Merge remote-tracking branch 'origin/develop'

# Conflicts: # config/version.php
Bumped version
2025-12-12 08:47:16 +00:00 · 2025-12-12 08:46:25 +00:00 · 2025-12-12 07:49:53 +00:00 · 2025-12-12 07:49:01 +00:00 · 2025-12-12 07:14:51 +00:00 · 2025-12-12 07:14:36 +00:00
2179 changed files with 59604 additions and 172914 deletions
@@ -3206,7 +3206,8 @@
      "avatar_url": "https://avatars.githubusercontent.com/u/3755203?v=4",
      "profile": "https://github.com/swift2512",
      "contributions": [
-        "bug"
+        "bug",
+        "code"
      ]
    },
    {
@@ -4234,6 +4235,33 @@
      "contributions": [
        "code"
      ]
+    },
+    {
+      "login": "smarsching",
+      "name": "Sebastian Marsching",
+      "avatar_url": "https://avatars.githubusercontent.com/u/2880129?v=4",
+      "profile": "http://sebastian.marsching.com/",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "mohammad-ahmadi1",
+      "name": "Mo",
+      "avatar_url": "https://avatars.githubusercontent.com/u/40658372?v=4",
+      "profile": "https://github.com/mohammad-ahmadi1",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "MarvelousAnything",
+      "name": "Owen V. Hayes",
+      "avatar_url": "https://avatars.githubusercontent.com/u/20994684?v=4",
+      "profile": "https://github.com/MarvelousAnything",
+      "contributions": [
+        "code"
+      ]
    }
  ]
 }
@@ -137,6 +137,8 @@ PUBLIC_AWS_ACCESS_KEY_ID=null
 PUBLIC_AWS_DEFAULT_REGION=null
 PUBLIC_AWS_BUCKET=null
 PUBLIC_AWS_URL=null
+PUBLIC_AWS_ENDPOINT=null
+PUBLIC_AWS_PATH_STYLE=null
 PUBLIC_AWS_BUCKET_ROOT=null

 # --------------------------------------------
@@ -147,6 +149,8 @@ PRIVATE_AWS_SECRET_ACCESS_KEY=null
 PRIVATE_AWS_DEFAULT_REGION=null
 PRIVATE_AWS_BUCKET=null
 PRIVATE_AWS_URL=null
+PRIVATE_AWS_ENDPOINT=null
+PRIVATE_AWS_PATH_STYLE=null
 PRIVATE_AWS_BUCKET_ROOT=null

 # --------------------------------------------
@@ -144,6 +144,8 @@ PUBLIC_AWS_ACCESS_KEY_ID=null
 PUBLIC_AWS_DEFAULT_REGION=null
 PUBLIC_AWS_BUCKET=null
 PUBLIC_AWS_URL=null
+PUBLIC_AWS_ENDPOINT=null
+PUBLIC_AWS_PATH_STYLE=null
 PUBLIC_AWS_BUCKET_ROOT=null

 # --------------------------------------------
@@ -154,6 +156,8 @@ PRIVATE_AWS_SECRET_ACCESS_KEY=null
 PRIVATE_AWS_DEFAULT_REGION=null
 PRIVATE_AWS_BUCKET=null
 PRIVATE_AWS_URL=null
+PRIVATE_AWS_ENDPOINT=null
+PRIVATE_AWS_PATH_STYLE=null
 PRIVATE_AWS_BUCKET_ROOT=null

 # --------------------------------------------
@@ -143,6 +143,8 @@ PUBLIC_AWS_ACCESS_KEY_ID=null
 PUBLIC_AWS_DEFAULT_REGION=null
 PUBLIC_AWS_BUCKET=null
 PUBLIC_AWS_URL=null
+PUBLIC_AWS_ENDPOINT=null
+PUBLIC_AWS_PATH_STYLE=null
 PUBLIC_AWS_BUCKET_ROOT=null

 # --------------------------------------------
@@ -153,6 +155,8 @@ PRIVATE_AWS_SECRET_ACCESS_KEY=null
 PRIVATE_AWS_DEFAULT_REGION=null
 PRIVATE_AWS_BUCKET=null
 PRIVATE_AWS_URL=null
+PRIVATE_AWS_ENDPOINT=null
+PRIVATE_AWS_PATH_STYLE=null
 PRIVATE_AWS_BUCKET_ROOT=null

 # --------------------------------------------
@@ -190,13 +194,14 @@ APP_ALLOW_INSECURE_HOSTS=false
 GOOGLE_MAPS_API=
 LDAP_MEM_LIM=500M
 LDAP_TIME_LIM=600
+BACKUP_TIME_LIMIT=600
 IMPORT_TIME_LIMIT=600
 IMPORT_MEMORY_LIMIT=500M
 REPORT_TIME_LIMIT=12000
 API_THROTTLE_PER_MINUTE=120
 CSV_ESCAPE_FORMULAS=true
 LIVEWIRE_URL_PREFIX=null
-
+MAX_UNPAGINATED=5000

 # --------------------------------------------
 # OPTIONAL: SAML SETTINGS
@@ -0,0 +1,163 @@
+name: Bug Report
+description: File a bug report.
+title: "[Bug]: "
+projects: ["grokability/snipe-it"]
+type: bug
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for taking the time to fill out this bug report! Most issues are documented in the [Snipe-IT repository's issues](https://github.com/grokability/snipe-it/issues) or in the official [Common Issues section of the Documentation](https://snipe-it.readme.io/docs/common-issues#/) and are due to the following:
+        
+        - `.env` misconfiguration
+        - [Server Permissions](https://snipe-it.readme.io/docs/debugging-permissions#/)
+        - [Database Migrations](https://snipe-it.readme.io/docs/database-issues#run-migrations)
+        
+        Please make sure you've checked these resources before submitting a new issue. If you find an existing issue, please add your context to it instead of opening a new issue. If your issue is more of a question, consider [opening a new discussion](https://github.com/grokability/snipe-it/discussions) or [pop by our Discord](https://discord.gg/yZFtShAcKk) instead of creating an issue.
+        
+        **Please write your bug report in English.** You can use tools like [DeepL](https://www.deepl.com) or [Google Translate](https://translate.google.com/) to translate if necessary. 
+        
+        **If you choose to upload screenshots or videos (which we always encourage), please make sure they do not contain any sensitive information.**
+  - type: input
+    id: version
+    attributes:
+      label: Snipe-IT Version
+      description: What version of Snipe-IT are you seeing this issue on? You can find the version number in the footer of any page in Snipe-IT.
+      placeholder: ex. v8.3.2 - build 19577 (master)
+    validations:
+      required: true
+  - type: input
+    id: php-version
+    attributes:
+      label: PHP Version
+      description: What version of PHP are you running? You can find the version of PHP your webserver is running in the `Admin Settings` section in the footer, and the cli version by running `php -v` via command line .
+      placeholder: ex. v8.3.1 (web), PHP 8.4.12 (cli)
+    validations:
+      required: true
+  - type: input
+    id: composer-version
+    attributes:
+      label: Composer Version
+      description: What version of composer are you running? You can find the version number by running `composer --version`.
+      placeholder: ex. 2.8.10
+    validations:
+      required: true
+  - type: input
+    id: db-version
+    attributes:
+      label: MySQL/MariaDB version
+      description: What database are you using, and what version?
+      placeholder: ex. MySQL 5.7
+    validations:
+      required: true
+  - type: dropdown
+    id: install-method
+    attributes:
+      label: How did you install Snipe-IT?
+      options:
+        - Git install
+        - Manual install (downloading zip/tar.gz)
+        - Docker
+        - install.sh
+        - Hosted by Grokability
+        - Other
+        - Not sure
+    validations:
+      required: true
+  - type: dropdown
+    id: upgrade-or-fresh
+    attributes:
+      label: Is this a fresh install or an upgrade?
+      options:
+        - Fresh install
+        - Upgrade
+        - NA
+    validations:
+      required: true
+  - type: textarea
+    id: what-happened
+    attributes:
+      label: What happened?
+      description: Also tell us, what did you expect to happen?
+      placeholder: Tell us what you see! (Be nice!)
+    validations:
+      required: true
+  - type: dropdown
+    id: browsers
+    attributes:
+      label: What browsers are you seeing the problem on?
+      multiple: true
+      options:
+        - Firefox
+        - Chrome
+        - Safari
+        - Microsoft Edge
+        - Other
+  - type: dropdown
+    id: on-demo
+    attributes:
+      label: Can you reproduce this on the public demo?
+      description: You can check this at https://demo.snipeitapp.com.
+      options:
+        - 'Yes'
+        - 'No'
+        - N/A
+    validations:
+      required: true
+  - type: dropdown
+    id: fmcs
+    attributes:
+      label: Do you have full multiple company support enabled?
+      description: You can check this in your Snipe-IT installation at `Admin Settings > General Settings > Scoping`.
+      options:
+        - 'Yes'
+        - 'No'
+    validations:
+      required: true
+  - type: dropdown
+    id: fmcs-location
+    attributes:
+      label: If you have full multiple company support enabled, do you have location scoping to company enabled?
+      description: You can check this in your Snipe-IT installation at `Admin Settings > General Settings > Scoping`.
+      options:
+        - 'Yes'
+        - 'No'
+        - I do not have full multiple company support enabled
+    validations:
+      required: true
+  - type: textarea
+    id: server-logs
+    attributes:
+      label: Application log output
+      description: Please copy and paste any relevant log output from `storage/logs/laravel.log`. This will be automatically formatted into code, so no need for backticks.
+      render: shell
+  - type: textarea
+    id: browser-logs
+    attributes:
+      label: Browser console output
+      description: Please copy and paste any relevant log output from your browser console. This will be automatically formatted into code, so no need for backticks.
+      render: shell
+  - type: checkboxes
+    id: common-issues
+    attributes:
+      label: Common Issues
+      description: Please make sure you have done the following before submitting your issue.
+      options:
+        - label: I have searched this repo for existing issues related to my issue (including closed issues)
+          required: true
+        - label: My APP_URL is set correctly in my .env file (including http or https and no trailing slash)
+          required: true
+        - label: I have searched the official Snipe-IT documentation and have checked the Common Issues documentation (where applicable)
+          required: true
+        - label: I have run database migrations (where applicable).
+          required: true
+        - label: I have attached screenshots and/or videos of the issue (where applicable)
+          required: true
+  - type: checkboxes
+    id: terms
+    attributes:
+      label: Code of Conduct
+      description: By submitting this issue, you agree to follow our [Code of Conduct](https://github.com/grokability/snipe-it/blob/master/CODE_OF_CONDUCT.md).
+      options:
+        - label: I agree to follow this project's Code of Conduct
+          required: true
@@ -0,0 +1,38 @@
+name: Feature Request
+description: Request a new feature.
+title: "[Feature]: "
+projects: ["grokability/snipe-it"]
+type: feature
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for taking the time to fill out this feature request! Please make sure to search the existing issues in this repository to see if your feature has already been requested, and feel free to add your context to any existing requests.
+        
+        **Please write your issue in English.** You can use tools like [DeepL](https://www.deepl.com) or [Google Translate](https://translate.google.com/) to translate if necessary. 
+        
+         **If you choose to upload screenshots or videos (which we always encourage), please make sure they do not contain any sensitive information.**
+  - type: input
+    id: version
+    attributes:
+      label: Snipe-IT Version
+      description: What version of Snipe-IT are you currently running? You can find the version number in the footer of any page in Snipe-IT.
+      placeholder: ex. v8.3.1 - build 19577 (master)
+    validations:
+      required: true
+  - type: textarea
+    id: feature-description
+    attributes:
+      label: How can we help?
+      description: Let us know in detail what feature you'd like to see added. While we can't promise to implement every feature request, we do read every one and take them into consideration when planning future releases.
+      placeholder: Tell us what you'd like to see in Snipe-IT! (Be nice!)
+    validations:
+      required: true
+  - type: checkboxes
+    id: terms
+    attributes:
+      label: Code of Conduct
+      description: By submitting this issue, you agree to follow our [Code of Conduct](https://github.com/grokability/snipe-it/blob/master/CODE_OF_CONDUCT.md).
+      options:
+        - label: I agree to follow this project's Code of Conduct
+          required: true
@@ -26,14 +26,14 @@ jobs:
        language: [ 'javascript' ]
    steps:
    - name: Checkout repository
-      uses: actions/checkout@v5
+      uses: actions/checkout@v6

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
+      uses: github/codeql-action/init@v4
      with:
        languages: ${{ matrix.language }}
    - name: Autobuild
-      uses: github/codeql-action/autobuild@v3
+      uses: github/codeql-action/autobuild@v4
    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
+      uses: github/codeql-action/analyze@v4
@@ -32,7 +32,7 @@ jobs:
    steps:
      # Checkout the repository to the GitHub Actions runner
      - name: Checkout code
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6

      # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
      - name: Run Codacy Analysis CLI
@@ -52,6 +52,6 @@ jobs:

      # Upload the SARIF file generated in the previous step
      - name: Upload SARIF results file
-        uses: github/codeql-action/upload-sarif@v3
+        uses: github/codeql-action/upload-sarif@v4
        with:
          sarif_file: results.sarif
@@ -9,7 +9,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6

      - name: Crowdin push
        uses: crowdin/github-action@v2
@@ -42,7 +42,7 @@ jobs:
    steps:
      # https://github.com/actions/checkout
      - name: Checkout codebase
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6

      # https://github.com/docker/setup-buildx-action
      - name: Setup Docker Buildx
@@ -42,7 +42,7 @@ jobs:
    steps:
      # https://github.com/actions/checkout
      - name: Checkout codebase
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6

      # https://github.com/docker/setup-buildx-action
      - name: Setup Docker Buildx
@@ -11,7 +11,7 @@ jobs:
  dockerHubDescription:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6

      - name: Docker Hub Description
        uses: grokability/dockerhub-description@7ea9d275c7cdbe2b676a093a0308c50665e3b8b4
@@ -11,7 +11,7 @@ jobs:
      issues: write
      #  pull-requests: write
    steps:
-      - uses: actions/stale@v9
+      - uses: actions/stale@v10
        with:
          debug-only: true
          ascending: true
@@ -37,7 +37,7 @@ jobs:
          php-version: "${{ matrix.php-version }}"
          coverage: none

-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6

      - name: Get Composer Cache Directory
        id: composer-cache
@@ -82,7 +82,7 @@ jobs:

      - name: Upload Laravel logs as artifacts
        if: always()
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
        with:
          name: laravel-logs-php-${{ matrix.php-version }}-run-${{ github.run_attempt }}
          path: |
@@ -34,7 +34,7 @@ jobs:
          php-version: "${{ matrix.php-version }}"
          coverage: none

-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6

      - name: Get Composer Cache Directory
        id: composer-cache
@@ -81,7 +81,7 @@ jobs:

      - name: Upload Laravel logs as artifacts
        if: always()
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
        with:
          name: laravel-logs-php-${{ matrix.php-version }}-run-${{ github.run_attempt }}
          path: |
@@ -25,7 +25,7 @@ jobs:
          php-version: "${{ matrix.php-version }}"
          coverage: none

-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6

      - name: Get Composer Cache Directory
        id: composer-cache
@@ -67,7 +67,7 @@ jobs:

      - name: Upload Laravel logs as artifacts
        if: always()
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
        with:
          name: laravel-logs-php-${{ matrix.php-version }}-run-${{ github.run_attempt }}
          path: |
@@ -52,7 +52,7 @@ Thanks goes to all of these wonderful people ([emoji key](https://github.com/ken
 | [<img src="https://avatars.githubusercontent.com/u/2565989?v=4" width="110px;"/><br /><sub>coach1988</sub>](https://github.com/coach1988)<br />[💻](https://github.com/snipe/snipe-it/commits?author=coach1988 "Code") | [<img src="https://avatars.githubusercontent.com/u/11910225?v=4" width="110px;"/><br /><sub>MrM</sub>](https://github.com/mauro-miatello)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mauro-miatello "Code") | [<img src="https://avatars.githubusercontent.com/u/60405354?v=4" width="110px;"/><br /><sub>koiakoia</sub>](https://github.com/koiakoia)<br />[💻](https://github.com/snipe/snipe-it/commits?author=koiakoia "Code") | [<img src="https://avatars.githubusercontent.com/u/5323832?v=4" width="110px;"/><br /><sub>Mustafa Online</sub>](https://github.com/mustafa-online)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mustafa-online "Code") | [<img src="https://avatars.githubusercontent.com/u/104601439?v=4" width="110px;"/><br /><sub>franceslui</sub>](https://github.com/franceslui)<br />[💻](https://github.com/snipe/snipe-it/commits?author=franceslui "Code") | [<img src="https://avatars.githubusercontent.com/u/125313163?v=4" width="110px;"/><br /><sub>Q4kK</sub>](https://github.com/Q4kK)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Q4kK "Code") | [<img src="https://avatars.githubusercontent.com/u/55590532?v=4" width="110px;"/><br /><sub>squintfox</sub>](https://github.com/squintfox)<br />[💻](https://github.com/snipe/snipe-it/commits?author=squintfox "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/1380084?v=4" width="110px;"/><br /><sub>Jeff Clay</sub>](https://github.com/jeffclay)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jeffclay "Code") | [<img src="https://avatars.githubusercontent.com/u/52716446?v=4" width="110px;"/><br /><sub>Phil J R</sub>](https://github.com/PP-JN-RL)<br />[💻](https://github.com/snipe/snipe-it/commits?author=PP-JN-RL "Code") | [<img src="https://avatars.githubusercontent.com/u/1496725?v=4" width="110px;"/><br /><sub>i_virus</sub>](https://www.corelight.com/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=chandanchowdhury "Code") | [<img src="https://avatars.githubusercontent.com/u/1020541?v=4" width="110px;"/><br /><sub>Paul Grime</sub>](https://github.com/gitgrimbo)<br />[💻](https://github.com/snipe/snipe-it/commits?author=gitgrimbo "Code") | [<img src="https://avatars.githubusercontent.com/u/922815?v=4" width="110px;"/><br /><sub>Lee Porte</sub>](https://leeporte.co.uk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=LeePorte "Code") | [<img src="https://avatars.githubusercontent.com/u/23613427?v=4" width="110px;"/><br /><sub>BRYAN </sub>](https://github.com/bryanlopezinc)<br />[💻](https://github.com/snipe/snipe-it/commits?author=bryanlopezinc "Code") [⚠️](https://github.com/snipe/snipe-it/commits?author=bryanlopezinc "Tests") | [<img src="https://avatars.githubusercontent.com/u/64061710?v=4" width="110px;"/><br /><sub>U-H-T</sub>](https://github.com/U-H-T)<br />[💻](https://github.com/snipe/snipe-it/commits?author=U-H-T "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/5395363?v=4" width="110px;"/><br /><sub>Matt Tyree</sub>](https://github.com/Tyree)<br />[📖](https://github.com/snipe/snipe-it/commits?author=Tyree "Documentation") | [<img src="https://avatars.githubusercontent.com/u/292081?v=4" width="110px;"/><br /><sub>Florent Bervas</sub>](http://spoontux.net)<br />[💻](https://github.com/snipe/snipe-it/commits?author=FlorentDotMe "Code") | [<img src="https://avatars.githubusercontent.com/u/4498077?v=4" width="110px;"/><br /><sub>Daniel Albertsen</sub>](https://ditscheri.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=dbakan "Code") | [<img src="https://avatars.githubusercontent.com/u/100710244?v=4" width="110px;"/><br /><sub>r-xyz</sub>](https://github.com/r-xyz)<br />[💻](https://github.com/snipe/snipe-it/commits?author=r-xyz "Code") | [<img src="https://avatars.githubusercontent.com/u/47491036?v=4" width="110px;"/><br /><sub>Steven Mainor</sub>](https://github.com/DrekiDegga)<br />[💻](https://github.com/snipe/snipe-it/commits?author=DrekiDegga "Code") | [<img src="https://avatars.githubusercontent.com/u/65785975?v=4" width="110px;"/><br /><sub>arne-kroeger</sub>](https://github.com/arne-kroeger)<br />[💻](https://github.com/snipe/snipe-it/commits?author=arne-kroeger "Code") | [<img src="https://avatars.githubusercontent.com/u/167117705?v=4" width="110px;"/><br /><sub>Glukose1</sub>](https://github.com/Glukose1)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Glukose1 "Code") |
-| [<img src="https://avatars.githubusercontent.com/u/1197791?v=4" width="110px;"/><br /><sub>Scarzy</sub>](https://github.com/Scarzy)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Scarzy "Code") | [<img src="https://avatars.githubusercontent.com/u/37372069?v=4" width="110px;"/><br /><sub>setpill</sub>](https://github.com/setpill)<br />[💻](https://github.com/snipe/snipe-it/commits?author=setpill "Code") | [<img src="https://avatars.githubusercontent.com/u/3755203?v=4" width="110px;"/><br /><sub>swift2512</sub>](https://github.com/swift2512)<br />[🐛](https://github.com/snipe/snipe-it/issues?q=author%3Aswift2512 "Bug reports") | [<img src="https://avatars.githubusercontent.com/u/6136439?v=4" width="110px;"/><br /><sub>Darren Rainey</sub>](https://darrenraineys.co.uk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=DarrenRainey "Code") | [<img src="https://avatars.githubusercontent.com/u/133033121?v=4" width="110px;"/><br /><sub>maciej-poleszczyk</sub>](https://github.com/maciej-poleszczyk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=maciej-poleszczyk "Code") | [<img src="https://avatars.githubusercontent.com/u/143394709?v=4" width="110px;"/><br /><sub>Sebastian Groß</sub>](https://github.com/sgross-emlix)<br />[💻](https://github.com/snipe/snipe-it/commits?author=sgross-emlix "Code") | [<img src="https://avatars.githubusercontent.com/u/41107778?v=4" width="110px;"/><br /><sub>Anouar Touati</sub>](https://github.com/AnouarTouati)<br />[💻](https://github.com/snipe/snipe-it/commits?author=AnouarTouati "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/1197791?v=4" width="110px;"/><br /><sub>Scarzy</sub>](https://github.com/Scarzy)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Scarzy "Code") | [<img src="https://avatars.githubusercontent.com/u/37372069?v=4" width="110px;"/><br /><sub>setpill</sub>](https://github.com/setpill)<br />[💻](https://github.com/snipe/snipe-it/commits?author=setpill "Code") | [<img src="https://avatars.githubusercontent.com/u/3755203?v=4" width="110px;"/><br /><sub>swift2512</sub>](https://github.com/swift2512)<br />[🐛](https://github.com/snipe/snipe-it/issues?q=author%3Aswift2512 "Bug reports") [💻](https://github.com/snipe/snipe-it/commits?author=swift2512 "Code") | [<img src="https://avatars.githubusercontent.com/u/6136439?v=4" width="110px;"/><br /><sub>Darren Rainey</sub>](https://darrenraineys.co.uk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=DarrenRainey "Code") | [<img src="https://avatars.githubusercontent.com/u/133033121?v=4" width="110px;"/><br /><sub>maciej-poleszczyk</sub>](https://github.com/maciej-poleszczyk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=maciej-poleszczyk "Code") | [<img src="https://avatars.githubusercontent.com/u/143394709?v=4" width="110px;"/><br /><sub>Sebastian Groß</sub>](https://github.com/sgross-emlix)<br />[💻](https://github.com/snipe/snipe-it/commits?author=sgross-emlix "Code") | [<img src="https://avatars.githubusercontent.com/u/41107778?v=4" width="110px;"/><br /><sub>Anouar Touati</sub>](https://github.com/AnouarTouati)<br />[💻](https://github.com/snipe/snipe-it/commits?author=AnouarTouati "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/25596663?v=4" width="110px;"/><br /><sub>aHVzY2g</sub>](https://github.com/aHVzY2g)<br />[💻](https://github.com/snipe/snipe-it/commits?author=aHVzY2g "Code") | [<img src="https://avatars.githubusercontent.com/u/13408130?v=4" width="110px;"/><br /><sub>林博仁 Buo-ren Lin</sub>](https://brlin.me)<br />[💻](https://github.com/snipe/snipe-it/commits?author=brlin-tw "Code") | [<img src="https://avatars.githubusercontent.com/u/18550946?v=4" width="110px;"/><br /><sub>Adugna Gizaw</sub>](https://orbalia.pythonanywhere.com/)<br />[🌍](#translation-addex12 "Translation") | [<img src="https://avatars.githubusercontent.com/u/760989?v=4" width="110px;"/><br /><sub>Jesse Ostrander</sub>](https://github.com/jostrander)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jostrander "Code") | [<img src="https://avatars.githubusercontent.com/u/31522486?v=4" width="110px;"/><br /><sub>James M</sub>](https://github.com/azmcnutt)<br />[💻](https://github.com/snipe/snipe-it/commits?author=azmcnutt "Code") | [<img src="https://avatars.githubusercontent.com/u/5183146?v=4" width="110px;"/><br /><sub>Fiala06</sub>](https://github.com/Fiala06)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Fiala06 "Code") | [<img src="https://avatars.githubusercontent.com/u/28693782?v=4" width="110px;"/><br /><sub>Nathan Taylor</sub>](https://github.com/ntaylor-86)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ntaylor-86 "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/16699443?v=4" width="110px;"/><br /><sub>fvollmer</sub>](https://github.com/fvollmer)<br />[💻](https://github.com/snipe/snipe-it/commits?author=fvollmer "Code") | [<img src="https://avatars.githubusercontent.com/u/109086466?v=4" width="110px;"/><br /><sub>36864</sub>](https://github.com/36864)<br />[💻](https://github.com/snipe/snipe-it/commits?author=36864 "Code") | [<img src="https://avatars.githubusercontent.com/u/365751?v=4" width="110px;"/><br /><sub>Daniel O'Connor</sub>](http://clockwerx.blogspot.com/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=CloCkWeRX "Code") | [<img src="https://avatars.githubusercontent.com/u/102852568?v=4" width="110px;"/><br /><sub>BeatSpark</sub>](https://github.com/BeatSpark)<br />[💻](https://github.com/snipe/snipe-it/commits?author=BeatSpark "Code") | [<img src="https://avatars.githubusercontent.com/u/59203607?v=4" width="110px;"/><br /><sub>mrdahbi</sub>](https://github.com/mrdahbi)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mrdahbi "Code") | [<img src="https://avatars.githubusercontent.com/u/6661332?v=4" width="110px;"/><br /><sub>Fabian Schmid</sub>](http://sr.solutions)<br />[💻](https://github.com/snipe/snipe-it/commits?author=chfsx "Code") | [<img src="https://avatars.githubusercontent.com/u/1288116?v=4" width="110px;"/><br /><sub>Chris Olin</sub>](https://www.chrisolin.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=realchrisolin "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/3803132?v=4" width="110px;"/><br /><sub>Dan</sub>](https://github.com/mnemonicly)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mnemonicly "Code") | [<img src="https://avatars.githubusercontent.com/u/43917728?v=4" width="110px;"/><br /><sub>Nebel</sub>](https://github.com/NebelKreis)<br />[💻](https://github.com/snipe/snipe-it/commits?author=NebelKreis "Code") | [<img src="https://avatars.githubusercontent.com/u/132433803?v=4" width="110px;"/><br /><sub>test1337ahp</sub>](https://github.com/test1337ahp)<br />[💻](https://github.com/snipe/snipe-it/commits?author=test1337ahp "Code") | [<img src="https://avatars.githubusercontent.com/u/1916566?v=4" width="110px;"/><br /><sub>Jonathon Reinhart</sub>](https://github.com/JonathonReinhart)<br />[💻](https://github.com/snipe/snipe-it/commits?author=JonathonReinhart "Code") | [<img src="https://avatars.githubusercontent.com/u/484742?v=4" width="110px;"/><br /><sub>aranar-pro</sub>](https://github.com/aranar-pro)<br />[💻](https://github.com/snipe/snipe-it/commits?author=aranar-pro "Code") | [<img src="https://avatars.githubusercontent.com/u/27019397?v=4" width="110px;"/><br /><sub>Phil</sub>](https://github.com/phil-flip)<br />[💻](https://github.com/snipe/snipe-it/commits?author=phil-flip "Code") | [<img src="https://avatars.githubusercontent.com/u/6473460?v=4" width="110px;"/><br /><sub>Steffy Fort</sub>](https://fe80.fr/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=fe80 "Code") |
@@ -68,7 +68,8 @@ Thanks goes to all of these wonderful people ([emoji key](https://github.com/ken
 | [<img src="https://avatars.githubusercontent.com/u/181059?v=4" width="110px;"/><br /><sub>Juan Font</sub>](https://github.com/juanfont)<br />[💻](https://github.com/snipe/snipe-it/commits?author=juanfont "Code") | [<img src="https://avatars.githubusercontent.com/u/13137708?v=4" width="110px;"/><br /><sub>Juho Taipale</sub>](https://github.com/juhotaipale)<br />[💻](https://github.com/snipe/snipe-it/commits?author=juhotaipale "Code") | [<img src="https://avatars.githubusercontent.com/u/1007419?v=4" width="110px;"/><br /><sub>Korvin Szanto</sub>](https://github.com/KorvinSzanto)<br />[💻](https://github.com/snipe/snipe-it/commits?author=KorvinSzanto "Code") | [<img src="https://avatars.githubusercontent.com/u/8513053?v=4" width="110px;"/><br /><sub>Lewis Foster</sub>](https://lewisfoster.foo/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=sniff122 "Code") | [<img src="https://avatars.githubusercontent.com/u/33877541?v=4" width="110px;"/><br /><sub>Logan Swartzendruber</sub>](https://github.com/loganswartz)<br />[💻](https://github.com/snipe/snipe-it/commits?author=loganswartz "Code") | [<img src="https://avatars.githubusercontent.com/u/1156208?v=4" width="110px;"/><br /><sub>Lorenzo P.</sub>](https://github.com/lopezio)<br />[💻](https://github.com/snipe/snipe-it/commits?author=lopezio "Code") | [<img src="https://avatars.githubusercontent.com/u/33946590?v=4" width="110px;"/><br /><sub>Lukas Jung</sub>](https://github.com/m4us1ne)<br />[💻](https://github.com/snipe/snipe-it/commits?author=m4us1ne "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/10965027?v=4" width="110px;"/><br /><sub>Ellie</sub>](https://leafedfox.xyz/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=LeafedFox "Code") | [<img src="https://avatars.githubusercontent.com/u/20960555?v=4" width="110px;"/><br /><sub>GA Stamper</sub>](https://github.com/gastamper)<br />[💻](https://github.com/snipe/snipe-it/commits?author=gastamper "Code") | [<img src="https://avatars.githubusercontent.com/u/206553556?v=4" width="110px;"/><br /><sub>Guillaume Lefranc</sub>](https://github.com/gl-pup)<br />[💻](https://github.com/snipe/snipe-it/commits?author=gl-pup "Code") | [<img src="https://avatars.githubusercontent.com/u/733892?v=4" width="110px;"/><br /><sub>Hajo Möller</sub>](https://github.com/dasjoe)<br />[💻](https://github.com/snipe/snipe-it/commits?author=dasjoe "Code") | [<img src="https://avatars.githubusercontent.com/u/3420063?v=4" width="110px;"/><br /><sub>Istvan Basa</sub>](https://github.com/pottom)<br />[💻](https://github.com/snipe/snipe-it/commits?author=pottom "Code") | [<img src="https://avatars.githubusercontent.com/u/810824?v=4" width="110px;"/><br /><sub>JJ Asghar</sub>](https://jjasghar.github.io/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jjasghar "Code") | [<img src="https://avatars.githubusercontent.com/u/40404495?v=4" width="110px;"/><br /><sub>James E. Msenga</sub>](https://github.com/JemCdo)<br />[💻](https://github.com/snipe/snipe-it/commits?author=JemCdo "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/6865786?v=4" width="110px;"/><br /><sub>Jan Felix Wiebe</sub>](https://github.com/jfwiebe)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jfwiebe "Code") | [<img src="https://avatars.githubusercontent.com/u/43412008?v=4" width="110px;"/><br /><sub>Jo Drexl</sub>](https://www.nfon.com/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=drexljo "Code") | [<img src="https://avatars.githubusercontent.com/u/4807843?v=4" width="110px;"/><br /><sub>Austin Sasko</sub>](https://github.com/austinsasko)<br />[💻](https://github.com/snipe/snipe-it/commits?author=austinsasko "Code") | [<img src="https://avatars.githubusercontent.com/u/4875039?v=4" width="110px;"/><br /><sub>Jasson</sub>](http://jassoncordones.github.io)<br />[💻](https://github.com/snipe/snipe-it/commits?author=JassonCordones "Code") | [<img src="https://avatars.githubusercontent.com/u/76069640?v=4" width="110px;"/><br /><sub>Okean</sub>](https://github.com/Tinyblargon)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Tinyblargon "Code") | [<img src="https://avatars.githubusercontent.com/u/6515064?v=4" width="110px;"/><br /><sub>Alejandro Medrano</sub>](https://www.lst.tfo.upm.es/alejandro-medrano/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=amedranogil "Code") | [<img src="https://avatars.githubusercontent.com/u/58696401?v=4" width="110px;"/><br /><sub>Lukas Kraic</sub>](https://github.com/lukaskraic)<br />[💻](https://github.com/snipe/snipe-it/commits?author=lukaskraic "Code") |
-| [<img src="https://avatars.githubusercontent.com/u/1571724?v=4" width="110px;"/><br /><sub>Герхард PICCORO Lenz McKAY </sub>](https://github-readme-stats.vercel.app/api?username=mckaygerhard)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mckaygerhard "Code") | [<img src="https://avatars.githubusercontent.com/u/15015119?v=4" width="110px;"/><br /><sub>Johannes Pollitt</sub>](https://github.com/FlorestanII)<br />[💻](https://github.com/snipe/snipe-it/commits?author=FlorestanII "Code") | [<img src="https://avatars.githubusercontent.com/u/14185442?v=4" width="110px;"/><br /><sub>Michael Strobel</sub>](https://strobelm.de)<br />[💻](https://github.com/snipe/snipe-it/commits?author=strobelm "Code") | [<img src="https://avatars.githubusercontent.com/u/634790?v=4" width="110px;"/><br /><sub>Nicky West</sub>](http://nickwest.me)<br />[💻](https://github.com/snipe/snipe-it/commits?author=nickwest "Code") | [<img src="https://avatars.githubusercontent.com/u/1347327?v=4" width="110px;"/><br /><sub>akaspeh1</sub>](https://github.com/akaspeh1)<br />[💻](https://github.com/snipe/snipe-it/commits?author=akaspeh1 "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/1571724?v=4" width="110px;"/><br /><sub>Герхард PICCORO Lenz McKAY </sub>](https://github-readme-stats.vercel.app/api?username=mckaygerhard)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mckaygerhard "Code") | [<img src="https://avatars.githubusercontent.com/u/15015119?v=4" width="110px;"/><br /><sub>Johannes Pollitt</sub>](https://github.com/FlorestanII)<br />[💻](https://github.com/snipe/snipe-it/commits?author=FlorestanII "Code") | [<img src="https://avatars.githubusercontent.com/u/14185442?v=4" width="110px;"/><br /><sub>Michael Strobel</sub>](https://strobelm.de)<br />[💻](https://github.com/snipe/snipe-it/commits?author=strobelm "Code") | [<img src="https://avatars.githubusercontent.com/u/634790?v=4" width="110px;"/><br /><sub>Nicky West</sub>](http://nickwest.me)<br />[💻](https://github.com/snipe/snipe-it/commits?author=nickwest "Code") | [<img src="https://avatars.githubusercontent.com/u/1347327?v=4" width="110px;"/><br /><sub>akaspeh1</sub>](https://github.com/akaspeh1)<br />[💻](https://github.com/snipe/snipe-it/commits?author=akaspeh1 "Code") | [<img src="https://avatars.githubusercontent.com/u/2880129?v=4" width="110px;"/><br /><sub>Sebastian Marsching</sub>](http://sebastian.marsching.com/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=smarsching "Code") | [<img src="https://avatars.githubusercontent.com/u/40658372?v=4" width="110px;"/><br /><sub>Mo</sub>](https://github.com/mohammad-ahmadi1)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mohammad-ahmadi1 "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/20994684?v=4" width="110px;"/><br /><sub>Owen V. Hayes</sub>](https://github.com/MarvelousAnything)<br />[💻](https://github.com/snipe/snipe-it/commits?author=MarvelousAnything "Code") |
 <!-- ALL-CONTRIBUTORS-LIST:END -->

