Merge remote-tracking branch 'origin/develop'

# Conflicts: # config/version.php
Bumped version
2025-12-12 08:47:16 +00:00 · 2025-12-12 08:46:25 +00:00 · 2025-12-12 07:49:53 +00:00 · 2025-12-12 07:49:01 +00:00 · 2025-12-12 07:14:51 +00:00 · 2025-12-12 07:14:36 +00:00
1310 changed files with 44599 additions and 18828 deletions
@@ -4235,6 +4235,33 @@
      "contributions": [
        "code"
      ]
+    },
+    {
+      "login": "smarsching",
+      "name": "Sebastian Marsching",
+      "avatar_url": "https://avatars.githubusercontent.com/u/2880129?v=4",
+      "profile": "http://sebastian.marsching.com/",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "mohammad-ahmadi1",
+      "name": "Mo",
+      "avatar_url": "https://avatars.githubusercontent.com/u/40658372?v=4",
+      "profile": "https://github.com/mohammad-ahmadi1",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "MarvelousAnything",
+      "name": "Owen V. Hayes",
+      "avatar_url": "https://avatars.githubusercontent.com/u/20994684?v=4",
+      "profile": "https://github.com/MarvelousAnything",
+      "contributions": [
+        "code"
+      ]
    }
  ]
 }
@@ -137,6 +137,8 @@ PUBLIC_AWS_ACCESS_KEY_ID=null
 PUBLIC_AWS_DEFAULT_REGION=null
 PUBLIC_AWS_BUCKET=null
 PUBLIC_AWS_URL=null
+PUBLIC_AWS_ENDPOINT=null
+PUBLIC_AWS_PATH_STYLE=null
 PUBLIC_AWS_BUCKET_ROOT=null

 # --------------------------------------------
@@ -147,6 +149,8 @@ PRIVATE_AWS_SECRET_ACCESS_KEY=null
 PRIVATE_AWS_DEFAULT_REGION=null
 PRIVATE_AWS_BUCKET=null
 PRIVATE_AWS_URL=null
+PRIVATE_AWS_ENDPOINT=null
+PRIVATE_AWS_PATH_STYLE=null
 PRIVATE_AWS_BUCKET_ROOT=null

 # --------------------------------------------
@@ -144,6 +144,8 @@ PUBLIC_AWS_ACCESS_KEY_ID=null
 PUBLIC_AWS_DEFAULT_REGION=null
 PUBLIC_AWS_BUCKET=null
 PUBLIC_AWS_URL=null
+PUBLIC_AWS_ENDPOINT=null
+PUBLIC_AWS_PATH_STYLE=null
 PUBLIC_AWS_BUCKET_ROOT=null

 # --------------------------------------------
@@ -154,6 +156,8 @@ PRIVATE_AWS_SECRET_ACCESS_KEY=null
 PRIVATE_AWS_DEFAULT_REGION=null
 PRIVATE_AWS_BUCKET=null
 PRIVATE_AWS_URL=null
+PRIVATE_AWS_ENDPOINT=null
+PRIVATE_AWS_PATH_STYLE=null
 PRIVATE_AWS_BUCKET_ROOT=null

 # --------------------------------------------
@@ -143,6 +143,8 @@ PUBLIC_AWS_ACCESS_KEY_ID=null
 PUBLIC_AWS_DEFAULT_REGION=null
 PUBLIC_AWS_BUCKET=null
 PUBLIC_AWS_URL=null
+PUBLIC_AWS_ENDPOINT=null
+PUBLIC_AWS_PATH_STYLE=null
 PUBLIC_AWS_BUCKET_ROOT=null

 # --------------------------------------------
@@ -153,6 +155,8 @@ PRIVATE_AWS_SECRET_ACCESS_KEY=null
 PRIVATE_AWS_DEFAULT_REGION=null
 PRIVATE_AWS_BUCKET=null
 PRIVATE_AWS_URL=null
+PRIVATE_AWS_ENDPOINT=null
+PRIVATE_AWS_PATH_STYLE=null
 PRIVATE_AWS_BUCKET_ROOT=null

 # --------------------------------------------
@@ -197,7 +201,7 @@ REPORT_TIME_LIMIT=12000
 API_THROTTLE_PER_MINUTE=120
 CSV_ESCAPE_FORMULAS=true
 LIVEWIRE_URL_PREFIX=null
-
+MAX_UNPAGINATED=5000

 # --------------------------------------------
 # OPTIONAL: SAML SETTINGS
@@ -26,7 +26,7 @@ jobs:
        language: [ 'javascript' ]
    steps:
    - name: Checkout repository
-      uses: actions/checkout@v5
+      uses: actions/checkout@v6

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
@@ -32,7 +32,7 @@ jobs:
    steps:
      # Checkout the repository to the GitHub Actions runner
      - name: Checkout code
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6

      # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
      - name: Run Codacy Analysis CLI
@@ -9,7 +9,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6

      - name: Crowdin push
        uses: crowdin/github-action@v2
@@ -42,7 +42,7 @@ jobs:
    steps:
      # https://github.com/actions/checkout
      - name: Checkout codebase
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6

      # https://github.com/docker/setup-buildx-action
      - name: Setup Docker Buildx
@@ -42,7 +42,7 @@ jobs:
    steps:
      # https://github.com/actions/checkout
      - name: Checkout codebase
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6

      # https://github.com/docker/setup-buildx-action
      - name: Setup Docker Buildx
@@ -11,7 +11,7 @@ jobs:
  dockerHubDescription:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6

      - name: Docker Hub Description
        uses: grokability/dockerhub-description@7ea9d275c7cdbe2b676a093a0308c50665e3b8b4
@@ -37,7 +37,7 @@ jobs:
          php-version: "${{ matrix.php-version }}"
          coverage: none

-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6

      - name: Get Composer Cache Directory
        id: composer-cache
@@ -34,7 +34,7 @@ jobs:
          php-version: "${{ matrix.php-version }}"
          coverage: none

-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6

      - name: Get Composer Cache Directory
        id: composer-cache
@@ -25,7 +25,7 @@ jobs:
          php-version: "${{ matrix.php-version }}"
          coverage: none

-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6

      - name: Get Composer Cache Directory
        id: composer-cache
@@ -68,7 +68,8 @@ Thanks goes to all of these wonderful people ([emoji key](https://github.com/ken
 | [<img src="https://avatars.githubusercontent.com/u/181059?v=4" width="110px;"/><br /><sub>Juan Font</sub>](https://github.com/juanfont)<br />[💻](https://github.com/snipe/snipe-it/commits?author=juanfont "Code") | [<img src="https://avatars.githubusercontent.com/u/13137708?v=4" width="110px;"/><br /><sub>Juho Taipale</sub>](https://github.com/juhotaipale)<br />[💻](https://github.com/snipe/snipe-it/commits?author=juhotaipale "Code") | [<img src="https://avatars.githubusercontent.com/u/1007419?v=4" width="110px;"/><br /><sub>Korvin Szanto</sub>](https://github.com/KorvinSzanto)<br />[💻](https://github.com/snipe/snipe-it/commits?author=KorvinSzanto "Code") | [<img src="https://avatars.githubusercontent.com/u/8513053?v=4" width="110px;"/><br /><sub>Lewis Foster</sub>](https://lewisfoster.foo/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=sniff122 "Code") | [<img src="https://avatars.githubusercontent.com/u/33877541?v=4" width="110px;"/><br /><sub>Logan Swartzendruber</sub>](https://github.com/loganswartz)<br />[💻](https://github.com/snipe/snipe-it/commits?author=loganswartz "Code") | [<img src="https://avatars.githubusercontent.com/u/1156208?v=4" width="110px;"/><br /><sub>Lorenzo P.</sub>](https://github.com/lopezio)<br />[💻](https://github.com/snipe/snipe-it/commits?author=lopezio "Code") | [<img src="https://avatars.githubusercontent.com/u/33946590?v=4" width="110px;"/><br /><sub>Lukas Jung</sub>](https://github.com/m4us1ne)<br />[💻](https://github.com/snipe/snipe-it/commits?author=m4us1ne "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/10965027?v=4" width="110px;"/><br /><sub>Ellie</sub>](https://leafedfox.xyz/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=LeafedFox "Code") | [<img src="https://avatars.githubusercontent.com/u/20960555?v=4" width="110px;"/><br /><sub>GA Stamper</sub>](https://github.com/gastamper)<br />[💻](https://github.com/snipe/snipe-it/commits?author=gastamper "Code") | [<img src="https://avatars.githubusercontent.com/u/206553556?v=4" width="110px;"/><br /><sub>Guillaume Lefranc</sub>](https://github.com/gl-pup)<br />[💻](https://github.com/snipe/snipe-it/commits?author=gl-pup "Code") | [<img src="https://avatars.githubusercontent.com/u/733892?v=4" width="110px;"/><br /><sub>Hajo Möller</sub>](https://github.com/dasjoe)<br />[💻](https://github.com/snipe/snipe-it/commits?author=dasjoe "Code") | [<img src="https://avatars.githubusercontent.com/u/3420063?v=4" width="110px;"/><br /><sub>Istvan Basa</sub>](https://github.com/pottom)<br />[💻](https://github.com/snipe/snipe-it/commits?author=pottom "Code") | [<img src="https://avatars.githubusercontent.com/u/810824?v=4" width="110px;"/><br /><sub>JJ Asghar</sub>](https://jjasghar.github.io/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jjasghar "Code") | [<img src="https://avatars.githubusercontent.com/u/40404495?v=4" width="110px;"/><br /><sub>James E. Msenga</sub>](https://github.com/JemCdo)<br />[💻](https://github.com/snipe/snipe-it/commits?author=JemCdo "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/6865786?v=4" width="110px;"/><br /><sub>Jan Felix Wiebe</sub>](https://github.com/jfwiebe)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jfwiebe "Code") | [<img src="https://avatars.githubusercontent.com/u/43412008?v=4" width="110px;"/><br /><sub>Jo Drexl</sub>](https://www.nfon.com/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=drexljo "Code") | [<img src="https://avatars.githubusercontent.com/u/4807843?v=4" width="110px;"/><br /><sub>Austin Sasko</sub>](https://github.com/austinsasko)<br />[💻](https://github.com/snipe/snipe-it/commits?author=austinsasko "Code") | [<img src="https://avatars.githubusercontent.com/u/4875039?v=4" width="110px;"/><br /><sub>Jasson</sub>](http://jassoncordones.github.io)<br />[💻](https://github.com/snipe/snipe-it/commits?author=JassonCordones "Code") | [<img src="https://avatars.githubusercontent.com/u/76069640?v=4" width="110px;"/><br /><sub>Okean</sub>](https://github.com/Tinyblargon)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Tinyblargon "Code") | [<img src="https://avatars.githubusercontent.com/u/6515064?v=4" width="110px;"/><br /><sub>Alejandro Medrano</sub>](https://www.lst.tfo.upm.es/alejandro-medrano/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=amedranogil "Code") | [<img src="https://avatars.githubusercontent.com/u/58696401?v=4" width="110px;"/><br /><sub>Lukas Kraic</sub>](https://github.com/lukaskraic)<br />[💻](https://github.com/snipe/snipe-it/commits?author=lukaskraic "Code") |
-| [<img src="https://avatars.githubusercontent.com/u/1571724?v=4" width="110px;"/><br /><sub>Герхард PICCORO Lenz McKAY </sub>](https://github-readme-stats.vercel.app/api?username=mckaygerhard)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mckaygerhard "Code") | [<img src="https://avatars.githubusercontent.com/u/15015119?v=4" width="110px;"/><br /><sub>Johannes Pollitt</sub>](https://github.com/FlorestanII)<br />[💻](https://github.com/snipe/snipe-it/commits?author=FlorestanII "Code") | [<img src="https://avatars.githubusercontent.com/u/14185442?v=4" width="110px;"/><br /><sub>Michael Strobel</sub>](https://strobelm.de)<br />[💻](https://github.com/snipe/snipe-it/commits?author=strobelm "Code") | [<img src="https://avatars.githubusercontent.com/u/634790?v=4" width="110px;"/><br /><sub>Nicky West</sub>](http://nickwest.me)<br />[💻](https://github.com/snipe/snipe-it/commits?author=nickwest "Code") | [<img src="https://avatars.githubusercontent.com/u/1347327?v=4" width="110px;"/><br /><sub>akaspeh1</sub>](https://github.com/akaspeh1)<br />[💻](https://github.com/snipe/snipe-it/commits?author=akaspeh1 "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/1571724?v=4" width="110px;"/><br /><sub>Герхард PICCORO Lenz McKAY </sub>](https://github-readme-stats.vercel.app/api?username=mckaygerhard)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mckaygerhard "Code") | [<img src="https://avatars.githubusercontent.com/u/15015119?v=4" width="110px;"/><br /><sub>Johannes Pollitt</sub>](https://github.com/FlorestanII)<br />[💻](https://github.com/snipe/snipe-it/commits?author=FlorestanII "Code") | [<img src="https://avatars.githubusercontent.com/u/14185442?v=4" width="110px;"/><br /><sub>Michael Strobel</sub>](https://strobelm.de)<br />[💻](https://github.com/snipe/snipe-it/commits?author=strobelm "Code") | [<img src="https://avatars.githubusercontent.com/u/634790?v=4" width="110px;"/><br /><sub>Nicky West</sub>](http://nickwest.me)<br />[💻](https://github.com/snipe/snipe-it/commits?author=nickwest "Code") | [<img src="https://avatars.githubusercontent.com/u/1347327?v=4" width="110px;"/><br /><sub>akaspeh1</sub>](https://github.com/akaspeh1)<br />[💻](https://github.com/snipe/snipe-it/commits?author=akaspeh1 "Code") | [<img src="https://avatars.githubusercontent.com/u/2880129?v=4" width="110px;"/><br /><sub>Sebastian Marsching</sub>](http://sebastian.marsching.com/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=smarsching "Code") | [<img src="https://avatars.githubusercontent.com/u/40658372?v=4" width="110px;"/><br /><sub>Mo</sub>](https://github.com/mohammad-ahmadi1)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mohammad-ahmadi1 "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/20994684?v=4" width="110px;"/><br /><sub>Owen V. Hayes</sub>](https://github.com/MarvelousAnything)<br />[💻](https://github.com/snipe/snipe-it/commits?author=MarvelousAnything "Code") |
 <!-- ALL-CONTRIBUTORS-LIST:END -->

 This project follows the [all-contributors](https://github.com/kentcdodds/all-contributors) specification. Contributions of any kind welcome!
@@ -83,6 +83,7 @@ Since the release of the JSON REST API, several third-party developers have been
 - [jamf2snipe](https://github.com/grokability/jamf2snipe) - Python script to sync assets between a JAMFPro instance and a Snipe-IT instance
 - [jamf-snipe-rename](https://macblog.org/jamf-snipe-rename/) - Python script to rename computers in Jamf from Snipe-IT
 - [Snipe-IT plugin for Jira Service Desk](https://marketplace.atlassian.com/apps/1220964/snipe-it-for-jira)
+- [Rudder2Snipe](https://github.com/norbertoaquino/rudder2snipe) by [@norbertoaquino](https://github.com/norbertoaquino) - Rudder.io integration for Snipe-IT
 - [Python 3 CSV importer](https://github.com/gastamper/snipeit-csvimporter) - allows importing assets into Snipe-IT based on Item Name rather than Asset Tag.
 - [Snipe-IT Kubernetes Helm Chart](https://github.com/t3n/helm-charts/tree/master/snipeit) - For more information, [click here](https://hub.helm.sh/charts/t3n/snipeit).
 - [Snipe-IT Bulk Edit](https://github.com/bricelabelle/snipe-it-bulkedit) - Google Script files to use Google Sheets as a bulk checkout/checkin/edit tool for Snipe-IT.
@@ -56,7 +56,7 @@ class ObjectImportCommand extends Command
        $this->progressIndicator = new ProgressIndicator($this->output);

        $filename = $this->argument('filename');
-        $class = title_case($this->option('item-type'));
+        $class = ucfirst($this->option('item-type'));
        $classString = "App\\Importer\\{$class}Importer";
        $importer = new $classString($filename);
        $importer->setCallbacks([$this, 'log'], [$this, 'progress'], [$this, 'errorCallback'])
@@ -49,14 +49,15 @@ class ResetDemoSettings extends Command
        $settings->logo = 'snipe-logo.png';
        $settings->alert_email = 'service@snipe-it.io';
        $settings->login_note = 'Use `admin` / `password` to login to the demo.';
-        $settings->header_color = null;
+        $settings->header_color = '#3c8dbc';
+        $settings->link_dark_color = '#86cbf2';
+        $settings->link_light_color = '#084d73;';
        $settings->label2_2d_type = 'QRCODE';
        $settings->default_currency = 'USD';
        $settings->brand = 2;
        $settings->ldap_enabled = 0;
        $settings->full_multiple_companies_support = 0;
        $settings->label2_1d_type = 'C128';
-        $settings->skin = '';
        $settings->email_domain = 'snipeitapp.com';
        $settings->email_format = 'filastname';
        $settings->username_format = 'filastname';
@@ -80,6 +81,8 @@ class ResetDemoSettings extends Command

        if ($user = User::where('username', '=', 'admin')->first()) {
            $user->locale = 'en-US';
+            $user->enable_confetti = 1;
+            $user->enable_sounds = 1;
            $user->save();
        }

@@ -52,7 +52,7 @@ class SQLStreamer {
            /* we *could* have made the ^INSERT INTO blah VALUES$ turn on the capturing state, and closed it with
               a ^(blahblah);$ but it's cleaner to not have to manage the state machine. We're just going to
               assume that (blahblah), or (blahblah); are values for INSERT and are always acceptable. */
-            "<^/\*!40101 SET NAMES '?[a-zA-Z0-9_-]+'? \*/;$>"                                   => false, //using weird delimiters (<,>) for readability. allow quoted or unquoted charsets
+            "<^/\*![0-9]{5} SET NAMES '?[a-zA-Z0-9_-]+'? \*/;$>" => false, //using weird delimiters (<,>) for readability. allow quoted or unquoted charsets
            "<^/\*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' \*/;$>" => false, //same, now handle zero-values
        ];

@@ -3,13 +3,18 @@
 namespace App\Console\Commands;

 use App\Mail\UnacceptedAssetReminderMail;
+use App\Models\Accessory;
 use App\Models\Asset;
 use App\Models\CheckoutAcceptance;
+use App\Models\Component;
+use App\Models\Consumable;
+use App\Models\LicenseSeat;
 use App\Models\Setting;
 use App\Models\User;
 use App\Notifications\CheckoutAssetNotification;
 use App\Notifications\CurrentInventory;
 use Illuminate\Console\Command;
+use Illuminate\Database\Eloquent\Relations\MorphTo;
 use Illuminate\Support\Facades\Mail;

 class SendAcceptanceReminder extends Command
@@ -26,7 +31,7 @@ class SendAcceptanceReminder extends Command
     *
     * @var string
     */
-    protected $description = 'This will resend users with unaccepted assets a reminder to accept or decline them.';
+    protected $description = 'This will resend users with unaccepted items a reminder to accept or decline them.';

    /**
     * Create a new command instance.
@@ -45,19 +50,30 @@ class SendAcceptanceReminder extends Command
     */
    public function handle()
    {
-        $pending = CheckoutAcceptance::pending()->where('checkoutable_type', 'App\Models\Asset')
-                                                ->whereHas('checkoutable', function($query) {
-                                                    $query->where('accepted_at', null)
-                                                          ->where('declined_at', null);
-                                                })
-                                                ->with(['assignedTo', 'checkoutable.assignedTo', 'checkoutable.model', 'checkoutable.adminuser'])
-                                                ->get();
+        $pending = CheckoutAcceptance::query()
+            ->with([
+                'checkoutable' => function (MorphTo $morph) {
+                    $morph->morphWith([
+                        Asset::class       => ['model.category', 'assignedTo', 'adminuser', 'company', 'checkouts'],
+                        Accessory::class   => ['category', 'company', 'checkouts'],
+                        LicenseSeat::class => ['user', 'license', 'checkouts'],
+                        Component::class   => ['assignedTo', 'company', 'checkouts'],
+                        Consumable::class  => ['company', 'checkouts'],
+                    ]);
+                },
+                'assignedTo',
+            ])
+            ->whereHasMorph(
+                'checkoutable',
+                [Asset::class, Accessory::class, LicenseSeat::class, Component::class, Consumable::class],
+                fn ($q) => $q->whereNull('accepted_at')
+                    ->whereNull('declined_at')
+            )
+            ->pending()
+            ->get();

