Bumped version

# Conflicts:
#	config/version.php

.env.example

@@ -5,7 +5,7 @@ APP_ENV=production
 APP_DEBUG=false
 APP_KEY=ChangeMe
 APP_URL=null
-APP_TIMEZONE='US/Pacific'
+APP_TIMEZONE='UTC'
 APP_LOCALE=en
 
 
@@ -18,7 +18,17 @@ DB_DATABASE=null
 DB_USERNAME=null
 DB_PASSWORD=null
 DB_PREFIX=null
-DB_DUMP_PATH='/usr/local/bin'
+DB_DUMP_PATH='/usr/bin'
+
+# --------------------------------------------
+# OPTIONAL: SSL DATABASE SETTINGS
+# --------------------------------------------
+DB_SSL=false
+DB_SSL_KEY_PATH=null
+DB_SSL_CERT_PATH=null
+DB_SSL_CA_PATH=null
+DB_SSL_CIPHER=null
+
 
 # --------------------------------------------
 # REQUIRED: OUTGOING MAIL SERVER SETTINGS
@@ -30,7 +40,9 @@ MAIL_USERNAME=YOURUSERNAME
 MAIL_PASSWORD=YOURPASSWORD
 MAIL_ENCRYPTION=null
 MAIL_FROM_ADDR=you@example.com
-MAIL_FROM_NAME=Snipe-IT
+MAIL_FROM_NAME='Snipe-IT'
+MAIL_REPLYTO_ADDR=you@example.com
+MAIL_REPLYTO_NAME='Snipe-IT'
 
 
 # --------------------------------------------
@@ -67,6 +79,11 @@ AWS_KEY=null
 AWS_REGION=null
 AWS_BUCKET=null
 
+# --------------------------------------------
+# OPTIONAL: LOGIN THROTTLING
+# --------------------------------------------
+LOGIN_MAX_ATTEMPTS=5
+LOGIN_LOCKOUT_DURATION=60
 
 # --------------------------------------------
 # OPTIONAL: MISC
@@ -74,3 +91,5 @@ AWS_BUCKET=null
 APP_LOG=single
 APP_LOCKED=false
 FILESYSTEM_DISK=local
+APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1
+ALLOW_IFRAMING=false

.env.tests

@@ -0,0 +1,9 @@
+APP_ENV=local
+APP_DEBUG=true
+APP_URL=http://snipe-it.localapp
+DB_CONNECTION=mysql
+DB_HOST=localhost
+DB_DATABASE=snipeittests
+DB_USERNAME=snipeit
+DB_PASSWORD=snipe
+APP_KEY=base64:tu9NRh/a6+dCXBDGvg0Gv/0TcABnFsbT4AKxrr8mwQo=

.github/ISSUE_TEMPLATE.md

@@ -13,7 +13,7 @@
 #### Please confirm you have done the following before posting your bug report:
 
 - [ ] I have enabled debug mode
-- [ ] I have read [checked the Common Issues page](http://docs.snipeitapp.com/common-issues.html)
+- [ ] I have read [checked the Common Issues page](https://snipe-it.readme.io/docs/common-issues)
 
 -----
 #### Please provide answers to these questions before posting your bug report:
@@ -21,7 +21,7 @@
 - Version of Snipe-IT you're running
 - What OS and web server you're running Snipe-IT on
 - What method you used to install Snipe-IT (install.sh, manual installation, docker, etc)
-- If you're getting an error in your browser, include that error
+- WITH DEBUG TURNED ON, if you're getting an error in your browser, include that error
 - What specific Snipe-IT page you're on, and what specific element you're interacting with to trigger the error
 - If a stacktrace is provided in the error, include that too.
 - Any errors that appear in your browser's error console.

.gitignore

@@ -1,49 +1,42 @@
-/vendor
-/node_modules
-Homestead.yaml
-Homestead.json
-.env
-
-tests/_output/*
+.couscous
 .DS_Store
-public/uploads/models/*
-public/uploads/avatars/*
-public/uploads/suppliers/*
-public/uploads/assets/*
-public/uploads/users/*
-public/uploads/*.gif
-public/uploads/*.jpg
-public/uploads/*.png
-public/uploads/*.tif
-public/uploads/*.svg
-storage/app/private_uploads/users/*
-phpDocumentor.phar
-output
-tests/_support/_generated/*
-
-
+.env
+.idea
+/bin/
 /bootstrap/compiled.php
-composer.phar
-app/config/database.php
-app/config/mail.php
+/node_modules
+/vendor
 app/database/*.sqlite
 app/storage/meta/services.json
-app/config/*/mail.php
-app/config/*/session.php
-app/config/*/database.php
-app/config/*/app.php
-app/config/*/ldap.php
-public/packages/*
-storage/logs/*
-storage/debugbar/
-/bin/
-.idea
+composer.phar
 crowdin.yaml
+Homestead.json
+Homestead.yaml
+output
+phpDocumentor.phar
+public/uploads/*.gif
+public/uploads/barcodes/*.png
+public/uploads/*.jpg
+public/uploads/*.png
+public/uploads/*.svg
+public/uploads/*.tif
+public/uploads/assets/*
+public/uploads/avatars/*
 public/uploads/logo.gif
-public/uploads/logo.svg
 public/uploads/logo.png
-.couscous
+public/uploads/logo.svg
+public/uploads/models/*
+public/uploads/suppliers/*
+public/uploads/users/*
+storage/app/private_uploads/users/*
+storage/debugbar/
 storage/dumps/*
-tests/_data/scenarios
 storage/laravel-backups
+storage/logs/*
 storage/private_uploads/users/*
+tests/_data/scenarios
+tests/_output/*
+tests/_support/_generated/*
+/npm-debug.log
+/storage/oauth-private.key
+/storage/oauth-public.key

CODE_OF_CONDUCT.md

@@ -0,0 +1,74 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as
+contributors and maintainers pledge to making participation in our project and
+our community a harassment-free experience for everyone, regardless of age, body
+size, disability, ethnicity, gender identity and expression, level of experience,
+nationality, personal appearance, race, religion, or sexual identity and
+orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment
+include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or
+advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic
+  address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable
+behavior and are expected to take appropriate and fair corrective action in
+response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community. Examples of
+representing a project or community include using an official project e-mail
+address, posting via an official social media account, or acting as an appointed
+representative at an online or offline event. Representation of a project may be
+further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting the project team at [INSERT EMAIL ADDRESS]. All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. The project team is
+obligated to maintain confidentiality with regard to the reporter of an incident.
+Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good
+faith may face temporary or permanent repercussions as determined by other
+members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
+available at [http://contributor-covenant.org/version/1/4][version]
+
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/4/

Dockerfile

@@ -54,12 +54,10 @@ COPY docker/docker.env /var/www/html/.env
 RUN chown -R docker /var/www/html
 
 RUN \
-	rm -r "/var/www/html/storage/private_uploads"      && ln -fs "/var/lib/snipeit/data/private_uploads"   "/var/www/html/storage/private_uploads"      && \
-	mkdir -p "/var/www/html/public/uploads" && \
-	rm -rf "/var/www/html/public/uploads/avatars"   && ln -fs "/var/lib/snipeit/data/uploads/avatars"   "/var/www/html/public/uploads/avatars"   && \
-	rm -rf "/var/www/html/public/uploads/models"    && ln -fs "/var/lib/snipeit/data/uploads/models"    "/var/www/html/public/uploads/models"    && \
-	rm -rf "/var/www/html/public/uploads/suppliers" && ln -fs "/var/lib/snipeit/data/uploads/suppliers" "/var/www/html/public/uploads/suppliers" && \
-	rm -r "/var/www/html/storage/backups"        && ln -fs "/var/lib/snipeit/dumps"                  "/var/www/html/storage/backups"
+	rm -r "/var/www/html/storage/private_uploads" && ln -fs "/var/lib/snipeit/data/private_uploads" "/var/www/html/storage/private_uploads" \
+      && mkdir -p "/var/lib/snipeit/data/uploads/{assets,avatars,barcodes,models,suppliers}" \
+      && rm -rf "/var/www/html/public/uploads" && ln -fs "/var/lib/snipeit/data/uploads" "/var/www/html/public/uploads" \
+      && rm -r "/var/www/html/storage/app/backups" && ln -fs "/var/lib/snipeit/dumps" "/var/www/html/storage/app/backups"
 
 ############## DEPENDENCIES via COMPOSER ###################
 
@@ -80,7 +78,7 @@ RUN cd /var/www/html;composer install
 
 ############### DATA VOLUME #################
 
-VOLUME [/var/lib/snipeit]
+VOLUME ["/var/lib/snipeit"]
 
 ##### START SERVER
 

README.md

@@ -1,43 +1,38 @@
-[![Build Status](https://travis-ci.org/snipe/snipe-it.svg?branch=develop)](https://travis-ci.org/snipe/snipe-it) [![Stories in Ready](https://badge.waffle.io/snipe/snipe-it.png?label=ready+for+dev&title=Ready+for+development)](http://waffle.io/snipe/snipe-it) [![Maintenance](https://img.shields.io/maintenance/yes/2016.svg)]() [![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.png)](https://crowdin.com/project/snipe-it)
-[![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/snipe/snipe-it?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
-[![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/)
-[![Twitter Follow](https://img.shields.io/twitter/follow/snipeyhead.svg?style=social)](https://twitter.com/snipeyhead)
-[![Zenhub](https://raw.githubusercontent.com/ZenHubIO/support/master/zenhub-badge.png)](https://zenhub.io)
+[![Build Status](https://travis-ci.org/snipe/snipe-it.svg?branch=develop)](https://travis-ci.org/snipe/snipe-it) [![Stories in Ready](https://badge.waffle.io/snipe/snipe-it.png?label=ready+for+dev&title=Ready+for+development)](http://waffle.io/snipe/snipe-it) [![Maintenance](https://img.shields.io/maintenance/yes/2016.svg)]() [![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.png)](https://crowdin.com/project/snipe-it) [![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/snipe/snipe-it?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeyhead.svg?style=social)](https://twitter.com/snipeyhead) [![Zenhub](https://raw.githubusercontent.com/ZenHubIO/support/master/zenhub-badge.png)](https://zenhub.io) [![Codacy Badge](https://api.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://www.codacy.com/app/snipe/snipe-it?utm_source=github.com&utm_medium=referral&utm_content=snipe/snipe-it&utm_campaign=Badge_Grade)
 
 
-## Snipe-IT - Asset Management For the Rest of Us
+## Snipe-IT - Open Source Asset Management System
 
 This is a FOSS project for asset management in IT Operations. Knowing who has which laptop, when it was purchased in order to depreciate it correctly, handling software licenses, etc.
 
 It is built on [Laravel 5.2](http://laravel.com).
 
-This project is being actively developed and we're [releasing quite frequently](https://github.com/snipe/snipe-it/releases). ([Check out the live demo here](https://snipeitapp.com/demo/).)
+Snipe-IT is actively developed and we're [releasing quite frequently](https://github.com/snipe/snipe-it/releases). ([Check out the live demo here](https://snipeitapp.com/demo/).)
 
-__This is web-based software__. This means there there is no executable file (aka no .exe files), and it must be run on a web server and accessed through a web browser. It runs on any Mac OSX, flavor of Linux, as well as Windows.
+__This is web-based software__. This means there there is no executable file (aka no .exe files), and it must be run on a web server and accessed through a web browser. It runs on any Mac OSX, flavor of Linux, as well as Windows, and we have a [Docker image](https://snipe-it.readme.io/docs/docker) available if that's what you're into.
 
 -----
 
 ### Installation
 
-__Installation and configuration documentation for this project has been moved to http://docs.snipeitapp.com.__
+For instructions on installing and configuring Snipe-IT on your server, check out the [installation manual](https://snipe-it.readme.io/docs). (Please see the [requirements documentation](https://snipe-it.readme.io/docs/requirements) for full requirements.)
 
-#### Server Requirements
-Please see the [requirements documentation](http://docs.snipeitapp.com/requirements.html) for full requirements.
+If you're having trouble with the installation, please check the [Common Issues](https://snipe-it.readme.io/docs/common-issues) and [Getting Help](https://snipe-it.readme.io/docs/getting-help) documentation, and search this repository's open *and* closed issues for help.
+
+-----
+### User's Manual
+For help using Snipe-IT, check out the [user's manual](https://snipe-it-manual.readme.io/docs).
 
 -----
 ### Bug Reports & Feature Requests
 
 Feel free to check out the [GitHub Issues for this project](https://github.com/snipe/snipe-it/issues) to open a bug report or see what open issues you can help with. Please search through existing issues (open and closed) to see if your question hasn't already been answered before opening a new issue.
 
-We use Waffle.io to help better communicate our roadmap with users. Our [project page there](http://waffle.io/snipe/snipe-it) will show you the backlog, what's ready to be worked on, what's in progress, and what's completed.
-
-If you're having trouble with the installation, please check the [Common Issues](http://docs.snipeitapp.com/common-issues.html) and [Getting Help](http://docs.snipeitapp.com/getting-help.html) documentation.
-
 -----
 
 ### Upgrading
 
-Please see the [upgrading documentation](http://docs.snipeitapp.com/upgrading.html) for instructions on upgrading Snipe-IT.
+Please see the [upgrading documentation](https://snipe-it.readme.io/docs/upgrading) for instructions on upgrading Snipe-IT.
 
 ------
 ### Announcement List
@@ -48,14 +43,17 @@ To be notified of important news (such as new releases, security advisories, etc
 
 ### Translations!
 
-Please see the [translations documentation](http://docs.snipeitapp.com/translations.html) for information about available languages and how to add translations to Snipe-IT.
+Please see the [translations documentation](https://snipe-it.readme.io/docs/translations) for information about available languages and how to add translations to Snipe-IT.
 
 -----
 
 ### Contributing
 
-Please see the documentation on [contributing and developing for Snipe-IT](http://docs.snipeitapp.com/contributing.html).
+Please see the documentation on [contributing and developing for Snipe-IT](https://snipe-it.readme.io/docs/contributing).
 
-[![Stories in Ready](https://badge.waffle.io/snipe/snipe-it.png?label=ready+for+dev&title=Ready+for+Development)](http://waffle.io/snipe/snipe-it)
 
 Please note that this project is released with a [Contributor Code of Conduct](CODE_OF_CONDUCT.md). By participating in this project you agree to abide by its terms.
+
+### Security
+
+To report a security vulnerability, please email security@snipeitapp.com instead of using the issue tracker. 

app/Console/Commands/AssetImportCommand.php

@@ -1,5 +1,6 @@
 <?php
 namespace App\Console\Commands;
+
 use App\Models\User;
 use App\Models\Location;
 use App\Models\Category;
@@ -13,456 +14,450 @@ use Symfony\Component\Console\Input\InputArgument;
 use Illuminate\Console\Command;
 use League\Csv\Reader;
 
-class AssetImportCommand extends Command {
+class AssetImportCommand extends Command
+{
 
-	/**
-	 * The console command name.
-	 *
-	 * @var string
-	 */
-	protected $name = 'snipeit:asset-import';
+    /**
+     * The console command name.
+     *
+     * @var string
+     */
+    protected $name = 'snipeit:asset-import';
 
-	/**
-	 * The console command description.
-	 *
-	 * @var string
-	 */
-	protected $description = 'Import Assets from CSV';
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Import Assets from CSV';
 
-	/**
-	 * Create a new command instance.
-	 *
-	 * @return void
-	 */
-	public function __construct()
-	{
-		parent::__construct();
-	}
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
 
-	/**
-	 * Execute the console command.
-	 *
-	 * @return mixed
-	 */
-	public function fire()
-	{
-		$filename = $this->argument('filename');
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function fire()
+    {
+        $filename = $this->argument('filename');
 
 
-		if (!$this->option('testrun')=='true') {
-			$this->comment('======= Importing Assets from '.$filename.' =========');
-		} else {
-			$this->comment('====== TEST ONLY Asset Import for '.$filename.' ====');
-			$this->comment('============== NO DATA WILL BE WRITTEN ==============');
-		}
-
-		if (! ini_get("auto_detect_line_endings")) {
-			ini_set("auto_detect_line_endings", '1');
-		}
-
-		$csv = Reader::createFromPath($this->argument('filename'));
-		$csv->setNewline("\r\n");
-		$csv->setOffset(1);
-		$duplicates = '';
-
-		// Loop through the records
-		$nbInsert = $csv->each(function ($row) use ($duplicates) {
-			$status_id = 1;
-
-			// Let's just map some of these entries to more user friendly words
-
-			// User's name
-			if (array_key_exists('0',$row)) {
-				$user_name = trim($row[0]);
-			} else {
-				$user_name = '';
-			}
-
-			// User's email
-			if (array_key_exists('1',$row)) {
-				$user_email = trim($row[1]);
-			} else {
-				$user_email = '';
-			}
-
-			// User's email
-			if (array_key_exists('2',$row)) {
-				$user_username = trim($row[2]);
-			} else {
-				$user_username = '';
-			}
-
-			// Asset Name
-			if (array_key_exists('3',$row)) {
-				$user_asset_asset_name = trim($row[3]);
-			} else {
-				$user_asset_asset_name = '';
-			}
-
-			// Asset Category
-			if (array_key_exists('4',$row)) {
-				$user_asset_category = trim($row[4]);
-			} else {
-				$user_asset_category = '';
-			}
-
-			// Asset Name
-			if (array_key_exists('5',$row)) {
-				$user_asset_name = trim($row[5]);
-			} else {
-				$user_asset_name = '';
-			}
-
-			// Asset Manufacturer
-			if (array_key_exists('6',$row)) {
-				$user_asset_mfgr = trim($row[6]);
-			} else {
-				$user_asset_mfgr = '';
-			}
-
-			// Asset model number
-			if (array_key_exists('7',$row)) {
-				$user_asset_modelno = trim($row[7]);
-			} else {
-				$user_asset_modelno = '';
-			}
-
-			// Asset serial number
-			if (array_key_exists('8',$row)) {
-				$user_asset_serial = trim($row[8]);
-			} else {
-				$user_asset_serial = '';
-			}
-
-			// Asset tag
-			if (array_key_exists('9',$row)) {
-				$user_asset_tag = trim($row[9]);
-			} else {
-				$user_asset_tag = '';
-			}
-
-			// Asset location
-			if (array_key_exists('10',$row)) {
-				$user_asset_location = trim($row[10]);
-			} else {
-				$user_asset_location = '';
-			}
-
-			// Asset notes
-			if (array_key_exists('11',$row)) {
-				$user_asset_notes = trim($row[11]);
-			} else {
-				$user_asset_notes = '';
-			}
-
-			// Asset purchase date
-			if (array_key_exists('12',$row)) {
-				if ($row[12]!='') {
-					$user_asset_purchase_date = date("Y-m-d 00:00:01", strtotime($row[12]));
-				} else {
-					$user_asset_purchase_date = '';
-				}
-			} else {
-				$user_asset_purchase_date = '';
-			}
-
-			// Asset purchase cost
-			if (array_key_exists('13',$row)) {
-				if ($row[13]!='') {
-					$user_asset_purchase_cost = trim($row[13]);
-				} else {
-					$user_asset_purchase_cost = '';
-				}
-			} else {
-				$user_asset_purchase_cost = '';
-			}
-
-       // Asset Company Name
-       if (array_key_exists('14',$row)) {
-              if ($row[14]!='') {
-                  $user_asset_company_name = trim($row[14]);
-              } else {
-                      $user_asset_company_name= '';
-              }
-       } else {
-              $user_asset_company_name = '';
-       }
-
-
-		// A number was given instead of a name
-		if (is_numeric($user_name)) {
-			$this->comment('User '.$user_name.' is not a name - assume this user already exists');
-			$user_username = '';
-            $first_name = '';
-			$last_name = '';
-
-		// No name was given
-		} elseif ($user_name=='') {
-			$this->comment('No user data provided - skipping user creation, just adding asset');
-			$first_name = '';
-			$last_name = '';
-			//$user_username = '';
-
-		} else {
-			$user_email_array = User::generateFormattedNameFromFullName($this->option('email_format'), $user_name);
-			$first_name = $user_email_array['first_name'];
-			$last_name = $user_email_array['last_name'];
-
-			if ($user_email=='') {
-				$user_email = $user_email_array['username'].'@'.config('app.domain');
-			}
-
-			if ($user_username=='') {
-				if ($this->option('username_format')=='email') {
-					$user_username = $user_email;
-				} else {
-					$user_name_array = User::generateFormattedNameFromFullName($this->option('username_format'), $user_name);
-					$user_username = $user_name_array['username'];
-				}
-
-			}
-
-		}
-
-		$this->comment('Full Name: '.$user_name);
-		$this->comment('First Name: '.$first_name);
-		$this->comment('Last Name: '.$last_name);
-		$this->comment('Username: '.$user_username);
-		$this->comment('Email: '.$user_email);
-		$this->comment('Category Name: '.$user_asset_category);
-		$this->comment('Item: '.$user_asset_name);
-		$this->comment('Manufacturer ID: '.$user_asset_mfgr);
-		$this->comment('Model No: '.$user_asset_modelno);
-		$this->comment('Serial No: '.$user_asset_serial);
-		$this->comment('Asset Tag: '.$user_asset_tag);
-		$this->comment('Location: '.$user_asset_location);
-		$this->comment('Purchase Date: '.$user_asset_purchase_date);
-		$this->comment('Purchase Cost: '.$user_asset_purchase_cost);
-		$this->comment('Notes: '.$user_asset_notes);
-        $this->comment('Company Name: '.$user_asset_company_name);
-
-		$this->comment('------------- Action Summary ----------------');
-
-		if ($user_username!='') {
-			if ($user = User::MatchEmailOrUsername($user_username, $user_email)
-				->whereNotNull('username')->first()) {
-				$this->comment('User '.$user_username.' already exists');
-			} else {
-                $user = new \App\Models\User;
-                $password  = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
-
-                $user->first_name = $first_name;
-                $user->last_name = $last_name;
-                $user->username = $user_username;
-                $user->email = $user_email;
-                $user->permissions = '{user":1}';
-                $user->password = bcrypt($password);
-                $user->activated = 1;
-                if ($user->save()) {
-                    $this->comment('User '.$first_name.' created');
-                } else {
-                    $this->error('ERROR CREATING User '.$first_name.' '.$last_name);
-                    $this->error($user->getErrors());
-                }
-
-			}
-		} else {
-			$user = new User;
-		}
-
-		// Check for the location match and create it if it doesn't exist
-		if ($location = Location::where('name', e($user_asset_location))->first()) {
-			$this->comment('Location '.$user_asset_location.' already exists');
-		} else {
-
-        $location = new Location();
-
-				if ($user_asset_location!='')
-                {
-					$location->name = e($user_asset_location);
-					$location->address = '';
-					$location->city = '';
-					$location->state = '';
-					$location->country = '';
-					$location->user_id = 1;
-
-					if (!$this->option('testrun')=='true') {
-
-						if ($location->save()) {
-							$this->comment('Location '.$user_asset_location.' was created');
-			            } else {
-							$this->error('Something went wrong! Location '.$user_asset_location.' was NOT created');
-                            $this->error($location->getErrors());
-						}
-
-					}
-                    else
-                    {
-						$this->comment('Location '.$user_asset_location.' was (not) created - test run only');
-					}
-				}
-                else
-                {
-					$this->comment('No location given, so none created.');
-				}
-
-			}
-
-        if (e($user_asset_category)=='') {
-            $category_name = 'Unnamed Category';
+        if (!$this->option('testrun')=='true') {
+            $this->comment('======= Importing Assets from '.$filename.' =========');
         } else {
-            $category_name = e($user_asset_category);
+            $this->comment('====== TEST ONLY Asset Import for '.$filename.' ====');
+            $this->comment('============== NO DATA WILL BE WRITTEN ==============');
         }
 
-    	// Check for the category match and create it if it doesn't exist
-    	if ($category = Category::where('name', e($category_name))->where('category_type', 'asset')->first()) {
-    		$this->comment('Category '.$category_name.' already exists');
+        if (! ini_get("auto_detect_line_endings")) {
+            ini_set("auto_detect_line_endings", '1');
+        }
 
-    	} else {
-    		$category = new Category();
-            $category->name = e($category_name);
-    		$category->category_type = 'asset';
-    		$category->user_id = 1;
+        $csv = Reader::createFromPath($this->argument('filename'));
+        $csv->setNewline("\r\n");
+        $csv->setOffset(1);
+        $duplicates = '';
 
-    		if ($category->save()) {
-    			$this->comment('Category '.$user_asset_category.' was created');
+        // Loop through the records
+        $nbInsert = $csv->each(function ($row) use ($duplicates) {
+            $status_id = 1;
+
+            // Let's just map some of these entries to more user friendly words
+
+            // User's name
+            if (array_key_exists('0', $row)) {
+                $user_name = trim($row[0]);
             } else {
-    			$this->error('Something went wrong! Category '.$user_asset_category.' was NOT created');
-                $this->error($category->getErrors());
-    		}
-
-    	}
-
-    	// Check for the manufacturer match and create it if it doesn't exist
-    	if ($manufacturer = Manufacturer::where('name', e($user_asset_mfgr))->first()) {
-    		$this->comment('Manufacturer '.$user_asset_mfgr.' already exists');
-    	} else {
-    		$manufacturer = new Manufacturer();
-    		$manufacturer->name = e($user_asset_mfgr);
-    		$manufacturer->user_id = 1;
-
-    		if ($manufacturer->save()) {
-    			$this->comment('Manufacturer '.$user_asset_mfgr.' was created');
-            } else {
-    			$this->error('Something went wrong! Manufacturer '.$user_asset_mfgr.' was NOT created: '. $manufacturer->getErrors()->first());
-    		}
-
-    	}
-
-    	// Check for the asset model match and create it if it doesn't exist
-    	if ($asset_model = AssetModel::where('name', e($user_asset_name))->where('modelno', e($user_asset_modelno))->where('category_id', $category->id)->where('manufacturer_id', $manufacturer->id)->first()) {
-    		$this->comment('The Asset Model '.$user_asset_name.' with model number '.$user_asset_modelno.' already exists');
-    	} else {
-    		$asset_model = new AssetModel();
-    		$asset_model->name = e($user_asset_name);
-    		$asset_model->manufacturer_id = $manufacturer->id;
-    		$asset_model->modelno = e($user_asset_modelno);
-    		$asset_model->category_id = $category->id;
-    		$asset_model->user_id = 1;
-
-    		if ($asset_model->save()) {
-    			$this->comment('Asset Model '.$user_asset_name.' with model number '.$user_asset_modelno.' was created');
-            } else {
-    			$this->error('Something went wrong! Asset Model '.$user_asset_name.' was NOT created: '.$asset_model->getErrors()->first());
-    		}
-
-    	}
-
-        // Check for the asset company match and create it if it doesn't exist
-        if ($user_asset_company_name!='') {
-            if ($company = Company::where('name', e($user_asset_company_name))->first()) {
-                $this->comment('Company '.$user_asset_company_name.' already exists');
-            } else {
-                $company = new Company();
-                $company->name = e($user_asset_company_name);
-
-                if ($company->save()) {
-                    $this->comment('Company '.$user_asset_company_name.' was created');
-                } else {
-                    $this->error('Something went wrong! Company '.$user_asset_company_name.' was NOT created: '.$company->getErrors()->first());
-                }
+                $user_name = '';
             }
 
-        } else {
-          $company = new Company();
-        }
+            // User's email
+            if (array_key_exists('1', $row)) {
+                $user_email = trim($row[1]);
+            } else {
+                $user_email = '';
+            }
 
-			// Check for the asset match and create it if it doesn't exist
-        if ($asset = Asset::where('asset_tag', e($user_asset_tag))->first()) {
-          $this->comment('The Asset with asset tag '.$user_asset_tag.' already exists');
-        } else {
-          $asset = new Asset();
-          $asset->name = e($user_asset_asset_name);
-  				if ($user_asset_purchase_date!='') {
-  					$asset->purchase_date = $user_asset_purchase_date;
-  				} else {
-  					$asset->purchase_date = NULL;
-  				}
-  				if ($user_asset_purchase_cost!='') {
-  					$asset->purchase_cost = ParseFloat(e($user_asset_purchase_cost));
-  				} else {
-  					$asset->purchase_cost = 0.00;
-  				}
-  				$asset->serial = e($user_asset_serial);
-  				$asset->asset_tag = e($user_asset_tag);
-  				$asset->model_id = $asset_model->id;
-  				$asset->assigned_to = $user->id;
-  				$asset->rtd_location_id = $location->id;
-  				$asset->user_id = 1;
-  				$asset->status_id = $status_id;
-                $asset->company_id = $company->id;
-  				if ($user_asset_purchase_date!='') {
-  					$asset->purchase_date = $user_asset_purchase_date;
-  				} else {
-  					$asset->purchase_date = NULL;
-  				}
-  				$asset->notes = e($user_asset_notes);
+            // User's email
+            if (array_key_exists('2', $row)) {
+                $user_username = trim($row[2]);
+            } else {
+                $user_username = '';
+            }
 
-  				if ($asset->save()) {
-  					$this->comment('Asset '.$user_asset_name.' with serial number '.$user_asset_serial.' was created');
-  	            } else {
-  					$this->error('Something went wrong! Asset '.$user_asset_name.' was NOT created: '.$asset->getErrors()->first());
-  				}
+            // Asset Name
+            if (array_key_exists('3', $row)) {
+                $user_asset_asset_name = trim($row[3]);
+            } else {
+                $user_asset_asset_name = '';
+            }
 
-        }
+            // Asset Category
+            if (array_key_exists('4', $row)) {
+                $user_asset_category = trim($row[4]);
+            } else {
+                $user_asset_category = '';
+            }
+
+            // Asset Name
+            if (array_key_exists('5', $row)) {
+                $user_asset_name = trim($row[5]);
+            } else {
+                $user_asset_name = '';
+            }
+
+            // Asset Manufacturer
+            if (array_key_exists('6', $row)) {
+                $user_asset_mfgr = trim($row[6]);
+            } else {
+                $user_asset_mfgr = '';
+            }
+
+            // Asset model number
+            if (array_key_exists('7', $row)) {
+                $user_asset_modelno = trim($row[7]);
+            } else {
+                $user_asset_modelno = '';
+            }
+
+            // Asset serial number
+            if (array_key_exists('8', $row)) {
+                $user_asset_serial = trim($row[8]);
+            } else {
+                $user_asset_serial = '';
+            }
+
+            // Asset tag
+            if (array_key_exists('9', $row)) {
+                $user_asset_tag = trim($row[9]);
+            } else {
+                $user_asset_tag = '';
+            }
+
+            // Asset location
+            if (array_key_exists('10', $row)) {
+                $user_asset_location = trim($row[10]);
+            } else {
+                $user_asset_location = '';
+            }
+
+            // Asset notes
+            if (array_key_exists('11', $row)) {
+                $user_asset_notes = trim($row[11]);
+            } else {
+                $user_asset_notes = '';
+            }
+
+            // Asset purchase date
+            if (array_key_exists('12', $row)) {
+                if ($row[12]!='') {
+                    $user_asset_purchase_date = date("Y-m-d 00:00:01", strtotime($row[12]));
+                } else {
+                    $user_asset_purchase_date = '';
+                }
+            } else {
+                $user_asset_purchase_date = '';
+            }
+
+            // Asset purchase cost
+            if (array_key_exists('13', $row)) {
+                if ($row[13]!='') {
+                    $user_asset_purchase_cost = trim($row[13]);
+                } else {
+                    $user_asset_purchase_cost = '';
+                }
+            } else {
+                $user_asset_purchase_cost = '';
+            }
+
+       // Asset Company Name
+            if (array_key_exists('14', $row)) {
+                if ($row[14]!='') {
+                    $user_asset_company_name = trim($row[14]);
+                } else {
+                        $user_asset_company_name= '';
+                }
+            } else {
+                   $user_asset_company_name = '';
+            }
+
+
+        // A number was given instead of a name
+            if (is_numeric($user_name)) {
+                $this->comment('User '.$user_name.' is not a name - assume this user already exists');
+                $user_username = '';
+                $first_name = '';
+                $last_name = '';
+
+            // No name was given
+            } elseif ($user_name=='') {
+                $this->comment('No user data provided - skipping user creation, just adding asset');
+                $first_name = '';
+                $last_name = '';
+                //$user_username = '';
+
+            } else {
+                $user_email_array = User::generateFormattedNameFromFullName($this->option('email_format'), $user_name);
+                $first_name = $user_email_array['first_name'];
+                $last_name = $user_email_array['last_name'];
+
+                if ($user_email=='') {
+                    $user_email = $user_email_array['username'].'@'.config('app.domain');
+                }
+
+                if ($user_username=='') {
+                    if ($this->option('username_format')=='email') {
+                        $user_username = $user_email;
+                    } else {
+                        $user_name_array = User::generateFormattedNameFromFullName($this->option('username_format'), $user_name);
+                        $user_username = $user_name_array['username'];
+                    }
+
+                }
+
+            }
+
+            $this->comment('Full Name: '.$user_name);
+            $this->comment('First Name: '.$first_name);
+            $this->comment('Last Name: '.$last_name);
+            $this->comment('Username: '.$user_username);
+            $this->comment('Email: '.$user_email);
+            $this->comment('Category Name: '.$user_asset_category);
+            $this->comment('Item: '.$user_asset_name);
+            $this->comment('Manufacturer ID: '.$user_asset_mfgr);
+            $this->comment('Model No: '.$user_asset_modelno);
+            $this->comment('Serial No: '.$user_asset_serial);
+            $this->comment('Asset Tag: '.$user_asset_tag);
+            $this->comment('Location: '.$user_asset_location);
+            $this->comment('Purchase Date: '.$user_asset_purchase_date);
+            $this->comment('Purchase Cost: '.$user_asset_purchase_cost);
+            $this->comment('Notes: '.$user_asset_notes);
+            $this->comment('Company Name: '.$user_asset_company_name);
+
+            $this->comment('------------- Action Summary ----------------');
+
+            if ($user_username!='') {
+                if ($user = User::MatchEmailOrUsername($user_username, $user_email)
+                ->whereNotNull('username')->first()) {
+                    $this->comment('User '.$user_username.' already exists');
+                } else {
+                    $user = new \App\Models\User;
+                    $password  = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
+
+                    $user->first_name = $first_name;
+                    $user->last_name = $last_name;
+                    $user->username = $user_username;
+                    $user->email = $user_email;
+                    $user->permissions = '{user":1}';
+                    $user->password = bcrypt($password);
+                    $user->activated = 1;
+                    if ($user->save()) {
+                        $this->comment('User '.$first_name.' created');
+                    } else {
+                        $this->error('ERROR CREATING User '.$first_name.' '.$last_name);
+                        $this->error($user->getErrors());
+                    }
+
+                }
+            } else {
+                $user = new User;
+            }
+
+        // Check for the location match and create it if it doesn't exist
+            if ($location = Location::where('name', e($user_asset_location))->first()) {
+                $this->comment('Location '.$user_asset_location.' already exists');
+            } else {
+
+                $location = new Location();
+
+                if ($user_asset_location!='') {
+                    $location->name = e($user_asset_location);
+                    $location->address = '';
+                    $location->city = '';
+                    $location->state = '';
+                    $location->country = '';
+                    $location->user_id = 1;
+
+                    if (!$this->option('testrun')=='true') {
+
+                        if ($location->save()) {
+                            $this->comment('Location '.$user_asset_location.' was created');
+                        } else {
+                            $this->error('Something went wrong! Location '.$user_asset_location.' was NOT created');
+                            $this->error($location->getErrors());
+                        }
+
+                    } else {
+                        $this->comment('Location '.$user_asset_location.' was (not) created - test run only');
+                    }
+                } else {
+                    $this->comment('No location given, so none created.');
+                }
+
+            }
+
+            if (e($user_asset_category)=='') {
+                $category_name = 'Unnamed Category';
+            } else {
+                $category_name = e($user_asset_category);
+            }
+
+        // Check for the category match and create it if it doesn't exist
+            if ($category = Category::where('name', e($category_name))->where('category_type', 'asset')->first()) {
+                $this->comment('Category '.$category_name.' already exists');
+
+            } else {
+                $category = new Category();
+                $category->name = e($category_name);
+                $category->category_type = 'asset';
+                $category->user_id = 1;
+
+                if ($category->save()) {
+                    $this->comment('Category '.$user_asset_category.' was created');
+                } else {
+                    $this->error('Something went wrong! Category '.$user_asset_category.' was NOT created');
+                    $this->error($category->getErrors());
+                }
+
+            }
+
+        // Check for the manufacturer match and create it if it doesn't exist
+            if ($manufacturer = Manufacturer::where('name', e($user_asset_mfgr))->first()) {
+                $this->comment('Manufacturer '.$user_asset_mfgr.' already exists');
+            } else {
+                $manufacturer = new Manufacturer();
+                $manufacturer->name = e($user_asset_mfgr);
+                $manufacturer->user_id = 1;
+
+                if ($manufacturer->save()) {
+                    $this->comment('Manufacturer '.$user_asset_mfgr.' was created');
+                } else {
+                    $this->error('Something went wrong! Manufacturer '.$user_asset_mfgr.' was NOT created: '. $manufacturer->getErrors()->first());
+                }
+
+            }
+
+        // Check for the asset model match and create it if it doesn't exist
+            if ($asset_model = AssetModel::where('name', e($user_asset_name))->where('modelno', e($user_asset_modelno))->where('category_id', $category->id)->where('manufacturer_id', $manufacturer->id)->first()) {
+                $this->comment('The Asset Model '.$user_asset_name.' with model number '.$user_asset_modelno.' already exists');
+            } else {
+                $asset_model = new AssetModel();
+                $asset_model->name = e($user_asset_name);
+                $asset_model->manufacturer_id = $manufacturer->id;
+                $asset_model->modelno = e($user_asset_modelno);
+                $asset_model->category_id = $category->id;
+                $asset_model->user_id = 1;
+
+                if ($asset_model->save()) {
+                    $this->comment('Asset Model '.$user_asset_name.' with model number '.$user_asset_modelno.' was created');
+                } else {
+                    $this->error('Something went wrong! Asset Model '.$user_asset_name.' was NOT created: '.$asset_model->getErrors()->first());
+                }
+
+            }
+
+        // Check for the asset company match and create it if it doesn't exist
+            if ($user_asset_company_name!='') {
+                if ($company = Company::where('name', e($user_asset_company_name))->first()) {
+                    $this->comment('Company '.$user_asset_company_name.' already exists');
+                } else {
+                    $company = new Company();
+                    $company->name = e($user_asset_company_name);
+
+                    if ($company->save()) {
+                        $this->comment('Company '.$user_asset_company_name.' was created');
+                    } else {
+                        $this->error('Something went wrong! Company '.$user_asset_company_name.' was NOT created: '.$company->getErrors()->first());
+                    }
+                }
+
+            } else {
+                $company = new Company();
+            }
+
+            // Check for the asset match and create it if it doesn't exist
+            if ($asset = Asset::where('asset_tag', e($user_asset_tag))->first()) {
+                $this->comment('The Asset with asset tag '.$user_asset_tag.' already exists');
+            } else {
+                $asset = new Asset();
+                $asset->name = e($user_asset_asset_name);
+                if ($user_asset_purchase_date!='') {
+                    $asset->purchase_date = $user_asset_purchase_date;
+                } else {
+                    $asset->purchase_date = null;
+                }
+                if ($user_asset_purchase_cost!='') {
+                    $asset->purchase_cost = ParseFloat(e($user_asset_purchase_cost));
+                } else {
+                    $asset->purchase_cost = 0.00;
+                }
+                    $asset->serial = e($user_asset_serial);
+                    $asset->asset_tag = e($user_asset_tag);
+                    $asset->model_id = $asset_model->id;
+                    $asset->assigned_to = $user->id;
+                    $asset->rtd_location_id = $location->id;
+                    $asset->user_id = 1;
+                    $asset->status_id = $status_id;
+                    $asset->company_id = $company->id;
+                if ($user_asset_purchase_date!='') {
+                    $asset->purchase_date = $user_asset_purchase_date;
+                } else {
+                    $asset->purchase_date = null;
+                }
+                    $asset->notes = e($user_asset_notes);
+
+                if ($asset->save()) {
+                    $this->comment('Asset '.$user_asset_name.' with serial number '.$user_asset_serial.' was created');
+                } else {
+                    $this->error('Something went wrong! Asset '.$user_asset_name.' was NOT created: '.$asset->getErrors()->first());
+                }
+
+            }
 
 
 
-			$this->comment('=====================================');
+            $this->comment('=====================================');
 
-			return true;
+            return true;
 
-		});
+        });
 
 
-	}
+    }
 
-	/**
-	 * Get the console command arguments.
-	 *
-	 * @return array
-	 */
-	protected function getArguments()
-	{
-		return array(
-			array('filename', InputArgument::REQUIRED, 'File for the CSV import.'),
-		);
-	}
-
-
-	/**
-	 * Get the console command options.
-	 *
-	 * @return array
-	 */
-	protected function getOptions()
-	{
-	return array(
-		array('email_format', null, InputOption::VALUE_REQUIRED, 'The format of the email addresses that should be generated. Options are firstname.lastname, firstname, filastname', null),
-		array('username_format', null, InputOption::VALUE_REQUIRED, 'The format of the username that should be generated. Options are firstname.lastname, firstname, filastname, email', null),
-		array('testrun', null, InputOption::VALUE_REQUIRED, 'Test the output without writing to the database or not.', null),
-	);
-	}
+    /**
+     * Get the console command arguments.
+     *
+     * @return array
+     */
+    protected function getArguments()
+    {
+        return array(
+            array('filename', InputArgument::REQUIRED, 'File for the CSV import.'),
+        );
+    }
 
 
+    /**
+     * Get the console command options.
+     *
+     * @return array
+     */
+    protected function getOptions()
+    {
+        return array(
+        array('email_format', null, InputOption::VALUE_REQUIRED, 'The format of the email addresses that should be generated. Options are firstname.lastname, firstname, filastname', null),
+        array('username_format', null, InputOption::VALUE_REQUIRED, 'The format of the username that should be generated. Options are firstname.lastname, firstname, filastname, email', null),
+        array('testrun', null, InputOption::VALUE_REQUIRED, 'Test the output without writing to the database or not.', null),
+        );
+    }
 }

app/Console/Commands/CreateAdmin.php

@@ -46,32 +46,32 @@ class CreateAdmin extends Command
         $show_in_list = $this->argument('show_in_list');
 
         if (($first_name=='') || ($last_name=='') || ($username=='') || ($email=='') || ($password=='')) {
-          $this->info('ERROR: All fields are required.');
+            $this->info('ERROR: All fields are required.');
         } else {
-          $user = new \App\Models\User;
-          $user->first_name = $first_name;
-          $user->last_name = $last_name;
-          $user->username = $username;
-          $user->email = $email;
-          $user->permissions = '{"admin":1,"user":1,"superuser":1,"reports.view":1, "licenses.keys":1}';
-          $user->password = bcrypt($password);
-          $user->activated = 1;
+            $user = new \App\Models\User;
+            $user->first_name = $first_name;
+            $user->last_name = $last_name;
+            $user->username = $username;
+            $user->email = $email;
+            $user->permissions = '{"admin":1,"user":1,"superuser":1,"reports.view":1, "licenses.keys":1}';
+            $user->password = bcrypt($password);
+            $user->activated = 1;
 