 This project follows the [all-contributors](https://github.com/kentcdodds/all-contributors) specification. Contributions of any kind welcome!
@@ -83,6 +83,7 @@ Since the release of the JSON REST API, several third-party developers have been
 - [jamf2snipe](https://github.com/grokability/jamf2snipe) - Python script to sync assets between a JAMFPro instance and a Snipe-IT instance
 - [jamf-snipe-rename](https://macblog.org/jamf-snipe-rename/) - Python script to rename computers in Jamf from Snipe-IT
 - [Snipe-IT plugin for Jira Service Desk](https://marketplace.atlassian.com/apps/1220964/snipe-it-for-jira)
+- [Rudder2Snipe](https://github.com/norbertoaquino/rudder2snipe) by [@norbertoaquino](https://github.com/norbertoaquino) - Rudder.io integration for Snipe-IT
 - [Python 3 CSV importer](https://github.com/gastamper/snipeit-csvimporter) - allows importing assets into Snipe-IT based on Item Name rather than Asset Tag.
 - [Snipe-IT Kubernetes Helm Chart](https://github.com/t3n/helm-charts/tree/master/snipeit) - For more information, [click here](https://hub.helm.sh/charts/t3n/snipeit).
 - [Snipe-IT Bulk Edit](https://github.com/bricelabelle/snipe-it-bulkedit) - Google Script files to use Google Sheets as a bulk checkout/checkin/edit tool for Snipe-IT.
@@ -0,0 +1,59 @@
+<?php
+
+namespace App\Actions\Categories;
+
+use App\Exceptions\ItemStillHasAccessories;
+use App\Exceptions\ItemStillHasAssetModels;
+use App\Exceptions\ItemStillHasAssets;
+use App\Exceptions\ItemStillHasComponents;
+use App\Exceptions\ItemStillHasConsumables;
+use App\Exceptions\ItemStillHasLicenses;
+use App\Models\Category;
+use Illuminate\Support\Facades\Storage;
+
+class DestroyCategoryAction
+{
+    /**
+     * @throws ItemStillHasAssets
+     * @throws ItemStillHasAssetModels
+     * @throws ItemStillHasComponents
+     * @throws ItemStillHasAccessories
+     * @throws ItemStillHasLicenses
+     * @throws ItemStillHasConsumables
+     */
+    static function run(Category $category): bool
+    {
+        $category->loadCount([
+            'assets as assets_count',
+            'accessories as accessories_count',
+            'consumables as consumables_count',
+            'components as components_count',
+            'licenses as licenses_count',
+            'models as models_count'
+        ]);
+
+        if ($category->assets_count > 0) {
+            throw new ItemStillHasAssets($category);
+        }
+        if ($category->accessories_count > 0) {
+            throw new ItemStillHasAccessories($category);
+        }
+        if ($category->consumables_count > 0) {
+            throw new ItemStillHasConsumables($category);
+        }
+        if ($category->components_count > 0) {
+            throw new ItemStillHasComponents($category);
+        }
+        if ($category->licenses_count > 0) {
+            throw new ItemStillHasLicenses($category);
+        }
+        if ($category->models_count > 0) {
+            throw new ItemStillHasAssetModels($category);
+        }
+
+        Storage::disk('public')->delete('categories'.'/'.$category->image);
+        $category->delete();
+
+        return true;
+    }
+}
@@ -0,0 +1,63 @@
+<?php
+
+namespace App\Actions\Manufacturers;
+
+use App\Exceptions\ItemStillHasAccessories;
+use App\Exceptions\ItemStillHasAssets;
+use App\Exceptions\ItemStillHasComponents;
+use App\Exceptions\ItemStillHasConsumables;
+use App\Exceptions\ItemStillHasLicenses;
+use App\Models\Manufacturer;
+use Illuminate\Support\Facades\Log;
+use Illuminate\Support\Facades\Storage;
+
+class DeleteManufacturerAction
+{
+    /**
+     * @throws ItemStillHasAssets
+     * @throws ItemStillHasComponents
+     * @throws ItemStillHasAccessories
+     * @throws ItemStillHasLicenses
+     * @throws ItemStillHasConsumables
+     */
+    static function run(Manufacturer $manufacturer): bool
+    {
+        $manufacturer->loadCount([
+            'assets as assets_count',
+            'accessories as accessories_count',
+            'consumables as consumables_count',
+            'components as components_count',
+            'licenses as licenses_count',
+        ]);
+
+        if ($manufacturer->assets_count > 0) {
+            throw new ItemStillHasAssets($manufacturer);
+        }
+        if ($manufacturer->accessories_count > 0) {
+            throw new ItemStillHasAccessories($manufacturer);
+        }
+        if ($manufacturer->consumables_count > 0) {
+            throw new ItemStillHasConsumables($manufacturer);
+        }
+        if ($manufacturer->components_count > 0) {
+            throw new ItemStillHasComponents($manufacturer);
+        }
+        if ($manufacturer->licenses_count > 0) {
+            throw new ItemStillHasLicenses($manufacturer);
+        }
+
+        if ($manufacturer->image) {
+            try {
+                Storage::disk('public')->delete('manufacturers/'.$manufacturer->image);
+            } catch (\Exception $e) {
+                Log::info($e);
+            }
+        }
+
+        $manufacturer->delete();
+        //dd($manufacturer);
+
+        return true;
+    }
+
+}
@@ -0,0 +1,72 @@
+<?php
+
+namespace App\Actions\Suppliers;
+
+use App\Exceptions\ItemStillHasAccessories;
+use App\Exceptions\ItemStillHasComponents;
+use App\Exceptions\ItemStillHasConsumables;
+use App\Models\Supplier;
+use App\Exceptions\ItemStillHasAssets;
+use App\Exceptions\ItemStillHasMaintenances;
+use App\Exceptions\ItemStillHasLicenses;
+use Illuminate\Support\Facades\Log;
+use Illuminate\Support\Facades\Storage;
+
+class DestroySupplierAction
+{
+    /**
+     *
+     * @throws ItemStillHasLicenses
+     * @throws ItemStillHasAssets
+     * @throws ItemStillHasMaintenances
+     * @throws ItemStillHasAccessories
+     * @throws ItemStillHasConsumables
+     * @throws ItemStillHasComponents
+     */
+    static function run(Supplier $supplier): bool
+    {
+        $supplier->loadCount([
+            'maintenances as maintenances_count',
+            'assets as assets_count',
+            'licenses as licenses_count',
+            'accessories as accessories_count',
+            'consumables as consumables_count',
+            'components as components_count',
+        ]);
+        if ($supplier->assets_count > 0) {
+            throw new ItemStillHasAssets($supplier);
+        }
+
+        if ($supplier->maintenances_count > 0) {
+            throw new ItemStillHasMaintenances($supplier);
+        }
+
+        if ($supplier->licenses_count > 0) {
+            throw new ItemStillHasLicenses($supplier);
+        }
+
+        if ($supplier->accessories_count > 0) {
+            throw new ItemStillHasAccessories($supplier);
+        }
+
+        if ($supplier->consumables_count > 0) {
+            throw new ItemStillHasConsumables($supplier);
+        }
+
+        if ($supplier->components_count > 0) {
+            throw new ItemStillHasComponents($supplier);
+        }
+
+        if ($supplier->image) {
+            try {
+                Storage::disk('public')->delete('suppliers/'.$supplier->image);
+            } catch (\Exception $e) {
+                Log::info($e->getMessage());
+            }
+        }
+
+        $supplier->delete();
+
+        return true;
+    }
+}
@@ -317,9 +317,21 @@ class LdapSync extends Command
            if($ldap_map["jobtitle"] != null){
                $user->jobtitle = $item['jobtitle'];
            }
+            if($ldap_map["address"] != null){
+                $user->address = $item['address'];
+            }
+            if($ldap_map["city"] != null){
+                $user->city = $item['city'];
+            }
+            if($ldap_map["state"] != null){
+                $user->state = $item['state'];
+            }
            if($ldap_map["country"] != null){
                $user->country = $item['country'];
            }
+            if($ldap_map["zip"] != null){
+                $user->zip = $item['zip'];
+            }
            if($ldap_map["dept"]  != null){
                $user->department_id = $department->id;
            }
@@ -8,8 +8,6 @@ use Symfony\Component\Console\Input\InputOption;
 use Illuminate\Support\Facades\Log;
 use Symfony\Component\Console\Helper\ProgressIndicator;

-ini_set('max_execution_time', env('IMPORT_TIME_LIMIT', 600)); //600 seconds = 10 minutes
-ini_set('memory_limit', env('IMPORT_MEMORY_LIMIT', '500M'));

 /**
 * Class ObjectImportCommand
@@ -52,10 +50,13 @@ class ObjectImportCommand extends Command
     */
    public function handle()
    {
+        ini_set('max_execution_time', env('IMPORT_TIME_LIMIT', 600)); //600 seconds = 10 minutes
+        ini_set('memory_limit', env('IMPORT_MEMORY_LIMIT', '500M'));
+
        $this->progressIndicator = new ProgressIndicator($this->output);

        $filename = $this->argument('filename');
-        $class = title_case($this->option('item-type'));
+        $class = ucfirst($this->option('item-type'));
        $classString = "App\\Importer\\{$class}Importer";
        $importer = new $classString($filename);
        $importer->setCallbacks([$this, 'log'], [$this, 'progress'], [$this, 'errorCallback'])
@@ -0,0 +1,56 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\Actionlog;
+use Illuminate\Console\Command;
+
+class RemoveInvalidUploadDeleteActionLogItems extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:remove-invalid-upload-delete-action-log-items';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Permanently remove invalid "upload deleted" action log items that have a null filename. This command can potentially result in deleted files being "resurrected" in the UI.';
+
+    /**
+     * Execute the console command.
+     */
+    public function handle()
+    {
+        $invalidLogs = Actionlog::query()
+            ->where('action_type', 'upload deleted')
+            ->whereNull('filename')
+            ->withTrashed()
+            ->get();
+
+        $this->info("{$invalidLogs->count()} invalid log items found.");
+
+        if ($invalidLogs->count() === 0) {
+            return 0;
+        }
+
+        $this->table(['ID', 'Action Type', 'Item Type', 'Item ID', 'Created At', 'Deleted At'], $invalidLogs->map(fn($log) => [
+            $log->id,
+            $log->action_type,
+            $log->item_type,
+            $log->item_id,
+            $log->created_at,
+            $log->deleted_at,
+        ])->toArray());
+
+        if ($this->confirm("Do you wish to remove {$invalidLogs->count()} log items?")) {
+            $invalidLogs->each(fn($log) => $log->forceDelete());
+        }
+
+        return 0;
+    }
+}
@@ -49,14 +49,15 @@ class ResetDemoSettings extends Command
        $settings->logo = 'snipe-logo.png';
        $settings->alert_email = 'service@snipe-it.io';
        $settings->login_note = 'Use `admin` / `password` to login to the demo.';
-        $settings->header_color = null;
+        $settings->header_color = '#3c8dbc';
+        $settings->link_dark_color = '#86cbf2';
+        $settings->link_light_color = '#084d73;';
        $settings->label2_2d_type = 'QRCODE';
        $settings->default_currency = 'USD';
        $settings->brand = 2;
        $settings->ldap_enabled = 0;
        $settings->full_multiple_companies_support = 0;
        $settings->label2_1d_type = 'C128';
-        $settings->skin = '';
        $settings->email_domain = 'snipeitapp.com';
        $settings->email_format = 'filastname';
        $settings->username_format = 'filastname';
@@ -80,6 +81,8 @@ class ResetDemoSettings extends Command

        if ($user = User::where('username', '=', 'admin')->first()) {
            $user->locale = 'en-US';
+            $user->enable_confetti = 1;
+            $user->enable_sounds = 1;
            $user->save();
        }

@@ -5,6 +5,7 @@ namespace App\Console\Commands;
 use Illuminate\Console\Command;
 use ZipArchive;
 use Illuminate\Support\Facades\Log;
+use enshrined\svgSanitize\Sanitizer;

 class SQLStreamer {
    private $input;
@@ -51,7 +52,7 @@ class SQLStreamer {
            /* we *could* have made the ^INSERT INTO blah VALUES$ turn on the capturing state, and closed it with
               a ^(blahblah);$ but it's cleaner to not have to manage the state machine. We're just going to
               assume that (blahblah), or (blahblah); are values for INSERT and are always acceptable. */
-            "<^/\*!40101 SET NAMES '?[a-zA-Z0-9_-]+'? \*/;$>"                                   => false, //using weird delimiters (<,>) for readability. allow quoted or unquoted charsets
+            "<^/\*![0-9]{5} SET NAMES '?[a-zA-Z0-9_-]+'? \*/;$>" => false, //using weird delimiters (<,>) for readability. allow quoted or unquoted charsets
            "<^/\*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' \*/;$>" => false, //same, now handle zero-values
        ];

@@ -242,9 +243,10 @@ class RestoreFromBackup extends Command

        $private_dirs = [
            'storage/private_uploads/accessories',
-            'storage/private_uploads/assetmodels',
-            'storage/private_uploads/maintenances',
-            'storage/private_uploads/models',
+            'storage/private_uploads/assetmodels' => 'storage/private_uploads/models', //this was changed from assetmodels => models Aug 10 2025
+            'storage/private_uploads/asset_maintenances' => 'storage/private_uploads/maintenances', //this was changed from asset_maintenances => maintenances Aug 10 2025
+            'storage/private_uploads/maintenances', //but let 'maintenances' take precedence
+            'storage/private_uploads/models', //and let 'models' take precedence
            'storage/private_uploads/assets', // these are asset _files_, not the pictures.
            'storage/private_uploads/audits',
            'storage/private_uploads/components',
@@ -262,7 +264,7 @@ class RestoreFromBackup extends Command
        ];
        $public_dirs = [
            'public/uploads/accessories',
-            'public/uploads/assetmodels',
+            // 'public/uploads/assetmodels' => 'public/uploads/models', //according to git, this was _never_ a thing... (see below)
            'public/uploads/maintenances',
            'public/uploads/assets', // these are asset _pictures_, not asset files
            'public/uploads/avatars',
@@ -273,7 +275,7 @@ class RestoreFromBackup extends Command
            'public/uploads/departments',
            'public/uploads/locations',
            'public/uploads/manufacturers',
-            'public/uploads/models',
+            'public/uploads/models', // ...it's been this way for 9 years (as of late 2025)
            'public/uploads/suppliers',
        ];

@@ -286,8 +288,6 @@ class RestoreFromBackup extends Command
            'public/uploads/favicon-uploaded.*',
        ];

-        $all_files = $private_dirs + $public_dirs;
-
        $sqlfiles = [];
        $sqlfile_indices = [];

@@ -295,6 +295,20 @@ class RestoreFromBackup extends Command
        $boring_files = [];
        $unsafe_files = [];

+        $good_extensions = config('filesystems.allowed_upload_extensions_array');
+
+        $private_extensions = array_merge($good_extensions, ["csv", "key"]); //add csv, and 'key'
+        $public_extensions = array_diff($good_extensions, ["xml"]); //remove xml
+
+        $sanitizer = new Sanitizer();
+
+        /**
+         * TODO: I _hate_ the "continue 3" thing we keep doing here
+         * I think a better approach might be to have the "each file" stuff be in a method on this class, and the
+         * boring_files and interesting_files be properties on it that we fill out. Then, in that method, we could
+         * just do a 'return' once the file is actually handled (yay or nay). We could also start to break out some of
+         * the _other_ things that we do into their own methods too? But I don't care about that as much.
+         */
        for ($i = 0; $i < $za->numFiles; $i++) {
            $stat_results = $za->statIndex($i);
            // echo "index: $i\n";
@@ -309,7 +323,7 @@ class RestoreFromBackup extends Command
            // skip macOS resource fork files (?!?!?!)
            if (strpos($raw_path, '__MACOSX') !== false && strpos($raw_path, '._') !== false) {
                //print "SKIPPING macOS Resource fork file: $raw_path\n";
-                $boring_files[] = $raw_path;
+                // $boring_files[] = $raw_path; //stop adding this to the boring files list; it's just confusing
                continue;
            }
            if (@pathinfo($raw_path, PATHINFO_EXTENSION) == 'sql') {
@@ -318,44 +332,70 @@ class RestoreFromBackup extends Command
                $sqlfile_indices[] = $i;
                continue;
            }
+            if ($raw_path[-1] == '/') {
+                //last character is '/' - this is a directory, and we don't need it, and we don't need to warn about it
+                continue;
+            }
+            if (in_array(basename($raw_path), [".gitkeep", ".gitignore", ".DS_Store"])) {
+                //skip these boring files silently without reporting on them; they're stupid
+                continue;
+            }
+            $extension = strtolower(pathinfo($raw_path, PATHINFO_EXTENSION));

-            foreach (array_merge($private_dirs, $public_dirs) as $dir) {
-                $last_pos = strrpos($raw_path, $dir . '/');
-                if ($last_pos !== false) {
-                    //print("INTERESTING - last_pos is $last_pos when searching $raw_path for $dir - last_pos+strlen(\$dir) is: ".($last_pos+strlen($dir))." and strlen(\$rawpath) is: ".strlen($raw_path)."\n");
-                    //print("We would copy $raw_path to $dir.\n"); //FIXME append to a path?
-                    $interesting_files[$raw_path] = ['dest' => $dir, 'index' => $i];
-                    continue 2;
-                    if ($last_pos + strlen($dir) + 1 == strlen($raw_path)) {
-                        // we don't care about that; we just want files with the appropriate prefix
-                        //print("FOUND THE EXACT DIRECTORY: $dir AT: $raw_path!!!\n");
+            foreach (['public' => $public_dirs, 'private' => $private_dirs] as $purpose => $dirs) {
+                $allowed_extensions = match ($purpose) {
+                    'public' => $public_extensions,
+                    'private' => $private_extensions,
+                };
+                foreach ($dirs as $dir => $destdir) {
+                    if (is_int($dir)) {
+                        $dir = $destdir;
+                    }
+                    $last_pos = strrpos($raw_path, $dir . '/');
+                    if ($last_pos !== false) {
+                        //print("INTERESTING - last_pos is $last_pos when searching $raw_path for $dir - last_pos+strlen(\$dir) is: ".($last_pos+strlen($dir))." and strlen(\$rawpath) is: ".strlen($raw_path)."\n");
+                        //print("We would copy $raw_path to $dir.\n"); //FIXME append to a path?
+                        //the CSV bit, below, is because we store CSV files as "blahcsv" - without an extension
+                        if (!in_array($extension, $allowed_extensions) && !($dir == "storage/private_uploads/imports" && substr($raw_path, -3) == "csv" && $extension == "")) {
+                            $unsafe_files[] = $raw_path;
+                            Log::debug($raw_path . ' from directory ' . $dir . ' is being skipped');
+                        } else {
+                            if ($dir != $destdir) {
+                                Log::debug("Getting ready to save file $raw_path to new directory $destdir");
+                            }
+                            $interesting_files[$raw_path] = ['dest' => $destdir, 'index' => $i];
+                        }
+                        continue 3;
                    }
                }
            }

-            $good_extensions = config('filesystems.allowed_upload_extensions_array');
-
-            foreach (array_merge($private_files, $public_files) as $file) {
-                $has_wildcard = (strpos($file, '*') !== false);
-                if ($has_wildcard) {
-                    $file = substr($file, 0, -1); //trim last character (which should be the wildcard)
-                }
-                $last_pos = strrpos($raw_path, $file); // no trailing slash!
-                if ($last_pos !== false) {
-                    $extension = strtolower(pathinfo($raw_path, PATHINFO_EXTENSION));
-                    if (!in_array($extension, $good_extensions)) {
-                        // gathering potentially unsafe files here to return at exit
-                        $unsafe_files[] = $raw_path;
-                        Log::debug('Potentially unsafe file '.$raw_path.' is being skipped');
-                        $boring_files[] = $raw_path;
-                        continue 2;
+            foreach (['public' => $public_files, 'private' => $private_files] as $purpose => $files) {
+                $allowed_extensions = match ($purpose) {
+                    'public' => $public_extensions,
+                    'private' => $private_extensions,
+                };
+                foreach ($files as $file) {
+                    $has_wildcard = (strpos($file, '*') !== false);
+                    if ($has_wildcard) {
+                        $file = substr($file, 0, -1); //trim last character (which should be the wildcard)
                    }
-                    //print("INTERESTING - last_pos is $last_pos when searching $raw_path for $file - last_pos+strlen(\$file) is: ".($last_pos+strlen($file))." and strlen(\$rawpath) is: ".strlen($raw_path)."\n");
-                    //no wildcards found in $file, process 'normally'
-                    if ($last_pos + strlen($file) == strlen($raw_path) || $has_wildcard) { //again, no trailing slash. or this is a wildcard and we just take it.
-                        // print("FOUND THE EXACT FILE: $file AT: $raw_path!!!\n"); //we *do* care about this, though.
-                        $interesting_files[$raw_path] = ['dest' => dirname($file), 'index' => $i];
-                        continue 2;
+                    $last_pos = strrpos($raw_path, $file); // no trailing slash!
+                    if ($last_pos !== false) {
+                        if (!in_array($extension, $allowed_extensions)) {
+                            // gathering potentially unsafe files here to return at exit
+                            $unsafe_files[] = $raw_path;
+                            Log::debug('Potentially unsafe file ' . $raw_path . ' is being skipped');
+                            $boring_files[] = $raw_path;
+                            continue 3;
+                        }
+                        //print("INTERESTING - last_pos is $last_pos when searching $raw_path for $file - last_pos+strlen(\$file) is: ".($last_pos+strlen($file))." and strlen(\$rawpath) is: ".strlen($raw_path)."\n");
+                        //no wildcards found in $file, process 'normally'
+                        if ($last_pos + strlen($file) == strlen($raw_path) || $has_wildcard) { //again, no trailing slash. or this is a wildcard and we just take it.
+                            // print("FOUND THE EXACT FILE: $file AT: $raw_path!!!\n"); //we *do* care about this, though.
+                            $interesting_files[$raw_path] = ['dest' => dirname($file), 'index' => $i];
+                            continue 3;
+                        }
                    }
                }
            }
@@ -492,18 +532,25 @@ class RestoreFromBackup extends Command
        }
        foreach ($interesting_files as $pretty_file_name => $file_details) {
            $ugly_file_name = $za->statIndex($file_details['index'])['name'];
-            $fp = $za->getStream($ugly_file_name);
-            //$this->info("Weird problem, here are file details? ".print_r($file_details,true));
-            if (!is_dir($file_details['dest'])) {
-                mkdir($file_details['dest'], 0755, true); //0755 is what Laravel uses, so we do that
+            $migrated_file_name = $file_details['dest'] . '/' . basename($pretty_file_name);
+            if (strcasecmp(substr($pretty_file_name, -4), ".svg") === 0) {
+                $svg_contents = $za->getFromIndex($file_details['index']);
+                $cleaned_svg = $sanitizer->sanitize($svg_contents);
+                file_put_contents($migrated_file_name, $cleaned_svg);
+            } else {
+                $fp = $za->getStream($ugly_file_name);
+                //$this->info("Weird problem, here are file details? ".print_r($file_details,true));
+                if (!is_dir($file_details['dest'])) {
+                    mkdir($file_details['dest'], 0755, true); //0755 is what Laravel uses, so we do that
+                }
+                $migrated_file = fopen($migrated_file_name, 'w');
+                while (($buffer = fgets($fp, SQLStreamer::$buffer_size)) !== false) {
+                    fwrite($migrated_file, $buffer);
+                }
+                fclose($migrated_file);
+                fclose($fp);
+                //$this->info("Wrote $ugly_file_name to $pretty_file_name");
            }
-            $migrated_file = fopen($file_details['dest'].'/'.basename($pretty_file_name), 'w');
-            while (($buffer = fgets($fp, SQLStreamer::$buffer_size)) !== false) {
-                fwrite($migrated_file, $buffer);
-            }
-            fclose($migrated_file);
-            fclose($fp);
-            //$this->info("Wrote $ugly_file_name to $pretty_file_name");
            if ($bar) {
                $bar->advance();
            }
@@ -3,13 +3,18 @@
 namespace App\Console\Commands;

 use App\Mail\UnacceptedAssetReminderMail;
+use App\Models\Accessory;
 use App\Models\Asset;
 use App\Models\CheckoutAcceptance;
+use App\Models\Component;
+use App\Models\Consumable;
+use App\Models\LicenseSeat;
 use App\Models\Setting;
 use App\Models\User;
 use App\Notifications\CheckoutAssetNotification;
 use App\Notifications\CurrentInventory;
 use Illuminate\Console\Command;
+use Illuminate\Database\Eloquent\Relations\MorphTo;
 use Illuminate\Support\Facades\Mail;

 class SendAcceptanceReminder extends Command
@@ -26,7 +31,7 @@ class SendAcceptanceReminder extends Command
     *
     * @var string
     */
-    protected $description = 'This will resend users with unaccepted assets a reminder to accept or decline them.';
+    protected $description = 'This will resend users with unaccepted items a reminder to accept or decline them.';

    /**
     * Create a new command instance.
@@ -45,19 +50,30 @@ class SendAcceptanceReminder extends Command
     */
    public function handle()
    {
-        $pending = CheckoutAcceptance::pending()->where('checkoutable_type', 'App\Models\Asset')
-                                                ->whereHas('checkoutable', function($query) {
-                                                    $query->where('accepted_at', null)
-                                                          ->where('declined_at', null);
-                                                })
-                                                ->with(['assignedTo', 'checkoutable.assignedTo', 'checkoutable.model', 'checkoutable.adminuser'])
-                                                ->get();
+        $pending = CheckoutAcceptance::query()
+            ->with([
+                'checkoutable' => function (MorphTo $morph) {
+                    $morph->morphWith([
+                        Asset::class       => ['model.category', 'assignedTo', 'adminuser', 'company', 'checkouts'],
+                        Accessory::class   => ['category', 'company', 'checkouts'],
+                        LicenseSeat::class => ['user', 'license', 'checkouts'],
+                        Component::class   => ['assignedTo', 'company', 'checkouts'],
+                        Consumable::class  => ['company', 'checkouts'],
+                    ]);
+                },
+                'assignedTo',
+            ])
+            ->whereHasMorph(
+                'checkoutable',
+                [Asset::class, Accessory::class, LicenseSeat::class, Component::class, Consumable::class],
+                fn ($q) => $q->whereNull('accepted_at')
+                    ->whereNull('declined_at')
+            )
+            ->pending()
+            ->get();

        $count = 0;
        $unacceptedAssetGroups = $pending
-            ->filter(function($acceptance) {
-                return $acceptance->checkoutable_type == 'App\Models\Asset';
-            })
            ->map(function($acceptance) {
                return ['assetItem' => $acceptance->checkoutable, 'acceptance' => $acceptance];
            })
@@ -9,6 +9,8 @@ use App\Notifications\ExpectedCheckinAdminNotification;
 use App\Notifications\ExpectedCheckinNotification;
 use Carbon\Carbon;
 use Illuminate\Console\Command;
+use Illuminate\Support\Facades\Notification;
+use App\Helpers\Helper;

 class SendExpectedCheckinAlerts extends Command
 {
@@ -17,7 +19,7 @@ class SendExpectedCheckinAlerts extends Command
     *
     * @var string
     */
-    protected $name = 'snipeit:expected-checkin';
+    protected $signature = 'snipeit:expected-checkin {--with-output : Display the results in a table in your console in addition to sending the email}';

    /**
     * The console command description.
@@ -42,19 +44,47 @@ class SendExpectedCheckinAlerts extends Command
    public function handle()
    {
        $settings = Setting::getSettings();
-        $interval = $settings->audit_warning_days ?? 0;
+        $interval = $settings->due_checkin_days ?? 0;
        $today = Carbon::now();
        $interval_date = $today->copy()->addDays($interval);
-        
+        $count = 0;
+
+        if (!$this->option('with-output')) {
+            $this->info('Run this command with the --with-output option to see the full list in the console.');
+        }
+
        $assets = Asset::whereNull('deleted_at')->DueOrOverdueForCheckin($settings)->orderBy('assets.expected_checkin', 'desc')->get();

