route('hardware.show', $asset->id), $size['height'], $size['width'], 'black', array(-2, -2, -2, -2));
+                        $barcode_obj = $barcode->getBarcodeObj($settings->barcode_type, route('hardware.show', $asset->id), $size['height'], $size['width'], 'black', [-2, -2, -2, -2]);
                        file_put_contents($qr_file, $barcode_obj->getPngData());
+
                        return response($barcode_obj->getPngData())->header('Content-type', 'image/png');
                    }
                }
            }
+
            return 'That asset is invalid';
        }
    }

-
    /**
     * Return a 2D barcode for the asset
     *
@@ -481,6 +495,7 @@ class AssetsController extends Controller
        if (isset($asset->id, $asset->asset_tag)) {
            if (file_exists($barcode_file)) {
                $header = ['Content-type' => 'image/png'];
+
                return response()->file($barcode_file, $header);
            } else {
                // Calculate barcode width in pixel based on label width (inch)
@@ -488,20 +503,19 @@ class AssetsController extends Controller

                $barcode = new \Com\Tecnick\Barcode\Barcode();
                try {
-                    $barcode_obj = $barcode->getBarcodeObj($settings->alt_barcode,$asset->asset_tag,($barcode_width < 300 ? $barcode_width : 300),50);
+                    $barcode_obj = $barcode->getBarcodeObj($settings->alt_barcode, $asset->asset_tag, ($barcode_width < 300 ? $barcode_width : 300), 50);
                    file_put_contents($barcode_file, $barcode_obj->getPngData());
+
                    return response($barcode_obj->getPngData())->header('Content-type', 'image/png');
-                } catch(\Exception $e) {
+                } catch (\Exception $e) {
                    \Log::debug('The barcode format is invalid.');
+
                    return response(file_get_contents(public_path('uploads/barcodes/invalid_barcode.gif')))->header('Content-type', 'image/gif');
                }
-
-
            }
        }
    }

-
    /**
     * Return a label for an individual asset.
     *
@@ -523,7 +537,6 @@ class AssetsController extends Controller
        }
    }

-
    /**
     * Returns a view that presents a form to clone an asset.
     *
@@ -564,6 +577,7 @@ class AssetsController extends Controller
    public function getImportHistory()
    {
        $this->authorize('admin');
+
        return view('hardware/history');
    }

@@ -572,49 +586,48 @@ class AssetsController extends Controller
     *
     * This needs a LOT of love. It's done very inelegantly right now, and there are
     * a ton of optimizations that could (and should) be done.
-     * 
+     *
     * Updated to respect checkin dates:
     * No checkin column, assume all items are checked in (todays date)
     * Checkin date in the past, update history.
     * Checkin date in future or empty, check the item out to the user.
-     * 
+     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v3.3]
     * @return View
     */
    public function postImportHistory(Request $request)
    {
-
-        if (!$request->hasFile('user_import_csv')) {
+        if (! $request->hasFile('user_import_csv')) {
            return back()->with('error', 'No file provided. Please select a file for import and try again. ');
        }