-          if ($show_in_list == 'false') {
-             $user->show_in_list = 0;
-          }
-          if ($user->save()) {
-            $this->info('New user created');
-            $user->groups()->attach(1);
-          } else {
-            $this->info('Admin user was not created');
-            $errors = $user->getErrors();
-
-            foreach ($errors->all() as $error) {
-              $this->info('ERROR:'. $error);
+            if ($show_in_list == 'false') {
+                $user->show_in_list = 0;
             }
+            if ($user->save()) {
+                $this->info('New user created');
+                $user->groups()->attach(1);
+            } else {
+                $this->info('Admin user was not created');
+                $errors = $user->getErrors();
 
-          }
+                foreach ($errors->all() as $error) {
+                    $this->info('ERROR:'. $error);
+                }
+
+            }
         }
 
     }
@@ -81,5 +81,5 @@ class CreateAdmin extends Command
   // 		return array(
   // 			array('username', InputArgument::REQUIRED, 'Username'),
   // 		);
-	// }
+    // }
 }

app/Console/Commands/DisableLDAP.php

@@ -5,7 +5,6 @@ namespace App\Console\Commands;
 use Illuminate\Console\Command;
 use App\Models\Setting;
 
-
 class DisableLDAP extends Command
 {
     /**

app/Console/Commands/LdapSync.php

@@ -0,0 +1,164 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+use App\Models\Setting;
+use App\Models\Ldap;
+use App\Models\User;
+use App\Models\Location;
+use Log;
+
+class LdapSync extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:ldap-sync {--location=} {--location_id=} {--summary}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Command line LDAP sync';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+        ini_set('max_execution_time', 600); //600 seconds = 10 minutes
+        ini_set('memory_limit', '500M');
+
+        $ldap_result_username = Setting::getSettings()->ldap_username_field;
+        $ldap_result_last_name = Setting::getSettings()->ldap_lname_field;
+        $ldap_result_first_name = Setting::getSettings()->ldap_fname_field;
+
+        $ldap_result_active_flag = Setting::getSettings()->ldap_active_flag_field;
+        $ldap_result_emp_num = Setting::getSettings()->ldap_emp_num;
+        $ldap_result_email = Setting::getSettings()->ldap_email;
+
+        try {
+            $ldapconn = Ldap::connectToLdap();
+        } catch (\Exception $e) {
+            LOG::error($e);
+        }
+
+        try {
+            Ldap::bindAdminToLdap($ldapconn);
+        } catch (\Exception $e) {
+            LOG::error($e);
+        }
+
+        $summary = array();
+
+        $results = Ldap::findLdapUsers();
+
+        if ($this->option('location')!='') {
+            $location = Location::where('name','=',$this->option('location'))->first();
+            LOG::debug('Location name '.$this->option('location').' passed');
+            LOG::debug('Importing to '.$location->name.' ('.$location->id.')');
+        } elseif ($this->option('location_id')!='') {
+            $location = Location::where('id','=',$this->option('location_id'))->first();
+            LOG::debug('Location ID '.$this->option('location_id').' passed');
+            LOG::debug('Importing to '.$location->name.' ('.$location->id.')');
+        } else {
+            $location = new Location;
+        }
+
+        if (!isset($location)) {
+            LOG::debug('That location is invalid, so no location will be assigned.');
+        }
+
+
+        $tmp_pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
+        $pass = bcrypt($tmp_pass);
+
+
+        for ($i = 0; $i < $results["count"]; $i++) {
+            if (empty($ldap_result_active_flag) || $results[$i][$ldap_result_active_flag][0] == "TRUE") {
+
+                $item = array();
+                $item["username"] = isset($results[$i][$ldap_result_username][0]) ? $results[$i][$ldap_result_username][0] : "";
+                $item["employee_number"] = isset($results[$i][$ldap_result_emp_num][0]) ? $results[$i][$ldap_result_emp_num][0] : "";
+                $item["lastname"] = isset($results[$i][$ldap_result_last_name][0]) ? $results[$i][$ldap_result_last_name][0] : "";
+                $item["firstname"] = isset($results[$i][$ldap_result_first_name][0]) ? $results[$i][$ldap_result_first_name][0] : "";
+                $item["email"] = isset($results[$i][$ldap_result_email][0]) ? $results[$i][$ldap_result_email][0] : "" ;
+
+                // User exists
+                $item["createorupdate"] = 'updated';
+                if (!$user = User::where('username', $item["username"])->first()) {
+                    $user = new User;
+                    $user->password = $pass;
+                    $item["createorupdate"] = 'created';
+                }
+
+                // Create the user if they don't exist.
+
+
+                $user->first_name = e($item["firstname"]);
+                $user->last_name = e($item["lastname"]);
+                $user->username = e($item["username"]);
+                $user->email = e($item["email"]);
+                $user->employee_num = e($item["employee_number"]);
+                $user->activated = 1;
+
+                if ($location) {
+                    $user->location_id = e($location->id);
+                }
+
+                $user->notes = 'Imported from LDAP';
+                $user->ldap_import = 1;
+
+                $errors = '';
+
+                if ($user->save()) {
+                    $item["note"] = $item["createorupdate"];
+                    $item["status"]='success';
+                } else {
+                    foreach ($user->getErrors()->getMessages() as $key => $err) {
+                        $errors .= $err[0];
+                    }
+                    $item["note"] = $errors;
+                    $item["status"]='error';
+                }
+
+                array_push($summary, $item);
+            }
+
+        }
+
+        if ($this->option('summary')) {
+            for ($x = 0; $x < count($summary); $x++) {
+                if ($summary[$x]['status']=='error') {
+                    $this->error('ERROR: '.$summary[$x]['firstname'].' '.$summary[$x]['lastname'].' (username:  '.$summary[$x]['username'].' was not imported: '.$summary[$x]['note'] );
+                } else {
+                    $this->info('User '.$summary[$x]['firstname'].' '.$summary[$x]['lastname'].' (username:  '.$summary[$x]['username'].' was '.strtoupper($summary[$x]['createorupdate']).'.');
+                }
+
+            }
+        } else {
+            return $summary;
+        }
+
+
+
+    }
+
+
+}

app/Console/Commands/LicenseImportCommand.php

@@ -5,378 +5,379 @@ use Illuminate\Console\Command;
 use Symfony\Component\Console\Input\InputOption;
 use Symfony\Component\Console\Input\InputArgument;
 use League\Csv\Reader;
+use App\Models\User;
+use App\Models\Supplier;
+use App\Models\License;
+use App\Models\LicenseSeat;
 
-class LicenseImportCommand extends Command {
+class LicenseImportCommand extends Command
+{
 
-	/**
-	 * The console command name.
-	 *
-	 * @var string
-	 */
-	protected $name = 'snipeit:license-import';
+    /**
+     * The console command name.
+     *
+     * @var string
+     */
+    protected $name = 'snipeit:license-import';
 
-	/**
-	 * The console command description.
-	 *
-	 * @var string
-	 */
-	protected $description = 'Import Licenses from CSV';
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Import Licenses from CSV';
 
-	/**
-	 * Create a new command instance.
-	 *
-	 * @return void
-	 */
-	public function __construct()
-	{
-		parent::__construct();
-	}
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
 
-	/**
-	 * Execute the console command.
-	 *
-	 * @return mixed
-	 */
-	public function fire()
-	{
-		$filename = $this->argument('filename');
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function fire()
+    {
+        $filename = $this->argument('filename');
 
 
-		if (!$this->option('testrun')=='true') {
-			$this->comment('======= Importing Licenses from '.$filename.' =========');
-		} else {
-			$this->comment('====== TEST ONLY License Import for '.$filename.' ====');
-			$this->comment('============== NO DATA WILL BE WRITTEN ==============');
-		}
+        if (!$this->option('testrun')=='true') {
+            $this->comment('======= Importing Licenses from '.$filename.' =========');
+        } else {
+            $this->comment('====== TEST ONLY License Import for '.$filename.' ====');
+            $this->comment('============== NO DATA WILL BE WRITTEN ==============');
+        }
 
-		if (! ini_get("auto_detect_line_endings")) {
-			ini_set("auto_detect_line_endings", '1');
-		}
+        if (! ini_get("auto_detect_line_endings")) {
+            ini_set("auto_detect_line_endings", '1');
+        }
 
-		$csv = Reader::createFromPath($this->argument('filename'));
-		$csv->setNewline("\r\n");
-		$csv->setOffset(1);
-		$duplicates = '';
+        $csv = Reader::createFromPath($this->argument('filename'));
+        $csv->setNewline("\r\n");
+        $csv->setOffset(1);
+        $duplicates = '';
 
-		// Loop through the records
-		$nbInsert = $csv->each(function ($row) use ($duplicates) {
-			$status_id = 1;
+        // Loop through the records
+        $nbInsert = $csv->each(function ($row) use ($duplicates) {
+            $status_id = 1;
 
-			// Let's just map some of these entries to more user friendly words
+            // Let's just map some of these entries to more user friendly words
 
-			if (array_key_exists('0',$row)) {
-				$user_name = trim($row[0]);
-			} else {
-				$user_name = '';
-			}
+            if (array_key_exists('0', $row)) {
+                $user_name = trim($row[0]);
+            } else {
+                $user_name = '';
+            }
 
-			if (array_key_exists('1',$row)) {
-				$user_email = trim($row[1]);
-			} else {
-				$user_email = '';
-			}
+            if (array_key_exists('1', $row)) {
+                $user_email = trim($row[1]);
+            } else {
+                $user_email = '';
+            }
 
-			if (array_key_exists('2',$row)) {
-				$user_username = trim($row[2]);
-			} else {
-				$user_username = '';
-			}
+            if (array_key_exists('2', $row)) {
+                $user_username = trim($row[2]);
+            } else {
+                $user_username = '';
+            }
 
-			if (array_key_exists('3',$row)) {
-				$user_license_name = trim($row[3]);
-			} else {
-				$user_license_name = '';
-			}
+            if (array_key_exists('3', $row)) {
+                $user_license_name = trim($row[3]);
+            } else {
+                $user_license_name = '';
+            }
 
-			if (array_key_exists('4',$row)) {
-				$user_license_serial = trim($row[4]);
-			} else {
-				$user_license_serial = '';
-			}
+            if (array_key_exists('4', $row)) {
+                $user_license_serial = trim($row[4]);
+            } else {
+                $user_license_serial = '';
+            }
 
-			if (array_key_exists('5',$row)) {
-				$user_licensed_to_name = trim($row[5]);
-			} else {
-				$user_licensed_to_name = '';
-			}
+            if (array_key_exists('5', $row)) {
+                $user_licensed_to_name = trim($row[5]);
+            } else {
+                $user_licensed_to_name = '';
+            }
 
-			if (array_key_exists('6',$row)) {
-				$user_licensed_to_email = trim($row[6]);
-			} else {
-				$user_licensed_to_email = '';
-			}
+            if (array_key_exists('6', $row)) {
+                $user_licensed_to_email = trim($row[6]);
+            } else {
+                $user_licensed_to_email = '';
+            }
 
-			if (array_key_exists('7',$row)) {
-				$user_license_seats = trim($row[7]);
-			} else {
-				$user_license_seats = '';
-			}
+            if (array_key_exists('7', $row)) {
+                $user_license_seats = trim($row[7]);
+            } else {
+                $user_license_seats = '';
+            }
 
-			if (array_key_exists('8',$row)) {
-				$user_license_reassignable = trim($row[8]);
-				if ($user_license_reassignable!='') {
-					if ((strtolower($user_license_reassignable)=='yes') || (strtolower($user_license_reassignable)=='true') || ($user_license_reassignable=='1')) {
-						$user_license_reassignable = 1;
-					}
-				} else {
-					$user_license_reassignable = 0;
-				}
-			} else {
-				$user_license_reassignable = 0;
-			}
+            if (array_key_exists('8', $row)) {
+                $user_license_reassignable = trim($row[8]);
+                if ($user_license_reassignable!='') {
+                    if ((strtolower($user_license_reassignable)=='yes') || (strtolower($user_license_reassignable)=='true') || ($user_license_reassignable=='1')) {
+                        $user_license_reassignable = 1;
+                    }
+                } else {
+                    $user_license_reassignable = 0;
+                }
+            } else {
+                $user_license_reassignable = 0;
+            }
 
-			if (array_key_exists('9',$row)) {
-				$user_license_supplier = trim($row[9]);
-			} else {
-				$user_license_supplier = '';
-			}
+            if (array_key_exists('9', $row)) {
+                $user_license_supplier = trim($row[9]);
+            } else {
+                $user_license_supplier = '';
+            }
 
-			if (array_key_exists('10',$row)) {
-				$user_license_maintained = trim($row[10]);
+            if (array_key_exists('10', $row)) {
+                $user_license_maintained = trim($row[10]);
 
-				if ($user_license_maintained!='') {
-					if ((strtolower($user_license_maintained)=='yes') || (strtolower($user_license_maintained)=='true') || ($user_license_maintained=='1')) {
-						$user_license_maintained = 1;
-					}
-				} else {
-					$user_license_maintained = 0;
-				}
+                if ($user_license_maintained!='') {
+                    if ((strtolower($user_license_maintained)=='yes') || (strtolower($user_license_maintained)=='true') || ($user_license_maintained=='1')) {
+                        $user_license_maintained = 1;
+                    }
+                } else {
+                    $user_license_maintained = 0;
+                }
 
 
-			} else {
-				$user_license_maintained = '';
-			}
+            } else {
+                $user_license_maintained = '';
+            }
 
-			if (array_key_exists('11',$row)) {
-				$user_license_notes = trim($row[11]);
-			} else {
-				$user_license_notes = '';
-			}
+            if (array_key_exists('11', $row)) {
+                $user_license_notes = trim($row[11]);
+            } else {
+                $user_license_notes = '';
+            }
 
-			if (array_key_exists('12',$row)) {
-				if ($row[12]!='') {
-					$user_license_purchase_date = date("Y-m-d 00:00:01", strtotime($row[12]));
-				} else {
-					$user_license_purchase_date = '';
-				}
-			} else {
-				$user_license_purchase_date = 0;
-			}
+            if (array_key_exists('12', $row)) {
+                if ($row[12]!='') {
+                    $user_license_purchase_date = date("Y-m-d 00:00:01", strtotime($row[12]));
+                } else {
+                    $user_license_purchase_date = '';
+                }
+            } else {
+                $user_license_purchase_date = 0;
+            }
 
-			// A number was given instead of a name
-			if (is_numeric($user_name)) {
-				$this->comment('User '.$user_name.' is not a name - assume this user already exists');
-				$user_username = '';
-			// No name was given
+            // A number was given instead of a name
+            if (is_numeric($user_name)) {
+                $this->comment('User '.$user_name.' is not a name - assume this user already exists');
+                $user_username = '';
+            // No name was given
 
-			} elseif ($user_name=='') {
-				$this->comment('No user data provided - skipping user creation, just adding license');
-				$first_name = '';
-				$last_name = '';
-				$user_username = '';
+            } elseif ($user_name=='') {
+                $this->comment('No user data provided - skipping user creation, just adding license');
+                $first_name = '';
+                $last_name = '';
+                $user_username = '';
 
-			} else {
+            } else {
 
-					$name = explode(" ", $user_name);
-					$first_name = $name[0];
-					$email_last_name = '';
-					$email_prefix = $first_name;
+                    $name = explode(" ", $user_name);
+                    $first_name = $name[0];
+                    $email_last_name = '';
+                    $email_prefix = $first_name;
 
-					if (!array_key_exists(1, $name)) {
-						$last_name='';
-						$email_last_name = $last_name;
-						$email_prefix = $first_name;
-					} else {
-						$last_name = str_replace($first_name,'',$user_name);
+                if (!array_key_exists(1, $name)) {
+                    $last_name='';
+                    $email_last_name = $last_name;
+                    $email_prefix = $first_name;
+                } else {
+                    $last_name = str_replace($first_name, '', $user_name);
 
-						if ($this->option('email_format')=='filastname') {
-							$email_last_name.=str_replace(' ','',$last_name);
-							$email_prefix = $first_name[0].$email_last_name;
+                    if ($this->option('email_format')=='filastname') {
+                        $email_last_name.=str_replace(' ', '', $last_name);
+                        $email_prefix = $first_name[0].$email_last_name;
 
-						} elseif ($this->option('email_format')=='firstname.lastname') {
-							$email_last_name.=str_replace(' ','',$last_name);
-							$email_prefix = $first_name.'.'.$email_last_name;
+                    } elseif ($this->option('email_format')=='firstname.lastname') {
+                        $email_last_name.=str_replace(' ', '', $last_name);
+                        $email_prefix = $first_name.'.'.$email_last_name;
 
-						} elseif ($this->option('email_format')=='firstname') {
-							$email_last_name.=str_replace(' ','',$last_name);
-							$email_prefix = $first_name;
-						}
+                    } elseif ($this->option('email_format')=='firstname') {
+                        $email_last_name.=str_replace(' ', '', $last_name);
+                        $email_prefix = $first_name;
+                    }
 
 
-					}
+                }
 
 
-					$user_username = $email_prefix;
+                    $user_username = $email_prefix;
 
-					// Generate an email based on their name if no email address is given
-					if ($user_email=='') {
-						if ($first_name=='Unknown') {
-							$status_id = 7;
-						}
-						$email = strtolower($email_prefix).'@'.$this->option('domain');
-						$user_email = str_replace("'",'',$email);
-					}
-			}
+                    // Generate an email based on their name if no email address is given
+                if ($user_email=='') {
+                    if ($first_name=='Unknown') {
+                        $status_id = 7;
+                    }
+                    $email = strtolower($email_prefix).'@'.$this->option('domain');
+                    $user_email = str_replace("'", '', $email);
+                }
+            }
 
-			$this->comment('Full Name: '.$user_name);
-			$this->comment('First Name: '.$first_name);
-			$this->comment('Last Name: '.$last_name);
-			$this->comment('Username: '.$user_username);
-			$this->comment('Email: '.$user_email);
-			$this->comment('License Name: '.$user_license_name);
-			$this->comment('Serial No: '.$user_license_serial);
-			$this->comment('Licensed To Name: '.$user_licensed_to_name);
-			$this->comment('Licensed To Email: '.$user_licensed_to_email);
-			$this->comment('Seats: '.$user_license_seats);
-			$this->comment('Reassignable: '.$user_license_reassignable);
-			$this->comment('Supplier: '.$user_license_supplier);
-			$this->comment('Maintained: '.$user_license_maintained);
-			$this->comment('Notes: '.$user_license_notes);
-			$this->comment('Purchase Date: '.$user_license_purchase_date);
+            $this->comment('Full Name: '.$user_name);
+            $this->comment('First Name: '.$first_name);
+            $this->comment('Last Name: '.$last_name);
+            $this->comment('Username: '.$user_username);
+            $this->comment('Email: '.$user_email);
+            $this->comment('License Name: '.$user_license_name);
+            $this->comment('Serial No: '.$user_license_serial);
+            $this->comment('Licensed To Name: '.$user_licensed_to_name);
+            $this->comment('Licensed To Email: '.$user_licensed_to_email);
+            $this->comment('Seats: '.$user_license_seats);
+            $this->comment('Reassignable: '.$user_license_reassignable);
+            $this->comment('Supplier: '.$user_license_supplier);
+            $this->comment('Maintained: '.$user_license_maintained);
+            $this->comment('Notes: '.$user_license_notes);
+            $this->comment('Purchase Date: '.$user_license_purchase_date);
 
-			$this->comment('------------- Action Summary ----------------');
+            $this->comment('------------- Action Summary ----------------');
 
-			if ($user_username!='') {
-				if ($user = User::where('username', $user_username)->whereNotNull('username')->first()) {
-					$this->comment('User '.$user_username.' already exists');
-				} else {
-					// Create the user
-					$user = Sentry::createUser(array(
-						'first_name' => $first_name,
-						'last_name' => $last_name,
-						'email'     => $user_email,
-						'username'     => $user_username,
-						'password'  => substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 10),
-						'activated' => true,
-						'permissions' => array(
-							'admin' => 0,
-							'user'  => 1,
-						),
-						'notes'         => 'User importerd through license importer'
-					));
+            if ($user_username!='') {
+                if ($user = User::where('username', $user_username)->whereNotNull('username')->first()) {
+                    $this->comment('User '.$user_username.' already exists');
+                } else {
 
-					// Find the group using the group id
-					$userGroup = Sentry::findGroupById(3);
+                    $user = new \App\Models\User;
+                    $password  = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
 
-					// Assign the group to the user
-					$user->addGroup($userGroup);
-					$this->comment('User '.$first_name.' created');
-				}
-			} else {
-				$user = new User;
-				$user->user_id = NULL;
-			}
+                    $user->first_name = $first_name;
+                    $user->last_name = $last_name;
+                    $user->username = $user_username;
+                    $user->email = $user_email;
+                    $user->permissions = '{user":1}';
+                    $user->password = bcrypt($password);
+                    $user->activated = 1;
+                    if ($user->save()) {
+                        $this->comment('User '.$first_name.' created');
+                    } else {
+                        $this->error('ERROR CREATING User '.$first_name.' '.$last_name);
+                        $this->error($user->getErrors());
+                    }
+
+                    $this->comment('User '.$first_name.' created');
+                }
+            } else {
+                $user = new User;
+                $user->user_id = null;
+            }
 
 
-			// Check for the supplier match and create it if it doesn't exist
-			if ($supplier = Supplier::where('name', $user_license_supplier)->first()) {
-				$this->comment('Supplier '.$user_license_supplier.' already exists');
-			} else {
-				$supplier = new Supplier();
-				$supplier->name = e($user_license_supplier);
-				$supplier->user_id = 1;
+            // Check for the supplier match and create it if it doesn't exist
+            if ($supplier = Supplier::where('name', $user_license_supplier)->first()) {
+                $this->comment('Supplier '.$user_license_supplier.' already exists');
+            } else {
+                $supplier = new Supplier();
+                $supplier->name = e($user_license_supplier);
+                $supplier->user_id = 1;
 
-				if ($supplier->save()) {
-					$this->comment('Supplier '.$user_license_supplier.' was created');
-	            } else {
-					$this->comment('Something went wrong! Supplier '.$user_license_supplier.' was NOT created');
-				}
+                if ($supplier->save()) {
+                    $this->comment('Supplier '.$user_license_supplier.' was created');
+                } else {
+                    $this->comment('Something went wrong! Supplier '.$user_license_supplier.' was NOT created');
+                }
 
-			}
+            }
 
 
-			// Add the license
-			$license = new License();
-			$license->name = e($user_license_name);
-			if ($user_license_purchase_date!='') {
-				$license->purchase_date = $user_license_purchase_date;
-			} else {
-				$license->purchase_date = NULL;
-			}
-			$license->serial = e($user_license_serial);
-			$license->seats = e($user_license_seats);
-			$license->supplier_id = $supplier->id;
-			$license->user_id = 1;
-			if ($user_license_purchase_date!='') {
-				$license->purchase_date = $user_license_purchase_date;
-			} else {
-				$license->purchase_date = NULL;
-			}
-			$license->license_name = $user_licensed_to_name;
-			$license->license_email = $user_licensed_to_email;
-			$license->notes = e($user_license_notes);
+            // Add the license
+            $license = new License();
+            $license->name = e($user_license_name);
+            if ($user_license_purchase_date!='') {
+                $license->purchase_date = $user_license_purchase_date;
+            } else {
+                $license->purchase_date = null;
+            }
+            $license->serial = e($user_license_serial);
+            $license->seats = e($user_license_seats);
+            $license->supplier_id = $supplier->id;
+            $license->user_id = 1;
+            if ($user_license_purchase_date!='') {
+                $license->purchase_date = $user_license_purchase_date;
+            } else {
+                $license->purchase_date = null;
+            }
+            $license->license_name = $user_licensed_to_name;
+            $license->license_email = $user_licensed_to_email;
+            $license->notes = e($user_license_notes);
 
-			if ($license->save()) {
-				$this->comment('License '.$user_license_name.' with serial number '.$user_license_serial.' was created');
+            if ($license->save()) {
+                $this->comment('License '.$user_license_name.' with serial number '.$user_license_serial.' was created');
 
 
-				$license_seat_created = 0;
+                $license_seat_created = 0;
 
-				for ($x = 0; $x < $user_license_seats; $x++) {
-					// Create the license seat entries
-					$license_seat = new LicenseSeat();
-					$license_seat->license_id = $license->id;
+                for ($x = 0; $x < $user_license_seats; $x++) {
+                    // Create the license seat entries
+                    $license_seat = new LicenseSeat();
+                    $license_seat->license_id = $license->id;
 
-					// Only assign the first seat to the user
-					if ($x==0) {
-						$license_seat->assigned_to = $user->id;
-					} else {
-						$license_seat->assigned_to = NULL;
-					}
+                    // Only assign the first seat to the user
+                    if ($x==0) {
+                        $license_seat->assigned_to = $user->id;
+                    } else {
+                        $license_seat->assigned_to = null;
+                    }
 
-					if ($license_seat->save()) {
-						$license_seat_created++;
-					}
-				}
+                    if ($license_seat->save()) {
+                        $license_seat_created++;
+                    }
+                }
 
-				if ($license_seat_created > 0) {
-					$this->comment($license_seat_created.' seats were created');
-				} else {
-					$this->comment('Something went wrong! NO seats for '.$user_license_name.' were created');
-				}
+                if ($license_seat_created > 0) {
+                    $this->comment($license_seat_created.' seats were created');
+                } else {
+                    $this->comment('Something went wrong! NO seats for '.$user_license_name.' were created');
+                }
 
 
 
             } else {
-				$this->comment('Something went wrong! License '.$user_license_name.' was NOT created');
-			}
+                $this->comment('Something went wrong! License '.$user_license_name.' was NOT created');
+            }
 
 
-			$this->comment('=====================================');
+            $this->comment('=====================================');
 
-			return true;
+            return true;
 
-		});
+        });
 
 
-	}
+    }
 
-	/**
-	 * Get the console command arguments.
-	 *
-	 * @return array
-	 */
-	protected function getArguments()
-	{
-		return array(
-			array('filename', InputArgument::REQUIRED, 'File for the CSV import.'),
-		);
-	}
-
-
-	/**
-	 * Get the console command options.
-	 *
-	 * @return array
-	 */
-	protected function getOptions()
-	{
-		return array(
-			array('domain', null, InputOption::VALUE_REQUIRED, 'Email domain for generated email addresses.', null),
-			array('email_format', null, InputOption::VALUE_REQUIRED, 'The format of the email addresses that should be generated. Options are firstname.lastname, firstname, filastname', null),
-			array('testrun', null, InputOption::VALUE_REQUIRED, 'Test the output without writing to the database or not.', null),
-		);
-	}
+    /**
+     * Get the console command arguments.
+     *
+     * @return array
+     */
+    protected function getArguments()
+    {
+        return array(
+            array('filename', InputArgument::REQUIRED, 'File for the CSV import.'),
+        );
+    }
 
 
+    /**
+     * Get the console command options.
+     *
+     * @return array
+     */
+    protected function getOptions()
+    {
+        return array(
+            array('domain', null, InputOption::VALUE_REQUIRED, 'Email domain for generated email addresses.', null),
+            array('email_format', null, InputOption::VALUE_REQUIRED, 'The format of the email addresses that should be generated. Options are firstname.lastname, firstname, filastname', null),
+            array('testrun', null, InputOption::VALUE_REQUIRED, 'Test the output without writing to the database or not.', null),
+        );
+    }
 }

app/Console/Commands/PaveIt.php

@@ -5,6 +5,22 @@ namespace App\Console\Commands;
 use Illuminate\Console\Command;
 use DB;
 
+use App\Models\Accessory;
+use App\Models\Asset;
+use App\Models\AssetModel;
+use App\Models\Category;
+use App\Models\Company;
+use App\Models\Component;
+use App\Models\Consumable;
+use App\Models\Depreciation;
+use App\Models\Group;
+use App\Models\License;
+use App\Models\LicenseSeat;
+use App\Models\Location;
+use App\Models\Manufacturer;
+use App\Models\Statuslabel;
+use App\Models\Supplier;
+
 class PaveIt extends Command
 {
     /**
@@ -12,7 +28,8 @@ class PaveIt extends Command
      *
      * @var string
      */
-    protected $signature = 'snipeit:pave';
+    protected $signature = 'snipeit:pave
+              {--soft : Perform a "Soft" Delete, leaving all migrations, table structure, and the first user in place.}';
 
     /**
      * The console command description.
@@ -38,45 +55,78 @@ class PaveIt extends Command
      */
     public function handle()
     {
+        if ($this->confirm("\n****************************************************\nTHIS WILL DELETE ALL OF THE DATA IN YOUR DATABASE. \nThere is NO undo. This WILL destroy ALL of your data. \n****************************************************\n\nDo you wish to continue? No backsies! [y|N]")) {
+            if ($this->option('soft')) {
+                Accessory::getQuery()->delete();
+                Asset::getQuery()->delete();
+                Category::getQuery()->delete();
+                Company::getQuery()->delete();
+                Component::getQuery()->delete();
+                Consumable::getQuery()->delete();
+                Depreciation::getQuery()->delete();
+                License::getQuery()->delete();
+                LicenseSeat::getQuery()->delete();
+                Location::getQuery()->delete();
+                Manufacturer::getQuery()->delete();
+                AssetModel::getQuery()->delete();
+                Statuslabel::getQuery()->delete();
+                Supplier::getQuery()->delete();
+                Group::getQuery()->delete();
 
-        if ($this->confirm("\n****************************************************\nTHIS WILL DROP ALL OF THE TABLES IN YOUR DATABASE. \nThere is NO undo. This WILL destroy ALL of your data. \n****************************************************\n\nDo you wish to continue? No backsies! [y|N]")) {
-
-          \DB::statement('drop table IF EXISTS accessories_users');
-          \DB::statement('drop table IF EXISTS accessories');
-          \DB::statement('drop table IF EXISTS asset_logs');
-          \DB::statement('drop table IF EXISTS asset_maintenances');
-          \DB::statement('drop table IF EXISTS asset_uploads');
-          \DB::statement('drop table IF EXISTS assets');
-          \DB::statement('drop table IF EXISTS categories');
-          \DB::statement('drop table IF EXISTS companies');
-          \DB::statement('drop table IF EXISTS consumables_users');
-          \DB::statement('drop table IF EXISTS consumables');
-          \DB::statement('drop table IF EXISTS custom_field_custom_fieldset');
-          \DB::statement('drop table IF EXISTS custom_fields');
-          \DB::statement('drop table IF EXISTS custom_fieldsets');
-          \DB::statement('drop table IF EXISTS depreciations');
-          \DB::statement('drop table IF EXISTS groups');
-          \DB::statement('drop table IF EXISTS history');
-          \DB::statement('drop table IF EXISTS components');
-          \DB::statement('drop table IF EXISTS components_assets');
-          \DB::statement('drop table IF EXISTS license_seats');
-          \DB::statement('drop table IF EXISTS licenses');
-          \DB::statement('drop table IF EXISTS locations');
-          \DB::statement('drop table IF EXISTS manufacturers');
-          \DB::statement('drop table IF EXISTS models');
-          \DB::statement('drop table IF EXISTS migrations');
-          \DB::statement('drop table IF EXISTS password_resets');
-          \DB::statement('drop table IF EXISTS requested_assets');
-          \DB::statement('drop table IF EXISTS requests');
-          \DB::statement('drop table IF EXISTS settings');
-          \DB::statement('drop table IF EXISTS status_labels');
-          \DB::statement('drop table IF EXISTS suppliers');
-          \DB::statement('drop table IF EXISTS throttle');
-          \DB::statement('drop table IF EXISTS users_groups');
-          \DB::statement('drop table IF EXISTS users');
-
-
+                DB::statement('delete from accessories_users');
+                DB::statement('delete from asset_logs');
+                DB::statement('delete from asset_maintenances');
+                DB::statement('delete from asset_uploads');
+                DB::statement('delete from action_logs');
+                DB::statement('delete from checkout_requests');
+                DB::statement('delete from consumables_users');
+                DB::statement('delete from custom_field_custom_fieldset');
+                DB::statement('delete from custom_fields');
+                DB::statement('delete from custom_fieldsets');
+                DB::statement('delete from components_assets');
+                DB::statement('delete from password_resets');
+                DB::statement('delete from requested_assets');
+                DB::statement('delete from requests');
+                DB::statement('delete from throttle');
+                DB::statement('delete from users_groups');
+                DB::statement('delete from users WHERE id!=1');
+            } else {
+                \DB::statement('drop table IF EXISTS accessories_users');
+                \DB::statement('drop table IF EXISTS accessories');
+                \DB::statement('drop table IF EXISTS asset_logs');
+                \DB::statement('drop table IF EXISTS action_logs');
+                \DB::statement('drop table IF EXISTS asset_maintenances');
+                \DB::statement('drop table IF EXISTS asset_uploads');
+                \DB::statement('drop table IF EXISTS assets');
+                \DB::statement('drop table IF EXISTS categories');
+                \DB::statement('drop table IF EXISTS checkout_requests');
+                \DB::statement('drop table IF EXISTS companies');
+                \DB::statement('drop table IF EXISTS consumables_users');
+                \DB::statement('drop table IF EXISTS consumables');
+                \DB::statement('drop table IF EXISTS custom_field_custom_fieldset');
+                \DB::statement('drop table IF EXISTS custom_fields');
+                \DB::statement('drop table IF EXISTS custom_fieldsets');
+                \DB::statement('drop table IF EXISTS depreciations');
+                \DB::statement('drop table IF EXISTS groups');
+                \DB::statement('drop table IF EXISTS history');
+                \DB::statement('drop table IF EXISTS components');
+                \DB::statement('drop table IF EXISTS components_assets');
+                \DB::statement('drop table IF EXISTS license_seats');
+                \DB::statement('drop table IF EXISTS licenses');
+                \DB::statement('drop table IF EXISTS locations');
+                \DB::statement('drop table IF EXISTS manufacturers');
+                \DB::statement('drop table IF EXISTS models');
+                \DB::statement('drop table IF EXISTS migrations');
+                \DB::statement('drop table IF EXISTS password_resets');
+                \DB::statement('drop table IF EXISTS requested_assets');
+                \DB::statement('drop table IF EXISTS requests');
+                \DB::statement('drop table IF EXISTS settings');
+                \DB::statement('drop table IF EXISTS status_labels');
+                \DB::statement('drop table IF EXISTS suppliers');
+                \DB::statement('drop table IF EXISTS throttle');
+                \DB::statement('drop table IF EXISTS users_groups');
+                \DB::statement('drop table IF EXISTS users');
+            }
         }
-
     }
 }

app/Console/Commands/Purge.php

@@ -53,7 +53,7 @@ class Purge extends Command
     public function handle()
     {
         $force = $this->option('force');
-        if (($this->confirm("\n****************************************************\nTHIS WILL PURGE ALL SOFT-DELETED ITEMS IN YOUR SYSTEM. \nThere is NO undo. This WILL permanently destroy \nALL of your deleted data. \n****************************************************\n\nDo you wish to continue? No backsies! [y|N]")) ||  $force == 'true')  {
+        if (($this->confirm("\n****************************************************\nTHIS WILL PURGE ALL SOFT-DELETED ITEMS IN YOUR SYSTEM. \nThere is NO undo. This WILL permanently destroy \nALL of your deleted data. \n****************************************************\n\nDo you wish to continue? No backsies! [y|N]")) ||  $force == 'true') {
 
             /**
              * Delete assets
@@ -62,15 +62,19 @@ class Purge extends Command
             $assetcount = $assets->count();
             $this->info($assets->count().' assets purged.');
             $asset_assoc = 0;
+            $asset_maintenances = 0;
 
             foreach ($assets as $asset) {
                 $this->info('- Asset "'.$asset->showAssetName().'" deleted.');
                 $asset_assoc += $asset->assetlog()->count();
                 $asset->assetlog()->forceDelete();
+                $asset_maintenances += $asset->assetmaintenances()->count();
+                $asset->assetmaintenances()->forceDelete();
                 $asset->forceDelete();
             }
 
             $this->info($asset_assoc.' corresponding log records purged.');
+            $this->info($asset_maintenances.' corresponding maintenance records purged.');
 
             $locations = Location::whereNotNull('deleted_at')->withTrashed()->get();
             $this->info($locations->count().' locations purged.');
@@ -140,7 +144,7 @@ class Purge extends Command
                 $supplier->forceDelete();
             }
 
-            $users = User::whereNotNull('deleted_at')->withTrashed()->get();
+            $users = User::whereNotNull('deleted_at')->where('show_in_list', '!=', '0')->withTrashed()->get();
             $this->info($users->count().' users purged.');
             $user_assoc = 0;
             foreach ($users as $user) {

app/Console/Commands/SendExpirationAlerts.php

@@ -1,6 +1,7 @@
 <?php
 
 namespace App\Console\Commands;
+
 use App\Models\Asset;
 use App\Models\License;
 use App\Models\Setting;
@@ -8,129 +9,129 @@ use DB;
 
 use Illuminate\Console\Command;
 
-class SendExpirationAlerts extends Command {
+class SendExpirationAlerts extends Command
+{
 
-	/**
-	 * The console command name.
-	 *
-	 * @var string
-	 */
-	protected $name = 'snipeit:expiring-alerts';
+    /**
+     * The console command name.
+     *
+     * @var string
+     */
+    protected $name = 'snipeit:expiring-alerts';
 
-	/**
-	 * The console command description.
-	 *
-	 * @var string
-	 */
-	protected $description = 'Check for expiring warrantees and service agreements, and sends out an alert email.';
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Check for expiring warrantees and service agreements, and sends out an alert email.';
 
-	/**
-	 * Create a new command instance.
-	 *
-	 * @return void
-	 */
-	public function __construct()
-	{
-		parent::__construct();
-	}
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
 
-	/**
-	 * Execute the console command.
-	 *
-	 * @return mixed
-	 */
-	public function fire()
-	{
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function fire()
+    {
 
-		// Expiring Assets
-		$expiring_assets = Asset::getExpiringWarrantee(Setting::getSettings()->alert_interval);
-		$this->info(count($expiring_assets).' expiring assets');
+        // Expiring Assets
+        $expiring_assets = Asset::getExpiringWarrantee(Setting::getSettings()->alert_interval);
+        $this->info(count($expiring_assets).' expiring assets');
 
-		$asset_data['count'] =  count($expiring_assets);
-		$asset_data['email_content'] ='';
-		$now = date("Y-m-d");
+        $asset_data['count'] =  count($expiring_assets);
+        $asset_data['email_content'] ='';
+        $now = date("Y-m-d");
 
 
-		foreach ($expiring_assets as $asset) {
+        foreach ($expiring_assets as $asset) {
 
-			$expires = $asset->warrantee_expires();
-			$difference =  round(abs(strtotime($expires) - strtotime($now))/86400);
+            $expires = $asset->warrantee_expires();
+            $difference =  round(abs(strtotime($expires) - strtotime($now))/86400);
 
-			if ($difference > 30) {
-				$asset_data['email_content'] .= '<tr style="background-color: #fcffa3;">';
-			} else {
-				$asset_data['email_content'] .= '<tr style="background-color:#d9534f;">';
-			}
-			$asset_data['email_content'] .= '<td><a href="'.config('app.url').'/hardware/'.e($asset->id).'/view">';
-			$asset_data['email_content'] .= $asset->showAssetName().'</a></td><td>'.e($asset->asset_tag).'</td>';
-			$asset_data['email_content'] .= '<td>'.e($asset->warrantee_expires()).'</td>';
-			$asset_data['email_content'] .= '<td>'.$difference.' days</td>';
+            if ($difference > 30) {
+                $asset_data['email_content'] .= '<tr style="background-color: #fcffa3;">';
+            } else {
+                $asset_data['email_content'] .= '<tr style="background-color:#d9534f;">';
+            }
+            $asset_data['email_content'] .= '<td><a href="'.config('app.url').'/hardware/'.e($asset->id).'/view">';
+            $asset_data['email_content'] .= $asset->showAssetName().'</a></td><td>'.e($asset->asset_tag).'</td>';
+            $asset_data['email_content'] .= '<td>'.e($asset->warrantee_expires()).'</td>';
+            $asset_data['email_content'] .= '<td>'.$difference.' '.trans('mail.days').'</td>';
             $asset_data['email_content'] .= '<td>'.($asset->supplier ? e($asset->supplier->name) : '').'</td>';
             $asset_data['email_content'] .= '<td>'.($asset->assigneduser ? e($asset->assigneduser->fullName()) : '').'</td>';
-			$asset_data['email_content'] .= '</tr>';
-		}
+            $asset_data['email_content'] .= '</tr>';
+        }
 
-		// Expiring licenses
-		$expiring_licenses = License::getExpiringLicenses(Setting::getSettings()->alert_interval);
-		$this->info(count($expiring_licenses).' expiring licenses');
+        // Expiring licenses
+        $expiring_licenses = License::getExpiringLicenses(Setting::getSettings()->alert_interval);
+        $this->info(count($expiring_licenses).' expiring licenses');
 
 
-		$license_data['count'] =  count($expiring_licenses);
-		$license_data['email_content'] = '';
+        $license_data['count'] =  count($expiring_licenses);
+        $license_data['email_content'] = '';
 
-		foreach ($expiring_licenses as $license) {
-			$expires = $license->expiration_date;
-			$difference =  round(abs(strtotime($expires) - strtotime($now))/86400);
+        foreach ($expiring_licenses as $license) {
+            $expires = $license->expiration_date;
+            $difference =  round(abs(strtotime($expires) - strtotime($now))/86400);
 
-			if ($difference > 30) {
-				$license_data['email_content'] .= '<tr style="background-color: #fcffa3;">';
-			} else {
-				$license_data['email_content'] .= '<tr style="background-color:#d9534f;">';
-			}
-				$license_data['email_content'] .= '<td><a href="'.config('app.url').'/admin/licenses/'.$license->id.'/view">';
-				$license_data['email_content'] .= $license->name.'</a></td>';
-				$license_data['email_content'] .= '<td>'.$license->expiration_date.'</td>';
-				$license_data['email_content'] .= '<td>'.$difference.' days</td>';
-				$license_data['email_content'] .= '</tr>';
-		}
+            if ($difference > 30) {
+                $license_data['email_content'] .= '<tr style="background-color: #fcffa3;">';
+            } else {
+                $license_data['email_content'] .= '<tr style="background-color:#d9534f;">';
+            }
+                $license_data['email_content'] .= '<td><a href="'.config('app.url').'/admin/licenses/'.$license->id.'/view">';
+                $license_data['email_content'] .= $license->name.'</a></td>';
+                $license_data['email_content'] .= '<td>'.$license->expiration_date.'</td>';
+                $license_data['email_content'] .= '<td>'.$difference.' days</td>';
+                $license_data['email_content'] .= '</tr>';
+        }
 
-		if ((Setting::getSettings()->alert_email!='')  && (Setting::getSettings()->alerts_enabled==1)) {
+        if ((Setting::getSettings()->alert_email!='')  && (Setting::getSettings()->alerts_enabled==1)) {
 