-        $this->info($assets->count().' assets must be checked in on or before '.$interval_date.' is deadline');
+        $this->info($assets->count().' assets must be checked on or before '.Helper::getFormattedDateObject($interval_date, 'date', false));


        foreach ($assets as $asset) {
            if ($asset->assignedTo && (isset($asset->assignedTo->email)) && ($asset->assignedTo->email!='') && $asset->checkedOutToUser()) {
-                $this->info('Sending User ExpectedCheckinNotification to: '.$asset->assignedTo->email);
                $asset->assignedTo->notify((new ExpectedCheckinNotification($asset)));
+                $count++;
+            }
+        }
+
+        if ($this->option('with-output')) {
+            if (($assets) && ($assets->count() > 0) && ($settings->alert_email != '')) {
+                $this->table(
+                    [
+                        trans('general.id'),
+                        trans('admin/hardware/form.tag'),
+                        trans('admin/hardware/form.model'),
+                        trans('general.model_no'),
+                        trans('general.purchase_date'),
+                        trans('admin/hardware/form.expected_checkin'),
+                    ],
+                    $assets->map(fn($assets) => [
+                        trans('general.id') => $assets->id,
+                        trans('admin/hardware/form.tag') => $assets->asset_tag,
+                        trans('admin/hardware/form.model') => $assets->model->name,
+                        trans('general.model_no') => $assets->model->model_number,
+                        trans('general.purchase_date') => $assets->purchase_date_formatted,
+                        trans('admin/hardware/form.eol_date') => $assets->expected_checkin_formattedDate ? $assets->expected_checkin_formattedDate . ' (' . $assets->expected_checkin_diff_for_humans . ')' : '',
+                    ])
+                );
            }
        }

@@ -63,10 +93,11 @@ class SendExpectedCheckinAlerts extends Command
            $recipients = collect(explode(',', $settings->alert_email))->map(function ($item) {
                return new AlertRecipient($item);
            });
-
-            $this->info('Sending Admin ExpectedCheckinNotification to: '.$settings->alert_email);
-            \Notification::send($recipients, new ExpectedCheckinAdminNotification($assets));
+            Notification::send($recipients, new ExpectedCheckinAdminNotification($assets));

        }
+        
+        $this->info('Sent checkin reminders to to '.$count.' users.');
+
    }
 }
@@ -2,6 +2,7 @@

 namespace App\Console\Commands;

+use App\Helpers\Helper;
 use App\Mail\ExpiringAssetsMail;
 use App\Mail\ExpiringLicenseMail;
 use App\Models\Asset;
@@ -13,11 +14,11 @@ use Illuminate\Support\Facades\Mail;
 class SendExpirationAlerts extends Command
 {
    /**
-     * The console command name.
-     *
+     * The name and signature of the console command.
+ *
     * @var string
     */
-    protected $name = 'snipeit:expiring-alerts';
+    protected $signature = 'snipeit:expiring-alerts {--expired-licenses}';

    /**
     * The console command description.
@@ -52,19 +53,73 @@ class SendExpirationAlerts extends Command
                ->filter(fn($item) => !empty($item))
                ->all();
            // Expiring Assets
-            $assets = Asset::getExpiringWarrantee($alert_interval);
+            $assets = Asset::getExpiringWarrantyOrEol($alert_interval);

            if ($assets->count() > 0) {
-                $this->info(trans_choice('mail.assets_warrantee_alert', $assets->count(), ['count' => $assets->count(), 'threshold' => $alert_interval]));
+
                Mail::to($recipients)->send(new ExpiringAssetsMail($assets, $alert_interval));
+
+                $this->table(
+                    [
+                        trans('general.id'),
+                        trans('admin/hardware/form.tag'),
+                        trans('admin/hardware/form.model'),
+                        trans('general.model_no'),
+                        trans('general.purchase_date'),
+                        trans('admin/hardware/form.eol_rate'),
+                        trans('admin/hardware/form.eol_date'),
+                        trans('admin/hardware/form.warranty_expires'),
+                    ],
+                    $assets->map(fn($item) =>
+                    [
+                        trans('general.id')  => $item->id,
+                        trans('admin/hardware/form.tag') => $item->asset_tag,
+                        trans('admin/hardware/form.model') => $item->model->name,
+                        trans('general.model_no') => $item->model->model_number,
+                        trans('general.purchase_date') => $item->purchase_date_formatted,
+                        trans('admin/hardware/form.eol_rate')  => $item->model->eol,
+                        trans('admin/hardware/form.eol_date') => $item->eol_date ? $item->eol_formatted_date .' ('.$item->eol_diff_for_humans.')' : '',
+                        trans('admin/hardware/form.warranty_expires') => $item->warranty_expires ? $item->warranty_expires_formatted_date .' ('.$item->warranty_expires_diff_for_humans.')' : '',
+                   ])
+                   );
            }

            // Expiring licenses
-            $licenses = License::getExpiringLicenses($alert_interval);
+            $licenses = License::query()->ExpiringLicenses($alert_interval, $this->option('expired-licenses'))
+                ->with('manufacturer','category')
+                ->orderBy('expiration_date', 'ASC')
+                ->orderBy('termination_date', 'ASC')
+                ->get();
            if ($licenses->count() > 0) {
-                $this->info(trans_choice('mail.license_expiring_alert', $licenses->count(), ['count' => $licenses->count(), 'threshold' => $alert_interval]));
                Mail::to($recipients)->send(new ExpiringLicenseMail($licenses, $alert_interval));
+
+                $this->table(
+                    [
+                        trans('general.id'),
+                        trans('general.name'),
+                        trans('general.purchase_date'),
+                        trans('admin/licenses/form.expiration'),
+                        trans('mail.expires'),
+                        trans('admin/licenses/form.termination_date'),
+                        trans('mail.terminates')],
+                    $licenses->map(fn($item) => [
+                        trans('general.id') => $item->id,
+                        trans('general.name') => $item->name,
+                        trans('general.purchase_date') => $item->purchase_date_formatted,
+                        trans('admin/licenses/form.expiration') => $item->expires_formatted_date,
+                        trans('mail.expires') => $item->expires_formatted_date ? $item->expires_diff_for_humans : '',
+                        trans('admin/licenses/form.termination_date') => $item->terminates_formatted_date,
+                        trans('mail.terminates') => $item->terminates_diff_for_humans
+                    ])
+                );
            }
+
+            // Send a message even if the count is 0
+            $this->info(trans_choice('mail.assets_warrantee_alert', $assets->count(), ['count' => $assets->count(), 'threshold' => $alert_interval]));
+            $this->info(trans_choice('mail.license_expiring_alert', $licenses->count(), ['count' => $licenses->count(), 'threshold' => $alert_interval]));
+
+
+
        } else {
            if ($settings->alert_email == '') {
                $this->error('Could not send email. No alert email configured in settings');
@@ -52,7 +52,9 @@ class SendInventoryAlerts extends Command
                    return new AlertRecipient($item);
                });

-                \Notification::send($recipients, new InventoryAlert($items, $settings->alert_threshold));
+                Notification::send($recipients, new InventoryAlert($items, $settings->alert_threshold));
+            } else {
+                $this->info('No low inventory items found. No mail sent.');
            }
        } else {
            if ($settings->alert_email == '') {
@@ -16,7 +16,7 @@ class SendUpcomingAuditReport extends Command
     *
     * @var string
     */
-    protected $signature = 'snipeit:upcoming-audits';
+    protected $signature = 'snipeit:upcoming-audits {--with-output : Display the results in a table in your console in addition to sending the email}';

    /**
     * The console command description.
@@ -47,21 +47,69 @@ class SendUpcomingAuditReport extends Command
        $today = Carbon::now();
        $interval_date = $today->copy()->addDays($interval);

-        $assets = Asset::whereNull('deleted_at')->dueOrOverdueForAudit($settings)->orderBy('assets.next_audit_date', 'desc')->get();
-        $this->info($assets->count() . ' assets must be audited in on or before ' . $interval_date . ' is deadline');
-
-
-        if ((count($assets) !== 0) && ($assets->count() > 0) && ($settings->alert_email != '')) {
-            // Send a rollup to the admin, if settings dictate
-            $recipients = collect(explode(',', $settings->alert_email))
-                ->map(fn($item) => trim($item))
-                ->filter(fn($item) => !empty($item))
-                ->all();
-
-
-            $this->info('Sending Admin SendUpcomingAuditNotification to: ' . $settings->alert_email);
-            Mail::to($recipients)->send(new SendUpcomingAuditMail($assets, $settings->audit_warning_days));
+        $assets_query = Asset::whereNull('deleted_at')->dueOrOverdueForAudit($settings)->orderBy('assets.next_audit_date', 'asc')->with('supplier');
+        $asset_count = $assets_query->count();
+        $this->info(number_format($asset_count) . ' assets must be audited on or before ' . $interval_date);
+        if (!$this->option('with-output')) {
+            $this->info('Run this command with the --with-output option to see the full list in the console.');
        }

+
+        if ($asset_count > 0) {
+
+            $assets_for_email = $assets_query->limit(30)->get();
+
+            // Send a rollup to the admin, if settings dictate
+            if ($settings->alert_email != '') {
+
+                $recipients = collect(explode(',', $settings->alert_email))
+                    ->map(fn($item) => trim($item))
+                    ->filter(fn($item) => !empty($item))
+                    ->all();
+
+                Mail::to($recipients)->send(new SendUpcomingAuditMail($assets_for_email, $settings->audit_warning_days, $asset_count));
+                $this->info('Audit notification sent to: ' . $settings->alert_email);
+
+            } else {
+                $this->info('There is no admin alert email set so no email will be sent.');
+            }
+
+
+
+            if ($this->option('with-output')) {
+
+
+                // Get the full list if the user wants output in the console
+                $assets_for_output = $assets_query->limit(null)->get();
+
+                $this->table(
+                    [
+                        trans('general.id'),
+                        trans('general.name'),
+                        trans('general.last_audit'),
+                        trans('general.next_audit_date'),
+                        trans('mail.Days'),
+                        trans('mail.supplier'),
+                        trans('mail.assigned_to'),
+
+                    ],
+                    $assets_for_output->map(fn($item) => [
+                        trans('general.id') => $item->id,
+                        trans('general.name') => $item->display_name,
+                        trans('general.last_audit') => $item->last_audit_formatted_date,
+                        trans('general.next_audit_date') => $item->next_audit_formatted_date,
+                        trans('mail.Days') => round($item->next_audit_diff_in_days),
+                        trans('mail.supplier') => $item->supplier ? $item->supplier->name : '',
+                        trans('mail.assigned_to') => $item->assignedTo ? $item->assignedTo->display_name : '',
+                    ])
+                );
+            }
+
+        } else {
+            $this->info('There are no assets due for audit in the next ' . $interval . ' days.');
+        }
+
+
+
    }
 }
@@ -37,6 +37,8 @@ class SystemBackup extends Command
     */
    public function handle()
    {
+        ini_set('max_execution_time', env('BACKUP_TIME_LIMIT', 600)); //600 seconds = 10 minutes
+
        if ($this->option('filename')) {
            $filename = $this->option('filename');

@@ -0,0 +1,33 @@
+<?php
+
+namespace App\Enums;
+enum ActionType: string
+{
+    // General
+    case Create = 'create';
+    case Update = 'update';
+    case Delete = 'delete';
+    case Restore = 'restore';
+
+    // Assets/Accessories/Components/Licenses/Consumables
+    case Checkout = 'checkout';
+    case CheckinFrom = 'checkin from';
+    case Requested = 'requested';
+    case RequestCanceled = 'request canceled';
+    case Accepted = 'accepted';
+    case Declined = 'declined';
+    case Audit = 'audit';
+    case NoteAdded = 'note added';
+
+    // Users
+    case TwoFactorReset = '2FA reset';
+    case Merged = 'merged';
+
+    // Licenses
+    case DeleteSeats = 'delete seats';
+    case AddSeats = 'add seats';
+
+    // File Uploads
+    case Uploaded = 'uploaded';
+    case UploadDeleted = 'upload deleted';
+}
@@ -0,0 +1,10 @@
+<?php
+
+namespace App\Exceptions;
+
+use Exception;
+
+class ItemStillHasAccessories extends ItemStillHasChildren
+{
+    //
+}
@@ -0,0 +1,10 @@
+<?php
+
+namespace App\Exceptions;
+
+use Exception;
+
+class ItemStillHasAssetModels extends ItemStillHasChildren
+{
+    //
+}
@@ -0,0 +1,9 @@
+<?php
+
+namespace App\Exceptions;
+
+use Exception;
+
+class ItemStillHasAssets extends ItemStillHasChildren
+{
+}
@@ -0,0 +1,14 @@
+<?php
+
+namespace App\Exceptions;
+
+use Exception;
+
+class ItemStillHasChildren extends Exception
+{
+    //public function __construct($message, $code = 0, Exception $previous = null, $parent, $children)
+    //{
+    //    trans()
+    //
+    //}
+}
@@ -0,0 +1,10 @@
+<?php
+
+namespace App\Exceptions;
+
+use Exception;
+
+class ItemStillHasComponents extends ItemStillHasChildren
+{
+    //
+}
@@ -0,0 +1,10 @@
+<?php
+
+namespace App\Exceptions;
+
+use Exception;
+
+class ItemStillHasConsumables extends ItemStillHasChildren
+{
+    //
+}
@@ -0,0 +1,10 @@
+<?php
+
+namespace App\Exceptions;
+
+use Exception;
+
+class ItemStillHasLicenses extends ItemStillHasChildren
+{
+    //
+}
@@ -0,0 +1,10 @@
+<?php
+
+namespace App\Exceptions;
+
+use Exception;
+
+class ItemStillHasMaintenances extends ItemStillHasChildren
+{
+    //
+}
@@ -95,7 +95,7 @@ class Helper
        $Parsedown->setSafeMode(true);

        if ($str) {
-            return $Parsedown->text($str);
+            return $Parsedown->text(strip_tags($str));
        }
    }

@@ -105,7 +105,7 @@ class Helper
        $Parsedown->setSafeMode(true);

        if ($str) {
-            return $Parsedown->line($str);
+            return $Parsedown->line(strip_tags($str));
        }
    }

@@ -435,6 +435,34 @@ class Helper
        return $colors[$index];
    }

+    /**
+     * Check if a string has any RTL characters
+     * @param $value
+     * @return bool
+     */
+    public static function hasRtl($string) {
+        $rtlChar = '/[\x{0590}-\x{083F}]|[\x{08A0}-\x{08FF}]|[\x{FB1D}-\x{FDFF}]|[\x{FE70}-\x{FEFF}]/u';
+        return preg_match($rtlChar, $string) != 0;
+    }
+
+    // is chinese, japanese or korean language
+    public static function isCjk($string) {
+        return Helper::isChinese($string) || Helper::isJapanese($string) || Helper::isKorean($string);
+    }
+
+    public static function isChinese($string) {
+        return preg_match("/\p{Han}+/u", $string);
+    }
+
+    public static function isJapanese($string) {
+        return preg_match('/[\x{4E00}-\x{9FBF}\x{3040}-\x{309F}\x{30A0}-\x{30FF}]/u', $string);
+    }
+
+    public static function isKorean($string) {
+        return preg_match('/[\x{3130}-\x{318F}\x{AC00}-\x{D7AF}]/u', $string);
+    }
+
+
    /**
     * Increases or decreases the brightness of a color by a percentage of the current brightness.
     *
@@ -756,7 +784,7 @@ class Helper

        foreach ($consumables as $consumable) {
            $avail = $consumable->numRemaining();
-            if ($avail < ($consumable->min_amt) + $alert_threshold) {
+            if ($avail <= ($consumable->min_amt) + $alert_threshold) {
                if ($consumable->qty > 0) {
                    $percent = number_format((($avail / $consumable->qty) * 100), 0);
                } else {
@@ -775,7 +803,7 @@ class Helper

        foreach ($accessories as $accessory) {
            $avail = $accessory->qty - $accessory->checkouts_count;
-            if ($avail < ($accessory->min_amt) + $alert_threshold) {
+            if ($avail <= ($accessory->min_amt) + $alert_threshold) {
                if ($accessory->qty > 0) {
                    $percent = number_format((($avail / $accessory->qty) * 100), 0);
                } else {
@@ -794,7 +822,7 @@ class Helper

        foreach ($components as $component) {
            $avail = $component->numRemaining();
-            if ($avail < ($component->min_amt) + $alert_threshold) {
+            if ($avail <= ($component->min_amt) + $alert_threshold) {
                if ($component->qty > 0) {
                    $percent = number_format((($avail / $component->qty) * 100), 0);
                } else {
@@ -817,7 +845,7 @@ class Helper
            $total_owned = $asset->where('model_id', '=', $asset_model->id)->count();
            $avail = $asset->where('model_id', '=', $asset_model->id)->whereNull('assigned_to')->count();

-            if ($avail < ($asset_model->min_amt) + $alert_threshold) {
+            if ($avail <= ($asset_model->min_amt) + $alert_threshold) {
                if ($avail > 0) {
                    $percent = number_format((($avail / $total_owned) * 100), 0);
                } else {
@@ -835,7 +863,7 @@ class Helper

        foreach ($licenses as $license){
            $avail = $license->remaincount();
-            if ($avail < ($license->min_amt) + $alert_threshold) {
+            if ($avail <= ($license->min_amt) + $alert_threshold) {
                if ($avail > 0) {
                    $percent = number_format((($avail / $license->min_amt) * 100), 0);
                } else {
@@ -40,6 +40,8 @@ class IconHelper
                return 'fa-solid fa-trash-arrow-up';
            case 'external-link':
                return 'fa fa-external-link';
+            case 'link':
+                return 'fa fa-link';
            case 'email':
                return 'fa-regular fa-envelope';
            case 'phone':
@@ -195,6 +197,10 @@ class IconHelper
            case 'note':
            case 'notes':
                return 'fas fa-sticky-note';
+            case 'tip':
+                return 'fa-solid fa-lightbulb';
+            case 'highlight':
+                return 'fa-solid fa-highlighter';
        }
    }
 }
@@ -182,7 +182,11 @@ class AccessoriesController extends Controller

            $accessory = $request->handleImages($accessory);

-            session()->put(['redirect_option' => $request->get('redirect_option')]);
+            if($request->get('redirect_option') === 'back'){
+                session()->put(['redirect_option' => 'index']);
+            } else {
+                session()->put(['redirect_option' => $request->get('redirect_option')]);
+            }

            if ($accessory->save()) {
                return Helper::getRedirectOption($request, $accessory->id, 'Accessories')
@@ -8,33 +8,23 @@ use App\Events\ItemAccepted;
 use App\Events\ItemDeclined;
 use App\Http\Controllers\Controller;
 use App\Mail\CheckoutAcceptanceResponseMail;
-use App\Models\Actionlog;
-use App\Models\Asset;
 use App\Models\CheckoutAcceptance;
 use App\Models\Company;
 use App\Models\Contracts\Acceptable;
 use App\Models\Setting;
 use App\Models\User;
-use App\Models\AssetModel;
-use App\Models\Accessory;
-use App\Models\License;
-use App\Models\Component;
-use App\Models\Consumable;
-use App\Notifications\AcceptanceAssetAcceptedNotification;
-use App\Notifications\AcceptanceAssetAcceptedToUserNotification;
-use App\Notifications\AcceptanceAssetDeclinedNotification;
+use App\Notifications\AcceptanceItemAcceptedNotification;
+use App\Notifications\AcceptanceItemAcceptedToUserNotification;
+use App\Notifications\AcceptanceItemDeclinedNotification;
 use Exception;
 use Illuminate\Http\Request;
-use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Mail;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Str;
-use App\Http\Controllers\SettingsController;
-use Barryvdh\DomPDF\Facade\Pdf;
-use Carbon\Carbon;
 use \Illuminate\Contracts\View\View;
 use \Illuminate\Http\RedirectResponse;
 use Illuminate\Support\Facades\Log;
+use App\Helpers\Helper;

 class AcceptanceController extends Controller
 {
@@ -85,6 +75,10 @@ class AcceptanceController extends Controller
    public function store(Request $request, $id) : RedirectResponse
    {
        $acceptance = CheckoutAcceptance::find($id);
+        $assigned_user = User::find($acceptance->assigned_to_id);
+        $settings = Setting::getSettings();
+        $sig_filename='';
+

        if (is_null($acceptance)) {
            return redirect()->route('account.accept')->with('error', trans('admin/hardware/message.does_not_exist'));
@@ -107,140 +101,80 @@ class AcceptanceController extends Controller
        }

        /**
-         * Get the signature and save it
+         * Check for the signature directory
         */
        if (! Storage::exists('private_uploads/signatures')) {
            Storage::makeDirectory('private_uploads/signatures', 775);
        }

-
+        /**
+         * Check for the eula-pdfs directory
+         */
+        if (! Storage::exists('private_uploads/eula-pdfs')) {
+            Storage::makeDirectory('private_uploads/eula-pdfs', 775);
+        }

        $item = $acceptance->checkoutable_type::find($acceptance->checkoutable_id);
-        $display_model = '';
-        $pdf_view_route = '';
-        $pdf_filename = 'accepted-eula-'.date('Y-m-d-h-i-s').'.pdf';
-        $sig_filename='';
+
+        // If signatures are required, make sure we have one
+        if (Setting::getSettings()->require_accept_signature == '1') {
+
+            // The item was accepted, check for a signature
+            if ($request->filled('signature_output')) {
+                $sig_filename = 'siglog-' . Str::uuid() . '-' . date('Y-m-d-his') . '.png';
+                $data_uri = $request->input('signature_output');
+                $encoded_image = explode(',', $data_uri);
+                $decoded_image = base64_decode($encoded_image[1]);
+                Storage::put('private_uploads/signatures/' . $sig_filename, (string)$decoded_image);
+
+                // No image data is present, kick them back.
+                // This mostly only applies to users on super-duper crapola browsers *cough* IE *cough*
+            } else {
+                return redirect()->back()->with('error', trans('general.shitty_browser'));
+            }
+        }
+
+
+        // Convert PDF logo to base64 for TCPDF
+        // This is needed for TCPDF to properly embed the image if it's a png and the cache isn't writable
+        $encoded_logo = null;
+        if (($settings->acceptance_pdf_logo) && (Storage::disk('public')->exists($settings->acceptance_pdf_logo))) {
+            $encoded_logo = base64_encode(file_get_contents(public_path() . '/uploads/' . $settings->acceptance_pdf_logo));
+        }
+
+        // Get the data array ready for the notifications and PDF generation
+        $data = [
+            'item_tag' => $item->asset_tag,
+            'item_name' => $item->display_name, // this handles licenses seats, which don't have a 'name' field
+            'item_model' => $item->model?->name,
+            'item_serial' => $item->serial,
+            'item_status' => $item->assetstatus?->name,
+            'eula' => $item->getEula(),
+            'note' => $request->input('note'),
+            'check_out_date' => Helper::getFormattedDateObject($acceptance->created_at, 'datetime', false),
+            'accepted_date' => Helper::getFormattedDateObject(now()->format('Y-m-d H:i:s'), 'datetime', false),
+            'declined_date' => Helper::getFormattedDateObject(now()->format('Y-m-d H:i:s'), 'datetime', false),
+            'assigned_to' => $assigned_user->display_name,
+            'email' => $assigned_user->email,
+            'employee_num' => $assigned_user->employee_num,
+            'site_name' => $settings->site_name,
+            'company_name' => $item->company?->name?? $settings->site_name,
+            'signature' => (($sig_filename && array_key_exists('1', $encoded_image))) ? $encoded_image[1] : null,
+            'logo' => ($encoded_logo) ?? null,
+            'date_settings' => $settings->date_display_format,
+            'qty' => $acceptance->qty ?? 1,
+        ];

        if ($request->input('asset_acceptance') == 'accepted') {

-            /**
-             * Check for the eula-pdfs directory
-             */
-            if (! Storage::exists('private_uploads/eula-pdfs')) {
-                Storage::makeDirectory('private_uploads/eula-pdfs', 775);
-            }

-            if (Setting::getSettings()->require_accept_signature == '1') {
-                
-                // Check if the signature directory exists, if not create it
-                if (!Storage::exists('private_uploads/signatures')) {
-                    Storage::makeDirectory('private_uploads/signatures', 775);
-                }
+            $pdf_filename = 'accepted-'.$acceptance->checkoutable_id.'-'.$acceptance->display_checkoutable_type.'-eula-'.date('Y-m-d-h-i-s').'.pdf';

-                // The item was accepted, check for a signature
-                if ($request->filled('signature_output')) {
-                    $sig_filename = 'siglog-' . Str::uuid() . '-' . date('Y-m-d-his') . '.png';
-                    $data_uri = $request->input('signature_output');
-                    $encoded_image = explode(',', $data_uri);
-                    $decoded_image = base64_decode($encoded_image[1]);
-                    Storage::put('private_uploads/signatures/' . $sig_filename, (string)$decoded_image);
-
-                    // No image data is present, kick them back.
-                    // This mostly only applies to users on super-duper crapola browsers *cough* IE *cough*
-                } else {
-                    return redirect()->back()->with('error', trans('general.shitty_browser'));
-                }
-            }
-
-
-            $assigned_user = User::find($acceptance->assigned_to_id);
-            // this is horrible
-            switch($acceptance->checkoutable_type){
-                case 'App\Models\Asset':
-                        $pdf_view_route ='account.accept.accept-asset-eula';
-                        $asset_model = AssetModel::find($item->model_id);
-                        if (!$asset_model) {
-                            return redirect()->back()->with('error', trans('admin/models/message.does_not_exist'));
-                        }
-                        $display_model = $asset_model->name;
-                break;
-
-                case 'App\Models\Accessory':
-                        $pdf_view_route ='account.accept.accept-accessory-eula';
-                        $accessory = Accessory::find($item->id);
-                        $display_model = $accessory->name;
-                break;
-
-                case 'App\Models\LicenseSeat':
-                        $pdf_view_route ='account.accept.accept-license-eula';
-                        $license = License::find($item->license_id);
-                        $display_model = $license->name;
-                break;
-
-                case 'App\Models\Component':
-                        $pdf_view_route ='account.accept.accept-component-eula';
-                        $component = Component::find($item->id);
-                        $display_model = $component->name;
-                break;
-
-                case 'App\Models\Consumable':
-                        $pdf_view_route ='account.accept.accept-consumable-eula';
-                        $consumable = Consumable::find($item->id);
-                        $display_model = $consumable->name;
-                break;
-            }
-//            if ($acceptance->checkoutable_type == 'App\Models\Asset') {
-//                $pdf_view_route ='account.accept.accept-asset-eula';
-//                $asset_model = AssetModel::find($item->model_id);
-//                $display_model = $asset_model->name;
-//                $assigned_to = User::find($item->assigned_to)->present()->fullName;
-//
-//            } elseif ($acceptance->checkoutable_type== 'App\Models\Accessory') {
-//                $pdf_view_route ='account.accept.accept-accessory-eula';
-//                $accessory = Accessory::find($item->id);
-//                $display_model = $accessory->name;
-//                $assigned_to = User::find($item->assignedTo);
-//
-//            }
-
-            /**
-             * Gather the data for the PDF. We fire this whether there is a signature required or not,
-             * since we want the moment-in-time proof of what the EULA was when they accepted it.
-             */
-            $branding_settings = SettingsController::getPDFBranding();
-
-            $path_logo = "";
-
-            // Check for the PDF logo path and use that, otherwise use the regular logo path
-            if (!is_null($branding_settings->acceptance_pdf_logo)) {
-                $path_logo = public_path() . '/uploads/' . $branding_settings->acceptance_pdf_logo;
-            } elseif (!is_null($branding_settings->logo)) {
-                $path_logo = public_path() . '/uploads/' . $branding_settings->logo;
-            }
-            
-            $data = [
-                'item_tag' => $item->asset_tag,
-                'item_model' => $display_model,
-                'item_serial' => $item->serial,
-                'item_status' => $item->assetstatus?->name,
-                'eula' => $item->getEula(),
-                'note' => $request->input('note'),
-                'check_out_date' => Carbon::parse($acceptance->created_at)->format('Y-m-d'),
-                'accepted_date' => Carbon::parse($acceptance->accepted_at)->format('Y-m-d'),
-                'assigned_to' => $assigned_user->present()->fullName,
-                'company_name' => $branding_settings->site_name,
-                'signature' => ($sig_filename) ? storage_path() . '/private_uploads/signatures/' . $sig_filename : null,
-                'logo' => $path_logo,
-                'date_settings' => $branding_settings->date_display_format,
-                'admin' => auth()->user()->present()?->fullName,
-            ];
-
-            if ($pdf_view_route!='') {
-                Log::debug($pdf_filename.' is the filename, and the route was specified.');
-                $pdf = Pdf::loadView($pdf_view_route, $data);
-                Storage::put('private_uploads/eula-pdfs/' .$pdf_filename, $pdf->output());
-            }
+            // Generate the PDF content
+            $pdf_content = $acceptance->generateAcceptancePdf($data, $acceptance);
+            Storage::put('private_uploads/eula-pdfs/' .$pdf_filename, $pdf_content);

+            // Log the acceptance
            $acceptance->accept($sig_filename, $item->getEula(), $pdf_filename, $request->input('note'));

            // Send the PDF to the signing user
@@ -248,15 +182,14 @@ class AcceptanceController extends Controller

                // Add the attachment for the signing user into the $data array
                $data['file'] = $pdf_filename;
-                $locale = $assigned_user->locale;
                try {
-                    $assigned_user->notify((new AcceptanceAssetAcceptedToUserNotification($data))->locale($locale));
+                    $assigned_user->notify((new AcceptanceItemAcceptedToUserNotification($data))->locale($assigned_user->locale));
                } catch (\Exception $e) {
                    Log::warning($e);
                }
            }
            try {
-                $acceptance->notify((new AcceptanceAssetAcceptedNotification($data))->locale(Setting::getSettings()->locale));
+                $acceptance->notify((new AcceptanceItemAcceptedNotification($data))->locale(Setting::getSettings()->locale));
            } catch (\Exception $e) {
                Log::warning($e);
            }
@@ -264,100 +197,26 @@ class AcceptanceController extends Controller

            $return_msg = trans('admin/users/message.accepted');

+        // Item was declined
        } else {

-            /**
-             * Check for the eula-pdfs directory
-             */
-            if (! Storage::exists('private_uploads/eula-pdfs')) {
-                Storage::makeDirectory('private_uploads/eula-pdfs', 775);
+            for ($i = 0; $i < ($acceptance->qty ?? 1); $i++) {
+                $acceptance->decline($sig_filename, $request->input('note'));
            }

-            if (Setting::getSettings()->require_accept_signature == '1') {
-                
-                // Check if the signature directory exists, if not create it
-                if (!Storage::exists('private_uploads/signatures')) {
-                    Storage::makeDirectory('private_uploads/signatures', 775);
-                }
-
-                // The item was accepted, check for a signature
-                if ($request->filled('signature_output')) {
-                    $sig_filename = 'siglog-' . Str::uuid() . '-' . date('Y-m-d-his') . '.png';
-                    $data_uri = $request->input('signature_output');
-                    $encoded_image = explode(',', $data_uri);
-                    $decoded_image = base64_decode($encoded_image[1]);
-                    Storage::put('private_uploads/signatures/' . $sig_filename, (string)$decoded_image);
-
-                    // No image data is present, kick them back.
-                    // This mostly only applies to users on super-duper crapola browsers *cough* IE *cough*
-                } else {
-                    return redirect()->back()->with('error', trans('general.shitty_browser'));
-                }
-            }
-            
-            // Format the data to send the declined notification
-            $branding_settings = SettingsController::getPDFBranding();
-
-            // This is the most horriblest
-            switch($acceptance->checkoutable_type){
-                case 'App\Models\Asset':
-                    $asset_model = AssetModel::find($item->model_id);
-                    $display_model = $asset_model->name;
-                    $assigned_to = User::find($acceptance->assigned_to_id)->present()->fullName;
-                    break;
-
-                case 'App\Models\Accessory':
-                    $accessory = Accessory::find($item->id);
-                    $display_model = $accessory->name;
-                    $assigned_to = User::find($acceptance->assigned_to_id)->present()->fullName;
-                    break;
-
-                case 'App\Models\LicenseSeat':
-                    $assigned_to = User::find($acceptance->assigned_to_id)->present()->fullName;
-                    break;
-
-                case 'App\Models\Component':
-                    $assigned_to = User::find($acceptance->assigned_to_id)->present()->fullName;
-                    break;
-
-                case 'App\Models\Consumable':
-                    $consumable = Consumable::find($item->id);
-                    $display_model = $consumable->name;
-                    $assigned_to = User::find($acceptance->assigned_to_id)->present()->fullName;
-                    break;
-            }
-
-            $data = [
-                'item_tag' => $item->asset_tag,
-                'item_model' => $display_model,
-                'item_serial' => $item->serial,
-                'item_status' => $item->assetstatus?->name,
-                'note' => $request->input('note'),
-                'declined_date' => Carbon::parse($acceptance->declined_at)->format('Y-m-d'),
-                'signature' => ($sig_filename) ? storage_path() . '/private_uploads/signatures/' . $sig_filename : null,
-                'assigned_to' => $assigned_to,
-                'company_name' => $branding_settings->site_name,
-                'date_settings' => $branding_settings->date_display_format,
-            ];
-
-            if ($pdf_view_route!='') {
-                Log::debug($pdf_filename.' is the filename, and the route was specified.');
-                $pdf = Pdf::loadView($pdf_view_route, $data);
-                Storage::put('private_uploads/eula-pdfs/' .$pdf_filename, $pdf->output());
-            }
-
-            $acceptance->decline($sig_filename, $request->input('note'));
-            $acceptance->notify(new AcceptanceAssetDeclinedNotification($data));
+            $acceptance->notify(new AcceptanceItemDeclinedNotification($data));
            Log::debug('New event acceptance.');
            event(new CheckoutDeclined($acceptance));
            $return_msg = trans('admin/users/message.declined');
        }