        $count = 0;
        $unacceptedAssetGroups = $pending
-            ->filter(function($acceptance) {
-                return $acceptance->checkoutable_type == 'App\Models\Asset';
-            })
            ->map(function($acceptance) {
                return ['assetItem' => $acceptance->checkoutable, 'acceptance' => $acceptance];
            })
@@ -9,6 +9,8 @@ use App\Notifications\ExpectedCheckinAdminNotification;
 use App\Notifications\ExpectedCheckinNotification;
 use Carbon\Carbon;
 use Illuminate\Console\Command;
+use Illuminate\Support\Facades\Notification;
+use App\Helpers\Helper;

 class SendExpectedCheckinAlerts extends Command
 {
@@ -17,7 +19,7 @@ class SendExpectedCheckinAlerts extends Command
     *
     * @var string
     */
-    protected $name = 'snipeit:expected-checkin';
+    protected $signature = 'snipeit:expected-checkin {--with-output : Display the results in a table in your console in addition to sending the email}';

    /**
     * The console command description.
@@ -42,19 +44,47 @@ class SendExpectedCheckinAlerts extends Command
    public function handle()
    {
        $settings = Setting::getSettings();
-        $interval = $settings->audit_warning_days ?? 0;
+        $interval = $settings->due_checkin_days ?? 0;
        $today = Carbon::now();
        $interval_date = $today->copy()->addDays($interval);
-        
+        $count = 0;
+
+        if (!$this->option('with-output')) {
+            $this->info('Run this command with the --with-output option to see the full list in the console.');
+        }
+
        $assets = Asset::whereNull('deleted_at')->DueOrOverdueForCheckin($settings)->orderBy('assets.expected_checkin', 'desc')->get();

-        $this->info($assets->count().' assets must be checked in on or before '.$interval_date.' is deadline');
+        $this->info($assets->count().' assets must be checked on or before '.Helper::getFormattedDateObject($interval_date, 'date', false));


        foreach ($assets as $asset) {
            if ($asset->assignedTo && (isset($asset->assignedTo->email)) && ($asset->assignedTo->email!='') && $asset->checkedOutToUser()) {
-                $this->info('Sending User ExpectedCheckinNotification to: '.$asset->assignedTo->email);
                $asset->assignedTo->notify((new ExpectedCheckinNotification($asset)));
+                $count++;
+            }
+        }
+
+        if ($this->option('with-output')) {
+            if (($assets) && ($assets->count() > 0) && ($settings->alert_email != '')) {
+                $this->table(
+                    [
+                        trans('general.id'),
+                        trans('admin/hardware/form.tag'),
+                        trans('admin/hardware/form.model'),
+                        trans('general.model_no'),
+                        trans('general.purchase_date'),
+                        trans('admin/hardware/form.expected_checkin'),
+                    ],
+                    $assets->map(fn($assets) => [
+                        trans('general.id') => $assets->id,
+                        trans('admin/hardware/form.tag') => $assets->asset_tag,
+                        trans('admin/hardware/form.model') => $assets->model->name,
+                        trans('general.model_no') => $assets->model->model_number,
+                        trans('general.purchase_date') => $assets->purchase_date_formatted,
+                        trans('admin/hardware/form.eol_date') => $assets->expected_checkin_formattedDate ? $assets->expected_checkin_formattedDate . ' (' . $assets->expected_checkin_diff_for_humans . ')' : '',
+                    ])
+                );
            }
        }

@@ -63,10 +93,11 @@ class SendExpectedCheckinAlerts extends Command
            $recipients = collect(explode(',', $settings->alert_email))->map(function ($item) {
                return new AlertRecipient($item);
            });
-
-            $this->info('Sending Admin ExpectedCheckinNotification to: '.$settings->alert_email);
-            \Notification::send($recipients, new ExpectedCheckinAdminNotification($assets));
+            Notification::send($recipients, new ExpectedCheckinAdminNotification($assets));

        }
+        
+        $this->info('Sent checkin reminders to to '.$count.' users.');
+
    }
 }
@@ -14,11 +14,11 @@ use Illuminate\Support\Facades\Mail;
 class SendExpirationAlerts extends Command
 {
    /**
-     * The console command name.
-     *
+     * The name and signature of the console command.
+ *
     * @var string
     */
-    protected $name = 'snipeit:expiring-alerts';
+    protected $signature = 'snipeit:expiring-alerts {--expired-licenses}';

    /**
     * The console command description.
@@ -85,7 +85,7 @@ class SendExpirationAlerts extends Command
            }

            // Expiring licenses
-            $licenses = License::query()->ExpiringLicenses($alert_interval)
+            $licenses = License::query()->ExpiringLicenses($alert_interval, $this->option('expired-licenses'))
                ->with('manufacturer','category')
                ->orderBy('expiration_date', 'ASC')
                ->orderBy('termination_date', 'ASC')
@@ -52,7 +52,9 @@ class SendInventoryAlerts extends Command
                    return new AlertRecipient($item);
                });

-                \Notification::send($recipients, new InventoryAlert($items, $settings->alert_threshold));
+                Notification::send($recipients, new InventoryAlert($items, $settings->alert_threshold));
+            } else {
+                $this->info('No low inventory items found. No mail sent.');
            }
        } else {
            if ($settings->alert_email == '') {
@@ -0,0 +1,33 @@
+<?php
+
+namespace App\Enums;
+enum ActionType: string
+{
+    // General
+    case Create = 'create';
+    case Update = 'update';
+    case Delete = 'delete';
+    case Restore = 'restore';
+
+    // Assets/Accessories/Components/Licenses/Consumables
+    case Checkout = 'checkout';
+    case CheckinFrom = 'checkin from';
+    case Requested = 'requested';
+    case RequestCanceled = 'request canceled';
+    case Accepted = 'accepted';
+    case Declined = 'declined';
+    case Audit = 'audit';
+    case NoteAdded = 'note added';
+
+    // Users
+    case TwoFactorReset = '2FA reset';
+    case Merged = 'merged';
+
+    // Licenses
+    case DeleteSeats = 'delete seats';
+    case AddSeats = 'add seats';
+
+    // File Uploads
+    case Uploaded = 'uploaded';
+    case UploadDeleted = 'upload deleted';
+}
@@ -784,7 +784,7 @@ class Helper

        foreach ($consumables as $consumable) {
            $avail = $consumable->numRemaining();
-            if ($avail < ($consumable->min_amt) + $alert_threshold) {
+            if ($avail <= ($consumable->min_amt) + $alert_threshold) {
                if ($consumable->qty > 0) {
                    $percent = number_format((($avail / $consumable->qty) * 100), 0);
                } else {
@@ -803,7 +803,7 @@ class Helper

        foreach ($accessories as $accessory) {
            $avail = $accessory->qty - $accessory->checkouts_count;
-            if ($avail < ($accessory->min_amt) + $alert_threshold) {
+            if ($avail <= ($accessory->min_amt) + $alert_threshold) {
                if ($accessory->qty > 0) {
                    $percent = number_format((($avail / $accessory->qty) * 100), 0);
                } else {
@@ -822,7 +822,7 @@ class Helper

        foreach ($components as $component) {
            $avail = $component->numRemaining();
-            if ($avail < ($component->min_amt) + $alert_threshold) {
+            if ($avail <= ($component->min_amt) + $alert_threshold) {
                if ($component->qty > 0) {
                    $percent = number_format((($avail / $component->qty) * 100), 0);
                } else {
@@ -845,7 +845,7 @@ class Helper
            $total_owned = $asset->where('model_id', '=', $asset_model->id)->count();
            $avail = $asset->where('model_id', '=', $asset_model->id)->whereNull('assigned_to')->count();

-            if ($avail < ($asset_model->min_amt) + $alert_threshold) {
+            if ($avail <= ($asset_model->min_amt) + $alert_threshold) {
                if ($avail > 0) {
                    $percent = number_format((($avail / $total_owned) * 100), 0);
                } else {
@@ -863,7 +863,7 @@ class Helper

        foreach ($licenses as $license){
            $avail = $license->remaincount();
-            if ($avail < ($license->min_amt) + $alert_threshold) {
+            if ($avail <= ($license->min_amt) + $alert_threshold) {
                if ($avail > 0) {
                    $percent = number_format((($avail / $license->min_amt) * 100), 0);
                } else {
@@ -182,7 +182,11 @@ class AccessoriesController extends Controller

            $accessory = $request->handleImages($accessory);

-            session()->put(['redirect_option' => $request->get('redirect_option')]);
+            if($request->get('redirect_option') === 'back'){
+                session()->put(['redirect_option' => 'index']);
+            } else {
+                session()->put(['redirect_option' => $request->get('redirect_option')]);
+            }

            if ($accessory->save()) {
                return Helper::getRedirectOption($request, $accessory->id, 'Accessories')
@@ -13,9 +13,9 @@ use App\Models\Company;
 use App\Models\Contracts\Acceptable;
 use App\Models\Setting;
 use App\Models\User;
-use App\Notifications\AcceptanceAssetAcceptedNotification;
-use App\Notifications\AcceptanceAssetAcceptedToUserNotification;
-use App\Notifications\AcceptanceAssetDeclinedNotification;
+use App\Notifications\AcceptanceItemAcceptedNotification;
+use App\Notifications\AcceptanceItemAcceptedToUserNotification;
+use App\Notifications\AcceptanceItemDeclinedNotification;
 use Exception;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Mail;
@@ -138,14 +138,14 @@ class AcceptanceController extends Controller
        // Convert PDF logo to base64 for TCPDF
        // This is needed for TCPDF to properly embed the image if it's a png and the cache isn't writable
        $encoded_logo = null;
-        if ($settings->acceptance_pdf_logo) {
+        if (($settings->acceptance_pdf_logo) && (Storage::disk('public')->exists($settings->acceptance_pdf_logo))) {
            $encoded_logo = base64_encode(file_get_contents(public_path() . '/uploads/' . $settings->acceptance_pdf_logo));
        }

        // Get the data array ready for the notifications and PDF generation
        $data = [
            'item_tag' => $item->asset_tag,
-            'item_name' => $item->name, // this handles licenses seats, which don't have a 'name' field
+            'item_name' => $item->display_name, // this handles licenses seats, which don't have a 'name' field
            'item_model' => $item->model?->name,
            'item_serial' => $item->serial,
            'item_status' => $item->assetstatus?->name,
@@ -183,13 +183,13 @@ class AcceptanceController extends Controller
                // Add the attachment for the signing user into the $data array
                $data['file'] = $pdf_filename;
                try {
-                    $assigned_user->notify((new AcceptanceAssetAcceptedToUserNotification($data))->locale($assigned_user->locale));
+                    $assigned_user->notify((new AcceptanceItemAcceptedToUserNotification($data))->locale($assigned_user->locale));
                } catch (\Exception $e) {
                    Log::warning($e);
                }
            }
            try {
-                $acceptance->notify((new AcceptanceAssetAcceptedNotification($data))->locale(Setting::getSettings()->locale));
+                $acceptance->notify((new AcceptanceItemAcceptedNotification($data))->locale(Setting::getSettings()->locale));
            } catch (\Exception $e) {
                Log::warning($e);
            }
@@ -204,7 +204,7 @@ class AcceptanceController extends Controller
                $acceptance->decline($sig_filename, $request->input('note'));
            }

-            $acceptance->notify(new AcceptanceAssetDeclinedNotification($data));
+            $acceptance->notify(new AcceptanceItemDeclinedNotification($data));
            Log::debug('New event acceptance.');
            event(new CheckoutDeclined($acceptance));
            $return_msg = trans('admin/users/message.declined');
@@ -216,7 +216,7 @@ class AcceptanceController extends Controller
            try {
                $recipient = User::find($acceptance->alert_on_response_id);

-                if ($recipient) {
+                if ($recipient?->email) {
                    Log::debug('Attempting to send email acceptance.');
                    Mail::to($recipient)->send(new CheckoutAcceptanceResponseMail(
                        $acceptance,
@@ -3,37 +3,38 @@
 namespace App\Http\Controllers\Api;

 use App\Events\CheckoutableCheckedIn;
-use App\Http\Requests\StoreAssetRequest;
-use App\Http\Requests\UpdateAssetRequest;
-use App\Http\Traits\MigratesLegacyAssetLocations;
-use App\Http\Transformers\ComponentsTransformer;
-use App\Models\AccessoryCheckout;
-use App\Models\CheckoutAcceptance;
-use App\Models\LicenseSeat;
-use Illuminate\Database\Eloquent\Builder;
-use Illuminate\Http\JsonResponse;
-use Illuminate\Support\Facades\Crypt;
-use Illuminate\Support\Facades\Gate;
 use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Http\Requests\AssetCheckoutRequest;
+use App\Http\Requests\FilterRequest;
+use App\Http\Requests\StoreAssetRequest;
+use App\Http\Requests\UpdateAssetRequest;
+use App\Http\Traits\MigratesLegacyAssetLocations;
 use App\Http\Transformers\AssetsTransformer;
+use App\Http\Transformers\ComponentsTransformer;
 use App\Http\Transformers\LicensesTransformer;
 use App\Http\Transformers\SelectlistTransformer;
+use App\Models\AccessoryCheckout;
 use App\Models\Asset;
 use App\Models\AssetModel;
+use App\Models\CheckoutAcceptance;
 use App\Models\Company;
 use App\Models\CustomField;
 use App\Models\License;
+use App\Models\LicenseSeat;
 use App\Models\Location;
 use App\Models\Setting;
 use App\Models\User;
+use App\View\Label;
 use Carbon\Carbon;
-use Illuminate\Support\Facades\DB;
+use Illuminate\Database\Eloquent\Builder;
+use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Crypt;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Gate;
 use Illuminate\Support\Facades\Log;
 use Illuminate\Support\Facades\Route;
-use App\View\Label;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Facades\Validator;

@@ -56,7 +57,7 @@ class AssetsController extends Controller
     * @param int $assetId
     * @since [v4.0]
     */
-    public function index(Request $request, $action = null, $upcoming_status = null) : JsonResponse | array
+    public function index(FilterRequest $request, $action = null, $upcoming_status = null) : JsonResponse | array
    {


@@ -43,6 +43,7 @@ class CategoriesController extends Controller
            'created_at',
            'updated_at',
            'image',
+            'tag_color',
            'notes',
        ];

@@ -57,6 +58,7 @@ class CategoriesController extends Controller
            'require_acceptance',
            'checkin_email',
            'image',
+            'tag_color',
            'notes',
            ])
            ->with('adminuser')
@@ -38,6 +38,7 @@ class CompaniesController extends Controller
            'accessories_count',
            'consumables_count',
            'components_count',
+            'tag_color',
            'notes',
        ];

@@ -64,6 +65,11 @@ class CompaniesController extends Controller
            $companies->where('created_by', '=', $request->input('created_by'));
        }

+        if ($request->filled('tag_color')) {
+            $companies->where('tag_color', '=', $request->input('tag_color'));
+        }
+
+

        // Make sure the offset and limit are actually integers and do not exceed system limits
        $offset = ($request->input('offset') > $companies->count()) ? $companies->count() : app('api_offset_value');
@@ -191,6 +197,7 @@ class CompaniesController extends Controller
            'companies.name',
            'companies.email',
            'companies.image',
+            'companies.tag_color',
        ]);


@@ -58,8 +58,8 @@ class ComponentsController extends Controller
            ];

        $components = Component::select('components.*')
-            ->with('company', 'location', 'category', 'assets', 'supplier', 'adminuser', 'manufacturer', 'uncontrainedAssets')
-            ->withSum('uncontrainedAssets', 'components_assets.assigned_qty');
+            ->with('company', 'location', 'category', 'supplier', 'adminuser', 'manufacturer')
+            ->withSum('uncontrainedAssets as sum_unconstrained_assets', 'components_assets.assigned_qty');

        $filter = [];

@@ -112,7 +112,8 @@ class ComponentsController extends Controller
        }

        // Make sure the offset and limit are actually integers and do not exceed system limits
-        $offset = ($request->input('offset') > $components->count()) ? $components->count() : app('api_offset_value');
+        $components_count = $components->count();
+        $offset = ($request->input('offset') > $components_count) ? $components_count : app('api_offset_value');
        $limit = app('api_limit_value');

        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
@@ -143,7 +144,7 @@ class ComponentsController extends Controller
                break;
        }

-        $total = $components->count();
+        $total = $components_count;
        $components = $components->skip($offset)->take($limit)->get();

        return (new ComponentsTransformer)->transformComponents($components, $total);
@@ -4,6 +4,7 @@ namespace App\Http\Controllers\Api;

 use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
+use App\Http\Requests\StoreDepartmentRequest;
 use App\Http\Transformers\DepartmentsTransformer;
 use App\Http\Transformers\SelectlistTransformer;
 use App\Models\Department;
@@ -23,21 +24,23 @@ class DepartmentsController extends Controller
    public function index(Request $request) : JsonResponse | array
    {
        $this->authorize('view', Department::class);
-        $allowed_columns = ['id', 'name', 'image', 'users_count', 'notes'];
+        $allowed_columns = ['id', 'name', 'image', 'users_count', 'notes', 'tag_color'];

        $departments = Department::select(
-            'departments.id',
-            'departments.name',
-            'departments.phone',
-            'departments.fax',
-            'departments.location_id',
-            'departments.company_id',
-            'departments.manager_id',
-            'departments.created_at',
-            'departments.updated_at',
-            'departments.image',
-            'departments.notes',
-        )->with('users')->with('location')->with('manager')->with('company')->withCount('users as users_count');
+            [
+                'departments.id',
+                'departments.name',
+                'departments.phone',
+                'departments.fax',
+                'departments.location_id',
+                'departments.company_id',
+                'departments.manager_id',
+                'departments.created_at',
+                'departments.updated_at',
+                'departments.image',
+                'departments.tag_color',
+                'departments.notes'
+            ])->with('location')->with('manager')->with('company')->withCount('users as users_count');

        if ($request->filled('search')) {
            $departments = $departments->TextSearch($request->input('search'));
@@ -59,6 +62,10 @@ class DepartmentsController extends Controller
            $departments->where('location_id', '=', $request->input('location_id'));
        }

+        if ($request->filled('tag_color')) {
+            $departments->where('tag_color', '=', $request->input('departments.tag_color'));
+        }
+
        // Make sure the offset and limit are actually integers and do not exceed system limits
        $offset = ($request->input('offset') > $departments->count()) ? $departments->count() : app('api_offset_value');
        $limit = app('api_limit_value');
@@ -94,18 +101,17 @@ class DepartmentsController extends Controller
     * @since [v4.0]
     * @param  \App\Http\Requests\ImageUploadRequest  $request
     */
-    public function store(ImageUploadRequest $request) : JsonResponse
+    public function store(StoreDepartmentRequest $request): JsonResponse
    {
-        $this->authorize('create', Department::class);
        $department = new Department;
-        $department->fill($request->all());
+        $department->fill($request->validated());
        $department = $request->handleImages($department);

        $department->created_by = auth()->id();
        $department->manager_id = ($request->filled('manager_id') ? $request->input('manager_id') : null);

        if ($department->save()) {
-            return response()->json(Helper::formatStandardApiResponse('success', $department, trans('admin/departments/message.create.success')));
+            return response()->json(Helper::formatStandardApiResponse('success', (new DepartmentsTransformer)->transformDepartment($department), trans('admin/departments/message.create.success')));
        }
        return response()->json(Helper::formatStandardApiResponse('error', null, $department->getErrors()));

@@ -121,7 +127,7 @@ class DepartmentsController extends Controller
    public function show($id) : array
    {
        $this->authorize('view', Department::class);
-        $department = Department::findOrFail($id);
+        $department = Department::withCount('users as users_count')->findOrFail($id);
        return (new DepartmentsTransformer)->transformDepartment($department);
    }

@@ -141,7 +147,7 @@ class DepartmentsController extends Controller
        $department = $request->handleImages($department);

        if ($department->save()) {
-            return response()->json(Helper::formatStandardApiResponse('success', $department, trans('admin/departments/message.update.success')));
+            return response()->json(Helper::formatStandardApiResponse('success', (new DepartmentsTransformer)->transformDepartment($department), trans('admin/departments/message.update.success')));
        }

        return response()->json(Helper::formatStandardApiResponse('error', null, $department->getErrors()));
@@ -185,6 +191,7 @@ class DepartmentsController extends Controller
            'id',
            'name',
            'image',
+            'tag_color',
        ]);

        if ($request->filled('search')) {
@@ -24,7 +24,7 @@ class GroupsController extends Controller

        $this->authorize('view', Group::class);

-        $groups = Group::select('id', 'name', 'permissions', 'notes', 'created_at', 'updated_at', 'created_by')->with('adminuser')->withCount('users as users_count');
+        $groups = Group::select(['id', 'name', 'permissions', 'notes', 'created_at', 'updated_at', 'created_by'])->with('adminuser')->withCount('users as users_count');

        if ($request->filled('search')) {
            $groups = $groups->TextSearch($request->input('search'));
@@ -50,6 +50,7 @@ class GroupsController extends Controller
                    'id',
                    'name',
                    'created_at',
+                    'updated_at',
                    'users_count',
                ];