 
-			if (count($expiring_assets) > 0) {
-				\Mail::send('emails.expiring-assets-report', $asset_data, function ($m)  {
-	                $m->to(explode(',',Setting::getSettings()->alert_email), Setting::getSettings()->site_name);
-	                $m->subject('Expiring Assets Report');
-	        	});
+            if (count($expiring_assets) > 0) {
+                $this->info('Report sent to '.Setting::getSettings()->alert_email);
+                \Mail::send('emails.expiring-assets-report', $asset_data, function ($m) {
+                    $m->to(explode(',', Setting::getSettings()->alert_email), Setting::getSettings()->site_name);
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.Expiring_Assets_Report'));
+                });
 
-			}
+            }
 
-			if (count($expiring_licenses) > 0) {
-				\Mail::send('emails.expiring-licenses-report', $license_data, function ($m)  {
-	                $m->to(explode(',',Setting::getSettings()->alert_email), Setting::getSettings()->site_name);
-	                $m->subject('Expiring Licenses Report');
-	        	});
+            if (count($expiring_licenses) > 0) {
+                $this->info('Report sent to '.Setting::getSettings()->alert_email);
+                \Mail::send('emails.expiring-licenses-report', $license_data, function ($m) {
+                    $m->to(explode(',', Setting::getSettings()->alert_email), Setting::getSettings()->site_name);
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.Expiring_Licenses_Report'));
+                });
 
-			}
+            }
 
 
-		} else {
+        } else {
 
-			if (Setting::getSettings()->alert_email=='') {
-				echo "Could not send email. No alert email configured in settings. \n";
-			} elseif (Setting::getSettings()->alerts_enabled!=1) {
-				echo "Alerts are disabled in the settings. No mail will be sent. \n";
-			}
-
-		}
-
-
-
-
-	}
+            if (Setting::getSettings()->alert_email=='') {
+                echo "Could not send email. No alert email configured in settings. \n";
+            } elseif (Setting::getSettings()->alerts_enabled!=1) {
+                echo "Alerts are disabled in the settings. No mail will be sent. \n";
+            }
 
+        }
 
 
 
 
+    }
 }

app/Console/Commands/SendInventoryAlerts.php

@@ -48,22 +48,22 @@ class SendInventoryAlerts extends Command
             $data['count'] = count($data['data']);
 
             if (count($data['data']) > 0) {
-				\Mail::send('emails.low-inventory', $data, function ($m)  {
-	                $m->to(explode(',',Setting::getSettings()->alert_email), Setting::getSettings()->site_name);
-	                $m->subject('Low Inventory Report');
-	        	});
+                \Mail::send('emails.low-inventory', $data, function ($m) {
+                    $m->to(explode(',', Setting::getSettings()->alert_email), Setting::getSettings()->site_name);
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.Low_Inventory_Report'));
+                });
 
-			}
+            }
 
         } else {
             if (Setting::getSettings()->alert_email=='') {
-				echo "Could not send email. No alert email configured in settings. \n";
-			} elseif (Setting::getSettings()->alerts_enabled!=1) {
-				echo "Alerts are disabled in the settings. No mail will be sent. \n";
-			}
+                echo "Could not send email. No alert email configured in settings. \n";
+            } elseif (Setting::getSettings()->alerts_enabled!=1) {
+                echo "Alerts are disabled in the settings. No mail will be sent. \n";
+            }
         }
 
 
     }
-
 }

app/Console/Commands/SystemBackup.php

@@ -4,44 +4,42 @@ namespace App\Console\Commands;
 
 use Illuminate\Console\Command;
 
-class SystemBackup extends Command {
+class SystemBackup extends Command
+{
 
-	/**
-	 * The console command name.
-	 *
-	 * @var string
-	 */
-	protected $name = 'snipeit:backup';
+    /**
+     * The console command name.
+     *
+     * @var string
+     */
+    protected $name = 'snipeit:backup';
 
-	/**
-	 * The console command description.
-	 *
-	 * @var string
-	 */
-	protected $description = 'This command creates a database dump and zips up all of the uploaded files in the upload directories.';
-
-	/**
-	 * Create a new command instance.
-	 *
-	 * @return void
-	 */
-	public function __construct()
-	{
-		parent::__construct();
-	}
-
-	/**
-	 * Execute the console command.
-	 *
-	 * @return mixed
-	 */
-	public function fire()
-	{
-		//
-		$this->call('backup:run');
-
-	}
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This command creates a database dump and zips up all of the uploaded files in the upload directories.';
 
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
 
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function fire()
+    {
+        //
+        $this->call('backup:run');
 
+    }
 }

app/Console/Commands/Versioning.php

@@ -6,7 +6,8 @@ use Symfony\Component\Console\Input\InputArgument;
 
 use Illuminate\Console\Command;
 
-class Versioning extends Command {
+class Versioning extends Command
+{
 
     /**
      * The console command name.
@@ -39,20 +40,19 @@ class Versioning extends Command {
      */
     public function fire()
     {
-        // Path to the file containing your version
-        // This will be overwritten everything you commit a message
-        $versionFile = app_path().'/config/version.php';
 
-        // The git's output
-        // get the argument passed in the git command
-		 $hash_version = $this->argument('app_version');
+        $versionFile = 'config/version.php';
+        $hash_version = str_replace("\n",'',shell_exec('git describe --tags'));
 
-		 // discard the commit hash
-		 $version = explode('-', $hash_version);
-		 $realVersion = $version[0] . '-' . $version[1];
+        $version = explode('-', $hash_version);
 
-		 // save the version array to a variable
-		 $array = var_export(array('app_version' => $realVersion,'hash_version' => $hash_version), true);
+        $array = var_export(
+            array(
+            'app_version' => $version[0],
+            'build_version' => $version[1],
+            'hash_version' => $version[2],
+            'full_hash' => $hash_version),
+        true);
 
 
         // Construct our file content
@@ -63,7 +63,7 @@ CON;
 
         // And finally write the file and output the current version
         \File::put($versionFile, $content);
-        $this->line('Setting version: '. \config('version.latest'));
+        $this->line('Setting version: '. config('version.app_version').' build '.config('version.build_version').' ('.config('version.hash_version').')');
     }
 
     /**
@@ -74,7 +74,6 @@ CON;
     protected function getArguments()
     {
         return array(
-            array('app_version', InputArgument::REQUIRED, 'version number is required.'),
         );
     }
 

app/Console/Kernel.php

@@ -17,13 +17,13 @@ class Kernel extends ConsoleKernel
         Commands\CreateAdmin::class,
         Commands\SendExpirationAlerts::class,
         Commands\SendInventoryAlerts::class,
-        Commands\AssetImportCommand::class,
         Commands\LicenseImportCommand::class,
         Commands\ObjectImportCommand::class,
         Commands\Versioning::class,
         Commands\SystemBackup::class,
         Commands\DisableLDAP::class,
         Commands\Purge::class,
+        Commands\LdapSync::class,
     ];
 
     /**

app/Helpers/Helper.php

@@ -17,32 +17,109 @@ use App\Models\Component;
 use App\Models\Accessory;
 use App\Models\Consumable;
 use App\Models\Asset;
+use Crypt;
+use Illuminate\Contracts\Encryption\DecryptException;
 
-/*
- * To change this license header, choose License Headers in Project Properties.
- * To change this template file, choose Tools | Templates
- * and open the template in the editor.
- */
 class Helper
 {
 
-   // This doesn't do anything yet
-    public static function parseEmailList($emails)
-    {
-        $emails_array = explode(',', $emails);
-        return array_walk($emails_array, 'trim_value');
-    }
 
-   // This doesn't do anything yet
-    public static function trim_value(&$value)
-    {
-        return trim($value);
+    /**
+     * Simple helper to invoke the markdown parser
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.0]
+     * @return String
+     */
+    public static function parseEscapedMarkedown($str) {
+        $Parsedown = new \Parsedown();
+
+        if ($str) {
+            return $Parsedown->text(e($str));
+        }
     }
 
 
+    /**
+     * The importer has formatted number strings since v3,
+     * so the value might be a string, or an integer.
+     * If it's a number, format it as a string.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.0]
+     * @return String
+     */
+    public static function formatCurrencyOutput($cost)
+    {
+        if (is_numeric($cost)) {
+            return number_format($cost, 2, '.', '');
+        }
+        // It's already been parsed.
+        return $cost;
+    }
+
+
+    /**
+     * Static colors for pie charts.
+     * This is inelegant, and could be refactored later.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.3]
+     * @return Array
+     */
+    public static function chartColors()
+    {
+        $colors = [
+            '#f56954',
+            '#00a65a',
+            '#f39c12',
+            '#00c0ef',
+            '#3c8dbc',
+            '#d2d6de',
+            '#3c8dbc',
+            '#3c8dbc',
+            '#3c8dbc',
+
+        ];
+        return $colors;
+    }
+
+
+    /**
+     * Static background (highlight) colors for pie charts
+     * This is inelegant, and could be refactored later.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.2]
+     * @return Array
+     */
+    public static function chartBackgroundColors()
+    {
+        $colors = [
+            '#f56954',
+            '#00a65a',
+            '#f39c12',
+            '#00c0ef',
+            '#3c8dbc',
+            '#d2d6de',
+            '#3c8dbc',
+            '#3c8dbc',
+            '#3c8dbc',
+
+        ];
+        return $colors;
+    }
+
+
+    /**
+     * Format currency using comma for thousands until local info is property used.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.7]
+     * @return String
+     */
     public static function ParseFloat($floatString)
     {
-        // use comma for thousands until local info is property used
         $LocaleInfo = localeconv();
         $floatString = str_replace(",", "", $floatString);
         $floatString = str_replace($LocaleInfo["decimal_point"], ".", $floatString);
@@ -50,6 +127,13 @@ class Helper
     }
 
 
+    /**
+     * Get the list of models in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
     public static function modelList()
     {
         $models = AssetModel::with('manufacturer')->get();
@@ -60,117 +144,241 @@ class Helper
         return $model_array;
     }
 
+    /**
+     * Get the list of companies in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
     public static function companyList()
     {
         $company_list = array('0' => trans('general.select_company')) + DB::table('companies')
-        ->orderBy('name', 'asc')
-        ->pluck('name', 'id');
+                ->orderBy('name', 'asc')
+                ->pluck('name', 'id');
         return $company_list;
     }
 
 
-    public static function categoryList()
+    /**
+     * Get the list of categories in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
+    public static function categoryList($category_type = null)
     {
-        $category_list = array('' => '') + Category::orderBy('name', 'asc')
-        ->whereNull('deleted_at')
-        ->orderBy('name', 'asc')
-        ->pluck('name', 'id')->toArray();
+        $categories = Category::orderBy('name', 'asc')
+                ->whereNull('deleted_at')
+                ->orderBy('name', 'asc');
+        if(!empty($category_type))
+            $categories = $categories->where('category_type', '=', $category_type);
+        $category_list = array('' => trans('general.select_category')) + $categories->pluck('name', 'id')->toArray();
         return $category_list;
     }
 
+    /**
+     * Get the list of suppliers in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
     public static function suppliersList()
     {
         $supplier_list = array('' => trans('general.select_supplier')) + Supplier::orderBy('name', 'asc')
-        ->orderBy('name', 'asc')
-        ->pluck('name', 'id')->toArray();
+                ->orderBy('name', 'asc')
+                ->pluck('name', 'id')->toArray();
         return $supplier_list;
     }
 
+
+    /**
+     * Get the list of status labels in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
     public static function statusLabelList()
     {
         $statuslabel_list = array('' => trans('general.select_statuslabel')) + Statuslabel::orderBy('name', 'asc')
-        ->pluck('name', 'id')->toArray();
+                ->pluck('name', 'id')->toArray();
         return $statuslabel_list;
     }
 
+
+    /**
+     * Get the list of locations in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
     public static function locationsList()
     {
         $location_list = array('' => trans('general.select_location')) + Location::orderBy('name', 'asc')
-        ->pluck('name', 'id')->toArray();
+                ->pluck('name', 'id')->toArray();
         return $location_list;
     }
 
+
+    /**
+     * Get the list of manufacturers in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
     public static function manufacturerList()
     {
-        $manufacturer_list = array('' => 'Select One') +
-        Manufacturer::orderBy('name', 'asc')
-        ->pluck('name', 'id')->toArray();
+        $manufacturer_list = array('' => trans('general.select_manufacturer')) +
+            Manufacturer::orderBy('name', 'asc')
+                ->pluck('name', 'id')->toArray();
         return $manufacturer_list;
     }
 
+    /**
+     * Get the list of status label types in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
     public static function statusTypeList()
     {
         $statuslabel_types = array('' => trans('admin/hardware/form.select_statustype')) + array('undeployable' => trans('admin/hardware/general.undeployable')) + array('pending' => trans('admin/hardware/general.pending')) + array('archived' => trans('admin/hardware/general.archived')) + array('deployable' => trans('admin/hardware/general.deployable'));
         return $statuslabel_types;
     }
 
+    /**
+     * Get the list of managers in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
     public static function managerList()
     {
-        $manager_list = array('' => '') + User::select(DB::raw('concat(last_name,", ",first_name," (",username,")") as full_name, id'))
-        ->whereNull('deleted_at', 'and')
-        ->orderBy('last_name', 'asc')
-        ->orderBy('first_name', 'asc')
-        ->pluck('full_name', 'id')->toArray();
+        $manager_list = array('' => trans('general.select_user')) +
+                        User::where('deleted_at', '=', null)
+                        ->orderBy('last_name', 'asc')
+                        ->orderBy('first_name', 'asc')->get()
+                        ->lists('complete_name', 'id')->toArray();
+
         return $manager_list;
     }
 
+    /**
+     * Get the list of depreciations in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
     public static function depreciationList()
     {
         $depreciation_list = ['' => 'Do Not Depreciate'] + Depreciation::orderBy('name', 'asc')
-        ->pluck('name', 'id')->toArray();
+                ->pluck('name', 'id')->toArray();
         return $depreciation_list;
     }
 
+    /**
+     * Get the list of category types in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
     public static function categoryTypeList()
     {
-         $category_types = array('' => '','accessory' => 'Accessory', 'asset' => 'Asset', 'consumable' => 'Consumable','component' => 'Component');
-         return $category_types;
+        $category_types = array('' => '','accessory' => 'Accessory', 'asset' => 'Asset', 'consumable' => 'Consumable','component' => 'Component');
+        return $category_types;
     }
 
+    /**
+     * Get the list of users in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
     public static function usersList()
     {
-        $users_list = array('' => trans('general.select_user')) + DB::table('users')
-        ->select(DB::raw('concat(last_name,", ",first_name," (",username,")") as full_name, id'))
-        ->whereNull('deleted_at')
-        ->where('show_in_list','=',1)
-        ->orderBy('last_name', 'asc')
-        ->orderBy('first_name', 'asc')
-        ->pluck('full_name', 'id');
+        $users_list =   array( '' => trans('general.select_user')) +
+                        Company::scopeCompanyables(User::where('deleted_at', '=', null))
+                        ->where('show_in_list','=',1)
+                        ->orderBy('last_name', 'asc')
+                        ->orderBy('first_name', 'asc')->get()
+                        ->lists('complete_name', 'id')->toArray();
+
         return $users_list;
     }
 
+    /**
+     * Get the list of assets in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
     public static function assetsList()
     {
         $assets_list = array('' => trans('general.select_asset')) + Asset::orderBy('name', 'asc')
-        ->whereNull('deleted_at')
-        ->pluck('name', 'id')->toArray();
+                ->whereNull('deleted_at')
+                ->pluck('name', 'id')->toArray();
         return $assets_list;
     }
 
+    /**
+     * Get the detailed list of assets in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
+    public static function detailedAssetList()
+    {
+        $assets = array('' => trans('general.select_asset')) + Company::scopeCompanyables(Asset::with('assignedUser', 'model'), 'assets.company_id')->get()->lists('detailed_name', 'id')->toArray();
+        return $assets;
+    }
 
+
+    /**
+     * Get the list of custom fields in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v2.5]
+     * @return Array
+     */
     public static function customFieldsetList()
     {
         $customfields = array('' => trans('admin/models/general.no_custom_field')) + CustomFieldset::pluck('name', 'id')->toArray();
         return  $customfields;
     }
 
+    /**
+     * Get the list of custom field formats in an array to make a dropdown menu
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.4]
+     * @return Array
+     */
     public static function predefined_formats()
     {
         $keys=array_keys(CustomField::$PredefinedFormats);
         $stuff=array_combine($keys, $keys);
-        return $stuff+["" => "Custom Format..."];
+        return $stuff+["" => trans('admin/custom_fields/general.custom_format')];
     }
 
+    /**
+     * Get the list of barcode dimensions
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.3]
+     * @return Array
+     */
     public static function barcodeDimensions($barcode_type = 'QRCODE')
     {
         if ($barcode_type == 'C128') {
@@ -186,6 +394,13 @@ class Helper
         return $size;
     }
 
+    /**
+     * Generates a random string
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return Array
+     */
     public static function generateRandomString($length = 10)
     {
         $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
@@ -197,10 +412,15 @@ class Helper
         return $randomString;
     }
 
-  /**
-  * This nasty little method gets the low inventory info for the
-  * alert dropdown
-  **/
+
+    /**
+     * This nasty little method gets the low inventory info for the
+     * alert dropdown
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return Array
+     */
     public static function checkLowInventory()
     {
         $consumables = Consumable::with('users')->whereNotNull('min_amt')->get();
@@ -214,7 +434,12 @@ class Helper
         foreach ($consumables as $consumable) {
             $avail = $consumable->numRemaining();
             if ($avail < ($consumable->min_amt) + \App\Models\Setting::getSettings()->alert_threshold) {
-                $percent = number_format((($consumable->numRemaining() / $consumable->qty) * 100), 0);
+                if ($consumable->qty > 0) {
+                    $percent = number_format((($consumable->numRemaining() / $consumable->qty) * 100), 0);
+                } else {
+                    $percent = 100;
+                }
+
                 $items_array[$all_count]['id'] = $consumable->id;
                 $items_array[$all_count]['name'] = $consumable->name;
                 $items_array[$all_count]['type'] = 'consumables';
@@ -230,7 +455,13 @@ class Helper
         foreach ($accessories as $accessory) {
             $avail = $accessory->numRemaining();
             if ($avail < ($accessory->min_amt) + \App\Models\Setting::getSettings()->alert_threshold) {
-                $percent = number_format((($accessory->numRemaining() / $accessory->qty) * 100), 0);
+
+                if ($accessory->qty > 0) {
+                    $percent = number_format((($accessory->numRemaining() / $accessory->qty) * 100), 0);
+                } else {
+                    $percent = 100;
+                }
+
                 $items_array[$all_count]['id'] = $accessory->id;
                 $items_array[$all_count]['name'] = $accessory->name;
                 $items_array[$all_count]['type'] = 'accessories';
@@ -245,7 +476,12 @@ class Helper
         foreach ($components as $component) {
             $avail = $component->numRemaining();
             if ($avail < ($component->min_amt) + \App\Models\Setting::getSettings()->alert_threshold) {
-                $percent = number_format((($component->numRemaining() / $component->total_qty) * 100), 0);
+                if ($component->qty > 0) {
+                    $percent = number_format((($component->numRemaining() / $component->qty) * 100), 0);
+                } else {
+                    $percent = 100;
+                }
+
                 $items_array[$all_count]['id'] = $component->id;
                 $items_array[$all_count]['name'] = $component->name;
                 $items_array[$all_count]['type'] = 'components';
@@ -265,9 +501,16 @@ class Helper
     }
 
 
+    /**
+     * Check if the file is an image, so we can show a preview
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @param File $file
+     * @return String | Boolean
+     */
     public static function checkUploadIsImage($file)
     {
-        // Check if the file is an image, so we can show a preview
         $finfo = @finfo_open(FILEINFO_MIME_TYPE); // return mime type ala mimetype extension
         $filetype = @finfo_file($finfo, $file);
         finfo_close($finfo);
@@ -280,25 +523,26 @@ class Helper
     }
 
     /**
-    * Walks through the permissions in the permissions config file and determines if
-    * permissions are granted based on a $selected_arr array.
-    *
-    * The $permissions array is a multidimensional array broke down by section.
-    * (Licenses, Assets, etc)
-    *
-    * The $selected_arr should be a flattened array that contains just the
-    * corresponding permission name and a true or false boolean to determine
-    * if that group/user has been granted that permission.
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net]
-    * @param array $permissions
-    * @param array $selected_arr
-    * @since [v1.0]
-    * @return Array
-    */
+     * Walks through the permissions in the permissions config file and determines if
+     * permissions are granted based on a $selected_arr array.
+     *
+     * The $permissions array is a multidimensional array broke down by section.
+     * (Licenses, Assets, etc)
+     *
+     * The $selected_arr should be a flattened array that contains just the
+     * corresponding permission name and a true or false boolean to determine
+     * if that group/user has been granted that permission.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net]
+     * @param array $permissions
+     * @param array $selected_arr
+     * @since [v1.0]
+     * @return Array
+     */
     public static function selectedPermissionsArray($permissions, $selected_arr = array())
     {
 
+
         $permissions_arr = array();
 
         foreach ($permissions as $permission) {
@@ -310,7 +554,7 @@ class Helper
 
                     if ($selected_arr) {
                         if (array_key_exists($permission_name,$selected_arr)) {
-                            $permissions_arr[$permission_name] = ($selected_arr[$permission_name] == 1) ? '1': '0';
+                            $permissions_arr[$permission_name] = $selected_arr[$permission_name];
                         } else {
                             $permissions_arr[$permission_name] = '0';
                         }
@@ -324,8 +568,121 @@ class Helper
 
 
         }
-        
+
         return $permissions_arr;
     }
 
+    /**
+     * Introspects into the model validation to see if the field passed is required.
+     * This is used by the blades to add a required class onto the HTML element.
+     * This isn't critical, but is helpful to keep form fields in sync with the actual
+     * model level validation.
+     *
+     * This does not currently handle form request validation requiredness :(
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return boolean
+     */
+    public static function checkIfRequired($class, $field) {
+        $rules = $class::rules();
+        foreach ($rules as $rule_name => $rule) {
+            if ($rule_name == $field) {
+                if (strpos($rule, 'required') === false) {
+                    return false;
+                } else {
+                    return true;
+                }
+
+            }
+        }
+    }
+
+
+    /**
+     * Check to see if the given key exists in the array, and trim excess white space before returning it
+     *
+     * @author Daniel Melzter
+     * @since 3.0
+     * @param $array array
+     * @param $key string
+     * @param $default string
+     * @return string
+     */
+    public static function array_smart_fetch(array $array, $key, $default = '')
+    {
+       array_change_key_case($array, CASE_LOWER);
+        return array_key_exists(strtolower($key), array_change_key_case($array)) ? e(trim($array[ $key ])) : $default;
+    }
+
+    /**
+     * Check to see if the given key exists in the array, and trim excess white space before returning it
+     *
+     * @author A. Gianotto
+     * @since 3.2
+     * @param $array array
+     * @return string
+     */
+    public static function getLastDateFromHistoryArray(array $array)
+    {
+        foreach ($array as $key => $value) {
+//            echo '<pre>';
+//            echo 'last:'.$key;
+//            print_r($array);
+//            echo '</pre>';
+        }
+    }
+
+
+    /**
+     * Gracefully handle decrypting the legacy data (encrypted via mcrypt) and use the new
+     * decryption method instead.
+     *
+     * This is not currently used, but will be.
+     *
+     * @author A. Gianotto
+     * @since 3.6
+     * @param CustomField $field
+     * @param String $string
+     * @return string
+     */
+    public static function gracefulDecrypt(CustomField $field, $string) {
+
+        if ($field->isFieldDecryptable($string)) {
+
+            try {
+                Crypt::decrypt($string);
+                return Crypt::decrypt($string);
+
+            } catch (DecryptException $e) {
+                return 'Error Decrypting: '.$e->getMessage();
+            }
+
+        }
+        return $string;
+
+    }
+
+    /**
+     * Strip HTML out of returned JSON. This is pretty gross, and I'd like to find a better way
+     * to handle this, but the REST API will solve some of these problems anyway.
+     *
+     * This is not currently used, but will be.
+     *
+     * @author A. Gianotto
+     * @since 3.4
+     * @param $array array
+     * @return Array
+     */
+    public static function stripTagsFromJSON(Array $array) {
+
+        foreach ($array as $key => $value) {
+            $clean_value = strip_tags($value);
+            $clean_array[$key] = $clean_value;
+        }
+        return $clean_array;
+
+    }
+
+
 }

app/Http/Controllers/AccessoriesController.php

@@ -7,18 +7,19 @@ use App\Models\Actionlog;
 use App\Models\Company;
 use App\Models\Setting;
 use App\Models\User;
+use Auth;
 use Carbon\Carbon;
 use Config;
 use DB;
+use Gate;
 use Input;
 use Lang;
 use Mail;
 use Redirect;
+use Request;
 use Slack;
 use Str;
 use View;
-use Auth;
-use Request;
 
 /** This controller handles all actions related to Accessories for
  * the Snipe-IT Asset Management application.
@@ -52,14 +53,12 @@ class AccessoriesController extends Controller
     public function getCreate(Request $request)
     {
         // Show the page
-        $category_list = array('' => '') + DB::table('categories')->where('category_type', '=', 'accessory')->whereNull('deleted_at')->orderBy('name', 'ASC')->lists('name', 'id');
-        $company_list = Helper::companyList();
-        $location_list = Helper::locationsList();
         return View::make('accessories/edit')
-          ->with('accessory', new Accessory)
-          ->with('category_list', $category_list)
-          ->with('company_list', $company_list)
-          ->with('location_list', $location_list);
+          ->with('item', new Accessory)
+          ->with('category_list', Helper::categoryList('accessory'))
+          ->with('company_list', Helper::companyList())
+          ->with('location_list', Helper::locationsList())
+          ->with('manufacturer_list', Helper::manufacturerList());
     }
 
 
@@ -76,12 +75,14 @@ class AccessoriesController extends Controller
         $accessory = new Accessory();
 
         // Update the accessory data
-        $accessory->name                  = e(Input::get('name'));
-        $accessory->category_id               = e(Input::get('category_id'));
-        $accessory->location_id               = e(Input::get('location_id'));
-        $accessory->min_amt               = e(Input::get('min_amt'));
+        $accessory->name                    = e(Input::get('name'));
+        $accessory->category_id             = e(Input::get('category_id'));
+        $accessory->location_id             = e(Input::get('location_id'));
+        $accessory->min_amt                 = e(Input::get('min_amt'));
         $accessory->company_id              = Company::getIdForCurrentUser(Input::get('company_id'));
         $accessory->order_number            = e(Input::get('order_number'));
+        $accessory->manufacturer_id         = e(Input::get('manufacturer_id'));
+        $accessory->model_number            = e(Input::get('model_number'));
 
         if (e(Input::get('purchase_date')) == '') {
             $accessory->purchase_date       =  null;
@@ -92,14 +93,15 @@ class AccessoriesController extends Controller
         if (e(Input::get('purchase_cost')) == '0.00') {
             $accessory->purchase_cost       =  null;
         } else {
-            $accessory->purchase_cost       = e(Input::get('purchase_cost'));
+            $accessory->purchase_cost       = Helper::ParseFloat(e(Input::get('purchase_cost')));
         }
 
-        $accessory->qty                       = e(Input::get('qty'));
-        $accessory->user_id               = Auth::user()->id;
+        $accessory->qty                     = e(Input::get('qty'));
+        $accessory->user_id                 = Auth::user()->id;
 
         // Was the accessory created?
         if ($accessory->save()) {
+            $accessory->logCreate();
             // Redirect to the new accessory  page
             return redirect()->to("admin/accessories")->with('success', trans('admin/accessories/message.create.success'));
         }
@@ -118,21 +120,18 @@ class AccessoriesController extends Controller
     public function getEdit(Request $request, $accessoryId = null)
     {
         // Check if the accessory exists
-        if (is_null($accessory = Accessory::find($accessoryId))) {
+        if (is_null($item = Accessory::find($accessoryId))) {
             // Redirect to the blogs management page
             return redirect()->to('admin/accessories')->with('error', trans('admin/accessories/message.does_not_exist'));
-        } elseif (!Company::isCurrentUserHasAccess($accessory)) {
+        } elseif (!Company::isCurrentUserHasAccess($item)) {
             return redirect()->to('admin/accessories')->with('error', trans('general.insufficient_permissions'));
         }
 
-        $category_list = array('' => '') + DB::table('categories')->where('category_type', '=', 'accessory')->whereNull('deleted_at')->orderBy('name', 'ASC')->lists('name', 'id');
-        $company_list = Helper::companyList();
-        $location_list = Helper::locationsList();
-
-        return View::make('accessories/edit', compact('accessory'))
-          ->with('category_list', $category_list)
-          ->with('company_list', $company_list)
-          ->with('location_list', $location_list);
+        return View::make('accessories/edit', compact('item'))
+          ->with('category_list', Helper::categoryList('accessory'))
+          ->with('company_list', Helper::companyList())
+          ->with('location_list', Helper::locationsList())
+          ->with('manufacturer_list', Helper::manufacturerList());
     }
 
 
@@ -145,9 +144,9 @@ class AccessoriesController extends Controller
    */
     public function postEdit(Request $request, $accessoryId = null)
     {
-      // Check if the blog post exists
+      // Check if the accessory exists
         if (is_null($accessory = Accessory::find($accessoryId))) {
-            // Redirect to the blogs management page
+            // Redirect to the accessory index page
             return redirect()->to('admin/accessories')->with('error', trans('admin/accessories/message.does_not_exist'));
         } elseif (!Company::isCurrentUserHasAccess($accessory)) {
             return redirect()->to('admin/accessories')->with('error', trans('general.insufficient_permissions'));
@@ -159,12 +158,14 @@ class AccessoriesController extends Controller
         if (e(Input::get('location_id')) == '') {
             $accessory->location_id = null;
         } else {
-            $accessory->location_id     = e(Input::get('location_id'));
+            $accessory->location_id         = e(Input::get('location_id'));
         }
-        $accessory->min_amt             = e(Input::get('min_amt'));
+        $accessory->min_amt                 = e(Input::get('min_amt'));
         $accessory->category_id             = e(Input::get('category_id'));
         $accessory->company_id              = Company::getIdForCurrentUser(Input::get('company_id'));
+        $accessory->manufacturer_id         = e(Input::get('manufacturer_id'));
         $accessory->order_number            = e(Input::get('order_number'));
+        $accessory->model_number            = e(Input::get('model_number'));
 
         if (e(Input::get('purchase_date')) == '') {
             $accessory->purchase_date       =  null;
@@ -180,9 +181,9 @@ class AccessoriesController extends Controller
 
         $accessory->qty                     = e(Input::get('qty'));
 
-      // Was the accessory created?
+      // Was the accessory updated?
         if ($accessory->save()) {
-            // Redirect to the new accessory page
+            // Redirect to the updated accessory page
             return redirect()->to("admin/accessories")->with('success', trans('admin/accessories/message.update.success'));
         }
 
@@ -311,16 +312,11 @@ class AccessoriesController extends Controller
         'user_id' => Auth::user()->id,
         'assigned_to' => e(Input::get('assigned_to'))));
 
-        $logaction = new Actionlog();
-        $logaction->accessory_id = $accessory->id;
-        $logaction->checkedout_to = $accessory->assigned_to;
-        $logaction->asset_type = 'accessory';
-        $logaction->location_id = $user->location_id;
-        $logaction->user_id = Auth::user()->id;
-        $logaction->note = e(Input::get('note'));
+        $logaction = $accessory->logCheckout(e(Input::get('note')));
 
 
 
+        $admin_user = Auth::user();
         $settings = Setting::getSettings();
 
         if ($settings->slack_endpoint) {
@@ -340,11 +336,11 @@ class AccessoriesController extends Controller
                 'fields' => [
                   [
                   'title' => 'Checked Out:',
-                  'value' => strtoupper($logaction->asset_type).' <'.config('app.url').'/admin/accessories/'.$accessory->id.'/view'.'|'.$accessory->name.'> checked out to <'.config('app.url').'/admin/users/'.$user->id.'/view|'.$user->fullName().'> by <'.config('app.url').'/admin/users/'.$admin_user->id.'/view'.'|'.$admin_user->fullName().'>.'
+                  'value' => 'Accessory <'.config('app.url').'/admin/accessories/'.$accessory->id.'/view'.'|'.$accessory->name.'> checked out to <'.config('app.url').'/admin/users/'.$user->id.'/view|'.$user->fullName().'> by <'.config('app.url').'/admin/users/'.$admin_user->id.'/view'.'|'.$admin_user->fullName().'>.'
                   ],
                   [
                       'title' => 'Note:',
-                      'value' => e($logaction->note)
+                      'value' => e(Input::get('note'))
                   ],
                 ]
                 ])->send('Accessory Checked Out');
@@ -355,9 +351,6 @@ class AccessoriesController extends Controller
         }
 
 
-
-        $log = $logaction->logaction('checkout');
-
         $accessory_user = DB::table('accessories_users')->where('assigned_to', '=', $accessory->assigned_to)->where('accessory_id', '=', $accessory->id)->first();
 
         $data['log_id'] = $logaction->id;
@@ -375,7 +368,8 @@ class AccessoriesController extends Controller
 
             Mail::send('emails.accept-accessory', $data, function ($m) use ($user) {
                 $m->to($user->email, $user->first_name . ' ' . $user->last_name);
-                $m->subject('Confirm accessory delivery');
+                $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                $m->subject(trans('mail.Confirm_accessory_delivery'));
             });
         }
 
@@ -435,21 +429,14 @@ class AccessoriesController extends Controller
             return redirect()->to('admin/accessories')->with('error', trans('general.insufficient_permissions'));
         }
 
-        $logaction = new Actionlog();
-        $logaction->checkedout_to = e($accessory_user->assigned_to);
         $return_to = e($accessory_user->assigned_to);
+        $logaction = $accessory->logCheckin(User::find($return_to), e(Input::get('note')));
         $admin_user = Auth::user();
 
 
       // Was the accessory updated?
         if (DB::table('accessories_users')->where('id', '=', $accessory_user->id)->delete()) {
 
-            $logaction->accessory_id = e($accessory->id);
-            $logaction->location_id = null;
-            $logaction->asset_type = 'accessory';
-            $logaction->user_id = e($admin_user->id);
-            $logaction->note = e(Input::get('note'));
-
             $settings = Setting::getSettings();
 
             if ($settings->slack_endpoint) {
@@ -469,7 +456,7 @@ class AccessoriesController extends Controller
                         'fields' => [
                             [
                                 'title' => 'Checked In:',
-                                'value' => strtoupper($logaction->asset_type).' <'.config('app.url').'/admin/accessories/'.e($accessory->id).'/view'.'|'.e($accessory->name).'> checked in by <'.config('app.url').'/admin/users/'.e($admin_user->id).'/view'.'|'.e($admin_user->fullName()).'>.'
+                                'value' => class_basename(strtoupper($logaction->item_type)).' <'.config('app.url').'/admin/accessories/'.e($accessory->id).'/view'.'|'.e($accessory->name).'> checked in by <'.config('app.url').'/admin/users/'.e($admin_user->id).'/view'.'|'.e($admin_user->fullName()).'>.'
                             ],
                             [
                                 'title' => 'Note:',
@@ -485,9 +472,6 @@ class AccessoriesController extends Controller
 
             }
 
-
-            $log = $logaction->logaction('checkin from');
-
             if (!is_null($accessory_user->assigned_to)) {
                 $user = User::find($accessory_user->assigned_to);
             }
@@ -503,7 +487,8 @@ class AccessoriesController extends Controller
 
                 Mail::send('emails.checkin-asset', $data, function ($m) use ($user) {
                     $m->to($user->email, $user->first_name . ' ' . $user->last_name);
-                    $m->subject('Confirm Accessory Checkin');
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.Confirm_Accessory_Checkin'));
                 });
             }
 
@@ -547,9 +532,11 @@ class AccessoriesController extends Controller
     **/
     public function getDatatable(Request $request)
     {
-        $accessories = Accessory::select('accessories.*')->with('category', 'company')
-        ->whereNull('accessories.deleted_at');
-
+        $accessories = Company::scopeCompanyables(
+            Accessory::select('accessories.*')
+            ->whereNull('accessories.deleted_at')
+            ->with('category', 'company', 'manufacturer', 'users', 'location')
+        );
         if (Input::has('search')) {
             $accessories = $accessories->TextSearch(e(Input::get('search')));
         }
@@ -567,7 +554,7 @@ class AccessoriesController extends Controller
         }
 
 
-        $allowed_columns = ['name','min_amt','order_number','purchase_date','purchase_cost','companyName','category'];
+        $allowed_columns = ['name','min_amt','order_number','purchase_date','purchase_cost','companyName','category','model_number'];
         $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
         $sort = in_array(Input::get('sort'), $allowed_columns) ? e(Input::get('sort')) : 'created_at';
 
@@ -589,21 +576,38 @@ class AccessoriesController extends Controller
         $rows = array();
 
         foreach ($accessories as $accessory) {
-            $actions = '<nobr><a href="'.route('checkout/accessory', $accessory->id).'" style="margin-right:5px;" class="btn btn-info btn-sm" '.(($accessory->numRemaining() > 0 ) ? '' : ' disabled').'>'.trans('general.checkout').'</a><a href="'.route('update/accessory', $accessory->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/accessory', $accessory->id).'" data-content="'.trans('admin/accessories/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($accessory->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></nobr>';
+
+            $actions = '<nobr>';
+            if (Gate::allows('accessories.checkout')) {
+                $actions .= '<a href="' . route('checkout/accessory',
+                        $accessory->id) . '" style="margin-right:5px;" class="btn btn-info btn-sm" ' . (($accessory->numRemaining() > 0) ? '' : ' disabled') . '>' . trans('general.checkout') . '</a>';
+            }
+            if (Gate::allows('accessories.edit')) {
+                $actions .= '<a href="' . route('update/accessory',
+                        $accessory->id) . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
+            }
+            if (Gate::allows('accessories.delete')) {
+                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/accessory',
+                        $accessory->id) . '" data-content="' . trans('admin/accessories/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($accessory->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
+            }
+            $actions .= '</nobr>';
             $company = $accessory->company;
 
             $rows[] = array(
             'name'          => '<a href="'.url('admin/accessories/'.$accessory->id).'/view">'. $accessory->name.'</a>',
             'category'      => ($accessory->category) ? (string)link_to('admin/settings/categories/'.$accessory->category->id.'/view', $accessory->category->name) : '',
+            'model_number'      =>  e($accessory->model_number),
             'qty'           => e($accessory->qty),
             'order_number'  => e($accessory->order_number),
             'min_amt'  => e($accessory->min_amt),
             'location'      => ($accessory->location) ? e($accessory->location->name): '',
             'purchase_date' => e($accessory->purchase_date),
-            'purchase_cost' => number_format($accessory->purchase_cost, 2),
+            'purchase_cost' => Helper::formatCurrencyOutput($accessory->purchase_cost),
             'numRemaining'  => $accessory->numRemaining(),
             'actions'       => $actions,
-            'companyName'   => is_null($company) ? '' : e($company->name)
+            'companyName'   => is_null($company) ? '' : e($company->name),
+            'manufacturer'      => $accessory->manufacturer ? (string) link_to('/admin/settings/manufacturers/'.$accessory->manufacturer_id.'/view', $accessory->manufacturer->name) : ''
+
             );
         }
 
@@ -652,10 +656,20 @@ class AccessoriesController extends Controller
         $rows = array();
 
         foreach ($accessory_users as $user) {
-            $actions = '<a href="'.route('checkin/accessory', $user->pivot->id).'" class="btn btn-info btn-sm">Checkin</a>';
+            $actions = '';
+            if (Gate::allows('accessories.checkin')) {
+                $actions .= '<a href="' . route('checkin/accessory',
+                        $user->pivot->id) . '" class="btn btn-info btn-sm">Checkin</a>';
+            }
+
+            if (Gate::allows('users.view')) {
+                $name = (string) link_to('/admin/users/'.$user->id.'/view', e($user->fullName()));
+            } else {
+                $name = e($user->fullName());
+            }
 
             $rows[] = array(
-              'name'          =>(string) link_to('/admin/users/'.$user->id.'/view', e($user->fullName())),
+              'name'          => $name,
               'actions'       => $actions
               );
         }

app/Http/Controllers/ActionlogController.php

@@ -0,0 +1,18 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Helpers\Helper;
+use Response;
+
+class ActionlogController extends Controller
+{
+    public function displaySig($filename)
+    {
+
+        $file = config('app.private_uploads') . '/signatures/' . $filename;
+        $filetype = Helper::checkUploadIsImage($file);
+        $contents = file_get_contents($file);
+        return Response::make($contents)->header('Content-Type', $filetype);
+    }
+}

app/Http/Controllers/AssetMaintenancesController.php

@@ -20,6 +20,8 @@ use View;
 use App\Models\Setting;
 use App\Models\Asset;
 use App\Helpers\Helper;
+use Auth;
+use Gate;
 
 /**
  * This controller handles all actions related to Asset Maintenance for
@@ -74,13 +76,15 @@ class AssetMaintenancesController extends Controller
     */
     public function getDatatable()
     {
-        $maintenances = AssetMaintenance::with('asset', 'supplier', 'asset.company')
-        ->whereNull('deleted_at');
+        $maintenances = AssetMaintenance::with('asset', 'supplier', 'asset.company','admin');
 
         if (Input::has('search')) {
             $maintenances = $maintenances->TextSearch(e(Input::get('search')));
         }
 
+
+
+
         if (Input::has('offset')) {
             $offset = e(Input::get('offset'));
         } else {
@@ -93,11 +97,20 @@ class AssetMaintenancesController extends Controller
             $limit = 50;
         }
 
-        $allowed_columns = ['id','title','asset_maintenance_time','asset_maintenance_type','cost','start_date','completion_date','notes'];
+
+
+        $allowed_columns = ['id','title','asset_maintenance_time','asset_maintenance_type','cost','start_date','completion_date','notes','user_id'];
         $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
         $sort = in_array(Input::get('sort'), $allowed_columns) ? e(Input::get('sort')) : 'created_at';
 
-        $maintenances->orderBy($sort, $order);
+        switch ($sort) {
+            case 'user_id':
+                $maintenances = $maintenances->OrderAdmin($order);
+                break;
+            default:
+                $maintenances = $maintenances->orderBy($sort, $order);
+                break;
+        }
 
         $maintenancesCount = $maintenances->count();
         $maintenances = $maintenances->skip($offset)->take($limit)->get();
@@ -106,30 +119,33 @@ class AssetMaintenancesController extends Controller
         $settings = Setting::getSettings();
 
         foreach ($maintenances as $maintenance) {
+            $actions = '';
+            if (Gate::allows('assets.edit')) {
+                $actions .= '<nobr><a href="' . route('update/asset_maintenance',
+                        $maintenance->id) . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/asset_maintenance',
+                        $maintenance->id) . '" data-content="' . trans('admin/asset_maintenances/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($maintenance->title) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></nobr>';
+            }
 