+
+        // Send an email notification if one is requested
        if ($acceptance->alert_on_response_id) {
            try {
                $recipient = User::find($acceptance->alert_on_response_id);

-                if ($recipient) {
+                if ($recipient?->email) {
                    Log::debug('Attempting to send email acceptance.');
                    Mail::to($recipient)->send(new CheckoutAcceptanceResponseMail(
                        $acceptance,
@@ -371,9 +230,10 @@ class AcceptanceController extends Controller
                Log::warning($e);
            }
        }
-
        return redirect()->to('account/accept')->with('success', $return_msg);

    }

+
+
 }
@@ -3,11 +3,13 @@
 namespace App\Http\Controllers;

 use App\Helpers\Helper;
+use App\Models\Actionlog;
 use Illuminate\Http\RedirectResponse;
 use Illuminate\Support\Facades\Log;
 use Illuminate\Support\Facades\Storage;
-use \Illuminate\Http\Response;
 use Symfony\Component\HttpFoundation\BinaryFileResponse;
+use \Illuminate\Http\Response;
+
 class ActionlogController extends Controller
 {
    public function displaySig($filename) : RedirectResponse | Response | bool
@@ -39,17 +41,29 @@ class ActionlogController extends Controller

    public function getStoredEula($filename) : Response | BinaryFileResponse | RedirectResponse
    {
-        $this->authorize('view', \App\Models\Asset::class);

-        if (config('filesystems.default') == 's3_private') {
-            return redirect()->away(Storage::disk('s3_private')->temporaryUrl('private_uploads/eula-pdfs/'.$filename, now()->addMinutes(5)));
+        if ($actionlog = Actionlog::where('filename', $filename)->with('user')->with('target')->firstOrFail()) {
+
+            $this->authorize('view', $actionlog->target);
+            $this->authorize('view', $actionlog->user);
+
+
+            if (config('filesystems.default') == 's3_private') {
+                return redirect()->away(Storage::disk('s3_private')->temporaryUrl('private_uploads/eula-pdfs/' . $filename, now()->addMinutes(5)));
+            }
+
+            if (Storage::exists('private_uploads/eula-pdfs/' . $filename)) {
+
+                if (request()->input('inline') == 'true') {
+                    return response()->file(config('app.private_uploads') . '/eula-pdfs/' . $filename);
+                }
+
+                return response()->download(config('app.private_uploads') . '/eula-pdfs/' . $filename);
+            }
+
+            return redirect()->back()->with('error', trans('general.file_does_not_exist'));
        }

-        if (Storage::exists('private_uploads/eula-pdfs/'.$filename)) {
-            return response()->download(config('app.private_uploads').'/eula-pdfs/'.$filename);
-        }
-
-        return redirect()->back()->with('error',  trans('general.file_does_not_exist'));
-
+        return redirect()->back()->with('error', trans('general.record_not_found'));
    }
 }
@@ -54,6 +54,15 @@ class AccessoriesController extends Controller
                'notes',
                'checkouts_count',
                'qty',
+                // These are *relationships* so we wouldn't normally include them in this array,
+                // since they would normally create a `column not found` error,
+                // BUT we account for them in the ordering switch down at the end of this method
+                // DO NOT ADD ANYTHING TO THIS LIST WITHOUT CHECKING THE ORDERING SWITCH BELOW!
+                'company',
+                'location',
+                'category',
+                'supplier',
+                'manufacturer',
            ];


@@ -61,10 +70,23 @@ class AccessoriesController extends Controller
            ->with('category', 'company', 'manufacturer', 'checkouts', 'location', 'supplier', 'adminuser')
            ->withCount('checkouts as checkouts_count');

-        if ($request->filled('search')) {
-            $accessories = $accessories->TextSearch($request->input('search'));
+        $filter = [];
+
+        if ($request->filled('filter')) {
+            $filter = json_decode($request->input('filter'), true);
+            $filter = array_filter($filter, function ($key) use ($allowed_columns) {
+                return in_array($key, $allowed_columns);
+            }, ARRAY_FILTER_USE_KEY);
+
        }

+        if ((! is_null($filter)) && (count($filter)) > 0) {
+            $accessories->ByFilter($filter);
+        } elseif ($request->filled('search')) {
+            $accessories->TextSearch($request->input('search'));
+        }
+
+
        if ($request->filled('company_id')) {
            $accessories->where('accessories.company_id', '=', $request->input('company_id'));
        }
@@ -46,11 +46,20 @@ class AssetModelsController extends Controller
                'manufacturer',
                'requestable',
                'assets_count',
+                'assets_assigned_count',
+                'assets_archived_count',
+                'remaining',
                'category',
                'fieldset',
                'deleted_at',
                'updated_at',
                'require_serial',
+                // These are *relationships* so we wouldn't normally include them in this array,
+                // since they would normally create a `column not found` error,
+                // BUT we account for them in the ordering switch down at the end of this method
+                // DO NOT ADD ANYTHING TO THIS LIST WITHOUT CHECKING THE ORDERING SWITCH BELOW!
+                'manufacturer',
+                'category',
            ];

        $assetmodels = AssetModel::select([
@@ -73,7 +82,28 @@ class AssetModelsController extends Controller
            'models.require_serial'
         ])
            ->with('category', 'depreciation', 'manufacturer', 'fieldset.fields.defaultValues', 'adminuser')
-            ->withCount('assets as assets_count');
+            ->withCount('assets as assets_count')
+            ->withCount('availableAssets as remaining')
+            ->withCount('assignedAssets as assets_assigned_count')
+            ->withCount('archivedAssets as assets_archived_count');
+
+        $filter = [];
+
+        if ($request->filled('filter')) {
+            $filter = json_decode($request->input('filter'), true);
+
+            $filter = array_filter($filter, function ($key) use ($allowed_columns) {
+                return in_array($key, $allowed_columns);
+            }, ARRAY_FILTER_USE_KEY);
+
+        }
+
+        if ((! is_null($filter)) && (count($filter)) > 0) {
+            $assetmodels->ByFilter($filter);
+        } elseif ($request->filled('search')) {
+            $assetmodels->TextSearch($request->input('search'));
+        }
+

        if ($request->input('status')=='deleted') {
            $assetmodels->onlyTrashed();
@@ -3,36 +3,38 @@
 namespace App\Http\Controllers\Api;

 use App\Events\CheckoutableCheckedIn;
-use App\Http\Requests\StoreAssetRequest;
-use App\Http\Requests\UpdateAssetRequest;
-use App\Http\Traits\MigratesLegacyAssetLocations;
-use App\Models\AccessoryCheckout;
-use App\Models\CheckoutAcceptance;
-use App\Models\LicenseSeat;
-use Illuminate\Database\Eloquent\Builder;
-use Illuminate\Http\JsonResponse;
-use Illuminate\Support\Facades\Crypt;
-use Illuminate\Support\Facades\Gate;
 use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Http\Requests\AssetCheckoutRequest;
+use App\Http\Requests\FilterRequest;
+use App\Http\Requests\StoreAssetRequest;
+use App\Http\Requests\UpdateAssetRequest;
+use App\Http\Traits\MigratesLegacyAssetLocations;
 use App\Http\Transformers\AssetsTransformer;
+use App\Http\Transformers\ComponentsTransformer;
 use App\Http\Transformers\LicensesTransformer;
 use App\Http\Transformers\SelectlistTransformer;
+use App\Models\AccessoryCheckout;
 use App\Models\Asset;
 use App\Models\AssetModel;
+use App\Models\CheckoutAcceptance;
 use App\Models\Company;
 use App\Models\CustomField;
 use App\Models\License;
+use App\Models\LicenseSeat;
 use App\Models\Location;
 use App\Models\Setting;
 use App\Models\User;
+use App\View\Label;
 use Carbon\Carbon;
-use Illuminate\Support\Facades\DB;
+use Illuminate\Database\Eloquent\Builder;
+use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Crypt;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Gate;
 use Illuminate\Support\Facades\Log;
 use Illuminate\Support\Facades\Route;
-use App\View\Label;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Facades\Validator;

@@ -55,7 +57,7 @@ class AssetsController extends Controller
     * @param int $assetId
     * @since [v4.0]
     */
-    public function index(Request $request, $action = null, $upcoming_status = null) : JsonResponse | array
+    public function index(FilterRequest $request, $action = null, $upcoming_status = null) : JsonResponse | array
    {


@@ -115,6 +117,22 @@ class AssetsController extends Controller
            'asset_eol_date',
            'requestable',
            'jobtitle',
+            // These are *relationships* so we wouldn't normally include them in this array,
+            // since they would normally create a `column not found` error,
+            // BUT we account for them in the ordering switch down at the end of this method
+            // DO NOT ADD ANYTHING TO THIS LIST WITHOUT CHECKING THE ORDERING SWITCH BELOW!
+            'company',
+            'model',
+            'location',
+            'rtd_location',
+            'category',
+            'status_label',
+            'manufacturer',
+            'supplier',
+            'jobtitle',
+            'assigned_to',
+            'created_by',
+
        ];

        $all_custom_fields = CustomField::all(); //used as a 'cache' of custom fields throughout this page load
@@ -131,6 +149,7 @@ class AssetsController extends Controller
            $filter = array_filter($filter, function ($key) use ($allowed_columns) {
                return in_array($key, $allowed_columns);
            }, ARRAY_FILTER_USE_KEY);
+
        }

        $assets = Asset::select('assets.*')
@@ -165,7 +184,7 @@ class AssetsController extends Controller
        // Search custom fields by column name
        foreach ($all_custom_fields as $field) {
            if ($request->filled($field->db_column_name()) && $field->db_column_name()) {
-                $assets->where($field->db_column_name(), '=', $request->input($field->db_column_name()));
+                $assets->where('assets.'.$field->db_column_name(), '=', $request->input($field->db_column_name()));
            }
        }

@@ -1290,9 +1309,19 @@ class AssetsController extends Controller

    public function assignedAssets(Request $request, Asset $asset) : JsonResponse | array
    {
+        $this->authorize('view', Asset::class);
+        $this->authorize('view', $asset);

-        return [];
-        // to do
+        $query = Asset::where([
+            'assigned_to' => $asset->id,
+            'assigned_type' => Asset::class,
+        ]);
+
+        $total = $query->count();
+
+        $assets = $query->applyOffsetAndLimit($total)->get();
+
+        return (new AssetsTransformer)->transformAssets($assets, $total);
    }

    public function assignedAccessories(Request $request, Asset $asset) : JsonResponse | array
@@ -1312,6 +1341,18 @@ class AssetsController extends Controller
        return (new AssetsTransformer)->transformCheckedoutAccessories($accessory_checkouts, $total);
    }

+    public function assignedComponents(Request $request, Asset $asset): JsonResponse|array
+    {
+        $this->authorize('view', Asset::class);
+        $this->authorize('view', $asset);
+
+        $asset->loadCount('components');
+        $total = $asset->components_count;
+
+        $components = $asset->load(['components' => fn($query) => $query->applyOffsetAndLimit($total)])->components;
+
+        return (new ComponentsTransformer)->transformComponents($components, $total);
+    }

    /**
     * Generate asset labels by tag
@@ -2,6 +2,8 @@

 namespace App\Http\Controllers\Api;

+use App\Actions\Categories\DestroyCategoryAction;
+use App\Exceptions\ItemStillHasChildren;
 use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Http\Transformers\CategoriesTransformer;
@@ -38,7 +40,10 @@ class CategoriesController extends Controller
            'consumables_count',
            'components_count',
            'licenses_count',
+            'created_at',
+            'updated_at',
            'image',
+            'tag_color',
            'notes',
        ];

@@ -53,12 +58,30 @@ class CategoriesController extends Controller
            'require_acceptance',
            'checkin_email',
            'image',
+            'tag_color',
            'notes',
            ])
            ->with('adminuser')
            ->withCount('accessories as accessories_count', 'consumables as consumables_count', 'components as components_count', 'licenses as licenses_count', 'models as models_count');


+        $filter = [];
+
+        if ($request->filled('filter')) {
+            $filter = json_decode($request->input('filter'), true);
+
+            $filter = array_filter($filter, function ($key) use ($allowed_columns) {
+                return in_array($key, $allowed_columns);
+            }, ARRAY_FILTER_USE_KEY);
+
+        }
+
+        if ((! is_null($filter)) && (count($filter)) > 0) {
+            $categories->ByFilter($filter);
+        } elseif ($request->filled('search')) {
+            $categories->TextSearch($request->input('search'));
+        }
+
        /*
         * This checks to see if we should override the Admin Setting to show archived assets in list.
         * We don't currently use it within the Snipe-IT GUI, but will be useful for API integrations where they
@@ -72,10 +95,6 @@ class CategoriesController extends Controller
            $categories = $categories->withCount('showableAssets as assets_count');
        }

-        if ($request->filled('search')) {
-            $categories = $categories->TextSearch($request->input('search'));
-        }
-
        if ($request->filled('name')) {
            $categories->where('name', '=', $request->input('name'));
        }
@@ -209,17 +228,21 @@ class CategoriesController extends Controller
     * @param  int  $id
     * @return \Illuminate\Http\Response
     */
-    public function destroy($id) : JsonResponse
+    public function destroy(Category $category): JsonResponse
    {
        $this->authorize('delete', Category::class);
-        $category = Category::withCount('assets as assets_count', 'accessories as accessories_count', 'consumables as consumables_count', 'components as components_count', 'licenses as licenses_count', 'models as models_count')->findOrFail($id);
-
-        if (! $category->isDeletable()) {
+        try {
+            DestroyCategoryAction::run(category: $category);
+        } catch (ItemStillHasChildren $e) {
            return response()->json(
-                Helper::formatStandardApiResponse('error', null, trans('admin/categories/message.assoc_items', ['asset_type'=>$category->category_type]))
+                Helper::formatStandardApiResponse('error', null, trans('general.bulk_delete_associations.general_assoc_warning', ['asset_type' => $category->category_type]))
+            );
+        } catch (\Exception $e) {
+            report($e);
+            return response()->json(
+                Helper::formatStandardApiResponse('error', null, trans('general.something_went_wrong'))
            );
        }
-        $category->delete();

        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/categories/message.delete.success')));
    }
@@ -38,6 +38,7 @@ class CompaniesController extends Controller
            'accessories_count',
            'consumables_count',
            'components_count',
+            'tag_color',
            'notes',
        ];

@@ -64,6 +65,11 @@ class CompaniesController extends Controller
            $companies->where('created_by', '=', $request->input('created_by'));
        }

+        if ($request->filled('tag_color')) {
+            $companies->where('tag_color', '=', $request->input('tag_color'));
+        }
+
+

        // Make sure the offset and limit are actually integers and do not exceed system limits
        $offset = ($request->input('offset') > $companies->count()) ? $companies->count() : app('api_offset_value');
@@ -191,6 +197,7 @@ class CompaniesController extends Controller
            'companies.name',
            'companies.email',
            'companies.image',
+            'companies.tag_color',
        ]);


@@ -45,16 +45,40 @@ class ComponentsController extends Controller
                'qty',
                'image',
                'notes',
+                // These are *relationships* so we wouldn't normally include them in this array,
+                // since they would normally create a `column not found` error,
+                // BUT we account for them in the ordering switch down at the end of this method
+                // DO NOT ADD ANYTHING TO THIS LIST WITHOUT CHECKING THE ORDERING SWITCH BELOW!
+                'company',
+                'location',
+                'category',
+                'manufacturer',
+                'supplier',
+
            ];

        $components = Component::select('components.*')
-            ->with('company', 'location', 'category', 'assets', 'supplier', 'adminuser', 'manufacturer', 'uncontrainedAssets')
-            ->withSum('uncontrainedAssets', 'components_assets.assigned_qty');
+            ->with('company', 'location', 'category', 'supplier', 'adminuser', 'manufacturer')
+            ->withSum('uncontrainedAssets as sum_unconstrained_assets', 'components_assets.assigned_qty');
+
+        $filter = [];
+
+        if ($request->filled('filter')) {
+            $filter = json_decode($request->input('filter'), true);
+
+            $filter = array_filter($filter, function ($key) use ($allowed_columns) {
+                return in_array($key, $allowed_columns);
+            }, ARRAY_FILTER_USE_KEY);

-        if ($request->filled('search')) {
-            $components = $components->TextSearch($request->input('search'));
        }

+        if ((! is_null($filter)) && (count($filter)) > 0) {
+            $components->ByFilter($filter);
+        } elseif ($request->filled('search')) {
+            $components->TextSearch($request->input('search'));
+        }
+
+
        if ($request->filled('name')) {
            $components->where('name', '=', $request->input('name'));
        }
@@ -88,7 +112,8 @@ class ComponentsController extends Controller
        }

        // Make sure the offset and limit are actually integers and do not exceed system limits
-        $offset = ($request->input('offset') > $components->count()) ? $components->count() : app('api_offset_value');
+        $components_count = $components->count();
+        $offset = ($request->input('offset') > $components_count) ? $components_count : app('api_offset_value');
        $limit = app('api_limit_value');

        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
@@ -119,7 +144,7 @@ class ComponentsController extends Controller
                break;
        }

-        $total = $components->count();
+        $total = $components_count;
        $components = $components->skip($offset)->take($limit)->get();

        return (new ComponentsTransformer)->transformComponents($components, $total);
@@ -31,10 +31,53 @@ class ConsumablesController extends Controller
        $consumables = Consumable::with('company', 'location', 'category', 'supplier', 'manufacturer')
            ->withCount('users as consumables_users_count');

-        if ($request->filled('search')) {
-            $consumables = $consumables->TextSearch(e($request->input('search')));
+        // This array is what determines which fields should be allowed to be sorted on ON the table itself.
+        // These must match a column on the consumables table directly.
+        $allowed_columns = [
+            'id',
+            'name',
+            'order_number',
+            'min_amt',
+            'purchase_date',
+            'purchase_cost',
+            'company',
+            'category',
+            'model_number',
+            'item_no',
+            'manufacturer',
+            'location',
+            'qty',
+            'image',
+            // These are *relationships* so we wouldn't normally include them in this array,
+            // since they would normally create a `column not found` error,
+            // BUT we account for them in the ordering switch down at the end of this method
+            // DO NOT ADD ANYTHING TO THIS LIST WITHOUT CHECKING THE ORDERING SWITCH BELOW!
+            'company',
+            'location',
+            'category',
+            'supplier',
+            'manufacturer',
+        ];
+
+
+        $filter = [];
+
+        if ($request->filled('filter')) {
+            $filter = json_decode($request->input('filter'), true);
+
+            $filter = array_filter($filter, function ($key) use ($allowed_columns) {
+                return in_array($key, $allowed_columns);
+            }, ARRAY_FILTER_USE_KEY);
+
        }

+        if ((! is_null($filter)) && (count($filter)) > 0) {
+            $consumables->ByFilter($filter);
+        } elseif ($request->filled('search')) {
+            $consumables->TextSearch($request->input('search'));
+        }
+
+
        if ($request->filled('name')) {
            $consumables->where('name', '=', $request->input('name'));
        }
@@ -96,25 +139,6 @@ class ConsumablesController extends Controller
                $consumables = $consumables->OrderByCreatedBy($order);
                break;
            default:
-                // This array is what determines which fields should be allowed to be sorted on ON the table itself.
-                // These must match a column on the consumables table directly.
-                $allowed_columns = [
-                    'id',
-                    'name',
-                    'order_number',
-                    'min_amt',
-                    'purchase_date',
-                    'purchase_cost',
-                    'company',
-                    'category',
-                    'model_number',
-                    'item_no',
-                    'manufacturer',
-                    'location',
-                    'qty',
-                    'image'
-                ];
-
                $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
                $consumables = $consumables->orderBy($sort, $order);
                break;
@@ -4,6 +4,7 @@ namespace App\Http\Controllers\Api;

 use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
+use App\Http\Requests\StoreDepartmentRequest;
 use App\Http\Transformers\DepartmentsTransformer;
 use App\Http\Transformers\SelectlistTransformer;
 use App\Models\Department;
@@ -23,21 +24,23 @@ class DepartmentsController extends Controller
    public function index(Request $request) : JsonResponse | array
    {
        $this->authorize('view', Department::class);
-        $allowed_columns = ['id', 'name', 'image', 'users_count', 'notes'];
+        $allowed_columns = ['id', 'name', 'image', 'users_count', 'notes', 'tag_color'];

        $departments = Department::select(
-            'departments.id',
-            'departments.name',
-            'departments.phone',
-            'departments.fax',
-            'departments.location_id',
-            'departments.company_id',
-            'departments.manager_id',
-            'departments.created_at',
-            'departments.updated_at',
-            'departments.image',
-            'departments.notes',
-        )->with('users')->with('location')->with('manager')->with('company')->withCount('users as users_count');
+            [
+                'departments.id',
+                'departments.name',
+                'departments.phone',
+                'departments.fax',
+                'departments.location_id',
+                'departments.company_id',
+                'departments.manager_id',
+                'departments.created_at',
+                'departments.updated_at',
+                'departments.image',
+                'departments.tag_color',
+                'departments.notes'
+            ])->with('location')->with('manager')->with('company')->withCount('users as users_count');

        if ($request->filled('search')) {
            $departments = $departments->TextSearch($request->input('search'));
@@ -59,6 +62,10 @@ class DepartmentsController extends Controller
            $departments->where('location_id', '=', $request->input('location_id'));
        }

+        if ($request->filled('tag_color')) {
+            $departments->where('tag_color', '=', $request->input('departments.tag_color'));
+        }
+
        // Make sure the offset and limit are actually integers and do not exceed system limits
        $offset = ($request->input('offset') > $departments->count()) ? $departments->count() : app('api_offset_value');
        $limit = app('api_limit_value');
@@ -94,18 +101,17 @@ class DepartmentsController extends Controller
     * @since [v4.0]
     * @param  \App\Http\Requests\ImageUploadRequest  $request
     */
-    public function store(ImageUploadRequest $request) : JsonResponse
+    public function store(StoreDepartmentRequest $request): JsonResponse
    {
-        $this->authorize('create', Department::class);
        $department = new Department;
-        $department->fill($request->all());
+        $department->fill($request->validated());
        $department = $request->handleImages($department);

        $department->created_by = auth()->id();
        $department->manager_id = ($request->filled('manager_id') ? $request->input('manager_id') : null);

        if ($department->save()) {
-            return response()->json(Helper::formatStandardApiResponse('success', $department, trans('admin/departments/message.create.success')));
+            return response()->json(Helper::formatStandardApiResponse('success', (new DepartmentsTransformer)->transformDepartment($department), trans('admin/departments/message.create.success')));
        }
        return response()->json(Helper::formatStandardApiResponse('error', null, $department->getErrors()));

@@ -121,7 +127,7 @@ class DepartmentsController extends Controller
    public function show($id) : array
    {
        $this->authorize('view', Department::class);
-        $department = Department::findOrFail($id);
+        $department = Department::withCount('users as users_count')->findOrFail($id);
        return (new DepartmentsTransformer)->transformDepartment($department);
    }

@@ -141,7 +147,7 @@ class DepartmentsController extends Controller
        $department = $request->handleImages($department);

        if ($department->save()) {
-            return response()->json(Helper::formatStandardApiResponse('success', $department, trans('admin/departments/message.update.success')));
+            return response()->json(Helper::formatStandardApiResponse('success', (new DepartmentsTransformer)->transformDepartment($department), trans('admin/departments/message.update.success')));
        }

        return response()->json(Helper::formatStandardApiResponse('error', null, $department->getErrors()));
@@ -185,6 +191,7 @@ class DepartmentsController extends Controller
            'id',
            'name',
            'image',
+            'tag_color',
        ]);

        if ($request->filled('search')) {
@@ -24,7 +24,7 @@ class GroupsController extends Controller

        $this->authorize('view', Group::class);

-        $groups = Group::select('id', 'name', 'permissions', 'notes', 'created_at', 'updated_at', 'created_by')->with('adminuser')->withCount('users as users_count');
+        $groups = Group::select(['id', 'name', 'permissions', 'notes', 'created_at', 'updated_at', 'created_by'])->with('adminuser')->withCount('users as users_count');

        if ($request->filled('search')) {
            $groups = $groups->TextSearch($request->input('search'));
@@ -50,6 +50,7 @@ class GroupsController extends Controller
                    'id',
                    'name',
                    'created_at',
+                    'updated_at',
                    'users_count',
                ];

@@ -15,6 +15,7 @@ use Illuminate\Database\Eloquent\JsonEncodingException;
 use Illuminate\Support\Facades\Request;
 use Illuminate\Support\Facades\Session;
 use Illuminate\Support\Facades\Storage;
+use Illuminate\Support\Str;
 use League\Csv\Reader;
 use Onnov\DetectEncoding\EncodingDetector;
 use Symfony\Component\HttpFoundation\File\Exception\FileException;
@@ -149,7 +150,9 @@ class ImportController extends Controller
                }

                $date = date('Y-m-d-his');
-                $fixed_filename = str_slug($file->getClientOriginalName());
+
+                $fixed_filename = Str::of($file->getClientOriginalName())->basename('.csv').'.csv';
+
                try {
                    $file->move($path, $date.'-'.$fixed_filename);
                } catch (FileException $exception) {
@@ -211,36 +214,47 @@ class ImportController extends Controller
        $redirectTo = 'hardware.index';
        switch ($request->get('import-type')) {
            case 'asset':
+                $model_perms = 'App\Models\Asset';
                $redirectTo = 'hardware.index';
                break;
            case 'assetModel':
+                $model_perms = 'App\Models\AssetModel';
                $redirectTo = 'models.index';
                break;
            case 'accessory':
+                $model_perms = 'App\Models\Accessory';
                $redirectTo = 'accessories.index';
                break;
            case 'consumable':
+                $model_perms = 'App\Models\Consumable';
                $redirectTo = 'consumables.index';
                break;
            case 'component':
+                $model_perms = 'App\Models\Component';
                $redirectTo = 'components.index';
                break;
            case 'license':
+                $model_perms = 'App\Models\License';
                $redirectTo = 'licenses.index';
                break;
            case 'user':
+                $model_perms = 'App\Models\User';
                $redirectTo = 'users.index';
                break;
            case 'location':
+                $model_perms = 'App\Models\Location';
                $redirectTo = 'locations.index';
                break;
            case 'supplier':
+                $model_perms = 'App\Models\Supplier';
                $redirectTo = 'suppliers.index';
                break;
            case 'manufacturer':
+                $model_perms = 'App\Models\Manufacturer';
                $redirectTo = 'manufacturers.index';
                break;
            case 'category':
+                $model_perms = 'App\Models\Category';
                $redirectTo = 'categories.index';
                break;
        }
@@ -251,7 +265,11 @@ class ImportController extends Controller
        //Flash message before the redirect
        Session::flash('success', trans('admin/hardware/message.import.success'));

-        return response()->json(Helper::formatStandardApiResponse('success', null, ['redirect_url' => route($redirectTo)]));
+        if (auth()->user()->can('view', $model_perms)) {
+            return response()->json(Helper::formatStandardApiResponse('success', null, ['redirect_url' => route($redirectTo)]));
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('success', null, ['redirect_url' => route('imports.index')]));
    }

    /**
@@ -261,9 +279,16 @@ class ImportController extends Controller
     */
    public function destroy($import_id) : JsonResponse
    {
-        $this->authorize('create', Asset::class);
+        $this->authorize('import');

        if ($import = Import::find($import_id)) {
+
+
+            if ((auth()->user()->id != $import->created_by) && (!auth()->user()->isSuperUser())) {
+                return response()->json(Helper::formatStandardApiResponse('warning', null, trans('admin/hardware/message.import.file_not_deleted_warning')));
+            }
+
+
            try {
                // Try to delete the file
                Storage::delete('imports/'.$import->file_path);
@@ -280,4 +305,6 @@ class ImportController extends Controller
        }
        return response()->json(Helper::formatStandardApiResponse('warning', null, trans('admin/hardware/message.import.file_not_deleted_warning')));
    }
+
+
 }
@@ -26,11 +26,11 @@ class LicenseSeatsController extends Controller
        if ($license = License::find($licenseId)) {
            $this->authorize('view', $license);

-            $seats = LicenseSeat::with('license', 'user', 'asset', 'user.department')
+            $seats = LicenseSeat::with('license', 'user', 'asset', 'user.department',  'user.company', 'asset.company')
                ->where('license_seats.license_id', $licenseId);

            if ($request->input('status') == 'available') {
-                $seats->whereNull('license_seats.assigned_to');
+                $seats->whereNull('license_seats.assigned_to')->whereNull('license_seats.asset_id');
            }

            if ($request->input('status') == 'assigned') {
@@ -40,8 +40,10 @@ class LicenseSeatsController extends Controller

            $order = $request->input('order') === 'asc' ? 'asc' : 'desc';

-            if ($request->input('sort') == 'department') {
+            if ($request->input('sort') == 'assigned_user.department') {
                $seats->OrderDepartments($order);
+            } elseif ($request->input('sort') == 'assigned_user.company') {
+                    $seats->OrderCompany($order);
            } else {
                $seats->orderBy('updated_at', $order);
            }
@@ -77,17 +79,14 @@ class LicenseSeatsController extends Controller
    {

        $this->authorize('view', License::class);
-        // sanity checks:
-        // 1. does the license seat exist?
-        if (! $licenseSeat = LicenseSeat::find($seatId)) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, 'Seat not found'));
-        }
-        // 2. does the seat belong to the specified license?
-        if (! $license = $licenseSeat->license()->first() || $license->id != intval($licenseId)) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, 'Seat does not belong to the specified license'));
+
+        if ($licenseSeat = LicenseSeat::where('license_id', $licenseId)->find($seatId)) {
+            return (new LicenseSeatsTransformer)->transformLicenseSeat($licenseSeat);
        }

-        return (new LicenseSeatsTransformer)->transformLicenseSeat($licenseSeat);
+        return response()->json(Helper::formatStandardApiResponse('error', null, 'Seat ID or license not found or the seat does not belong to this license'));
+
+
    }

    /**
@@ -120,17 +119,22 @@ class LicenseSeatsController extends Controller

        // check if this update is a checkin operation
        // 1. are relevant fields touched at all?
-        $touched = $licenseSeat->isDirty('assigned_to') || $licenseSeat->isDirty('asset_id');
-        // 2. are they cleared? if yes then this is a checkin operation
-        $is_checkin = ($touched && $licenseSeat->assigned_to === null && $licenseSeat->asset_id === null);
+        $assignmentTouched = $licenseSeat->isDirty('assigned_to') || $licenseSeat->isDirty('asset_id');
+        $anythingTouched = $licenseSeat->isDirty();