@@ -15,6 +15,7 @@ use Illuminate\Database\Eloquent\JsonEncodingException;
 use Illuminate\Support\Facades\Request;
 use Illuminate\Support\Facades\Session;
 use Illuminate\Support\Facades\Storage;
+use Illuminate\Support\Str;
 use League\Csv\Reader;
 use Onnov\DetectEncoding\EncodingDetector;
 use Symfony\Component\HttpFoundation\File\Exception\FileException;
@@ -149,7 +150,9 @@ class ImportController extends Controller
                }

                $date = date('Y-m-d-his');
-                $fixed_filename = str_slug($file->getClientOriginalName());
+
+                $fixed_filename = Str::of($file->getClientOriginalName())->basename('.csv').'.csv';
+
                try {
                    $file->move($path, $date.'-'.$fixed_filename);
                } catch (FileException $exception) {
@@ -211,36 +214,47 @@ class ImportController extends Controller
        $redirectTo = 'hardware.index';
        switch ($request->get('import-type')) {
            case 'asset':
+                $model_perms = 'App\Models\Asset';
                $redirectTo = 'hardware.index';
                break;
            case 'assetModel':
+                $model_perms = 'App\Models\AssetModel';
                $redirectTo = 'models.index';
                break;
            case 'accessory':
+                $model_perms = 'App\Models\Accessory';
                $redirectTo = 'accessories.index';
                break;
            case 'consumable':
+                $model_perms = 'App\Models\Consumable';
                $redirectTo = 'consumables.index';
                break;
            case 'component':
+                $model_perms = 'App\Models\Component';
                $redirectTo = 'components.index';
                break;
            case 'license':
+                $model_perms = 'App\Models\License';
                $redirectTo = 'licenses.index';
                break;
            case 'user':
+                $model_perms = 'App\Models\User';
                $redirectTo = 'users.index';
                break;
            case 'location':
+                $model_perms = 'App\Models\Location';
                $redirectTo = 'locations.index';
                break;
            case 'supplier':
+                $model_perms = 'App\Models\Supplier';
                $redirectTo = 'suppliers.index';
                break;
            case 'manufacturer':
+                $model_perms = 'App\Models\Manufacturer';
                $redirectTo = 'manufacturers.index';
                break;
            case 'category':
+                $model_perms = 'App\Models\Category';
                $redirectTo = 'categories.index';
                break;
        }
@@ -251,7 +265,11 @@ class ImportController extends Controller
        //Flash message before the redirect
        Session::flash('success', trans('admin/hardware/message.import.success'));

-        return response()->json(Helper::formatStandardApiResponse('success', null, ['redirect_url' => route($redirectTo)]));
+        if (auth()->user()->can('view', $model_perms)) {
+            return response()->json(Helper::formatStandardApiResponse('success', null, ['redirect_url' => route($redirectTo)]));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('success', null, ['redirect_url' => route('imports.index')]));
    }

    /**
@@ -261,9 +279,16 @@ class ImportController extends Controller
     */
    public function destroy($import_id) : JsonResponse
    {
-        $this->authorize('create', Asset::class);
+        $this->authorize('import');

        if ($import = Import::find($import_id)) {
+
+
+            if ((auth()->user()->id != $import->created_by) && (!auth()->user()->isSuperUser())) {
+                return response()->json(Helper::formatStandardApiResponse('warning', null, trans('admin/hardware/message.import.file_not_deleted_warning')));
+            }
+
+
            try {
                // Try to delete the file
                Storage::delete('imports/'.$import->file_path);
@@ -280,4 +305,6 @@ class ImportController extends Controller
        }
        return response()->json(Helper::formatStandardApiResponse('warning', null, trans('admin/hardware/message.import.file_not_deleted_warning')));
    }
+
+
 }
@@ -26,11 +26,11 @@ class LicenseSeatsController extends Controller
        if ($license = License::find($licenseId)) {
            $this->authorize('view', $license);

-            $seats = LicenseSeat::with('license', 'user', 'asset', 'user.department')
+            $seats = LicenseSeat::with('license', 'user', 'asset', 'user.department',  'user.company', 'asset.company')
                ->where('license_seats.license_id', $licenseId);

            if ($request->input('status') == 'available') {
-                $seats->whereNull('license_seats.assigned_to');
+                $seats->whereNull('license_seats.assigned_to')->whereNull('license_seats.asset_id');
            }

            if ($request->input('status') == 'assigned') {
@@ -40,8 +40,10 @@ class LicenseSeatsController extends Controller

            $order = $request->input('order') === 'asc' ? 'asc' : 'desc';

-            if ($request->input('sort') == 'department') {
+            if ($request->input('sort') == 'assigned_user.department') {
                $seats->OrderDepartments($order);
+            } elseif ($request->input('sort') == 'assigned_user.company') {
+                    $seats->OrderCompany($order);
            } else {
                $seats->orderBy('updated_at', $order);
            }
@@ -77,17 +79,14 @@ class LicenseSeatsController extends Controller
    {

        $this->authorize('view', License::class);
-        // sanity checks:
-        // 1. does the license seat exist?
-        if (! $licenseSeat = LicenseSeat::find($seatId)) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, 'Seat not found'));
-        }
-        // 2. does the seat belong to the specified license?
-        if (! $license = $licenseSeat->license()->first() || $license->id != intval($licenseId)) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, 'Seat does not belong to the specified license'));
+
+        if ($licenseSeat = LicenseSeat::where('license_id', $licenseId)->find($seatId)) {
+            return (new LicenseSeatsTransformer)->transformLicenseSeat($licenseSeat);
        }

-        return (new LicenseSeatsTransformer)->transformLicenseSeat($licenseSeat);
+        return response()->json(Helper::formatStandardApiResponse('error', null, 'Seat ID or license not found or the seat does not belong to this license'));
+
+
    }

    /**
@@ -120,17 +119,22 @@ class LicenseSeatsController extends Controller

        // check if this update is a checkin operation
        // 1. are relevant fields touched at all?
-        $touched = $licenseSeat->isDirty('assigned_to') || $licenseSeat->isDirty('asset_id');
-        // 2. are they cleared? if yes then this is a checkin operation
-        $is_checkin = ($touched && $licenseSeat->assigned_to === null && $licenseSeat->asset_id === null);
+        $assignmentTouched = $licenseSeat->isDirty('assigned_to') || $licenseSeat->isDirty('asset_id');
+        $anythingTouched = $licenseSeat->isDirty();

-        if (! $touched) {
-            // nothing to update
-            return response()->json(Helper::formatStandardApiResponse('success', $licenseSeat, trans('admin/licenses/message.update.success')));
+        if (! $anythingTouched) {
+            return response()->json(
+                Helper::formatStandardApiResponse('success', $licenseSeat, trans('admin/licenses/message.update.success'))
+            );
        }
-        if( $touched && $licenseSeat->unreassignable_seat) {
+        if( $assignmentTouched && $licenseSeat->unreassignable_seat) {
            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/licenses/message.checkout.unavailable')));
        }
+
+        // 2. are they cleared? if yes then this is a checkin operation
+        $is_checkin = ($assignmentTouched && $licenseSeat->assigned_to === null && $licenseSeat->asset_id === null);
+        $target = null;
+
        // the logging functions expect only one "target". if both asset and user are present in the request,
        // we simply let assets take precedence over users...
        if ($licenseSeat->isDirty('assigned_to')) {
@@ -140,25 +144,23 @@ class LicenseSeatsController extends Controller
            $target = $is_checkin ? $oldAsset : Asset::find($licenseSeat->asset_id);
        }

-        if (is_null($target)){
+        if ($assignmentTouched && is_null($target)){
            return response()->json(Helper::formatStandardApiResponse('error', null, 'Target not found'));
        }

        if ($licenseSeat->save()) {
-
-            if ($is_checkin) {
-                if(!$licenseSeat->license->reassignable){
-                    $licenseSeat->unreassignable_seat = true;
-                    $licenseSeat->save();
+            if($assignmentTouched) {
+                if ($is_checkin) {
+                    if (!$licenseSeat->license->reassignable) {
+                        $licenseSeat->unreassignable_seat = true;
+                        $licenseSeat->save();
+                    }
+                    $licenseSeat->logCheckin($target, $licenseSeat->notes);
+                } else {
+                    // in this case, relevant fields are touched but it's not a checkin operation. so it must be a checkout operation.
+                    $licenseSeat->logCheckout($request->input('notes'), $target);
                }
-                $licenseSeat->logCheckin($target, $licenseSeat->notes);
-
-                return response()->json(Helper::formatStandardApiResponse('success', $licenseSeat, trans('admin/licenses/message.update.success')));
            }
-
-            // in this case, relevant fields are touched but it's not a checkin operation. so it must be a checkout operation.
-            $licenseSeat->logCheckout($request->input('notes'), $target);
-
            return response()->json(Helper::formatStandardApiResponse('success', $licenseSeat, trans('admin/licenses/message.update.success')));
        }

@@ -59,6 +59,7 @@ class LocationsController extends Controller
            'state',
            'updated_at',
            'zip',
+            'tag_color',
            'notes',
            ];

@@ -81,6 +82,8 @@ class LocationsController extends Controller
            'locations.ldap_ou',
            'locations.currency',
            'locations.company_id',
+            'locations.tag_color',
+            'locations.tag_color',
            'locations.notes',
            'locations.created_by',
            'locations.deleted_at',
@@ -145,6 +148,10 @@ class LocationsController extends Controller
            $locations->onlyTrashed();
        }

+        if ($request->filled('tag_color')) {
+            $locations->where('tag_color', '=', $request->input('locations.tag_color'));
+        }
+
        // Make sure the offset and limit are actually integers and do not exceed system limits
        $offset = ($request->input('offset') > $locations->count()) ? $locations->count() : app('api_offset_value');
        $limit = app('api_limit_value');
@@ -235,6 +242,7 @@ class LocationsController extends Controller
                'locations.currency',
                'locations.company_id',
                'locations.notes',
+                'locations.tag_color',
            ])
            ->withCount('assignedAssets as assigned_assets_count')
            ->withCount('assets as assets_count')
@@ -402,6 +410,7 @@ class LocationsController extends Controller
            'locations.name',
            'locations.parent_id',
            'locations.image',
+            'locations.tag_color',
        ]);

        // Only scope locations if the setting is enabled
@@ -47,6 +47,7 @@ class ManufacturersController extends Controller
            'consumables_count',
            'components_count',
            'licenses_count',
+            'tag_color',
            'notes',
        ];

@@ -63,6 +64,7 @@ class ManufacturersController extends Controller
                'updated_at',
                'image',
                'deleted_at',
+                'tag_color',
                'notes',
            ])
            ->with('adminuser')
@@ -76,10 +78,16 @@ class ManufacturersController extends Controller
            $manufacturers->onlyTrashed();
        }

+        if ($request->input('status') == 'deleted') {
+            $manufacturers->onlyTrashed();
+        }
+
        if ($request->filled('search')) {
            $manufacturers = $manufacturers->TextSearch($request->input('search'));
        }

+
+
        if ($request->filled('name')) {
            $manufacturers->where('name', '=', $request->input('name'));
        }
@@ -104,6 +112,10 @@ class ManufacturersController extends Controller
            $manufacturers->where('support_email', '=', $request->input('support_email'));
        }

+        if ($request->filled('tag_color')) {
+            $manufacturers->where('tag_color', '=', $request->input('manufacturers.tag_color'));
+        }
+
        // Make sure the offset and limit are actually integers and do not exceed system limits
        $offset = ($request->input('offset') > $manufacturers->count()) ? $manufacturers->count() : app('api_offset_value');
        $limit = app('api_limit_value');
@@ -258,6 +270,7 @@ class ManufacturersController extends Controller
            'id',
            'name',
            'image',
+            'tag_color',
        ]);

        if ($request->filled('search')) {
@@ -14,6 +14,7 @@ use Laravel\Passport\TokenRepository;
 use Illuminate\Contracts\Validation\Factory as ValidationFactory;
 use Illuminate\Support\Facades\Gate;
 use App\Models\CustomField;
+use App\Models\User;
 use Illuminate\Support\Facades\DB;
 use Illuminate\Http\JsonResponse;
 use Symfony\Component\HttpFoundation\BinaryFileResponse;
@@ -179,10 +180,17 @@ class ProfileController extends Controller
     *@since [v8.1.16]
     * @author [Godfrey Martinez] [<gmartinez@grokability.com>]
     */
-    public function eulas(ProfileTransformer $transformer)
+    public function eulas(ProfileTransformer $transformer, Request $request)
    {
-        // Only return this user's EULAs
-        $eulas = auth()->user()->eulas;
+        if($request->filled('user_id') && $request->input('user_id') != 0) {
+            // Return selected user's EULAs
+            $eulas = User::find($request->input('user_id'))->eulas;
+        }
+        else {
+            // Only return this user's EULAs
+            $eulas = auth()->user()->eulas;
+        }
+
        return response()->json(
            $transformer->transformFiles($eulas, $eulas->count())
        );
@@ -50,12 +50,13 @@ class SuppliersController extends Controller
            'accessories_count',
            'components_count',
            'consumables_count',
+            'tag_color',
            'url',
            'notes',
        ];
        
        $suppliers = Supplier::select(
-                ['id', 'name', 'address', 'address2', 'city', 'state', 'country', 'fax', 'phone', 'email', 'contact', 'created_at', 'created_by', 'updated_at', 'deleted_at', 'image', 'notes', 'url', 'zip'])
+                ['id', 'name', 'address', 'address2', 'city', 'state', 'country', 'fax', 'phone', 'email', 'contact', 'created_at', 'created_by', 'updated_at', 'deleted_at', 'image', 'notes', 'url', 'zip', 'tag_color'])
                    ->withCount('assets as assets_count')
                    ->withCount('licenses as licenses_count')
                    ->withCount('accessories as accessories_count')
@@ -251,6 +252,7 @@ class SuppliersController extends Controller
            'id',
            'name',
            'image',
+            'tag_color',
        ]);

        if ($request->filled('search')) {
@@ -31,6 +31,7 @@ use Illuminate\Support\Facades\Validator;
 use Illuminate\Support\Facades\Log;
 use App\Http\Requests\DeleteUserRequest;
 use Illuminate\Http\JsonResponse;
+use App\Http\Requests\FilterRequest;

 class UsersController extends Controller
 {
@@ -42,7 +43,7 @@ class UsersController extends Controller
     *
     * @return array
     */
-    public function index(Request $request) : array
+    public function index(FilterRequest $request) : array
    {
        $this->authorize('view', User::class);

@@ -162,6 +163,11 @@ class UsersController extends Controller

        if ($request->filled('filter')) {
            $filter = json_decode($request->input('filter'), true);
+
+            if (is_null($filter)) {
+                $filter = [];
+            }
+
            $filter = array_filter($filter, function ($key) use ($allowed_columns) {
                return in_array($key, $allowed_columns);
            }, ARRAY_FILTER_USE_KEY);
@@ -516,93 +522,99 @@ class UsersController extends Controller
    {
        $this->authorize('update', User::class);

-            $this->authorize('update', $user);
+        $this->authorize('update', $user);

-            /**
-             * This is a janky hack to prevent people from changing admin demo user data on the public demo.
-             * The $ids 1 and 2 are special since they are seeded as superadmins in the demo seeder.
-             *  Thanks, jerks. You are why we can't have nice things. - snipe
-             *
-             */
+        /**
+         * This is a janky hack to prevent people from changing admin demo user data on the public demo.
+         * The $ids 1 and 2 are special since they are seeded as superadmins in the demo seeder.
+         *  Thanks, jerks. You are why we can't have nice things. - snipe
+         *
+         */

        if ((($user->id == 1) || ($user->id == 2)) && (config('app.lock_passwords'))) {
-                return response()->json(Helper::formatStandardApiResponse('error', null, 'Permission denied. You cannot update user information via API on the demo.'));
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'Permission denied. You cannot update user information via API on the demo.'));
+        }
+
+        // Pull out sensitive fields that require extra permission
+        $user->fill($request->except(['password', 'username', 'email', 'activated', 'permissions', 'activation_code', 'remember_token', 'two_factor_secret', 'two_factor_enrolled', 'two_factor_optin']));
+
+
+        if (auth()->user()->can('canEditAuthFields', $user) && auth()->user()->can('editableOnDemo')) {
+
+            if ($request->filled('password')) {
+                $user->password = bcrypt($request->input('password'));
            }

-            $user->fill($request->all());
-
-            if ($request->filled('company_id')) {
-                $user->company_id = Company::getIdForCurrentUser($request->input('company_id'));
+            if ($request->filled('username')) {
+                $user->username = $request->input('username');
            }

-            if ($user->id == $request->input('manager_id')) {
-                return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot be your own manager'));
+            if ($request->filled('email')) {
+                $user->email = $request->input('email');
            }

-            // check for permissions related fields and pull them out if the current user cannot edit them
-            if (auth()->user()->can('canEditAuthFields', $user) && auth()->user()->can('editableOnDemo')) {
-
-                if ($request->filled('password')) {
-                    $user->password = bcrypt($request->input('password'));
-                }
-
-                if ($request->filled('username')) {
-                    $user->username = $request->input('username');
-                }
-
-                if ($request->filled('display_name')) {
-                    $user->display_name = $request->input('display_name');
-                }
-
-                if ($request->filled('email')) {
-                    $user->email = $request->input('email');
-                }
-
-                if ($request->filled('activated')) {
-                    $user->activated = $request->input('activated');
-                }
-
+            if ($request->filled('activated')) {
+                $user->activated = $request->input('activated');
            }

-            // We need to use has()  instead of filled()
-            // here because we need to overwrite permissions
-            // if someone needs to null them out
-            if ($request->has('permissions')) {
-                $permissions_array = $request->input('permissions');
+        }

-                // Strip out the individual superuser permission if the API user isn't a superadmin
-                if (!auth()->user()->isSuperUser()) {
-                    unset($permissions_array['superuser']);
+        // We need to use has()  instead of filled()
+        // here because we need to overwrite permissions
+        // if someone needs to null them out
+
+        if ($request->filled('display_name')) {
+            $user->display_name = $request->input('display_name');
+        }
+
+        if ($request->filled('company_id')) {
+            $user->company_id = Company::getIdForCurrentUser($request->input('company_id'));
+        }
+
+        if ($user->id == $request->input('manager_id')) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot be your own manager'));
+        }
+
+
+        
+        if ($request->has('permissions')) {
+            $permissions_array = $request->input('permissions');
+
+            // Strip out the individual superuser permission if the API user isn't a superadmin
+            if (!auth()->user()->isSuperUser()) {
+                unset($permissions_array['superuser']);
+            }
+
+            $user->permissions = $permissions_array;
+        }
+
+        if ($request->has('location_id')) {
+            // Update the location of any assets checked out to this user
+            Asset::where('assigned_type', User::class)
+                ->where('assigned_to', $user->id)->update(['location_id' => $request->input('location_id', null)]);
+        }
+
+
+        app('App\Http\Requests\ImageUploadRequest')->handleImages($user, 600, 'avatar', 'avatars', 'avatar');
+
+        if ($user->save()) {
+            // Check if the request has groups passed and has a value, AND that the user us a superuser
+            if (($request->has('groups')) && (auth()->user()->isSuperUser())) {
+
+                $validator = Validator::make($request->only('groups'), [
+                    'groups.*' => 'integer|exists:permission_groups,id',
+                ]);
+
+                if ($validator->fails()) {
+                    return response()->json(Helper::formatStandardApiResponse('error', null, $validator->errors()));
                }

-                $user->permissions = $permissions_array;
+                // Sync the groups since the user is a superuser and the groups pass validation
+                $user->groups()->sync($request->input('groups'));
            }
-
-            if($request->has('location_id')) {
-                // Update the location of any assets checked out to this user
-                Asset::where('assigned_type', User::class)
-                    ->where('assigned_to', $user->id)->update(['location_id' => $request->input('location_id', null)]);
-            }
-            app('App\Http\Requests\ImageUploadRequest')->handleImages($user, 600, 'avatar', 'avatars', 'avatar');
-
-            if ($user->save()) {
-                // Check if the request has groups passed and has a value, AND that the user us a superuser
-                if (($request->has('groups')) && (auth()->user()->isSuperUser())) {
-
-                    $validator = Validator::make($request->only('groups'), [
-                        'groups.*' => 'integer|exists:permission_groups,id',
-                    ]);
-
-                    if ($validator->fails()) {
-                        return response()->json(Helper::formatStandardApiResponse('error', null, $validator->errors()));
-                    }
-
-                    // Sync the groups since the user is a superuser and the groups pass validation
-                    $user->groups()->sync($request->input('groups'));
-                }
-                return response()->json(Helper::formatStandardApiResponse('success', (new UsersTransformer)->transformUser($user), trans('admin/users/message.success.update')));
-            }
-            return response()->json(Helper::formatStandardApiResponse('error', null, $user->getErrors()));
+            return response()->json(Helper::formatStandardApiResponse('success', (new UsersTransformer)->transformUser($user), trans('admin/users/message.success.update')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $user->getErrors()));
    }