-            $actions = '<nobr><a href="'.route('update/asset_maintenance', $maintenance->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/asset_maintenance', $maintenance->id).'" data-content="'.trans('admin/asset_maintenances/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($maintenance->title).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></nobr>';
-
-            if (($maintenance->cost) && ($maintenance->asset->assetloc) &&  ($maintenance->asset->assetloc->currency!='')) {
+            if (($maintenance->cost) && (isset($maintenance->asset)) && ($maintenance->asset->assetloc) &&  ($maintenance->asset->assetloc->currency!='')) {
                 $maintenance_cost = $maintenance->asset->assetloc->currency.$maintenance->cost;
             } else {
                 $maintenance_cost = $settings->default_currency.$maintenance->cost;
             }
-
-            $company = $maintenance->asset->company;
-
+            
             $rows[] = array(
                 'id'            => $maintenance->id,
-                'asset_name'    =>  (string)link_to('/hardware/'.$maintenance->asset->id.'/view', $maintenance->asset->showAssetName()) ,
+                'asset_name'    =>  ($maintenance->asset) ? (string)link_to('/hardware/'.$maintenance->asset->id.'/view', $maintenance->asset->showAssetName()) : 'Deleted Asset' ,
                 'title'         => $maintenance->title,
                 'notes'         => $maintenance->notes,
-                'supplier'      => $maintenance->supplier->name,
+                'supplier'      => ($maintenance->supplier) ? (string)link_to('/admin/settings/suppliers/'.$maintenance->supplier->id.'/view', $maintenance->supplier->name) : 'Deleted Supplier',
                 'cost'          => $maintenance_cost,
                 'asset_maintenance_type'          => e($maintenance->asset_maintenance_type),
                 'start_date'         => $maintenance->start_date,
                 'asset_maintenance_time'          => $maintenance->asset_maintenance_time,
                 'completion_date'     => $maintenance->completion_date,
+                'user_id'       => ($maintenance->admin) ? (string)link_to('/admin/users/'.$maintenance->admin->id.'/view', $maintenance->admin->fullName()) : '',
                 'actions'       => $actions,
-                'companyName'   => is_null($company) ? '' : $company->name
+                'companyName'   => ($maintenance->asset->company) ? $maintenance->asset->company->name : ''
             );
         }
 
@@ -155,45 +171,18 @@ class AssetMaintenancesController extends Controller
                                 ] + AssetMaintenance::getImprovementOptions();
         // Mark the selected asset, if it came in
         $selectedAsset = $assetId;
-        // Get the possible assets using a left join to get a list of assets and some other helpful info
-        $asset = Company::scopeCompanyables(DB::table('assets'), 'assets.company_id')
-                 ->leftJoin('users', 'users.id', '=', 'assets.assigned_to')
-                 ->leftJoin('models', 'assets.model_id', '=', 'models.id')
-                 ->select(
-                     'assets.id',
-                     'assets.name',
-                     'first_name',
-                     'last_name',
-                     'asset_tag',
-                     DB::raw('concat(first_name," ",last_name) as full_name, assets.id as id, models.name as modelname')
-                 )
-                 ->whereNull('assets.deleted_at')
-                 ->get();
-        $asset_array         = json_decode(json_encode($asset), true);
-        $asset_element[ '' ] = 'Please select an asset';
 
-        // Build a list out of the data results
-        for ($x = 0; $x < count($asset_array); $x++) {
+        $assets = Helper::detailedAssetList();
 
-            if ($asset_array[ $x ][ 'full_name' ] != '') {
-                $full_name = ' (' . $asset_array[ $x ][ 'full_name' ] . ') ' . $asset_array[ $x ][ 'modelname' ];
-            } else {
-                $full_name = ' (Unassigned) ' . $asset_array[ $x ][ 'modelname' ];
-            }
-            $asset_element[ $asset_array[ $x ][ 'id' ] ] =
-                $asset_array[ $x ][ 'asset_tag' ] . ' - ' . $asset_array[ $x ][ 'name' ] . $full_name;
-        }
-
-        // Get Supplier List
         $supplier_list = Helper::suppliersList();
 
         // Render the view
         return View::make('asset_maintenances/edit')
-                   ->with('asset_list', $asset_element)
+                   ->with('asset_list', $assets)
                    ->with('selectedAsset', $selectedAsset)
                    ->with('supplier_list', $supplier_list)
                    ->with('assetMaintenanceType', $assetMaintenanceType)
-                   ->with('assetMaintenance', new AssetMaintenance);
+                   ->with('item', new AssetMaintenance);
     }
 
     /**
@@ -230,7 +219,7 @@ class AssetMaintenancesController extends Controller
         if (e(Input::get('cost')) == '') {
             $assetMaintenance->cost = '';
         } else {
-            $assetMaintenance->cost =  e(Input::get('cost'));
+            $assetMaintenance->cost =  Helper::ParseFloat(e(Input::get('cost')));
         }
 
         if (e(Input::get('notes')) == '') {
@@ -251,6 +240,7 @@ class AssetMaintenancesController extends Controller
         $assetMaintenance->title                  = e(Input::get('title'));
         $assetMaintenance->start_date             = e(Input::get('start_date'));
         $assetMaintenance->completion_date        = e(Input::get('completion_date'));
+        $assetMaintenance->user_id                = Auth::user()->id;
 
         if (( $assetMaintenance->completion_date == "" )
             || ( $assetMaintenance->completion_date == "0000-00-00" )
@@ -321,44 +311,17 @@ class AssetMaintenancesController extends Controller
                                     '' => 'Select an improvement type',
                                 ] + AssetMaintenance::getImprovementOptions();
 
-        // Get the possible assets using a left join to get a list of assets and some other helpful info
-        $asset = Company::scopeCompanyables(DB::table('assets'), 'assets.company_id')
-                 ->leftJoin('users', 'users.id', '=', 'assets.assigned_to')
-                 ->leftJoin('models', 'assets.model_id', '=', 'models.id')
-                 ->select(
-                     'assets.id',
-                     'assets.name',
-                     'first_name',
-                     'last_name',
-                     'asset_tag',
-                     DB::raw('concat(first_name," ",last_name) as full_name, assets.id as id, models.name as modelname')
-                 )
-                 ->whereNull('assets.deleted_at')
-                 ->get();
-        $asset_array         = json_decode(json_encode($asset), true);
-        $asset_element[ '' ] = 'Please select an asset';
-
-        // Build a list out of the data results
-        for ($x = 0; $x < count($asset_array); $x++) {
-
-            if ($asset_array[ $x ][ 'full_name' ] != '') {
-                $full_name = ' (' . $asset_array[ $x ][ 'full_name' ] . ') ' . $asset_array[ $x ][ 'modelname' ];
-            } else {
-                $full_name = ' (Unassigned) ' . $asset_array[ $x ][ 'modelname' ];
-            }
-            $asset_element[ $asset_array[ $x ][ 'id' ] ] =
-                $asset_array[ $x ][ 'asset_tag' ] . ' - ' . $asset_array[ $x ][ 'name' ] . $full_name;
-        }
+        $assets = Company::scopeCompanyables(Asset::with('model','assignedUser')->get(), 'assets.company_id')->lists('detailed_name', 'id');
         // Get Supplier List
         $supplier_list = Helper::suppliersList();
 
         // Render the view
         return View::make('asset_maintenances/edit')
-                   ->with('asset_list', $asset_element)
+                   ->with('asset_list', $assets)
                    ->with('selectedAsset', null)
                    ->with('supplier_list', $supplier_list)
                    ->with('assetMaintenanceType', $assetMaintenanceType)
-                   ->with('assetMaintenance', $assetMaintenance);
+                   ->with('item', $assetMaintenance);
 
     }
 
@@ -404,7 +367,7 @@ class AssetMaintenancesController extends Controller
         if (e(Input::get('cost')) == '') {
             $assetMaintenance->cost = '';
         } else {
-            $assetMaintenance->cost =  e(Input::get('cost'));
+            $assetMaintenance->cost =  Helper::ParseFloat(e(Input::get('cost')));
         }
 
         if (e(Input::get('notes')) == '') {

app/Http/Controllers/AssetModelsController.php

@@ -6,11 +6,8 @@ use Input;
 use Lang;
 use App\Models\AssetModel;
 use Redirect;
-use App\Models\Setting;
 use Auth;
 use DB;
-use App\Models\Depreciation;
-use App\Models\Manufacturer;
 use Str;
 use Validator;
 use View;
@@ -55,14 +52,14 @@ class AssetModelsController extends Controller
     public function getCreate()
     {
         // Show the page
-        $depreciation_list = \App\Helpers\Helper::depreciationList();
-        $manufacturer_list = \App\Helpers\Helper::manufacturerList();
-        $category_list = \App\Helpers\Helper::categoryList();
+        $depreciation_list = Helper::depreciationList();
+        $manufacturer_list = Helper::manufacturerList();
+        $category_list = Helper::categoryList('asset');
         return View::make('models/edit')
         ->with('category_list', $category_list)
         ->with('depreciation_list', $depreciation_list)
         ->with('manufacturer_list', $manufacturer_list)
-        ->with('model', new AssetModel);
+        ->with('item', new AssetModel);
     }
 
 
@@ -92,28 +89,28 @@ class AssetModelsController extends Controller
             $model->eol = e(Input::get('eol'));
         }
 
-            // Save the model data
-            $model->name                = e(Input::get('name'));
-            $model->modelno             = e(Input::get('modelno'));
-            $model->manufacturer_id     = e(Input::get('manufacturer_id'));
-            $model->category_id         = e(Input::get('category_id'));
-            $model->note            = e(Input::get('note'));
-            $model->user_id             = Auth::user()->id;
+        // Save the model data
+        $model->name                = e(Input::get('name'));
+        $model->model_number             = e(Input::get('model_number'));
+        $model->manufacturer_id     = e(Input::get('manufacturer_id'));
+        $model->category_id         = e(Input::get('category_id'));
+        $model->notes               = e(Input::get('notes'));
+        $model->user_id             = Auth::user()->id;
+        $model->requestable         = Input::has('requestable');
+
         if (Input::get('custom_fieldset')!='') {
             $model->fieldset_id = e(Input::get('custom_fieldset'));
         }
 
-            //$model->show_mac_address 	= e(Input::get('show_mac_address', '0'));
-
 
         if (Input::file('image')) {
             $image = Input::file('image');
             $file_name = str_random(25).".".$image->getClientOriginalExtension();
             $path = public_path('uploads/models/'.$file_name);
-          // Image::make($image->getRealPath())->resize(300, null, function ($constraint) {
-          //     $constraint->aspectRatio();
-          //     $constraint->upsize();
-          // })->save($path);
+            Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
+                $constraint->aspectRatio();
+                $constraint->upsize();
+            })->save($path);
             $model->image = $file_name;
         }
 
@@ -141,15 +138,15 @@ class AssetModelsController extends Controller
         $model = new AssetModel;
 
         $settings=Input::all();
-        $settings['eol']=0;
+        $settings['eol']= null;
 
         $model->name=e(Input::get('name'));
         $model->manufacturer_id = e(Input::get('manufacturer_id'));
         $model->category_id = e(Input::get('category_id'));
-        $model->modelno = e(Input::get('modelno'));
+        $model->model_number = e(Input::get('model_number'));
         $model->user_id = Auth::user()->id;
-        $model->note            = e(Input::get('note'));
-        $model->eol=0;
+        $model->notes            = e(Input::get('notes'));
+        $model->eol= null;
 
         if (Input::get('fieldset_id')=='') {
             $model->fieldset_id = null;
@@ -176,15 +173,16 @@ class AssetModelsController extends Controller
     public function getEdit($modelId = null)
     {
         // Check if the model exists
-        if (is_null($model = AssetModel::find($modelId))) {
+        if (is_null($item = AssetModel::find($modelId))) {
             // Redirect to the model management page
             return redirect()->to('assets/models')->with('error', trans('admin/models/message.does_not_exist'));
         }
 
-        $depreciation_list = \App\Helpers\Helper::depreciationList();
-        $manufacturer_list = \App\Helpers\Helper::manufacturerList();
-        $category_list = \App\Helpers\Helper::categoryList();
-        $view = View::make('models/edit', compact('model'));
+        $depreciation_list = Helper::depreciationList();
+        $manufacturer_list = Helper::manufacturerList();
+        $category_list = Helper::categoryList('asset');
+
+        $view = View::make('models/edit', compact('item'));
         $view->with('category_list', $category_list);
         $view->with('depreciation_list', $depreciation_list);
         $view->with('manufacturer_list', $manufacturer_list);
@@ -217,17 +215,19 @@ class AssetModelsController extends Controller
         }
 
         if (e(Input::get('eol')) == '') {
-            $model->eol =  0;
+            $model->eol =  null;
         } else {
             $model->eol = e(Input::get('eol'));
         }
-
         // Update the model data
         $model->name                = e(Input::get('name'));
-        $model->modelno             = e(Input::get('modelno'));
+        $model->model_number        = e(Input::get('model_number'));
         $model->manufacturer_id     = e(Input::get('manufacturer_id'));
         $model->category_id         = e(Input::get('category_id'));
-        $model->note            = e(Input::get('note'));
+        $model->notes               = e(Input::get('notes'));
+
+        $model->requestable = Input::has('requestable');
+
         if (Input::get('custom_fieldset')=='') {
             $model->fieldset_id = null;
         } else {
@@ -371,14 +371,14 @@ class AssetModelsController extends Controller
         $model->id = null;
 
         // Show the page
-        $depreciation_list = array('' => 'Do Not Depreciate') + Depreciation::lists('name', 'id');
-        $manufacturer_list = array('' => 'Select One') + Manufacturer::lists('name', 'id');
-        $category_list = array('' => '') + DB::table('categories')->whereNull('deleted_at')->lists('name', 'id');
+        $depreciation_list = Helper::depreciationList();
+        $manufacturer_list = Helper::manufacturerList();
+        $category_list = Helper::categoryList('asset');
         $view = View::make('models/edit');
         $view->with('category_list', $category_list);
         $view->with('depreciation_list', $depreciation_list);
         $view->with('manufacturer_list', $manufacturer_list);
-        $view->with('model', $model);
+        $view->with('item', $model);
         $view->with('clone_model', $model_to_clone);
         return $view;
 
@@ -395,7 +395,7 @@ class AssetModelsController extends Controller
     */
     public function getCustomFields($modelId)
     {
-        $model=AssetModel::find($modelId);
+        $model = AssetModel::find($modelId);
         return View::make("models.custom_fields_form")->with("model", $model);
     }
 
@@ -413,7 +413,7 @@ class AssetModelsController extends Controller
 
     public function getDatatable($status = null)
     {
-        $models = AssetModel::with('category', 'assets', 'depreciation');
+        $models = AssetModel::with('category', 'assets', 'depreciation', 'manufacturer');
 
         switch ($status) {
             case 'Deleted':
@@ -439,7 +439,7 @@ class AssetModelsController extends Controller
         }
 
 
-        $allowed_columns = ['id','name','modelno'];
+        $allowed_columns = ['id','name','model_number'];
         $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
         $sort = in_array(Input::get('sort'), $allowed_columns) ? e(Input::get('sort')) : 'created_at';
 
@@ -452,7 +452,7 @@ class AssetModelsController extends Controller
 
         foreach ($models as $model) {
             if ($model->deleted_at == '') {
-                $actions = '<div style=" white-space: nowrap;"><a href="'.route('update/model', $model->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/model', $model->id).'" data-content="'.trans('admin/models/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($model->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
+                $actions = '<div style=" white-space: nowrap;"><a href="'.route('clone/model', $model->id).'" class="btn btn-info btn-sm" title="Clone Model" data-toggle="tooltip"><i class="fa fa-clone"></i></a> <a href="'.route('update/model', $model->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/model', $model->id).'" data-content="'.trans('admin/models/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($model->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
             } else {
                 $actions = '<a href="'.route('restore/model', $model->id).'" class="btn btn-warning btn-sm"><i class="fa fa-recycle icon-white"></i></a>';
             }
@@ -462,12 +462,13 @@ class AssetModelsController extends Controller
                 'manufacturer'      => (string)link_to('/admin/settings/manufacturers/'.$model->manufacturer->id.'/view', $model->manufacturer->name),
                 'name'              => (string)link_to('/hardware/models/'.$model->id.'/view', $model->name),
                 'image' => ($model->image!='') ? '<img src="'.config('app.url').'/uploads/models/'.$model->image.'" height=50 width=50>' : '',
-                'modelnumber'       => $model->modelno,
+                'modelnumber'       => $model->model_number,
                 'numassets'         => $model->assets->count(),
-                'depreciation'      => (($model->depreciation)&&($model->depreciation->id > 0)) ? $model->depreciation->name.' ('.$model->depreciation->months.')' : trans('general.no_depreciation'),
-                'category'          => ($model->category) ? $model->category->name : '',
+                'depreciation'      => (($model->depreciation) && ($model->depreciation->id > 0)) ? $model->depreciation->name.' ('.$model->depreciation->months.')' : trans('general.no_depreciation'),
+                'category'          => ($model->category) ? (string)link_to('admin/settings/categories/'.$model->category->id.'/view', $model->category->name) : '',
                 'eol'               => ($model->eol) ? $model->eol.' '.trans('general.months') : '',
-                'note'       => $model->getNote(),
+                'note'              => $model->getNote(),
+                'fieldset'          => ($model->fieldset) ? (string)link_to('admin/custom_fields/'.$model->fieldset->id, $model->fieldset->name) : '',
                 'actions'           => $actions
                 );
         }
@@ -488,7 +489,7 @@ class AssetModelsController extends Controller
     */
     public function getDataView($modelID)
     {
-        $assets = Asset::where('model_id', '=', $modelID)->with('company');
+        $assets = Asset::where('model_id', '=', $modelID)->with('company', 'assetstatus');
 
         if (Input::has('search')) {
             $assets = $assets->TextSearch(e(Input::get('search')));

app/Http/Controllers/Auth/AuthController.php

@@ -5,7 +5,9 @@ namespace App\Http\Controllers\Auth;
 use Validator;
 use App\Http\Controllers\Controller;
 use Illuminate\Foundation\Auth\ThrottlesLogins;
+use Illuminate\Foundation\Auth\AuthenticatesAndRegistersUsers;
 use App\Models\Setting;
+use App\Models\Ldap;
 use App\Models\User;
 use Auth;
 use Config;
@@ -14,6 +16,9 @@ use Input;
 use Redirect;
 use Log;
 use View;
+use PragmaRX\Google2FA\Google2FA;
+
+
 
 /**
  * This controller handles authentication for the user, including local
@@ -26,7 +31,7 @@ use View;
 class AuthController extends Controller
 {
 
-    use ThrottlesLogins;
+    use AuthenticatesAndRegistersUsers, ThrottlesLogins;
 
     // This tells the auth controller to use username instead of email address
     protected $username = 'username';
@@ -45,127 +50,63 @@ class AuthController extends Controller
      */
     public function __construct()
     {
-        $this->middleware('guest', ['except' => 'logout']);
+        $this->middleware('guest', ['except' => ['logout','postTwoFactorAuth','getTwoFactorAuth','getTwoFactorEnroll']]);
     }
 
 
     function showLoginForm()
     {
-      // Is the user logged in?
         if (Auth::check()) {
             return redirect()->intended('dashboard');
         }
-
-      // Show the page
         return View::make('auth.login');
     }
 
 
-    /**
-     * Authenticates a user to LDAP
-     *
-     * @param $username
-     * @param $password
-     * @param bool|false $returnUser
-     * @return bool true    if the username and/or password provided are valid
-     *              false   if the username and/or password provided are invalid
-     *         array of ldap_attributes if $returnUser is true
-     */
-    function ldap($username, $password, $returnUser = false)
+    private function login_via_ldap(Request $request)
     {
-
-        $ldaphost    = Setting::getSettings()->ldap_server;
-        $ldaprdn     = Setting::getSettings()->ldap_uname;
-        $ldappass    = \Crypt::decrypt(Setting::getSettings()->ldap_pword);
-        $baseDn      = Setting::getSettings()->ldap_basedn;
-        $filterQuery = Setting::getSettings()->ldap_auth_filter_query . $username;
-        $ldapversion = Setting::getSettings()->ldap_version;
-        $ldap_server_cert_ignore = Setting::getSettings()->ldap_server_cert_ignore;
-
-        // If we are ignoring the SSL cert we need to setup the environment variable
-        // before we create the connection
-        if ($ldap_server_cert_ignore) {
-            putenv('LDAPTLS_REQCERT=never');
-        }
-
-        // Connecting to LDAP
-        $connection = ldap_connect($ldaphost) or die("Could not connect to {$ldaphost}");
-        // Needed for AD
-        ldap_set_option($connection, LDAP_OPT_REFERRALS, 0);
-        ldap_set_option($connection, LDAP_OPT_PROTOCOL_VERSION, $ldapversion);
-
-        try {
-            if ($connection) {
-              // binding to ldap server
-                $ldapbind = ldap_bind($connection, $ldaprdn, $ldappass);
-                if (($results = @ldap_search($connection, $baseDn, $filterQuery)) != false) {
-                    $entry = ldap_first_entry($connection, $results);
-                    if (($userDn = @ldap_get_dn($connection, $entry)) != false) {
-                        if (($isBound = ldap_bind($connection, $userDn, $password)) == "true") {
-                            return $returnUser ?
-                            array_change_key_case(ldap_get_attributes($connection, $entry), CASE_LOWER)
-                            : true;
-                        }
-                    }
-                }
-            }
-        } catch (Exception $e) {
-            LOG::error($e->getMessage());
-        }
-           ldap_close($connection);
-            return false;
-    }
-
-    /**
-     * Create user from LDAP attributes
-     *
-     * @param $ldapatttibutes
-     * @return array|bool
-     */
-    function createUserFromLdap($ldapatttibutes)
-    {
-        //Get LDAP attribute config
-        $ldap_result_username = Setting::getSettings()->ldap_username_field;
-        $ldap_result_emp_num = Setting::getSettings()->ldap_emp_num;
-        $ldap_result_last_name = Setting::getSettings()->ldap_lname_field;
-        $ldap_result_first_name = Setting::getSettings()->ldap_fname_field;
-        $ldap_result_email = Setting::getSettings()->ldap_email;
-
-        //Get LDAP user data
-        $item = array();
-        $item["username"] = isset($ldapatttibutes[$ldap_result_username][0]) ? $ldapatttibutes[$ldap_result_username][0] : "";
-        $item["employee_number"] = isset($ldapatttibutes[$ldap_result_emp_num][0]) ? $ldapatttibutes[$ldap_result_emp_num][0] : "";
-        $item["lastname"] = isset($ldapatttibutes[$ldap_result_last_name][0]) ? $ldapatttibutes[$ldap_result_last_name][0] : "";
-        $item["firstname"] = isset($ldapatttibutes[$ldap_result_first_name][0]) ? $ldapatttibutes[$ldap_result_first_name][0] : "";
-        $item["email"] = isset($ldapatttibutes[$ldap_result_email][0]) ? $ldapatttibutes[$ldap_result_email][0] : "" ;
-
-        //create user
-        if (!empty($item["username"])) {
-            //$pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 10);
-
-            $newuser = array(
-              'first_name' => $item["firstname"],
-              'last_name' => $item["lastname"],
-              'username' => $item["username"],
-              'email' => $item["email"],
-              'employee_num' => $item["employee_number"],
-              'password' => bcrypt(Input::get("password")), //$pass,
-              'activated' => 1,
-              'permissions' => ["user" => 1], //'{"user":1}',
-              'notes' => 'Imported from LDAP'
-            );
-            User::save($newuser);
-
+        LOG::debug("Binding user to LDAP.");
+        $ldap_user = Ldap::findAndBindUserLdap($request->input('username'), $request->input('password'));
+        if(!$ldap_user) {
+            LOG::debug("LDAP user ".$request->input('username')." not found in LDAP or could not bind");
+            throw new \Exception("Could not find user in LDAP directory");
         } else {
-            throw new Cartalyst\Sentry\Users\UserNotFoundException();
+            LOG::debug("LDAP user ".$request->input('username')." successfully bound to LDAP");
         }
 
-        //$item["note"] = "<strong>created</strong>";
-        $credentials = array(
-            'username' => $item["username"],
-            'password' => Input::get("password")//$pass,
-        );
-        return $credentials;
+        // Check if the user already exists in the database and was imported via LDAP
+        $user = User::where('username', '=', Input::get('username'))->whereNull('deleted_at')->where('ldap_import','=',1)->first();
+        LOG::debug("Local auth lookup complete");
+
+        // The user does not exist in the database. Try to get them from LDAP.
+        // If user does not exist and authenticates successfully with LDAP we
+        // will create it on the fly and sign in with default permissions
+        if (!$user) {
+            LOG::debug("Local user ".Input::get('username')." does not exist");
+            LOG::debug("Creating local user ".Input::get('username'));
+
+            if ($user = Ldap::createUserFromLdap($ldap_user)) { //this handles passwords on its own
+                LOG::debug("Local user created.");
+            } else {
+                LOG::debug("Could not create local user.");
+                throw new \Exception("Could not create local user");
+            }
+            // If the user exists and they were imported from LDAP already
+        } else {
+            LOG::debug("Local user ".$request->input('username')." exists in database. Updating existing user against LDAP.");
+
+            $ldap_attr = Ldap::parseAndMapLdapAttributes($ldap_user);
+
+            if (Setting::getSettings()->ldap_pw_sync=='1') {
+                $user->password = bcrypt($request->input('password'));
+            }
+
+            $user->email = $ldap_attr['email'];
+            $user->first_name = $ldap_attr['firstname'];
+            $user->last_name = $ldap_attr['lastname'];
+            $user->save();
+        } // End if(!user)
+        return $user;
     }
 
 
@@ -174,7 +115,7 @@ class AuthController extends Controller
      *
      * @return Redirect
      */
-    public function login()
+    public function login(Request $request)
     {
         $validator = $this->validator(Input::all());
 
@@ -182,54 +123,52 @@ class AuthController extends Controller
             return redirect()->back()->withInput()->withErrors($validator);
         }
 
-        // Should we even check for LDAP users?
-        if (Setting::getSettings()->ldap_enabled=='1') {
+        // If the class is using the ThrottlesLogins trait, we can automatically throttle
+        // the login attempts for this application. We'll key this by the username and
+        // the IP address of the client making these requests into this application.
+        $throttles = $this->isUsingThrottlesLoginsTrait();
+        $this->maxLoginAttempts = config('auth.throttle.max_attempts');
+        $this->lockoutTime = config('auth.throttle.lockout_duration');
 
-            LOG::debug("LDAP is enabled.");
-          // Check if the user exists in the database
-            $user = User::where('username', '=', Input::get('username'))->whereNull('deleted_at')->first();
-            LOG::debug("Auth lookup complete");
+        if ($throttles && $lockedOut = $this->hasTooManyLoginAttempts($request)) {
+            $this->fireLockoutEvent($request);
 
-
-          // The user does not exist in the database. Try to get them from LDAP.
-          // If user does not exist and authenticates sucessfully with LDAP we
-          // will create it on the fly and sign in with default permissions
-            if (!$user) {
-                LOG::debug("Local user ".Input::get('username')." does not exist");
-                if ($userattr = $this->ldap(Input::get('username'), Input::get('password'), true)) {
-                    LOG::debug("Creating local user from authenticated LDAP user.");
-                    $credentials = $this->createUserFromLdap($userattr);
-                } else {
-                    LOG::debug("User did not authenticate correctly against LDAP. No local user was created.");
-                }
-
-            // If the user exists and they were imported from LDAP already
-            } else {
-
-                LOG::debug("Local user ".Input::get('username')." exists in database. Authenticating existing user against LDAP.");
-
-                if ($this->ldap(Input::get('username'), Input::get('password'))) {
-                    LOG::debug("Valid LDAP login. Updating the local data.");
-                    $user = User::find($user->id); //need the Sentry object, not the Eloquent object, to access critical password hashing functions
-                    $user->password = bcrypt(Input::get('password'));
-                    $user->ldap_import = 1;
-                    $user->save();
-
-                } else {
-                    LOG::debug("User did not authenticate correctly against LDAP. Local user was not updated.");
-                }// End LDAP auth
-
-            } // End if(!user)
-
-        // NO LDAP enabled - just try to login the user normally
+            return $this->sendLockoutResponse($request);
         }
 
-        LOG::debug("Authenticating user against database.");
-        // Try to log the user in
-        if (!Auth::attempt(Input::only('username', 'password'), Input::get('remember-me', 0))) {
-            LOG::debug("Local authentication failed.");
-          // throw new Cartalyst\Sentry\Users\UserNotFoundException();
-            return redirect()->back()->withInput()->with('error', trans('auth/message.account_not_found'));
+        $user = null;
+
+        // Should we even check for LDAP users?
+        if (Setting::getSettings()->ldap_enabled=='1') {
+            LOG::debug("LDAP is enabled.");
+            try {
+              $user = $this->login_via_ldap($request);
+              Auth::login($user, true);
+
+            // If the user was unable to login via LDAP, log the error and let them fall through to
+            // local authentication.
+            } catch (\Exception $e) {
+                LOG::error("There was an error authenticating the LDAP user: ".$e->getMessage());
+            }
+        }
+
+        // If the user wasn't authenticated via LDAP, skip to local auth
+        if(!$user) {
+          LOG::debug("Authenticating user against database.");
+          // Try to log the user in
+          if (!Auth::attempt(Input::only('username', 'password'), Input::get('remember-me', 0))) {
+
+              if ($throttles && ! $lockedOut) {
+                  $this->incrementLoginAttempts($request);
+              }
+
+              LOG::debug("Local authentication failed.");
+              return redirect()->back()->withInput()->with('error', trans('auth/message.account_not_found'));
+          } else {
+              if ($throttles) {
+                  $this->clearLoginAttempts($request);
+              }
+          }
         }
 
         // Get the page we were before
@@ -240,23 +179,89 @@ class AuthController extends Controller
 
         // Redirect to the users page
         return redirect()->to($redirect)->with('success', trans('auth/message.signin.success'));
-
-        // Ooops.. something went wrong
-        return redirect()->back()->withInput()->withErrors($this->messageBag);
     }
 
+
+    /**
+     * Two factor enrollment page
+     *
+     * @return Redirect
+     */
+    public function getTwoFactorEnroll()
+    {
+
+        if (!Auth::check()) {
+            return redirect()->route('login')->with('error', 'You must be logged in.');
+        }
+
+        $user = Auth::user();
+        $google2fa = app()->make('PragmaRX\Google2FA\Contracts\Google2FA');
+
+        if ($user->two_factor_secret=='') {
+            $user->two_factor_secret = $google2fa->generateSecretKey(32);
+            $user->save();
+        }
+
+
+        $google2fa_url = $google2fa->getQRCodeGoogleUrl(
+            urlencode(Setting::getSettings()->site_name),
+            urlencode($user->username),
+            $user->two_factor_secret
+        );
+
+        return View::make('auth.two_factor_enroll')->with('google2fa_url',$google2fa_url);
+
+    }
+
+
+    /**
+     * Two factor code form page
+     *
+     * @return Redirect
+     */
+    public function getTwoFactorAuth() {
+        return View::make('auth.two_factor');
+    }
+
+    /**
+     * Two factor code submission
+     *
+     * @return Redirect
+     */
+    public function postTwoFactorAuth(Request $request) {
+
+        if (!Auth::check()) {
+            return redirect()->route('login')->with('error', 'You must be logged in.');
+        }
+
+        $user = Auth::user();
+        $secret = $request->get('two_factor_secret');
+        $google2fa = app()->make('PragmaRX\Google2FA\Contracts\Google2FA');
+        $valid = $google2fa->verifyKey($user->two_factor_secret, $secret);
+
+        if ($valid) {
+            $user->two_factor_enrolled = 1;
+            $user->save();
+            $request->session()->put('2fa_authed', 'true');
+            return redirect()->route('home')->with('success', 'You are logged in!');
+        }
+
+        return redirect()->route('two-factor')->with('error', 'Invalid two-factor code');
+
+
+    }
+
+
     /**
      * Logout page.
      *
      * @return Redirect
      */
-    public function logout()
+    public function logout(Request $request)
     {
-        // Log the user out
+        $request->session()->forget('2fa_authed');
         Auth::logout();
-
-        // Redirect to the users page
-        return redirect()->route('home')->with('success', 'You have successfully logged out!');
+        return redirect()->route('login')->with('success', 'You have successfully logged out!');
     }
 
 
@@ -273,4 +278,19 @@ class AuthController extends Controller
             'password' => 'required',
         ]);
     }
+
+    /**
+     * Get the login lockout error message.
+     *
+     * @param  int  $seconds
+     * @return string
+     */
+    protected function getLockoutErrorMessage($seconds)
+    {
+        return \Lang::has('auth/message.throttle')
+            ? \Lang::get('auth/message.throttle', ['seconds' => $seconds])
+            : 'Too many login attempts. Please try again in '.$seconds.' seconds.';
+    }
+
+
 }

app/Http/Controllers/Auth/PasswordController.php

@@ -37,4 +37,24 @@ class PasswordController extends Controller
     {
         $this->middleware('guest');
     }
+
+    /**
+     * Get the e-mail subject line to be used for the reset link email.
+     * Overriding method "getEmailSubject()" from trait "use ResetsPasswords"
+     * @return string
+     */
+    public function getEmailSubject(){
+        return property_exists($this, 'subject') ? $this->subject : \Lang::get('mail.reset_link');
+    }
+
+    /**
+     * Get the response for after the reset link has been successfully sent.
+     *
+     * @param  string  $response
+     * @return \Symfony\Component\HttpFoundation\Response
+     */
+    protected function getSendResetLinkEmailSuccessResponse($response)
+    {
+        return redirect()->route('login')->with('status', trans($response));
+    }
 }

app/Http/Controllers/CategoriesController.php

@@ -7,6 +7,8 @@ use App\Models\Company;
 use App\Models\Setting;
 use Auth;
 use DB;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Gate;
 use Input;
 use Lang;
 use Redirect;
@@ -51,7 +53,7 @@ class CategoriesController extends Controller
     {
         // Show the page
          $category_types= Helper::categoryTypeList();
-        return View::make('categories/edit')->with('category', new Category)
+        return View::make('categories/edit')->with('item', new Category)
         ->with('category_types', $category_types);
     }
 
@@ -107,7 +109,7 @@ class CategoriesController extends Controller
     public function getEdit($categoryId = null)
     {
         // Check if the category exists
-        if (is_null($category = Category::find($categoryId))) {
+        if (is_null($item = Category::find($categoryId))) {
             // Redirect to the blogs management page
             return redirect()->to('admin/settings/categories')->with('error', trans('admin/categories/message.does_not_exist'));
         }
@@ -118,7 +120,7 @@ class CategoriesController extends Controller
         $category_options = array('' => 'Top Level') + DB::table('categories')->where('id', '!=', $categoryId)->lists('name', 'id');
         $category_types= Helper::categoryTypeList();
 
-        return View::make('categories/edit', compact('category'))
+        return View::make('categories/edit', compact('item'))
         ->with('category_options', $category_options)
         ->with('category_types', $category_types);
     }
@@ -133,7 +135,7 @@ class CategoriesController extends Controller
     * @since [v1.0]
     * @return Redirect
     */
-    public function postEdit($categoryId = null)
+    public function postEdit(Request $request, $categoryId = null)
     {
         // Check if the blog post exists
         if (is_null($category = Category::find($categoryId))) {
@@ -142,12 +144,14 @@ class CategoriesController extends Controller
         }
 
         // Update the category data
-        $category->name            = e(Input::get('name'));
-        $category->category_type        = e(Input::get('category_type'));
-        $category->eula_text            = e(Input::get('eula_text'));
-        $category->use_default_eula     = e(Input::get('use_default_eula', '0'));
-        $category->require_acceptance   = e(Input::get('require_acceptance', '0'));
-        $category->checkin_email        = e(Input::get('checkin_email', '0'));
+        $category->name            = e($request->input('name'));
+        // If the item count is > 0, we disable the category type in the edit. Disabled items
+        // don't POST, so if the category_type is blank we just set it to the default.
+        $category->category_type        = e($request->input('category_type', $category->category_type));
+        $category->eula_text            = e($request->input('eula_text'));
+        $category->use_default_eula     = e($request->input('use_default_eula', '0'));
+        $category->require_acceptance   = e($request->input('require_acceptance', '0'));
+        $category->checkin_email        = e($request->input('checkin_email', '0'));
 
         if ($category->save()) {
         // Redirect to the new category page
@@ -244,7 +248,7 @@ class CategoriesController extends Controller
     public function getDatatable()
     {
         // Grab all the categories
-        $categories = Category::with('assets', 'accessories', 'consumables','components');
+        $categories = Category::with('assets', 'accessories', 'consumables', 'components');
 
         if (Input::has('search')) {
             $categories = $categories->TextSearch(e(Input::get('search')));
@@ -289,7 +293,6 @@ class CategoriesController extends Controller
                 'category_type' => ucwords($category->category_type),
                 'count'         => $category->itemCount(),
                 'acceptance'    => ($category->require_acceptance=='1') ? '<i class="fa fa-check"></i>' : '',
-                //EULA is still not working correctly
                 'eula'          => ($category->getEula()) ? '<i class="fa fa-check"></i>' : '',
                 'actions'       => $actions
             );
@@ -300,11 +303,12 @@ class CategoriesController extends Controller
         return $data;
     }
 
-    public function getDataViewAssets($categoryID) {
-
-        $category = Category::with('assets.company')->find($categoryID);
-        $category_assets = $category->assets;
+    public function getDataViewAssets($categoryID)
+    {
 
+        $category = Category::find($categoryID);
+        $category = $category->load('assets.company', 'assets.model', 'assets.assetstatus', 'assets.assigneduser');
+        $category_assets = $category->assets();
         if (Input::has('search')) {
             $category_assets = $category_assets->TextSearch(e(Input::get('search')));
         }
@@ -328,38 +332,37 @@ class CategoriesController extends Controller
         $count = $category_assets->count();
         $category_assets = $category_assets->skip($offset)->take($limit)->get();
         $rows = array();
-
         foreach ($category_assets as $asset) {
 
             $actions = '';
             $inout='';
 
             if ($asset->deleted_at=='') {
-                $actions = '<div style=" white-space: nowrap;"><a href="'.route('clone/hardware', $asset->id).'" class="btn btn-info btn-sm" title="Clone asset"><i class="fa fa-files-o"></i></a> <a href="'.route('update/hardware', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> <a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/hardware', $asset->id).'" data-content="'.Lang::get('admin/hardware/message.delete.confirm').'" data-title="'.Lang::get('general.delete').' '.htmlspecialchars($asset->asset_tag).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
+                $actions = '<div style=" white-space: nowrap;"><a href="'.route('clone/hardware', $asset->id).'" class="btn btn-info btn-sm" title="Clone asset"><i class="fa fa-files-o"></i></a> <a href="'.route('update/hardware', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> <a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/hardware', $asset->id).'" data-content="'.trans('admin/hardware/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($asset->asset_tag).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
             } elseif ($asset->deleted_at!='') {
                 $actions = '<a href="'.route('restore/hardware', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-recycle icon-white"></i></a>';
             }
 
-            if ($asset->assetstatus) {
-                if ($asset->assetstatus->deployable != 0) {
-                    if (($asset->assigned_to !='') && ($asset->assigned_to > 0)) {
-                        $inout = '<a href="'.route('checkin/hardware', $asset->id).'" class="btn btn-primary btn-sm">'.Lang::get('general.checkin').'</a>';
-                    } else {
-                        $inout = '<a href="'.route('checkout/hardware', $asset->id).'" class="btn btn-info btn-sm">'.Lang::get('general.checkout').'</a>';
-                    }
+            if ($asset->availableForCheckout()) {
+                if (Gate::allows('assets.checkout')) {
+                    $inout = '<a href="'.route('checkout/hardware', $asset->id).'" class="btn btn-info btn-sm">'.trans('general.checkout').'</a>';
+                }
+            } else {
+                if (Gate::allows('assets.checkin')) {
+                    $inout = '<a href="'.route('checkin/hardware', $asset->id).'" class="btn btn-primary btn-sm">'.trans('general.checkin').'</a>';
                 }
             }
 
             $rows[] = array(
                 'id' => $asset->id,
                 'name' => (string)link_to('/hardware/'.$asset->id.'/view', $asset->showAssetName()),
-                'model' => $asset->model->name,
+                'model' => ($asset->model) ? (string)link_to('hardware/models/'.$asset->model->id.'/view', $asset->model->name) : '',
                 'asset_tag' => $asset->asset_tag,
                 'serial' => $asset->serial,
-                'assigned_to' => ($asset->assigneduser) ? link_to('/admin/users/'.$asset->assigneduser->id.'/view', $asset->assigneduser->fullName()): '',
+                'assigned_to' => ($asset->assigneduser) ? (string)link_to('/admin/users/'.$asset->assigneduser->id.'/view', $asset->assigneduser->fullName()): '',
                 'change' => $inout,
                 'actions' => $actions,
-                'companyName' => Company::getName($asset),
+                'companyName'   => is_null($asset->company) ? '' : e($asset->company->name)
             );
         }
 
@@ -369,7 +372,8 @@ class CategoriesController extends Controller
 
 
 
-    public function getDataViewAccessories($categoryID) {
+    public function getDataViewAccessories($categoryID)
+    {
 
         $category = Category::with('accessories.company')->find($categoryID);
         $category_assets = $category->accessories;
@@ -404,7 +408,7 @@ class CategoriesController extends Controller
             $inout='';
 
             if ($asset->deleted_at=='') {
-                $actions = '<div style=" white-space: nowrap;"><a href="'.route('update/accessory', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> <a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/accessory', $asset->id).'" data-content="'.Lang::get('admin/hardware/message.delete.confirm').'" data-title="'.Lang::get('general.delete').' '.htmlspecialchars($asset->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
+                $actions = '<div style=" white-space: nowrap;"><a href="'.route('update/accessory', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> <a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/accessory', $asset->id).'" data-content="'.trans('admin/hardware/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($asset->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
             }
 
 
@@ -422,7 +426,8 @@ class CategoriesController extends Controller
     }
 
 
-    public function getDataViewConsumables($categoryID) {
+    public function getDataViewConsumables($categoryID)
+    {
 
         $category = Category::with('accessories.company')->find($categoryID);
         $category_assets = $category->consumables;
@@ -457,7 +462,7 @@ class CategoriesController extends Controller
             $inout='';
 
             if ($asset->deleted_at=='') {
-                $actions = '<div style=" white-space: nowrap;"><a href="'.route('update/consumable', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> <a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/consumable', $asset->id).'" data-content="'.Lang::get('admin/hardware/message.delete.confirm').'" data-title="'.Lang::get('general.delete').' '.htmlspecialchars($asset->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
+                $actions = '<div style=" white-space: nowrap;"><a href="'.route('update/consumable', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> <a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/consumable', $asset->id).'" data-content="'.trans('admin/hardware/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($asset->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
             }
 
 
@@ -474,7 +479,8 @@ class CategoriesController extends Controller
         return $data;
     }
 
-    public function getDataViewComponent($categoryID) {
+    public function getDataViewComponent($categoryID)
+    {
 
         $category = Category::with('accessories.company')->find($categoryID);
         $category_assets = $category->components;
@@ -509,7 +515,7 @@ class CategoriesController extends Controller
             $inout='';
 
             if ($asset->deleted_at=='') {
-                $actions = '<div style=" white-space: nowrap;"><a href="'.route('update/component', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> <a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/component', $asset->id).'" data-content="'.Lang::get('admin/hardware/message.delete.confirm').'" data-title="'.Lang::get('general.delete').' '.htmlspecialchars($asset->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
+                $actions = '<div style=" white-space: nowrap;"><a href="'.route('update/component', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> <a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/component', $asset->id).'" data-content="'.trans('admin/hardware/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($asset->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
             }
 