-        if (! $touched) {
-            // nothing to update
-            return response()->json(Helper::formatStandardApiResponse('success', $licenseSeat, trans('admin/licenses/message.update.success')));
+        if (! $anythingTouched) {
+            return response()->json(
+                Helper::formatStandardApiResponse('success', $licenseSeat, trans('admin/licenses/message.update.success'))
+            );
        }
-        if( $touched && $licenseSeat->unreassignable_seat) {
+        if( $assignmentTouched && $licenseSeat->unreassignable_seat) {
            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/licenses/message.checkout.unavailable')));
        }
+
+        // 2. are they cleared? if yes then this is a checkin operation
+        $is_checkin = ($assignmentTouched && $licenseSeat->assigned_to === null && $licenseSeat->asset_id === null);
+        $target = null;
+
        // the logging functions expect only one "target". if both asset and user are present in the request,
        // we simply let assets take precedence over users...
        if ($licenseSeat->isDirty('assigned_to')) {
@@ -140,25 +144,23 @@ class LicenseSeatsController extends Controller
            $target = $is_checkin ? $oldAsset : Asset::find($licenseSeat->asset_id);
        }

-        if (is_null($target)){
+        if ($assignmentTouched && is_null($target)){
            return response()->json(Helper::formatStandardApiResponse('error', null, 'Target not found'));
        }

        if ($licenseSeat->save()) {
-
-            if ($is_checkin) {
-                if(!$licenseSeat->license->reassignable){
-                    $licenseSeat->unreassignable_seat = true;
-                    $licenseSeat->save();
+            if($assignmentTouched) {
+                if ($is_checkin) {
+                    if (!$licenseSeat->license->reassignable) {
+                        $licenseSeat->unreassignable_seat = true;
+                        $licenseSeat->save();
+                    }
+                    $licenseSeat->logCheckin($target, $licenseSeat->notes);
+                } else {
+                    // in this case, relevant fields are touched but it's not a checkin operation. so it must be a checkout operation.
+                    $licenseSeat->logCheckout($request->input('notes'), $target);
                }
-                $licenseSeat->logCheckin($target, $licenseSeat->notes);
-
-                return response()->json(Helper::formatStandardApiResponse('success', $licenseSeat, trans('admin/licenses/message.update.success')));
            }
-
-            // in this case, relevant fields are touched but it's not a checkin operation. so it must be a checkout operation.
-            $licenseSeat->logCheckout($request->input('notes'), $target);
-
            return response()->json(Helper::formatStandardApiResponse('success', $licenseSeat, trans('admin/licenses/message.update.success')));
        }

@@ -7,6 +7,7 @@ use App\Http\Controllers\Controller;
 use App\Http\Transformers\LicensesTransformer;
 use App\Http\Transformers\SelectlistTransformer;
 use App\Models\License;
+use App\Models\Setting;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\DB;
 use Illuminate\Http\JsonResponse;
@@ -25,6 +26,15 @@ class LicensesController extends Controller
        $this->authorize('view', License::class);

        $licenses = License::with('company', 'manufacturer', 'supplier','category', 'adminuser')->withCount('freeSeats as free_seats_count');
+        $settings = Setting::getSettings();
+
+        if ($request->input('status')=='inactive') {
+            $licenses->ExpiredLicenses();
+        } elseif ($request->input('status')=='expiring') {
+            $licenses->ExpiringLicenses($settings->alert_interval);
+        } else {
+            $licenses->ActiveLicenses();
+        }

        if ($request->filled('company_id')) {
            $licenses->where('licenses.company_id', '=', $request->input('company_id'));
@@ -94,6 +104,8 @@ class LicensesController extends Controller
            $licenses->onlyTrashed();
        }

+
+
        // Make sure the offset and limit are actually integers and do not exceed system limits
        $offset = ($request->input('offset') > $licenses->count()) ? $licenses->count() : app('api_offset_value');
        $limit = app('api_limit_value');
@@ -37,10 +37,14 @@ class LocationsController extends Controller
            'address',
            'address2',
            'assets_count',
-            'assets_count',
+            'assigned_assets_count',
+            'rtd_assets_count',
+            'accessories_count',
            'assigned_accessories_count',
-            'assigned_assets_count',
-            'assigned_assets_count',
+            'components_count',
+            'consumables_count',
+            'users_count',
+            'children_count',
            'city',
            'country',
            'created_at',
@@ -54,8 +58,8 @@ class LocationsController extends Controller
            'rtd_assets_count',
            'state',
            'updated_at',
-            'users_count',
            'zip',
+            'tag_color',
            'notes',
            ];

@@ -78,9 +82,12 @@ class LocationsController extends Controller
            'locations.ldap_ou',
            'locations.currency',
            'locations.company_id',
+            'locations.tag_color',
+            'locations.tag_color',
            'locations.notes',
+            'locations.created_by',
+            'locations.deleted_at',
        ])
-            ->withCount('assignedAssets as assigned_assets_count')
            ->withCount('assignedAssets as assigned_assets_count')
            ->withCount('assets as assets_count')
            ->withCount('assignedAccessories as assigned_accessories_count')
@@ -88,6 +95,8 @@ class LocationsController extends Controller
            ->withCount('rtd_assets as rtd_assets_count')
            ->withCount('children as children_count')
            ->withCount('users as users_count')
+            ->withCount('consumables as consumables_count')
+            ->withCount('components as components_count')
            ->with('adminuser');

        // Only scope locations if the setting is enabled
@@ -131,6 +140,18 @@ class LocationsController extends Controller
            $locations->where('locations.company_id', '=', $request->input('company_id'));
        }

+        if ($request->filled('parent_id')) {
+            $locations->where('locations.parent_id', '=', $request->input('parent_id'));
+        }
+
+        if ($request->input('status') == 'deleted') {
+            $locations->onlyTrashed();
+        }
+
+        if ($request->filled('tag_color')) {
+            $locations->where('tag_color', '=', $request->input('locations.tag_color'));
+        }
+
        // Make sure the offset and limit are actually integers and do not exceed system limits
        $offset = ($request->input('offset') > $locations->count()) ? $locations->count() : app('api_offset_value');
        $limit = app('api_limit_value');
@@ -221,11 +242,17 @@ class LocationsController extends Controller
                'locations.currency',
                'locations.company_id',
                'locations.notes',
+                'locations.tag_color',
            ])
            ->withCount('assignedAssets as assigned_assets_count')
            ->withCount('assets as assets_count')
+            ->withCount('assignedAccessories as assigned_accessories_count')
+            ->withCount('accessories as accessories_count')
            ->withCount('rtd_assets as rtd_assets_count')
+            ->withCount('children as children_count')
            ->withCount('users as users_count')
+            ->withCount('consumables as consumables_count')
+            ->withCount('components as components_count')
            ->findOrFail($id);

        return (new LocationsTransformer)->transformLocation($location);
@@ -320,11 +347,15 @@ class LocationsController extends Controller
    {
        $this->authorize('delete', Location::class);
        $location = Location::withCount('assignedAssets as assigned_assets_count')
+            ->withCount('assignedAssets as assigned_assets_count')
            ->withCount('assets as assets_count')
+            ->withCount('assignedAccessories as assigned_accessories_count')
+            ->withCount('accessories as accessories_count')
            ->withCount('rtd_assets as rtd_assets_count')
            ->withCount('children as children_count')
            ->withCount('users as users_count')
-            ->withCount('accessories as accessories_count')
+            ->withCount('consumables as consumables_count')
+            ->withCount('components as components_count')
            ->findOrFail($id);

        if (! $location->isDeletable()) {
@@ -379,6 +410,7 @@ class LocationsController extends Controller
            'locations.name',
            'locations.parent_id',
            'locations.image',
+            'locations.tag_color',
        ]);

        // Only scope locations if the setting is enabled
@@ -52,6 +52,10 @@ class MaintenancesController extends Controller
            $maintenances->where('maintenances.created_by', '=', $request->input('created_by'));
        }

+        if ($request->filled('url')) {
+            $maintenances->where('maintenances.url', '=', $request->input('url'));
+        }
+
        if ($request->filled('asset_maintenance_type')) {
            $maintenances->where('asset_maintenance_type', '=', $request->input('asset_maintenance_type'));
        }
@@ -2,6 +2,13 @@

 namespace App\Http\Controllers\Api;

+use App\Actions\Manufacturers\DeleteManufacturerAction;
+use App\Exceptions\ItemStillHasAccessories;
+use App\Exceptions\ItemStillHasAssets;
+use App\Exceptions\ItemStillHasChildren;
+use App\Exceptions\ItemStillHasComponents;
+use App\Exceptions\ItemStillHasConsumables;
+use App\Exceptions\ItemStillHasLicenses;
 use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Http\Transformers\ManufacturersTransformer;
@@ -40,6 +47,7 @@ class ManufacturersController extends Controller
            'consumables_count',
            'components_count',
            'licenses_count',
+            'tag_color',
            'notes',
        ];

@@ -56,6 +64,7 @@ class ManufacturersController extends Controller
                'updated_at',
                'image',
                'deleted_at',
+                'tag_color',
                'notes',
            ])
            ->with('adminuser')
@@ -69,10 +78,16 @@ class ManufacturersController extends Controller
            $manufacturers->onlyTrashed();
        }

+        if ($request->input('status') == 'deleted') {
+            $manufacturers->onlyTrashed();
+        }
+
        if ($request->filled('search')) {
            $manufacturers = $manufacturers->TextSearch($request->input('search'));
        }

+
+
        if ($request->filled('name')) {
            $manufacturers->where('name', '=', $request->input('name'));
        }
@@ -97,6 +112,10 @@ class ManufacturersController extends Controller
            $manufacturers->where('support_email', '=', $request->input('support_email'));
        }

+        if ($request->filled('tag_color')) {
+            $manufacturers->where('tag_color', '=', $request->input('manufacturers.tag_color'));
+        }
+
        // Make sure the offset and limit are actually integers and do not exceed system limits
        $offset = ($request->input('offset') > $manufacturers->count()) ? $manufacturers->count() : app('api_offset_value');
        $limit = app('api_limit_value');
@@ -184,19 +203,19 @@ class ManufacturersController extends Controller
     * @since [v4.0]
     * @param  int  $id
     */
-    public function destroy($id) : JsonResponse
+    public function destroy(Manufacturer $manufacturer): JsonResponse
    {
-        $this->authorize('delete', Manufacturer::class);
-        $manufacturer = Manufacturer::findOrFail($id);
        $this->authorize('delete', $manufacturer);
-
-        if ($manufacturer->isDeletable()) {
-            $manufacturer->delete();
-            return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/manufacturers/message.delete.success')));
+        try {
+            DeleteManufacturerAction::run($manufacturer);
+        } catch (ItemStillHasChildren $e) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.bulk_delete_associations.general_assoc_warning', ['item' => trans('general.manufacturer')])));
+        } catch (\Exception $e) {
+            report($e);
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.something_went_wrong')));
        }

-        return response()->json(Helper::formatStandardApiResponse('error', null,  trans('admin/manufacturers/message.assoc_users')));
-
+        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/manufacturers/message.delete.success')));
    }

    /**
@@ -251,6 +270,7 @@ class ManufacturersController extends Controller
            'id',
            'name',
            'image',
+            'tag_color',
        ]);

        if ($request->filled('search')) {
@@ -14,6 +14,7 @@ use Laravel\Passport\TokenRepository;
 use Illuminate\Contracts\Validation\Factory as ValidationFactory;
 use Illuminate\Support\Facades\Gate;
 use App\Models\CustomField;
+use App\Models\User;
 use Illuminate\Support\Facades\DB;
 use Illuminate\Http\JsonResponse;
 use Symfony\Component\HttpFoundation\BinaryFileResponse;
@@ -179,10 +180,17 @@ class ProfileController extends Controller
     *@since [v8.1.16]
     * @author [Godfrey Martinez] [<gmartinez@grokability.com>]
     */
-    public function eulas(ProfileTransformer $transformer)
+    public function eulas(ProfileTransformer $transformer, Request $request)
    {
-        // Only return this user's EULAs
-        $eulas = auth()->user()->eulas;
+        if($request->filled('user_id') && $request->input('user_id') != 0) {
+            // Return selected user's EULAs
+            $eulas = User::find($request->input('user_id'))->eulas;
+        }
+        else {
+            // Only return this user's EULAs
+            $eulas = auth()->user()->eulas;
+        }
+
        return response()->json(
            $transformer->transformFiles($eulas, $eulas->count())
        );
@@ -2,6 +2,13 @@

 namespace App\Http\Controllers\Api;

+use App\Actions\Suppliers\DestroySupplierAction;
+use App\Exceptions\ItemStillHasAccessories;
+use App\Exceptions\ItemStillHasComponents;
+use App\Exceptions\ItemStillHasConsumables;
+use App\Exceptions\ItemStillHasMaintenances;
+use App\Exceptions\ItemStillHasAssets;
+use App\Exceptions\ItemStillHasLicenses;
 use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Http\Transformers\SelectlistTransformer;
@@ -43,12 +50,13 @@ class SuppliersController extends Controller
            'accessories_count',
            'components_count',
            'consumables_count',
+            'tag_color',
            'url',
            'notes',
        ];
        
        $suppliers = Supplier::select(
-                ['id', 'name', 'address', 'address2', 'city', 'state', 'country', 'fax', 'phone', 'email', 'contact', 'created_at', 'created_by', 'updated_at', 'deleted_at', 'image', 'notes', 'url', 'zip'])
+                ['id', 'name', 'address', 'address2', 'city', 'state', 'country', 'fax', 'phone', 'email', 'contact', 'created_at', 'created_by', 'updated_at', 'deleted_at', 'image', 'notes', 'url', 'zip', 'tag_color'])
                    ->withCount('assets as assets_count')
                    ->withCount('licenses as licenses_count')
                    ->withCount('accessories as accessories_count')
@@ -191,27 +199,40 @@ class SuppliersController extends Controller
     * @since [v4.0]
     * @param  int  $id
     */
-    public function destroy($id) : JsonResponse
+    public function destroy(Supplier $supplier): JsonResponse
    {
-        $this->authorize('delete', Supplier::class);
-        $supplier = Supplier::with('maintenances', 'assets', 'licenses')->withCount('maintenances as maintenances_count', 'assets as assets_count', 'licenses as licenses_count')->findOrFail($id);
        $this->authorize('delete', $supplier);
-
-
-        if ($supplier->assets_count > 0) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/suppliers/message.delete.assoc_assets', ['asset_count' => (int) $supplier->assets_count])));
+        try {
+            DestroySupplierAction::run(supplier: $supplier);
+        } catch (ItemStillHasAssets $e) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.bulk_delete_associations.assoc_assets', [
+                'asset_count' => (int) $supplier->assets_count, 'item' => trans('general.supplier')
+            ])));
+        } catch (ItemStillHasMaintenances $e) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.bulk_delete_associations.assoc_maintenances', [
+                'asset_maintenances_count' => $supplier->asset_maintenances_count, 'item' => trans('general.supplier')
+            ])));
+        } catch (ItemStillHasLicenses $e) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.bulk_delete_associations.assoc_licenses', [
+                'licenses_count' => (int) $supplier->licenses_count, 'item' => trans('general.supplier')
+            ])));
+        } catch (ItemStillHasAccessories $e) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.bulk_delete_associations.assoc_accessories', [
+                'accessories_count' => (int) $supplier->accessories_count, 'item' => trans('general.supplier')
+            ])));
+        } catch (ItemStillHasConsumables $e) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.bulk_delete_associations.assoc_consumables', [
+                'consumables_count' => (int) $supplier->consumables_count, 'item' => trans('general.supplier')
+            ])));
+        } catch (ItemStillHasComponents $e) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.bulk_delete_associations.assoc_components', [
+                'components_count' => (int) $supplier->components_count, 'item' => trans('general.supplier')
+            ])));
+        } catch (\Exception $e) {
+            report($e);
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('general.something_went_wrong')));
        }

-        if ($supplier->maintenances_count > 0) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/suppliers/message.delete.assoc_maintenances', ['maintenances_count' => $supplier->maintenances_count])));
-        }
-
-        if ($supplier->licenses_count > 0) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/suppliers/message.delete.assoc_licenses', ['licenses_count' => (int) $supplier->licenses_count])));
-        }
-
-        $supplier->delete();
-
        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/suppliers/message.delete.success')));
    }

@@ -231,6 +252,7 @@ class SuppliersController extends Controller
            'id',
            'name',
            'image',
+            'tag_color',
        ]);

        if ($request->filled('search')) {
@@ -193,8 +193,12 @@ class UploadedFilesController extends Controller


        // Check for the file
-        $log = Actionlog::find($file_id)->where('item_type', self::$map_object_type[$object_type])
-            ->where('item_id', $object->id)->first();
+        $log = Actionlog::query()
+            ->where('id', $file_id)
+            ->where('action_type', 'uploaded')
+            ->where('item_type', self::$map_object_type[$object_type])
+            ->where('item_id', $object->id)
+            ->first();

        if ($log) {
            // Check the file actually exists, and delete it
@@ -213,4 +217,4 @@ class UploadedFilesController extends Controller
        return response()->json(Helper::formatStandardApiResponse('error', null, trans_choice('general.file_upload_status.delete.error', 1)), 500);

    }
-}
+}
@@ -31,6 +31,7 @@ use Illuminate\Support\Facades\Validator;
 use Illuminate\Support\Facades\Log;
 use App\Http\Requests\DeleteUserRequest;
 use Illuminate\Http\JsonResponse;
+use App\Http\Requests\FilterRequest;

 class UsersController extends Controller
 {
@@ -42,7 +43,7 @@ class UsersController extends Controller
     *
     * @return array
     */
-    public function index(Request $request) : array
+    public function index(FilterRequest $request) : array
    {
        $this->authorize('view', User::class);

@@ -103,9 +104,80 @@ class UsersController extends Controller
                'managedLocations as manages_locations_count'
            ]);

+        $allowed_columns =
+            [
+                'last_name',
+                'first_name',
+                'display_name',
+                'email',
+                'jobtitle',
+                'username',
+                'employee_num',
+                'groups',
+                'activated',
+                'created_at',
+                'updated_at',
+                'two_factor_enrolled',
+                'two_factor_optin',
+                'last_login',
+                'assets_count',
+                'licenses_count',
+                'consumables_count',
+                'accessories_count',
+                'manages_users_count',
+                'manages_locations_count',
+                'phone',
+                'mobile',
+                'address',
+                'city',
+                'state',
+                'country',
+                'zip',
+                'id',
+                'ldap_import',
+                'two_factor_optin',
+                'two_factor_enrolled',
+                'remote',
+                'vip',
+                'start_date',
+                'end_date',
+                'autoassign_licenses',
+                'website',
+                'locale',
+                'notes',
+                'employee_num',

-        if ($request->filled('search') != '') {
-            $users = $users->TextSearch($request->input('search'));
+                // These are *relationships* so we wouldn't normally include them in this array,
+                // since they would normally create a `column not found` error,
+                // BUT we account for them in the ordering switch down at the end of this method
+                // DO NOT ADD ANYTHING TO THIS LIST WITHOUT CHECKING THE ORDERING SWITCH BELOW!
+                'company',
+                'location',
+                'department',
+                'manager',
+                'created_by',
+
+            ];
+
+        $filter = [];
+
+        if ($request->filled('filter')) {
+            $filter = json_decode($request->input('filter'), true);
+
+            if (is_null($filter)) {
+                $filter = [];
+            }
+
+            $filter = array_filter($filter, function ($key) use ($allowed_columns) {
+                return in_array($key, $allowed_columns);
+            }, ARRAY_FILTER_USE_KEY);
+
+        }
+
+        if ((! is_null($filter)) && (count($filter)) > 0) {
+            $users->ByFilter($filter);
+        } elseif ($request->filled('search')) {
+            $users->TextSearch($request->input('search'));
        }

        if ($request->filled('activated')) {
@@ -286,49 +358,6 @@ class UsersController extends Controller
                $users->orderBy('first_name', $order);
                break;
            default:
-                $allowed_columns =
-                    [
-                        'last_name',
-                        'first_name',
-                        'display_name',
-                        'email',
-                        'jobtitle',
-                        'username',
-                        'employee_num',
-                        'groups',
-                        'activated',
-                        'created_at',
-                        'updated_at',
-                        'two_factor_enrolled',
-                        'two_factor_optin',
-                        'last_login',
-                        'assets_count',
-                        'licenses_count',
-                        'consumables_count',
-                        'accessories_count',
-                        'manages_users_count',
-                        'manages_locations_count',
-                        'phone',
-                        'mobile',
-                        'address',
-                        'city',
-                        'state',
-                        'country',
-                        'zip',
-                        'id',
-                        'ldap_import',
-                        'two_factor_optin',
-                        'two_factor_enrolled',
-                        'remote',
-                        'vip',
-                        'start_date',
-                        'end_date',
-                        'autoassign_licenses',
-                        'website',
-                        'locale',
-                        'notes',
-                    ];
-
                $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'first_name';
                $users = $users->orderBy($sort, $order);
                break;
@@ -493,93 +522,99 @@ class UsersController extends Controller
    {
        $this->authorize('update', User::class);

-            $this->authorize('update', $user);
+        $this->authorize('update', $user);

-            /**
-             * This is a janky hack to prevent people from changing admin demo user data on the public demo.
-             * The $ids 1 and 2 are special since they are seeded as superadmins in the demo seeder.
-             *  Thanks, jerks. You are why we can't have nice things. - snipe
-             *
-             */
+        /**
+         * This is a janky hack to prevent people from changing admin demo user data on the public demo.
+         * The $ids 1 and 2 are special since they are seeded as superadmins in the demo seeder.
+         *  Thanks, jerks. You are why we can't have nice things. - snipe
+         *
+         */

        if ((($user->id == 1) || ($user->id == 2)) && (config('app.lock_passwords'))) {
-                return response()->json(Helper::formatStandardApiResponse('error', null, 'Permission denied. You cannot update user information via API on the demo.'));
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'Permission denied. You cannot update user information via API on the demo.'));
+        }
+
+        // Pull out sensitive fields that require extra permission
+        $user->fill($request->except(['password', 'username', 'email', 'activated', 'permissions', 'activation_code', 'remember_token', 'two_factor_secret', 'two_factor_enrolled', 'two_factor_optin']));
+
+
+        if (auth()->user()->can('canEditAuthFields', $user) && auth()->user()->can('editableOnDemo')) {
+
+            if ($request->filled('password')) {
+                $user->password = bcrypt($request->input('password'));
            }

-            $user->fill($request->all());
-
-            if ($request->filled('company_id')) {
-                $user->company_id = Company::getIdForCurrentUser($request->input('company_id'));
+            if ($request->filled('username')) {
+                $user->username = $request->input('username');
            }

-            if ($user->id == $request->input('manager_id')) {
-                return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot be your own manager'));
+            if ($request->filled('email')) {
+                $user->email = $request->input('email');
            }

-            // check for permissions related fields and pull them out if the current user cannot edit them
-            if (auth()->user()->can('canEditAuthFields', $user) && auth()->user()->can('editableOnDemo')) {
-
-                if ($request->filled('password')) {
-                    $user->password = bcrypt($request->input('password'));
-                }
-
-                if ($request->filled('username')) {
-                    $user->username = $request->input('username');
-                }
-
-                if ($request->filled('display_name')) {
-                    $user->display_name = $request->input('display_name');
-                }
-
-                if ($request->filled('email')) {
-                    $user->email = $request->input('email');
-                }
-
-                if ($request->filled('activated')) {
-                    $user->activated = $request->input('activated');
-                }
-
+            if ($request->filled('activated')) {
+                $user->activated = $request->input('activated');
            }

-            // We need to use has()  instead of filled()
-            // here because we need to overwrite permissions
-            // if someone needs to null them out
-            if ($request->has('permissions')) {
-                $permissions_array = $request->input('permissions');
+        }

-                // Strip out the individual superuser permission if the API user isn't a superadmin
-                if (!auth()->user()->isSuperUser()) {
-                    unset($permissions_array['superuser']);
+        // We need to use has()  instead of filled()
+        // here because we need to overwrite permissions
+        // if someone needs to null them out
+
+        if ($request->filled('display_name')) {
+            $user->display_name = $request->input('display_name');
+        }
+
+        if ($request->filled('company_id')) {
+            $user->company_id = Company::getIdForCurrentUser($request->input('company_id'));
+        }
+
+        if ($user->id == $request->input('manager_id')) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'You cannot be your own manager'));
+        }
+
+
+        
+        if ($request->has('permissions')) {
+            $permissions_array = $request->input('permissions');
+
+            // Strip out the individual superuser permission if the API user isn't a superadmin
+            if (!auth()->user()->isSuperUser()) {
+                unset($permissions_array['superuser']);
+            }
+
+            $user->permissions = $permissions_array;
+        }
+
+        if ($request->has('location_id')) {
+            // Update the location of any assets checked out to this user
+            Asset::where('assigned_type', User::class)
+                ->where('assigned_to', $user->id)->update(['location_id' => $request->input('location_id', null)]);
+        }
+
+
+        app('App\Http\Requests\ImageUploadRequest')->handleImages($user, 600, 'avatar', 'avatars', 'avatar');
+
+        if ($user->save()) {
+            // Check if the request has groups passed and has a value, AND that the user us a superuser
+            if (($request->has('groups')) && (auth()->user()->isSuperUser())) {
+
+                $validator = Validator::make($request->only('groups'), [
+                    'groups.*' => 'integer|exists:permission_groups,id',
+                ]);
+
+                if ($validator->fails()) {
+                    return response()->json(Helper::formatStandardApiResponse('error', null, $validator->errors()));
                }

-                $user->permissions = $permissions_array;
+                // Sync the groups since the user is a superuser and the groups pass validation
+                $user->groups()->sync($request->input('groups'));
            }
-
-            if($request->has('location_id')) {
-                // Update the location of any assets checked out to this user
-                Asset::where('assigned_type', User::class)
-                    ->where('assigned_to', $user->id)->update(['location_id' => $request->input('location_id', null)]);
-            }
-            app('App\Http\Requests\ImageUploadRequest')->handleImages($user, 600, 'avatar', 'avatars', 'avatar');
-
-            if ($user->save()) {
-                // Check if the request has groups passed and has a value, AND that the user us a superuser
-                if (($request->has('groups')) && (auth()->user()->isSuperUser())) {
-
-                    $validator = Validator::make($request->only('groups'), [
-                        'groups.*' => 'integer|exists:permission_groups,id',
-                    ]);
-
-                    if ($validator->fails()) {
-                        return response()->json(Helper::formatStandardApiResponse('error', null, $validator->errors()));
-                    }
-
-                    // Sync the groups since the user is a superuser and the groups pass validation
-                    $user->groups()->sync($request->input('groups'));
-                }
-                return response()->json(Helper::formatStandardApiResponse('success', (new UsersTransformer)->transformUser($user), trans('admin/users/message.success.update')));
-            }
-            return response()->json(Helper::formatStandardApiResponse('error', null, $user->getErrors()));
+            return response()->json(Helper::formatStandardApiResponse('success', (new UsersTransformer)->transformUser($user), trans('admin/users/message.success.update')));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, $user->getErrors()));
    }

    /**
@@ -6,6 +6,7 @@ use App\Events\CheckoutableCheckedIn;
 use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Http\Requests\ImageUploadRequest;
+use App\Http\Requests\CreateMultipleAssetRequest;
 use App\Http\Requests\UpdateAssetRequest;
 use App\Models\Actionlog;
 use App\Http\Requests\UploadFileRequest;
@@ -98,7 +99,7 @@ class AssetsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
     */
-    public function store(ImageUploadRequest $request) : RedirectResponse
+    public function store(CreateMultipleAssetRequest $request): RedirectResponse
    {
        $this->authorize(Asset::class);

@@ -135,122 +136,136 @@ class AssetsController extends Controller
        $successes = [];
        $failures = [];

-        for ($a = 1, $aMax = count($asset_tags); $a <= $aMax; $a++) {
-            $asset = new Asset();
+        try {
+            DB::beginTransaction();
+            for ($a = 1, $aMax = count($asset_tags); $a <= $aMax; $a++) {
+                $asset = new Asset();

-            $asset->model()->associate($model);
-            $asset->name = $request->input('name');
+                $asset->model()->associate($model);
+                $asset->name = $request->input('name');

-            // Check for a corresponding serial
-            if (($serials) && (array_key_exists($a, $serials))) {
-                $asset->serial = $serials[$a];
-            }
-
-            if (($asset_tags) && (array_key_exists($a, $asset_tags))) {
-                $asset->asset_tag = $asset_tags[$a];
-            }
-
-            $asset->company_id              = $companyId;
-            $asset->model_id                = $request->input('model_id');
-            $asset->order_number            = $request->input('order_number');
-            $asset->notes                   = $request->input('notes');
-            $asset->created_by              = auth()->id();
-            $asset->status_id               = request('status_id');
-            $asset->warranty_months         = request('warranty_months', null);
-            $asset->purchase_cost           = request('purchase_cost');
-            $asset->purchase_date           = request('purchase_date', null);
-            $asset->asset_eol_date          = request('asset_eol_date', null);
-            $asset->assigned_to             = request('assigned_to', null);
-            $asset->supplier_id             = request('supplier_id', null);
-            $asset->requestable             = request('requestable', 0);
-            $asset->rtd_location_id         = request('rtd_location_id', null);
-            $asset->byod                    = request('byod', 0);
-
-            if (! empty($settings->audit_interval)) {
-                $asset->next_audit_date = Carbon::now()->addMonths((int) $settings->audit_interval)->toDateString();
-            }
-
-            // Set location_id to rtd_location_id ONLY if the asset isn't being checked out
-            if (!request('assigned_user') && !request('assigned_asset') && !request('assigned_location')) {
-                $asset->location_id = $request->input('rtd_location_id', null);
-            }
-
-            if ($request->has('use_cloned_image')) {
-                $cloned_model_img = Asset::select('image')->find($request->input('clone_image_from_id'));
-                if ($cloned_model_img) {
-                    $new_image_name = 'clone-'.date('U').'-'.$cloned_model_img->image;
-                    $new_image = 'assets/'.$new_image_name;
-                    Storage::disk('public')->copy('assets/'.$cloned_model_img->image, $new_image);
-                    $asset->image = $new_image_name;
+                // Check for a corresponding serial
+                if (($serials) && (array_key_exists($a, $serials))) {
+                    $asset->serial = $serials[$a];
                }

-            } else {
-                $asset = $request->handleImages($asset);
-            }
+                if (($asset_tags) && (array_key_exists($a, $asset_tags))) {
+                    $asset->asset_tag = $asset_tags[$a];
+                }

-            // Update custom fields in the database.
-            // Validation for these fields is handled through the AssetRequest form request
+                $asset->company_id = $companyId;
+                $asset->model_id = $request->input('model_id');
+                $asset->order_number = $request->input('order_number');
+                $asset->notes = $request->input('notes');
+                $asset->created_by = auth()->id();
+                $asset->status_id = request('status_id');
+                $asset->warranty_months = request('warranty_months', null);
+                $asset->purchase_cost = request('purchase_cost');
+                $asset->purchase_date = request('purchase_date', null);
+                $asset->asset_eol_date = request('asset_eol_date', null);
+                $asset->assigned_to = request('assigned_to', null);
+                $asset->supplier_id = request('supplier_id', null);
+                $asset->requestable = request('requestable', 0);
+                $asset->rtd_location_id = request('rtd_location_id', null);
+                $asset->byod = request('byod', 0);