    /**
@@ -6,6 +6,7 @@ use App\Events\CheckoutableCheckedIn;
 use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Http\Requests\ImageUploadRequest;
+use App\Http\Requests\CreateMultipleAssetRequest;
 use App\Http\Requests\UpdateAssetRequest;
 use App\Models\Actionlog;
 use App\Http\Requests\UploadFileRequest;
@@ -98,7 +99,7 @@ class AssetsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
     */
-    public function store(ImageUploadRequest $request) : RedirectResponse
+    public function store(CreateMultipleAssetRequest $request): RedirectResponse
    {
        $this->authorize(Asset::class);

@@ -135,122 +136,136 @@ class AssetsController extends Controller
        $successes = [];
        $failures = [];

-        for ($a = 1, $aMax = count($asset_tags); $a <= $aMax; $a++) {
-            $asset = new Asset();
+        try {
+            DB::beginTransaction();
+            for ($a = 1, $aMax = count($asset_tags); $a <= $aMax; $a++) {
+                $asset = new Asset();

-            $asset->model()->associate($model);
-            $asset->name = $request->input('name');
+                $asset->model()->associate($model);
+                $asset->name = $request->input('name');

-            // Check for a corresponding serial
-            if (($serials) && (array_key_exists($a, $serials))) {
-                $asset->serial = $serials[$a];
-            }
-
-            if (($asset_tags) && (array_key_exists($a, $asset_tags))) {
-                $asset->asset_tag = $asset_tags[$a];
-            }
-
-            $asset->company_id              = $companyId;
-            $asset->model_id                = $request->input('model_id');
-            $asset->order_number            = $request->input('order_number');
-            $asset->notes                   = $request->input('notes');
-            $asset->created_by              = auth()->id();
-            $asset->status_id               = request('status_id');
-            $asset->warranty_months         = request('warranty_months', null);
-            $asset->purchase_cost           = request('purchase_cost');
-            $asset->purchase_date           = request('purchase_date', null);
-            $asset->asset_eol_date          = request('asset_eol_date', null);
-            $asset->assigned_to             = request('assigned_to', null);
-            $asset->supplier_id             = request('supplier_id', null);
-            $asset->requestable             = request('requestable', 0);
-            $asset->rtd_location_id         = request('rtd_location_id', null);
-            $asset->byod                    = request('byod', 0);
-
-            if (! empty($settings->audit_interval)) {
-                $asset->next_audit_date = Carbon::now()->addMonths((int) $settings->audit_interval)->toDateString();
-            }
-
-            // Set location_id to rtd_location_id ONLY if the asset isn't being checked out
-            if (!request('assigned_user') && !request('assigned_asset') && !request('assigned_location')) {
-                $asset->location_id = $request->input('rtd_location_id', null);
-            }
-
-            if ($request->has('use_cloned_image')) {
-                $cloned_model_img = Asset::select('image')->find($request->input('clone_image_from_id'));
-                if ($cloned_model_img) {
-                    $new_image_name = 'clone-'.date('U').'-'.$cloned_model_img->image;
-                    $new_image = 'assets/'.$new_image_name;
-                    Storage::disk('public')->copy('assets/'.$cloned_model_img->image, $new_image);
-                    $asset->image = $new_image_name;
+                // Check for a corresponding serial
+                if (($serials) && (array_key_exists($a, $serials))) {
+                    $asset->serial = $serials[$a];
                }

-            } else {
-                $asset = $request->handleImages($asset);
-            }
+                if (($asset_tags) && (array_key_exists($a, $asset_tags))) {
+                    $asset->asset_tag = $asset_tags[$a];
+                }

-            // Update custom fields in the database.
-            // Validation for these fields is handled through the AssetRequest form request
+                $asset->company_id = $companyId;
+                $asset->model_id = $request->input('model_id');
+                $asset->order_number = $request->input('order_number');
+                $asset->notes = $request->input('notes');
+                $asset->created_by = auth()->id();
+                $asset->status_id = request('status_id');
+                $asset->warranty_months = request('warranty_months', null);
+                $asset->purchase_cost = request('purchase_cost');
+                $asset->purchase_date = request('purchase_date', null);
+                $asset->asset_eol_date = request('asset_eol_date', null);
+                $asset->assigned_to = request('assigned_to', null);
+                $asset->supplier_id = request('supplier_id', null);
+                $asset->requestable = request('requestable', 0);
+                $asset->rtd_location_id = request('rtd_location_id', null);
+                $asset->byod = request('byod', 0);

-            if (($model) && ($model->fieldset)) {
-                foreach ($model->fieldset->fields as $field) {
-                    if ($field->field_encrypted == '1') {
-                        if (Gate::allows('assets.view.encrypted_custom_fields')) {
+                if (!empty($settings->audit_interval)) {
+                    $asset->next_audit_date = Carbon::now()->addMonths((int)$settings->audit_interval)->toDateString();
+                }
+
+                // Set location_id to rtd_location_id ONLY if the asset isn't being checked out
+                if (!request('assigned_user') && !request('assigned_asset') && !request('assigned_location')) {
+                    $asset->location_id = $request->input('rtd_location_id', null);
+                }
+
+                if ($request->has('use_cloned_image')) {
+                    $cloned_model_img = Asset::select('image')->find($request->input('clone_image_from_id'));
+                    if ($cloned_model_img) {
+                        $new_image_name = 'clone-' . date('U') . '-' . $cloned_model_img->image;
+                        $new_image = 'assets/' . $new_image_name;
+                        Storage::disk('public')->copy('assets/' . $cloned_model_img->image, $new_image);
+                        $asset->image = $new_image_name;
+                    }
+
+                } else {
+                    $asset = $request->handleImages($asset);
+                }
+
+                // Update custom fields in the database.
+                // Validation for these fields is handled through the AssetRequest form request
+
+                if (($model) && ($model->fieldset)) {
+                    foreach ($model->fieldset->fields as $field) {
+                        if ($field->field_encrypted == '1') {
+                            if (Gate::allows('assets.view.encrypted_custom_fields')) {
+                                if (is_array($request->input($field->db_column))) {
+                                    $asset->{$field->db_column} = Crypt::encrypt(implode(', ', $request->input($field->db_column)));
+                                } else {
+                                    $asset->{$field->db_column} = Crypt::encrypt($request->input($field->db_column));
+                                }
+                            }
+                        } else {
                            if (is_array($request->input($field->db_column))) {
-                                $asset->{$field->db_column} = Crypt::encrypt(implode(', ', $request->input($field->db_column)));
+                                $asset->{$field->db_column} = implode(', ', $request->input($field->db_column));
                            } else {
-                                $asset->{$field->db_column} = Crypt::encrypt($request->input($field->db_column));
+                                $asset->{$field->db_column} = $request->input($field->db_column);
                            }
                        }
-                    } else {
-                        if (is_array($request->input($field->db_column))) {
-                            $asset->{$field->db_column} = implode(', ', $request->input($field->db_column));
-                        } else {
-                            $asset->{$field->db_column} = $request->input($field->db_column);
+                    }
+                }
+
+                // Validate the asset before saving
+                // Note - it can be tempting to instead want to call saveOrFail(), to automatically throw when an object
+                // is invalid (and can't save). But this won't work, because Custom Fields _overrides_ the save() method
+                // to inject the Custom Field Rules into the $rules property right before invoking the _real_ save.
+                // so, instead, we have to catch failures on the 'else' clause and throw there.
+                if ($asset->isValid() && $asset->save()) {
+                    $target = null;
+                    $location = null;
+
+                    if ($userId = request('assigned_user')) {
+                        $target = User::find($userId);
+
+                        if (!$target) {
+                            return redirect()->back()->withInput()->with('error', trans('admin/hardware/message.create.target_not_found.user'));
                        }
+                        $location = $target->location_id;
+
+                    } elseif ($assetId = request('assigned_asset')) {
+                        $target = Asset::find($assetId);
+
+                        if (!$target) {
+                            return redirect()->back()->withInput()->with('error', trans('admin/hardware/message.create.target_not_found.asset'));
+                        }
+                        $location = $target->location_id;
+
+                    } elseif ($locationId = request('assigned_location')) {
+                        $target = Location::find($locationId);
+
+                        if (!$target) {
+                            return redirect()->back()->withInput()->with('error', trans('admin/hardware/message.create.target_not_found.location'));
+                        }
+                        $location = $target->id;
                    }
+
+                    if (isset($target)) {
+                        $asset->checkOut($target, auth()->user(), date('Y-m-d H:i:s'), $request->input('expected_checkin', null), 'Checked out on asset creation', $request->get('name'), $location);
+                    }
+
+                    $successes[] = "<a href='" . route('hardware.show', $asset) . "' style='color: white;'>" . e($asset->asset_tag) . "</a>";
+
+                } else {
+                    $asset->throwValidationException(); // we have to do this for the reason listed above - can't use saveOrFail()
+                    $failures[] = join(",", $asset->getErrors()->all()); //TODO - this can probably go away soon
                }
            }
-
-            // Validate the asset before saving
-            if ($asset->isValid() && $asset->save()) {
-                $target = null;
-                $location = null;
-
-                if ($userId = request('assigned_user')) {
-                    $target = User::find($userId);
-
-                    if (!$target) {
-                        return redirect()->back()->withInput()->with('error', trans('admin/hardware/message.create.target_not_found.user'));
-                    }
-                    $location = $target->location_id;
-
-                } elseif ($assetId = request('assigned_asset')) {
-                    $target = Asset::find($assetId);
-
-                    if (!$target) {
-                        return redirect()->back()->withInput()->with('error', trans('admin/hardware/message.create.target_not_found.asset'));
-                    }
-                    $location = $target->location_id;
-
-                } elseif ($locationId = request('assigned_location')) {
-                    $target = Location::find($locationId);
-
-                    if (!$target) {
-                        return redirect()->back()->withInput()->with('error', trans('admin/hardware/message.create.target_not_found.location'));
-                    }
-                    $location = $target->id;
-                }
-
-                if (isset($target)) {
-                    $asset->checkOut($target, auth()->user(), date('Y-m-d H:i:s'), $request->input('expected_checkin', null), 'Checked out on asset creation', $request->get('name'), $location);
-                }
-
-                $successes[] = "<a href='" . route('hardware.show', $asset) . "' style='color: white;'>" . e($asset->asset_tag) . "</a>";
-
-            } else {
-                $failures[] = join(",", $asset->getErrors()->all());
-            }
+        } catch (\Throwable $e) {
+            \Log::debug("Caught exception in multi-create - rolling back: " . $e->getMessage());
+            DB::rollBack();
+            throw $e;
        }
+        DB::commit();
+
        if($request->get('redirect_option') === 'back'){
            session()->put(['redirect_option' => 'index']);
        } else {
@@ -78,6 +78,7 @@ class CategoriesController extends Controller
        $category->require_acceptance = $request->input('require_acceptance', '0');
        $category->alert_on_response = $request->input('alert_on_response', '0');
        $category->checkin_email = $request->input('checkin_email', '0');
+        $category->tag_color  = $request->input('tag_color');
        $category->notes = $request->input('notes');
        $category->created_by = auth()->id();

@@ -132,6 +133,7 @@ class CategoriesController extends Controller
        $category->require_acceptance = $request->input('require_acceptance', '0');
        $category->alert_on_response = $request->input('alert_on_response', '0');
        $category->checkin_email = $request->input('checkin_email', '0');
+        $category->tag_color  = $request->input('tag_color');
        $category->notes = $request->input('notes');

        $category = $request->handleImages($category);
@@ -60,6 +60,7 @@ final class CompaniesController extends Controller
        $company->phone = $request->input('phone');
        $company->fax = $request->input('fax');
        $company->email = $request->input('email');
+        $company->tag_color = $request->input('tag_color');
        $company->notes = $request->input('notes');
        $company->created_by = auth()->id();

@@ -102,6 +103,7 @@ final class CompaniesController extends Controller
        $company->phone = $request->input('phone');
        $company->fax = $request->input('fax');
        $company->email = $request->input('email');
+        $company->tag_color = $request->input('tag_color');
        $company->notes = $request->input('notes');

        $company = $request->handleImages($company);
@@ -30,6 +30,7 @@ use App\Models\Consumable;
 use App\Models\License;
 use App\Models\Location;
 use App\Models\Maintenance;
+use App\Models\Supplier;
 use App\Models\User;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
@@ -52,6 +53,7 @@ abstract class Controller extends BaseController
        'licenses' => License::class,
        'locations' => Location::class,
        'models' => AssetModel::class,
+        'suppliers' => Supplier::class,
        'users' => User::class,
    ];

@@ -66,6 +68,7 @@ abstract class Controller extends BaseController
        'licenses' => 'private_uploads/licenses/',
        'locations' => 'private_uploads/locations/',
        'models' => 'private_uploads/models/',
+        'suppliers' => 'private_uploads/suppliers/',
        'users' => 'private_uploads/users/',
    ];

@@ -80,6 +83,7 @@ abstract class Controller extends BaseController
        'licenses' => 'license',
        'locations' => 'location',
        'models' => 'model',
+        'suppliers' => 'supplier',
        'users' => 'user',
    ];

@@ -55,6 +55,7 @@ class DepartmentsController extends Controller
        $department->manager_id = ($request->filled('manager_id') ? $request->input('manager_id') : null);
        $department->location_id = ($request->filled('location_id') ? $request->input('location_id') : null);
        $department->company_id = ($request->filled('company_id') ? $request->input('company_id') : null);
+        $department->tag_color  = $request->input('tag_color');
        $department->notes = $request->input('notes');
        $department = $request->handleImages($department);

@@ -157,6 +158,7 @@ class DepartmentsController extends Controller
        $department->company_id = ($request->filled('company_id') ? $request->input('company_id') : null);
        $department->phone = $request->input('phone');
        $department->fax = $request->input('fax');
+        $department->tag_color  = $request->input('tag_color');
        $department->notes = $request->input('notes');
        $department = $request->handleImages($department);

@@ -7,6 +7,7 @@ use App\Models\Group;
 use Illuminate\Http\Request;
 use Illuminate\Http\RedirectResponse;
 use \Illuminate\Contracts\View\View;
+use \App\Models\User;

 /**
 * This controller handles all actions related to User Groups for
@@ -43,9 +44,20 @@ class GroupsController extends Controller
        $permissions = config('permissions');
        $groupPermissions = Helper::selectedPermissionsArray($permissions, $permissions);
        $selectedPermissions = $request->old('permissions', $groupPermissions);
+        $users_query = User::where('show_in_list', 1)->whereNull('deleted_at');
+        $users_count = $users_query->count();
+
+        $users = collect();
+        if ($users_count <= config('app.max_unpaginated_records')) {
+            $users = $users_query->orderBy('first_name', 'asc')->orderBy('last_name', 'asc')->get();
+        }

        // Show the page
-        return view('groups/edit', compact('permissions', 'selectedPermissions', 'groupPermissions'))->with('group', $group);
+        return view('groups/edit', compact('permissions', 'selectedPermissions', 'groupPermissions'))
+            ->with('group', $group)
+            ->with('associated_users', [])
+            ->with('unselected_users', $users)
+            ->with('all_users_count', $users_count);
    }

    /**
@@ -60,12 +72,23 @@ class GroupsController extends Controller
        // create a new group instance
        $group = new Group();
        $group->name = $request->input('name');
+
+        if ($request->filled('permission')) {
+            $group->permissions = json_encode($request->array('permission'));
+        } else {
+            $group->permissions = null;
+        }
+
        $group->permissions = json_encode($request->input('permission'));
        $group->created_by = auth()->id();
        $group->notes = $request->input('notes');

        if ($group->save()) {
-            $group->users()->sync($request->input('associated_users'));
+
+            if ($request->filled('users_to_sync')) {
+                $associated_users = explode(',',$request->input('users_to_sync'));
+                $group->users()->sync($associated_users);
+            }
            return redirect()->route('groups.index')->with('success', trans('admin/groups/message.success.create'));
        }

@@ -88,11 +111,26 @@ class GroupsController extends Controller
        if ((!is_array($groupPermissions)) || (!$groupPermissions)) {
            $groupPermissions = [];
        }
-        $selected_array = Helper::selectedPermissionsArray($permissions, $groupPermissions);
-        $associated_users = $group->users()->get();

-        //dd($associated_users->toArray());
-        return view('groups.edit', compact('group', 'permissions', 'selected_array', 'groupPermissions'))->with('associated_users', $associated_users);
+        $selected_array = Helper::selectedPermissionsArray($permissions, $groupPermissions);
+
+
+        $users_query = User::where('show_in_list', 1)->whereNull('deleted_at');
+        $users_count = $users_query->count();
+
+        $associated_users = collect();
+        $unselected_users = collect();
+
+        if ($users_count <= config('app.max_unpaginated_records')) {
+            $associated_users = $group->users()->where('show_in_list', 1)->orderBy('first_name', 'asc')->orderBy('last_name', 'asc')->get();
+            // Get the unselected users
+            $unselected_users = User::where('show_in_list', 1)->whereNotIn('id', $associated_users->pluck('id')->toArray())->orderBy('first_name', 'asc')->orderBy('last_name', 'asc')->get();
+        }
+
+        return view('groups.edit', compact('group', 'permissions', 'selected_array', 'groupPermissions'))
+            ->with('associated_users', $associated_users)
+            ->with('unselected_users', $unselected_users)
+            ->with('all_users_count', $users_count);
    }

    /**
@@ -106,13 +144,24 @@ class GroupsController extends Controller
    public function update(Request $request, Group $group) : RedirectResponse
    {
        $group->name = $request->input('name');
-        $group->permissions = json_encode($request->input('permission'));
+
+        if ($request->filled('permission')) {
+            $group->permissions = json_encode($request->array('permission'));
+        } else {
+            $group->permissions = null;
+        }
+
        $group->notes = $request->input('notes');


        if (! config('app.lock_passwords')) {
            if ($group->save()) {
-                $group->users()->sync($request->input('associated_users'));
+
+                if ($request->has('users_to_sync')) {
+                    $associated_users = explode(',',$request->input('users_to_sync'));
+                    $group->users()->sync($associated_users);
+                }
+
                return redirect()->route('groups.index')->with('success', trans('admin/groups/message.success.update'));
            }

@@ -82,6 +82,7 @@ class LocationsController extends Controller
        $location->created_by = auth()->id();
        $location->phone = request('phone');
        $location->fax = request('fax');
+        $location->tag_color  = $request->input('tag_color');
        $location->notes = $request->input('notes');
        $location->company_id = Company::getIdForCurrentUser($request->input('company_id'));

@@ -156,6 +157,7 @@ class LocationsController extends Controller
        $location->fax = request('fax');
        $location->ldap_ou = $request->input('ldap_ou');
        $location->manager_id = $request->input('manager_id');
+        $location->tag_color  = $request->input('tag_color');
        $location->notes = $request->input('notes');

        // Only scope the location if the setting is enabled
@@ -101,6 +101,7 @@ class ManufacturersController extends Controller
        $manufacturer->support_email = $request->input('support_email');
        $manufacturer->notes = $request->input('notes');
        $manufacturer = $request->handleImages($manufacturer);
+        $manufacturer->tag_color  = $request->input('tag_color');

        if ($manufacturer->save()) {
            return redirect()->route('manufacturers.index')->with('success', trans('admin/manufacturers/message.create.success'));
@@ -142,6 +143,7 @@ class ManufacturersController extends Controller
        $manufacturer->warranty_lookup_url = $request->input('warranty_lookup_url');
        $manufacturer->support_phone = $request->input('support_phone');
        $manufacturer->support_email = $request->input('support_email');
+        $manufacturer->tag_color  = $request->input('tag_color');
        $manufacturer->notes = $request->input('notes');

        // Set the model's image property to null if the image is being deleted
@@ -5,6 +5,7 @@ namespace App\Http\Controllers;
 use App\Http\Requests\ImageUploadRequest;
 use App\Http\Transformers\ProfileTransformer;
 use App\Models\Actionlog;
+use App\Models\Asset;
 use App\Models\Setting;
 use App\Models\User;
 use App\Notifications\CurrentInventory;
@@ -34,7 +35,7 @@ class ProfileController extends Controller
     */
    public function getIndex() : View
    {
-        $this->authorize('self.profile');
+
        $user = auth()->user();
        return view('account/profile', compact('user'));
    }
@@ -47,20 +48,25 @@ class ProfileController extends Controller
     */
    public function postIndex(ImageUploadRequest $request) : RedirectResponse
    {
-        $this->authorize('self.profile');
+
        $user = auth()->user();
-        $user->first_name = $request->input('first_name');
-        $user->last_name = $request->input('last_name');
-        $user->website = $request->input('website');
-        $user->gravatar = $request->input('gravatar');
-        $user->skin = $request->input('skin');
-        $user->phone = $request->input('phone');
+
+        if ((Gate::allows('self.profile')) && (! config('app.lock_passwords'))) {
+            $user->first_name = $request->input('first_name');
+            $user->last_name = $request->input('last_name');
+            $user->website = $request->input('website');
+            $user->gravatar = $request->input('gravatar');
+            $user->phone = $request->input('phone');
+        }
+
+
        $user->enable_sounds = $request->input('enable_sounds', false);
        $user->enable_confetti = $request->input('enable_confetti', false);
+        $user->link_light_color = $request->input('link_light_color', '#296282');
+        $user->link_dark_color = $request->input('link_dark_color', '#296282');
+        $user->nav_link_color = $request->input('nav_link_color', '#FFFFFF');
+        $user->locale = $request->input('locale');