 
@@ -525,7 +531,4 @@ class CategoriesController extends Controller
         $data = array('total' => $count, 'rows' => $rows);
         return $data;
     }
-
-
-
 }

app/Http/Controllers/CompaniesController.php

@@ -38,7 +38,7 @@ final class CompaniesController extends Controller
     */
     public function getCreate()
     {
-        return View::make('companies/edit')->with('company', new Company);
+        return View::make('companies/edit')->with('item', new Company);
     }
 
     /**
@@ -74,11 +74,11 @@ final class CompaniesController extends Controller
     */
     public function getEdit($companyId)
     {
-        if (is_null($company = Company::find($companyId))) {
+        if (is_null($item = Company::find($companyId))) {
             return redirect()->to('admin/settings/companies')
                 ->with('error', trans('admin/companies/message.does_not_exist'));
         } else {
-            return View::make('companies/edit')->with('company', $company);
+            return View::make('companies/edit')->with('item', $item);
         }
     }
 

app/Http/Controllers/ComponentsController.php

@@ -8,7 +8,6 @@ use App\Models\Component;
 use App\Models\Setting;
 use App\Models\User;
 use App\Models\Asset;
-use App\Http\Requests\ComponentCheckoutRequest;
 use Auth;
 use Config;
 use DB;
@@ -19,6 +18,9 @@ use Redirect;
 use Slack;
 use Str;
 use View;
+use Validator;
+use Illuminate\Http\Request;
+use Gate;
 
 /**
  * This class controls all actions related to Components for
@@ -54,12 +56,12 @@ class ComponentsController extends Controller
     public function getCreate()
     {
         // Show the page
-        $category_list = array('' => '') + DB::table('categories')->where('category_type', '=', 'component')->whereNull('deleted_at')->orderBy('name', 'ASC')->lists('name', 'id');
+        $category_list = Helper::categoryList('component');
         $company_list = Helper::companyList();
         $location_list = Helper::locationsList();
 
         return View::make('components/edit')
-            ->with('component', new Component)
+            ->with('item', new Component)
             ->with('category_list', $category_list)
             ->with('company_list', $company_list)
             ->with('location_list', $location_list);
@@ -87,6 +89,7 @@ class ComponentsController extends Controller
         $component->company_id             = Company::getIdForCurrentUser(Input::get('company_id'));
         $component->order_number           = e(Input::get('order_number'));
         $component->min_amt                = e(Input::get('min_amt'));
+        $component->serial                 = e(Input::get('serial'));
 
         if (e(Input::get('purchase_date')) == '') {
             $component->purchase_date       =  null;
@@ -97,14 +100,15 @@ class ComponentsController extends Controller
         if (e(Input::get('purchase_cost')) == '0.00') {
             $component->purchase_cost       =  null;
         } else {
-            $component->purchase_cost       = e(Input::get('purchase_cost'));
+            $component->purchase_cost       = Helper::ParseFloat(e(Input::get('purchase_cost')));
         }
 
-        $component->total_qty                    = e(Input::get('total_qty'));
+        $component->qty                    = e(Input::get('qty'));
         $component->user_id                = Auth::user()->id;
 
         // Was the component created?
         if ($component->save()) {
+            $component->logCreate();
             // Redirect to the new component  page
             return redirect()->to("admin/components")->with('success', trans('admin/components/message.create.success'));
         }
@@ -126,18 +130,18 @@ class ComponentsController extends Controller
     public function getEdit($componentId = null)
     {
         // Check if the component exists
-        if (is_null($component = Component::find($componentId))) {
+        if (is_null($item = Component::find($componentId))) {
             // Redirect to the blogs management page
             return redirect()->to('admin/components')->with('error', trans('admin/components/message.does_not_exist'));
-        } elseif (!Company::isCurrentUserHasAccess($component)) {
+        } elseif (!Company::isCurrentUserHasAccess($item)) {
             return redirect()->to('admin/components')->with('error', trans('general.insufficient_permissions'));
         }
 
-            $category_list =  Helper::categoryList();
+        $category_list =  Helper::categoryList('component');
         $company_list = Helper::companyList();
         $location_list = Helper::locationsList();
 
-        return View::make('components/edit', compact('component'))
+        return View::make('components/edit', compact('item'))
             ->with('category_list', $category_list)
             ->with('company_list', $company_list)
             ->with('location_list', $location_list);
@@ -170,7 +174,8 @@ class ComponentsController extends Controller
         $component->location_id            = e(Input::get('location_id'));
         $component->company_id             = Company::getIdForCurrentUser(Input::get('company_id'));
         $component->order_number           = e(Input::get('order_number'));
-        $component->min_amt             = e(Input::get('min_amt'));
+        $component->min_amt                = e(Input::get('min_amt'));
+        $component->serial                 = e(Input::get('serial'));
 
         if (e(Input::get('purchase_date')) == '') {
             $component->purchase_date       =  null;
@@ -181,10 +186,10 @@ class ComponentsController extends Controller
         if (e(Input::get('purchase_cost')) == '0.00') {
             $component->purchase_cost       =  null;
         } else {
-            $component->purchase_cost       = e(Input::get('purchase_cost'));
+            $component->purchase_cost       = Helper::ParseFloat(e(Input::get('purchase_cost')));
         }
 
-        $component->total_qty                    = e(Input::get('total_qty'));
+        $component->qty                    = e(Input::get('qty'));
 
         // Was the component created?
         if ($component->save()) {
@@ -287,7 +292,7 @@ class ComponentsController extends Controller
         }
 
         // Get the dropdown of assets and then pass it to the checkout view
-        $assets_list = Helper::assetsList();
+        $assets_list = Helper::detailedAssetList();
 
         return View::make('components/checkout', compact('component'))->with('assets_list', $assets_list);
 
@@ -302,9 +307,12 @@ class ComponentsController extends Controller
     * @param int $componentId
     * @return Redirect
     */
-    public function postCheckout(ComponentCheckoutRequest $request, $componentId)
+    public function postCheckout(Request $request, $componentId)
     {
-      // Check if the component exists
+
+
+
+        // Check if the component exists
         if (is_null($component = Component::find($componentId))) {
             // Redirect to the component management page with error
             return redirect()->to('components')->with('error', trans('admin/components/message.not_found'));
@@ -312,6 +320,19 @@ class ComponentsController extends Controller
             return redirect()->to('admin/components')->with('error', trans('general.insufficient_permissions'));
         }
 
+
+        $max_to_checkout = $component->numRemaining();
+        $validator = Validator::make($request->all(),[
+            "asset_id"          => "required",
+            "assigned_qty"      => "required|numeric|between:1,$max_to_checkout"
+        ]);
+
+        if ($validator->fails()) {
+            return redirect()->back()
+                ->withErrors($validator)
+                ->withInput();
+        }
+
         $admin_user = Auth::user();
         $asset_id = e(Input::get('asset_id'));
 
@@ -320,24 +341,18 @@ class ComponentsController extends Controller
             // Redirect to the component management page with error
             return redirect()->to('admin/components')->with('error', trans('admin/components/message.asset_does_not_exist'));
         }
-
+        
       // Update the component data
         $component->asset_id =   $asset_id;
 
         $component->assets()->attach($component->id, array(
         'component_id' => $component->id,
         'user_id' => $admin_user->id,
-        'created_at' => date('Y-m-d h:i:s'),
+        'created_at' => date('Y-m-d H:i:s'),
         'assigned_qty' => e(Input::get('assigned_qty')),
         'asset_id' => $asset_id));
 
-        $logaction = new Actionlog();
-        $logaction->component_id = $component->id;
-        $logaction->asset_id = $asset_id;
-        $logaction->asset_type = 'component';
-        $logaction->location_id = $asset->location_id;
-        $logaction->user_id = Auth::user()->id;
-        $logaction->note = e(Input::get('note'));
+        $logaction = $component->logCheckout(e(Input::get('note')), $asset_id);
 
         $settings = Setting::getSettings();
 
@@ -357,7 +372,7 @@ class ComponentsController extends Controller
                         'fields' => [
                             [
                                 'title' => 'Checked Out:',
-                                'value' => strtoupper($logaction->asset_type).' <'.config('app.url').'/admin/components/'.$component->id.'/view'.'|'.$component->name.'> checked out to <'.config('app.url').'/hardware/'.$asset->id.'/view|'.$asset->name.'> by <'.config('app.url').'/admin/users/'.$admin_user->id.'/view'.'|'.$admin_user->fullName().'>.'
+                                'value' => class_basename(strtoupper($logaction->item_type)).' <'.config('app.url').'/admin/components/'.$component->id.'/view'.'|'.$component->name.'> checked out to <'.config('app.url').'/hardware/'.$asset->id.'/view|'.$asset->showAssetName().'> by <'.config('app.url').'/admin/users/'.$admin_user->id.'/view'.'|'.$admin_user->fullName().'>.'
                             ],
                             [
                                 'title' => 'Note:',
@@ -371,9 +386,6 @@ class ComponentsController extends Controller
             }
         }
 
-
-        $log = $logaction->logaction('checkout');
-
       // Redirect to the new component page
         return redirect()->to("admin/components")->with('success', trans('admin/components/message.checkout.success'));
 
@@ -393,8 +405,8 @@ class ComponentsController extends Controller
     **/
     public function getDatatable()
     {
-        $components = Component::select('components.*')->whereNull('components.deleted_at')
-            ->with('company', 'location', 'category');
+        $components = Company::scopeCompanyables(Component::select('components.*')->whereNull('components.deleted_at')
+            ->with('company', 'location', 'category'));
 
         if (Input::has('search')) {
             $components = $components->TextSearch(Input::get('search'));
@@ -412,7 +424,7 @@ class ComponentsController extends Controller
             $limit = 50;
         }
 
-        $allowed_columns = ['id','name','min_amt','order_number','purchase_date','purchase_cost','companyName','category','total_qty'];
+        $allowed_columns = ['id','name','min_amt','order_number','serial','purchase_date','purchase_cost','companyName','category','total_qty'];
         $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
         $sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
 
@@ -437,20 +449,37 @@ class ComponentsController extends Controller
         $rows = array();
 
         foreach ($components as $component) {
-            $actions = '<nobr><a href="'.route('checkout/component', $component->id).'" style="margin-right:5px;" class="btn btn-info btn-sm" '.(($component->numRemaining() > 0 ) ? '' : ' disabled').'>'.trans('general.checkout').'</a><a href="'.route('update/component', $component->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/component', $component->id).'" data-content="'.trans('admin/components/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($component->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></nobr>';
+            $actions = '<nobr>';
+            if (Gate::allows('components.checkout')) {
+                $actions .= '<a href="' . route('checkout/component',
+                        $component->id) . '" style="margin-right:5px;" class="btn btn-info btn-sm ' . (($component->numRemaining() > 0) ? '' : ' disabled') . '" ' . (($component->numRemaining() > 0) ? '' : ' disabled') . '>' . trans('general.checkout') . '</a>';
+            }
+
+            if (Gate::allows('components.edit')) {
+                $actions .= '<a href="' . route('update/component',
+                        $component->id) . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
+            }
+
+            if (Gate::allows('components.delete')) {
+                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/component',
+                        $component->id) . '" data-content="' . trans('admin/components/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($component->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
+            }
+
+            $actions .='</nobr>';
             $company = $component->company;
 
             $rows[] = array(
                 'checkbox'      =>'<div class="text-center"><input type="checkbox" name="component['.$component->id.']" class="one_required"></div>',
                 'id'            => $component->id,
                 'name'          => (string)link_to('admin/components/'.$component->id.'/view', e($component->name)),
+                'serial_number'          => $component->serial,
                 'location'   => ($component->location) ? e($component->location->name) : '',
-                'total_qty'           => e($component->total_qty),
+                'qty'           => e($component->qty),
                 'min_amt'           => e($component->min_amt),
                 'category'           => ($component->category) ? e($component->category->name) : 'Missing category',
                 'order_number'  => e($component->order_number),
                 'purchase_date'  => e($component->purchase_date),
-                'purchase_cost'  => ($component->purchase_cost!='') ? number_format($component->purchase_cost, 2): '' ,
+                'purchase_cost'  => Helper::formatCurrencyOutput($component->purchase_cost),
                 'numRemaining'  => $component->numRemaining(),
                 'actions'       => $actions,
                 'companyName'   => is_null($company) ? '' : e($company->name),
@@ -486,7 +515,7 @@ class ComponentsController extends Controller
 
         foreach ($component->assets as $component_assignment) {
             $rows[] = array(
-            'name' => (string)link_to('/hardware/'.$component_assignment->id.'/view', e($component_assignment->name)),
+            'name' => (string)link_to('/hardware/'.$component_assignment->id.'/view', e($component_assignment->showAssetName())),
             'qty' => e($component_assignment->pivot->assigned_qty),
             'created_at' => ($component_assignment->created_at->format('Y-m-d H:i:s')=='-0001-11-30 00:00:00') ? '' : $component_assignment->created_at->format('Y-m-d H:i:s'),
             );

app/Http/Controllers/ConsumablesController.php

@@ -18,6 +18,7 @@ use Redirect;
 use Slack;
 use Str;
 use View;
+use Gate;
 
 /**
  * This controller handles all actions related to Consumables for
@@ -52,13 +53,13 @@ class ConsumablesController extends Controller
     public function getCreate()
     {
         // Show the page
-        $category_list = array('' => '') + DB::table('categories')->where('category_type', '=', 'consumable')->whereNull('deleted_at')->orderBy('name', 'ASC')->lists('name', 'id');
+        $category_list = Helper::categoryList('consumable');
         $company_list = Helper::companyList();
         $location_list = Helper::locationsList();
         $manufacturer_list = Helper::manufacturerList();
 
         return View::make('consumables/edit')
-            ->with('consumable', new Consumable)
+            ->with('item', new Consumable)
             ->with('category_list', $category_list)
             ->with('company_list', $company_list)
             ->with('location_list', $location_list)
@@ -84,7 +85,7 @@ class ConsumablesController extends Controller
         $consumable->order_number           = e(Input::get('order_number'));
         $consumable->min_amt                = e(Input::get('min_amt'));
         $consumable->manufacturer_id         = e(Input::get('manufacturer_id'));
-        $consumable->model_no               = e(Input::get('model_no'));
+        $consumable->model_number               = e(Input::get('model_number'));
         $consumable->item_no         = e(Input::get('item_no'));
 
         if (e(Input::get('purchase_date')) == '') {
@@ -96,7 +97,7 @@ class ConsumablesController extends Controller
         if (e(Input::get('purchase_cost')) == '0.00') {
             $consumable->purchase_cost       =  null;
         } else {
-            $consumable->purchase_cost       = e(Input::get('purchase_cost'));
+            $consumable->purchase_cost       = Helper::ParseFloat(e(Input::get('purchase_cost')));
         }
 
         $consumable->qty                    = e(Input::get('qty'));
@@ -104,6 +105,7 @@ class ConsumablesController extends Controller
 
         // Was the consumable created?
         if ($consumable->save()) {
+            $consumable->logCreate();
             // Redirect to the new consumable  page
             return redirect()->to("admin/consumables")->with('success', trans('admin/consumables/message.create.success'));
         }
@@ -125,19 +127,19 @@ class ConsumablesController extends Controller
     public function getEdit($consumableId = null)
     {
         // Check if the consumable exists
-        if (is_null($consumable = Consumable::find($consumableId))) {
+        if (is_null($item = Consumable::find($consumableId))) {
             // Redirect to the blogs management page
             return redirect()->to('admin/consumables')->with('error', trans('admin/consumables/message.does_not_exist'));
-        } elseif (!Company::isCurrentUserHasAccess($consumable)) {
+        } elseif (!Company::isCurrentUserHasAccess($item)) {
             return redirect()->to('admin/consumables')->with('error', trans('general.insufficient_permissions'));
         }
 
-            $category_list =  Helper::categoryList();
+        $category_list =  Helper::categoryList('consumable');
         $company_list = Helper::companyList();
         $location_list = Helper::locationsList();
         $manufacturer_list = Helper::manufacturerList();
 
-        return View::make('consumables/edit', compact('consumable'))
+        return View::make('consumables/edit', compact('item'))
             ->with('category_list', $category_list)
             ->with('company_list', $company_list)
             ->with('location_list', $location_list)
@@ -169,7 +171,7 @@ class ConsumablesController extends Controller
         $consumable->order_number           = e(Input::get('order_number'));
         $consumable->min_amt                   = e(Input::get('min_amt'));
         $consumable->manufacturer_id         = e(Input::get('manufacturer_id'));
-        $consumable->model_no               = e(Input::get('model_no'));
+        $consumable->model_number               = e(Input::get('model_number'));
         $consumable->item_no         = e(Input::get('item_no'));
 
         if (e(Input::get('purchase_date')) == '') {
@@ -181,10 +183,10 @@ class ConsumablesController extends Controller
         if (e(Input::get('purchase_cost')) == '0.00') {
             $consumable->purchase_cost       =  null;
         } else {
-            $consumable->purchase_cost       = e(Input::get('purchase_cost'));
+            $consumable->purchase_cost       = Helper::ParseFloat(e(Input::get('purchase_cost')));
         }
 
-        $consumable->qty                    = e(Input::get('qty'));
+        $consumable->qty                    = Helper::ParseFloat(e(Input::get('qty')));
 
         if ($consumable->save()) {
             return redirect()->to("admin/consumables")->with('success', trans('admin/consumables/message.update.success'));
@@ -315,13 +317,7 @@ class ConsumablesController extends Controller
         'user_id' => $admin_user->id,
         'assigned_to' => e(Input::get('assigned_to'))));
 
-        $logaction = new Actionlog();
-        $logaction->consumable_id = $consumable->id;
-        $logaction->checkedout_to = $consumable->assigned_to;
-        $logaction->asset_type = 'consumable';
-        $logaction->location_id = $user->location_id;
-        $logaction->user_id = Auth::user()->id;
-        $logaction->note = e(Input::get('note'));
+        $logaction = $consumable->logCheckout(e(Input::get('note')));
 
         $settings = Setting::getSettings();
 
@@ -341,7 +337,7 @@ class ConsumablesController extends Controller
                         'fields' => [
                             [
                                 'title' => 'Checked Out:',
-                                'value' => strtoupper($logaction->asset_type).' <'.config('app.url').'/admin/consumables/'.$consumable->id.'/view'.'|'.$consumable->name.'> checked out to <'.config('app.url').'/admin/users/'.$user->id.'/view|'.$user->fullName().'> by <'.config('app.url').'/admin/users/'.$admin_user->id.'/view'.'|'.$admin_user->fullName().'>.'
+                                'value' => 'Consumable <'.config('app.url').'/admin/consumables/'.$consumable->id.'/view'.'|'.$consumable->name.'> checked out to <'.config('app.url').'/admin/users/'.$user->id.'/view|'.$user->fullName().'> by <'.config('app.url').'/admin/users/'.$admin_user->id.'/view'.'|'.$admin_user->fullName().'>.'
                             ],
                             [
                                 'title' => 'Note:',
@@ -355,9 +351,6 @@ class ConsumablesController extends Controller
             }
         }
 
-
-        $log = $logaction->logaction('checkout');
-
         $consumable_user = DB::table('consumables_users')->where('assigned_to', '=', $consumable->assigned_to)->where('consumable_id', '=', $consumable->id)->first();
 
         $data['log_id'] = $logaction->id;
@@ -365,8 +358,6 @@ class ConsumablesController extends Controller
         $data['first_name'] = $user->first_name;
         $data['item_name'] = $consumable->name;
         $data['checkout_date'] = $logaction->created_at;
-        $data['item_tag'] = '';
-        $data['expected_checkin'] = '';
         $data['note'] = $logaction->note;
         $data['require_acceptance'] = $consumable->requireAcceptance();
 
@@ -375,7 +366,8 @@ class ConsumablesController extends Controller
 
             Mail::send('emails.accept-asset', $data, function ($m) use ($user) {
                 $m->to($user->email, $user->first_name . ' ' . $user->last_name);
-                $m->subject('Confirm consumable delivery');
+                $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                $m->subject(trans('mail.Confirm_consumable_delivery'));
             });
         }
 
@@ -398,8 +390,11 @@ class ConsumablesController extends Controller
     */
     public function getDatatable()
     {
-        $consumables = Consumable::select('consumables.*')->whereNull('consumables.deleted_at')
-            ->with('company', 'location', 'category', 'users');
+        $consumables = Company::scopeCompanyables(
+            Consumable::select('consumables.*')
+            ->whereNull('consumables.deleted_at')
+            ->with('company', 'location', 'category', 'users', 'manufacturer')
+        );
 
         if (Input::has('search')) {
             $consumables = $consumables->TextSearch(e(Input::get('search')));
@@ -417,7 +412,7 @@ class ConsumablesController extends Controller
             $limit = 50;
         }
 
-        $allowed_columns = ['id','name','order_number','min_amt','purchase_date','purchase_cost','companyName','category','model_no', 'item_no', 'manufacturer'];
+        $allowed_columns = ['id','name','order_number','min_amt','purchase_date','purchase_cost','companyName','category','model_number', 'item_no', 'manufacturer'];
         $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
         $sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
 
@@ -445,7 +440,23 @@ class ConsumablesController extends Controller
         $rows = array();
 
         foreach ($consumables as $consumable) {
-            $actions = '<nobr><a href="'.route('checkout/consumable', $consumable->id).'" style="margin-right:5px;" class="btn btn-info btn-sm" '.(($consumable->numRemaining() > 0 ) ? '' : ' disabled').'>'.trans('general.checkout').'</a><a href="'.route('update/consumable', $consumable->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/consumable', $consumable->id).'" data-content="'.trans('admin/consumables/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($consumable->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></nobr>';
+            $actions = '<nobr>';
+            if (Gate::allows('consumables.checkout')) {
+                $actions .= '<a href="' . route('checkout/consumable',
+                        $consumable->id) . '" style="margin-right:5px;" class="btn btn-info btn-sm" ' . (($consumable->numRemaining() > 0) ? '' : ' disabled') . '>' . trans('general.checkout') . '</a>';
+            }
+
+            if (Gate::allows('consumables.edit')) {
+                $actions .= '<a href="' . route('update/consumable',
+                        $consumable->id) . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
+            }
+            if (Gate::allows('consumables.delete')) {
+                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/consumable',
+                        $consumable->id) . '" data-content="' . trans('admin/consumables/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($consumable->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
+            }
+
+            $actions .='</nobr>';
+
             $company = $consumable->company;
 
             $rows[] = array(
@@ -454,13 +465,13 @@ class ConsumablesController extends Controller
                 'location'   => ($consumable->location) ? e($consumable->location->name) : '',
                 'min_amt'           => e($consumable->min_amt),
                 'qty'           => e($consumable->qty),
-                'manufacturer'           => ($consumable->manufacturer) ? e($consumable->manufacturer->name) : '',
-                'model_no'           => e($consumable->model_no),
-                'item_no'           => e($consumable->item_no),
-                'category'           => ($consumable->category) ? e($consumable->category->name) : 'Missing category',
+                'manufacturer'  => ($consumable->manufacturer) ? (string) link_to('/admin/settings/manufacturers/'.$consumable->manufacturer_id.'/view', $consumable->manufacturer->name): '',
+                'model_number'      => e($consumable->model_number),
+                'item_no'       => e($consumable->item_no),
+                'category'      => ($consumable->category) ? (string) link_to('/admin/settings/categories/'.$consumable->category_id.'/view', $consumable->category->name) : 'Missing category',
                 'order_number'  => e($consumable->order_number),
                 'purchase_date'  => e($consumable->purchase_date),
-                'purchase_cost'  => ($consumable->purchase_cost!='') ? number_format($consumable->purchase_cost, 2): '' ,
+                'purchase_cost'  => Helper::formatCurrencyOutput($consumable->purchase_cost),
                 'numRemaining'  => $consumable->numRemaining(),
                 'actions'       => $actions,
                 'companyName'   => is_null($company) ? '' : e($company->name),

app/Http/Controllers/CustomFieldsController.php

@@ -10,6 +10,8 @@ use Redirect;
 use App\Models\AssetModel;
 use Lang;
 use Auth;
+use Illuminate\Http\Request;
+use Log;
 
 /**
  * This controller handles all actions related to Custom Asset Fields for
@@ -63,10 +65,15 @@ class CustomFieldsController extends Controller
     * @since [v1.8]
     * @return Redirect
     */
-    public function store()
+    public function store(Request $request)
     {
         //
-        $cfset=new CustomFieldset(["name" => Input::get("name"),"user_id" => Auth::user()->id]);
+        $cfset = new CustomFieldset(
+            [
+                "name" => e($request->get("name")),
+                "user_id" => Auth::user()->id]
+            );
+
         $validator=Validator::make(Input::all(), $cfset->rules);
         if ($validator->passes()) {
             $cfset->save();
@@ -122,24 +129,33 @@ class CustomFieldsController extends Controller
     * @since [v1.8]
     * @return Redirect
     */
-    public function storeField()
+    public function storeField(Request $request)
     {
-        $field=new CustomField(["name" => Input::get("name"),"element" => Input::get("element"),"user_id" => Auth::user()->id]);
+        $field = new CustomField([
+            "name" => e($request->get("name")),
+            "element" => e($request->get("element")),
+            "field_values" => e($request->get("field_values")),
+            "field_encrypted" => e($request->get("field_encrypted", 0)),
+            "user_id" => Auth::user()->id
+        ]);
+
 
 
         if (!in_array(Input::get('format'), array_keys(CustomField::$PredefinedFormats))) {
-            $field->format=Input::get("custom_format");
+            $field->format = e($request->get("custom_format"));
         } else {
-            $field->format=Input::get('format');
+            $field->format = e($request->get("format"));
         }
 
+
+
         $validator=Validator::make(Input::all(), $field->rules);
         if ($validator->passes()) {
-            $results=$field->save();
-            //return "postCreateField: $results";
+            $results = $field->save();
             if ($results) {
                 return redirect()->route("admin.custom_fields.index")->with("success", trans('admin/custom_fields/message.field.create.success'));
             } else {
+                dd($field);
                 return redirect()->back()->withInput()->with('error', trans('admin/custom_fields/message.field.create.error'));
             }
         } else {
@@ -147,6 +163,25 @@ class CustomFieldsController extends Controller
         }
     }
 
+
+    /**
+     * Detach a custom field from a fieldset.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return Redirect
+     */
+    public function deleteFieldFromFieldset($field_id, $fieldset_id)
+    {
+        $field = CustomField::find($field_id);
+
+        if ($field->fieldset()->detach($fieldset_id)) {
+            return redirect()->route("admin.custom_fields.index")->with("success", trans('admin/custom_fields/message.field.delete.success'));
+        }
+
+        return redirect()->back()->withErrors(['message' => "Field is in-use"]);
+    }
+
     /**
     * Delete a custom field.
     *
@@ -156,7 +191,7 @@ class CustomFieldsController extends Controller
     */
     public function deleteField($field_id)
     {
-        $field=CustomField::find($field_id);
+        $field = CustomField::find($field_id);
 
         if ($field->fieldset->count()>0) {
             return redirect()->back()->withErrors(['message' => "Field is in-use"]);
@@ -176,21 +211,15 @@ class CustomFieldsController extends Controller
     */
     public function show($id)
     {
-        //$id=$parameters[0];
-        $cfset=CustomFieldset::find($id);
+        $cfset = CustomFieldset::with('fields')->where('id','=',$id)->orderBy('id','ASC')->first();
+        $custom_fields_list = ["" => "Add New Field to Fieldset"] + CustomField::lists("name", "id")->toArray();
 
-        //print_r($parameters);
-        //
-        $custom_fields_list=["" => "Add New Field to Fieldset"] + CustomField::lists("name", "id")->toArray();
-        // print_r($custom_fields_list);
-        $maxid=0;
-        foreach ($cfset->fields as $field) {
-            // print "Looking for: ".$field->id;
+        $maxid = 0;
+        foreach ($cfset->fields() as $field) {
             if ($field->pivot->order > $maxid) {
                 $maxid=$field->pivot->order;
             }
             if (isset($custom_fields_list[$field->id])) {
-                // print "Found ".$field->id.", so removing it.<br>";
                 unset($custom_fields_list[$field->id]);
             }
         }
@@ -240,14 +269,14 @@ class CustomFieldsController extends Controller
     public function destroy($id)
     {
         //
-        $fieldset=CustomFieldset::find($id);
+        $fieldset = CustomFieldset::find($id);
 
         $models = AssetModel::where("fieldset_id", "=", $id);
-        if ($models->count()==0) {
+        if ($models->count() == 0) {
             $fieldset->delete();
             return redirect()->route("admin.custom_fields.index")->with("success", trans('admin/custom_fields/message.fieldset.delete.success'));
         } else {
-            return redirect()->route("admin.custom_fields.index")->with("error", trans('admin/custom_fields/message.fieldset.delete.in_use')); //->with("models",$models);
+            return redirect()->route("admin.custom_fields.index")->with("error", trans('admin/custom_fields/message.fieldset.delete.in_use'));
         }
     }
 
@@ -260,17 +289,23 @@ class CustomFieldsController extends Controller
      * @since [v3.0]
      * @return Array
      */
-    public function postReorder($id) {
-        $fieldset=CustomFieldset::find($id);
+    public function postReorder(Request $request, $id)
+    {
+        $fieldset = CustomFieldset::find($id);
         $fields = array();
+        $order_array = array();
 
-        $items = Input::get('item');
-        foreach ($fieldset->fields as $field) {
-            $value = array_shift($items);
-            $fields[$field->id] = ['required' => $field->pivot->required, 'order' => $value];
+        $items = $request->input('item');
+
+        foreach ($items as $order => $field_id) {
+            $order_array[$field_id] = $order;
         }
-        return $fieldset->fields()->sync($fields);
 
+        foreach ($fieldset->fields as $field) {
+            $fields[$field->id] = ['required' => $field->pivot->required, 'order' => $order_array[$field->id]];
+        }
+
+        return $fieldset->fields()->sync($fields);
 
     }
 }

app/Http/Controllers/DashboardController.php

@@ -30,12 +30,6 @@ class DashboardController extends Controller
         // Show the page
         if (Auth::user()->hasAccess('admin')) {
 
-            $recent_activity = Actionlog::orderBy('created_at', 'DESC')
-                ->with('accessorylog', 'consumablelog', 'licenselog', 'assetlog', 'adminlog', 'userlog', 'componentlog')
-                ->take(30)
-                ->get();
-
-
             $asset_stats['total'] = Asset::Hardware()->count();
 
             $asset_stats['rtd']['total'] = Asset::Hardware()->RTD()->count();
@@ -82,10 +76,10 @@ class DashboardController extends Controller
             }
 
 
-            return View::make('dashboard')->with('asset_stats', $asset_stats)->with('recent_activity', $recent_activity);
+            return View::make('dashboard')->with('asset_stats', $asset_stats);
         } else {
         // Redirect to the profile page
-            return redirect()->route('view-assets');
+            return redirect()->intended('account/view-assets');
         }
     }
 }

app/Http/Controllers/DepreciationsController.php

@@ -11,7 +11,6 @@ use Str;
 use View;
 use Auth;
 
-
 /**
  * This controller handles all actions related to Depreciations for
  * the Snipe-IT Asset Management application.
@@ -47,7 +46,7 @@ class DepreciationsController extends Controller
     public function getCreate()
     {
         // Show the page
-        return View::make('depreciations/edit')->with('depreciation', new Depreciation);
+        return View::make('depreciations/edit')->with('item', new Depreciation);
     }
 
 
@@ -95,12 +94,12 @@ class DepreciationsController extends Controller
     public function getEdit($depreciationId = null)
     {
         // Check if the depreciation exists
-        if (is_null($depreciation = Depreciation::find($depreciationId))) {
+        if (is_null($item = Depreciation::find($depreciationId))) {
             // Redirect to the blogs management page
             return redirect()->to('admin/settings/depreciations')->with('error', trans('admin/depreciations/message.does_not_exist'));
         }
 
-        return View::make('depreciations/edit', compact('depreciation'));
+        return View::make('depreciations/edit', compact('item'));
     }
 
 

app/Http/Controllers/GroupsController.php

@@ -47,11 +47,11 @@ class GroupsController extends Controller
         $group = new Group;
         // Get all the available permissions
         $permissions = config('permissions');
-
-        $selectedPermissions = Input::old('permissions', array());
+        $groupPermissions = array();
+        $selectedPermissions = Input::old('permissions', $groupPermissions);
 
         // Show the page
-        return View::make('groups/edit', compact('permissions', 'selectedPermissions'))->with('group', $group);
+        return View::make('groups/edit', compact('permissions', 'selectedPermissions', 'groupPermissions'))->with('group', $group);
     }
 
     /**
@@ -70,7 +70,7 @@ class GroupsController extends Controller
         $group->permissions = json_encode(Input::get('permission'));
 
         if ($group->save()) {
-            return redirect()->to("admin/groups")->with('success', trans('admin/groups/message.create.success'));
+            return redirect()->to("admin/groups")->with('success', trans('admin/groups/message.success.create'));
         }
 
         return redirect()->back()->withInput()->withErrors($group->getErrors());
@@ -91,9 +91,9 @@ class GroupsController extends Controller
     {
         $group = Group::find($id);
         $permissions = config('permissions');
-        $group->permissions = $group->decodePermissions();
-        $selected_array = Helper::selectedPermissionsArray($permissions, $group->permissions);
-        return View::make('groups/edit', compact('group', 'permissions','selected_array'));
+        $groupPermissions = $group->decodePermissions();
+        $selected_array = Helper::selectedPermissionsArray($permissions, $groupPermissions);
+        return View::make('groups/edit', compact('group', 'permissions', 'selected_array', 'groupPermissions'));
     }
 
     /**
@@ -119,7 +119,7 @@ class GroupsController extends Controller
         if (!config('app.lock_passwords')) {
 
             if ($group->save()) {
-                return redirect()->to("admin/groups")->with('success', trans('admin/groups/message.create.success'));
+                return redirect()->to("admin/groups")->with('success', trans('admin/groups/message.success.update'));
             }
             return redirect()->back()->withInput()->withErrors($group->getErrors());
 

app/Http/Controllers/LicensesController.php

@@ -23,6 +23,7 @@ use Config;
 use Session;
 use App\Helpers\Helper;
 use Auth;
+use Gate;
 
 /**
  * This controller handles all actions related to Licenses for
@@ -60,18 +61,17 @@ class LicensesController extends Controller
     public function getCreate()
     {
 
-        $depreciation_list = Helper::depreciationList();
-        $supplier_list = Helper::suppliersList();
         $maintained_list = array('' => 'Maintained', '1' => 'Yes', '0' => 'No');
-        $company_list = Helper::companyList();
 
         return View::make('licenses/edit')
             //->with('license_options',$license_options)
-            ->with('depreciation_list', $depreciation_list)
-            ->with('supplier_list', $supplier_list)
+            ->with('depreciation_list', Helper::depreciationList())
+            ->with('supplier_list', Helper::suppliersList())
             ->with('maintained_list', $maintained_list)
-            ->with('company_list', $company_list)
-            ->with('license', new License);
+            ->with('company_list', Helper::companyList())
+            ->with('manufacturer_list', Helper::manufacturerList())
+            ->with('item', new License);
+
     }
 
 
@@ -87,17 +87,13 @@ class LicensesController extends Controller
     public function postCreate()
     {
 
-
-        // get the POST data
-        $new = Input::all();
-
         // create a new model instance
         $license = new License();
 
         if (e(Input::get('purchase_cost')) == '') {
             $license->purchase_cost =  null;
         } else {
-            $license->purchase_cost = e(Input::get('purchase_cost'));
+            $license->purchase_cost = Helper::ParseFloat(e(Input::get('purchase_cost')));
         }
 
         if (e(Input::get('supplier_id')) == '') {
@@ -124,6 +120,12 @@ class LicensesController extends Controller
             $license->purchase_order = e(Input::get('purchase_order'));
         }
 
+        if (empty(e(Input::get('manufacturer_id')))) {
+            $license->manufacturer_id = null;
+        } else {
+            $license->manufacturer_id = e(Input::get('manufacturer_id'));
+        }
+
         // Save the license data
         $license->name              = e(Input::get('name'));
         $license->serial            = e(Input::get('serial'));
@@ -137,6 +139,7 @@ class LicensesController extends Controller
         $license->depreciation_id   = e(Input::get('depreciation_id'));
         $license->company_id        = Company::getIdForCurrentUser(Input::get('company_id'));
         $license->expiration_date   = e(Input::get('expiration_date'));
+        $license->termination_date  = e(Input::get('termination_date'));
         $license->user_id           = Auth::user()->id;
 
         if (($license->purchase_date == "") || ($license->purchase_date == "0000-00-00")) {
@@ -153,17 +156,19 @@ class LicensesController extends Controller
 
             // Was the license created?
         if ($license->save()) {
-
+            $license->logCreate();
             $insertedId = $license->id;
           // Save the license seat data
-            for ($x=0; $x<$license->seats; $x++) {
-                $license_seat = new LicenseSeat();
-                $license_seat->license_id       = $insertedId;
-                $license_seat->user_id          = Auth::user()->id;
-                $license_seat->assigned_to      = null;
-                $license_seat->notes            = null;
-                $license_seat->save();
-            }
+            DB::transaction(function () use (&$insertedId, &$license) {
+                for ($x=0; $x<$license->seats; $x++) {
+                    $license_seat = new LicenseSeat();
+                    $license_seat->license_id       = $insertedId;
+                    $license_seat->user_id          = Auth::user()->id;
+                    $license_seat->assigned_to      = null;
+                    $license_seat->notes            = null;
+                    $license_seat->save();
+                }
+            });
 
 
           // Redirect to the new license page
@@ -186,34 +191,32 @@ class LicensesController extends Controller
     public function getEdit($licenseId = null)
     {
         // Check if the license exists
-        if (is_null($license = License::find($licenseId))) {
+        if (is_null($item = License::find($licenseId))) {
             // Redirect to the blogs management page
             return redirect()->to('admin/licenses')->with('error', trans('admin/licenses/message.does_not_exist'));
-        } elseif (!Company::isCurrentUserHasAccess($license)) {
+        } elseif (!Company::isCurrentUserHasAccess($item)) {
             return redirect()->to('admin/licenses')->with('error', trans('general.insufficient_permissions'));
         }
 
-        if ($license->purchase_date == "0000-00-00") {
-            $license->purchase_date = null;
+        if ($item->purchase_date == "0000-00-00") {
+            $item->purchase_date = null;
         }
 
-        if ($license->purchase_cost == "0.00") {
-            $license->purchase_cost = null;
+        if ($item->purchase_cost == "0.00") {
+            $item->purchase_cost = null;
         }
 
         // Show the page
         $license_options = array('' => 'Top Level') + DB::table('assets')->where('id', '!=', $licenseId)->pluck('name', 'id');
-        $depreciation_list = array('0' => trans('admin/licenses/form.no_depreciation')) + Depreciation::pluck('name', 'id')->toArray();
-        $supplier_list = array('' => 'Select Supplier') + Supplier::orderBy('name', 'asc')->pluck('name', 'id')->toArray();
         $maintained_list = array('' => 'Maintained', '1' => 'Yes', '0' => 'No');
-        $company_list = Helper::companyList();
 
-        return View::make('licenses/edit', compact('license'))
+        return View::make('licenses/edit', compact('item'))
             ->with('license_options', $license_options)
-            ->with('depreciation_list', $depreciation_list)
-            ->with('supplier_list', $supplier_list)
-            ->with('company_list', $company_list)
-            ->with('maintained_list', $maintained_list);
+            ->with('depreciation_list', Helper::depreciationList())
+            ->with('supplier_list', Helper::suppliersList())
+            ->with('company_list', Helper::companyList())
+            ->with('maintained_list', $maintained_list)
+            ->with('manufacturer_list', Helper::manufacturerList());
     }
 
 
@@ -250,6 +253,13 @@ class LicensesController extends Controller
         $license->maintained        = e(Input::get('maintained'));
         $license->reassignable      = e(Input::get('reassignable'));
 
+        if (empty(e(Input::get('manufacturer_id')))) {
+            $license->manufacturer_id = null;
+        } else {
+            $license->manufacturer_id = e(Input::get('manufacturer_id'));
+        }
+
+
         if (e(Input::get('supplier_id')) == '') {
             $license->supplier_id = null;
         } else {
@@ -276,10 +286,9 @@ class LicensesController extends Controller
         }
 
         if (e(Input::get('purchase_cost')) == '') {
-              $license->purchase_cost =  null;
+            $license->purchase_cost =  null;
         } else {
-              $license->purchase_cost = e(Input::get('purchase_cost'));
-              //$license->purchase_cost = e(Input::get('purchase_cost'));
+            $license->purchase_cost = Helper::ParseFloat(e(Input::get('purchase_cost')));
         }
 
         if (e(Input::get('maintained')) == '') {
@@ -321,11 +330,11 @@ class LicensesController extends Controller
 
                   //Log the deletion of seats to the log
                     $logaction = new Actionlog();
-                    $logaction->asset_id = $license->id;
-                    $logaction->asset_type = 'software';
+                    $logaction->item_type = License::class;
+                    $logaction->item_id = $license->id;
                     $logaction->user_id = Auth::user()->id;
-                    $logaction->note = abs($difference)." seats";
-                    $logaction->checkedout_to =  null;
+                    $logaction->note = '-'.abs($difference)." seats";
+                    $logaction->target_id =  null;
                     $log = $logaction->logaction('delete seats');
 
                 } else {
@@ -346,10 +355,11 @@ class LicensesController extends Controller
 
                 //Log the addition of license to the log.
                 $logaction = new Actionlog();
-                $logaction->asset_id = $license->id;
-                $logaction->asset_type = 'software';
+                $logaction->item_type = License::class;
+                $logaction->item_id = $license->id;
                 $logaction->user_id = Auth::user()->id;
-                $logaction->note = abs($difference)." seats";
+                $logaction->note = '+'.abs($difference)." seats";
+                $logaction->target_id =  null;
                 $log = $logaction->logaction('add seats');
             }
             $license->seats             = e(Input::get('seats'));
@@ -386,7 +396,7 @@ class LicensesController extends Controller
             return redirect()->to('admin/licenses')->with('error', trans('general.insufficient_permissions'));
         }
 
-        if (($license->assignedcount()) && ($license->assignedcount() > 0)) {
+        if ($license->assigned_seats_count > 0) {
 
             // Redirect to the license management page
             return redirect()->to('admin/licenses')->with('error', trans('admin/licenses/message.assoc_users'));
@@ -435,40 +445,12 @@ class LicensesController extends Controller
         }
 
         // Get the dropdown of users and then pass it to the checkout view
-         $users_list = array('' => 'Select a User') + DB::table('users')->select(DB::raw('concat(last_name,", ",first_name," (",username,")") as full_name, id'))->whereNull('deleted_at')->orderBy('last_name', 'asc')->orderBy('first_name', 'asc')->lists('full_name', 'id');
+        $users_list = Helper::usersList();
 