-            if (($model) && ($model->fieldset)) {
-                foreach ($model->fieldset->fields as $field) {
-                    if ($field->field_encrypted == '1') {
-                        if (Gate::allows('assets.view.encrypted_custom_fields')) {
+                if (!empty($settings->audit_interval)) {
+                    $asset->next_audit_date = Carbon::now()->addMonths((int)$settings->audit_interval)->toDateString();
+                }
+
+                // Set location_id to rtd_location_id ONLY if the asset isn't being checked out
+                if (!request('assigned_user') && !request('assigned_asset') && !request('assigned_location')) {
+                    $asset->location_id = $request->input('rtd_location_id', null);
+                }
+
+                if ($request->has('use_cloned_image')) {
+                    $cloned_model_img = Asset::select('image')->find($request->input('clone_image_from_id'));
+                    if ($cloned_model_img) {
+                        $new_image_name = 'clone-' . date('U') . '-' . $cloned_model_img->image;
+                        $new_image = 'assets/' . $new_image_name;
+                        Storage::disk('public')->copy('assets/' . $cloned_model_img->image, $new_image);
+                        $asset->image = $new_image_name;
+                    }
+
+                } else {
+                    $asset = $request->handleImages($asset);
+                }
+
+                // Update custom fields in the database.
+                // Validation for these fields is handled through the AssetRequest form request
+
+                if (($model) && ($model->fieldset)) {
+                    foreach ($model->fieldset->fields as $field) {
+                        if ($field->field_encrypted == '1') {
+                            if (Gate::allows('assets.view.encrypted_custom_fields')) {
+                                if (is_array($request->input($field->db_column))) {
+                                    $asset->{$field->db_column} = Crypt::encrypt(implode(', ', $request->input($field->db_column)));
+                                } else {
+                                    $asset->{$field->db_column} = Crypt::encrypt($request->input($field->db_column));
+                                }
+                            }
+                        } else {
                            if (is_array($request->input($field->db_column))) {
-                                $asset->{$field->db_column} = Crypt::encrypt(implode(', ', $request->input($field->db_column)));
+                                $asset->{$field->db_column} = implode(', ', $request->input($field->db_column));
                            } else {
-                                $asset->{$field->db_column} = Crypt::encrypt($request->input($field->db_column));
+                                $asset->{$field->db_column} = $request->input($field->db_column);
                            }
                        }
-                    } else {
-                        if (is_array($request->input($field->db_column))) {
-                            $asset->{$field->db_column} = implode(', ', $request->input($field->db_column));
-                        } else {
-                            $asset->{$field->db_column} = $request->input($field->db_column);
+                    }
+                }
+
+                // Validate the asset before saving
+                // Note - it can be tempting to instead want to call saveOrFail(), to automatically throw when an object
+                // is invalid (and can't save). But this won't work, because Custom Fields _overrides_ the save() method
+                // to inject the Custom Field Rules into the $rules property right before invoking the _real_ save.
+                // so, instead, we have to catch failures on the 'else' clause and throw there.
+                if ($asset->isValid() && $asset->save()) {
+                    $target = null;
+                    $location = null;
+
+                    if ($userId = request('assigned_user')) {
+                        $target = User::find($userId);
+
+                        if (!$target) {
+                            return redirect()->back()->withInput()->with('error', trans('admin/hardware/message.create.target_not_found.user'));
                        }
+                        $location = $target->location_id;
+
+                    } elseif ($assetId = request('assigned_asset')) {
+                        $target = Asset::find($assetId);
+
+                        if (!$target) {
+                            return redirect()->back()->withInput()->with('error', trans('admin/hardware/message.create.target_not_found.asset'));
+                        }
+                        $location = $target->location_id;
+
+                    } elseif ($locationId = request('assigned_location')) {
+                        $target = Location::find($locationId);
+
+                        if (!$target) {
+                            return redirect()->back()->withInput()->with('error', trans('admin/hardware/message.create.target_not_found.location'));
+                        }
+                        $location = $target->id;
                    }
+
+                    if (isset($target)) {
+                        $asset->checkOut($target, auth()->user(), date('Y-m-d H:i:s'), $request->input('expected_checkin', null), 'Checked out on asset creation', $request->get('name'), $location);
+                    }
+
+                    $successes[] = "<a href='" . route('hardware.show', $asset) . "' style='color: white;'>" . e($asset->asset_tag) . "</a>";
+
+                } else {
+                    $asset->throwValidationException(); // we have to do this for the reason listed above - can't use saveOrFail()
+                    $failures[] = join(",", $asset->getErrors()->all()); //TODO - this can probably go away soon
                }
            }
-
-            // Validate the asset before saving
-            if ($asset->isValid() && $asset->save()) {
-                $target = null;
-                $location = null;
-
-                if ($userId = request('assigned_user')) {
-                    $target = User::find($userId);
-
-                    if (!$target) {
-                        return redirect()->back()->withInput()->with('error', trans('admin/hardware/message.create.target_not_found.user'));
-                    }
-                    $location = $target->location_id;
-
-                } elseif ($assetId = request('assigned_asset')) {
-                    $target = Asset::find($assetId);
-
-                    if (!$target) {
-                        return redirect()->back()->withInput()->with('error', trans('admin/hardware/message.create.target_not_found.asset'));
-                    }
-                    $location = $target->location_id;
-
-                } elseif ($locationId = request('assigned_location')) {
-                    $target = Location::find($locationId);
-
-                    if (!$target) {
-                        return redirect()->back()->withInput()->with('error', trans('admin/hardware/message.create.target_not_found.location'));
-                    }
-                    $location = $target->id;
-                }
-
-                if (isset($target)) {
-                    $asset->checkOut($target, auth()->user(), date('Y-m-d H:i:s'), $request->input('expected_checkin', null), 'Checked out on asset creation', $request->get('name'), $location);
-                }
-
-                $successes[] = "<a href='" . route('hardware.show', $asset) . "' style='color: white;'>" . e($asset->asset_tag) . "</a>";
-
-            } else {
-                $failures[] = join(",", $asset->getErrors()->all());
-            }
+        } catch (\Throwable $e) {
+            \Log::debug("Caught exception in multi-create - rolling back: " . $e->getMessage());
+            DB::rollBack();
+            throw $e;
        }
+        DB::commit();
+
        if($request->get('redirect_option') === 'back'){
            session()->put(['redirect_option' => 'index']);
        } else {
@@ -363,7 +378,7 @@ class AssetsController extends Controller
        $asset->purchase_cost = $request->input('purchase_cost', null);
        $asset->purchase_date = $request->input('purchase_date', null);
        $asset->next_audit_date = $request->input('next_audit_date', null);
-        if ($request->filled('purchase_date') && !$request->filled('asset_eol_date') && ($asset->model->eol > 0)) {
+        if ($request->filled('purchase_date') && !$request->filled('asset_eol_date') && ($asset->model?->eol > 0)) {
            $asset->purchase_date = $request->input('purchase_date', null); 
            $asset->asset_eol_date = Carbon::parse($request->input('purchase_date'))->addMonths($asset->model->eol)->format('Y-m-d');
            $asset->eol_explicit = false;
@@ -379,7 +394,7 @@ class AssetsController extends Controller
           } else {
               $asset->eol_explicit = true;
           }
-        } elseif (!$request->filled('asset_eol_date') && (($asset->model->eol) == 0)) {
+        } elseif (!$request->filled('asset_eol_date') && (($asset->model?->eol) == 0)) {
           $asset->asset_eol_date = null;
 		   $asset->eol_explicit = false;
        }
@@ -398,6 +413,7 @@ class AssetsController extends Controller
            $asset->assigned_to = null;
            $asset->assigned_type = null;
            $asset->accepted = null;
+            $asset->last_checkin = now();
            event(new CheckoutableCheckedIn($asset, $target, auth()->user(), 'Checkin on asset update with '.$status->getStatuslabelType().' status', date('Y-m-d H:i:s'), $originalValues));
        }

@@ -163,7 +163,7 @@ class BulkAssetsController extends Controller
        $modelNames = [];

        foreach($models as $model) {
-            $modelNames[] = $model->model->name;
+            $modelNames[] = $model->model?->name;
        }

        if ($request->filled('bulk_actions')) {
@@ -240,10 +240,6 @@ class BulkAssetsController extends Controller
            $custom_fields_to_null[str_replace('null', '', $key)] = $value;
        }

-
-
-
-
     
        if (! $request->filled('ids') || count($request->input('ids')) == 0) {
            return redirect($bulk_back_url)->with('error', trans('admin/hardware/message.update.no_assets_selected'));
@@ -274,6 +270,7 @@ class BulkAssetsController extends Controller
            || ($request->filled('company_id'))
            || ($request->filled('status_id'))
            || ($request->filled('model_id'))
+            || ($request->filled('notes'))
            || ($request->filled('next_audit_date'))
            || ($request->filled('asset_eol_date'))
            || ($request->filled('null_name'))
@@ -470,7 +467,7 @@ class BulkAssetsController extends Controller
                 */

                // Does the model have a fieldset?
-                if ($asset->model->fieldset) {
+                if ($asset->model?->fieldset) {
                    foreach ($asset->model->fieldset->fields as $field) {

                        // null custom fields
@@ -621,9 +618,25 @@ class BulkAssetsController extends Controller
    {
        $this->authorize('checkout', Asset::class);

+        $alreadyAssigned = collect();
+
+        if (old('selected_assets') && is_array(old('selected_assets'))) {
+            $assets = Asset::findMany(old('selected_assets'));
+
+            [$assignable, $alreadyAssigned] = $assets->partition(function (Asset $asset) {
+                return !$asset->assigned_to;
+            });
+
+            session()->flashInput(['selected_assets' => $assignable->pluck('id')->values()->toArray()]);
+        }
+
        $do_not_change = ['' => trans('general.do_not_change')];
        $status_label_list = $do_not_change + Helper::deployableStatusLabelList();
-        return view('hardware/bulk-checkout')->with('statusLabel_list', $status_label_list);
+
+        return view('hardware/bulk-checkout', [
+            'statusLabel_list' => $status_label_list,
+            'removed_assets' => $alreadyAssigned,
+        ]);
    }

    /**
@@ -647,6 +660,30 @@ class BulkAssetsController extends Controller

            $assets = Asset::findOrFail($asset_ids);

+            // Prevent checking out assets that are already checked out
+            if ($assets->pluck('assigned_to')->unique()->filter()->isNotEmpty()) {
+                // re-add the asset ids so the assets select is re-populated
+                $request->session()->flashInput(['selected_assets' => $asset_ids]);
+
+                return redirect(route('hardware.bulkcheckout.show'))
+                    ->with('error', trans('general.error_assets_already_checked_out'));
+            }
+
+            // Prevent checking out assets across companies if FMCS enabled
+            if (Setting::getSettings()->full_multiple_companies_support && $target->company_id) {
+                $company_ids = $assets->pluck('company_id')->unique();
+
+                // if there is more than one unique company id or the singular company id does not match
+                // then the checkout is invalid
+                if ($company_ids->count() > 1 || $company_ids->first() != $target->company_id) {
+                    // re-add the asset ids so the assets select is re-populated
+                    $request->session()->flashInput(['selected_assets' => $asset_ids]);
+
+                    return redirect(route('hardware.bulkcheckout.show'))
+                        ->with('error', trans('general.error_user_company_multiple'));
+                }
+            }
+
            if (request('checkout_to_type') == 'asset') {
                foreach ($asset_ids as $asset_id) {
                    if ($target->id == $asset_id) {
@@ -0,0 +1,59 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Actions\Categories\DestroyCategoryAction;
+use App\Exceptions\ItemStillHasAccessories;
+use App\Exceptions\ItemStillHasAssetModels;
+use App\Exceptions\ItemStillHasAssets;
+use App\Exceptions\ItemStillHasComponents;
+use App\Exceptions\ItemStillHasConsumables;
+use App\Exceptions\ItemStillHasLicenses;
+use App\Models\Category;
+use Illuminate\Http\Request;
+
+class BulkCategoriesController extends Controller
+{
+    public function destroy(Request $request)
+    {
+        $this->authorize('delete', Category::class);
+
+        $errors = [];
+        $success_count = 0;
+
+        foreach ($request->ids as $id) {
+            $category = Category::find($id);
+            if (is_null($category)) {
+                $errors[] = trans('admin/categories/message.does_not_exist');
+                continue;
+            }
+            try {
+                DestroyCategoryAction::run(category: $category);
+                $success_count++;
+            } catch (ItemStillHasAccessories $e) {
+                $errors[] = trans('general.bulk_delete_associations.assoc_assets_no_count', ['item_name' => $category->name, 'item' => trans('general.category')]);
+            } catch (ItemStillHasAssetModels) {
+                $errors[] = trans('general.bulk_delete_associations.assoc_asset_models_no_count', ['item_name' => $category->name, 'item' => trans('general.category')]);
+            } catch (ItemStillHasAssets) {
+                $errors[] = trans('general.bulk_delete_associations.assoc_assets_no_count', ['item_name' => $category->name, 'item' => trans('general.category')]);
+            } catch (ItemStillHasComponents) {
+                $errors[] = trans('general.bulk_delete_associations.assoc_components_no_count', ['item_name' => $category->name, 'item' => trans('general.category')]);
+            } catch (ItemStillHasConsumables) {
+                $errors[] = trans('general.bulk_delete_associations.assoc_consumables_no_count', ['item_name' => $category->name, 'item' => trans('general.category')]);
+            } catch (ItemStillHasLicenses) {
+                $errors[] = trans('general.bulk_delete_associations.assoc_licenses_no_count', ['item_name' => $category->name, 'item' => trans('general.category')]);;
+            } catch (\Exception $e) {
+                report($e);
+                $errors[] = trans('general.something_went_wrong');
+            }
+        }
+        if (count($errors) > 0) {
+            if ($success_count > 0) {
+                return redirect()->route('categories.index')->with('success', trans_choice('admin/categories/message.delete.partial_success', $success_count, ['count' => $success_count]))->with('multi_error_messages', $errors);
+            }
+            return redirect()->route('categories.index')->with('multi_error_messages', $errors);
+        } else {
+            return redirect()->route('categories.index')->with('success', trans('admin/categories/message.delete.bulk_success'));
+        }
+    }
+}
@@ -0,0 +1,57 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Actions\Manufacturers\DeleteManufacturerAction;
+use App\Exceptions\ItemStillHasAccessories;
+use App\Exceptions\ItemStillHasAssetModels;
+use App\Exceptions\ItemStillHasAssets;
+use App\Exceptions\ItemStillHasChildren;
+use App\Exceptions\ItemStillHasComponents;
+use App\Exceptions\ItemStillHasConsumables;
+use App\Exceptions\ItemStillHasLicenses;
+use App\Models\Manufacturer;
+use Illuminate\Http\Request;
+
+class BulkManufacturersController extends Controller
+{
+    public function destroy(Request $request)
+    {
+        $this->authorize('delete', Manufacturer::class);
+
+        $errors = [];
+        $success_count = 0;
+        foreach ($request->ids as $id) {
+            $manufacturer = Manufacturer::find($id);
+            if (is_null($manufacturer)) {
+                $errors[] = trans('admin/manufacturers/message.does_not_exist');
+                continue;
+            }
+            try {
+                DeleteManufacturerAction::run(manufacturer: $manufacturer);
+                $success_count++;
+            } catch (ItemStillHasAssets $e) {
+                $errors[] = trans('general.bulk_delete_associations.assoc_assets_no_count', ['item_name' => $manufacturer->name, 'item' => trans('general.manufacturer')]);
+            } catch (ItemStillHasAccessories $e) {
+                $errors[] = trans('general.bulk_delete_associations.assoc_accessories_no_count', ['item_name' => $manufacturer->name, 'item' => trans('general.manufacturer')]);
+            } catch (ItemStillHasConsumables $e) {
+                $errors[] = trans('general.bulk_delete_associations.assoc_consumables_no_count', ['item_name' => $manufacturer->name, 'item' => trans('general.manufacturer')]);
+            } catch (ItemStillHasComponents $e) {
+                $errors[] = trans('general.bulk_delete_associations.assoc_components_no_count', ['item_name' => $manufacturer->name, 'item' => trans('general.manufacturer')]);
+            } catch (ItemStillHasLicenses $e) {
+                $errors[] = trans('general.bulk_delete_associations.assoc_licenses_no_count', ['item_name' => $manufacturer->name, 'item' => trans('general.manufacturer')]);;
+            } catch (\Exception $e) {
+                report($e);
+                $errors[] = trans('general.something_went_wrong');
+            }
+        }
+        if (count($errors) > 0) {
+            if ($success_count > 0) {
+                return redirect()->route('manufacturers.index')->with('success', trans_choice('admin/manufacturers/message.delete.partial_success', $success_count, ['count' => $success_count]))->with('multi_error_messages', $errors);
+            }
+            return redirect()->route('manufacturers.index')->with('multi_error_messages', $errors);
+        } else {
+            return redirect()->route('manufacturers.index')->with('success', trans('admin/manufacturers/message.delete.bulk_success'));
+        }
+    }
+}
@@ -0,0 +1,58 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Actions\Suppliers\DestroySupplierAction;
+use App\Exceptions\ItemStillHasAccessories;
+use App\Exceptions\ItemStillHasComponents;
+use App\Exceptions\ItemStillHasConsumables;
+use App\Exceptions\ItemStillHasMaintenances;
+use App\Exceptions\ItemStillHasAssets;
+use App\Exceptions\ItemStillHasLicenses;
+use App\Models\Supplier;
+use Illuminate\Http\Request;
+
+class BulkSuppliersController extends Controller
+{
+    public function destroy(Request $request)
+    {
+        $this->authorize('delete', Supplier::class);
+
+        $errors = [];
+        $success_count = 0;
+
+        foreach ($request->ids as $id) {
+            $supplier = Supplier::find($id);
+            if (is_null($supplier)) {
+                $errors[] = trans('admin/suppliers/message.delete.not_found');
+                continue;
+            }
+            try {
+                DestroySupplierAction::run(supplier: $supplier);
+            } catch (ItemStillHasAssets $e) {
+                $errors[] = trans('general.bulk_delete_associations.assoc_assets', ['asset_count' => (int) $supplier->assets_count, 'item' => trans('general.supplier'), 'item_name' => $supplier->name]);
+            } catch (ItemStillHasMaintenances $e) {
+                $errors[] = trans('general.bulk_delete_associations.assoc_maintenances', ['asset_maintenances_count' => $supplier->asset_maintenances_count, 'item' => trans('general.supplier'), 'item_name' => $supplier->name]);
+            } catch (ItemStillHasLicenses $e) {
+                $errors[] = trans('general.bulk_delete_associations.assoc_licenses', ['licenses_count' => (int) $supplier->licenses_count, 'item' => trans('general.supplier'), 'item_name' => $supplier->name]);
+            } catch (ItemStillHasAccessories $e) {
+                $errors[] = trans('general.bulk_delete_associations.assoc_accessories', ['accessories_count' => (int) $supplier->accessories_count, 'item' => trans('general.supplier'), 'item_name' => $supplier->name]);
+            } catch (ItemStillHasConsumables $e) {
+                $errors[] = trans('general.bulk_delete_associations.assoc_consumables', ['consumables_count' => (int) $supplier->consumables_count, 'item' => trans('general.supplier'), 'item_name' => $supplier->name]);
+            } catch (ItemStillHasComponents $e) {
+                $errors[] = trans('general.bulk_delete_associations.assoc_components', ['components_count' => (int) $supplier->components_count, 'item' => trans('general.supplier'), 'item_name' => $supplier->name]);
+            } catch (\Exception $e) {
+                report($e);
+                $errors[] = trans('general.something_went_wrong');
+            }
+        }
+        if (count($errors) > 0) {
+            if ($success_count > 0) {
+                return redirect()->route('suppliers.index')->with('success', trans_choice('admin/suppliers/message.delete.partial_success', $success_count, ['count' => $success_count]))->with('multi_error_messages', $errors);
+            }
+            return redirect()->route('suppliers.index')->with('multi_error_messages', $errors);
+        } else {
+            return redirect()->route('suppliers.index')->with('success', trans('admin/suppliers/message.delete.bulk_success'));
+        }
+    }
+}
@@ -2,6 +2,14 @@

 namespace App\Http\Controllers;

+use App\Actions\Categories\DestroyCategoryAction;
+use App\Exceptions\ItemStillHasAccessories;
+use App\Exceptions\ItemStillHasAssetModels;
+use App\Exceptions\ItemStillHasAssets;
+use App\Exceptions\ItemStillHasChildren;
+use App\Exceptions\ItemStillHasComponents;
+use App\Exceptions\ItemStillHasConsumables;
+use App\Exceptions\ItemStillHasLicenses;
 use App\Helpers\Helper;
 use App\Http\Requests\ImageUploadRequest;
 use App\Models\Category;
@@ -70,6 +78,7 @@ class CategoriesController extends Controller
        $category->require_acceptance = $request->input('require_acceptance', '0');
        $category->alert_on_response = $request->input('alert_on_response', '0');
        $category->checkin_email = $request->input('checkin_email', '0');
+        $category->tag_color  = $request->input('tag_color');
        $category->notes = $request->input('notes');
        $category->created_by = auth()->id();

@@ -124,6 +133,7 @@ class CategoriesController extends Controller
        $category->require_acceptance = $request->input('require_acceptance', '0');
        $category->alert_on_response = $request->input('alert_on_response', '0');
        $category->checkin_email = $request->input('checkin_email', '0');
+        $category->tag_color  = $request->input('tag_color');
        $category->notes = $request->input('notes');

        $category = $request->handleImages($category);
@@ -143,20 +153,18 @@ class CategoriesController extends Controller
     * @since [v1.0]
     * @param int $categoryId
     */
-    public function destroy($categoryId) : RedirectResponse
+    public function destroy(Category $category): RedirectResponse
    {
        $this->authorize('delete', Category::class);
-        // Check if the category exists
-        if (is_null($category = Category::withCount('assets as assets_count', 'accessories as accessories_count', 'consumables as consumables_count', 'components as components_count', 'licenses as licenses_count', 'models as models_count')->findOrFail($categoryId))) {
-            return redirect()->route('categories.index')->with('error', trans('admin/categories/message.not_found'));
+        try {
+            DestroyCategoryAction::run($category);
+        } catch (ItemStillHasChildren $e) {
+            return redirect()->route('categories.index')->with('error', trans('general.bulk_delete_associations.general_assoc_warning', ['item' => trans('general.category')]));
+        } catch (\Exception $e) {
+            report($e);
+            return redirect()->route('categories.index')->with('error', trans('admin/categories/message.delete.error'));
        }

-        if (! $category->isDeletable()) {
-            return redirect()->route('categories.index')->with('error', trans('admin/categories/message.assoc_items', ['asset_type'=> $category->category_type]));
-        }
-
-        Storage::disk('public')->delete('categories'.'/'.$category->image);
-        $category->delete();
        return redirect()->route('categories.index')->with('success', trans('admin/categories/message.delete.success'));
    }

@@ -60,6 +60,7 @@ final class CompaniesController extends Controller
        $company->phone = $request->input('phone');
        $company->fax = $request->input('fax');
        $company->email = $request->input('email');
+        $company->tag_color = $request->input('tag_color');
        $company->notes = $request->input('notes');
        $company->created_by = auth()->id();

@@ -102,6 +103,7 @@ final class CompaniesController extends Controller
        $company->phone = $request->input('phone');
        $company->fax = $request->input('fax');
        $company->email = $request->input('email');
+        $company->tag_color = $request->input('tag_color');
        $company->notes = $request->input('notes');

        $company = $request->handleImages($company);
@@ -102,13 +102,15 @@ class ComponentCheckoutController extends Controller
            return redirect()->route('components.checkout.show', $componentId)->with('error', trans('general.error_user_company'));
        }

+        $component->checkout_qty = $request->input('assigned_qty');
+
        // Update the component data
        $component->asset_id = $request->input('asset_id');
        $component->assets()->attach($component->id, [
            'component_id' => $component->id,
            'created_by' => auth()->user()->id,
            'created_at' => date('Y-m-d H:i:s'),
-            'assigned_qty' => $request->input('assigned_qty'),
+            'assigned_qty' => $component->checkout_qty,
            'asset_id' => $request->input('asset_id'),
            'note' => $request->input('note'),
        ]);
@@ -30,6 +30,7 @@ use App\Models\Consumable;
 use App\Models\License;
 use App\Models\Location;
 use App\Models\Maintenance;
+use App\Models\Supplier;
 use App\Models\User;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
@@ -45,12 +46,14 @@ abstract class Controller extends BaseController
        'accessories' => Accessory::class,
        'maintenances' => Maintenance::class,
        'assets' => Asset::class,
+        'audits' => Asset::class,
        'components' => Component::class,
        'consumables' => Consumable::class,
        'hardware' => Asset::class,
        'licenses' => License::class,
        'locations' => Location::class,
        'models' => AssetModel::class,
+        'suppliers' => Supplier::class,
        'users' => User::class,
    ];

@@ -58,12 +61,14 @@ abstract class Controller extends BaseController
        'accessories' => 'private_uploads/accessories/',
        'maintenances' => 'private_uploads/maintenances/',
        'assets' => 'private_uploads/assets/',
+        'audits' => 'private_uploads/audits/',
        'components' => 'private_uploads/components/',
        'consumables' => 'private_uploads/consumables/',
        'hardware' => 'private_uploads/assets/',
        'licenses' => 'private_uploads/licenses/',
        'locations' => 'private_uploads/locations/',
        'models' => 'private_uploads/models/',
+        'suppliers' => 'private_uploads/suppliers/',
        'users' => 'private_uploads/users/',
    ];

@@ -71,12 +76,14 @@ abstract class Controller extends BaseController
        'accessories' => 'accessory',
        'maintenances' => 'maintenance',
        'assets' => 'asset',
+        'audits' => 'audits',
        'components' => 'component',
        'consumables' => 'consumable',
        'hardware' => 'asset',
        'licenses' => 'license',
        'locations' => 'location',
        'models' => 'model',
+        'suppliers' => 'supplier',
        'users' => 'user',
    ];

@@ -55,6 +55,7 @@ class DepartmentsController extends Controller
        $department->manager_id = ($request->filled('manager_id') ? $request->input('manager_id') : null);
        $department->location_id = ($request->filled('location_id') ? $request->input('location_id') : null);
        $department->company_id = ($request->filled('company_id') ? $request->input('company_id') : null);
+        $department->tag_color  = $request->input('tag_color');
        $department->notes = $request->input('notes');
        $department = $request->handleImages($department);

@@ -157,6 +158,7 @@ class DepartmentsController extends Controller
        $department->company_id = ($request->filled('company_id') ? $request->input('company_id') : null);
        $department->phone = $request->input('phone');
        $department->fax = $request->input('fax');
+        $department->tag_color  = $request->input('tag_color');
        $department->notes = $request->input('notes');
        $department = $request->handleImages($department);

@@ -7,6 +7,7 @@ use App\Models\Group;
 use Illuminate\Http\Request;
 use Illuminate\Http\RedirectResponse;
 use \Illuminate\Contracts\View\View;
+use \App\Models\User;

 /**
 * This controller handles all actions related to User Groups for
@@ -43,9 +44,20 @@ class GroupsController extends Controller
        $permissions = config('permissions');
        $groupPermissions = Helper::selectedPermissionsArray($permissions, $permissions);
        $selectedPermissions = $request->old('permissions', $groupPermissions);
+        $users_query = User::where('show_in_list', 1)->whereNull('deleted_at');
+        $users_count = $users_query->count();
+
+        $users = collect();
+        if ($users_count <= config('app.max_unpaginated_records')) {
+            $users = $users_query->orderBy('first_name', 'asc')->orderBy('last_name', 'asc')->get();
+        }

        // Show the page
-        return view('groups/edit', compact('permissions', 'selectedPermissions', 'groupPermissions'))->with('group', $group);
+        return view('groups/edit', compact('permissions', 'selectedPermissions', 'groupPermissions'))
+            ->with('group', $group)
+            ->with('associated_users', [])
+            ->with('unselected_users', $users)
+            ->with('all_users_count', $users_count);
    }

    /**
@@ -60,11 +72,23 @@ class GroupsController extends Controller
        // create a new group instance
        $group = new Group();
        $group->name = $request->input('name');
+
+        if ($request->filled('permission')) {
+            $group->permissions = json_encode($request->array('permission'));
+        } else {
+            $group->permissions = null;
+        }
+
        $group->permissions = json_encode($request->input('permission'));
        $group->created_by = auth()->id();
        $group->notes = $request->input('notes');

        if ($group->save()) {
+
+            if ($request->filled('users_to_sync')) {
+                $associated_users = explode(',',$request->input('users_to_sync'));
+                $group->users()->sync($associated_users);
+            }
            return redirect()->route('groups.index')->with('success', trans('admin/groups/message.success.create'));
        }

@@ -87,8 +111,26 @@ class GroupsController extends Controller
        if ((!is_array($groupPermissions)) || (!$groupPermissions)) {
            $groupPermissions = [];
        }
+
        $selected_array = Helper::selectedPermissionsArray($permissions, $groupPermissions);
-        return view('groups.edit', compact('group', 'permissions', 'selected_array', 'groupPermissions'));
+
+
+        $users_query = User::where('show_in_list', 1)->whereNull('deleted_at');
+        $users_count = $users_query->count();
+
+        $associated_users = collect();
+        $unselected_users = collect();
+
+        if ($users_count <= config('app.max_unpaginated_records')) {
+            $associated_users = $group->users()->where('show_in_list', 1)->orderBy('first_name', 'asc')->orderBy('last_name', 'asc')->get();
+            // Get the unselected users
+            $unselected_users = User::where('show_in_list', 1)->whereNotIn('id', $associated_users->pluck('id')->toArray())->orderBy('first_name', 'asc')->orderBy('last_name', 'asc')->get();
+        }
+
+        return view('groups.edit', compact('group', 'permissions', 'selected_array', 'groupPermissions'))
+            ->with('associated_users', $associated_users)
+            ->with('unselected_users', $unselected_users)
+            ->with('all_users_count', $users_count);
    }

    /**
@@ -102,11 +144,24 @@ class GroupsController extends Controller
    public function update(Request $request, Group $group) : RedirectResponse
    {
        $group->name = $request->input('name');
-        $group->permissions = json_encode($request->input('permission'));
+
+        if ($request->filled('permission')) {
+            $group->permissions = json_encode($request->array('permission'));
+        } else {
+            $group->permissions = null;
+        }
+
        $group->notes = $request->input('notes');

+
        if (! config('app.lock_passwords')) {
            if ($group->save()) {
+
+                if ($request->has('users_to_sync')) {
+                    $associated_users = explode(',',$request->input('users_to_sync'));
+                    $group->users()->sync($associated_users);
+                }
+
                return redirect()->route('groups.index')->with('success', trans('admin/groups/message.success.update'));
            }

@@ -25,7 +25,7 @@ class LicenseCheckoutController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
     * @param $id
-     * @return \Illuminate\Contracts\View\View
+     * @return \Illuminate\Contracts\View\View |\Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function create(License $license)
@@ -39,6 +39,11 @@ class LicenseCheckoutController extends Controller
                return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.checkout.not_enough_seats'));
            }

+            // Make sure the license is expired or terminated
+            if ($license->isInactive()) {
+                return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.checkout.license_is_inactive'));
+            }
+
            // We don't currently allow checking out licenses to locations, so we'll reset that to user if needed
            if (session()->get('checkout_to_type') == 'location') {
                session()->put(['checkout_to_type' => 'user']);
@@ -70,8 +75,19 @@ class LicenseCheckoutController extends Controller
            return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.not_found'));
        }

+
        $this->authorize('checkout', $license);

+        // Make sure there is at least one available to checkout
+        if ($license->availCount()->count() < 1) {
+            return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.checkout.not_enough_seats'));
+        }
+
+        // Make sure the license is expired or terminated
+        if ($license->isInactive()) {
+            return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.checkout.license_is_inactive'));
+        }
+
        $licenseSeat = $this->findLicenseSeatToCheckout($license, $seatId);
        $licenseSeat->created_by = auth()->id();
        $licenseSeat->notes = $request->input('notes');
@@ -114,6 +130,7 @@ class LicenseCheckoutController extends Controller
            throw new \Illuminate\Http\Exceptions\HttpResponseException(redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.checkout.not_enough_seats')));
        }

+
        if (! $licenseSeat->license->is($license)) {
            throw new \Illuminate\Http\Exceptions\HttpResponseException(redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.checkout.mismatch')));
        }
@@ -256,6 +256,9 @@ class LicensesController extends Controller
        else {
            $checkedout_seats_count = ($total_seats_count - $available_seats_count);
        }
+        if($license->isInactive()){
+            session()->flash('warning', (trans('admin/licenses/message.checkout.license_is_inactive')));
+        }

        $this->authorize('view', $license);
        return view('licenses.view', compact('license'))
@@ -82,6 +82,7 @@ class LocationsController extends Controller
        $location->created_by = auth()->id();
        $location->phone = request('phone');
        $location->fax = request('fax');
+        $location->tag_color  = $request->input('tag_color');
        $location->notes = $request->input('notes');
        $location->company_id = Company::getIdForCurrentUser($request->input('company_id'));