-        if (! config('app.lock_passwords')) {
-            $user->locale = $request->input('locale');
-        }

        if ((Gate::allows('self.two_factor')) && ((Setting::getSettings()->two_factor_enabled == '1') && (! config('app.lock_passwords')))) {
            $user->two_factor_optin = $request->input('two_factor_optin', '0');
@@ -249,7 +255,10 @@ class ProfileController extends Controller
        $logentry = Actionlog::where('filename', $filename)->first();

        // Make sure the user has permission to view this file
-        if (auth()->id() != $logentry->target_id) {
+        // Also allow if the user (manager) able to view both users and assets
+        $allowed_to_view_users_assets = Gate::allows('view', User::class) && Gate::allows('view', Asset::class);
+
+        if (auth()->id() != $logentry->target_id && !$allowed_to_view_users_assets) {
            return redirect()->route('account')->with('error', trans('general.generic_model_not_found', ['model' => 'file']));
        }

@@ -3,12 +3,21 @@
 namespace App\Http\Controllers;

 use App\Helpers\Helper;
+use App\Mail\CheckoutAccessoryMail;
 use App\Mail\CheckoutAssetMail;
+use App\Mail\CheckoutComponentMail;
+use App\Mail\CheckoutConsumableMail;
+use App\Mail\CheckoutLicenseMail;
 use App\Models\Accessory;
+use App\Models\AccessoryCheckout;
 use App\Models\Actionlog;
 use App\Models\Asset;
 use App\Models\AssetModel;
 use App\Models\Category;
+use App\Models\Checkoutable;
+use App\Models\Component;
+use App\Models\Consumable;
+use App\Models\LicenseSeat;
 use App\Models\Maintenance;
 use App\Models\CheckoutAcceptance;
 use App\Models\Company;
@@ -18,9 +27,11 @@ use App\Models\License;
 use App\Models\ReportTemplate;
 use App\Models\Setting;
 use Carbon\Carbon;
+use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\Relations\MorphTo;
 use Illuminate\Http\Request;
 use Illuminate\Http\Response;
+use Illuminate\Mail\Mailable;
 use Illuminate\Support\Facades\Mail;
 use \Illuminate\Contracts\View\View;
 use League\Csv\Reader;
@@ -1116,34 +1127,32 @@ class ReportsController extends Controller
        $this->authorize('reports.view');
        $showDeleted = $deleted == 'deleted';

-        $query = CheckoutAcceptance::pending()
-            ->where('checkoutable_type', 'App\Models\Asset')
+        $query = CheckoutAcceptance::Pending()
            ->with([
                'checkoutable' => function (MorphTo $query) {
-                    $query->morphWith([
-                        AssetModel::class => ['model'],
-                        Company::class => ['company'],
-                        Asset::class => ['assignedTo'],
-                    ])->with('model.category');
+                    $query->withTrashed()->morphWith([
+                        Asset::class => ['model.category', 'assignedTo', 'company'],
+                        Accessory::class => ['category','checkouts', 'company'],
+                        LicenseSeat::class => ['user', 'license'],
+                        Component::class => ['assignedTo', 'company'],
+                        Consumable::class => ['company'],
+                    ]);
                },
                'assignedTo' => function($query){
                         $query->withTrashed();
                    }
-            ]);
+            ])->orderByDesc('checkout_acceptances.created_at');
+

        if ($showDeleted) {
            $query->withTrashed();
        }

-        $assetsForReport = $query->get()
-                ->map(function ($acceptance) {
-                    return [
-                        'assetItem' => $acceptance->checkoutable,
-                        'acceptance' => $acceptance,
-                    ];
-            });
+        $itemsForReport = $query->get()
+            ->filter(fn ($unaccepted) => $unaccepted->checkoutable)
+            ->map(fn ($unaccepted) => Checkoutable::fromAcceptance($unaccepted));

-        return view('reports/unaccepted_assets', compact('assetsForReport','showDeleted' ));
+        return view('reports/unaccepted_assets', compact('itemsForReport','showDeleted' ));
    }

    /**
@@ -1155,41 +1164,77 @@ class ReportsController extends Controller
    public function sentAssetAcceptanceReminder(Request $request) : RedirectResponse
    {
        $this->authorize('reports.view');
-
-        if (!$acceptance = CheckoutAcceptance::pending()->find($request->input('acceptance_id'))) {
+        $id = $request->input('acceptance_id');
+        $query = CheckoutAcceptance::query()
+            ->with([
+                'checkoutable' => function (MorphTo $query) {
+                    $query->withTrashed()->morphWith([
+                        Asset::class       => ['model.category', 'assignedTo', 'company', 'checkouts'],
+                        Accessory::class   => ['category', 'company', 'checkouts'],
+                        LicenseSeat::class => ['user', 'license', 'checkouts'],
+                        Component::class   => ['assignedTo', 'company', 'checkouts'],
+                        Consumable::class  => ['company', 'checkouts'],
+                    ]);
+                },
+                'assignedTo' => fn ($q) => $q->withTrashed(),
+            ])
+            ->pending();
+        $acceptance = $query->find($id);
+        if (!$acceptance) {
            Log::debug('No pending acceptances');
-            // Redirect to the unaccepted assets report page with error
+            // Redirect to the unaccepted items report page with error
            return redirect()->route('reports/unaccepted_assets')->with('error', trans('general.bad_data'));
        }
+        $item      = $acceptance->checkoutable;
+        $assignee  = $acceptance->assignedTo ?? $item->assignedTo ?? null;
+        $email     = $assignee?->email;
+        $locale    = $assignee?->locale;

-        $assetItem = $acceptance->checkoutable;
-
-        Log::debug(print_r($assetItem, true));
+        Log::debug(print_r($acceptance, true));

        if (is_null($acceptance->created_at)){
            Log::debug('No acceptance created_at');
            return redirect()->route('reports/unaccepted_assets')->with('error', trans('general.bad_data'));
        } else {
-            $logItem_res = $assetItem->checkouts()->where('created_at', '=', $acceptance->created_at)->get();
-
+            if($item instanceof LicenseSeat){
+                $logItem_res = $item->license->checkouts()->with('adminuser')->where('created_at', '=', $acceptance->created_at)->get();
+            }
+            else{
+                $logItem_res = $item->checkouts()->with('adminuser')->where('created_at', '=', $acceptance->created_at)->get();
+                }
            if ($logItem_res->isEmpty()){
                Log::debug('Acceptance date mismatch');
                return redirect()->route('reports/unaccepted_assets')->with('error', trans('general.bad_data'));
            }
            $logItem = $logItem_res[0];
        }
-        $email = $assetItem->assignedTo?->email;
-        $locale = $assetItem->assignedTo?->locale;

        if (is_null($email) || $email === '') {
            return redirect()->route('reports/unaccepted_assets')->with('error', trans('general.no_email'));
        }
-
-        Mail::to($email)->send((new CheckoutAssetMail($assetItem, $assetItem->assignedTo, $logItem->user, $acceptance, $logItem->note, firstTimeSending: false))->locale($locale));
+        $mailable = $this->getCheckoutMailType($acceptance, $logItem);
+        Mail::to($email)->send($mailable->locale($locale));

        return redirect()->route('reports/unaccepted_assets')->with('success', trans('admin/reports/general.reminder_sent'));
    }
+    private function getCheckoutMailType(CheckoutAcceptance $acceptance, $logItem) : Mailable
+    {
+        $lookup = [
+            Accessory::class => CheckoutAccessoryMail::class,
+            Asset::class => CheckoutAssetMail::class,
+            LicenseSeat::class => CheckoutLicenseMail::class,
+            Consumable::class => CheckoutConsumableMail::class,
+            Component::class => CheckoutComponentMail::class,
+        ];
+        $mailable= $lookup[get_class($acceptance->checkoutable)];

+        return new $mailable($acceptance->checkoutable,
+            $acceptance->checkedOutTo ?? $acceptance->assignedTo,
+            $logItem->adminuser,
+            $acceptance,
+            $acceptance->note);
+
+    }
    /**
     * sentAssetAcceptanceReminder
     *
@@ -1221,31 +1266,43 @@ class ReportsController extends Controller
    public function postAssetAcceptanceReport($deleted = false) : Response
    {
        $this->authorize('reports.view');
-        $showDeleted = $deleted == 'deleted';
+        $showDeleted = request('deleted') === 'deleted';;

        /**
         * Get all assets with pending checkout acceptances
         */
-        if($showDeleted) {
-            $acceptances = CheckoutAcceptance::pending()->where('checkoutable_type', 'App\Models\Asset')->withTrashed()->with(['assignedTo', 'checkoutable.assignedTo', 'checkoutable.model'])->get();
-        } else {
-            $acceptances = CheckoutAcceptance::pending()->where('checkoutable_type', 'App\Models\Asset')->with(['assignedTo', 'checkoutable.assignedTo', 'checkoutable.model'])->get();
-        }

-        $assetsForReport = $acceptances
-            ->filter(function($acceptance) {
-                return $acceptance->checkoutable_type == 'App\Models\Asset';
-            })
-            ->map(function($acceptance) {
-                return ['assetItem' => $acceptance->checkoutable, 'acceptance' => $acceptance];
-            });
+            $acceptances = CheckoutAcceptance::pending()
+                ->with([
+                    'checkoutable' => function (MorphTo $acceptance) {
+                        $acceptance->withTrashed()->morphWith([
+                            Asset::class => ['model.category', 'assignedTo', 'company'],
+                            Accessory::class => ['category','checkouts', 'company'],
+                            LicenseSeat::class => ['user', 'license'],
+                            Component::class => ['assignedTo', 'company'],
+                            Consumable::class => ['company'],
+                        ]);
+                    },
+                    'assignedTo',
+                ])->orderByDesc('checkout_acceptances.created_at');
+
+            if ($showDeleted) {
+                $acceptances->withTrashed();
+            }
+
+        $itemsForReport = $acceptances->get()
+                ->filter(fn ($unaccepted) => $unaccepted->checkoutable)
+                ->map(fn ($unaccepted) => Checkoutable::fromAcceptance($unaccepted));

        $rows = [];

        $header = [
+            trans('general.date'),
+            trans('general.type'),
+            trans('admin/companies/table.title'),
            trans('general.category'),
            trans('admin/hardware/form.model'),
-            trans('admin/hardware/form.name'),
+            trans('general.name'),
            trans('admin/hardware/table.asset_tag'),
            trans('admin/hardware/table.checkoutto'),
        ];
@@ -1253,16 +1310,19 @@ class ReportsController extends Controller
        $header = array_map('trim', $header);
        $rows[] = implode(',', $header);

-        foreach ($assetsForReport as $item) {
+        foreach ($itemsForReport as $item) {

-            if ($item['assetItem'] != null){
+            if ($item != null){
            
                $row    = [ ];
-                $row[]  = str_replace(',', '', e($item['assetItem']->model->category->name));
-                $row[]  = str_replace(',', '', e($item['assetItem']->model->name));
-                $row[]  = str_replace(',', '', e($item['assetItem']->name));
-                $row[]  = str_replace(',', '', e($item['assetItem']->asset_tag));
-                $row[]  = str_replace(',', '', e(($item['acceptance']->assignedTo) ? $item['acceptance']->assignedTo->display_name : trans('admin/reports/general.deleted_user')));
+                $row[]  = str_replace(',', '', $item->acceptance->created_at);
+                $row[]  = str_replace(',', '', $item->type);
+                $row[]  = str_replace(',', '', $item->plain_text_company);
+                $row[]  = str_replace(',', '', $item->plain_text_category);
+                $row[]  = str_replace(',', '', $item->plain_text_model);
+                $row[]  = str_replace(',', '', $item->plain_text_name);
+                $row[]  = str_replace(',', '', $item->asset_tag);
+                $row[]  = str_replace(',', '', ($item->acceptance->assignedto) ? $item->acceptance->assignedto->display_name : trans('admin/reports/general.deleted_user'));
                $rows[] = implode(',', $row);
            }
        }
@@ -6,38 +6,31 @@ use App\Helpers\Helper;
 use App\Helpers\StorageHelper;
 use App\Http\Requests\ImageUploadRequest;
 use App\Http\Requests\SettingsSamlRequest;
-use App\Http\Requests\SetupUserRequest;
+use App\Http\Requests\StoreLabelSettings;
 use App\Http\Requests\StoreLdapSettings;
 use App\Http\Requests\StoreLocalizationSettings;
 use App\Http\Requests\StoreNotificationSettings;
-use App\Http\Requests\StoreLabelSettings;
 use App\Http\Requests\StoreSecuritySettings;
+use App\Models\Asset;
 use App\Models\CustomField;
 use App\Models\Group;
-use App\Models\Labels\Label as LabelModel;
 use App\Models\Setting;
-use App\Models\Asset;
 use App\Models\User;
-use App\Notifications\FirstAdminNotification;
 use App\Notifications\MailTest;
-use Illuminate\Http\Request;
-use Illuminate\Support\Facades\App;
-use Illuminate\Support\Facades\Storage;
-use Illuminate\Validation\Rule;
-use Illuminate\Http\RedirectResponse;
 use Illuminate\Http\JsonResponse;
-use \Illuminate\Contracts\View\View;
-use Illuminate\Support\Str;
+use Illuminate\Http\RedirectResponse;
+use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Artisan;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Crypt;
 use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\File;
-use Illuminate\Support\Facades\Http;
 use Illuminate\Support\Facades\Log;
-use Illuminate\Support\Facades\URL;
+use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Facades\Validator;
+use Illuminate\Support\Str;
+use Illuminate\Validation\Rule;
 use Symfony\Component\HttpFoundation\BinaryFileResponse;
+use \Illuminate\Contracts\View\View;

 /**
 * This controller handles all actions related to Settings for
@@ -47,224 +40,6 @@ use Symfony\Component\HttpFoundation\BinaryFileResponse;
 */
 class SettingsController extends Controller
 {
-    /**
-     * Checks to see whether or not the database has a migrations table
-     * and a user, otherwise display the setup view.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     *
-     * @since [v3.0]
-     *
-     * @return \Illuminate\Contracts\View\View | \Illuminate\Http\Response
-     */
-    public function getSetupIndex() : View
-    {
-        $start_settings['php_version_min'] = false;
-
-        if (version_compare(PHP_VERSION, config('app.min_php'), '<')) {
-            return response('<center><h1>This software requires PHP version '.config('app.min_php').' or greater. This server is running '.PHP_VERSION.'. </h1><h2>Please upgrade PHP on this server and try again. </h2></center>', 500);
-        }
-
-        try {
-            $conn = DB::select('select 2 + 2');
-            $start_settings['db_conn'] = true;
-            $start_settings['db_name'] = DB::connection()->getDatabaseName();
-            $start_settings['db_error'] = null;
-        } catch (\PDOException $e) {
-            $start_settings['db_conn'] = false;
-            $start_settings['db_name'] = config('database.connections.mysql.database');
-            $start_settings['db_error'] = $e->getMessage();
-        }
-
-        $start_settings['url_config'] = trim(config('app.url'), '/'). '/setup';
-        $start_settings['real_url']  = request()->url();
-        $start_settings['url_valid'] = $start_settings['url_config'] === $start_settings['real_url'];
-        $start_settings['php_version_min'] = true;
-
-        // Curl the .env file to make sure it's not accessible via a browser
-        $start_settings['env_exposed'] = $this->dotEnvFileIsExposed();
-
-        if (App::Environment('production') && (true == config('app.debug'))) {
-            $start_settings['debug_exposed'] = true;
-        } else {
-            $start_settings['debug_exposed'] = false;
-        }
-
-        $environment = app()->environment();
-        if ('production' != $environment) {
-            $start_settings['env'] = $environment;
-            $start_settings['prod'] = false;
-        } else {
-            $start_settings['env'] = $environment;
-            $start_settings['prod'] = true;
-        }
-
-        $start_settings['owner'] = '';
-
-        if (function_exists('posix_getpwuid')) { // Probably Linux
-            $owner = posix_getpwuid(fileowner($_SERVER['SCRIPT_FILENAME']));
-            // This *should* be an array, but we've seen this return a bool in some chrooted environments
-            if (is_array($owner)) {
-                $start_settings['owner'] = $owner['name'];
-            }
-        }
-
-        if (($start_settings['owner'] === 'root') || ($start_settings['owner'] === '0')) {
-            $start_settings['owner_is_admin'] = true;
-        } else {
-            $start_settings['owner_is_admin'] = false;
-        }
-
-        $start_settings['writable'] = $this->storagePathIsWritable();
-
-        $start_settings['gd'] = extension_loaded('gd');
-
-        return view('setup/index')
-            ->with('step', 1)
-            ->with('start_settings', $start_settings)
-            ->with('section', 'Pre-Flight Check');
-    }
-
-    /**
-     * Determine if the .env file accessible via a browser.
-     *
-     * @return bool This method will return true when exceptions (such as curl exception) is thrown.
-     * Check the log files to see more details about the exception.
-     */
-    protected function dotEnvFileIsExposed() : bool
-    {
-        try {
-            return Http::withoutVerifying()->timeout(10)
-                ->accept('*/*')
-                ->get(URL::to('.env'))
-                ->successful();
-        } catch (\Exception $e) {
-            Log::debug($e->getMessage());
-            return true;
-        }
-    }
-
-    /**
-     * Determine if the app storage path is writable.
-     */
-    protected function storagePathIsWritable(): bool
-    {
-        return File::isWritable(storage_path())                  &&
-            File::isWritable(storage_path('framework'))          &&
-            File::isWritable(storage_path('framework/cache'))    &&
-            File::isWritable(storage_path('framework/sessions')) &&
-            File::isWritable(storage_path('framework/views'))    &&
-            File::isWritable(storage_path('logs'));
-    }
-
-    /**
-     * Save the first admin user from Setup.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v3.0]
-     *
-     */
-    public function postSaveFirstAdmin(SetupUserRequest $request) : RedirectResponse
-    {
-
-        $user = new User();
-        $user->first_name = $data['first_name'] = $request->input('first_name');
-        $user->last_name = $request->input('last_name');
-        $user->email = $data['email'] = $request->input('email');
-        $user->activated = 1;
-        $permissions = ['superuser' => 1];
-        $user->permissions = json_encode($permissions);
-        $user->username = $data['username'] = $request->input('username');
-        $user->password = bcrypt($request->input('password'));
-        $data['password'] = $request->input('password');
-
-        $settings = new Setting();
-        $settings->full_multiple_companies_support = $request->input('full_multiple_companies_support', 0);
-        $settings->site_name = $request->input('site_name');
-        $settings->alert_email = $request->input('email');
-        $settings->alerts_enabled = 1;
-        $settings->pwd_secure_min = 10;
-        $settings->brand = 1;
-        $settings->locale = $request->input('locale', 'en-US');
-        $settings->default_currency = $request->input('default_currency', 'USD');
-        $settings->created_by = 1;
-        $settings->email_domain = $request->input('email_domain');
-        $settings->email_format = $request->input('email_format');
-        $settings->next_auto_tag_base = 1;
-        $settings->auto_increment_assets = $request->input('auto_increment_assets', 0);
-        $settings->auto_increment_prefix = $request->input('auto_increment_prefix');
-        $settings->zerofill_count = $request->input('zerofill_count') ?: 0;
-
-        if ((! $user->isValid()) || (! $settings->isValid())) {
-            return redirect()->back()->withInput()->withErrors($user->getErrors())->withErrors($settings->getErrors());
-        } else {
-            $user->save();
-            Auth::login($user, true);
-            $settings->save();
-
-            if ($request->input('email_creds') == '1') {
-                $data = [];
-                $data['email'] = $user->email;
-                $data['username'] = $user->username;
-                $data['first_name'] = $user->first_name;
-                $data['last_name'] = $user->last_name;
-                $data['password'] = $request->input('password');
-                $user->notify(new FirstAdminNotification($data));
-            }
-
-            return redirect()->route('setup.done');
-        }
-    }
-
-    /**
-     * Return the admin user creation form in Setup.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     *
-     * @since [v3.0]
-     */
-    public function getSetupUser() : View
-    {
-        return view('setup/user')
-            ->with('step', 3)
-            ->with('section', 'Create a User');
-    }
-
-    /**
-     * Return the view that tells the user that the Setup is done.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     *
-     * @since [v3.0]
-     */
-    public function getSetupDone() : View
-    {
-        return view('setup/done')
-            ->with('step', 4)
-            ->with('section', 'Done!');
-    }
-
-    /**
-     * Migrate the database tables, and return the output
-     * to a view for Setup.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     *
-     * @since [v3.0]
-     */
-    public function getSetupMigrate() : View
-    {
-        Artisan::call('migrate', ['--force' => true]);
-        if ((! file_exists(storage_path().'/oauth-private.key')) || (! file_exists(storage_path().'/oauth-public.key'))) {
-            Artisan::call('migrate', ['--path' => 'vendor/laravel/passport/database/migrations', '--force' => true]);
-            Artisan::call('passport:install', ['--no-interaction' => true]);
-        }
-
-        return view('setup/migrate')
-            ->with('output', 'Databases installed!')
-            ->with('step', 2)
-            ->with('section', 'Create Database Tables');
-    }