-
-        // Left join to get a list of assets and some other helpful info
-        $asset = DB::table('assets')
-            ->leftJoin('users', 'users.id', '=', 'assets.assigned_to')
-            ->leftJoin('models', 'assets.model_id', '=', 'models.id')
-            ->select(
-                'assets.id',
-                'assets.name',
-                'first_name',
-                'last_name',
-                'asset_tag',
-                DB::raw('concat(first_name," ",last_name) as full_name, assets.id as id, models.name as modelname')
-            )
-            ->whereNull('assets.deleted_at')
-            ->get();
-
-            $asset_array = json_decode(json_encode($asset), true);
-            $asset_element[''] = 'Please select an asset';
-
-            // Build a list out of the data results
-        for ($x=0; $x<count($asset_array); $x++) {
-
-            if ($asset_array[$x]['full_name']!='') {
-                $full_name = ' ('.$asset_array[$x]['full_name'].') '.$asset_array[$x]['modelname'];
-            } else {
-                $full_name = ' (Unassigned) '.$asset_array[$x]['modelname'];
-            }
-            $asset_element[$asset_array[$x]['id']] = $asset_array[$x]['asset_tag'].' - '.$asset_array[$x]['name'].$full_name;
-
-        }
-
-        return View::make('licenses/checkout', compact('licenseseat'))->with('users_list', $users_list)->with('asset_list', $asset_element);
+        $assets = Helper::detailedAssetList();
+        return View::make('licenses/checkout', compact('licenseseat'))
+        ->with('users_list', $users_list)
+        ->with('asset_list', $assets);
 
     }
 
@@ -521,13 +503,13 @@ class LicensesController extends Controller
 
         if ($asset_id!='') {
 
-            if (is_null($is_asset_id = Asset::find($asset_id))) {
+            if (is_null($asset = Asset::find($asset_id))) {
                 // Redirect to the asset management page with error
                 return redirect()->to('admin/licenses')->with('error', trans('admin/licenses/message.asset_does_not_exist'));
             }
 
-            if (($is_asset_id->assigned_to!=$assigned_to) && ($assigned_to!='')) {
-                //echo 'asset assigned to: '.$is_asset_id->assigned_to.'<br>license assigned to: '.$assigned_to;
+
+            if (($asset->assigned_to!='') && (($asset->assigned_to!=$assigned_to)) && ($assigned_to!='')) {
                 return redirect()->to('admin/licenses')->with('error', trans('admin/licenses/message.owner_doesnt_match_asset'));
             }
 
@@ -558,14 +540,10 @@ class LicensesController extends Controller
         // Was the asset updated?
         if ($licenseseat->save()) {
 
-            $logaction = new Actionlog();
-
-            //$logaction->location_id = $assigned_to->location_id;
-            $logaction->asset_type = 'software';
-            $logaction->user_id = Auth::user()->id;
-            $logaction->note = e(Input::get('note'));
-            $logaction->asset_id = $licenseseat->license_id;
+            $licenseseat->logCheckout(e(Input::get('note')));
 
+            $data['license_id'] =$licenseseat->license_id;
+            $data['note'] = e(Input::get('note'));
 
             $license = License::find($licenseseat->license_id);
             $settings = Setting::getSettings();
@@ -573,11 +551,9 @@ class LicensesController extends Controller
 
             // Update the asset data
             if (e(Input::get('assigned_to')) == '') {
-                $logaction->checkedout_to = null;
-                $slack_msg = strtoupper($logaction->asset_type).' license <'.config('app.url').'/admin/licenses/'.$license->id.'/view'.'|'.$license->name.'> checked out to <'.config('app.url').'/hardware/'.$is_asset_id->id.'/view|'.$is_asset_id->showAssetName().'> by <'.config('app.url').'/admin/users/'.$user->id.'/view'.'|'.$user->fullName().'>.';
+                $slack_msg = 'License <'.config('app.url').'/admin/licenses/'.$license->id.'/view'.'|'.$license->name.'> checked out to <'.config('app.url').'/hardware/'.$asset->id.'/view|'.$asset->showAssetName().'> by <'.config('app.url').'/admin/users/'.$user->id.'/view'.'|'.$user->fullName().'>.';
             } else {
-                $logaction->checkedout_to = e(Input::get('assigned_to'));
-                $slack_msg = strtoupper($logaction->asset_type).' license <'.config('app.url').'/admin/licenses/'.$license->id.'/view'.'|'.$license->name.'> checked out to <'.config('app.url').'/admin/users/'.$is_assigned_to->id.'/view|'.$is_assigned_to->fullName().'> by <'.config('app.url').'/admin/users/'.$user->id.'/view'.'|'.$user->fullName().'>.';
+                $slack_msg = 'License <'.config('app.url').'/admin/licenses/'.$license->id.'/view'.'|'.$license->name.'> checked out to <'.config('app.url').'/admin/users/'.$user->id.'/view|'.$is_assigned_to->fullName().'> by <'.config('app.url').'/admin/users/'.$user->id.'/view'.'|'.$user->fullName().'>.';
             }
 
 
@@ -603,7 +579,7 @@ class LicensesController extends Controller
                                 ],
                                 [
                                     'title' => 'Note:',
-                                    'value' => e($logaction->note)
+                                    'value' => e(Input::get('note'))
                                 ],
 
 
@@ -617,9 +593,6 @@ class LicensesController extends Controller
 
             }
 
-            $log = $logaction->logaction('checkout');
-
-
             // Redirect to the new asset page
             return redirect()->to("admin/licenses")->with('success', trans('admin/licenses/message.checkout.success'));
         }
@@ -697,10 +670,10 @@ class LicensesController extends Controller
             // Ooops.. something went wrong
             return redirect()->back()->withInput()->withErrors($validator);
         }
-        $return_to = $licenseseat->assigned_to;
-        $logaction = new Actionlog();
-        $logaction->checkedout_to = $licenseseat->assigned_to;
-
+        $return_to = User::find($licenseseat->assigned_to);
+        if (!$return_to) {
+            $return_to = Asset::find($licenseseat->asset_id);
+        }
         // Update the asset data
         $licenseseat->assigned_to                   = null;
         $licenseseat->asset_id                      = null;
@@ -709,11 +682,7 @@ class LicensesController extends Controller
 
         // Was the asset updated?
         if ($licenseseat->save()) {
-            $logaction->asset_id = $licenseseat->license_id;
-            $logaction->location_id = null;
-            $logaction->asset_type = 'software';
-            $logaction->note = e(Input::get('note'));
-            $logaction->user_id = $user->id;
+            $licenseseat->logCheckin($return_to, e(Input::get('note')));
 
             $settings = Setting::getSettings();
 
@@ -734,11 +703,11 @@ class LicensesController extends Controller
                             'fields' => [
                                 [
                                     'title' => 'Checked In:',
-                                    'value' => strtoupper($logaction->asset_type).' <'.config('app.url').'/admin/licenses/'.$license->id.'/view'.'|'.$license->name.'> checked in by <'.config('app.url').'/admin/users/'.$user->id.'/view'.'|'.$user->fullName().'>.'
+                                    'value' => 'License: <'.config('app.url').'/admin/licenses/'.$license->id.'/view'.'|'.$license->name.'> checked in by <'.config('app.url').'/admin/users/'.$user->id.'/view'.'|'.$user->fullName().'>.'
                                 ],
                                 [
                                     'title' => 'Note:',
-                                    'value' => e($logaction->note)
+                                    'value' => e(Input::get('note'))
                                 ],
 
                             ]
@@ -751,12 +720,9 @@ class LicensesController extends Controller
             }
 
 
-            $log = $logaction->logaction('checkin from');
-
-
 
             if ($backto=='user') {
-                return redirect()->to("admin/users/".$return_to.'/view')->with('success', trans('admin/licenses/message.checkin.success'));
+                return redirect()->to("admin/users/".$return_to->id.'/view')->with('success', trans('admin/licenses/message.checkin.success'));
             } else {
                 return redirect()->to("admin/licenses/".$licenseseat->license_id."/view")->with('success', trans('admin/licenses/message.checkin.success'));
             }
@@ -779,6 +745,7 @@ class LicensesController extends Controller
     {
 
         $license = License::find($licenseId);
+        $license = $license->load('assignedusers', 'licenseSeats.user', 'licenseSeats.asset');
 
         if (isset($license->id)) {
 
@@ -822,9 +789,10 @@ class LicensesController extends Controller
         ->with('license_options', $license_options)
         ->with('depreciation_list', $depreciation_list)
         ->with('supplier_list', $supplier_list)
-        ->with('license', $license)
+        ->with('item', $license)
         ->with('maintained_list', $maintained_list)
-        ->with('company_list', $company_list);
+        ->with('company_list', $company_list)
+        ->with('manufacturer_list', Helper::manufacturerList());
 
     }
 
@@ -857,7 +825,7 @@ class LicensesController extends Controller
                 foreach (Input::file('licensefile') as $file) {
 
                     $rules = array(
-                    'licensefile' => 'required|mimes:png,gif,jpg,jpeg,doc,docx,pdf,txt,zip,rar|max:2000'
+                    'licensefile' => 'required|mimes:png,gif,jpg,jpeg,doc,docx,pdf,txt,zip,rar,rtf,xml,lic|max:2000'
                     );
                     $validator = Validator::make(array('licensefile'=> $file), $rules);
 
@@ -868,16 +836,8 @@ class LicensesController extends Controller
                         $filename .= '-'.str_slug($file->getClientOriginalName()).'.'.$extension;
                         $upload_success = $file->move($destinationPath, $filename);
 
-                        //Log the deletion of seats to the log
-                        $logaction = new Actionlog();
-                        $logaction->asset_id = $license->id;
-                        $logaction->asset_type = 'software';
-                        $logaction->user_id = Auth::user()->id;
-                        $logaction->note = e(Input::get('notes'));
-                        $logaction->checkedout_to =  null;
-                        $logaction->created_at =  date("Y-m-d h:i:s");
-                        $logaction->filename =  $filename;
-                        $log = $logaction->logaction('uploaded');
+                        //Log the upload to the log
+                        $license->logUpload($filename, e(Input::get('notes')));
                     } else {
                          return redirect()->back()->with('error', trans('admin/licenses/message.upload.invalidfiles'));
                     }
@@ -991,17 +951,28 @@ class LicensesController extends Controller
     */
     public function getDatatable()
     {
-        $licenses = License::with('company');
+        $licenses = Company::scopeCompanyables(License::with('company', 'licenseSeatsRelation', 'manufacturer'));
 
         if (Input::has('search')) {
             $licenses = $licenses->TextSearch(Input::get('search'));
         }
 
-        $allowed_columns = ['id','name','purchase_cost','expiration_date','purchase_order','order_number','notes','purchase_date','serial'];
+        $allowed_columns = ['id','name','purchase_cost','expiration_date','purchase_order','order_number','notes','purchase_date','serial','manufacturer','company'];
         $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
         $sort = in_array(Input::get('sort'), $allowed_columns) ? e(Input::get('sort')) : 'created_at';
 
-        $licenses = $licenses->orderBy($sort, $order);
+        switch ($sort) {
+            case 'manufacturer':
+                $licenses = $licenses->OrderManufacturer($order);
+                break;
+            case 'company':
+                $licenses = $licenses->OrderCompany($order);
+                break;
+            default:
+                $licenses = $licenses->orderBy($sort, $order);
+                break;
+        }
+
 
         $licenseCount = $licenses->count();
         $licenses = $licenses->skip(Input::get('offset'))->take(Input::get('limit'))->get();
@@ -1009,24 +980,45 @@ class LicensesController extends Controller
         $rows = array();
 
         foreach ($licenses as $license) {
-            $actions = '<span style="white-space: nowrap;"><a href="'.route('freecheckout/license', $license->id).'" class="btn btn-primary btn-sm" style="margin-right:5px;" '.(($license->remaincount() > 0) ? '' : 'disabled').'>'.trans('general.checkout').'</a> <a href="'.route('clone/license', $license->id).'" class="btn btn-info btn-sm" style="margin-right:5px;" title="Clone asset"><i class="fa fa-files-o"></i></a><a href="'.route('update/license', $license->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/license', $license->id).'" data-content="'.trans('admin/licenses/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($license->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></span>';
+            $actions = '<span style="white-space: nowrap;">';
+
+            if (Gate::allows('licenses.checkout')) {
+                $actions .= '<a href="' . route('freecheckout/license', $license->id)
+                . '" class="btn btn-primary btn-sm' . (($license->remaincount() > 0) ? '' : ' disabled') . '" style="margin-right:5px;">' . trans('general.checkout') . '</a> ';
+            }
+
+            if (Gate::allows('licenses.create')) {
+                $actions .= '<a href="' . route('clone/license', $license->id)
+                . '" class="btn btn-info btn-sm" style="margin-right:5px;" title="Clone license"><i class="fa fa-files-o"></i></a>';
+            }
+            if (Gate::allows('licenses.edit')) {
+                $actions .= '<a href="' . route('update/license', $license->id)
+                . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
+            }
+            if (Gate::allows('licenses.delete')) {
+                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'
+                 . route('delete/license', $license->id)
+                 . '" data-content="' . trans('admin/licenses/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($license->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
+            }
+            $actions .='</span>';
 
             $rows[] = array(
                 'id'                => $license->id,
                 'name'              => (string) link_to('/admin/licenses/'.$license->id.'/view', $license->name),
                 'serial'            => (string) link_to('/admin/licenses/'.$license->id.'/view', mb_strimwidth($license->serial, 0, 50, "...")),
-                'totalSeats'        => $license->totalSeatsByLicenseID(),
+                'totalSeats'        => $license->licenseSeatsCount,
                 'remaining'         => $license->remaincount(),
                 'license_name'      => e($license->license_name),
-                'license_email'      => e($license->license_email),
+                'license_email'     => e($license->license_email),
                 'purchase_date'     => ($license->purchase_date) ? $license->purchase_date : '',
                 'expiration_date'     => ($license->expiration_date) ? $license->expiration_date : '',
-                'purchase_cost'     => ($license->purchase_cost) ? number_format($license->purchase_cost, 2) : '',
+                'purchase_cost'     => Helper::formatCurrencyOutput($license->purchase_cost),
                 'purchase_order'     => ($license->purchase_order) ? e($license->purchase_order) : '',
                 'order_number'     => ($license->order_number) ? e($license->order_number) : '',
                 'notes'     => ($license->notes) ? e($license->notes) : '',
                 'actions'           => $actions,
-                'companyName'       => is_null($license->company) ? '' : e($license->company->name)
+                'company'       => is_null($license->company) ? '' : e($license->company->name),
+                'manufacturer'      => $license->manufacturer ? (string) link_to('/admin/settings/manufacturers/'.$license->manufacturer_id.'/view', $license->manufacturer->name) : ''
             );
         }
 

app/Http/Controllers/LocationsController.php

@@ -61,7 +61,7 @@ class LocationsController extends Controller
 
         return View::make('locations/edit')
         ->with('location_options', $location_options)
-        ->with('location', new Location);
+        ->with('item', new Location);
     }
 
 
@@ -159,7 +159,7 @@ class LocationsController extends Controller
     public function getEdit($locationId = null)
     {
         // Check if the location exists
-        if (is_null($location = Location::find($locationId))) {
+        if (is_null($item = Location::find($locationId))) {
             return redirect()->to('admin/settings/locations')->with('error', trans('admin/locations/message.does_not_exist'));
         }
 
@@ -169,7 +169,7 @@ class LocationsController extends Controller
         $location_options = Location::flattenLocationsArray($location_options_array);
         $location_options = array('' => 'Top Level') + $location_options;
 
-        return View::make('locations/edit', compact('location'))->with('location_options', $location_options);
+        return View::make('locations/edit', compact('item'))->with('location_options', $location_options);
     }
 
 
@@ -318,7 +318,7 @@ class LocationsController extends Controller
                 $locations = $locations->OrderParent($order);
                 break;
             default:
-                $allowed_columns = ['id','name','address','city','state','country','currency'];
+                $allowed_columns = ['id','name','address','city','state','country','currency','zip'];
 
                 $sort = in_array(Input::get('sort'), $allowed_columns) ? Input::get('sort') : 'created_at';
                 $locations = $locations->orderBy($sort, $order);
@@ -344,6 +344,7 @@ class LocationsController extends Controller
                 'address'       => ($location->address) ? e($location->address): '',
                 'city'          => e($location->city),
                 'state'         => e($location->state),
+                'zip'           => e($location->zip),
                 'country'       => e($location->country),
                 'currency'      => e($location->currency),
                 'actions'       => $actions
@@ -370,7 +371,7 @@ class LocationsController extends Controller
     public function getDataViewUsers($locationID)
     {
         $location = Location::find($locationID);
-        $users = User::where('location_id','=',$location->id);
+        $users = User::where('location_id', '=', $location->id);
 
         if (Input::has('search')) {
             $users = $users->TextSearch(e(Input::get('search')));

app/Http/Controllers/ManufacturersController.php

@@ -2,14 +2,15 @@
 namespace App\Http\Controllers;
 
 use App\Models\Company;
+use App\Models\Manufacturer;
+use App\Models\Setting;
+use Auth;
+use Gate;
 use Input;
 use Lang;
-use App\Models\Manufacturer;
 use Redirect;
-use App\Models\Setting;
 use Str;
 use View;
-use Auth;
 
 /**
  * This controller handles all actions related to Manufacturers for
@@ -45,7 +46,7 @@ class ManufacturersController extends Controller
     */
     public function getCreate()
     {
-        return View::make('manufacturers/edit')->with('manufacturer', new Manufacturer);
+        return View::make('manufacturers/edit')->with('item', new Manufacturer);
     }
 
 
@@ -83,13 +84,13 @@ class ManufacturersController extends Controller
     public function getEdit($manufacturerId = null)
     {
         // Check if the manufacturer exists
-        if (is_null($manufacturer = Manufacturer::find($manufacturerId))) {
+        if (is_null($item = Manufacturer::find($manufacturerId))) {
             // Redirect to the manufacturer  page
             return redirect()->to('admin/settings/manufacturers')->with('error', trans('admin/manufacturers/message.does_not_exist'));
         }
 
         // Show the page
-        return View::make('manufacturers/edit', compact('manufacturer'));
+        return View::make('manufacturers/edit', compact('item'));
     }
 
 
@@ -254,10 +255,28 @@ class ManufacturersController extends Controller
     * @since [v1.0]
     * @return String JSON
     */
-    public function getDataView($manufacturerId)
+    public function getDataView($manufacturerId, $itemtype = null)
     {
+        $manufacturer = Manufacturer::find($manufacturerId);
 
-        $manufacturer = Manufacturer::with('assets.company')->find($manufacturerId);
+        switch ($itemtype) {
+            case "assets":
+                return $this->getDataAssetsView($manufacturer);
+            case "licenses":
+                return $this->getDataLicensesView($manufacturer);
+            case "accessories":
+                return $this->getDataAccessoriesView($manufacturer);
+            case "consumables":
+                return $this->getDataConsumablesView($manufacturer);
+        }
+
+        throw new Exception("We shouldn't be here");
+
+    }
+
+    protected function getDataAssetsView(Manufacturer $manufacturer)
+    {
+        $manufacturer = $manufacturer->load('assets.model', 'assets.assigneduser', 'assets.assetstatus', 'assets.company');
         $manufacturer_assets = $manufacturer->assets;
 
         if (Input::has('search')) {
@@ -293,35 +312,229 @@ class ManufacturersController extends Controller
                 $actions = '<a href="'.route('restore/hardware', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-recycle icon-white"></i></a>';
             }
 
-            if ($asset->assetstatus) {
-                if ($asset->assetstatus->deployable != 0) {
-                    if (($asset->assigned_to !='') && ($asset->assigned_to > 0)) {
-                        $inout = '<a href="'.route('checkin/hardware', $asset->id).'" class="btn btn-primary btn-sm">'.trans('general.checkin').'</a>';
-                    } else {
-                        $inout = '<a href="'.route('checkout/hardware', $asset->id).'" class="btn btn-info btn-sm">'.trans('general.checkout').'</a>';
-                    }
+            if ($asset->availableForCheckout()) {
+                if (Gate::allows('assets.checkout')) {
+                    $inout = '<a href="'.route('checkout/hardware', $asset->id).'" class="btn btn-info btn-sm">'.trans('general.checkout').'</a>';
+                }
+            } else {
+                if (Gate::allows('assets.checkin')) {
+                    $inout = '<a href="'.route('checkin/hardware', $asset->id).'" class="btn btn-primary btn-sm">'.trans('general.checkin').'</a>';
                 }
             }
 
-            $row = array(
-            'id' => $asset->id,
-            'name' => (string)link_to('/hardware/'.$asset->id.'/view', e($asset->showAssetName())),
-            'model' => e($asset->model->name),
-            'asset_tag' => e($asset->asset_tag),
-            'serial' => e($asset->serial),
-            'assigned_to' => ($asset->assigneduser) ? (string)link_to('/admin/users/'.$asset->assigneduser->id.'/view', e($asset->assigneduser->fullName())): '',
-            'actions' => $actions,
-            'companyName' => e(Company::getName($asset)),
-            );
+            $rows[] = array(
+                'id' => $asset->id,
+                'name' => (string)link_to('/hardware/'.$asset->id.'/view', e($asset->showAssetName())),
+                'model' => e($asset->model->name),
+                'asset_tag' => e($asset->asset_tag),
+                'serial' => e($asset->serial),
+                'assigned_to' => ($asset->assigneduser) ? (string)link_to('/admin/users/'.$asset->assigneduser->id.'/view', e($asset->assigneduser->fullName())): '',
+                'actions' => $actions,
+                // 'companyName' => e(Company::getName($asset)),
+                'companyName' => is_null($asset->company) ? '' : $asset->company->name
+                );
 
             if (isset($inout)) {
                 $row['change'] = $inout;
             }
-
-            $rows[] = $row;
         }
 
         $data = array('total' => $count, 'rows' => $rows);
         return $data;
     }
+
+    protected function getDataLicensesView(Manufacturer $manufacturer)
+    {
+        $manufacturer = $manufacturer->load('licenses.company', 'licenses.manufacturer', 'licenses.licenseSeatsRelation');
+        $licenses = $manufacturer->licenses;
+
+        if (Input::has('search')) {
+            $licenses = $licenses->TextSearch(Input::get('search'));
+        }
+
+        $licenseCount = $licenses->count();
+
+        $rows = array();
+
+        foreach ($licenses as $license) {
+            $actions = '<span style="white-space: nowrap;">';
+
+            if (Gate::allows('licenses.checkout')) {
+                $actions .= '<a href="' . route('freecheckout/license', $license->id)
+                . '" class="btn btn-primary btn-sm' . (($license->remaincount() > 0) ? '' : ' disabled') . '" style="margin-right:5px;">' . trans('general.checkout') . '</a> ';
+            }
+
+            if (Gate::allows('licenses.create')) {
+                $actions .= '<a href="' . route('clone/license', $license->id)
+                . '" class="btn btn-info btn-sm" style="margin-right:5px;" title="Clone asset"><i class="fa fa-files-o"></i></a>';
+            }
+            if (Gate::allows('licenses.edit')) {
+                $actions .= '<a href="' . route('update/license', $license->id)
+                . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
+            }
+            if (Gate::allows('licenses.delete')) {
+                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'
+                 . route('delete/license', $license->id)
+                 . '" data-content="' . trans('admin/licenses/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($license->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
+            }
+            $actions .='</span>';
+
+            $rows[] = array(
+                'id'                => $license->id,
+                'name'              => (string) link_to('/admin/licenses/'.$license->id.'/view', $license->name),
+                'serial'            => (string) link_to('/admin/licenses/'.$license->id.'/view', mb_strimwidth($license->serial, 0, 50, "...")),
+                'totalSeats'        => $license->licenseSeatCount,
+                'remaining'         => $license->remaincount(),
+                'license_name'      => e($license->license_name),
+                'license_email'     => e($license->license_email),
+                'purchase_date'     => ($license->purchase_date) ? $license->purchase_date : '',
+                'expiration_date'   => ($license->expiration_date) ? $license->expiration_date : '',
+                'purchase_cost'     => ($license->purchase_cost) ? number_format($license->purchase_cost, 2) : '',
+                'purchase_order'    => ($license->purchase_order) ? e($license->purchase_order) : '',
+                'order_number'      => ($license->order_number) ? e($license->order_number) : '',
+                'notes'             => ($license->notes) ? e($license->notes) : '',
+                'actions'           => $actions,
+                'companyName'       => is_null($license->company) ? '' : e($license->company->name),
+                'manufacturer'      => $license->manufacturer ? (string) link_to('/admin/settings/manufacturers/'.$license->manufacturer_id.'/view', $license->manufacturer->name) : ''
+            );
+        }
+
+        $data = array('total' => $licenseCount, 'rows' => $rows);
+
+        return $data;
+    }
+
+    public function getDataAccessoriesView(Manufacturer $manufacturer)
+    {
+        $manufacturer = $manufacturer->load(
+            'accessories.location',
+            'accessories.company',
+            'accessories.category',
+            'accessories.manufacturer',
+            'accessories.users'
+            );
+        $accessories = $manufacturer->accessories;
+
+        if (Input::has('search')) {
+            $accessories = $accessories->TextSearch(e(Input::get('search')));
+        }
+
+        if (Input::has('limit')) {
+            $limit = e(Input::get('limit'));
+        } else {
+            $limit = 50;
+        }
+
+        $accessCount = $accessories->count();
+
+        $rows = array();
+
+        foreach ($accessories as $accessory) {
+
+            $actions = '<nobr>';
+            if (Gate::allows('accessories.checkout')) {
+                $actions .= '<a href="' . route('checkout/accessory',
+                        $accessory->id) . '" style="margin-right:5px;" class="btn btn-info btn-sm" ' . (($accessory->numRemaining() > 0) ? '' : ' disabled') . '>' . trans('general.checkout') . '</a>';
+            }
+            if (Gate::allows('accessories.edit')) {
+                $actions .= '<a href="' . route('update/accessory',
+                        $accessory->id) . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
+            }
+            if (Gate::allows('accessories.delete')) {
+                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/accessory',
+                        $accessory->id) . '" data-content="' . trans('admin/accessories/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($accessory->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
+            }
+            $actions .= '</nobr>';
+            $company = $accessory->company;
+
+            $rows[] = array(
+            'name'          => '<a href="'.url('admin/accessories/'.$accessory->id).'/view">'. $accessory->name.'</a>',
+            'category'      => ($accessory->category) ? (string)link_to('admin/settings/categories/'.$accessory->category->id.'/view', $accessory->category->name) : '',
+            'qty'           => e($accessory->qty),
+            'order_number'  => e($accessory->order_number),
+            'min_amt'  => e($accessory->min_amt),
+            'location'      => ($accessory->location) ? e($accessory->location->name): '',
+            'purchase_date' => e($accessory->purchase_date),
+            'purchase_cost' => number_format($accessory->purchase_cost, 2),
+            'numRemaining'  => $accessory->numRemaining(),
+            'actions'       => $actions,
+            'companyName'   => is_null($company) ? '' : e($company->name),
+            'manufacturer'      => $accessory->manufacturer ? (string) link_to('/admin/settings/manufacturers/'.$accessory->manufacturer_id.'/view', $accessory->manufacturer->name) : ''
+
+            );
+        }
+
+        $data = array('total'=>$accessCount, 'rows'=>$rows);
+
+        return $data;
+    }
+
+    public function getDataConsumablesView($manufacturer)
+    {
+        $manufacturer = $manufacturer->load(
+            'consumables.location',
+            'consumables.company',
+            'consumables.category',
+            'consumables.manufacturer',
+            'consumables.users'
+        );
+        $consumables = $manufacturer->consumables;
+
+        if (Input::has('search')) {
+            $consumables = $consumables->TextSearch(e(Input::get('search')));
+        }
+
+        if (Input::has('limit')) {
+            $limit = e(Input::get('limit'));
+        } else {
+            $limit = 50;
+        }
+
+        $consumCount = $consumables->count();
+
+        $rows = array();
+
+        foreach ($consumables as $consumable) {
+            $actions = '<nobr>';
+            if (Gate::allows('consumables.checkout')) {
+                $actions .= '<a href="' . route('checkout/consumable',
+                        $consumable->id) . '" style="margin-right:5px;" class="btn btn-info btn-sm" ' . (($consumable->numRemaining() > 0) ? '' : ' disabled') . '>' . trans('general.checkout') . '</a>';
+            }
+
+            if (Gate::allows('consumables.edit')) {
+                $actions .= '<a href="' . route('update/consumable',
+                        $consumable->id) . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
+            }
+            if (Gate::allows('consumables.delete')) {
+                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/consumable',
+                        $consumable->id) . '" data-content="' . trans('admin/consumables/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($consumable->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
+            }
+
+            $actions .='</nobr>';
+
+            $company = $consumable->company;
+
+            $rows[] = array(
+                'id'            => $consumable->id,
+                'name'          => (string)link_to('admin/consumables/'.$consumable->id.'/view', e($consumable->name)),
+                'location'      => ($consumable->location) ? e($consumable->location->name) : '',
+                'min_amt'       => e($consumable->min_amt),
+                'qty'           => e($consumable->qty),
+                'manufacturer'  => ($consumable->manufacturer) ? (string) link_to('/admin/settings/manufacturers/'.$consumable->manufacturer_id.'/view', $consumable->manufacturer->name): '',
+                'model_number'  => e($consumable->model_number),
+                'item_no'       => e($consumable->item_no),
+                'category'      => ($consumable->category) ? (string) link_to('/admin/settings/categories/'.$consumable->category_id.'/view', $consumable->category->name) : 'Missing category',
+                'order_number'  => e($consumable->order_number),
+                'purchase_date' => e($consumable->purchase_date),
+                'purchase_cost' => ($consumable->purchase_cost!='') ? number_format($consumable->purchase_cost, 2): '' ,
+                'numRemaining'  => $consumable->numRemaining(),
+                'actions'       => $actions,
+                'companyName'   => is_null($company) ? '' : e($company->name),
+            );
+        }
+
+        $data = array('total' => $consumCount, 'rows' => $rows);
+
+        return $data;
+    }
 }

app/Http/Controllers/ProfileController.php

@@ -8,6 +8,8 @@ use App\Models\Location;
 use View;
 use Auth;
 use App\Helpers\Helper;
+use App\Models\Setting;
+use Gate;
 
 /**
  * This controller handles all actions related to User Profiles for
@@ -53,9 +55,14 @@ class ProfileController extends Controller
         $user->gravatar   = e(Input::get('gravatar'));
         $user->locale = e(Input::get('locale'));
 
+
+        if ((Gate::allows('self.two_factor')) && ((Setting::getSettings()->two_factor_enabled=='1') && (!config('app.lock_passwords')))) {
+            $user->two_factor_optin = e(Input::get('two_factor_optin', '0'));
+        }
+        
         if (Input::file('avatar')) {
             $image = Input::file('avatar');
-            $file_name = $user->first_name."-".$user->last_name.".".$image->getClientOriginalExtension();
+            $file_name = str_slug($user->first_name."-".$user->last_name).".".$image->getClientOriginalExtension();
             $path = public_path('uploads/avatars/'.$file_name);
             Image::make($image->getRealPath())->resize(84, 84)->save($path);
             $user->avatar = $file_name;

app/Http/Controllers/ReportsController.php

@@ -1,25 +1,27 @@
 <?php
 namespace App\Http\Controllers;
 
+use App\Helpers\Helper;
 use App\Models\Accessory;
 use App\Models\Actionlog;
 use App\Models\Asset;
 use App\Models\AssetMaintenance;
-use Carbon\Carbon;
-use Category;
+use App\Models\AssetModel;
 use App\Models\Company;
+use App\Models\CustomField;
+use App\Models\License;
+use App\Models\Location;
+use App\Models\Setting;
+use App\Models\User;
+use Carbon\Carbon;
 use Illuminate\Support\Facades\Lang;
 use Illuminate\Support\Facades\Log;
 use Illuminate\Support\Facades\Response;
 use Illuminate\Support\Facades\View;
 use Input;
 use League\Csv\Reader;
-use App\Models\License;
-use App\Models\Location;
-use App\Models\AssetModel;
 use Redirect;
-use App\Models\Setting;
-use App\Models\User;
+use Symfony\Component\HttpFoundation\StreamedResponse;
 
 /**
  * This controller handles all actions related to Reports for
@@ -31,7 +33,7 @@ class ReportsController extends Controller
 {
 
     /**
-    * Returns a view that displaysthe accessories report.
+    * Returns a view that displays the accessories report.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
@@ -87,7 +89,7 @@ class ReportsController extends Controller
     }
 
     /**
-    * Display asset report.
+    * Display asset report view.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
@@ -96,23 +98,11 @@ class ReportsController extends Controller
     public function getAssetsReport()
     {
         $settings = \App\Models\Setting::first();
-        // Grab all the assets
-        $assets = Asset::with(
-            'model',
-            'assigneduser.userLoc',
-            'assetstatus',
-            'defaultLoc',
-            'assetlog',
-            'supplier',
-            'model.manufacturer',
-            'company'
-        )
-                       ->orderBy('created_at', 'DESC')
-                       ->get();
-
-        return View::make('reports/asset', compact('assets'))->with('settings',$settings);
+        return View::make('reports/asset', compact('assets'))->with('settings', $settings);
     }
 
+
+
     /**
     * Exports the assets to CSV
     *
@@ -122,103 +112,76 @@ class ReportsController extends Controller
     */
     public function exportAssetReport()
     {
-        // Grab all the assets
-        $assets = Asset::orderBy('created_at', 'DESC')->get();
 
-        $rows = [ ];
+         \Debugbar::disable();
 
-        // Create the header row
-        $header = [
-            trans('admin/hardware/table.asset_tag'),
-            trans('admin/hardware/form.manufacturer'),
-            trans('admin/hardware/form.model'),
-            trans('general.model_no'),
-            trans('general.name'),
-            trans('admin/hardware/table.serial'),
-            trans('general.status'),
-            trans('admin/hardware/table.purchase_date'),
-            trans('admin/hardware/table.purchase_cost'),
-            trans('admin/hardware/form.order'),
-            trans('admin/hardware/form.supplier'),
-            trans('admin/hardware/table.checkoutto'),
-            trans('admin/hardware/table.location'),
-            trans('general.notes'),
-        ];
-        $header = array_map('trim', $header);
-        $rows[] = implode($header, ',');
+        $customfields = CustomField::get();
 
-        // Create a row per asset
-        foreach ($assets as $asset) {
-            $row   = [ ];
-            $row[] = e($asset->asset_tag);
-            if ($asset->model->manufacturer) {
-                $row[] = e($asset->model->manufacturer->name);
-            } else {
-                $row[] = '';
-            }
-            $row[] = '"' . e($asset->model->name) . '"';
-            $row[] = '"' . e($asset->model->modelno) . '"';
-            $row[] = e($asset->name);
-            $row[] = e($asset->serial);
-            if ($asset->assetstatus) {
-                $row[] = e($asset->assetstatus->name);
-            } else {
-                $row[] = '';
-            }
-            $row[] = $asset->purchase_date;
-            $row[] = '"' . number_format($asset->purchase_cost, 2) . '"';
-            if ($asset->order_number) {
-                $row[] = e($asset->order_number);
-            } else {
-                $row[] = '';
-            }
-            if ($asset->supplier_id) {
-                $row[] = e($asset->supplier->name);
-            } else {
-                $row[] = '';
-            }
+        $response = new StreamedResponse(function() use ($customfields) {
+            // Open output stream
+            $handle = fopen('php://output', 'w');
 
-            if ($asset->assigned_to > 0) {
-                $user  = User::find($asset->assigned_to);
-                $row[] = e($user->fullName());
-            } else {
-                $row[] = ''; // Empty string if unassigned
-            }
-
-            if (( $asset->assigned_to > 0 ) && ( $asset->assigneduser->location_id > 0 )) {
-                $location = Location::find($asset->assigneduser->location_id);
-                if ($location) {
-                    $row[] = e($location->name);
-                } else {
-                    $row[] = '';
+            Asset::with('assigneduser', 'assetloc','defaultLoc','assigneduser.userloc','model','supplier','assetstatus','model.manufacturer')->orderBy('created_at', 'DESC')->chunk(500, function($assets) use($handle, $customfields) {
+                $headers=[
+                    trans('general.company'),
+                    trans('admin/hardware/table.asset_tag'),
+                    trans('admin/hardware/form.manufacturer'),
+                    trans('admin/hardware/form.model'),
+                    trans('general.model_no'),
+                    trans('general.name'),
+                    trans('admin/hardware/table.serial'),
+                    trans('general.status'),
+                    trans('admin/hardware/table.purchase_date'),
+                    trans('admin/hardware/table.purchase_cost'),
+                    trans('admin/hardware/form.order'),
+                    trans('admin/hardware/form.supplier'),
+                    trans('admin/hardware/table.checkoutto'),
+                    trans('admin/hardware/table.checkout_date'),
+                    trans('admin/hardware/table.location'),
+                    trans('general.notes'),
+                ];
+                foreach($customfields as $field) {
+                    $headers[]=$field->name;
                 }
-            } elseif ($asset->rtd_location_id) {
-                $location = Location::find($asset->rtd_location_id);
-                if ($location->name) {
-                    $row[] = e($location->name);
-                } else {
-                    $row[] = '';
+                fputcsv($handle, $headers);
+
+                foreach ($assets as $asset) {
+                    // Add a new row with data
+                    $values=[
+                        ($asset->company) ? $asset->company->name : '',
+                        $asset->asset_tag,
+                        ($asset->model->manufacturer) ? $asset->model->manufacturer->name : '',
+                        ($asset->model) ? $asset->model->name : '',
+                        ($asset->model->model_number) ? $asset->model->model_number : '',
+                        ($asset->name) ? $asset->name : '',
+                        ($asset->serial) ? $asset->serial : '',
+                        ($asset->assetstatus) ? e($asset->assetstatus->name) : '',
+                        ($asset->purchase_date) ? e($asset->purchase_date) : '',
+                        ($asset->purchase_cost > 0) ? Helper::formatCurrencyOutput($asset->purchase_cost) : '',
+                        ($asset->order_number) ? e($asset->order_number) : '',
+                        ($asset->supplier) ? e($asset->supplier->name) : '',
+                        ($asset->assigneduser) ? e($asset->assigneduser->fullName()) : '',
+                        ($asset->last_checkout!='') ? e($asset->last_checkout) : '',
+                        ($asset->assigneduser && $asset->assigneduser->userloc!='') ?
+                            e($asset->assigneduser->userloc->name) : ( ($asset->defaultLoc!='') ? e($asset->defaultLoc->name) : ''),
+                        ($asset->notes) ? e($asset->notes) : '',
+                    ];
+                    foreach($customfields as $field) {
+                        $values[]=$asset->{$field->db_column_name()};
+                    }
+                    fputcsv($handle, $values);
                 }
-            } else {
-                $row[] = '';  // Empty string if location is not set
-            }
+            });
 
-            if ($asset->notes) {
-                $row[] = '"' . e($asset->notes) . '"';
-            } else {
-                $row[] = '';
-            }
-
-            $rows[] = implode($row, ',');
-        }
-
-        // spit out a csv
-        $csv      = implode($rows, "\n");
-        $response = Response::make($csv, 200);
-        $response->header('Content-Type', 'text/csv');
-        $response->header('Content-disposition', 'attachment;filename=report.csv');
+            // Close the output stream
+            fclose($handle);
+        }, 200, [
+            'Content-Type' => 'text/csv',
+            'Content-Disposition' => 'attachment; filename="assets-'.date('Y-m-d-his').'.csv"',
+        ]);
 
         return $response;
+
     }
 
     /**
@@ -308,9 +271,9 @@ class ReportsController extends Controller
             }
 
             $row[] = $asset->purchase_date;
-            $row[] = $currency . number_format($asset->purchase_cost, 2);
-            $row[] = $currency . number_format($asset->getDepreciatedValue(), 2);
-            $row[] = $currency . number_format(( $asset->purchase_cost - $asset->getDepreciatedValue() ), 2);
+            $row[] = $currency . Helper::formatCurrencyOutput($asset->purchase_cost);
+            $row[] = $currency . Helper::formatCurrencyOutput($asset->getDepreciatedValue());
+            $row[] = $currency . Helper::formatCurrencyOutput(( $asset->purchase_cost - $asset->getDepreciatedValue() ));
             $csv->insertOne($row);
         }
 
@@ -329,11 +292,7 @@ class ReportsController extends Controller
     public function getActivityReport()
     {
         $log_actions = Actionlog::orderBy('created_at', 'DESC')
-                                ->with('adminlog')
-                                ->with('accessorylog')
-                                ->with('assetlog')
-                                ->with('licenselog')
-                                ->with('userlog')
+                                ->with('item')
                                 ->orderBy('created_at', 'DESC')
                                 ->get();
 
@@ -341,16 +300,134 @@ class ReportsController extends Controller
     }
 
     /**
-    * Displays license report
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @since [v1.0]
-    * @return View
-    */
+     * Returns Activity Report JSON.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @return View
+     */
+    public function getActivityReportDataTable()
+    {
+        $activitylogs = Company::scopeCompanyables(Actionlog::with('item', 'user', 'target'))->orderBy('created_at', 'DESC');
+
+        if (Input::has('search')) {
+            $activitylogs = $activitylogs->TextSearch(e(Input::get('search')));
+        }
+
+        if (Input::has('offset')) {
+            $offset = e(Input::get('offset'));
+        } else {
+            $offset = 0;
+        }
+
+        if (Input::has('limit')) {
+            $limit = e(Input::get('limit'));
+        } else {
+            $limit = 50;
+        }
+
+
+        $allowed_columns = ['created_at'];
+        $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
+        $sort = in_array(Input::get('sort'), $allowed_columns) ? e(Input::get('sort')) : 'created_at';
+
+
+        $activityCount = $activitylogs->count();
+        $activitylogs = $activitylogs->offset($offset)->limit($limit)->get();
+
+        $rows = array();
+        foreach ($activitylogs as $activity) {
+
+            if ($activity->itemType() == "asset") {
+                $activity_icons = '<i class="fa fa-barcode"></i>';
+            } elseif ($activity->itemType() == "accessory") {
+                $activity_icons = '<i class="fa fa-keyboard-o"></i>';
+            } elseif ($activity->itemType()=="consumable") {
+                $activity_icons = '<i class="fa fa-tint"></i>';
+            } elseif ($activity->itemType()=="license"){
+                $activity_icons = '<i class="fa fa-floppy-o"></i>';
+            } elseif ($activity->itemType()=="component") {
+                $activity_icons = '<i class="fa fa-hdd-o"></i>';
+            } else {
+                $activity_icons = '<i class="fa fa-paperclip"></i>';
+            }
+
+            if (($activity->item) && ($activity->itemType()=="asset")) {
+              $activity_item = '<a href="'.route('view/hardware', $activity->item_id).'">'.e($activity->item->asset_tag).' - '. e($activity->item->showAssetName()).'</a>';
+                $item_type = 'asset';
+            } elseif ($activity->item) {
+                $activity_item = '<a href="' . route('view/' . $activity->itemType(),
+                        $activity->item_id) . '">' . e($activity->item->name) . '</a>';
+                $item_type = $activity->itemType();
+
+            } else {
+                $activity_item = "unkonwn";
+                $item_type = "null";
+            }
+            
+
+            if (($activity->user) && ($activity->action_type=="uploaded") && ($activity->itemType()=="user")) {
+                $activity_target = '<a href="'.route('view/user', $activity->target_id).'">'.$activity->user->fullName().'</a>';
+            } elseif ($activity->target_type === "App\Models\Asset") {
+                if($activity->target) {
+                    $activity_target = '<a href="'.route('view/hardware', $activity->target_id).'">'.$activity->target->showAssetName().'</a>';
+                } else {
+                    $activity_target = "";
+                }
+            } elseif ( $activity->target_type === "App\Models\User") {
+                if($activity->target) {
+                   $activity_target = '<a href="'.route('view/user', $activity->target_id).'">'.$activity->target->fullName().'</a>';
+                } else {
+                    $activity_target = '';
+                }
+            } elseif (($activity->action_type=='accepted') || ($activity->action_type=='declined')) {
+                $activity_target = '<a href="' . route('view/user', $activity->item->assigneduser->id) . '">' . e($activity->item->assigneduser->fullName()) . '</a>';
+
+            } elseif ($activity->action_type=='requested') {
+                if ($activity->user) {
+                    $activity_target =  '<a href="'.route('view/user', $activity->user_id).'">'.$activity->user->fullName().'</a>';
+                } else {
+                    $activity_target = '';
+                }
+            } else {
+                if($activity->target) {
+                    $activity_target = $activity->target->id;
+                } else {
+                    $activity_target = "";
+                }
+            }
+
+            
+            $rows[] = array(
+                'icon'          => $activity_icons,
+                'created_at'    => date("M d, Y g:iA", strtotime($activity->created_at)),
+                'action_type'              => strtolower(trans('general.'.str_replace(' ','_',$activity->action_type))),
+                'admin'         =>  $activity->user ? (string) link_to('/admin/users/'.$activity->user_id.'/view', $activity->user->fullName()) : '',
+                'target'          => $activity_target,
+                'item'          => $activity_item,
+                'item_type'     => $item_type,
+                'note'     => e($activity->note),
+
+            );
+        }
+
+        $data = array('total'=>$activityCount, 'rows'=>$rows);
+
+        return $data;
+
+    }
+
+    /**
+     * Displays license report
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @return View
+     */
     public function getLicenseReport()
     {
 