-        if (!ini_get("auto_detect_line_endings")) {
-            ini_set("auto_detect_line_endings", '1');
+        if (! ini_get('auto_detect_line_endings')) {
+            ini_set('auto_detect_line_endings', '1');
        }
        $csv = Reader::createFromPath($request->file('user_import_csv'));
        $csv->setHeaderOffset(0);
        $header = $csv->getHeader();
-        $isCheckinHeaderExplicit = in_array("checkin date", (array_map('strtolower', $header)));
+        $isCheckinHeaderExplicit = in_array('checkin date', (array_map('strtolower', $header)));
        $results = $csv->getRecords();
-        $item = array();
-        $status = array();
-        $status['error'] = array();
-        $status['success'] = array();
+        $item = [];
+        $status = [];
+        $status['error'] = [];
+        $status['success'] = [];
        foreach ($results as $row) {
            if (is_array($row)) {
                $row = array_change_key_case($row, CASE_LOWER);
-                $asset_tag = Helper::array_smart_fetch($row, "asset tag");
-                if (!array_key_exists($asset_tag, $item)) {
-                    $item[$asset_tag] = array();
+                $asset_tag = Helper::array_smart_fetch($row, 'asset tag');
+                if (! array_key_exists($asset_tag, $item)) {
+                    $item[$asset_tag] = [];
                }
                $batch_counter = count($item[$asset_tag]);
-                $item[$asset_tag][$batch_counter]['checkout_date'] = Carbon::parse(Helper::array_smart_fetch($row, "checkout date"))->format('Y-m-d H:i:s');
-    
-                if ($isCheckinHeaderExplicit){
+                $item[$asset_tag][$batch_counter]['checkout_date'] = Carbon::parse(Helper::array_smart_fetch($row, 'checkout date'))->format('Y-m-d H:i:s');
+
+                if ($isCheckinHeaderExplicit) {
                    //checkin date not empty, assume past transaction or future checkin date (expected)
-                    if (!empty(Helper::array_smart_fetch($row, "checkin date"))) {
-                        $item[$asset_tag][$batch_counter]['checkin_date'] = Carbon::parse(Helper::array_smart_fetch($row, "checkin date"))->format('Y-m-d H:i:s');
+                    if (! empty(Helper::array_smart_fetch($row, 'checkin date'))) {
+                        $item[$asset_tag][$batch_counter]['checkin_date'] = Carbon::parse(Helper::array_smart_fetch($row, 'checkin date'))->format('Y-m-d H:i:s');
                    } else {
                        $item[$asset_tag][$batch_counter]['checkin_date'] = '';
                    }
@@ -623,44 +636,44 @@ class AssetsController extends Controller
                    $item[$asset_tag][$batch_counter]['checkin_date'] = Carbon::parse(now())->format('Y-m-d H:i:s');
                }

-                $item[$asset_tag][$batch_counter]['asset_tag'] = Helper::array_smart_fetch($row, "asset tag");
-                $item[$asset_tag][$batch_counter]['name'] = Helper::array_smart_fetch($row, "name");
-                $item[$asset_tag][$batch_counter]['email'] = Helper::array_smart_fetch($row, "email");
+                $item[$asset_tag][$batch_counter]['asset_tag'] = Helper::array_smart_fetch($row, 'asset tag');
+                $item[$asset_tag][$batch_counter]['name'] = Helper::array_smart_fetch($row, 'name');
+                $item[$asset_tag][$batch_counter]['email'] = Helper::array_smart_fetch($row, 'email');
                if ($asset = Asset::where('asset_tag', '=', $asset_tag)->first()) {
                    $item[$asset_tag][$batch_counter]['asset_id'] = $asset->id;
                    $base_username = User::generateFormattedNameFromFullName(Setting::getSettings()->username_format, $item[$asset_tag][$batch_counter]['name']);
                    $user = User::where('username', '=', $base_username['username']);
                    $user_query = ' on username '.$base_username['username'];
-                    if ($request->input('match_firstnamelastname')=='1') {
+                    if ($request->input('match_firstnamelastname') == '1') {
                        $firstnamedotlastname = User::generateFormattedNameFromFullName('firstname.lastname', $item[$asset_tag][$batch_counter]['name']);
                        $item[$asset_tag][$batch_counter]['username'][] = $firstnamedotlastname['username'];
                        $user->orWhere('username', '=', $firstnamedotlastname['username']);
                        $user_query .= ', or on username '.$firstnamedotlastname['username'];
                    }
-                    if ($request->input('match_flastname')=='1') {
+                    if ($request->input('match_flastname') == '1') {
                        $flastname = User::generateFormattedNameFromFullName('filastname', $item[$asset_tag][$batch_counter]['name']);
                        $item[$asset_tag][$batch_counter]['username'][] = $flastname['username'];
                        $user->orWhere('username', '=', $flastname['username']);
                        $user_query .= ', or on username '.$flastname['username'];
                    }
-                    if ($request->input('match_firstname')=='1') {
+                    if ($request->input('match_firstname') == '1') {
                        $firstname = User::generateFormattedNameFromFullName('firstname', $item[$asset_tag][$batch_counter]['name']);
                        $item[$asset_tag][$batch_counter]['username'][] = $firstname['username'];
                        $user->orWhere('username', '=', $firstname['username']);
                        $user_query .= ', or on username '.$firstname['username'];
                    }
-                    if ($request->input('match_email')=='1') {
-                        if ($item[$asset_tag][$batch_counter]['name']=='') {
+                    if ($request->input('match_email') == '1') {
+                        if ($item[$asset_tag][$batch_counter]['name'] == '') {
                            $item[$asset_tag][$batch_counter]['username'][] = $user_email = User::generateEmailFromFullName($item[$asset_tag][$batch_counter]['name']);
                            $user->orWhere('username', '=', $user_email);
                            $user_query .= ', or on username '.$user_email;
                        }
                    }
-                    if ($request->input('match_username') == '1'){
+                    if ($request->input('match_username') == '1') {
                        // Added #8825: add explicit username lookup
-                           $raw_username = $item[$asset_tag][$batch_counter]['name'];
-                           $user->orWhere('username', '=', $raw_username);
-                            $user_query .= ', or on username ' . $raw_username;
+                        $raw_username = $item[$asset_tag][$batch_counter]['name'];
+                        $user->orWhere('username', '=', $raw_username);
+                        $user_query .= ', or on username '.$raw_username;
                    }