    /**
     * Return a view that shows some of the key settings.
@@ -399,12 +174,10 @@ class SettingsController extends Controller
        }

        $setting->brand = $request->input('brand', '1');
-        $setting->header_color = $request->input('header_color');
+
        $setting->support_footer = $request->input('support_footer');
        $setting->version_footer = $request->input('version_footer');
        $setting->footer_text = $request->input('footer_text');
-        $setting->skin = $request->input('skin');
-        $setting->allow_user_skin = $request->input('allow_user_skin', '0');
        $setting->show_url_in_emails = $request->input('show_url_in_emails', '0');
        $setting->logo_print_assets = $request->input('logo_print_assets', '0');
        $setting->load_remote = $request->input('load_remote', 0);
@@ -418,6 +191,11 @@ class SettingsController extends Controller
                $request->validate(['site_name' => 'required']);
            }

+            $setting->header_color = $request->input('header_color');
+            $setting->link_light_color = $request->input('link_light_color', '#296282');
+            $setting->link_dark_color = $request->input('link_dark_color', '#296282');
+            $setting->nav_link_color = $request->input('nav_link_color', '#FFFFFF');
+            
            $setting->site_name = $request->input('site_name', 'Snipe-IT');
            $setting->custom_css = $request->input('custom_css');

@@ -589,6 +367,7 @@ class SettingsController extends Controller
        $setting->time_display_format = $request->input('time_display_format');
        $setting->digit_separator = $request->input('digit_separator');
        $setting->name_display_format = $request->input('name_display_format');
+        $setting->week_start = $request->input('week_start', 0);

        if ($setting->save()) {
            return redirect()->route('settings.index')
@@ -772,6 +551,7 @@ class SettingsController extends Controller
        $setting->label2_asset_logo = $request->input('label2_asset_logo');
        $setting->label2_1d_type = $request->input('label2_1d_type');
        $setting->label2_2d_type = $request->input('label2_2d_type');
+        $setting->label2_2d_prefix = $request->input('label2_2d_prefix');
        $setting->label2_2d_target = $request->input('label2_2d_target');
        $setting->label2_fields = $request->input('label2_fields');
        $setting->label2_empty_row_count = $request->input('label2_empty_row_count');
@@ -0,0 +1,270 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Http\Requests\SetupUserRequest;
+use App\Models\Setting;
+use App\Models\User;
+use App\Notifications\FirstAdminNotification;
+use Illuminate\Http\RedirectResponse;
+use Illuminate\Support\Facades\App;
+use Illuminate\Support\Facades\Artisan;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\File;
+use Illuminate\Support\Facades\Http;
+use Illuminate\Support\Facades\Log;
+use Illuminate\Support\Facades\URL;
+use \Illuminate\Contracts\View\View;
+
+
+/**
+ * This controller handles all actions related to Settings for
+ * the Snipe-IT Asset Management application.
+ *
+ * @version    v1.0
+ */
+class SetupController extends Controller
+{
+    /**
+     * Checks to see whether or not the database has a migrations table
+     * and a user, otherwise display the setup view.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     *
+     * @since [v3.0]
+     *
+     * @return \Illuminate\Contracts\View\View | \Illuminate\Http\Response
+     */
+    public function getSetupIndex() : View
+    {
+        $start_settings['php_version_min'] = false;
+
+        if (version_compare(PHP_VERSION, config('app.min_php'), '<')) {
+            return response('<center><h1>This software requires PHP version '.config('app.min_php').' or greater. This server is running '.PHP_VERSION.'. </h1><h2>Please upgrade PHP on this server and try again. </h2></center>', 500);
+        }
+
+        try {
+            $conn = DB::select('select 2 + 2');
+            $start_settings['db_conn'] = true;
+            $start_settings['db_name'] = DB::connection()->getDatabaseName();
+            $start_settings['db_error'] = null;
+        } catch (\PDOException $e) {
+            $start_settings['db_conn'] = false;
+            $start_settings['db_name'] = config('database.connections.mysql.database');
+            $start_settings['db_error'] = $e->getMessage();
+        }
+
+        $start_settings['url_config'] = trim(config('app.url'), '/'). '/setup';
+        $start_settings['real_url']  = request()->url();
+        $start_settings['url_valid'] = $start_settings['url_config'] === $start_settings['real_url'];
+        $start_settings['php_version_min'] = true;
+
+        // Curl the .env file to make sure it's not accessible via a browser
+        $start_settings['env_exposed'] = $this->dotEnvFileIsExposed();
+
+        if (App::Environment('production') && (true == config('app.debug'))) {
+            $start_settings['debug_exposed'] = true;
+        } else {
+            $start_settings['debug_exposed'] = false;
+        }
+
+        $environment = app()->environment();
+        if ('production' != $environment) {
+            $start_settings['env'] = $environment;
+            $start_settings['prod'] = false;
+        } else {
+            $start_settings['env'] = $environment;
+            $start_settings['prod'] = true;
+        }
+
+        $start_settings['owner'] = '';
+
+        if (function_exists('posix_getpwuid')) { // Probably Linux
+            $owner = posix_getpwuid(fileowner($_SERVER['SCRIPT_FILENAME']));
+            // This *should* be an array, but we've seen this return a bool in some chrooted environments
+            if (is_array($owner)) {
+                $start_settings['owner'] = $owner['name'];
+            }
+        }
+
+        if (($start_settings['owner'] === 'root') || ($start_settings['owner'] === '0')) {
+            $start_settings['owner_is_admin'] = true;
+        } else {
+            $start_settings['owner_is_admin'] = false;
+        }
+
+        $start_settings['writable'] = $this->storagePathIsWritable();
+
+        $start_settings['gd'] = extension_loaded('gd');
+
+        return view('setup/index')
+            ->with('step', 1)
+            ->with('start_settings', $start_settings)
+            ->with('section', trans('general.setup_config_check'))
+            ->with('icon', 'fa-regular fa-rectangle-list');
+    }
+
+    /**
+     * Determine if the .env file accessible via a browser.
+     *
+     * @return bool This method will return true when exceptions (such as curl exception) is thrown.
+     * Check the log files to see more details about the exception.
+     */
+    protected function dotEnvFileIsExposed() : bool
+    {
+        try {
+            return Http::withoutVerifying()->timeout(10)
+                ->accept('*/*')
+                ->get(URL::to('.env'))
+                ->successful();
+        } catch (\Exception $e) {
+            Log::debug($e->getMessage());
+            return true;
+        }
+    }
+
+    /**
+     * Determine if the app storage path is writable.
+     */
+    protected function storagePathIsWritable(): bool
+    {
+        return File::isWritable(storage_path())                  &&
+            File::isWritable(storage_path('framework'))          &&
+            File::isWritable(storage_path('framework/cache'))    &&
+            File::isWritable(storage_path('framework/sessions')) &&
+            File::isWritable(storage_path('framework/views'))    &&
+            File::isWritable(storage_path('logs'));
+    }
+
+    /**
+     * Save the first admin user from Setup.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     *
+     */
+    public function postSaveFirstAdmin(SetupUserRequest $request) : RedirectResponse
+    {
+
+        $user = new User();
+        $user->first_name = $data['first_name'] = $request->input('first_name');
+        $user->last_name = $request->input('last_name');
+        $user->email = $data['email'] = $request->input('email');
+        $user->activated = 1;
+        $permissions = ['superuser' => 1];
+        $user->permissions = json_encode($permissions);
+        $user->username = $data['username'] = $request->input('username');
+        $user->password = bcrypt($request->input('password'));
+        $data['password'] = $request->input('password');
+
+        $settings = new Setting();
+        $settings->full_multiple_companies_support = $request->input('full_multiple_companies_support', 0);
+        $settings->site_name = $request->input('site_name');
+        $settings->alert_email = $request->input('email');
+        $settings->alerts_enabled = 1;
+        $settings->pwd_secure_min = 10;
+        $settings->brand = 1;
+        $settings->link_light_color = $request->input('link_light_color', '#296282');
+        $settings->link_dark_color = $request->input('link_dark_color', '#296282');
+        $settings->nav_link_color = $request->input('nav_link_color', '#FFFFFF');
+        $settings->locale = $request->input('locale', 'en-US');
+        $settings->default_currency = $request->input('default_currency', 'USD');
+        $settings->created_by = 1;
+        $settings->email_domain = $request->input('email_domain');
+        $settings->email_format = $request->input('email_format');
+        $settings->next_auto_tag_base = 1;
+        $settings->auto_increment_assets = $request->input('auto_increment_assets', 0);
+        $settings->auto_increment_prefix = $request->input('auto_increment_prefix');
+        $settings->zerofill_count = $request->input('zerofill_count') ?: 0;
+
+        if ((! $user->isValid()) || (! $settings->isValid())) {
+            return redirect()->back()->withInput()->withErrors($user->getErrors())->withErrors($settings->getErrors());
+        } else {
+            $user->save();
+            Auth::login($user, true);
+            $settings->save();
+
+            if ($request->input('email_creds') == '1') {
+                $data = [];
+                $data['email'] = $user->email;
+                $data['username'] = $user->username;
+                $data['first_name'] = $user->first_name;
+                $data['last_name'] = $user->last_name;
+                $data['password'] = $request->input('password');
+                $user->notify(new FirstAdminNotification($data));
+            }
+
+            return redirect()
+                ->route('setup.done')
+                ->with('section', trans('general.setup_create_admin'))
+                ->with('icon', 'fa-solid fa-champagne-glasses')
+                ->with('success', trans('admin/settings/general.create_admin_success'));
+        }
+    }
+
+    /**
+     * Return the admin user creation form in Setup.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     *
+     * @since [v3.0]
+     */
+    public function getSetupUser() : View
+    {
+        return view('setup/user')
+            ->with('step', 3)
+            ->with('section', trans('general.setup_create_admin'))
+            ->with('icon', 'fa-solid fa-user-plus');
+    }
+
+    /**
+     * Return the view that tells the user that the Setup is done.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     *
+     * @since [v3.0]
+     */
+    public function getSetupDone() : View
+    {
+        return view('setup/done')
+            ->with('success', trans('general.create_admin_success'))
+            ->with('step', 4)
+            ->with('icon', 'fa-solid fa-champagne-glasses fa-shake')
+            ->with('section', trans('general.setup_done'));
+    }
+
+
+
+    /**
+     * Migrate the database tables, and return the output
+     * to a view for Setup.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     *
+     * @since [v3.0]
+     */
+    public function setupMigrate()
+    {
+        Artisan::call('migrate', ['--force' => true]);
+        $output = Artisan::output();
+        if ((! file_exists(storage_path().'/oauth-private.key')) || (! file_exists(storage_path().'/oauth-public.key'))) {
+            Artisan::call('migrate', ['--path' => 'vendor/laravel/passport/database/migrations', '--force' => true]);
+            Artisan::call('passport:install', ['--no-interaction' => true]);
+        }
+
+        return view('setup/migrate')
+            ->with('success', trans('general.create_admin_success'))
+            ->with('output', trim($output))
+            ->with('step', 2)
+            ->with('section', trans('general.setup_create_database'))
+            ->with('icon', 'fa-solid fa-database');
+    }
+
+
+
+
+
+
+
+}
@@ -67,6 +67,7 @@ class SuppliersController extends Controller
        $supplier->phone = request('phone');
        $supplier->fax = request('fax');
        $supplier->email = request('email');
+        $supplier->tag_color  = $request->input('tag_color');
        $supplier->notes = request('notes');
        $supplier->url = $supplier->addhttp(request('url'));
        $supplier->created_by = auth()->id();
@@ -111,6 +112,7 @@ class SuppliersController extends Controller
        $supplier->fax = request('fax');
        $supplier->email = request('email');
        $supplier->url = $supplier->addhttp(request('url'));
+        $supplier->tag_color  = $request->input('tag_color');
        $supplier->notes = request('notes');
        $supplier = $request->handleImages($supplier);

@@ -2,9 +2,11 @@

 namespace App\Http\Controllers;

+use App\Helpers\Helper;
 use App\Helpers\StorageHelper;
 use App\Http\Requests\UploadFileRequest;
 use App\Models\Actionlog;
+use App\Models\Import;
 use Illuminate\Http\RedirectResponse;
 use Illuminate\Support\Facades\Storage;
 use Symfony\Component\HttpFoundation\BinaryFileResponse;
@@ -155,7 +157,31 @@ class UploadedFilesController extends Controller
        }

        // The file doesn't seem to really exist, so report an error
-        return redirect()->back()->withFragment('files')->with('success', trans_choice('general.file_upload_status.delete.error', 1));
+        return redirect()->back()->withFragment('files')->with('error', trans_choice('general.file_upload_status.delete.error', 1));
+
+    }
+
+    public function downloadImport(Import $import) {
+
+        $this->authorize('import');
+
+        if ($import = Import::find($import->id)) {
+
+            if ((auth()->user()->id != $import->created_by) && (!auth()->user()->isSuperUser())) {
+                return redirect()->back()->with('error', trans('general.file_upload_status.file_not_found'));
+            }
+
+            if (config('filesystems.default') == 's3_private') {
+                return redirect()->away(Storage::disk('s3_private')->temporaryUrl('private_uploads/imports/' . $import->file_path, now()->addMinutes(5)));
+            }
+
+            if (Storage::exists('private_uploads/imports/' . $import->file_path)) {
+                return response()->download(config('app.private_uploads') . '/imports/' . $import->file_path);
+            }
+
+        }
+
+        return redirect()->back()->with('error', trans('general.file_upload_status.file_not_found'));

    }

@@ -4,6 +4,7 @@ namespace App\Http\Controllers;

 use App\Actions\CheckoutRequests\CancelCheckoutRequestAction;
 use App\Actions\CheckoutRequests\CreateCheckoutRequestAction;
+use App\Enums\ActionType;
 use App\Exceptions\AssetNotRequestable;
 use App\Models\Actionlog;
 use App\Models\Asset;
@@ -155,7 +156,19 @@ class ViewAssetsController extends Controller
    public function getRequestableIndex() : View
    {
        $assets = Asset::with('model', 'defaultLoc', 'location', 'assignedTo', 'requests')->Hardware()->RequestableAssets();
-        $models = AssetModel::with('category', 'requests', 'assets')->RequestableModels()->get();
+        $models = AssetModel::with([
+            'category',
+            'requests',
+            'assets' => function ($q) {
+                $q->where('requestable', 1)
+                    ->whereHas('assetstatus', fn ($s) =>
+                    $s->where('archived', 0)
+                        ->where(fn ($s) =>
+                        $s->where('deployable', 1)->orWhere('pending', 1)
+                        )
+                    );
+            },
+        ])->RequestableModels()->get();

        return view('account/requestable-assets', compact('assets', 'models'));
    }
@@ -201,7 +214,7 @@ class ViewAssetsController extends Controller
        if (($item_request = $item->isRequestedBy($user)) || $cancel_by_admin) {
            $item->cancelRequest($requestingUser);
            $data['item_quantity'] = ($item_request) ? $item_request->qty : 1;
-            $logaction->logaction('request_canceled');
+            $logaction->logaction(ActionType::RequestCanceled);

            if (($settings->alert_email != '') && ($settings->alerts_enabled == '1') && (! config('app.lock_passwords'))) {
                $settings->notify(new RequestAssetCancelation($data));
@@ -44,6 +44,7 @@ class Kernel extends HttpKernel
            \App\Http\Middleware\CheckForTwoFactor::class,
            \Laravel\Passport\Http\Middleware\CreateFreshApiToken::class,
            \App\Http\Middleware\AssetCountForSidebar::class,
+            \App\Http\Middleware\CheckColorSettings::class,
            \Illuminate\Session\Middleware\AuthenticateSession::class,
            \Illuminate\Routing\Middleware\SubstituteBindings::class,
        ],
@@ -0,0 +1,75 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use App\Models\Setting;
+use Closure;
+use Illuminate\Contracts\Auth\Guard;
+use Illuminate\Support\Facades\Auth;
+
+class CheckColorSettings
+{
+    /**
+     * The Guard implementation.
+     *
+     * @var Guard
+     */
+    protected $auth;
+
+    /**
+     * Create a new filter instance.
+     *
+     * @param  Guard  $auth
+     * @return void
+     */
+    public function __construct(Guard $auth)
+    {
+        $this->auth = $auth;
+    }
+
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+
+        // Set defaults in case this is accessed via the /setup screen
+        $nav_color = '#ffffff';
+        $link_dark_color = '#89c9ed';
+        $link_light_color = '#3c8dbc';
+
+
+        if ($settings = Setting::getSettings()) {
+            $nav_color = $settings->nav_link_color;
+            $link_dark_color = $settings->link_dark_color;
+            $link_light_color = $settings->link_light_color;
+        }
+
+
+        // Override system settings
+        if ($request->user()) {
+
+            if ($request->user()->nav_color) {
+                $nav_color = $request->user()->nav_color;
+            }
+            if ($request->user()->link_dark_color) {
+                $link_dark_color = $request->user()->link_dark_color;
+            }
+            if ($request->user()->nav_color) {
+                $link_light_color = $request->user()->link_light_color;
+            }
+        }
+
+
+        view()->share('nav_link_color', $nav_color);
+        view()->share('link_dark_color', $link_dark_color);
+        view()->share('link_light_color', $link_light_color);
+
+        return $next($request);
+
+    }
+}
@@ -0,0 +1,68 @@
+<?php
+
+namespace App\Http\Requests;
+
+use App\Http\Requests\Traits\MayContainCustomFields;
+use App\Models\Asset;
+use Illuminate\Foundation\Http\FormRequest;
+use App\Helpers\Helper;
+use App\Models\Setting;
+use App\Models\AssetModel;
+use App\Rules\UniqueUndeleted;
+use Illuminate\Support\Str;
+
+class CreateMultipleAssetRequest extends ImageUploadRequest //should I extend from StoreAssetRequest? FIXME OR TODO OR THINKME
+{
+    use MayContainCustomFields;
+
+    /**
+     * Determine if the user is authorized to make this request.
+     */
+    public function authorize(): bool
+    {
+        return true; //TODO - should I do the auth check here?
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
+     */
+    public function rules(): array
+    {
+        //grab the rules for serials and asset_tags, and tweak them into an array context for multi-create usage
+        $modelRules = (new Asset)->getRules();
+        unset($modelRules['serial']);
+
+        $asset_tag_rules = $modelRules['asset_tag'];
+        unset($modelRules['asset_tag']);
+        // now we replace the 'not_array' rule with 'distinct'
+        array_splice($asset_tag_rules, array_search('not_array', $asset_tag_rules), 1, 'distinct');
+        // and replace the 'unique_undeleted' rule with the Rule object
+        foreach ($asset_tag_rules as $i => $asset_tag_rule) {
+            if (Str::startsWith($asset_tag_rule, 'unique_undeleted')) {
+                $asset_tag_rules[$i] = new UniqueUndeleted('assets', 'asset_tag');
+            }
+        }
+
+        $serials_unique = Setting::getSettings()['unique_serial'];
+        $serials_required = AssetModel::find($this?->model_id)?->require_serial;
+
+        $serial_rules = ['string'];
+        if ($serials_unique) {
+//            $serial_rules[] = 'unique_undeleted:assets,serial';
+            $serial_rules[] = new UniqueUndeleted('assets', 'serial');
+            $serial_rules[] = 'distinct';
+        }
+        if ($serials_required) {
+            $serial_rules[] = 'required';
+        } else {
+            $serial_rules[] = 'nullable';
+        }
+
+        return array_merge($modelRules, [
+            'serials.*' => $serial_rules,
+            'asset_tags.*' => $asset_tag_rules,
+        ]);
+    }
+}
@@ -0,0 +1,29 @@
+<?php
+
+namespace App\Http\Requests;
+
+use App\Rules\ValidJson;
+use Illuminate\Foundation\Http\FormRequest;
+
+class FilterRequest extends FormRequest
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     */
+    public function authorize(): bool
+    {
+        return true;
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
+     */
+    public function rules(): array
+    {
+        return [
+            'filter' => ['nullable', new ValidJson()],
+        ];
+    }
+}
@@ -28,7 +28,6 @@ class SetupUserRequest extends Request
          'username' => 'required|string|min:2|unique:users,username,NULL,deleted_at',
          'email' => 'email|unique:users,email',
          'password' => 'required|min:8|confirmed',
-          'email_domain' => 'required|min:4',
        ];
    }