-        $licenses = License::orderBy('created_at', 'DESC')
+        $licenses = License::with('depreciation')->orderBy('created_at', 'DESC')
                            ->with('company')
                            ->get();
 
@@ -376,8 +453,9 @@ class ReportsController extends Controller
             trans('admin/licenses/form.seats'),
             trans('admin/licenses/form.remaining_seats'),
             trans('admin/licenses/form.expiration'),
-            trans('admin/licenses/form.date'),
-            trans('admin/licenses/form.cost')
+            trans('general.purchase_date'),
+            trans('general.depreciation'),
+            trans('general.purchase_cost')
         ];
 
         $header = array_map('trim', $header);
@@ -392,7 +470,8 @@ class ReportsController extends Controller
             $row[] = $license->remaincount();
             $row[] = $license->expiration_date;
             $row[] = $license->purchase_date;
-            $row[] = '"' . number_format($license->purchase_cost, 2) . '"';
+            $row[] = ($license->depreciation!='') ? '' : e($license->depreciation->name);
+            $row[] = '"' . Helper::formatCurrencyOutput($license->purchase_cost) . '"';
 
             $rows[] = implode($row, ',');
         }
@@ -415,25 +494,30 @@ class ReportsController extends Controller
     */
     public function getCustomReport()
     {
-
-        return View::make('reports/custom');
+        $customfields = CustomField::get();
+        return View::make('reports/custom')->with('customfields', $customfields);
     }
 
     /**
-    * Exports the custom report to CSV
-    *
-    * @author [A. Gianotto] [<snipe@snipe.net>]
-    * @see ReportsController::getCustomReport() method that generates form view
-    * @since [v1.0]
-    * @return \Illuminate\Http\Response
-    */
+     * Exports the custom report to CSV
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @see ReportsController::getCustomReport() method that generates form view
+     * @since [v1.0]
+     * @return \Illuminate\Http\Response
+     */
     public function postCustom()
     {
-        $assets = Asset::orderBy('created_at', 'DESC')->get();
+        $assets = Asset::orderBy('created_at', 'DESC')->with('company','assigneduser', 'assetloc','defaultLoc','assigneduser.userloc','model','supplier','assetstatus','model.manufacturer')->get();
+        $customfields = CustomField::get();
 
         $rows   = [ ];
         $header = [ ];
 
+        if (e(Input::get('company')) == '1') {
+            $header[] = 'Company Name';
+        }
+
         if (e(Input::get('asset_name')) == '1') {
             $header[] = 'Asset Name';
         }
@@ -459,6 +543,9 @@ class ReportsController extends Controller
         if (( e(Input::get('purchase_cost')) == '1' ) && ( e(Input::get('depreciation')) != '1' )) {
             $header[] = 'Purchase Cost';
         }
+        if (e(Input::get('eol')) == '1') {
+            $header[] = 'EOL';
+        }
         if (e(Input::get('order')) == '1') {
             $header[] = 'Order Number';
         }
@@ -471,6 +558,12 @@ class ReportsController extends Controller
         if (e(Input::get('assigned_to')) == '1') {
             $header[] = 'Assigned To';
         }
+        if (e(Input::get('username')) == '1') {
+            $header[] = 'Username';
+        }
+        if (e(Input::get('employee_num')) == '1') {
+            $header[] = 'Employee No.';
+        }
         if (e(Input::get('status')) == '1') {
             $header[] = 'Status';
         }
@@ -483,12 +576,28 @@ class ReportsController extends Controller
             $header[] = 'Value';
             $header[] = 'Diff';
         }
+        if (e(Input::get('expected_checkin')) == '1') {
+            $header[] = trans('admin/hardware/form.expected_checkin');
+        }
+
+
+        foreach ($customfields as $customfield) {
+            if (e(Input::get($customfield->db_column_name())) == '1') {
+                $header[] = $customfield->name;
+            }
+        }
+
 
         $header = array_map('trim', $header);
         $rows[] = implode($header, ',');
 
         foreach ($assets as $asset) {
             $row = [ ];
+
+            if (e(Input::get('company')) == '1') {
+                $row[] = is_null($asset->company) ? '' : '"'.$asset->company->name.'"';
+            }
+
             if (e(Input::get('asset_name')) == '1') {
                 $row[] = '"' .e($asset->name) . '"';
             }
@@ -504,7 +613,7 @@ class ReportsController extends Controller
             }
             if (e(Input::get('model')) == '1') {
                 $row[] = '"' . e($asset->model->name) . '"';
-                $row[] = '"' . e($asset->model->modelno) . '"';
+                $row[] = '"' . e($asset->model->model_number) . '"';
             }
             if (e(Input::get('category')) == '1') {
                 $row[] = '"' .e($asset->model->category->name) . '"';
@@ -517,7 +626,10 @@ class ReportsController extends Controller
                 $row[] = e($asset->purchase_date);
             }
             if (e(Input::get('purchase_cost')) == '1' && ( e(Input::get('depreciation')) != '1' )) {
-                $row[] = '"' . number_format($asset->purchase_cost, 2) . '"';
+                $row[] = '"' . Helper::formatCurrencyOutput($asset->purchase_cost) . '"';
+            }
+            if (e(Input::get('eol')) == '1') {
+                $row[] = '"' .($asset->eol_date()) ? $asset->eol_date() : ''. '"';
             }
             if (e(Input::get('order')) == '1') {
                 if ($asset->order_number) {
@@ -527,21 +639,19 @@ class ReportsController extends Controller
                 }
             }
             if (e(Input::get('supplier')) == '1') {
-                if ($asset->supplier_id) {
+                if ($asset->supplier) {
                     $row[] = '"' .e($asset->supplier->name) . '"';
                 } else {
                     $row[] = '';
                 }
             }
+
             if (e(Input::get('location')) == '1') {
                 $show_loc = '';
-                if (( $asset->assigned_to > 0 ) && ( $asset->assigneduser->location_id !='' )) {
-                    $location = Location::find($asset->assigneduser->location_id);
-                    if ($location) {
-                        $show_loc .= '"' .e($location->name). '"';
-                    } else {
-                        $show_loc .= 'User location '.$asset->assigneduser->location_id.' is invalid';
-                    }
+
+
+                if (($asset->assigned_to > 0) && ($asset->assigneduser) && ($asset->assigneduser->location)) {
+                    $show_loc .= '"' .e($asset->assigneduser->location->name). '"';
                 } elseif ($asset->rtd_location_id!='') {
                     $location = Location::find($asset->rtd_location_id);
                     if ($location) {
@@ -554,14 +664,32 @@ class ReportsController extends Controller
                 $row[] = $show_loc;
 
             }
+
+
             if (e(Input::get('assigned_to')) == '1') {
-                if ($asset->assigned_to > 0) {
-                    $user  = User::find($asset->assigned_to);
-                    $row[] = '"' .e($user->fullName()). '"';
+                if ($asset->assigneduser) {
+                    $row[] = '"' .e($asset->assigneduser->fullName()). '"';
                 } else {
                     $row[] = ''; // Empty string if unassigned
                 }
             }
+
+            if (e(Input::get('username')) == '1') {
+                if ($asset->assigneduser) {
+                    $row[] = '"' .e($asset->assigneduser->username). '"';
+                } else {
+                    $row[] = ''; // Empty string if unassigned
+                }
+            }
+
+            if (e(Input::get('employee_num')) == '1') {
+                if ($asset->assigneduser) {
+                    $row[] = '"' .e($asset->assigneduser->employee_num). '"';
+                } else {
+                    $row[] = ''; // Empty string if unassigned
+                }
+            }
+
             if (e(Input::get('status')) == '1') {
                 if (( $asset->status_id == '0' ) && ( $asset->assigned_to == '0' )) {
                     $row[] = trans('general.ready_to_deploy');
@@ -584,10 +712,26 @@ class ReportsController extends Controller
             }
             if (e(Input::get('depreciation')) == '1') {
                 $depreciation = $asset->getDepreciatedValue();
-                $row[]        = '"' . number_format($asset->purchase_cost, 2) . '"';
-                $row[]        = '"' . number_format($depreciation, 2) . '"';
-                $row[]        = '"' . number_format($asset->purchase_cost - $depreciation, 2) . '"';
+                $row[]        = '"' . Helper::formatCurrencyOutput($asset->purchase_cost) . '"';
+                $row[]        = '"' . Helper::formatCurrencyOutput($depreciation) . '"';
+                $row[]        = '"' . Helper::formatCurrencyOutput($asset->purchase_cost) . '"';
             }
+            if (e(Input::get('expected_checkin')) == '1') {
+                if ($asset->expected_checkin) {
+                    $row[] = '"' .e($asset->expected_checkin). '"';
+                } else {
+                    $row[] = ''; // Empty string if blankd
+                }
+            }
+
+            foreach ($customfields as $customfield) {
+                $column_name = $customfield->db_column_name();
+                if (e(Input::get($customfield->db_column_name())) == '1') {
+                    $row[] = str_replace(",", "\,", $asset->$column_name);
+                }
+            }
+
+
             $rows[] = implode($row, ',');
         }
 
@@ -596,14 +740,15 @@ class ReportsController extends Controller
             $csv      = implode($rows, "\n");
             $response = Response::make($csv, 200);
             $response->header('Content-Type', 'text/csv');
-            $response->header('Content-disposition', 'attachment;filename=report.csv');
+            $response->header('Content-disposition', 'attachment;filename='.date('Y-m-d-His').'-custom-asset-report.csv');
 
             return $response;
         } else {
             return redirect()->to("reports/custom")
-                           ->with('error', trans('admin/reports/message.error'));
+                ->with('error', trans('admin/reports/message.error'));
         }
     }
+    
 
     /**
      * getImprovementsReport
@@ -640,8 +785,9 @@ class ReportsController extends Controller
         $rows = [ ];
 
         $header = [
+            trans('admin/hardware/table.asset_tag'),
             trans('admin/asset_maintenances/table.asset_name'),
-            trans('admin/asset_maintenances/table.supplier_name'),
+            trans('general.supplier'),
             trans('admin/asset_maintenances/form.asset_maintenance_type'),
             trans('admin/asset_maintenances/form.title'),
             trans('admin/asset_maintenances/form.start_date'),
@@ -655,6 +801,7 @@ class ReportsController extends Controller
 
         foreach ($assetMaintenances as $assetMaintenance) {
             $row   = [ ];
+            $row[] = str_replace(',', '', e($assetMaintenance->asset->asset_tag));
             $row[] = str_replace(',', '', e($assetMaintenance->asset->name));
             $row[] = str_replace(',', '', e($assetMaintenance->supplier->name));
             $row[] = e($assetMaintenance->improvement_type);
@@ -668,7 +815,7 @@ class ReportsController extends Controller
                 $improvementTime = intval($assetMaintenance->asset_maintenance_time);
             }
             $row[]  = $improvementTime;
-            $row[]  = trans('general.currency') . number_format($assetMaintenance->cost, 2);
+            $row[]  = trans('general.currency') . Helper::formatCurrencyOutput($assetMaintenance->cost);
             $rows[] = implode($row, ',');
         }
 

app/Http/Controllers/SettingsController.php

@@ -4,6 +4,7 @@ namespace App\Http\Controllers;
 use Input;
 use Lang;
 use App\Models\Setting;
+use App\Models\Ldap;
 use Redirect;
 use DB;
 use Str;
@@ -14,9 +15,9 @@ use Response;
 use Artisan;
 use Crypt;
 use Mail;
+use Auth;
 use App\Models\User;
 use App\Http\Requests\SetupUserRequest;
-use App\Http\Requests\SettingRequest;
 
 /**
  * This controller handles all actions related to Settings for
@@ -50,31 +51,20 @@ class SettingsController extends Controller
             $start_settings['db_error'] = $e->getMessage();
         }
 
-        $protocol = array_key_exists('HTTPS',$_SERVER) && ( $_SERVER['HTTPS'] == "on") ? 'https://' : 'http://';
+        $protocol = array_key_exists('HTTPS', $_SERVER) && ( $_SERVER['HTTPS'] == "on") ? 'https://' : 'http://';
 
-
-        $pageURL = $protocol;
-        if ($_SERVER["SERVER_PORT"] != "80") {
-            $main_page = $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"];
-            $pageURL .= $main_page.$_SERVER["REQUEST_URI"];
-        } else {
-            $main_page = $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
-            $pageURL .= $main_page;
+        $host = $_SERVER['SERVER_NAME'];
+        if (($protocol === 'http://' && $_SERVER['SERVER_PORT'] != '80') || ($protocol === 'https://' && $_SERVER['SERVER_PORT'] != '443')) {
+          $host .= ':' . $_SERVER['SERVER_PORT'];
         }
+        $pageURL = $protocol . $host . $_SERVER['REQUEST_URI'];
 
-        $start_settings['env_location'] = $pageURL.'../.env';
+        $start_settings['url_valid'] = (config('app.url').'/setup' === $pageURL);
 
+        $start_settings['url_config'] = config('app.url');
+        $start_settings['real_url'] = $pageURL;
 
-        if (config('app.url').'/setup'!=$pageURL) {
-            $start_settings['url_valid']= false;
-        } else {
-            $start_settings['url_valid']= true;
-        }
-
-        $start_settings['url_config']= config('app.url');
-        $start_settings['real_url']= $pageURL;
-
-        $exposed_env = @file_get_contents($main_page.'/.env');
+        $exposed_env = @file_get_contents($protocol . $host.'/.env');
 
         if ($exposed_env) {
             $start_settings['env_exposed'] = true;
@@ -98,10 +88,17 @@ class SettingsController extends Controller
 
         }
 
-        $owner = posix_getpwuid(fileowner($_SERVER["SCRIPT_FILENAME"]));
-        $start_settings['owner'] = $owner['name'];
+        if (function_exists('posix_getpwuid')) { // Probably Linux
+            $owner = posix_getpwuid(fileowner($_SERVER["SCRIPT_FILENAME"]));
+            $start_settings['owner'] = $owner['name'];
+        } else { // Windows
+            // TODO: Is there a way of knowing if a windows user has elevated permissions
+            // This just gets the user name, which likely isn't 'root'
+            // $start_settings['owner'] = getenv('USERNAME');
+            $start_settings['owner'] = '';
+        }
 
-        if (($start_settings['owner']=='root') || ($start_settings['owner']=='0') || ($start_settings['owner']=='root')) {
+        if (($start_settings['owner']==='root') || ($start_settings['owner']==='0')) {
             $start_settings['owner_is_admin'] = true;
         } else {
             $start_settings['owner_is_admin'] = false;
@@ -140,7 +137,8 @@ class SettingsController extends Controller
         try {
             Mail::send('emails.test', [], function ($m) {
                 $m->to(config('mail.from.address'), config('mail.from.name'));
-                $m->subject('Test Email from Snipe-IT');
+                $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                $m->subject(trans('mail.test_email'));
             });
             return 'success';
         } catch (Exception $e) {
@@ -176,22 +174,30 @@ class SettingsController extends Controller
         $settings->alert_email = e(Input::get('email'));
         $settings->alerts_enabled = 1;
         $settings->brand = 1;
+        $settings->locale = 'en';
         $settings->default_currency = 'USD';
         $settings->user_id = 1;
+        $settings->email_domain = e(Input::get('email_domain'));
+        $settings->email_format = e(Input::get('email_format'));
 
-        if ((!$user->isValid('initial')) && (!$settings->isValid('initial'))) {
+
+        if ((!$user->isValid()) || (!$settings->isValid())) {
             return redirect()->back()->withInput()->withErrors($user->getErrors())->withErrors($settings->getErrors());
         } else {
             $user->save();
+            Auth::login($user, true);
             $settings->save();
 
             if (Input::get('email_creds')=='1') {
                 Mail::send(['text' => 'emails.firstadmin'], $data, function ($m) use ($data) {
                     $m->to($data['email'], $data['first_name']);
-                    $m->subject('Your Snipe-IT credentials');
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.your_credentials'));
                 });
             }
 
+
+
             return redirect()->route('setup.done');
         }
 
@@ -221,6 +227,7 @@ class SettingsController extends Controller
     */
     public function getSetupDone()
     {
+
         return View::make('setup/done')
         ->with('step', 4)
         ->with('section', 'Done!');
@@ -257,10 +264,7 @@ class SettingsController extends Controller
     */
     public function getIndex()
     {
-        // Grab all the settings
         $settings = Setting::all();
-
-        // Show the page
         return View::make('settings/index', compact('settings'));
     }
 
@@ -288,11 +292,11 @@ class SettingsController extends Controller
     * @since [v1.0]
     * @return Redirect
     */
-    public function postEdit(SettingRequest $request)
+    public function postEdit()
     {
 
         // Check if the asset exists
-        if (is_null($setting = Setting::find(1))) {
+        if (is_null($setting = Setting::first())) {
             // Redirect to the asset management page with error
             return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
         }
@@ -312,12 +316,18 @@ class SettingsController extends Controller
             }
         }
 
-        $setting->id = '1';
 
-        if (config('app.lock_passwords')==false) {
+        if (!config('app.lock_passwords')) {
             $setting->site_name = e(Input::get('site_name'));
             $setting->brand = e(Input::get('brand'));
             $setting->custom_css = e(Input::get('custom_css'));
+
+            if (Input::get('two_factor_enabled')=='') {
+                $setting->two_factor_enabled = null;
+            } else {
+                $setting->two_factor_enabled = e(Input::get('two_factor_enabled'));
+            }
+
         }
 
         if (Input::get('per_page')!='') {
@@ -328,6 +338,7 @@ class SettingsController extends Controller
 
         $setting->locale = e(Input::get('locale', 'en'));
         $setting->qr_code = e(Input::get('qr_code', '0'));
+        $setting->full_multiple_companies_support = e(Input::get('full_multiple_companies_support', '0'));
         $setting->alt_barcode = e(Input::get('alt_barcode'));
         $setting->alt_barcode_enabled = e(Input::get('alt_barcode_enabled', '0'));
         $setting->barcode_type = e(Input::get('barcode_type'));
@@ -336,8 +347,13 @@ class SettingsController extends Controller
         $setting->qr_text = e(Input::get('qr_text'));
         $setting->auto_increment_prefix = e(Input::get('auto_increment_prefix'));
         $setting->auto_increment_assets = e(Input::get('auto_increment_assets', '0'));
+        $setting->zerofill_count = e(Input::get('zerofill_count'));
         $setting->alert_interval = e(Input::get('alert_interval'));
         $setting->alert_threshold = e(Input::get('alert_threshold'));
+        $setting->email_domain = e(Input::get('email_domain'));
+        $setting->email_format = e(Input::get('email_format'));
+        $setting->username_format = e(Input::get('username_format'));
+        $setting->require_accept_signature = e(Input::get('require_accept_signature'));
 
 
         $setting->labels_per_page = e(Input::get('labels_per_page'));
@@ -353,6 +369,7 @@ class SettingsController extends Controller
         $setting->labels_pagewidth = e(Input::get('labels_pagewidth'));
         $setting->labels_pageheight = e(Input::get('labels_pageheight'));
 
+
         if (Input::has('labels_display_name')) {
             $setting->labels_display_name = 1;
         } else {
@@ -372,7 +389,7 @@ class SettingsController extends Controller
         }
 
         $alert_email = rtrim(Input::get('alert_email'), ',');
-        $alert_email = trim(Input::get('alert_email'));
+        $alert_email = trim($alert_email);
 
         $setting->alert_email = e($alert_email);
         $setting->alerts_enabled = e(Input::get('alerts_enabled', '0'));
@@ -398,11 +415,13 @@ class SettingsController extends Controller
         $setting->ldap_active_flag = e(Input::get('ldap_active_flag'));
         $setting->ldap_emp_num = e(Input::get('ldap_emp_num'));
         $setting->ldap_email = e(Input::get('ldap_email'));
+        $setting->ad_domain = e(Input::get('ad_domain'));
+        $setting->is_ad = e(Input::get('is_ad', '0'));
+        $setting->ldap_tls = e(Input::get('ldap_tls', '0'));
+        $setting->ldap_pw_sync = e(Input::get('ldap_pw_sync', '0'));
 
-        // If validation fails, we'll exit the operation now.
         if ($setting->save()) {
             return redirect()->to("admin/settings/app")->with('success', trans('admin/settings/message.update.success'));
-
         } else {
             return redirect()->back()->withInput()->withErrors($setting->getErrors());
         }
@@ -414,6 +433,25 @@ class SettingsController extends Controller
     }
 
 
+    public function getLdapTest() {
+
+        try {
+            $connection = Ldap::connectToLdap();
+            try {
+                Ldap::bindAdminToLdap($connection);
+                return response()->json(['message' => 'It worked!'], 200);
+            } catch (\Exception $e) {
+                return response()->json(['message' => $e->getMessage()], 500);
+            }
+            return response()->json(['message' => 'It worked!'], 200);
+        } catch (\Exception $e) {
+            return response()->json(['message' => $e->getMessage()], 500);
+        }
+
+
+    }
+
+
     /**
     * Show the listing of backups
     *
@@ -443,7 +481,7 @@ class SettingsController extends Controller
 
             }
             closedir($handle);
-            $files = array_reverse($files);
+            rsort($files);
         }
 
 
@@ -538,7 +576,7 @@ class SettingsController extends Controller
     {
         if (!config('app.lock_passwords')) {
             if (Input::get('confirm_purge')=='DELETE') {
-                Artisan::call('snipeit:purge',['--force'=>'true','--no-interaction'=>true]);
+                Artisan::call('snipeit:purge', ['--force'=>'true','--no-interaction'=>true]);
                 $output = Artisan::output();
                 return View::make('settings/purge')
                 ->with('output', $output)->with('success', trans('admin/settings/message.purge.success'));

app/Http/Controllers/StatuslabelsController.php

@@ -4,6 +4,7 @@ namespace App\Http\Controllers;
 use Input;
 use Lang;
 use App\Models\Statuslabel;
+use App\Models\Asset;
 use Redirect;
 use DB;
 use App\Models\Setting;
@@ -11,6 +12,7 @@ use Str;
 use View;
 use App\Helpers\Helper;
 use Auth;
+use Illuminate\Http\Request;
 
 use Symfony\Component\HttpFoundation\JsonResponse;
 
@@ -35,6 +37,48 @@ class StatuslabelsController extends Controller
     }
 
 
+    /**
+     * Show a count of assets by status label
+     *
+     * @return View
+     */
+
+    public function getAssetCountByStatuslabel()
+    {
+        $colors = [];
+
+        $statuslabels = Statuslabel::with('assets')->get();
+        $labels=[];
+        $points=[];
+        $colors=[];
+        foreach ($statuslabels as $statuslabel) {
+            if ($statuslabel->assets->count() > 0) {
+                $labels[]=$statuslabel->name;
+                $points[]=$statuslabel->assets()->whereNull('assigned_to')->count();
+                if ($statuslabel->color!='') {
+                    $colors[]=$statuslabel->color;
+                }
+            }
+
+
+        }
+        $labels[]='Deployed';
+        $points[]=Asset::whereNotNull('assigned_to')->count();
+
+        $colors_array = array_merge($colors, Helper::chartColors());
+
+        $result= [
+            "labels" => $labels,
+            "datasets" => [ [
+                "data" => $points,
+                "backgroundColor" => $colors_array,
+                "hoverBackgroundColor" =>  $colors_array
+            ]]
+        ];
+        return $result;
+    }
+
+
     /**
      * Statuslabel create.
      *
@@ -43,11 +87,11 @@ class StatuslabelsController extends Controller
     public function getCreate()
     {
         // Show the page
-        $statuslabel = new Statuslabel;
-        $use_statuslabel_type = $statuslabel->getStatuslabelType();
+        $item = new Statuslabel;
+        $use_statuslabel_type = $item->getStatuslabelType();
         $statuslabel_types = Helper::statusTypeList();
 
-        return View::make('statuslabels/edit', compact('statuslabel_types', 'statuslabel'))->with('use_statuslabel_type', $use_statuslabel_type);
+        return View::make('statuslabels/edit', compact('statuslabel_types', 'item'))->with('use_statuslabel_type', $use_statuslabel_type);
     }
 
 
@@ -56,12 +100,17 @@ class StatuslabelsController extends Controller
      *
      * @return Redirect
      */
-    public function postCreate()
+    public function postCreate(Request $request)
     {
 
         // create a new model instance
         $statuslabel = new Statuslabel();
-        $statustype = Statuslabel::getStatuslabelTypesForDB(Input::get('statuslabel_types'));
+
+        if (!$request->has('statuslabel_types')) {
+            return redirect()->back()->withInput()->withErrors(['statuslabel_types' => trans('validation.statuslabel_type')]);
+        }
+
+        $statustype = Statuslabel::getStatuslabelTypesForDB($request->input('statuslabel_types'));
 
         // Save the Statuslabel data
         $statuslabel->name              = e(Input::get('name'));
@@ -70,6 +119,8 @@ class StatuslabelsController extends Controller
         $statuslabel->deployable          =  $statustype['deployable'];
         $statuslabel->pending          =  $statustype['pending'];
         $statuslabel->archived          =  $statustype['archived'];
+        $statuslabel->color          =  e(Input::get('color'));
+        $statuslabel->show_in_nav          =  e(Input::get('show_in_nav'),0);
 
 
         // Was the asset created?
@@ -82,36 +133,30 @@ class StatuslabelsController extends Controller
 
     }
 
-    public function store()
+    public function store(Request $request)
     {
 
-      // create a new model instance
         $statuslabel = new Statuslabel();
-        $statustype = Statuslabel::getStatuslabelTypesForDB(Input::get('modal-statuslabel_types'));
-
-      // attempt validation
-        if ($statuslabel->validate($new)) {
-
-            // Save the Statuslabel data
-            $statuslabel->name            = e(Input::get('name'));
-            $statuslabel->user_id         = Auth::user()->id;
-            $statuslabel->notes           =  '';
-            $statuslabel->deployable      =  $statustype['deployable'];
-            $statuslabel->pending         =  $statustype['pending'];
-            $statuslabel->archived        =  $statustype['archived'];
-
-            // Was the asset created?
-            if ($statuslabel->save()) {
-                // Redirect to the new Statuslabel  page
-                return JsonResponse::create($statuslabel);
-            } else {
-                return JsonResponse::create(["error" => "Couldn't save Statuslabel"], 500);
-            }
-        } else {
-            // failure
-            $errors = $statuslabel->getErrors();
-            return  JsonResponse::create(["error" => "Failed validation: ".print_r($errors->all('<li>:message</li>'), true)], 500);
+        if (!$request->has('statuslabel_types')) {
+            return JsonResponse::create(["error" => trans('validation.statuslabel_type')], 500);
         }
+
+        $statustype = Statuslabel::getStatuslabelTypesForDB(Input::get('statuslabel_types'));
+        $statuslabel->name            = e(Input::get('name'));
+        $statuslabel->user_id         = Auth::user()->id;
+        $statuslabel->notes           =  '';
+        $statuslabel->deployable      =  $statustype['deployable'];
+        $statuslabel->pending         =  $statustype['pending'];
+        $statuslabel->archived        =  $statustype['archived'];
+
+
+        if ($statuslabel->isValid()) {
+            $statuslabel->save();
+            // Redirect to the new Statuslabel  page
+            return JsonResponse::create($statuslabel);
+        }
+        return JsonResponse::create(["error" => $statuslabel->getErrors()->first()], 500);
+
     }
 
 
@@ -124,16 +169,16 @@ class StatuslabelsController extends Controller
     public function getEdit($statuslabelId = null)
     {
         // Check if the Statuslabel exists
-        if (is_null($statuslabel = Statuslabel::find($statuslabelId))) {
+        if (is_null($item = Statuslabel::find($statuslabelId))) {
             // Redirect to the blogs management page
             return redirect()->to('admin/settings/statuslabels')->with('error', trans('admin/statuslabels/message.does_not_exist'));
         }
 
-        $use_statuslabel_type = $statuslabel->getStatuslabelType();
+        $use_statuslabel_type = $item->getStatuslabelType();
 
         $statuslabel_types = array('' => trans('admin/hardware/form.select_statustype')) + array('undeployable' => trans('admin/hardware/general.undeployable')) + array('pending' => trans('admin/hardware/general.pending')) + array('archived' => trans('admin/hardware/general.archived')) + array('deployable' => trans('admin/hardware/general.deployable'));
 
-        return View::make('statuslabels/edit', compact('statuslabel', 'statuslabel_types'))->with('use_statuslabel_type', $use_statuslabel_type);
+        return View::make('statuslabels/edit', compact('item', 'statuslabel_types'))->with('use_statuslabel_type', $use_statuslabel_type);
     }
 
 
@@ -143,7 +188,7 @@ class StatuslabelsController extends Controller
      * @param  int  $statuslabelId
      * @return Redirect
      */
-    public function postEdit($statuslabelId = null)
+    public function postEdit(Request $request, $statuslabelId = null)
     {
         // Check if the Statuslabel exists
         if (is_null($statuslabel = Statuslabel::find($statuslabelId))) {
@@ -151,6 +196,10 @@ class StatuslabelsController extends Controller
             return redirect()->to('admin/settings/statuslabels')->with('error', trans('admin/statuslabels/message.does_not_exist'));
         }
 
+        if (!$request->has('statuslabel_types')) {
+            return redirect()->back()->withInput()->withErrors(['statuslabel_types' => trans('validation.statuslabel_type')]);
+        }
+
 
         // Update the Statuslabel data
         $statustype = Statuslabel::getStatuslabelTypesForDB(Input::get('statuslabel_types'));
@@ -159,6 +208,8 @@ class StatuslabelsController extends Controller
         $statuslabel->deployable          =  $statustype['deployable'];
         $statuslabel->pending          =  $statustype['pending'];
         $statuslabel->archived          =  $statustype['archived'];
+        $statuslabel->color          =  e(Input::get('color'));
+        $statuslabel->show_in_nav          =  e(Input::get('show_in_nav'),0);
 
 
         // Was the asset created?
@@ -193,7 +244,7 @@ class StatuslabelsController extends Controller
         if ($statuslabel->has_assets() > 0) {
 
             // Redirect to the asset management page
-            return redirect()->to('admin/settings/statuslabels')->with('error', trans('admin/statuslabels/message.assoc_users'));
+            return redirect()->to('admin/settings/statuslabels')->with('error', trans('admin/statuslabels/message.assoc_assets'));
         } else {
 
             $statuslabel->delete();
@@ -209,7 +260,7 @@ class StatuslabelsController extends Controller
 
     public function getDatatable()
     {
-        $statuslabels = Statuslabel::select(array('id','name','deployable','pending','archived'))
+        $statuslabels = Statuslabel::select(array('id','name','deployable','pending','archived','color','show_in_nav'))
         ->whereNull('deleted_at');
 
         if (Input::has('search')) {
@@ -253,10 +304,19 @@ class StatuslabelsController extends Controller
 
             $actions = '<a href="'.route('update/statuslabel', $statuslabel->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/statuslabel', $statuslabel->id).'" data-content="'.trans('admin/statuslabels/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($statuslabel->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
 
+            if ($statuslabel->color!='') {
+                $color = '<div class="pull-left" style="margin-right: 5px; height: 20px; width: 20px; background-color: '.e($statuslabel->color).'"></div>'.e($statuslabel->color);
+            } else {
+                $color = '';
+            }
+
+
             $rows[] = array(
                 'id'            => e($statuslabel->id),
                 'type'          => e($label_type),
                 'name'          => e($statuslabel->name),
+                'color'          => $color,
+                'show_in_nav' => ($statuslabel->show_in_nav=='1') ? trans('general.yes') : trans('general.no'),
                 'actions'       => $actions
             );
         }

app/Http/Controllers/SuppliersController.php

@@ -11,6 +11,7 @@ use App\Models\Setting;
 use Str;
 use View;
 use Auth;
+use Illuminate\Http\Request;
 
 use Symfony\Component\HttpFoundation\JsonResponse;
 
@@ -44,7 +45,7 @@ class SuppliersController extends Controller
      */
     public function getCreate()
     {
-        return View::make('suppliers/edit')->with('supplier', new Supplier);
+        return View::make('suppliers/edit')->with('item', new Supplier);
     }
 
 
@@ -102,10 +103,10 @@ class SuppliersController extends Controller
 
     }
 
-    public function store()
+    public function store(Request $request)
     {
-        $supplier=new Supplier;
-        $supplier->name=$new['name'];
+        $supplier = new Supplier;
+        $supplier->name =  e($request->input('name'));
         $supplier->user_id              = Auth::user()->id;
 
         if ($supplier->save()) {
@@ -124,13 +125,13 @@ class SuppliersController extends Controller
     public function getEdit($supplierId = null)
     {
         // Check if the supplier exists
-        if (is_null($supplier = Supplier::find($supplierId))) {
+        if (is_null($item = Supplier::find($supplierId))) {
             // Redirect to the supplier  page
             return redirect()->to('admin/settings/suppliers')->with('error', trans('admin/suppliers/message.does_not_exist'));
         }
 
         // Show the page
-        return View::make('suppliers/edit', compact('supplier'));
+        return View::make('suppliers/edit', compact('item'));
     }
 
 
@@ -241,7 +242,7 @@ class SuppliersController extends Controller
 
     public function getDatatable()
     {
-        $suppliers = Supplier::select(array('id','name','address','address2','city','state','country','fax', 'phone','email','contact'))
+        $suppliers = Supplier::with('assets', 'licenses')->select(array('id','name','address','address2','city','state','country','fax', 'phone','email','contact'))
         ->whereNull('deleted_at');
 
         if (Input::has('search')) {
@@ -282,8 +283,8 @@ class SuppliersController extends Controller
                 'phone'             => e($supplier->phone),
                 'fax'             => e($supplier->fax),
                 'email'             => ($supplier->email!='') ? '<a href="mailto:'.e($supplier->email).'">'.e($supplier->email).'</a>' : '',
-                'assets'            => $supplier->num_assets(),
-                'licenses'          => $supplier->num_licenses(),
+                'assets'            => $supplier->assets->count(),
+                'licenses'          => $supplier->licenses->count(),
                 'actions'           => $actions
             );
         }

app/Http/Controllers/ViewAssetsController.php

@@ -4,9 +4,12 @@ namespace App\Http\Controllers;
 use App\Models\Accessory;
 use App\Models\Actionlog;
 use App\Models\Asset;
+use App\Models\AssetModel;
+use App\Models\CheckoutRequest;
 use App\Models\Company;
+use App\Models\Component;
 use App\Models\Consumable;
-use App\Models\Location;
+use App\Models\License;
 use App\Models\Setting;
 use App\Models\User;
 use Auth;
@@ -19,6 +22,7 @@ use Redirect;
 use Slack;
 use Validator;
 use View;
+use Illuminate\Http\Request;
 
 /**
  * This controller handles all actions related to the ability for users
@@ -36,11 +40,18 @@ class ViewAssetsController extends Controller
     public function getIndex()
     {
 
-        $user = User::with('assets', 'assets.model', 'consumables', 'accessories', 'licenses', 'userloc')->withTrashed()->find(Auth::user()->id);
-
-        $userlog = $user->userlog->load('assetlog', 'consumablelog', 'assetlog.model', 'licenselog', 'accessorylog', 'userlog', 'adminlog');
+        $user = User::with(
+            'assets',
+            'assets.model',
+            'consumables',
+            'accessories',
+            'licenses',
+            'userloc',
+            'userlog'
+        )->withTrashed()->find(Auth::user()->id);
 
 
+        $userlog = $user->userlog->load('item', 'user', 'target');
 
         if (isset($user->id)) {
             return View::make('account/view-assets', compact('user', 'userlog'));
@@ -58,12 +69,133 @@ class ViewAssetsController extends Controller
     public function getRequestableIndex()
     {
 
-        $assets = Asset::with('model', 'defaultLoc')->Hardware()->RequestableAssets()->get();
+        $assets = Asset::with('model', 'defaultLoc', 'assetloc', 'assigneduser')->Hardware()->RequestableAssets()->get();
+        $models = AssetModel::with('category')->RequestableModels()->get();
 
-        return View::make('account/requestable-assets', compact('user', 'assets'));
+        return View::make('account/requestable-assets', compact('user', 'assets', 'models'));
+    }
+
+    public function getRequestedIndex()
+    {
+        $requestedItems = CheckoutRequest::with('user', 'requestedItem')->get();
+        return View::make('admin/requested-assets', compact('requestedItems'));
     }
 
 
+    public function getRequestItem($itemType, $itemId = null)
+    {
+        $item = null;
+        $fullItemType = 'App\\Models\\' . studly_case($itemType);
+        if ($itemType == "asset_model") {
+            $itemType = "model";
+        }
+        $item = call_user_func(array($fullItemType, 'find'), $itemId);
+        $user = Auth::user();
+        $quantity = $data['item_quantity'] = Input::has('request-quantity') ? e(Input::get('request-quantity')) : 1;
+
+        $logaction = new Actionlog();
+        $logaction->item_id = $data['asset_id'] = $item->id;
+        $logaction->item_type = $fullItemType;
+        $logaction->created_at = $data['requested_date'] = date("Y-m-d H:i:s");
+        if ($user->location_id) {
+            $logaction->location_id = $user->location_id;
+        }
+        $logaction->target_id = $data['user_id'] = Auth::user()->id;
+        $logaction->target_type = User::class;
+
+        $data['requested_by'] = $user->fullName();
+        $data['item_name'] = $item->name;
+        $data['item_type'] = $itemType;
+
+        if ($fullItemType == Asset::class) {
+            $data['item_url'] = route('view/hardware', $item->id);
+            $slackMessage = ' Asset <'.config('app.url').'/hardware/'.$item->id.'/view'.'|'.$item->showAssetName().'> requested by <'.config('app.url').'/users/'.$item->user_id.'/view'.'|'.$user->fullName().'>.';
+        } else {
+            $data['item_url'] = route("view/${itemType}", $item->id);
+            $slackMessage = $quantity. ' ' . class_basename(strtoupper($logaction->item_type)).' <'.$data['item_url'].'|'.$item->name.'> requested by <'.config('app.url').'/user/'.$item->id.'/view'.'|'.$user->fullName().'>.';
+        }
+
+        $settings = Setting::getSettings();
+
+        if ($settings->slack_endpoint) {
+
+            $slack_settings = [
+                'username' => $settings->botname,
+                'channel' => $settings->slack_channel,
+                'link_names' => true
+            ];
+
+            $slackClient = new \Maknz\Slack\Client($settings->slack_endpoint, $slack_settings);
+        }
+
+        if ($item->isRequestedBy($user)) {
+
+            $item->cancelRequest();
+            $log = $logaction->logaction('request_canceled');
+
+            if (($settings->alert_email!='')  && ($settings->alerts_enabled=='1') && (!config('app.lock_passwords'))) {
+                Mail::send('emails.asset-canceled', $data, function ($m) use ($user, $settings) {
+                    $m->to(explode(',', $settings->alert_email), $settings->site_name);
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.Item_Request_Canceled'));
+                });
+            }
+
+            if ($settings->slack_endpoint) {
+                try {
+                        $slackClient->attach([
+                            'color' => 'good',
+                            'fields' => [
+                                [
+                                    'title' => 'CANCELED:',
+                                    'value' => $slackMessage
+                                ]
+
+                            ]
+                        ])->send('Item Request Canceled');
+
+                } catch (Exception $e) {
+
+                }
+            }
+
+            return redirect()->route('requestable-assets')->with('success')->with('success', trans('admin/hardware/message.requests.canceled'));
+
+        } else {
+            $item->request();
+
+            $log = $logaction->logaction('requested');
+
+
+            if (($settings->alert_email!='')  && ($settings->alerts_enabled=='1') && (!config('app.lock_passwords'))) {
+                Mail::send('emails.asset-requested', $data, function ($m) use ($user, $settings) {
+                    $m->to(explode(',', $settings->alert_email), $settings->site_name);
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.Item_Requested'));
+                });
+            }
+
+            if ($settings->slack_endpoint) {
+                try {
+                        $slackClient->attach([
+                            'color' => 'good',
+                            'fields' => [
+                                [
+                                    'title' => 'REQUESTED:',
+                                    'value' => $slackMessage
+                                ]
+
+                            ]
+                        ])->send('Item Requested');
+
+                } catch (Exception $e) {
+
+                }
+            }
+
+            return redirect()->route('requestable-assets')->with('success')->with('success', trans('admin/hardware/message.requests.success'));
+        }
+    }
     public function getRequestAsset($assetId = null)
     {
 
@@ -75,17 +207,23 @@ class ViewAssetsController extends Controller
             return redirect()->route('requestable-assets')->with('error', trans('admin/hardware/message.does_not_exist_or_not_requestable'));
         } elseif (!Company::isCurrentUserHasAccess($asset)) {
             return redirect()->route('requestable-assets')->with('error', trans('general.insufficient_permissions'));
+        }
+        // If it's requested, cancel the request.
+        if ($asset->isRequestedBy(Auth::user())) {
+            $asset->cancelRequest();
+            return redirect()->route('requestable-assets')->with('success')->with('success', trans('admin/hardware/message.requests.success'));
         } else {
 