                    // A matching user was found
@@ -668,7 +681,7 @@ class AssetsController extends Controller
                        //$user is now matched user from db
                        $item[$asset_tag][$batch_counter]['user_id'] = $user->id;

-                        Actionlog::firstOrCreate(array(
+                        Actionlog::firstOrCreate([
                            'item_id' => $asset->id,
                            'item_type' => Asset::class,
                            'user_id' =>  Auth::user()->id,
@@ -677,7 +690,7 @@ class AssetsController extends Controller
                            'target_type' => User::class,
                            'created_at' =>  $item[$asset_tag][$batch_counter]['checkout_date'],
                            'action_type'   => 'checkout',
-                        ));
+                        ]);

                        $checkin_date = $item[$asset_tag][$batch_counter]['checkin_date'];

@@ -685,7 +698,7 @@ class AssetsController extends Controller

                            //if checkin date header exists, assume that empty or future date is still checked out
                            //if checkin is before todays date, assume it's checked in and do not assign user ID, if checkin date is in the future or blank, this is the expected checkin date, items is checked out
-                            
+
                            if ((strtotime($checkin_date) > strtotime(Carbon::now())) || (empty($checkin_date))
                            ) {
                                //only do this if item is checked out
@@ -694,29 +707,27 @@ class AssetsController extends Controller
                            }
                        }

-                        if (!empty($checkin_date)) {
+                        if (! empty($checkin_date)) {
                            //only make a checkin there is a valid checkin date or we created one on import.
-                            Actionlog::firstOrCreate(array(
-                                'item_id' =>
-                                $item[$asset_tag][$batch_counter]['asset_id'],
+                            Actionlog::firstOrCreate([
+                                'item_id' => $item[$asset_tag][$batch_counter]['asset_id'],
                                'item_type' => Asset::class,
                                'user_id' => Auth::user()->id,
-                                'note' => 'Checkin imported by ' . Auth::user()->present()->fullName() . ' from history importer',
+                                'note' => 'Checkin imported by '.Auth::user()->present()->fullName().' from history importer',
                                'target_id' => null,
                                'created_at' => $checkin_date,
-                                'action_type' => 'checkin'
-                            ));
-
+                                'action_type' => 'checkin',
+                            ]);
                        }
-                     
+
                        if ($asset->save()) {
-                            $status['success'][]['asset'][$asset_tag]['msg'] = 'Asset successfully matched for '.Helper::array_smart_fetch($row, "name").$user_query.' on '.$item[$asset_tag][$batch_counter]['checkout_date'];
+                            $status['success'][]['asset'][$asset_tag]['msg'] = 'Asset successfully matched for '.Helper::array_smart_fetch($row, 'name').$user_query.' on '.$item[$asset_tag][$batch_counter]['checkout_date'];
                        } else {
                            $status['error'][]['asset'][$asset_tag]['msg'] = 'Asset and user was matched but could not be saved.';
                        }
                    } else {
                        $item[$asset_tag][$batch_counter]['user_id'] = null;
-                        $status['error'][]['user'][Helper::array_smart_fetch($row, "name")]['msg'] = 'User does not exist so no checkin log was created.';
+                        $status['error'][]['user'][Helper::array_smart_fetch($row, 'name')]['msg'] = 'User does not exist so no checkin log was created.';
                    }
                } else {
                    $item[$asset_tag][$batch_counter]['asset_id'] = null;
@@ -724,6 +735,7 @@ class AssetsController extends Controller
                }
            }
        }
+
        return view('hardware/history')->with('status', $status);
    }