@@ -0,0 +1,32 @@
+<?php
+
+namespace App\Http\Requests;
+
+use App\Models\Department;
+use Illuminate\Foundation\Http\FormRequest;
+use Illuminate\Support\Facades\Gate;
+
+class StoreDepartmentRequest extends ImageUploadRequest
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     */
+    public function authorize(): bool
+    {
+        return Gate::allows('create', new Department);
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
+     */
+    public function rules(): array
+    {
+        $modelRules = (new Department)->getRules();
+
+        return array_merge(
+            $modelRules,
+        );
+    }
+}
@@ -49,6 +49,7 @@ class StoreLabelSettings extends FormRequest
            'labels_pagewidth'                    => 'numeric|nullable',
            'labels_pageheight'                   => 'numeric|nullable',
            'qr_text'                             => 'max:31|nullable',
+            'label2_2d_prefix'                    => 'nullable|max:191',
            'label2_template'                     => [
                'required',
                Rule::in($names),
@@ -28,23 +28,31 @@ class UpdateAssetRequest extends ImageUploadRequest
     */
    public function rules()
    {
+        $setting = Setting::getSettings();
+
        $rules = array_merge(
            parent::rules(),
            (new Asset)->getRules(),
-            // this is to overwrite rulesets that include required, and rewrite unique_undeleted
+            // This overwrites the rulesets that are set at the model level (via Watson) but are not necessarily required at the request level when doing a PATCH update.
+            // Confusingly, this skips the unique_undeleted validator at the model level (and therefore the UniqueUndeletedTrait), so we have to re-add those
+            // rules here without the requiredness, since those values will already exist if you're updating an existing asset.
            [
                'model_id'  => ['integer', 'exists:models,id,deleted_at,NULL', 'not_array'],
                'status_id' => ['integer', 'exists:status_labels,id'],
                'asset_tag' => [
                    'min:1', 'max:255', 'not_array',
-                    Rule::unique('assets', 'asset_tag')->ignore($this->asset)->withoutTrashed()
+                    Rule::unique('assets', 'asset_tag')->ignore($this->asset)->withoutTrashed(),
+                ],
+                'serial' => [
+                    'string', 'max:255', 'not_array',
+                    $setting->unique_serial=='1' ? Rule::unique('assets', 'serial')->ignore($this->asset)->withoutTrashed() : 'nullable',
                ],
            ],
        );

        // if the purchase cost is passed in as a string **and** the digit_separator is ',' (as is common in the EU)
        // then we tweak the purchase_cost rule to make it a string
-        if (Setting::getSettings()->digit_separator === '1.234,56' && is_string($this->input('purchase_cost'))) {
+        if ($setting->digit_separator === '1.234,56' && is_string($this->input('purchase_cost'))) {
            $rules['purchase_cost'] = ['nullable', 'string'];
        }

@@ -26,12 +26,32 @@ class AccessoriesTransformer
            'id' => $accessory->id,
            'name' => e($accessory->name),
            'image' => ($accessory->image) ? Storage::disk('public')->url('accessories/'.e($accessory->image)) : null,
-            'company' => ($accessory->company) ? ['id' => $accessory->company->id, 'name'=> e($accessory->company->name)] : null,
-            'manufacturer' => ($accessory->manufacturer) ? ['id' => $accessory->manufacturer->id, 'name'=> e($accessory->manufacturer->name)] : null,
-            'supplier' => ($accessory->supplier) ? ['id' => $accessory->supplier->id, 'name'=> e($accessory->supplier->name)] : null,
+            'company' => ($accessory->company) ? [
+                'id' => $accessory->company->id,
+                'name'=> e($accessory->company->name),
+                'tag_color'=> ($accessory->company->tag_color) ? e($accessory->company->tag_color) : null,
+            ] : null,
+            'manufacturer' => ($accessory->manufacturer) ? [
+                'id' => $accessory->manufacturer->id,
+                'name'=> e($accessory->manufacturer->name),
+                'tag_color'=> ($accessory->manufacturer->tag_color) ? e($accessory->manufacturer->tag_color) : null,
+            ] : null,
+            'supplier' => ($accessory->supplier) ? [
+                'id' => $accessory->supplier->id,
+                'name'=> e($accessory->supplier->name),
+                'tag_color'=> ($accessory->supplier->tag_color) ? e($accessory->supplier->tag_color) : null,
+            ] : null,
            'model_number' => ($accessory->model_number) ? e($accessory->model_number) : null,
-            'category' => ($accessory->category) ? ['id' => $accessory->category->id, 'name'=> e($accessory->category->name)] : null,
-            'location' => ($accessory->location) ? ['id' => $accessory->location->id, 'name'=> e($accessory->location->name)] : null,
+            'category' => ($accessory->category) ? [
+                'id' => $accessory->category->id,
+                'name'=> e($accessory->category->name),
+                'tag_color'=> ($accessory->category->tag_color) ? e($accessory->category->tag_color) : null,
+            ] : null,
+            'location' => ($accessory->location) ? [
+                'id' => $accessory->location->id,
+                'name'=> e($accessory->location->name),
+                'tag_color'=> ($accessory->location->tag_color) ? e($accessory->location->tag_color) : null,
+            ] : null,
            'notes' => ($accessory->notes) ? Helper::parseEscapedMarkedownInline($accessory->notes) : null,
            'qty' => ($accessory->qty) ? (int) $accessory->qty : null,
            'purchase_date' => ($accessory->purchase_date) ? Helper::getFormattedDateObject($accessory->purchase_date, 'date') : null,
@@ -161,6 +161,7 @@ class ActionlogsTransformer
            'location' => ($actionlog->location) ? [
                'id' => (int) $actionlog->location->id,
                'name' => e($actionlog->location->name),
+                'tag_color'=> ($actionlog->location->tag_color) ? e($actionlog->location->tag_color) : null,
            ] : null,
            'created_at'    => Helper::getFormattedDateObject($actionlog->created_at, 'datetime'),
            'updated_at'    => Helper::getFormattedDateObject($actionlog->updated_at, 'datetime'),
@@ -44,6 +44,7 @@ class AssetModelsTransformer
            'manufacturer' => ($assetmodel->manufacturer) ? [
                'id' => (int) $assetmodel->manufacturer->id,
                'name'=> e($assetmodel->manufacturer->name),
+                'tag_color'=> ($assetmodel->manufacturer->tag_color) ? e($assetmodel->manufacturer->tag_color) : null,
            ] : null,
            'image' => ($assetmodel->image != '') ? Storage::disk('public')->url('models/'.e($assetmodel->image)) : null,
            'model_number' => ($assetmodel->model_number ? e($assetmodel->model_number): null),
@@ -60,6 +61,7 @@ class AssetModelsTransformer
            'category' => ($assetmodel->category) ? [
                'id' => (int) $assetmodel->category->id,
                'name'=> e($assetmodel->category->name),
+                'tag_color'=> ($assetmodel->category->tag_color) ? e($assetmodel->category->tag_color) : null,
            ] : null,
            'fieldset' => ($assetmodel->fieldset) ? [
                'id' => (int) $assetmodel->fieldset->id,
@@ -40,7 +40,6 @@ class AssetsTransformer
            ] : null,
            'byod' => ($asset->byod ? true : false),
            'requestable' => ($asset->requestable ? true : false),
-
            'model_number' => (($asset->model) && ($asset->model->model_number)) ? e($asset->model->model_number) : null,
            'eol' => (($asset->asset_eol_date != '') && ($asset->purchase_date != '')) ? (int) Carbon::parse($asset->asset_eol_date)->diffInMonths($asset->purchase_date, true) . ' months' : null,
            'asset_eol_date' => ($asset->asset_eol_date != '') ? Helper::getFormattedDateObject($asset->asset_eol_date, 'date') : null,
@@ -53,10 +52,12 @@ class AssetsTransformer
            'category' => (($asset->model) && ($asset->model->category)) ? [
                'id' => (int) $asset->model->category->id,
                'name'=> e($asset->model->category->name),
+                'tag_color'=> ($asset->model->category->tag_color) ? e($asset->model->category->tag_color) : null,
            ] : null,
            'manufacturer' => (($asset->model) && ($asset->model->manufacturer)) ? [
                'id' => (int) $asset->model->manufacturer->id,
                'name'=> e($asset->model->manufacturer->name),
+                'tag_color'=> ($asset->model->manufacturer->tag_color) ? e($asset->model->manufacturer->tag_color) : null,
            ] : null,
            'depreciation' => (($asset->model) && ($asset->model->depreciation)) ? [
                'id' => (int) $asset->model->depreciation->id,
@@ -68,20 +69,24 @@ class AssetsTransformer
            'supplier' => ($asset->supplier) ? [
                'id' => (int) $asset->supplier->id,
                'name'=> e($asset->supplier->name),
+                'tag_color'=> ($asset->supplier->tag_color) ? e($asset->supplier->tag_color) : null,
            ] : null,
            'notes' => ($asset->notes) ? Helper::parseEscapedMarkedownInline($asset->notes) : null,
            'order_number' => ($asset->order_number) ? e($asset->order_number) : null,
            'company' => ($asset->company) ? [
                'id' => (int) $asset->company->id,
                'name'=> e($asset->company->name),
+                'tag_color'=> ($asset->company->tag_color) ? e($asset->company->tag_color) : null,
            ] : null,
            'location' => ($asset->location) ? [
                'id' => (int) $asset->location->id,
                'name'=> e($asset->location->name),
+                'tag_color'=> ($asset->location->tag_color) ? e($asset->location->tag_color) : null,
            ] : null,
            'rtd_location' => ($asset->defaultLoc) ? [
                'id' => (int) $asset->defaultLoc->id,
                'name'=> e($asset->defaultLoc->name),
+                'tag_color'=> ($asset->defaultLoc->tag_color) ? e($asset->defaultLoc->tag_color) : null,
            ] : null,
            'image' => ($asset->getImageUrl()) ? $asset->getImageUrl() : null,
            'qr' => ($setting->qr_code=='1') ? config('app.url').'/uploads/barcodes/qr-'.str_slug($asset->asset_tag).'-'.str_slug($asset->id).'.png' : null,
@@ -66,6 +66,7 @@ class CategoriesTransformer
                    'id' => (int) $category->adminuser->id,
                    'name'=> e($category->adminuser->display_name),
                ] : null,
+                'tag_color' => $category->tag_color ? e($category->tag_color) : null,
                'notes' => Helper::parseEscapedMarkedownInline($category->notes),
                'created_at' => Helper::getFormattedDateObject($category->created_at, 'datetime'),
                'updated_at' => Helper::getFormattedDateObject($category->updated_at, 'datetime'),
@@ -40,6 +40,7 @@ class CompaniesTransformer
                    'id' => (int) $company->adminuser->id,
                    'name'=> e($company->adminuser->display_name),
                ] : null,
+                'tag_color' => ($company->tag_color!='') ? e($company->tag_color): null,
                'notes' => Helper::parseEscapedMarkedownInline($company->notes),
                'created_at' => Helper::getFormattedDateObject($company->created_at, 'datetime'),
                'updated_at' => Helper::getFormattedDateObject($company->updated_at, 'datetime'),
@@ -30,15 +30,25 @@ class ComponentsTransformer
            'location' => ($component->location) ? [
                'id' => (int) $component->location->id,
                'name' => e($component->location->name),
+                'tag_color' => $component->location->tag_color ? e($component->location->tag_color) : null,
            ] : null,
            'qty' => ($component->qty != '') ? (int) $component->qty : null,
            'min_amt' => ($component->min_amt != '') ? (int) $component->min_amt : null,
            'category' => ($component->category) ? [
                'id' => (int) $component->category->id,
                'name' => e($component->category->name),
+                'tag_color' => $component->category->tag_color ? e($component->category->tag_color) : null,
+            ] : null,
+            'supplier' => ($component->supplier) ? [
+                'id' => $component->supplier->id,
+                'name'=> e($component->supplier->name),
+                'tag_color' => $component->supplier->tag_color ? e($component->supplier->tag_color) : null,
+            ] : null,
+            'manufacturer' => ($component->manufacturer) ? [
+                'id' => $component->manufacturer->id,
+                'name'=> e($component->manufacturer->name),
+                'tag_color' => $component->manufacturer->tag_color ? e($component->manufacturer->tag_color) : null,
            ] : null,
-            'supplier' => ($component->supplier) ? ['id' => $component->supplier->id, 'name'=> e($component->supplier->name)] : null,
-            'manufacturer' => ($component->manufacturer) ? ['id' => $component->manufacturer->id, 'name'=> e($component->manufacturer->name)] : null,
            'model_number' => ($component->model_number) ? e($component->model_number) : null,
            'order_number'  => e($component->order_number),
            'purchase_date' =>  Helper::getFormattedDateObject($component->purchase_date, 'date'),
@@ -48,6 +58,7 @@ class ComponentsTransformer
            'company'   => ($component->company) ? [
                'id' => (int) $component->company->id,
                'name' => e($component->company->name),
+                'tag_color' => $component->company->tag_color ? e($component->company->tag_color) : null,
            ] : null,
            'notes' => ($component->notes) ? Helper::parseEscapedMarkedownInline($component->notes) : null,
            'created_by' => ($component->adminuser) ? [
@@ -26,12 +26,32 @@ class ConsumablesTransformer
            'id'            => (int) $consumable->id,
            'name'          => e($consumable->name),
            'image' =>   ($consumable->getImageUrl()) ? ($consumable->getImageUrl()) : null,
-            'category'      => ($consumable->category) ? ['id' => $consumable->category->id, 'name' => e($consumable->category->name)] : null,
-            'company'   => ($consumable->company) ? ['id' => (int) $consumable->company->id, 'name' => e($consumable->company->name)] : null,
+            'category'      => ($consumable->category) ? [
+                'id' => $consumable->category->id,
+                'name' => e($consumable->category->name),
+                'tag_color' => $consumable->category->tag_color ? e($consumable->category->tag_color) : null,
+                ] : null,
+            'company'   => ($consumable->company) ? [
+                'id' => (int) $consumable->company->id,
+                'name' => e($consumable->company->name),
+                'tag_color' => $consumable->company->tag_color ? e($consumable->company->tag_color) : null,
+            ] : null,
            'item_no'       => e($consumable->item_no),
-            'location'      => ($consumable->location) ? ['id' => (int) $consumable->location->id, 'name' => e($consumable->location->name)] : null,
-            'manufacturer'  => ($consumable->manufacturer) ? ['id' => (int) $consumable->manufacturer->id, 'name' => e($consumable->manufacturer->name)] : null,
-            'supplier' => ($consumable->supplier) ? ['id' => $consumable->supplier->id, 'name'=> e($consumable->supplier->name)] : null,
+            'location'      => ($consumable->location) ? [
+                'id' => (int) $consumable->location->id,
+                'name' => e($consumable->location->name),
+                'tag_color' => $consumable->location->tag_color ? e($consumable->location->tag_color) : null,
+            ] : null,
+            'manufacturer'  => ($consumable->manufacturer) ? [
+                'id' => (int) $consumable->manufacturer->id,
+                'name' => e($consumable->manufacturer->name),
+                'tag_color' => $consumable->manufacturer->tag_color ? e($consumable->manufacturer->tag_color) : null,
+            ] : null,
+            'supplier' => ($consumable->supplier) ? [
+                'id' => $consumable->supplier->id,
+                'name'=> e($consumable->supplier->name),
+                'tag_color' => $consumable->supplier->tag_color ? e($consumable->supplier->tag_color) : null,
+            ] : null,
            'min_amt'       => (int) $consumable->min_amt,
            'model_number'  => ($consumable->model_number != '') ? e($consumable->model_number) : null,
            'remaining'  => $consumable->numRemaining(),
@@ -32,6 +32,7 @@ class DepartmentsTransformer
                'company' => ($department->company) ? [
                    'id' => (int) $department->company->id,
                    'name'=> e($department->company->name),
+                    'tag_color' => $department->company->tag_color ? e($department->company->tag_color) : null,
                ] : null,
                'manager' => ($department->manager) ? [
                    'id' => (int) $department->manager->id,
@@ -42,8 +43,10 @@ class DepartmentsTransformer
                'location' => ($department->location) ? [
                    'id' => (int) $department->location->id,
                    'name' => e($department->location->name),
+                    'tag_color' => $department->location->tag_color ? e($department->location->tag_color) : null,
                ] : null,
-                'users_count' => e($department->users_count),
+                'users_count' => (int) ($department->users_count),
+                'tag_color' => $department->tag_color ? e($department->tag_color) : null,
                'notes' => Helper::parseEscapedMarkedownInline($department->notes),
                'created_at' => Helper::getFormattedDateObject($department->created_at, 'datetime'),
                'updated_at' => Helper::getFormattedDateObject($department->updated_at, 'datetime'),
@@ -34,8 +34,16 @@ class LicenseSeatsTransformer
                        [
                            'id' => (int) $seat->user->department->id,
                            'name' => e($seat->user->department->name),
+                            'tag_color' => $seat->user->department->tag_color ? e($seat->user->department->tag_color) : null,

                        ] : null,
+                'company'=> ($seat->user->company) ?
+                    [
+                        'id' => (int) $seat->user->company->id,
+                        'name' => e($seat->user->company->name),
+                        'tag_color' => $seat->user->company->tag_color ? e($seat->user->company->tag_color) : null,
+
+                    ] : null,
                'created_at' => Helper::getFormattedDateObject($seat->created_at, 'datetime'),
            ] : null,
            'assigned_asset' => ($seat->asset) ? [
@@ -46,6 +54,7 @@ class LicenseSeatsTransformer
            'location' => ($seat->location()) ? [
                'id' => (int) $seat->location()->id,
                'name'=> e($seat->location()->name),
+                'tag_color' => $seat->location()->tag_color ? e($seat->location()->tag_color) : null,
                'created_at' => Helper::getFormattedDateObject($seat->created_at, 'datetime'),
            ] : null,
            'reassignable' => (bool) $seat->license->reassignable,
@@ -25,7 +25,11 @@ class LicensesTransformer
            'id' => (int) $license->id,
            'name' => e($license->name),
            'company' => ($license->company) ? ['id' => (int) $license->company->id, 'name'=> e($license->company->name)] : null,
-            'manufacturer' =>  ($license->manufacturer) ? ['id' => (int) $license->manufacturer->id, 'name'=> e($license->manufacturer->name)] : null,
+            'manufacturer' =>  ($license->manufacturer) ? [
+                'id' => (int) $license->manufacturer->id,
+                'name'=> e($license->manufacturer->name),
+                'tag_color'=> ($license->manufacturer->tag_color) ? e($license->manufacturer->tag_color) : null,
+            ] : null,
            'product_key' => (Gate::allows('viewKeys', License::class)) ? e($license->serial) : '------------',
            'order_number' => ($license->order_number) ? e($license->order_number) : null,
            'purchase_order' => ($license->purchase_order) ? e($license->purchase_order) : null,
@@ -44,8 +48,16 @@ class LicensesTransformer
            'license_email' => ($license->license_email) ? e($license->license_email) : null,
            'reassignable' => ($license->reassignable == 1) ? true : false,
            'maintained' => ($license->maintained == 1) ? true : false,
-            'supplier' =>  ($license->supplier) ? ['id' => (int) $license->supplier->id, 'name'=> e($license->supplier->name)] : null,
-            'category' =>  ($license->category) ? ['id' => (int) $license->category->id, 'name'=> e($license->category->name)] : null,
+            'supplier' =>  ($license->supplier) ? [
+                'id' => (int) $license->supplier->id,
+                'name'=> e($license->supplier->name),
+                'tag_color'=> ($license->supplier->tag_color) ? e($license->supplier->tag_color) : null,
+            ] : null,
+            'category' =>  ($license->category) ? [
+                'id' => (int) $license->category->id,
+                'name'=> e($license->category->name),
+                'tag_color'=> ($license->category->tag_color) ? e($license->category->tag_color) : null,
+            ] : null,
            'created_by' => ($license->adminuser) ? [
                'id' => (int) $license->adminuser->id,
                'name'=> e($license->adminuser->display_name),
@@ -58,6 +58,7 @@ class LocationsTransformer
                'children_count'    => (int) $location->children_count,
                'currency' =>  ($location->currency) ? e($location->currency) : null,
                'ldap_ou' =>  ($location->ldap_ou) ? e($location->ldap_ou) : null,
+                'tag_color' => $location->tag_color ? e($location->tag_color) : null,
                'notes' => Helper::parseEscapedMarkedownInline($location->notes),
                'created_at' => Helper::getFormattedDateObject($location->created_at, 'datetime'),
                'created_by' => $location->adminuser ? [
@@ -68,11 +69,13 @@ class LocationsTransformer
                'parent' => ($location->parent) ? [
                    'id' => (int) $location->parent->id,
                    'name'=> e($location->parent->name),
+                    'tag_color' => $location->parent->tag_color ? e($location->parent->tag_color) : null,
                ] : null,
                'manager' => ($location->manager) ? (new UsersTransformer)->transformUser($location->manager) : null,
                'company' => ($location->company) ? [
                    'id' => (int) $location->company->id,
-                    'name'=> e($location->company->name)
+                    'name'=> e($location->company->name),
+                    'tag_color' => $location->company->tag_color ? e($location->company->tag_color) : null,
                ] : null,