@@ -156,6 +157,7 @@ class LocationsController extends Controller
        $location->fax = request('fax');
        $location->ldap_ou = $request->input('ldap_ou');
        $location->manager_id = $request->input('manager_id');
+        $location->tag_color  = $request->input('tag_color');
        $location->notes = $request->input('notes');

        // Only scope the location if the setting is enabled
@@ -189,30 +191,36 @@ class LocationsController extends Controller
    {
        $this->authorize('delete', Location::class);

-        if (is_null($location = Location::find($locationId))) {
+        $location = Location::withCount('assignedAssets as assigned_assets_count')
+        ->withCount('assets as assets_count')
+        ->withCount('assignedAccessories as assigned_accessories_count')
+        ->withCount('accessories as accessories_count')
+        ->withCount('rtd_assets as rtd_assets_count')
+        ->withCount('children as children_count')
+        ->withCount('users as users_count')
+        ->withCount('consumables as consumables_count')
+        ->withCount('components as components_count')
+        ->find($locationId);
+
+        if (!$location) {
            return redirect()->to(route('locations.index'))->with('error', trans('admin/locations/message.does_not_exist'));
        }

-        if ($location->users()->count() > 0) {
-            return redirect()->to(route('locations.index'))->with('error', trans('admin/locations/message.assoc_users'));
-        } elseif ($location->children()->count() > 0) {
-            return redirect()->to(route('locations.index'))->with('error', trans('admin/locations/message.assoc_child_loc'));
-        } elseif ($location->assets()->count() > 0) {
-            return redirect()->to(route('locations.index'))->with('error', trans('admin/locations/message.assoc_assets'));
-        } elseif ($location->assignedassets()->count() > 0) {
-            return redirect()->to(route('locations.index'))->with('error', trans('admin/locations/message.assoc_assets'));
-        }
+        if ($location->isDeletable()) {

-        if ($location->image) {
-            try {
-                Storage::disk('public')->delete('locations/'.$location->image);
-            } catch (\Exception $e) {
-                Log::error($e);
+            if ($location->image) {
+                try {
+                    Storage::disk('public')->delete('locations/'.$location->image);
+                } catch (\Exception $e) {
+                    Log::error($e);
+                }
            }
+            $location->delete();
+            return redirect()->to(route('locations.index'))->with('success', trans('admin/locations/message.delete.success'));
+        } else {
+            return redirect()->to(route('locations.index'))->with('error', trans('admin/locations/message.assoc_users'));
        }
-        $location->delete();

-        return redirect()->to(route('locations.index'))->with('success', trans('admin/locations/message.delete.success'));
    }

    /**
@@ -247,23 +255,41 @@ class LocationsController extends Controller
        $this->authorize('view', Location::class);

        if ($location = Location::where('id', $id)->first()) {
-            $parent = Location::where('id', $location->parent_id)->first();
-            $manager = User::where('id', $location->manager_id)->first();
-            $company = Company::where('id', $location->company_id)->first();
-            $users = User::where('location_id', $id)->with('company', 'department', 'location')->get();
-            $assets = Asset::where('assigned_to', $id)->where('assigned_type', Location::class)->with('model', 'model.category')->get();
            return view('locations/print')
-                ->with('assets', $assets)
-                ->with('users',$users)
+                ->with('assigned', false)
+                ->with('assets', $location->assets)
+                ->with('assignedAssets', $location->assignedAssets)
+                ->with('accessories', $location->accessories)
+                ->with('assignedAccessories', $location->assignedAccessories)
+                ->with('users',$location->users)
                ->with('location', $location)
-                ->with('parent', $parent)
-                ->with('manager', $manager)
-                ->with('company', $company);
+                ->with('consumables', $location->consumables)
+                ->with('components', $location->components)
+                ->with('children', $location->children);
        }

        return redirect()->route('locations.index')->with('error', trans('admin/locations/message.does_not_exist'));
    }

+    public function print_all_assigned($id) : View | RedirectResponse
+    {
+        $this->authorize('view', Location::class);
+        if ($location = Location::where('id', $id)->first()) {
+            return view('locations/print')
+                ->with('assigned', true)
+                ->with('assets', $location->assets)
+                ->with('assignedAssets', $location->assignedAssets)
+                ->with('accessories', $location->accessories)
+                ->with('assignedAccessories', $location->assignedAccessories)
+                ->with('users',$location->users)
+                ->with('location', $location)
+                ->with('consumables', $location->consumables)
+                ->with('components', $location->components)
+                ->with('children', $location->children);
+        }
+        return redirect()->route('locations.index')->with('error', trans('admin/locations/message.does_not_exist'));
+    }
+

    /**
     * Returns a view that presents a form to clone a location.
@@ -321,33 +347,12 @@ class LocationsController extends Controller
                return redirect()->route('locations.index')->with('success', trans('admin/locations/message.restore.success'));
            }

-            // Check validation
            return redirect()->back()->with('error', trans('general.could_not_restore', ['item_type' => trans('general.location'), 'error' => $location->getErrors()->first()]));
        }

        return redirect()->back()->with('error', trans('admin/models/message.does_not_exist'));

    }
-    public function print_all_assigned($id) : View | RedirectResponse
-    {
-        $this->authorize('view', Location::class);
-        if ($location = Location::where('id', $id)->first()) {
-            $parent = Location::where('id', $location->parent_id)->first();
-            $manager = User::where('id', $location->manager_id)->first();
-            $company = Company::where('id', $location->company_id)->first();
-            $users = User::where('location_id', $id)->with('company', 'department', 'location')->get();
-            $assets = Asset::where('location_id', $id)->with('model', 'model.category')->get();
-            return view('locations/print')
-                ->with('assets', $assets)
-                ->with('users',$users)
-                ->with('location', $location)
-                ->with('parent', $parent)
-                ->with('manager', $manager)
-                ->with('company', $company);
-        }
-        return redirect()->route('locations.index')->with('error', trans('admin/locations/message.does_not_exist'));
-    }
-

    /**
     * Returns a view that allows the user to bulk delete locations
@@ -366,8 +371,12 @@ class LocationsController extends Controller
            $locations = Location::whereIn('id', $locations_raw_array)
                ->withCount('assignedAssets as assigned_assets_count')
                ->withCount('assets as assets_count')
+                ->withCount('assignedAccessories as assigned_accessories_count')
+                ->withCount('accessories as accessories_count')
                ->withCount('rtd_assets as rtd_assets_count')
                ->withCount('children as children_count')
+                ->withCount('consumables as consumables_count')
+                ->withCount('components as components_count')
                ->withCount('users as users_count')->get();

                $valid_count = 0;
@@ -400,9 +409,13 @@ class LocationsController extends Controller
            $locations = Location::whereIn('id', $locations_raw_array)
                ->withCount('assignedAssets as assigned_assets_count')
                ->withCount('assets as assets_count')
+                ->withCount('assignedAccessories as assigned_accessories_count')
+                ->withCount('accessories as accessories_count')
                ->withCount('rtd_assets as rtd_assets_count')
                ->withCount('children as children_count')
-                ->withCount('users as users_count')->get();
+                ->withCount('users as users_count')
+                ->withCount('consumables as consumables_count')
+                ->withCount('components as components_count')->get();

            $success_count = 0;
            $error_count = 0;
@@ -78,6 +78,7 @@ class MaintenancesController extends Controller
            $maintenance->is_warranty = $request->input('is_warranty');
            $maintenance->cost = $request->input('cost');
            $maintenance->notes = $request->input('notes');
+            $maintenance->url = $request->input('url');

            // Save the asset maintenance data
            $maintenance->asset_id = $asset->id;
@@ -152,6 +153,7 @@ class MaintenancesController extends Controller
        $maintenance->name = $request->input('name');
        $maintenance->start_date = $request->input('start_date');
        $maintenance->completion_date = $request->input('completion_date');
+        $maintenance->url = $request->input('url');


        // Todo - put this in a getter/setter?
@@ -2,6 +2,14 @@

 namespace App\Http\Controllers;

+use App\Actions\Manufacturers\DeleteManufacturerAction;
+use App\Exceptions\ItemStillHasAccessories;
+use App\Exceptions\ItemStillHasAssets;
+use App\Exceptions\ItemStillHasChildren;
+use App\Exceptions\ItemStillHasComponents;
+use App\Exceptions\ItemStillHasConsumables;
+use App\Exceptions\ItemStillHasLicenses;
+use App\Helpers\Helper;
 use App\Http\Requests\ImageUploadRequest;
 use App\Models\Actionlog;
 use App\Models\Manufacturer;
@@ -93,6 +101,7 @@ class ManufacturersController extends Controller
        $manufacturer->support_email = $request->input('support_email');
        $manufacturer->notes = $request->input('notes');
        $manufacturer = $request->handleImages($manufacturer);
+        $manufacturer->tag_color  = $request->input('tag_color');

        if ($manufacturer->save()) {
            return redirect()->route('manufacturers.index')->with('success', trans('admin/manufacturers/message.create.success'));
@@ -134,6 +143,7 @@ class ManufacturersController extends Controller
        $manufacturer->warranty_lookup_url = $request->input('warranty_lookup_url');
        $manufacturer->support_phone = $request->input('support_phone');
        $manufacturer->support_email = $request->input('support_email');
+        $manufacturer->tag_color  = $request->input('tag_color');
        $manufacturer->notes = $request->input('notes');

        // Set the model's image property to null if the image is being deleted
@@ -157,32 +167,18 @@ class ManufacturersController extends Controller
     * @param int $manufacturerId
     * @since [v1.0]
     */
-    public function destroy($manufacturerId) : RedirectResponse
+    public function destroy(Manufacturer $manufacturer): RedirectResponse
    {
-        $this->authorize('delete', Manufacturer::class);
-        if (is_null($manufacturer = Manufacturer::withTrashed()->withCount('models as models_count')->find($manufacturerId))) {
-            return redirect()->route('manufacturers.index')->with('error', trans('admin/manufacturers/message.not_found'));
+        $this->authorize('delete', $manufacturer);
+        try {
+            DeleteManufacturerAction::run($manufacturer);
+        } catch (ItemStillHasChildren $e) {
+            return redirect()->route('manufacturers.index')->with('error', trans('general.bulk_delete_associations.general_assoc_warning', ['item' => trans('general.manufacturer')]));
+        } catch (\Exception $e) {
+            report($e);
+            return redirect()->route('manufacturers.index')->with('error', trans('general.something_went_wrong'));
        }

-        if (! $manufacturer->isDeletable()) {
-            return redirect()->route('manufacturers.index')->with('error', trans('admin/manufacturers/message.assoc_users'));
-        }
-
-        if ($manufacturer->image) {
-            try {
-                Storage::disk('public')->delete('manufacturers/'.$manufacturer->image);
-            } catch (\Exception $e) {
-                Log::info($e);
-            }
-        }
-
-        // Soft delete the manufacturer if active, permanent delete if is already deleted
-        if ($manufacturer->deleted_at === null) {
-            $manufacturer->delete();
-        } else {
-            $manufacturer->forceDelete();
-        }
-        // Redirect to the manufacturers management page
        return redirect()->route('manufacturers.index')->with('success', trans('admin/manufacturers/message.delete.success'));
    }

@@ -5,6 +5,7 @@ namespace App\Http\Controllers;
 use App\Http\Requests\ImageUploadRequest;
 use App\Http\Transformers\ProfileTransformer;
 use App\Models\Actionlog;
+use App\Models\Asset;
 use App\Models\Setting;
 use App\Models\User;
 use App\Notifications\CurrentInventory;
@@ -34,7 +35,7 @@ class ProfileController extends Controller
     */
    public function getIndex() : View
    {
-        $this->authorize('self.profile');
+
        $user = auth()->user();
        return view('account/profile', compact('user'));
    }
@@ -47,20 +48,25 @@ class ProfileController extends Controller
     */
    public function postIndex(ImageUploadRequest $request) : RedirectResponse
    {
-        $this->authorize('self.profile');
+
        $user = auth()->user();
-        $user->first_name = $request->input('first_name');
-        $user->last_name = $request->input('last_name');
-        $user->website = $request->input('website');
-        $user->gravatar = $request->input('gravatar');
-        $user->skin = $request->input('skin');
-        $user->phone = $request->input('phone');
+
+        if ((Gate::allows('self.profile')) && (! config('app.lock_passwords'))) {
+            $user->first_name = $request->input('first_name');
+            $user->last_name = $request->input('last_name');
+            $user->website = $request->input('website');
+            $user->gravatar = $request->input('gravatar');
+            $user->phone = $request->input('phone');
+        }
+
+
        $user->enable_sounds = $request->input('enable_sounds', false);
        $user->enable_confetti = $request->input('enable_confetti', false);
+        $user->link_light_color = $request->input('link_light_color', '#296282');
+        $user->link_dark_color = $request->input('link_dark_color', '#296282');
+        $user->nav_link_color = $request->input('nav_link_color', '#FFFFFF');
+        $user->locale = $request->input('locale');

-        if (! config('app.lock_passwords')) {
-            $user->locale = $request->input('locale');
-        }

        if ((Gate::allows('self.two_factor')) && ((Setting::getSettings()->two_factor_enabled == '1') && (! config('app.lock_passwords')))) {
            $user->two_factor_optin = $request->input('two_factor_optin', '0');
@@ -249,7 +255,10 @@ class ProfileController extends Controller
        $logentry = Actionlog::where('filename', $filename)->first();

        // Make sure the user has permission to view this file
-        if (auth()->id() != $logentry->target_id) {
+        // Also allow if the user (manager) able to view both users and assets
+        $allowed_to_view_users_assets = Gate::allows('view', User::class) && Gate::allows('view', Asset::class);
+
+        if (auth()->id() != $logentry->target_id && !$allowed_to_view_users_assets) {
            return redirect()->route('account')->with('error', trans('general.generic_model_not_found', ['model' => 'file']));
        }

@@ -3,12 +3,21 @@
 namespace App\Http\Controllers;

 use App\Helpers\Helper;
+use App\Mail\CheckoutAccessoryMail;
 use App\Mail\CheckoutAssetMail;
+use App\Mail\CheckoutComponentMail;
+use App\Mail\CheckoutConsumableMail;
+use App\Mail\CheckoutLicenseMail;
 use App\Models\Accessory;
+use App\Models\AccessoryCheckout;
 use App\Models\Actionlog;
 use App\Models\Asset;
 use App\Models\AssetModel;
 use App\Models\Category;
+use App\Models\Checkoutable;
+use App\Models\Component;
+use App\Models\Consumable;
+use App\Models\LicenseSeat;
 use App\Models\Maintenance;
 use App\Models\CheckoutAcceptance;
 use App\Models\Company;
@@ -18,9 +27,11 @@ use App\Models\License;
 use App\Models\ReportTemplate;
 use App\Models\Setting;
 use Carbon\Carbon;
+use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\Relations\MorphTo;
 use Illuminate\Http\Request;
 use Illuminate\Http\Response;
+use Illuminate\Mail\Mailable;
 use Illuminate\Support\Facades\Mail;
 use \Illuminate\Contracts\View\View;
 use League\Csv\Reader;
@@ -274,22 +285,18 @@ class ReportsController extends Controller
                    $target_name = '';

                    if ($actionlog->target) {
-                            if ($actionlog->targetType() == 'user') {
-                                $target_name = $actionlog->target->display_name;
-                        } else {
-                            $target_name = $actionlog->target->getDisplayNameAttribute();
-                        }
+                        $target_name = $actionlog->target->display_name;
                    }

-                    if($actionlog->item){
-                        $item_name = e($actionlog->item->getDisplayNameAttribute());
+                    if ($actionlog->item){
+                        $item_name = e($actionlog->item->display_name);
                    } else {
                        $item_name = '';
                    }

                    $row = [
                        $actionlog->created_at,
-                        ($actionlog->adminuser) ? e($actionlog->adminuser->display_name) : '',
+                        ($actionlog->adminuser) ? $actionlog->adminuser->display_name : '',
                        $actionlog->present()->actionType(),
                        e($actionlog->itemType()),
                        ($actionlog->itemType() == 'user') ? $actionlog->filename : $item_name,
@@ -298,10 +305,10 @@ class ReportsController extends Controller
                        (($actionlog->item) && ($actionlog->item->model))  ? $actionlog->item->model->model_number : null,
                        $target_name,
                        ($actionlog->note) ? e($actionlog->note) : '',
-                        $actionlog->log_meta,
                        $actionlog->remote_ip,
                        $actionlog->user_agent,
                        $actionlog->action_source,
+                        $actionlog->log_meta,
                    ];
                    fputcsv($handle, $row);
                }
@@ -440,10 +447,8 @@ class ReportsController extends Controller
            // Open output stream
            $handle = fopen('php://output', 'w');
            stream_set_timeout($handle, 2000);
-            
-            if ($request->filled('use_bom')) {
-                fprintf($handle, chr(0xEF).chr(0xBB).chr(0xBF));
-            }
+
+            fprintf($handle, chr(0xEF).chr(0xBB).chr(0xBF));

            $header = [];

@@ -689,6 +694,14 @@ class ReportsController extends Controller
                $assets->whereBetween('assets.purchase_date', [$request->input('purchase_start'), $request->input('purchase_end')]);
            }

+            if ($request->filled('purchase_cost_start')) {
+                if ($request->filled('purchase_cost_end')) {
+                    $assets->whereBetween('assets.purchase_cost', [$request->input('purchase_cost_start'), $request->input('purchase_cost_end')]);
+                } else {
+                    $assets->where('assets.purchase_cost', ">", $request->input('purchase_cost_start'));
+                }
+            }
+
            if (($request->filled('created_start')) && ($request->filled('created_end'))) {
                $created_start = Carbon::parse($request->input('created_start'))->startOfDay();
                $created_end = Carbon::parse($request->input('created_end'))->endOfDay();
@@ -1114,34 +1127,32 @@ class ReportsController extends Controller
        $this->authorize('reports.view');
        $showDeleted = $deleted == 'deleted';

-        $query = CheckoutAcceptance::pending()
-            ->where('checkoutable_type', 'App\Models\Asset')
+        $query = CheckoutAcceptance::Pending()
            ->with([
                'checkoutable' => function (MorphTo $query) {
-                    $query->morphWith([
-                        AssetModel::class => ['model'],
-                        Company::class => ['company'],
-                        Asset::class => ['assignedTo'],
-                    ])->with('model.category');
+                    $query->withTrashed()->morphWith([
+                        Asset::class => ['model.category', 'assignedTo', 'company'],
+                        Accessory::class => ['category','checkouts', 'company'],
+                        LicenseSeat::class => ['user', 'license'],
+                        Component::class => ['assignedTo', 'company'],
+                        Consumable::class => ['company'],
+                    ]);
                },
                'assignedTo' => function($query){
                         $query->withTrashed();
                    }
-            ]);
+            ])->orderByDesc('checkout_acceptances.created_at');
+

        if ($showDeleted) {
            $query->withTrashed();
        }

-        $assetsForReport = $query->get()
-                ->map(function ($acceptance) {
-                    return [
-                        'assetItem' => $acceptance->checkoutable,
-                        'acceptance' => $acceptance,
-                    ];
-            });
+        $itemsForReport = $query->get()
+            ->filter(fn ($unaccepted) => $unaccepted->checkoutable)
+            ->map(fn ($unaccepted) => Checkoutable::fromAcceptance($unaccepted));

-        return view('reports/unaccepted_assets', compact('assetsForReport','showDeleted' ));
+        return view('reports/unaccepted_assets', compact('itemsForReport','showDeleted' ));
    }

    /**
@@ -1153,41 +1164,77 @@ class ReportsController extends Controller
    public function sentAssetAcceptanceReminder(Request $request) : RedirectResponse
    {
        $this->authorize('reports.view');
-
-        if (!$acceptance = CheckoutAcceptance::pending()->find($request->input('acceptance_id'))) {
+        $id = $request->input('acceptance_id');
+        $query = CheckoutAcceptance::query()
+            ->with([
+                'checkoutable' => function (MorphTo $query) {
+                    $query->withTrashed()->morphWith([
+                        Asset::class       => ['model.category', 'assignedTo', 'company', 'checkouts'],
+                        Accessory::class   => ['category', 'company', 'checkouts'],
+                        LicenseSeat::class => ['user', 'license', 'checkouts'],
+                        Component::class   => ['assignedTo', 'company', 'checkouts'],
+                        Consumable::class  => ['company', 'checkouts'],
+                    ]);
+                },
+                'assignedTo' => fn ($q) => $q->withTrashed(),
+            ])
+            ->pending();
+        $acceptance = $query->find($id);
+        if (!$acceptance) {
            Log::debug('No pending acceptances');
-            // Redirect to the unaccepted assets report page with error
+            // Redirect to the unaccepted items report page with error
            return redirect()->route('reports/unaccepted_assets')->with('error', trans('general.bad_data'));
        }
+        $item      = $acceptance->checkoutable;
+        $assignee  = $acceptance->assignedTo ?? $item->assignedTo ?? null;
+        $email     = $assignee?->email;
+        $locale    = $assignee?->locale;

-        $assetItem = $acceptance->checkoutable;
-
-        Log::debug(print_r($assetItem, true));
+        Log::debug(print_r($acceptance, true));

        if (is_null($acceptance->created_at)){
            Log::debug('No acceptance created_at');
            return redirect()->route('reports/unaccepted_assets')->with('error', trans('general.bad_data'));
        } else {
-            $logItem_res = $assetItem->checkouts()->where('created_at', '=', $acceptance->created_at)->get();
-
+            if($item instanceof LicenseSeat){
+                $logItem_res = $item->license->checkouts()->with('adminuser')->where('created_at', '=', $acceptance->created_at)->get();
+            }
+            else{
+                $logItem_res = $item->checkouts()->with('adminuser')->where('created_at', '=', $acceptance->created_at)->get();
+                }
            if ($logItem_res->isEmpty()){
                Log::debug('Acceptance date mismatch');
                return redirect()->route('reports/unaccepted_assets')->with('error', trans('general.bad_data'));
            }
            $logItem = $logItem_res[0];
        }
-        $email = $assetItem->assignedTo?->email;
-        $locale = $assetItem->assignedTo?->locale;

        if (is_null($email) || $email === '') {
            return redirect()->route('reports/unaccepted_assets')->with('error', trans('general.no_email'));
        }
-
-        Mail::to($email)->send((new CheckoutAssetMail($assetItem, $assetItem->assignedTo, $logItem->user, $acceptance, $logItem->note, firstTimeSending: false))->locale($locale));
+        $mailable = $this->getCheckoutMailType($acceptance, $logItem);
+        Mail::to($email)->send($mailable->locale($locale));

        return redirect()->route('reports/unaccepted_assets')->with('success', trans('admin/reports/general.reminder_sent'));
    }
+    private function getCheckoutMailType(CheckoutAcceptance $acceptance, $logItem) : Mailable
+    {
+        $lookup = [
+            Accessory::class => CheckoutAccessoryMail::class,
+            Asset::class => CheckoutAssetMail::class,
+            LicenseSeat::class => CheckoutLicenseMail::class,
+            Consumable::class => CheckoutConsumableMail::class,
+            Component::class => CheckoutComponentMail::class,
+        ];
+        $mailable= $lookup[get_class($acceptance->checkoutable)];

+        return new $mailable($acceptance->checkoutable,
+            $acceptance->checkedOutTo ?? $acceptance->assignedTo,
+            $logItem->adminuser,
+            $acceptance,
+            $acceptance->note);
+
+    }
    /**
     * sentAssetAcceptanceReminder
     *
@@ -1219,31 +1266,43 @@ class ReportsController extends Controller
    public function postAssetAcceptanceReport($deleted = false) : Response
    {
        $this->authorize('reports.view');
-        $showDeleted = $deleted == 'deleted';
+        $showDeleted = request('deleted') === 'deleted';;

        /**
         * Get all assets with pending checkout acceptances
         */
-        if($showDeleted) {
-            $acceptances = CheckoutAcceptance::pending()->where('checkoutable_type', 'App\Models\Asset')->withTrashed()->with(['assignedTo', 'checkoutable.assignedTo', 'checkoutable.model'])->get();
-        } else {
-            $acceptances = CheckoutAcceptance::pending()->where('checkoutable_type', 'App\Models\Asset')->with(['assignedTo', 'checkoutable.assignedTo', 'checkoutable.model'])->get();
-        }

-        $assetsForReport = $acceptances
-            ->filter(function($acceptance) {
-                return $acceptance->checkoutable_type == 'App\Models\Asset';
-            })
-            ->map(function($acceptance) {
-                return ['assetItem' => $acceptance->checkoutable, 'acceptance' => $acceptance];
-            });
+            $acceptances = CheckoutAcceptance::pending()
+                ->with([
+                    'checkoutable' => function (MorphTo $acceptance) {
+                        $acceptance->withTrashed()->morphWith([
+                            Asset::class => ['model.category', 'assignedTo', 'company'],
+                            Accessory::class => ['category','checkouts', 'company'],
+                            LicenseSeat::class => ['user', 'license'],
+                            Component::class => ['assignedTo', 'company'],
+                            Consumable::class => ['company'],
+                        ]);
+                    },
+                    'assignedTo',
+                ])->orderByDesc('checkout_acceptances.created_at');
+
+            if ($showDeleted) {
+                $acceptances->withTrashed();
+            }
+
+        $itemsForReport = $acceptances->get()
+                ->filter(fn ($unaccepted) => $unaccepted->checkoutable)
+                ->map(fn ($unaccepted) => Checkoutable::fromAcceptance($unaccepted));

        $rows = [];

        $header = [
+            trans('general.date'),
+            trans('general.type'),
+            trans('admin/companies/table.title'),
            trans('general.category'),
            trans('admin/hardware/form.model'),
-            trans('admin/hardware/form.name'),
+            trans('general.name'),
            trans('admin/hardware/table.asset_tag'),
            trans('admin/hardware/table.checkoutto'),
        ];
@@ -1251,16 +1310,19 @@ class ReportsController extends Controller
        $header = array_map('trim', $header);
        $rows[] = implode(',', $header);

-        foreach ($assetsForReport as $item) {
+        foreach ($itemsForReport as $item) {

-            if ($item['assetItem'] != null){
+            if ($item != null){
            
                $row    = [ ];
-                $row[]  = str_replace(',', '', e($item['assetItem']->model->category->name));
-                $row[]  = str_replace(',', '', e($item['assetItem']->model->name));
-                $row[]  = str_replace(',', '', e($item['assetItem']->name));
-                $row[]  = str_replace(',', '', e($item['assetItem']->asset_tag));
-                $row[]  = str_replace(',', '', e(($item['acceptance']->assignedTo) ? $item['acceptance']->assignedTo->display_name : trans('admin/reports/general.deleted_user')));
+                $row[]  = str_replace(',', '', $item->acceptance->created_at);
+                $row[]  = str_replace(',', '', $item->type);
+                $row[]  = str_replace(',', '', $item->plain_text_company);
+                $row[]  = str_replace(',', '', $item->plain_text_category);
+                $row[]  = str_replace(',', '', $item->plain_text_model);
+                $row[]  = str_replace(',', '', $item->plain_text_name);
+                $row[]  = str_replace(',', '', $item->asset_tag);
+                $row[]  = str_replace(',', '', ($item->acceptance->assignedto) ? $item->acceptance->assignedto->display_name : trans('admin/reports/general.deleted_user'));
                $rows[] = implode(',', $row);
            }
        }
@@ -6,38 +6,31 @@ use App\Helpers\Helper;
 use App\Helpers\StorageHelper;
 use App\Http\Requests\ImageUploadRequest;
 use App\Http\Requests\SettingsSamlRequest;
-use App\Http\Requests\SetupUserRequest;
+use App\Http\Requests\StoreLabelSettings;
 use App\Http\Requests\StoreLdapSettings;
 use App\Http\Requests\StoreLocalizationSettings;
 use App\Http\Requests\StoreNotificationSettings;
-use App\Http\Requests\StoreLabelSettings;
 use App\Http\Requests\StoreSecuritySettings;
+use App\Models\Asset;
 use App\Models\CustomField;
 use App\Models\Group;
-use App\Models\Labels\Label as LabelModel;
 use App\Models\Setting;
-use App\Models\Asset;
 use App\Models\User;
-use App\Notifications\FirstAdminNotification;
 use App\Notifications\MailTest;
-use Illuminate\Http\Request;
-use Illuminate\Support\Facades\App;
-use Illuminate\Support\Facades\Storage;
-use Illuminate\Validation\Rule;
-use Illuminate\Http\RedirectResponse;
 use Illuminate\Http\JsonResponse;
-use \Illuminate\Contracts\View\View;
-use Illuminate\Support\Str;
+use Illuminate\Http\RedirectResponse;
+use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Artisan;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Crypt;
 use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\File;
-use Illuminate\Support\Facades\Http;
 use Illuminate\Support\Facades\Log;
-use Illuminate\Support\Facades\URL;
+use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Facades\Validator;
+use Illuminate\Support\Str;
+use Illuminate\Validation\Rule;
 use Symfony\Component\HttpFoundation\BinaryFileResponse;
+use \Illuminate\Contracts\View\View;