@@ -752,12 +764,13 @@ class AssetsController extends Controller
            $logaction = new Actionlog();
            $logaction->item_type = Asset::class;
            $logaction->item_id = $asset->id;
-            $logaction->created_at =  date("Y-m-d H:i:s");
+            $logaction->created_at = date('Y-m-d H:i:s');
            $logaction->user_id = Auth::user()->id;
            $logaction->logaction('restored');

            return redirect()->route('hardware.index')->with('success', trans('admin/hardware/message.restore.success'));
        }
+
        return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
    }

@@ -765,10 +778,16 @@ class AssetsController extends Controller
    {
        $this->authorize('audit', Asset::class);
        $dt = Carbon::now()->addMonths(12)->toDateString();
+
        return view('hardware/quickscan')->with('next_audit_date', $dt);
    }

+    public function quickScanCheckin()
+    {
+        $this->authorize('checkin', Asset::class);

+        return view('hardware/quickscan-checkin');
+    }

    public function audit($id)
    {
@@ -776,18 +795,21 @@ class AssetsController extends Controller
        $this->authorize('audit', Asset::class);
        $dt = Carbon::now()->addMonths($settings->audit_interval)->toDateString();
        $asset = Asset::findOrFail($id);
+
        return view('hardware/audit')->with('asset', $asset)->with('next_audit_date', $dt)->with('locations_list');
    }

    public function dueForAudit()
    {
        $this->authorize('audit', Asset::class);
+
        return view('hardware/audit-due');
    }

    public function overdueForAudit()
    {
        $this->authorize('audit', Asset::class);
+
        return view('hardware/audit-overdue');
    }

@@ -796,10 +818,10 @@ class AssetsController extends Controller
    {
        $this->authorize('audit', Asset::class);

-        $rules = array(
+        $rules = [
            'location_id' => 'exists:locations,id|nullable|numeric',
-            'next_audit_date' => 'date|nullable'
-        );
+            'next_audit_date' => 'date|nullable',
+        ];

        $validator = \Validator::make($request->all(), $rules);

@@ -817,7 +839,7 @@ class AssetsController extends Controller

        // Check to see if they checked the box to update the physical location,
        // not just note it in the audit notes
-        if ($request->input('update_location')=='1') {
+        if ($request->input('update_location') == '1') {
            \Log::debug('update location in audit');
            $asset->location_id = $request->input('location_id');
        }
@@ -828,7 +850,9 @@ class AssetsController extends Controller
            // Upload an image, if attached
            if ($request->hasFile('image')) {
                $path = 'private_uploads/audits';
-                if (!Storage::exists($path)) Storage::makeDirectory($path, 775);
+                if (! Storage::exists($path)) {
+                    Storage::makeDirectory($path, 775);
+                }
                $upload = $image = $request->file('image');
                $ext = $image->getClientOriginalExtension();
                $file_name = 'audit-'.str_random(18).'.'.$ext;
@@ -837,12 +861,13 @@ class AssetsController extends Controller


            $asset->logAudit($request->input('note'), $request->input('location_id'), $file_name);
-            return redirect()->to("hardware")->with('success', trans('admin/hardware/message.audit.success'));
+            return redirect()->route('assets.audit.due')->with('success', trans('admin/hardware/message.audit.success'));
        }
    }

    public function getRequestedIndex($user_id = null)
    {
+        $this->authorize('index', Asset::class);
        $requestedItems = CheckoutRequest::with('user', 'requestedItem')->whereNull('canceled_at')->with('user', 'requestedItem');

        if ($user_id) {
@@ -853,5 +878,4 @@ class AssetsController extends Controller

        return view('hardware/requested', compact('requestedItems'));
    }
-
 }
--- a/Show More
+++ b/Show More
				`@@ -0,0 +1 @@`
				`web: php heroku/startup.php && heroku-php-apache2 public/`