                'children' => $children_arr,
@@ -37,6 +37,7 @@ class ManufacturersTransformer
                'consumables_count' => (int) $manufacturer->consumables_count,
                'accessories_count' => (int) $manufacturer->accessories_count,
                'components_count' => (int) $manufacturer->components_count,
+                'tag_color' => $manufacturer->tag_color ? e($manufacturer->tag_color) : null,
                'notes' => Helper::parseEscapedMarkedownInline($manufacturer->notes),
                'created_by' => ($manufacturer->adminuser) ? [
                    'id' => (int) $manufacturer->adminuser->id,
@@ -26,6 +26,7 @@ class SelectlistTransformer
                'id' => (int) $select_item->id,
                'text' => ($select_item->use_text) ? $select_item->use_text : $select_item->name,
                'image' => ($select_item->use_image) ? $select_item->use_image : null,
+                'tag_color' => ($select_item->tag_color) ? $select_item->tag_color : null,

            ];
        }
@@ -43,6 +43,7 @@ class SuppliersTransformer
                'licenses_count' => (int) $supplier->licenses_count,
                'consumables_count' => (int) $supplier->consumables_count,
                'components_count' => (int) $supplier->components_count,
+                'tag_color' => $supplier->tag_color ? e($supplier->tag_color) : null,
                'notes' => ($supplier->notes) ? Helper::parseEscapedMarkedownInline($supplier->notes) : null,
                'created_at' => Helper::getFormattedDateObject($supplier->created_at, 'datetime'),
                'created_by' => $supplier->adminuser ? [
@@ -57,6 +57,7 @@ class UsersTransformer
                'department' => ($user->department) ? [
                    'id' => (int) $user->department->id,
                    'name'=> e($user->department->name),
+                    'tag_color' => ($user->department->tag_color) ? e($user->department->tag_color) : null,
                ] : null,
                'department_manager' => ($user->department?->manager) ? [
                    'id' => (int) $user->department->manager->id,
@@ -65,6 +66,7 @@ class UsersTransformer
                'location' => ($user->userloc) ? [
                    'id' => (int) $user->userloc->id,
                    'name'=> e($user->userloc->name),
+                    'tag_color'=> ($user->userloc->tag_color) ? e($user->userloc->tag_color) : null,
                ] : null,
                'notes'=> Helper::parseEscapedMarkedownInline($user->notes),
                'role' => $role,
@@ -80,7 +82,11 @@ class UsersTransformer
                'consumables_count' => (int) $user->consumables_count,
                'manages_users_count' => (int) $user->manages_users_count,
                'manages_locations_count' => (int) $user->manages_locations_count,
-                'company' => ($user->company) ? ['id' => (int) $user->company->id, 'name'=> e($user->company->name)] : null,
+                'company' => ($user->company) ? [
+                    'id' => (int) $user->company->id,
+                    'name'=> e($user->company->name),
+                    'tag_color'=> ($user->company->tag_color) ? e($user->company->tag_color) : null,
+                ] : null,
                'created_by' => ($user->createdBy) ? [
                    'id' => (int) $user->createdBy->id,
                    'name'=> e($user->createdBy->display_name),
@@ -93,6 +93,7 @@ abstract class Importer
        'min_amt' => 'minimum quantity',
        'remote' => 'remote',
        'vip' => 'vip',
+        'tag_color' => 'tag color',
    ];
    /**
     * Map of item fields->csv names
@@ -75,6 +75,7 @@ class LocationImporter extends ItemImporter
        $this->item['manager'] = trim($this->findCsvMatch($row, 'manager'));
        $this->item['manager_username'] = trim($this->findCsvMatch($row, 'manager_username'));
        $this->item['notes'] = trim($this->findCsvMatch($row, 'notes'));
+        $this->item['tag_color'] = trim($this->findCsvMatch($row, 'tag_color'));


        if ($this->findCsvMatch($row, 'parent_location')) {
@@ -96,6 +97,9 @@ class LocationImporter extends ItemImporter
            $location->update($this->sanitizeItemForUpdating($location));
        } else {
            Log::debug('Creating location');
+            if ($this->findCsvMatch($row, 'company')) {
+                $this->item['company_id'] = $this->createOrFetchCompany(trim($this->findCsvMatch($row, 'company')));
+            }
            $location->fill($this->sanitizeItemForStoring($location));
        }

@@ -2,6 +2,7 @@

 namespace App\Livewire;

+use Livewire\Attributes\Computed;
 use Livewire\Component;

 class CategoryEditForm extends Component
@@ -12,43 +13,25 @@ class CategoryEditForm extends Component

    public $eulaText;

-    public $originalSendCheckInEmailValue;
-
    public bool $requireAcceptance;

    public bool $sendCheckInEmail;

    public bool $useDefaultEula;

-    public function mount()
-    {
-        $this->originalSendCheckInEmailValue = $this->sendCheckInEmail;
-
-        if ($this->eulaText || $this->useDefaultEula) {
-            $this->sendCheckInEmail = 1;
-        }
-    }
-
    public function render()
    {
        return view('livewire.category-edit-form');
    }

-    public function updated($property, $value)
-    {
-        if (! in_array($property, ['eulaText', 'useDefaultEula'])) {
-            return;
-        }
-
-        $this->sendCheckInEmail = $this->eulaText || $this->useDefaultEula ? 1 : $this->originalSendCheckInEmailValue;
-    }
-
-    public function getShouldDisplayEmailMessageProperty(): bool
+    #[Computed]
+    public function emailWillBeSendDueToEula(): bool
    {
        return $this->eulaText || $this->useDefaultEula;
    }

-    public function getEmailMessageProperty(): string
+    #[Computed]
+    public function emailMessage(): string
    {
        if ($this->useDefaultEula) {
            return trans('admin/categories/general.email_will_be_sent_due_to_global_eula');
@@ -57,13 +40,9 @@ class CategoryEditForm extends Component
        return trans('admin/categories/general.email_will_be_sent_due_to_category_eula');
    }

-    public function getEulaTextDisabledProperty()
+    #[Computed]
+    public function eulaTextDisabled()
    {
        return (bool)$this->useDefaultEula;
    }
-
-    public function getSendCheckInEmailDisabledProperty()
-    {
-        return $this->eulaText || $this->useDefaultEula;
-    }
 }
@@ -347,6 +347,7 @@ class Importer extends Component

        $this->locations_fields = [
            'id' => trans('general.id'),
+            'company' => trans('general.company'),
            'name' => trans('general.name'),
            'address' => trans('general.address'),
            'address2' => trans('general.importer.address2'),
@@ -360,6 +361,7 @@ class Importer extends Component
            'parent_location' => trans('admin/locations/table.parent'),
            'state' => trans('general.state'),
            'zip' => trans('general.zip'),
+            'tag_color' => trans('general.tag_color'),
        ];

        $this->suppliers_fields = [
@@ -608,6 +610,14 @@ class Importer extends Component
                [
                    'Manager Username',
                ],
+            'tag_color' =>
+                [
+                    'color',
+                    'tag color',
+                    'label color',
+                    'color code',
+                    trans('general.tag_color'),
+                ],
        ];

        $this->columnOptions[''] = $this->getColumns(''); //blank mode? I don't know what this is supposed to mean
@@ -663,6 +673,13 @@ class Importer extends Component
            return;
        }

+        if ((auth()->user()->id != $import->created_by) && (!auth()->user()->isSuperUser())) {
+            $this->message = trans('general.generic_model_not_found', ['model' => trans('general.import')]);
+            $this->message_type = 'danger';
+
+            return;
+        }
+
        if (Storage::delete('private_uploads/imports/' . $import->file_path)) {
            $import->delete();
            $this->message = trans('admin/hardware/message.import.file_delete_success');
@@ -673,7 +690,7 @@ class Importer extends Component
            return;
        }

-        $this->message = trans('admin/hardware/message.import.file_delete_error');
+        $this->message = trans('general.generic_model_not_found', ['model' => trans('general.import')]);
        $this->message_type = 'danger';
    }

@@ -159,7 +159,7 @@ class SlackSettingsForm extends Component
            ]);

        try {
-            $test = $webhook->post($this->webhook_endpoint, ['body' => $payload, ['headers' => ['Content-Type' => 'application/json']]]);
+            $test = $webhook->post($this->webhook_endpoint, ['body' => $payload, 'headers' => ['Content-Type' => 'application/json']]);

            if(($test->getStatusCode() == 302)||($test->getStatusCode() == 301)){
                return session()->flash('error' , trans('admin/settings/message.webhook.error_redirect', ['endpoint' => $this->webhook_endpoint]));
@@ -0,0 +1,18 @@
+<?php
+namespace App\Mail;
+
+use Illuminate\Mail\Mailable;
+use Illuminate\Mail\Mailables\Headers;
+
+class BaseMailable extends Mailable
+{
+    public function headers(): Headers
+    {
+        return new Headers(
+            text: [
+                'X-Auto-Response-Suppress' => 'OOF, DR, RN, NRN, AutoReply',
+                'X-System-Sender' => 'Snipe-IT',
+            ]
+        );
+    }
+}
@@ -6,14 +6,12 @@ use App\Models\Accessory;
 use App\Models\Setting;
 use App\Models\User;
 use Illuminate\Bus\Queueable;
-use Illuminate\Contracts\Queue\ShouldQueue;
-use Illuminate\Mail\Mailable;
 use Illuminate\Mail\Mailables\Address;
 use Illuminate\Mail\Mailables\Content;
 use Illuminate\Mail\Mailables\Envelope;
 use Illuminate\Queue\SerializesModels;

-class CheckinAccessoryMail extends Mailable
+class CheckinAccessoryMail extends BaseMailable
 {
    use Queueable, SerializesModels;

@@ -7,15 +7,13 @@ use App\Models\Asset;
 use App\Models\Setting;
 use App\Models\User;
 use Illuminate\Bus\Queueable;
-use Illuminate\Contracts\Queue\ShouldQueue;
-use Illuminate\Mail\Mailable;
 use Illuminate\Mail\Mailables\Address;
 use Illuminate\Mail\Mailables\Content;
 use Illuminate\Mail\Mailables\Envelope;
 use Illuminate\Notifications\Messages\MailMessage;
 use Illuminate\Queue\SerializesModels;

-class CheckinAssetMail extends Mailable
+class CheckinAssetMail extends BaseMailable
 {
    use Queueable, SerializesModels;

@@ -7,14 +7,12 @@ use App\Models\Component;
 use App\Models\Setting;
 use App\Models\User;
 use Illuminate\Bus\Queueable;
-use Illuminate\Contracts\Queue\ShouldQueue;
-use Illuminate\Mail\Mailable;
 use Illuminate\Mail\Mailables\Address;
 use Illuminate\Mail\Mailables\Content;
 use Illuminate\Mail\Mailables\Envelope;
 use Illuminate\Queue\SerializesModels;

-class CheckinComponentMail extends Mailable
+class CheckinComponentMail extends BaseMailable
 {
    use Queueable, SerializesModels;

@@ -6,14 +6,12 @@ use App\Models\LicenseSeat;
 use App\Models\Setting;
 use App\Models\User;
 use Illuminate\Bus\Queueable;
-use Illuminate\Contracts\Queue\ShouldQueue;
-use Illuminate\Mail\Mailable;
 use Illuminate\Mail\Mailables\Address;
 use Illuminate\Mail\Mailables\Content;
 use Illuminate\Mail\Mailables\Envelope;
 use Illuminate\Queue\SerializesModels;

-class CheckinLicenseMail extends Mailable
+class CheckinLicenseMail extends BaseMailable
 {
    use Queueable, SerializesModels;

@@ -5,13 +5,11 @@ namespace App\Mail;
 use App\Models\CheckoutAcceptance;
 use App\Models\User;
 use Illuminate\Bus\Queueable;
-use Illuminate\Contracts\Queue\ShouldQueue;
-use Illuminate\Mail\Mailable;
 use Illuminate\Mail\Mailables\Content;
 use Illuminate\Mail\Mailables\Envelope;
 use Illuminate\Queue\SerializesModels;

-class CheckoutAcceptanceResponseMail extends Mailable
+class CheckoutAcceptanceResponseMail extends BaseMailable
 {
    use Queueable, SerializesModels;

@@ -8,15 +8,13 @@ use App\Models\Location;
 use App\Models\Setting;
 use App\Models\User;
 use Illuminate\Bus\Queueable;
-use Illuminate\Contracts\Queue\ShouldQueue;
-use Illuminate\Mail\Mailable;
 use Illuminate\Mail\Mailables\Address;
 use Illuminate\Mail\Mailables\Content;
 use Illuminate\Mail\Mailables\Envelope;
 use Illuminate\Queue\SerializesModels;
 use Illuminate\Support\Facades\Log;

-class CheckoutAccessoryMail extends Mailable
+class CheckoutAccessoryMail extends BaseMailable
 {
    use Queueable, SerializesModels;

@@ -8,8 +8,6 @@ use App\Models\Location;
 use App\Models\Setting;
 use App\Models\User;
 use Illuminate\Bus\Queueable;
-use Illuminate\Contracts\Queue\ShouldQueue;
-use Illuminate\Mail\Mailable;
 use Illuminate\Mail\Mailables\Address;
 use Illuminate\Mail\Mailables\Attachment;
 use Illuminate\Mail\Mailables\Content;
@@ -17,7 +15,7 @@ use Illuminate\Mail\Mailables\Envelope;
 use Illuminate\Notifications\Messages\MailMessage;
 use Illuminate\Queue\SerializesModels;

-class CheckoutAssetMail extends Mailable
+class CheckoutAssetMail extends BaseMailable
 {
    use Queueable, SerializesModels;

@@ -6,13 +6,12 @@ use App\Models\Component;
 use App\Models\Setting;
 use App\Models\User;
 use Illuminate\Bus\Queueable;
-use Illuminate\Mail\Mailable;
 use Illuminate\Mail\Mailables\Address;
 use Illuminate\Mail\Mailables\Content;
 use Illuminate\Mail\Mailables\Envelope;
 use Illuminate\Queue\SerializesModels;

-class CheckoutComponentMail extends Mailable
+class CheckoutComponentMail extends BaseMailable
 {
    use Queueable, SerializesModels;

@@ -6,15 +6,12 @@ use App\Models\Consumable;
 use App\Models\Setting;
 use App\Models\User;
 use Illuminate\Bus\Queueable;
-use Illuminate\Contracts\Queue\ShouldQueue;
-use Illuminate\Mail\Mailable;
 use Illuminate\Mail\Mailables\Address;
 use Illuminate\Mail\Mailables\Content;
 use Illuminate\Mail\Mailables\Envelope;
 use Illuminate\Queue\SerializesModels;
-use Illuminate\Support\Facades\Log;

-class CheckoutConsumableMail extends Mailable
+class CheckoutConsumableMail extends BaseMailable
 {
    use Queueable, SerializesModels;

@@ -7,14 +7,12 @@ use App\Models\LicenseSeat;
 use App\Models\Setting;
 use App\Models\User;
 use Illuminate\Bus\Queueable;
-use Illuminate\Contracts\Queue\ShouldQueue;
-use Illuminate\Mail\Mailable;
 use Illuminate\Mail\Mailables\Address;
 use Illuminate\Mail\Mailables\Content;
 use Illuminate\Mail\Mailables\Envelope;
 use Illuminate\Queue\SerializesModels;

-class CheckoutLicenseMail extends Mailable
+class CheckoutLicenseMail extends BaseMailable
 {
    use Queueable, SerializesModels;

@@ -3,14 +3,12 @@
 namespace App\Mail;

 use Illuminate\Bus\Queueable;
-use Illuminate\Contracts\Queue\ShouldQueue;
-use Illuminate\Mail\Mailable;
 use Illuminate\Mail\Mailables\Address;
 use Illuminate\Mail\Mailables\Content;
 use Illuminate\Mail\Mailables\Envelope;
 use Illuminate\Queue\SerializesModels;

-class ExpiringAssetsMail extends Mailable
+class ExpiringAssetsMail extends BaseMailable
 {
    use Queueable, SerializesModels;

@@ -3,14 +3,12 @@
 namespace App\Mail;

 use Illuminate\Bus\Queueable;
-use Illuminate\Contracts\Queue\ShouldQueue;
-use Illuminate\Mail\Mailable;
 use Illuminate\Mail\Mailables\Address;
 use Illuminate\Mail\Mailables\Content;
 use Illuminate\Mail\Mailables\Envelope;
 use Illuminate\Queue\SerializesModels;

-class ExpiringLicenseMail extends Mailable
+class ExpiringLicenseMail extends BaseMailable
 {
    use Queueable, SerializesModels;

@@ -3,14 +3,12 @@
 namespace App\Mail;

 use Illuminate\Bus\Queueable;
-use Illuminate\Contracts\Queue\ShouldQueue;
-use Illuminate\Mail\Mailable;
 use Illuminate\Mail\Mailables\Address;
 use Illuminate\Mail\Mailables\Content;
 use Illuminate\Mail\Mailables\Envelope;
 use Illuminate\Queue\SerializesModels;

-class SendUpcomingAuditMail extends Mailable
+class SendUpcomingAuditMail extends BaseMailable
 {
    use Queueable, SerializesModels;

@@ -3,14 +3,12 @@
 namespace App\Mail;

 use Illuminate\Bus\Queueable;
-use Illuminate\Contracts\Queue\ShouldQueue;
-use Illuminate\Mail\Mailable;
 use Illuminate\Mail\Mailables\Address;
 use Illuminate\Mail\Mailables\Content;
 use Illuminate\Mail\Mailables\Envelope;
 use Illuminate\Queue\SerializesModels;

-class UnacceptedAssetReminderMail extends Mailable
+class UnacceptedAssetReminderMail extends BaseMailable
 {
    use Queueable, SerializesModels;

@@ -246,6 +246,19 @@ class Accessory extends SnipeModel
            ->with('assignedTo');
    }

+    /**
+     * Establishes the accessory -> users relationship
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since  [v3.0]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
+    public function users()
+    {
+        return $this->belongsToMany(\App\Models\AccessoryCheckout::class, 'accessories_checkout')
+            ->with('assignedTo');
+    }
+
    /**
     * Establishes the accessory -> admin user relationship
     *
@@ -9,6 +9,7 @@ use Carbon\Carbon;
 use Illuminate\Database\Eloquent\Factories\HasFactory;
 use Illuminate\Database\Eloquent\SoftDeletes;
 use Illuminate\Support\Str;
+use App\Enums\ActionType;

 /**
 * Model for the Actionlog (the table that keeps a historical log of
@@ -335,9 +336,12 @@ class Actionlog extends SnipeModel
     * @since  [v3.0]
     * @return bool
     */
-    public function logaction($actiontype)
+    public function logaction(string|ActionType $actiontype)
    {
-        $this->action_type = $actiontype;
+        if (is_string($actiontype)) {
+            $actiontype = ActionType::from($actiontype);
+        }
+        $this->action_type = $actiontype->value;
        $this->remote_ip =  request()->ip();
        $this->user_agent = request()->header('User-Agent');
        $this->action_source = $this->determineActionSource();
@@ -360,7 +364,7 @@ class Actionlog extends SnipeModel
    {
        $now = Carbon::now();
        $last_audit_date = $this->created_at; // this is the action log's created at, not the asset itself
-        $next_audit = $last_audit_date->addMonth($monthInterval); // this actually *modifies* the $last_audit_date
+        $next_audit = $last_audit_date->addMonth((int) $monthInterval); // this actually *modifies* the $last_audit_date
        $next_audit_days = (int) round($now->diffInDays($next_audit, true));
        $override_default_next = $next_audit;

@@ -518,6 +522,8 @@ class Actionlog extends SnipeModel
            return 'private_uploads/locations/'.$this->filename;
        case Maintenance::class:
             return 'private_uploads/maintenances/'.$this->filename;
+        case Supplier::class:
+            return 'private_uploads/suppliers/'.$this->filename;
        case User::class:
            return 'private_uploads/users/'.$this->filename;
        default:
--- a/Show More
+++ b/Show More