 /**
 * This controller handles all actions related to Settings for
@@ -47,224 +40,6 @@ use Symfony\Component\HttpFoundation\BinaryFileResponse;
 */
 class SettingsController extends Controller
 {
-    /**
-     * Checks to see whether or not the database has a migrations table
-     * and a user, otherwise display the setup view.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     *
-     * @since [v3.0]
-     *
-     * @return \Illuminate\Contracts\View\View | \Illuminate\Http\Response
-     */
-    public function getSetupIndex() : View
-    {
-        $start_settings['php_version_min'] = false;
-
-        if (version_compare(PHP_VERSION, config('app.min_php'), '<')) {
-            return response('<center><h1>This software requires PHP version '.config('app.min_php').' or greater. This server is running '.PHP_VERSION.'. </h1><h2>Please upgrade PHP on this server and try again. </h2></center>', 500);
-        }
-
-        try {
-            $conn = DB::select('select 2 + 2');
-            $start_settings['db_conn'] = true;
-            $start_settings['db_name'] = DB::connection()->getDatabaseName();
-            $start_settings['db_error'] = null;
-        } catch (\PDOException $e) {
-            $start_settings['db_conn'] = false;
-            $start_settings['db_name'] = config('database.connections.mysql.database');
-            $start_settings['db_error'] = $e->getMessage();
-        }
-
-        $start_settings['url_config'] = trim(config('app.url'), '/'). '/setup';
-        $start_settings['real_url']  = request()->url();
-        $start_settings['url_valid'] = $start_settings['url_config'] === $start_settings['real_url'];
-        $start_settings['php_version_min'] = true;
-
-        // Curl the .env file to make sure it's not accessible via a browser
-        $start_settings['env_exposed'] = $this->dotEnvFileIsExposed();
-
-        if (App::Environment('production') && (true == config('app.debug'))) {
-            $start_settings['debug_exposed'] = true;
-        } else {
-            $start_settings['debug_exposed'] = false;
-        }
-
-        $environment = app()->environment();
-        if ('production' != $environment) {
-            $start_settings['env'] = $environment;
-            $start_settings['prod'] = false;
-        } else {
-            $start_settings['env'] = $environment;
-            $start_settings['prod'] = true;
-        }
-
-        $start_settings['owner'] = '';
-
-        if (function_exists('posix_getpwuid')) { // Probably Linux
-            $owner = posix_getpwuid(fileowner($_SERVER['SCRIPT_FILENAME']));
-            // This *should* be an array, but we've seen this return a bool in some chrooted environments
-            if (is_array($owner)) {
-                $start_settings['owner'] = $owner['name'];
-            }
-        }
-
-        if (($start_settings['owner'] === 'root') || ($start_settings['owner'] === '0')) {
-            $start_settings['owner_is_admin'] = true;
-        } else {
-            $start_settings['owner_is_admin'] = false;
-        }
-
-        $start_settings['writable'] = $this->storagePathIsWritable();
-
-        $start_settings['gd'] = extension_loaded('gd');
-
-        return view('setup/index')
-            ->with('step', 1)
-            ->with('start_settings', $start_settings)
-            ->with('section', 'Pre-Flight Check');
-    }
-
-    /**
-     * Determine if the .env file accessible via a browser.
-     *
-     * @return bool This method will return true when exceptions (such as curl exception) is thrown.
-     * Check the log files to see more details about the exception.
-     */
-    protected function dotEnvFileIsExposed() : bool
-    {
-        try {
-            return Http::withoutVerifying()->timeout(10)
-                ->accept('*/*')
-                ->get(URL::to('.env'))
-                ->successful();
-        } catch (\Exception $e) {
-            Log::debug($e->getMessage());
-            return true;
-        }
-    }
-
-    /**
-     * Determine if the app storage path is writable.
-     */
-    protected function storagePathIsWritable(): bool
-    {
-        return File::isWritable(storage_path())                  &&
-            File::isWritable(storage_path('framework'))          &&
-            File::isWritable(storage_path('framework/cache'))    &&
-            File::isWritable(storage_path('framework/sessions')) &&
-            File::isWritable(storage_path('framework/views'))    &&
-            File::isWritable(storage_path('logs'));
-    }
-
-    /**
-     * Save the first admin user from Setup.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v3.0]
-     *
-     */
-    public function postSaveFirstAdmin(SetupUserRequest $request) : RedirectResponse
-    {
-
-        $user = new User();
-        $user->first_name = $data['first_name'] = $request->input('first_name');
-        $user->last_name = $request->input('last_name');
-        $user->email = $data['email'] = $request->input('email');
-        $user->activated = 1;
-        $permissions = ['superuser' => 1];
-        $user->permissions = json_encode($permissions);
-        $user->username = $data['username'] = $request->input('username');
-        $user->password = bcrypt($request->input('password'));
-        $data['password'] = $request->input('password');
-
-        $settings = new Setting();
-        $settings->full_multiple_companies_support = $request->input('full_multiple_companies_support', 0);
-        $settings->site_name = $request->input('site_name');
-        $settings->alert_email = $request->input('email');
-        $settings->alerts_enabled = 1;
-        $settings->pwd_secure_min = 10;
-        $settings->brand = 1;
-        $settings->locale = $request->input('locale', 'en-US');
-        $settings->default_currency = $request->input('default_currency', 'USD');
-        $settings->created_by = 1;
-        $settings->email_domain = $request->input('email_domain');
-        $settings->email_format = $request->input('email_format');
-        $settings->next_auto_tag_base = 1;
-        $settings->auto_increment_assets = $request->input('auto_increment_assets', 0);
-        $settings->auto_increment_prefix = $request->input('auto_increment_prefix');
-        $settings->zerofill_count = $request->input('zerofill_count') ?: 0;
-
-        if ((! $user->isValid()) || (! $settings->isValid())) {
-            return redirect()->back()->withInput()->withErrors($user->getErrors())->withErrors($settings->getErrors());
-        } else {
-            $user->save();
-            Auth::login($user, true);
-            $settings->save();
-
-            if ($request->input('email_creds') == '1') {
-                $data = [];
-                $data['email'] = $user->email;
-                $data['username'] = $user->username;
-                $data['first_name'] = $user->first_name;
-                $data['last_name'] = $user->last_name;
-                $data['password'] = $request->input('password');
-                $user->notify(new FirstAdminNotification($data));
-            }
-
-            return redirect()->route('setup.done');
-        }
-    }
-
-    /**
-     * Return the admin user creation form in Setup.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     *
-     * @since [v3.0]
-     */
-    public function getSetupUser() : View
-    {
-        return view('setup/user')
-            ->with('step', 3)
-            ->with('section', 'Create a User');
-    }
-
-    /**
-     * Return the view that tells the user that the Setup is done.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     *
-     * @since [v3.0]
-     */
-    public function getSetupDone() : View
-    {
-        return view('setup/done')
-            ->with('step', 4)
-            ->with('section', 'Done!');
-    }
-
-    /**
-     * Migrate the database tables, and return the output
-     * to a view for Setup.
-     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     *
-     * @since [v3.0]
-     */
-    public function getSetupMigrate() : View
-    {
-        Artisan::call('migrate', ['--force' => true]);
-        if ((! file_exists(storage_path().'/oauth-private.key')) || (! file_exists(storage_path().'/oauth-public.key'))) {
-            Artisan::call('migrate', ['--path' => 'vendor/laravel/passport/database/migrations', '--force' => true]);
-            Artisan::call('passport:install', ['--no-interaction' => true]);
-        }
-
-        return view('setup/migrate')
-            ->with('output', 'Databases installed!')
-            ->with('step', 2)
-            ->with('section', 'Create Database Tables');
-    }

    /**
     * Return a view that shows some of the key settings.
@@ -399,12 +174,10 @@ class SettingsController extends Controller
        }

        $setting->brand = $request->input('brand', '1');
-        $setting->header_color = $request->input('header_color');
+
        $setting->support_footer = $request->input('support_footer');
        $setting->version_footer = $request->input('version_footer');
        $setting->footer_text = $request->input('footer_text');
-        $setting->skin = $request->input('skin');
-        $setting->allow_user_skin = $request->input('allow_user_skin', '0');
        $setting->show_url_in_emails = $request->input('show_url_in_emails', '0');
        $setting->logo_print_assets = $request->input('logo_print_assets', '0');
        $setting->load_remote = $request->input('load_remote', 0);
@@ -418,6 +191,11 @@ class SettingsController extends Controller
                $request->validate(['site_name' => 'required']);
            }

+            $setting->header_color = $request->input('header_color');
+            $setting->link_light_color = $request->input('link_light_color', '#296282');
+            $setting->link_dark_color = $request->input('link_dark_color', '#296282');
+            $setting->nav_link_color = $request->input('nav_link_color', '#FFFFFF');
+            
            $setting->site_name = $request->input('site_name', 'Snipe-IT');
            $setting->custom_css = $request->input('custom_css');

@@ -589,6 +367,7 @@ class SettingsController extends Controller
        $setting->time_display_format = $request->input('time_display_format');
        $setting->digit_separator = $request->input('digit_separator');
        $setting->name_display_format = $request->input('name_display_format');
+        $setting->week_start = $request->input('week_start', 0);

        if ($setting->save()) {
            return redirect()->route('settings.index')
@@ -772,6 +551,7 @@ class SettingsController extends Controller
        $setting->label2_asset_logo = $request->input('label2_asset_logo');
        $setting->label2_1d_type = $request->input('label2_1d_type');
        $setting->label2_2d_type = $request->input('label2_2d_type');
+        $setting->label2_2d_prefix = $request->input('label2_2d_prefix');
        $setting->label2_2d_target = $request->input('label2_2d_target');
        $setting->label2_fields = $request->input('label2_fields');
        $setting->label2_empty_row_count = $request->input('label2_empty_row_count');
@@ -0,0 +1,270 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Http\Requests\SetupUserRequest;
+use App\Models\Setting;
+use App\Models\User;
+use App\Notifications\FirstAdminNotification;
+use Illuminate\Http\RedirectResponse;
+use Illuminate\Support\Facades\App;
+use Illuminate\Support\Facades\Artisan;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\File;
+use Illuminate\Support\Facades\Http;
+use Illuminate\Support\Facades\Log;
+use Illuminate\Support\Facades\URL;
+use \Illuminate\Contracts\View\View;
+
+
+/**
+ * This controller handles all actions related to Settings for
+ * the Snipe-IT Asset Management application.
+ *
+ * @version    v1.0
+ */
+class SetupController extends Controller
+{
+    /**
+     * Checks to see whether or not the database has a migrations table
+     * and a user, otherwise display the setup view.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     *
+     * @since [v3.0]
+     *
+     * @return \Illuminate\Contracts\View\View | \Illuminate\Http\Response
+     */
+    public function getSetupIndex() : View
+    {
+        $start_settings['php_version_min'] = false;
+
+        if (version_compare(PHP_VERSION, config('app.min_php'), '<')) {
+            return response('<center><h1>This software requires PHP version '.config('app.min_php').' or greater. This server is running '.PHP_VERSION.'. </h1><h2>Please upgrade PHP on this server and try again. </h2></center>', 500);
+        }
+
+        try {
+            $conn = DB::select('select 2 + 2');
+            $start_settings['db_conn'] = true;
+            $start_settings['db_name'] = DB::connection()->getDatabaseName();
+            $start_settings['db_error'] = null;
+        } catch (\PDOException $e) {
+            $start_settings['db_conn'] = false;
+            $start_settings['db_name'] = config('database.connections.mysql.database');
+            $start_settings['db_error'] = $e->getMessage();
+        }
+
+        $start_settings['url_config'] = trim(config('app.url'), '/'). '/setup';
+        $start_settings['real_url']  = request()->url();
+        $start_settings['url_valid'] = $start_settings['url_config'] === $start_settings['real_url'];
+        $start_settings['php_version_min'] = true;
+
+        // Curl the .env file to make sure it's not accessible via a browser
+        $start_settings['env_exposed'] = $this->dotEnvFileIsExposed();
+
+        if (App::Environment('production') && (true == config('app.debug'))) {
+            $start_settings['debug_exposed'] = true;
+        } else {
+            $start_settings['debug_exposed'] = false;
+        }
+
+        $environment = app()->environment();
+        if ('production' != $environment) {
+            $start_settings['env'] = $environment;
+            $start_settings['prod'] = false;
+        } else {
+            $start_settings['env'] = $environment;
+            $start_settings['prod'] = true;
+        }
+
+        $start_settings['owner'] = '';
+
+        if (function_exists('posix_getpwuid')) { // Probably Linux
+            $owner = posix_getpwuid(fileowner($_SERVER['SCRIPT_FILENAME']));
+            // This *should* be an array, but we've seen this return a bool in some chrooted environments
+            if (is_array($owner)) {
+                $start_settings['owner'] = $owner['name'];
+            }
+        }
+
+        if (($start_settings['owner'] === 'root') || ($start_settings['owner'] === '0')) {
+            $start_settings['owner_is_admin'] = true;
+        } else {
+            $start_settings['owner_is_admin'] = false;
+        }
+
+        $start_settings['writable'] = $this->storagePathIsWritable();
+
+        $start_settings['gd'] = extension_loaded('gd');
+
+        return view('setup/index')
+            ->with('step', 1)
+            ->with('start_settings', $start_settings)
+            ->with('section', trans('general.setup_config_check'))
+            ->with('icon', 'fa-regular fa-rectangle-list');
+    }
+
+    /**
+     * Determine if the .env file accessible via a browser.
+     *
+     * @return bool This method will return true when exceptions (such as curl exception) is thrown.
+     * Check the log files to see more details about the exception.
+     */
+    protected function dotEnvFileIsExposed() : bool
+    {
+        try {
+            return Http::withoutVerifying()->timeout(10)
+                ->accept('*/*')
+                ->get(URL::to('.env'))
+                ->successful();
+        } catch (\Exception $e) {
+            Log::debug($e->getMessage());
+            return true;
+        }
+    }
+
+    /**
+     * Determine if the app storage path is writable.
+     */
+    protected function storagePathIsWritable(): bool
+    {
+        return File::isWritable(storage_path())                  &&
+            File::isWritable(storage_path('framework'))          &&
+            File::isWritable(storage_path('framework/cache'))    &&
+            File::isWritable(storage_path('framework/sessions')) &&
+            File::isWritable(storage_path('framework/views'))    &&
+            File::isWritable(storage_path('logs'));
+    }
+
+    /**
+     * Save the first admin user from Setup.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     *
+     */
+    public function postSaveFirstAdmin(SetupUserRequest $request) : RedirectResponse
+    {
+
+        $user = new User();
+        $user->first_name = $data['first_name'] = $request->input('first_name');
+        $user->last_name = $request->input('last_name');
+        $user->email = $data['email'] = $request->input('email');
+        $user->activated = 1;
+        $permissions = ['superuser' => 1];
+        $user->permissions = json_encode($permissions);
+        $user->username = $data['username'] = $request->input('username');
+        $user->password = bcrypt($request->input('password'));
+        $data['password'] = $request->input('password');
+
+        $settings = new Setting();
+        $settings->full_multiple_companies_support = $request->input('full_multiple_companies_support', 0);
+        $settings->site_name = $request->input('site_name');
+        $settings->alert_email = $request->input('email');
+        $settings->alerts_enabled = 1;
+        $settings->pwd_secure_min = 10;
+        $settings->brand = 1;
+        $settings->link_light_color = $request->input('link_light_color', '#296282');
+        $settings->link_dark_color = $request->input('link_dark_color', '#296282');
+        $settings->nav_link_color = $request->input('nav_link_color', '#FFFFFF');
+        $settings->locale = $request->input('locale', 'en-US');
+        $settings->default_currency = $request->input('default_currency', 'USD');
+        $settings->created_by = 1;
+        $settings->email_domain = $request->input('email_domain');
+        $settings->email_format = $request->input('email_format');
+        $settings->next_auto_tag_base = 1;
+        $settings->auto_increment_assets = $request->input('auto_increment_assets', 0);
+        $settings->auto_increment_prefix = $request->input('auto_increment_prefix');
+        $settings->zerofill_count = $request->input('zerofill_count') ?: 0;
+
+        if ((! $user->isValid()) || (! $settings->isValid())) {
+            return redirect()->back()->withInput()->withErrors($user->getErrors())->withErrors($settings->getErrors());
+        } else {
+            $user->save();
+            Auth::login($user, true);
+            $settings->save();
+
+            if ($request->input('email_creds') == '1') {
+                $data = [];
+                $data['email'] = $user->email;
+                $data['username'] = $user->username;
+                $data['first_name'] = $user->first_name;
+                $data['last_name'] = $user->last_name;
+                $data['password'] = $request->input('password');
+                $user->notify(new FirstAdminNotification($data));
+            }
+
+            return redirect()
+                ->route('setup.done')
+                ->with('section', trans('general.setup_create_admin'))
+                ->with('icon', 'fa-solid fa-champagne-glasses')
+                ->with('success', trans('admin/settings/general.create_admin_success'));
+        }
+    }
+
+    /**
+     * Return the admin user creation form in Setup.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     *
+     * @since [v3.0]
+     */
+    public function getSetupUser() : View
+    {
+        return view('setup/user')
+            ->with('step', 3)
+            ->with('section', trans('general.setup_create_admin'))
+            ->with('icon', 'fa-solid fa-user-plus');
+    }
+
+    /**
+     * Return the view that tells the user that the Setup is done.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     *
+     * @since [v3.0]
+     */
+    public function getSetupDone() : View
+    {
+        return view('setup/done')
+            ->with('success', trans('general.create_admin_success'))
+            ->with('step', 4)
+            ->with('icon', 'fa-solid fa-champagne-glasses fa-shake')
+            ->with('section', trans('general.setup_done'));
+    }
+
+
+
+    /**
+     * Migrate the database tables, and return the output
+     * to a view for Setup.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     *
+     * @since [v3.0]
+     */
+    public function setupMigrate()
+    {
+        Artisan::call('migrate', ['--force' => true]);
+        $output = Artisan::output();
+        if ((! file_exists(storage_path().'/oauth-private.key')) || (! file_exists(storage_path().'/oauth-public.key'))) {
+            Artisan::call('migrate', ['--path' => 'vendor/laravel/passport/database/migrations', '--force' => true]);
+            Artisan::call('passport:install', ['--no-interaction' => true]);
+        }
+
+        return view('setup/migrate')
+            ->with('success', trans('general.create_admin_success'))
+            ->with('output', trim($output))
+            ->with('step', 2)
+            ->with('section', trans('general.setup_create_database'))
+            ->with('icon', 'fa-solid fa-database');
+    }
+
+
+
+
+
+
+
+}
@@ -2,10 +2,18 @@

 namespace App\Http\Controllers;

+use App\Actions\Suppliers\DestroySupplierAction;
+use App\Exceptions\ItemStillHasAccessories;
+use App\Exceptions\ItemStillHasComponents;
+use App\Exceptions\ItemStillHasConsumables;
+use App\Exceptions\ItemStillHasMaintenances;
+use App\Exceptions\ItemStillHasAssets;
+use App\Exceptions\ItemStillHasLicenses;
 use App\Http\Requests\ImageUploadRequest;
 use App\Models\Supplier;
 use Illuminate\Http\RedirectResponse;
 use \Illuminate\Contracts\View\View;
+use Illuminate\Support\MessageBag;

 /**
 * This controller handles all actions related to Suppliers for
@@ -59,6 +67,7 @@ class SuppliersController extends Controller
        $supplier->phone = request('phone');
        $supplier->fax = request('fax');
        $supplier->email = request('email');
+        $supplier->tag_color  = $request->input('tag_color');
        $supplier->notes = request('notes');
        $supplier->url = $supplier->addhttp(request('url'));
        $supplier->created_by = auth()->id();
@@ -103,6 +112,7 @@ class SuppliersController extends Controller
        $supplier->fax = request('fax');
        $supplier->email = request('email');
        $supplier->url = $supplier->addhttp(request('url'));
+        $supplier->tag_color  = $request->input('tag_color');
        $supplier->notes = request('notes');
        $supplier = $request->handleImages($supplier);

@@ -118,30 +128,41 @@ class SuppliersController extends Controller
     *
     * @param  int $supplierId
     */
-    public function destroy($supplierId) : RedirectResponse
+    public function destroy(Supplier $supplier): RedirectResponse
    {
        $this->authorize('delete', Supplier::class);
-        if (is_null($supplier = Supplier::with('maintenances', 'assets', 'licenses')->withCount('maintenances as maintenances_count', 'assets as assets_count', 'licenses as licenses_count')->find($supplierId))) {
-            return redirect()->route('suppliers.index')->with('error', trans('admin/suppliers/message.not_found'));
+        try {
+            DestroySupplierAction::run(supplier: $supplier);
+        } catch (ItemStillHasAssets $e) {
+            return redirect()->route('suppliers.index')->with('error', trans('general.bulk_delete_associations.assoc_assets', [
+                'asset_count' => (int) $supplier->assets_count, 'item' => trans('general.supplier')
+            ]));
+        } catch (ItemStillHasMaintenances $e) {
+            return redirect()->route('suppliers.index')->with('error', trans('general.bulk_delete_associations.assoc_maintenances', [
+                'asset_maintenances_count' => $supplier->asset_maintenances_count, 'item' => trans('general.supplier')
+            ]));
+        } catch (ItemStillHasLicenses $e) {
+            return redirect()->route('suppliers.index')->with('error', trans('general.bulk_delete_associations.assoc_licenses', [
+                'licenses_count' => (int) $supplier->licenses_count, 'item' => trans('general.supplier')
+            ]));
+        } catch (ItemStillHasAccessories $e) {
+            return redirect()->route('suppliers.index')->with('error', trans('general.bulk_delete_associations.assoc_accessories', [
+                'accessories_count' => (int) $supplier->accessories_count, 'item' => trans('general.supplier')
+            ]));
+        } catch (ItemStillHasConsumables $e) {
+            return redirect()->route('suppliers.index')->with('error', trans('general.bulk_delete_associations.assoc_consumables', [
+                'consumables_count' => (int) $supplier->consumables_count, 'item' => trans('general.supplier')
+            ]));
+        } catch (ItemStillHasComponents $e) {
+            return redirect()->route('suppliers.index')->with('error', trans('general.bulk_delete_associations.assoc_components', [
+                'components_count' => (int) $supplier->components_count, 'item' => trans('general.supplier')
+            ]));
+        } catch (\Exception $e) {
+            report($e);
+            return redirect()->route('suppliers.index')->with('error', trans('admin/suppliers/message.delete.error'));
        }

-        if ($supplier->assets_count > 0) {
-            return redirect()->route('suppliers.index')->with('error', trans('admin/suppliers/message.delete.assoc_assets', ['asset_count' => (int) $supplier->assets_count]));
-        }
-
-        if ($supplier->maintenances_count > 0) {
-            return redirect()->route('suppliers.index')->with('error', trans('admin/suppliers/message.delete.assoc_maintenances', ['maintenances_count' => $supplier->maintenances_count]));
-        }
-
-        if ($supplier->licenses_count > 0) {
-            return redirect()->route('suppliers.index')->with('error', trans('admin/suppliers/message.delete.assoc_licenses', ['licenses_count' => (int) $supplier->licenses_count]));
-        }
-
-        $supplier->delete();
-
-        return redirect()->route('suppliers.index')->with('success',
-            trans('admin/suppliers/message.delete.success')
-        );
+        return redirect()->route('suppliers.index')->with('success', trans('admin/suppliers/message.delete.success'));
    }

    /**
@@ -154,6 +175,5 @@ class SuppliersController extends Controller
    {
        $this->authorize('view', Supplier::class);
        return view('suppliers/view', compact('supplier'));
-
    }
 }
@@ -2,9 +2,11 @@

 namespace App\Http\Controllers;

+use App\Helpers\Helper;
 use App\Helpers\StorageHelper;
 use App\Http\Requests\UploadFileRequest;
 use App\Models\Actionlog;
+use App\Models\Import;
 use Illuminate\Http\RedirectResponse;
 use Illuminate\Support\Facades\Storage;
 use Symfony\Component\HttpFoundation\BinaryFileResponse;
@@ -155,7 +157,31 @@ class UploadedFilesController extends Controller
        }

        // The file doesn't seem to really exist, so report an error
-        return redirect()->back()->withFragment('files')->with('success', trans_choice('general.file_upload_status.delete.error', 1));
+        return redirect()->back()->withFragment('files')->with('error', trans_choice('general.file_upload_status.delete.error', 1));
+
+    }
+
+    public function downloadImport(Import $import) {
+
+        $this->authorize('import');
+
+        if ($import = Import::find($import->id)) {
+
+            if ((auth()->user()->id != $import->created_by) && (!auth()->user()->isSuperUser())) {
+                return redirect()->back()->with('error', trans('general.file_upload_status.file_not_found'));
+            }
+
+            if (config('filesystems.default') == 's3_private') {
+                return redirect()->away(Storage::disk('s3_private')->temporaryUrl('private_uploads/imports/' . $import->file_path, now()->addMinutes(5)));
+            }
+
+            if (Storage::exists('private_uploads/imports/' . $import->file_path)) {
+                return response()->download(config('app.private_uploads') . '/imports/' . $import->file_path);
+            }
+
+        }
+
+        return redirect()->back()->with('error', trans('general.file_upload_status.file_not_found'));

    }

@@ -4,6 +4,7 @@ namespace App\Http\Controllers;

 use App\Actions\CheckoutRequests\CancelCheckoutRequestAction;
 use App\Actions\CheckoutRequests\CreateCheckoutRequestAction;
+use App\Enums\ActionType;
 use App\Exceptions\AssetNotRequestable;
 use App\Models\Actionlog;
 use App\Models\Asset;
@@ -155,7 +156,19 @@ class ViewAssetsController extends Controller
    public function getRequestableIndex() : View
    {
        $assets = Asset::with('model', 'defaultLoc', 'location', 'assignedTo', 'requests')->Hardware()->RequestableAssets();
-        $models = AssetModel::with('category', 'requests', 'assets')->RequestableModels()->get();
+        $models = AssetModel::with([
+            'category',
+            'requests',
+            'assets' => function ($q) {
+                $q->where('requestable', 1)
+                    ->whereHas('assetstatus', fn ($s) =>
+                    $s->where('archived', 0)
+                        ->where(fn ($s) =>
+                        $s->where('deployable', 1)->orWhere('pending', 1)
+                        )
+                    );
+            },
+        ])->RequestableModels()->get();

        return view('account/requestable-assets', compact('assets', 'models'));
    }
@@ -201,7 +214,7 @@ class ViewAssetsController extends Controller
        if (($item_request = $item->isRequestedBy($user)) || $cancel_by_admin) {
            $item->cancelRequest($requestingUser);
            $data['item_quantity'] = ($item_request) ? $item_request->qty : 1;
-            $logaction->logaction('request_canceled');
+            $logaction->logaction(ActionType::RequestCanceled);

            if (($settings->alert_email != '') && ($settings->alerts_enabled == '1') && (! config('app.lock_passwords'))) {
                $settings->notify(new RequestAssetCancelation($data));
@@ -44,6 +44,7 @@ class Kernel extends HttpKernel
            \App\Http\Middleware\CheckForTwoFactor::class,
            \Laravel\Passport\Http\Middleware\CreateFreshApiToken::class,
            \App\Http\Middleware\AssetCountForSidebar::class,
+            \App\Http\Middleware\CheckColorSettings::class,
            \Illuminate\Session\Middleware\AuthenticateSession::class,
            \Illuminate\Routing\Middleware\SubstituteBindings::class,
        ],
@@ -34,10 +34,7 @@ class AssetCountForSidebar
        }

        try {
-            $total_assets = Asset::count();
-            if ($settings->show_archived_in_list != '1') {
-                $total_assets -= Asset::Archived()->count();
-            }
+            $total_assets = Asset::AssetsForShow()->count();
            view()->share('total_assets', $total_assets);
        } catch (\Exception $e) {
            Log::debug($e);
@@ -0,0 +1,75 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use App\Models\Setting;
+use Closure;
+use Illuminate\Contracts\Auth\Guard;
+use Illuminate\Support\Facades\Auth;
+
+class CheckColorSettings
+{
+    /**
+     * The Guard implementation.
+     *
+     * @var Guard
+     */
+    protected $auth;
+
+    /**
+     * Create a new filter instance.
+     *
+     * @param  Guard  $auth
+     * @return void
+     */
+    public function __construct(Guard $auth)
+    {
+        $this->auth = $auth;
+    }
+
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+
+        // Set defaults in case this is accessed via the /setup screen
+        $nav_color = '#ffffff';
+        $link_dark_color = '#89c9ed';
+        $link_light_color = '#3c8dbc';
+
+
+        if ($settings = Setting::getSettings()) {
+            $nav_color = $settings->nav_link_color;
+            $link_dark_color = $settings->link_dark_color;
+            $link_light_color = $settings->link_light_color;
+        }
+
+
+        // Override system settings
+        if ($request->user()) {
+
+            if ($request->user()->nav_color) {
+                $nav_color = $request->user()->nav_color;
+            }
+            if ($request->user()->link_dark_color) {
+                $link_dark_color = $request->user()->link_dark_color;
+            }
+            if ($request->user()->nav_color) {
+                $link_light_color = $request->user()->link_light_color;
+            }
+        }
+
+
+        view()->share('nav_link_color', $nav_color);
+        view()->share('link_dark_color', $link_dark_color);
+        view()->share('link_light_color', $link_light_color);
+
+        return $next($request);
+
+    }
+}
@@ -0,0 +1,68 @@
+<?php
+
+namespace App\Http\Requests;
+
+use App\Http\Requests\Traits\MayContainCustomFields;
+use App\Models\Asset;
+use Illuminate\Foundation\Http\FormRequest;
+use App\Helpers\Helper;
+use App\Models\Setting;
+use App\Models\AssetModel;
+use App\Rules\UniqueUndeleted;
+use Illuminate\Support\Str;
+
+class CreateMultipleAssetRequest extends ImageUploadRequest //should I extend from StoreAssetRequest? FIXME OR TODO OR THINKME
+{
+    use MayContainCustomFields;
+
+    /**
+     * Determine if the user is authorized to make this request.
+     */
+    public function authorize(): bool
+    {
+        return true; //TODO - should I do the auth check here?
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
+     */
+    public function rules(): array
+    {
+        //grab the rules for serials and asset_tags, and tweak them into an array context for multi-create usage
+        $modelRules = (new Asset)->getRules();
+        unset($modelRules['serial']);
+
+        $asset_tag_rules = $modelRules['asset_tag'];
+        unset($modelRules['asset_tag']);
+        // now we replace the 'not_array' rule with 'distinct'
+        array_splice($asset_tag_rules, array_search('not_array', $asset_tag_rules), 1, 'distinct');
+        // and replace the 'unique_undeleted' rule with the Rule object
+        foreach ($asset_tag_rules as $i => $asset_tag_rule) {
+            if (Str::startsWith($asset_tag_rule, 'unique_undeleted')) {
+                $asset_tag_rules[$i] = new UniqueUndeleted('assets', 'asset_tag');
+            }
+        }
+
+        $serials_unique = Setting::getSettings()['unique_serial'];
+        $serials_required = AssetModel::find($this?->model_id)?->require_serial;
+
+        $serial_rules = ['string'];
+        if ($serials_unique) {
+//            $serial_rules[] = 'unique_undeleted:assets,serial';
+            $serial_rules[] = new UniqueUndeleted('assets', 'serial');
+            $serial_rules[] = 'distinct';
+        }
+        if ($serials_required) {
+            $serial_rules[] = 'required';
+        } else {
+            $serial_rules[] = 'nullable';
+        }
+
+        return array_merge($modelRules, [
+            'serials.*' => $serial_rules,
+            'asset_tags.*' => $asset_tag_rules,
+        ]);
+    }
+}
@@ -14,6 +14,15 @@ class CustomAssetReportRequest extends Request
        return true;
    }

+
+    public function prepareForValidation()
+    {
+        if($this->filled('purchase_cost_end') && !$this->filled('purchase_cost_start')){
+            $this->merge(['purchase_cost_start' => 0 ]);
+        }
+    }
+
+
    /**
     * Get the validation rules that apply to the request.
     *
@@ -24,6 +33,7 @@ class CustomAssetReportRequest extends Request
        return [
            'purchase_start'        => 'date|date_format:Y-m-d|nullable',
            'purchase_end'          => 'date|date_format:Y-m-d|nullable',
+            'purchase_cost_end'     => 'numeric|nullable|gte:purchase_cost_start',
            'created_start'         => 'date|date_format:Y-m-d|nullable',
            'created_end'           => 'date|date_format:Y-m-d|nullable',
            'checkout_date_start'   => 'date|date_format:Y-m-d|nullable',
@@ -0,0 +1,29 @@
+<?php
+
+namespace App\Http\Requests;
+
+use App\Rules\ValidJson;
+use Illuminate\Foundation\Http\FormRequest;
+
+class FilterRequest extends FormRequest
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     */
+    public function authorize(): bool
+    {
+        return true;
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
+     */
+    public function rules(): array
+    {
+        return [
+            'filter' => ['nullable', new ValidJson()],
+        ];
+    }
+}
@@ -109,7 +109,7 @@ class SettingsSamlRequest extends FormRequest
                ];

                $pkey = openssl_pkey_new([
-                    'private_key_bits' => config('app.saml_key_size'),
+                    'private_key_bits' => (int) config('app.saml_key_size'),
                    'private_key_type' => OPENSSL_KEYTYPE_RSA,
                ]);

@@ -28,7 +28,6 @@ class SetupUserRequest extends Request
          'username' => 'required|string|min:2|unique:users,username,NULL,deleted_at',
          'email' => 'email|unique:users,email',
          'password' => 'required|min:8|confirmed',
-          'email_domain' => 'required|min:4',
        ];
    }

@@ -26,6 +26,7 @@ class StoreAssetRequest extends ImageUploadRequest

    public function prepareForValidation(): void
    {
+        parent::prepareForValidation(); // call ImageUploadRequest thing
        // Guard against users passing in an array for company_id instead of an integer.
        // If the company_id is not an integer then we simply use what was
        // provided to be caught by model level validation later.
@@ -0,0 +1,32 @@
+<?php
+
+namespace App\Http\Requests;
+
+use App\Models\Department;
+use Illuminate\Foundation\Http\FormRequest;
+use Illuminate\Support\Facades\Gate;
+
+class StoreDepartmentRequest extends ImageUploadRequest
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     */
+    public function authorize(): bool
+    {
+        return Gate::allows('create', new Department);
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
+     */
+    public function rules(): array
+    {
+        $modelRules = (new Department)->getRules();
+
+        return array_merge(
+            $modelRules,
+        );
+    }
+}
@@ -49,6 +49,7 @@ class StoreLabelSettings extends FormRequest
            'labels_pagewidth'                    => 'numeric|nullable',
            'labels_pageheight'                   => 'numeric|nullable',
            'qr_text'                             => 'max:31|nullable',
+            'label2_2d_prefix'                    => 'nullable|max:191',
            'label2_template'                     => [
                'required',
                Rule::in($names),
@@ -32,7 +32,7 @@ class StoreNotificationSettings extends FormRequest
            ],
            'alert_threshold'                     => 'numeric|nullable',
            'alert_interval'                      => 'numeric|nullable|gt:0',
-            'audit_warning_days'                  => 'numeric|nullable',
+            'audit_warning_days'                  => 'numeric|nullable|gte:0',
            'due_checkin_days'                    => 'numeric|nullable|gt:0',
            'audit_interval'                      => 'numeric|nullable|gt:0',
        ];
--- a/Show More
+++ b/Show More