             $logaction = new Actionlog();
-            $logaction->asset_id = $data['asset_id'] = $asset->id;
-            $logaction->asset_type = $data['asset_type']  = 'hardware';
-            $logaction->created_at = $data['requested_date'] = date("Y-m-d h:i:s");
-
+            $logaction->item_id = $data['asset_id'] = $asset->id;
+            $logaction->item_type = Asset::class;
+            $logaction->created_at = $data['requested_date'] = date("Y-m-d H:i:s");
+            $data['asset_type'] = 'hardware';
             if ($user->location_id) {
                 $logaction->location_id = $user->location_id;
             }
-            $logaction->user_id = $data['user_id'] = Auth::user()->id;
+            $logaction->target_id = $data['user_id'] = Auth::user()->id;
+            $logaction->target_type = User::class;
             $log = $logaction->logaction('requested');
 
             $data['requested_by'] = $user->fullName();
@@ -96,10 +234,13 @@ class ViewAssetsController extends Controller
             if (($settings->alert_email!='')  && ($settings->alerts_enabled=='1') && (!config('app.lock_passwords'))) {
                 Mail::send('emails.asset-requested', $data, function ($m) use ($user, $settings) {
                     $m->to(explode(',', $settings->alert_email), $settings->site_name);
-                    $m->subject('Asset Requested');
+                    $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                    $m->subject(trans('mail.asset_requested'));
                 });
             }
 
+            $asset->request();
+
 
             if ($settings->slack_endpoint) {
 
@@ -118,7 +259,7 @@ class ViewAssetsController extends Controller
                             'fields' => [
                                 [
                                     'title' => 'REQUESTED:',
-                                    'value' => strtoupper($logaction->asset_type).' asset <'.config('app.url').'/hardware/'.$asset->id.'/view'.'|'.$asset->showAssetName().'> requested by <'.config('app.url').'/hardware/'.$asset->id.'/view'.'|'.Auth::user()->fullName().'>.'
+                                    'value' => class_basename(strtoupper($logaction->item_type)).' asset <'.config('app.url').'/hardware/'.$asset->id.'/view'.'|'.$asset->showAssetName().'> requested by <'.config('app.url').'/hardware/'.$asset->id.'/view'.'|'.Auth::user()->fullName().'>.'
                                 ]
 
                             ]
@@ -136,34 +277,36 @@ class ViewAssetsController extends Controller
 
     }
 
+    public function getRequestedAssets()
+    {
+        $checkoutrequests = CheckoutRequest::all();
+
+        return View::make('account/requested-items', compact($checkoutrequests));
+    }
+
 
 
     // Get the acceptance screen
     public function getAcceptAsset($logID = null)
     {
 
-        if (is_null($findlog = Actionlog::find($logID))) {
-            // Redirect to the asset management page
-            return redirect()->to('account')->with('error', trans('admin/hardware/message.does_not_exist'));
+        if (!$findlog = Actionlog::where('id', $logID)->first()) {
+            echo 'no record';
+            //return redirect()->to('account')->with('error', trans('admin/hardware/message.does_not_exist'));
+        }
+
+        if ($findlog->accepted_id!='') {
+            return redirect()->to('account/view-assets')->with('error', trans('admin/users/message.error.asset_already_accepted'));
         }
 
         $user = Auth::user();
 
-        if ($user->id != $findlog->checkedout_to) {
+
+        if ($user->id != $findlog->item->assigned_to) {
             return redirect()->to('account/view-assets')->with('error', trans('admin/users/message.error.incorrect_user_accepted'));
         }
 
-        // Asset
-        if (($findlog->asset_id!='') && ($findlog->asset_type=='hardware')) {
-            $item = Asset::find($findlog->asset_id);
-
-        // software
-        } elseif (($findlog->asset_id!='') && ($findlog->asset_type=='software')) {
-            $item = License::find($findlog->asset_id);
-        // accessories
-        } elseif ($findlog->accessory_id!='') {
-            $item = Accessory::find($findlog->accessory_id);
-        }
+        $item = $findlog->item;
 
         // Check if the asset exists
         if (is_null($item)) {
@@ -172,25 +315,20 @@ class ViewAssetsController extends Controller
         } elseif (!Company::isCurrentUserHasAccess($item)) {
             return redirect()->route('requestable-assets')->with('error', trans('general.insufficient_permissions'));
         } else {
-            return View::make('account/accept-asset', compact('item'))->with('findlog', $findlog);
+            return View::make('account/accept-asset', compact('item'))->with('findlog', $findlog)->with('item',$item);
         }
     }
 
     // Save the acceptance
-    public function postAcceptAsset($logID = null)
+    public function postAcceptAsset(Request $request, $logID = null)
     {
 
         // Check if the asset exists
-        if (is_null($findlog = Actionlog::find($logID))) {
+        if (is_null($findlog = Actionlog::where('id', $logID)->first())) {
             // Redirect to the asset management page
             return redirect()->to('account/view-assets')->with('error', trans('admin/hardware/message.does_not_exist'));
         }
 
-        // NOTE: make sure the global scope is applied
-        $is_unauthorized = is_null(Actionlog::where('id', '=', $logID)->first());
-        if ($is_unauthorized) {
-            return redirect()->route('requestable-assets')->with('error', trans('general.insufficient_permissions'));
-        }
 
         if ($findlog->accepted_id!='') {
             // Redirect to the asset management page
@@ -198,15 +336,25 @@ class ViewAssetsController extends Controller
         }
 
         if (!Input::has('asset_acceptance')) {
-            return redirect()->to('account/view-assets')->with('error', trans('admin/users/message.error.accept_or_decline'));
+            return redirect()->back()->with('error', trans('admin/users/message.error.accept_or_decline'));
         }
 
         $user = Auth::user();
 
-        if ($user->id != $findlog->checkedout_to) {
+        if ($user->id != $findlog->item->assigned_to) {
             return redirect()->to('account/view-assets')->with('error', trans('admin/users/message.error.incorrect_user_accepted'));
         }
 
+        if ($request->has('signature_output')) {
+            $path = config('app.private_uploads').'/signatures';
+            $sig_filename = "siglog-".$findlog->id.'-'.date('Y-m-d-his').".png";
+            $data_uri = e($request->get('signature_output'));
+            $encoded_image = explode(",", $data_uri);
+            $decoded_image = base64_decode($encoded_image[1]);
+            file_put_contents($path."/".$sig_filename, $decoded_image);
+        }
+
+
         $logaction = new Actionlog();
 
         if (Input::get('asset_acceptance')=='accepted') {
@@ -218,46 +366,35 @@ class ViewAssetsController extends Controller
             $accepted="rejected";
             $return_msg = trans('admin/users/message.declined');
         }
+            $logaction->item_id      = $findlog->item_id;
+            $logaction->item_type    = $findlog->item_type;
 
         // Asset
-        if (($findlog->asset_id!='') && ($findlog->asset_type=='hardware')) {
-            $logaction->asset_id = $findlog->asset_id;
-            $logaction->accessory_id = null;
-            $logaction->asset_type = 'hardware';
-
+        if (($findlog->item_id!='') && ($findlog->item_type==Asset::class)) {
             if (Input::get('asset_acceptance')!='accepted') {
                 DB::table('assets')
-                ->where('id', $findlog->asset_id)
+                ->where('id', $findlog->item_id)
                 ->update(array('assigned_to' => null));
             }
-
-
-        // software
-        } elseif (($findlog->asset_id!='') && ($findlog->asset_type=='software')) {
-            $logaction->asset_id = $findlog->asset_id;
-            $logaction->accessory_id = null;
-            $logaction->asset_type = 'software';
-
-        // accessories
-        } elseif ($findlog->accessory_id!='') {
-            $logaction->asset_id = null;
-            $logaction->accessory_id = $findlog->accessory_id;
-            $logaction->asset_type = 'accessory';
         }
 
-        $logaction->checkedout_to = $findlog->checkedout_to;
-
+        $logaction->target_id = $findlog->target_id;
+        $logaction->target_type = User::class;
         $logaction->note = e(Input::get('note'));
-        $logaction->user_id = $user->id;
-        $logaction->accepted_at = date("Y-m-d h:i:s");
+        $logaction->updated_at = date("Y-m-d H:i:s");
+
+
+        if (isset($sig_filename)) {
+            $logaction->accept_signature = $sig_filename;
+        }
         $log = $logaction->logaction($logaction_msg);
 
-        $update_checkout = DB::table('asset_logs')
+        $update_checkout = DB::table('action_logs')
         ->where('id', $findlog->id)
         ->update(array('accepted_id' => $logaction->id));
 
-            $affected_asset=$logaction->assetlog;
-            $affected_asset->accepted=$accepted;
+            $affected_asset = $logaction->item;
+            $affected_asset->accepted = $accepted;
             $affected_asset->save();
 
         if ($update_checkout) {

app/Http/Kernel.php

@@ -14,13 +14,15 @@ class Kernel extends HttpKernel
      * @var array
      */
     protected $middleware = [
-        \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
+        \MisterPhilip\MaintenanceMode\Http\Middleware\CheckForMaintenanceMode::class,
         \Illuminate\Session\Middleware\StartSession::class,
         \Illuminate\View\Middleware\ShareErrorsFromSession::class,
         \App\Http\Middleware\FrameGuard::class,
         \App\Http\Middleware\XssProtectHeader::class,
         \App\Http\Middleware\NosniffGuard::class,
         \App\Http\Middleware\CheckForSetup::class,
+        \Fideloper\Proxy\TrustProxies::class,
+        \App\Http\Middleware\CheckForDebug::class,
     ];
 
     /**
@@ -34,6 +36,7 @@ class Kernel extends HttpKernel
             \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
             \App\Http\Middleware\VerifyCsrfToken::class,
             \App\Http\Middleware\CheckLocale::class,
+            \App\Http\Middleware\CheckForTwoFactor::class,
         ],
 
         'api' => [

app/Http/Middleware/CheckForDebug.php

@@ -0,0 +1,27 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Auth;
+
+class CheckForDebug
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        view()->share('debug_in_production', false);
+
+        if (((Auth::check() && (Auth::user()->isSuperUser()))) && (app()->environment()=='production') && (config('app.warn_debug')===true) && (config('app.debug')===true)) {
+          view()->share('debug_in_production', true);
+        }
+
+        return $next($request);
+    }
+}

app/Http/Middleware/CheckForSetup.php

@@ -14,23 +14,28 @@ class CheckForSetup
     public function handle($request, Closure $next, $guard = null)
     {
 
-            if (Setting::setupCompleted()) {
+        // This is dumb
+        if ($request->is('_debugbar*')) {
+            return $next($request);
+        }
 
-                if  ($request->is('setup*')) {
-                    return redirect(config('app.url'));
-                } else {
-                    return $next($request);
-                }
+        if (Setting::setupCompleted()) {
 
+            if ($request->is('setup*')) {
+                return redirect(config('app.url'));
             } else {
-                if (!$request->is('setup*')) {
-                    return redirect(config('app.url').'/setup')->with('Request',$request);
-                }
-
                 return $next($request);
-
             }
 
+        } else {
+            if (!($request->is('setup*')) && !($request->is('.env'))) {
+                return redirect(config('app.url').'/setup')->with('Request', $request);
+            }
+
+            return $next($request);
+
+        }
+
 
     }
 }

app/Http/Middleware/CheckForTwoFactor.php

@@ -0,0 +1,52 @@
+<?php
+namespace App\Http\Middleware;
+
+use App\Models\Setting;
+use Auth;
+use Closure;
+use Illuminate\Support\Facades\Schema;
+use Log;
+
+class CheckForTwoFactor
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+
+        // Skip the logic if the user is on the two factor pages or the setup pages
+        if (($request->route()->getName()=='two-factor') || ($request->route()->getName()=='two-factor-enroll') || ($request->route()->getPrefix()=='setup') || ($request->route()->getName()=='logout')) {
+            return $next($request);
+        }
+
+        // Two-factor is enabled (either optional or required)
+        if (Setting::getSettings()) {
+            if (Auth::check() && (Setting::getSettings()->two_factor_enabled!='')) {
+
+                // This user is already 2fa-authed
+                if ($request->session()->get('2fa_authed')) {
+                    return $next($request);
+                }
+
+                // Two-factor is optional and the user has NOT opted in, let them through
+                if ((Setting::getSettings()->two_factor_enabled=='1') && (Auth::user()->two_factor_optin!='1')) {
+                    return $next($request);
+                }
+
+                // Otherwise make sure they're enrolled and show them the 2FA code screen
+                if ((Auth::user()->two_factor_secret!='') && (Auth::user()->two_factor_enrolled=='1')) {
+                    return redirect()->route('two-factor')->with('info', 'Please enter your two-factor authentication code.');
+                }
+
+                return redirect()->route('two-factor-enroll')->with('success', 'Please enroll a device in two-factor authentication.');
+            }
+        }
+        return $next($request);
+
+    }
+}

app/Http/Middleware/CheckLocale.php

@@ -21,7 +21,9 @@ class CheckLocale
 
     public function handle($request, Closure $next, $guard = null)
     {
-        if (Schema::hasTable('settings')) {
+
+
+        if (Setting::getSettings()) {
             // User's preference
             if (($request->user()) && ($request->user()->locale)) {
                 \App::setLocale($request->user()->locale);

app/Http/Middleware/CheckPermissions.php

@@ -5,27 +5,35 @@ namespace App\Http\Middleware;
 use Closure;
 use Config;
 use Route;
+use Gate;
 
 class CheckPermissions
 {
   /**
    * Handle the ACLs for permissions.
    *
+   * The $section variable is passed via the route middleware,
+   * 'middleware' => [authorize:superadmin']
+   *
    * @param  \Illuminate\Http\Request  $request
    * @param  \Closure  $next
-   * @param  string|null  $guard
+   * @param  string|null  $section
    * @return mixed
    */
-    public function handle($request, Closure $next, $section = null, $guard = null)
+    public function handle($request, Closure $next, $section = null)
     {
 
-        if (($request->user()->hasAccess($section)) || ($request->user()->isSuperUser())) {
+
+        if (Gate::allows($section)) {
             return $next($request);
         }
 
         return response()->view('layouts/basic', [
-          'content' => view('errors/403')
+            'content' => view('errors/403')
         ]);
 
+
+
+
     }
 }

app/Http/Middleware/FrameGuard.php

@@ -15,7 +15,10 @@ class FrameGuard
     public function handle($request, Closure $next)
     {
         $response = $next($request);
-        $response->headers->set('X-Frame-Options', 'SAMEORIGIN', false);
+        if (config('app.allow_iframing') == false) {
+            $response->headers->set('X-Frame-Options', 'SAMEORIGIN', false);
+        }
         return $response;
+
     }
 }

app/Http/Middleware/RedirectIfAuthenticated.php

@@ -18,7 +18,7 @@ class RedirectIfAuthenticated
     public function handle($request, Closure $next, $guard = null)
     {
         if (Auth::guard($guard)->check()) {
-            return redirect('/');
+            return redirect()->intended('/');
         }
 
         return $next($request);

app/Http/Requests/AssetRequest.php

@@ -4,6 +4,7 @@ namespace App\Http\Requests;
 
 use App\Http\Requests\Request;
 use App\Models\AssetModel;
+use Session;
 
 class AssetRequest extends Request
 {
@@ -30,29 +31,32 @@ class AssetRequest extends Request
           'status_id'       => 'required|integer',
           'company_id'      => 'integer',
           'warranty_months' => 'integer|min:0|max:240',
-          'physical'         => 'integer',
-          'checkout_date'   => 'date|max:10|min:10',
-          'checkin_date'    => 'date|max:10|min:10',
+          'physical'        => 'integer',
+          'checkout_date'   => 'date',
+          'checkin_date'    => 'date',
           'supplier_id'     => 'integer',
-          'asset_tag'       => 'required|min:2|max:255|unique:assets,asset_tag,NULL,deleted_at',
           'status'          => 'integer',
+          'asset_tag'       => 'required',
+          'purchase_cost'   => 'numeric',
+    
         ];
 
         $model = AssetModel::find($this->request->get('model_id'));
 
-        if (($model) && ($model->fieldset))
-        {
+        if (($model) && ($model->fieldset)) {
             $rules += $model->fieldset->validation_rules();
         }
 
 
-
         return $rules;
 
     }
 
     public function response(array $errors)
     {
-        return $this->redirector->back()->withInput()->withErrors($errors, $this->errorBag);
+        $this->session()->flash('errors', Session::get('errors', new \Illuminate\Support\ViewErrorBag)
+            ->put('default', new \Illuminate\Support\MessageBag($errors)));
+        \Input::flash();
+        return parent::response($errors);
     }
 }

app/Http/Requests/Request.php

@@ -13,9 +13,9 @@ abstract class Request extends FormRequest
         return $this->rules;
     }
 
-    public function response(array $errors)
-    {
-        $this->session->flash('errorMessages', $errors);
-        return $this->redirector->back()->withErrors($errors)->withInput();
-    }
+    // public function response(array $errors)
+    // {
+    //     $this->session->flash('errorMessages', $errors);
+    //     return $this->redirector->back()->withErrors($errors)->withInput();
+    // }
 }

app/Http/Requests/SaveUserRequest.php

@@ -0,0 +1,34 @@
+<?php
+
+namespace App\Http\Requests;
+
+use App\Http\Requests\Request;
+
+class SaveUserRequest extends Request
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     *
+     * @return bool
+     */
+    public function authorize()
+    {
+        return true;
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'first_name'              => 'required|string|min:1',
+            'email'                   => 'email',
+            'password'                => 'required|min:6',
+            'password_confirm'        => 'sometimes|required_with:password',
+            'username'                => 'required|string|min:2|unique:users,username,NULL,deleted_at',
+        ];
+    }
+}

app/Http/Requests/SettingRequest.php

@@ -1,64 +0,0 @@
-<?php
-
-namespace App\Http\Requests;
-
-use App\Http\Requests\Request;
-
-class SettingRequest extends Request
-{
-    /**
-     * Determine if the user is authorized to make this request.
-     *
-     * @return bool
-     */
-    public function authorize()
-    {
-        return true;
-    }
-
-    /**
-     * Get the validation rules that apply to the request.
-     *
-     * @return array
-     */
-    public function rules()
-    {
-        return [
-          "brand"     => 'required|min:1|numeric',
-          "qr_text"         => 'min:1|max:31',
-          "logo_img"        => 'mimes:jpeg,bmp,png,gif',
-          "custom_css"   => 'string',
-          "alert_email"   => 'email_array',
-          "slack_endpoint"   => 'url',
-          "default_currency"   => 'required',
-          "locale"   => 'required',
-          "slack_channel"   => 'regex:/(?<!\w)#\w+/',
-          "slack_botname"   => 'string',
-          'labels_per_page' => 'numeric',
-          'labels_width' => 'numeric',
-          'labels_height' => 'numeric',
-          'labels_pmargin_left' => 'numeric',
-          'labels_pmargin_right' => 'numeric',
-          'labels_pmargin_top' => 'numeric',
-          'labels_pmargin_bottom' => 'numeric',
-          'labels_display_bgutter' => 'numeric',
-          'labels_display_sgutter' => 'numeric',
-          'labels_fontsize' => 'numeric|min:5',
-          'labels_pagewidth' => 'numeric',
-          'labels_pageheight' => 'numeric',
-          "ldap_server"   => 'sometimes|required_if:ldap_enabled,1|url',
-          "ldap_uname"     => 'sometimes|required_if:ldap_enabled,1',
-          "ldap_basedn"     => 'sometimes|required_if:ldap_enabled,1',
-          "ldap_filter"     => 'sometimes|required_if:ldap_enabled,1',
-          "ldap_username_field"     => 'sometimes|required_if:ldap_enabled,1',
-          "ldap_lname_field"     => 'sometimes|required_if:ldap_enabled,1',
-          "ldap_auth_filter_query"     => 'sometimes|required_if:ldap_enabled,1',
-          "ldap_version"     => 'sometimes|required_if:ldap_enabled,1',
-        ];
-    }
-
-    public function response(array $errors)
-    {
-        return $this->redirector->back()->withInput()->withErrors($errors, $this->errorBag);
-    }
-}

app/Http/Requests/SetupUserRequest.php

@@ -24,14 +24,14 @@ class SetupUserRequest extends Request
     public function rules()
     {
         return [
+          'site_name' => 'required|string|min:1',
           'first_name' => 'required|string|min:1',
           'last_name' => 'required|string|min:1',
-          'location_id' => 'numeric',
           'username' => 'required|string|min:2|unique:users,username,NULL,deleted_at',
           'email' => 'email|unique:users,email',
           'password' => 'required|min:6',
           'password_confirm' => 'required|min:6|same:password',
-          'company_id' => 'integer',
+          'email_domain' => 'required|min:4',
         ];
     }
 

app/Http/Requests/UpdateUserRequest.php

@@ -4,7 +4,7 @@ namespace App\Http\Requests;
 
 use App\Http\Requests\Request;
 
-class ComponentCheckoutRequest extends Request
+class UpdateUserRequest extends Request
 {
     /**
      * Determine if the user is authorized to make this request.
@@ -24,8 +24,9 @@ class ComponentCheckoutRequest extends Request
     public function rules()
     {
         return [
-            "asset_id"   => 'required',
-            "assigned_qty"   => 'required|numeric|min:1',
+            'first_name'              => 'required|string|min:1',
+            'email'                   => 'email',
+            'password_confirm'        => 'sometimes|required_with:password',
         ];
     }
 }

app/Http/Traits/UniqueUndeletedTrait.php

@@ -0,0 +1,23 @@
+<?php
+namespace App\Http\Traits;
+
+trait UniqueUndeletedTrait
+{
+
+    /**
+    * Prepare a unique_ids rule, adding a model identifier if required.
+    *
+    * @param  array  $parameters
+    * @param  string $field
+    * @return string
+    */
+    protected function prepareUniqueUndeletedRule($parameters, $field)
+    {
+        // Only perform a replacement if the model has been persisted.
+        if ($this->exists) {
+            return 'unique_undeleted:'.$this->table.','. $this->getKey();
+        }
+
+        return 'unique_undeleted:'.$this->table.',0';
+    }
+}

app/Http/routes.php

@@ -1,6 +1,7 @@
 <?php
-use App\Models\Statuslabel;
+use App\Models\CheckoutRequest;
 use App\Models\Location;
+use App\Models\Statuslabel;
 
 /*
 |--------------------------------------------------------------------------
@@ -10,7 +11,7 @@ use App\Models\Location;
 Route::group([ 'prefix' => 'api', 'middleware' => 'auth' ], function () {
 
     /*---Hardware API---*/
-    Route::group([ 'prefix' => 'hardware','middleware' => ['web','auth','authorize:hardware']], function () {
+    Route::group([ 'prefix' => 'hardware','middleware' => ['web','auth','authorize:assets.view']], function () {
 
         Route::get('list/{status?}', [ 'as' => 'api.hardware.list', 'uses' => 'AssetsController@getDatatable' ]);
 
@@ -35,6 +36,7 @@ Route::group([ 'prefix' => 'api', 'middleware' => 'auth' ], function () {
         });
 
         Route::get('list', [ 'as' => 'api.statuslabels.list', 'uses' => 'StatuslabelsController@getDatatable' ]);
+        Route::get('assets', [ 'as' => 'api.statuslabels.assets', 'uses' => 'StatuslabelsController@getAssetCountByStatuslabel' ]);
 
     });
 
@@ -77,7 +79,7 @@ Route::group([ 'prefix' => 'api', 'middleware' => 'auth' ], function () {
     /*---Manufacturers API---*/
     Route::group(array('prefix'=>'manufacturers'), function () {
         Route::get('list', array('as'=>'api.manufacturers.list', 'uses'=>'ManufacturersController@getDatatable'));
-        Route::get('{manufacturerID}/view', array('as'=>'api.manufacturers.view', 'uses'=>'ManufacturersController@getDataView'));
+        Route::get('{manufacturerID}/view/{itemtype}', array('as'=>'api.manufacturers.view', 'uses'=>'ManufacturersController@getDataView'));
     });
 
     /*---Suppliers API---*/
@@ -88,6 +90,7 @@ Route::group([ 'prefix' => 'api', 'middleware' => 'auth' ], function () {
     /*---Users API---*/
     Route::group([ 'prefix' => 'users' ], function () {
         Route::post('/', [ 'as' => 'api.users.store', 'uses' => 'UsersController@store' ]);
+        Route::post('two_factor_reset', [ 'as' => 'api.users.two_factor_reset', 'uses' => 'UsersController@postTwoFactorReset' ]);
         Route::get('list/{status?}', [ 'as' => 'api.users.list', 'uses' => 'UsersController@getDatatable' ]);
         Route::get('{userId}/assets', [ 'as' => 'api.users.assetlist', 'uses' => 'UsersController@getAssetList' ]);
         Route::post('{userId}/upload', [ 'as' => 'upload/user', 'uses' => 'UsersController@postUpload' ]);
@@ -137,14 +140,22 @@ Route::group([ 'prefix' => 'api', 'middleware' => 'auth' ], function () {
     Route::group([ 'prefix' => 'categories' ], function () {
 
         Route::get('list', [ 'as' => 'api.categories.list', 'uses' => 'CategoriesController@getDatatable' ]);
-        Route::get( '{categoryID}/asset/view',
-            [ 'as' => 'api.categories.asset.view', 'uses' => 'CategoriesController@getDataViewAssets' ] );
-        Route::get( '{categoryID}/accessory/view',
-            [ 'as' => 'api.categories.accessory.view', 'uses' => 'CategoriesController@getDataViewAccessories' ] );
-        Route::get( '{categoryID}/consumable/view',
-            [ 'as' => 'api.categories.consumable.view', 'uses' => 'CategoriesController@getDataViewConsumables' ] );
-        Route::get( '{categoryID}/component/view',
-            [ 'as' => 'api.categories.component.view', 'uses' => 'CategoriesController@getDataViewComponent' ] );
+        Route::get(
+            '{categoryID}/asset/view',
+            [ 'as' => 'api.categories.asset.view', 'uses' => 'CategoriesController@getDataViewAssets' ]
+        );
+        Route::get(
+            '{categoryID}/accessory/view',
+            [ 'as' => 'api.categories.accessory.view', 'uses' => 'CategoriesController@getDataViewAccessories' ]
+        );
+        Route::get(
+            '{categoryID}/consumable/view',
+            [ 'as' => 'api.categories.consumable.view', 'uses' => 'CategoriesController@getDataViewConsumables' ]
+        );
+        Route::get(
+            '{categoryID}/component/view',
+            [ 'as' => 'api.categories.component.view', 'uses' => 'CategoriesController@getDataViewComponent' ]
+        );
     });
 
     /*-- Suppliers API (mostly for creating new ones in-line while creating an asset) --*/
@@ -161,7 +172,6 @@ Route::group([ 'prefix' => 'api', 'middleware' => 'auth' ], function () {
         );
     });
 
-
 });
 
 /*
@@ -176,75 +186,142 @@ Route::group([ 'prefix' => 'api', 'middleware' => 'auth' ], function () {
 Route::group(
     [ 'prefix' => 'hardware',
     'middleware' => ['web',
-    'auth',
-    'authorize:hardware']],
+    'auth']],
     function () {
 
+        Route::get('history', [
+            'as' => 'asset.import-history',
+            'middleware' => 'authorize:assets.checkout',
+            'uses' => 'AssetsController@getImportHistory'
+        ]);
+
+        Route::post('history', [
+            'as' => 'asset.process-import-history',
+            'middleware' => 'authorize:assets.checkout',
+            'uses' => 'AssetsController@postImportHistory'
+        ]);
+
+
         Route::get('create/{model?}', [
                 'as'   => 'create/hardware',
+                'middleware' => 'authorize:assets.create',
                 'uses' => 'AssetsController@getCreate'
             ]);
 
         Route::post('create', [
                 'as'   => 'savenew/hardware',
+                'middleware' => 'authorize:assets.create',
                 'uses' => 'AssetsController@postCreate'
             ]);
 
         Route::get('{assetId}/edit', [
                 'as'   => 'update/hardware',
+                'middleware' => 'authorize:assets.edit',
                 'uses' => 'AssetsController@getEdit'
             ]);
+        Route::get('/bytag', [
+            'as'   => 'findbytag/hardware',
+            'middleware' => 'authorize:assets.view',
+            'uses' => 'AssetsController@getAssetByTag'
+        ]);
+
+        Route::get('{assetId}/clone', [
+            'as' => 'clone/hardware',
+            'middleware' => 'authorize:assets.create',
+            'uses' => 'AssetsController@getClone'
+        ]);
 
-        Route::get('{assetId}/clone', [ 'as' => 'clone/hardware', 'uses' => 'AssetsController@getClone' ]);
         Route::post('{assetId}/clone', 'AssetsController@postCreate');
-        Route::get('{assetId}/delete', [ 'as' => 'delete/hardware', 'uses' => 'AssetsController@getDelete' ]);
-        Route::get(
-            '{assetId}/checkout',
-            [ 'as' => 'checkout/hardware', 'uses' => 'AssetsController@getCheckout' ]
-        );
-        Route::post('{assetId}/checkout', 'AssetsController@postCheckout');
-        Route::get(
-            '{assetId}/checkin/{backto?}',
-            [ 'as' => 'checkin/hardware', 'uses' => 'AssetsController@getCheckin' ]
-        );
-        Route::post('{assetId}/checkin/{backto?}', 'AssetsController@postCheckin');
-        Route::get('{assetId}/view', [ 'as' => 'view/hardware', 'uses' => 'AssetsController@getView' ]);
+        Route::get('{assetId}/delete', [
+            'as' => 'delete/hardware',
+            'middleware' => 'authorize:assets.delete',
+            'uses' => 'AssetsController@getDelete'
+        ]);
+        Route::get('{assetId}/checkout', [
+            'as' => 'checkout/hardware',
+            'middleware' => 'authorize:assets.checkout',
+            'uses' => 'AssetsController@getCheckout'
+        ]);
+        Route::post('{assetId}/checkout', [
+            'as' => 'checkout/hardware',
+            'middleware' => 'authorize:assets.checkout',
+            'uses' => 'AssetsController@postCheckout'
+        ]);
+        Route::get('{assetId}/checkin/{backto?}', [
+            'as' => 'checkin/hardware',
+            'middleware' => 'authorize:assets.checkin',
+            'uses' => 'AssetsController@getCheckin'
+        ]);
+
+        Route::post('{assetId}/checkin/{backto?}', [
+            'as' => 'checkin/hardware',
+            'middleware' => 'authorize:assets.checkin',
+            'uses' => 'AssetsController@postCheckin'
+        ]);
+        Route::get('{assetId}/view', [
+            'as' => 'view/hardware',
+            'middleware' => ['authorize:assets.view'],
+            'uses' => 'AssetsController@getView'
+        ]);
         Route::get('{assetId}/qr-view', [ 'as' => 'qr-view/hardware', 'uses' => 'AssetsController@getView' ]);
         Route::get('{assetId}/qr_code', [ 'as' => 'qr_code/hardware', 'uses' => 'AssetsController@getQrCode' ]);
         Route::get('{assetId}/barcode', [ 'as' => 'barcode/hardware', 'uses' => 'AssetsController@getBarCode' ]);
-        Route::get('{assetId}/restore', [ 'as' => 'restore/hardware', 'uses' => 'AssetsController@getRestore' ]);
-        Route::post('{assetId}/upload', [ 'as' => 'upload/asset', 'uses' => 'AssetsController@postUpload' ]);
-        Route::get(
-            '{assetId}/deletefile/{fileId}',
-            [ 'as' => 'delete/assetfile', 'uses' => 'AssetsController@getDeleteFile' ]
-        );
-        Route::get(
-            '{assetId}/showfile/{fileId}',
-            [ 'as' => 'show/assetfile', 'uses' => 'AssetsController@displayFile' ]
-        );
+        Route::get('{assetId}/restore', [
+            'as' => 'restore/hardware',
+            'middleware' => 'authorize:assets.delete',
+            'uses' => 'AssetsController@getRestore'
+        ]);
+        Route::post('{assetId}/upload', [
+            'as' => 'upload/asset',
+            'middleware' => 'authorize:assets.edit',
+            'uses' => 'AssetsController@postUpload'
+        ]);
 
-        Route::get(
-            'import/delete-import/{filename}',
-            [ 'as' => 'assets/import/delete-file', 'uses' => 'AssetsController@getDeleteImportFile' ]
-        );
+        Route::get('{assetId}/deletefile/{fileId}', [
+            'as' => 'delete/assetfile',
+            'middleware' => 'authorize:assets.edit',
+            'uses' => 'AssetsController@getDeleteFile'
+        ]);
 
-        Route::get(
-            'import/process/{filename}',
-            [ 'as' => 'assets/import/process-file', 'uses' => 'AssetsController@getProcessImportFile' ]
-        );
+        Route::get('{assetId}/showfile/{fileId}', [
+            'as' => 'show/assetfile',
+            'middleware' => 'authorize:assets.view',
+            'uses' => 'AssetsController@displayFile'
+        ]);
 
-        Route::get(
-            'import',
-            [ 'as' => 'assets/import', 'uses' => 'AssetsController@getImportUpload' ]
-        );
+        Route::get('import/delete-import/{filename}',  [
+                'as' => 'assets/import/delete-file',
+                'middleware' => 'authorize:assets.create',
+                'uses' => 'AssetsController@getDeleteImportFile'
+        ]);
+
+        Route::post( 'import/process/', [ 'as' => 'assets/import/process-file',
+                'middleware' => 'authorize:assets.create',
+                'uses' => 'AssetsController@postProcessImportFile'
+        ]);
+        Route::get( 'import/delete/{filename}', [ 'as' => 'assets/import/delete-file',
+                'middleware' => 'authorize:assets.create', // TODO What permissions should this require?
+                'uses' => 'AssetsController@getDeleteImportFile'
+        ]);
+
+        Route::get('import',[
+                'as' => 'assets/import',
+                'middleware' => 'authorize:assets.create',
+                'uses' => 'AssetsController@getImportUpload'
+        ]);
 
 
-        Route::post('{assetId}/edit', 'AssetsController@postEdit');
+        Route::post('{assetId}/edit',[
+            'as' => 'assets/import',
+            'middleware' => 'authorize:assets.edit',
+            'uses' => 'AssetsController@postEdit'
+        ]);
 
         Route::post(
             'bulkedit',
             [
                 'as'   => 'hardware/bulkedit',
+                'middleware' => 'authorize:assets.edit',
                 'uses' => 'AssetsController@postBulkEdit'
             ]
         );
@@ -252,6 +329,7 @@ Route::group(
             'bulkdelete',
             [
                 'as'   => 'hardware/bulkdelete',
+                'middleware' => 'authorize:assets.delete',
                 'uses' => 'AssetsController@postBulkDelete'
             ]
         );
@@ -259,34 +337,72 @@ Route::group(
             'bulksave',
             [
                 'as'   => 'hardware/bulksave',
+                'middleware' => 'authorize:assets.edit',
                 'uses' => 'AssetsController@postBulkSave'
             ]
         );
 
-        # Asset Model Management
-        Route::group([ 'prefix' => 'models', 'middleware' => 'auth' ], function () {
+        # Bulk checkout / checkin
+         Route::get( 'bulkcheckout',  [
+                 'as' => 'hardware/bulkcheckout',
+                 'middleware' => 'authorize:assets.checkout',
+                 'uses' => 'AssetsController@getBulkCheckout'
+         ]);
+        Route::post( 'bulkcheckout',  [
+            'as' => 'hardware/bulkcheckout',
+            'middleware' => 'authorize:assets.checkout',
+            'uses' => 'AssetsController@postBulkCheckout'
+        ]);
 
-            Route::get('/', [ 'as' => 'models', 'uses' => 'AssetModelsController@getIndex' ]);
-            Route::get('create', [ 'as' => 'create/model', 'uses' => 'AssetModelsController@getCreate' ]);
+        # Asset Model Management
+        Route::group([ 'prefix' => 'models', 'middleware' => ['auth'] ], function () {
+
+            Route::get('create', [ 'as' => 'create/model', 'uses' => 'AssetModelsController@getCreate', 'middleware' => ['authorize:superuser'] ]);
             Route::post('create', 'AssetModelsController@postCreate');
-            Route::get('{modelId}/edit', [ 'as' => 'update/model', 'uses' => 'AssetModelsController@getEdit' ]);
-            Route::post('{modelId}/edit', 'AssetModelsController@postEdit');
+            Route::get('{modelId}/edit', [ 'as' => 'update/model', 'uses' => 'AssetModelsController@getEdit' , 'middleware' => ['authorize:superuser']]);
+            Route::post('{modelId}/edit', [ 'uses' => 'AssetModelsController@postEdit', 'middleware' => ['authorize:superuser']]);
             Route::get('{modelId}/clone', [ 'as' => 'clone/model', 'uses' => 'AssetModelsController@getClone' ]);
             Route::post('{modelId}/clone', 'AssetModelsController@postCreate');
-            Route::get('{modelId}/delete', [ 'as' => 'delete/model', 'uses' => 'AssetModelsController@getDelete' ]);
+            Route::get('{modelId}/delete', [ 'as' => 'delete/model', 'uses' => 'AssetModelsController@getDelete', 'middleware' => ['authorize:superuser'] ]);
             Route::get('{modelId}/view', [ 'as' => 'view/model', 'uses' => 'AssetModelsController@getView' ]);
-            Route::get('{modelID}/restore', [ 'as' => 'restore/model', 'uses' => 'AssetModelsController@getRestore' ]);
+            Route::get('{modelID}/restore', [ 'as' => 'restore/model', 'uses' => 'AssetModelsController@getRestore', 'middleware' => ['authorize:superuser'] ]);
             Route::get('{modelId}/custom_fields', ['as' => 'custom_fields/model','uses' => 'AssetModelsController@getCustomFields']);
+            Route::get('/', [ 'as' => 'models', 'uses' => 'AssetModelsController@getIndex' ,'middleware' => ['authorize:superuser'] ]);
         });
 
         Route::get('/', [
                 'as'   => 'hardware',
+                'middleware' => 'authorize:assets.view',
                 'uses' => 'AssetsController@getIndex'
             ]);
 
     }
 );
 
+/*
+|--------------------------------------------------------------------------
+| Log Routes
+|--------------------------------------------------------------------------
+|
+| Register all the admin routes.
+|
+*/
+
+Route::group(['middleware' => 'auth'], function () {
+
+    Route::get(
+        'display-sig/{filename}',
+        [
+            'as' => 'log.signature.view',
+            'middleware' => 'authorize:assets.view',
+            'uses' => 'ActionlogController@displaySig' ]
+    );
+
+
+});
+
+
+
 /*
 |--------------------------------------------------------------------------
 | Admin Routes
@@ -296,62 +412,99 @@ Route::group(
 |
 */
 
-Route::group([ 'prefix' => 'admin','middleware' => ['web','auth','authorize:admin']], function () {
+Route::group([ 'prefix' => 'admin','middleware' => ['web','auth']], function () {
 
+    Route::get('requests',
+        // foreach( CheckoutRequest::with('user')->get() as $requestedItem) {
+        //     echo $requestedItem->user->username . ' requested ' . $requestedItem->requestedItem->name;
+            [
+            'as' => 'requests',
+            'middleware' => 'authorize:admin',
+            'uses' => 'ViewAssetsController@getRequestedIndex'
+            ]);
     # Licenses
-    Route::group([ 'prefix' => 'licenses' ], function () {
+    Route::group([ 'prefix' => 'licenses', 'middleware'=>'authorize:licenses.view' ], function () {
 
-        Route::get('create', [ 'as' => 'create/licenses', 'uses' => 'LicensesController@getCreate' ]);
-        Route::post('create', 'LicensesController@postCreate');
-        Route::get('{licenseId}/edit', [ 'as' => 'update/license', 'uses' => 'LicensesController@getEdit' ]);
-        Route::post('{licenseId}/edit', 'LicensesController@postEdit');
-        Route::get('{licenseId}/clone', [ 'as' => 'clone/license', 'uses' => 'LicensesController@getClone' ]);
-        Route::post('{licenseId}/clone', 'LicensesController@postCreate');
-        Route::get('{licenseId}/delete', [ 'as' => 'delete/license', 'uses' => 'LicensesController@getDelete' ]);
-        Route::get(
-            '{licenseId}/freecheckout',
-            [ 'as' => 'freecheckout/license', 'uses' => 'LicensesController@getFreeLicense' ]
-        );
+        Route::get('create', [ 'as' => 'create/licenses', 'middleware' => 'authorize:licenses.create','uses' => 'LicensesController@getCreate' ]);
+        Route::post('create', [ 'as' => 'create/licenses', 'middleware' => 'authorize:licenses.create','uses' => 'LicensesController@postCreate' ]);
+        Route::get('{licenseId}/edit', [ 'as' => 'update/license', 'middleware' => 'authorize:licenses.edit', 'uses' => 'LicensesController@getEdit' ]);
+        Route::post('{licenseId}/edit', [ 'as' => 'update/license', 'middleware' => 'authorize:licenses.edit', 'uses' => 'LicensesController@postEdit' ]);
+        Route::get('{licenseId}/clone', [ 'as' => 'clone/license', 'middleware' => 'authorize:licenses.create', 'uses' => 'LicensesController@getClone' ]);
+        Route::post('{licenseId}/clone', [ 'as' => 'clone/license', 'middleware' => 'authorize:licenses.create', 'uses' => 'LicensesController@postCreate' ]);
+        Route::get('{licenseId}/delete', [ 'as' => 'delete/license', 'middleware' => 'authorize:licenses.delete', 'uses' => 'LicensesController@getDelete' ]);
+        Route::get('{licenseId}/freecheckout', [
+            'as' => 'freecheckout/license',
+            'middleware' => 'authorize:licenses.checkout',
+            'uses' => 'LicensesController@getFreeLicense'
+        ]);
         Route::get(
             '{licenseId}/checkout',
-            [ 'as' => 'checkout/license', 'uses' => 'LicensesController@getCheckout' ]
+            [ 'as' => 'checkout/license', 'middleware' => 'authorize:licenses.checkout','uses' => 'LicensesController@getCheckout' ]
         );
-        Route::post('{licenseId}/checkout', 'LicensesController@postCheckout');
-        Route::get(
-            '{licenseId}/checkin/{backto?}',
-            [ 'as' => 'checkin/license', 'uses' => 'LicensesController@getCheckin' ]
+        Route::post(
+            '{licenseId}/checkout',
+            [ 'as' => 'checkout/license', 'middleware' => 'authorize:licenses.checkout','uses' => 'LicensesController@postCheckout' ]
         );
-        Route::post('{licenseId}/checkin/{backto?}', 'LicensesController@postCheckin');
-        Route::get('{licenseId}/view', [ 'as' => 'view/license', 'uses' => 'LicensesController@getView' ]);
+        Route::get('{licenseId}/checkin/{backto?}', [
+            'as' => 'checkin/license',
+            'middleware' => 'authorize:licenses.checkin',
+            'uses' => 'LicensesController@getCheckin'
+        ]);
+
+        Route::post('{licenseId}/checkin/{backto?}', [
+            'as' => 'checkin/license',
+            'middleware' => 'authorize:licenses.checkin',
+            'uses' => 'LicensesController@postCheckin'
+        ]);
+
+        Route::get('{licenseId}/view', [
+            'as' => 'view/license',
+            'middleware' => 'authorize:licenses.view',
+            'uses' => 'LicensesController@getView'
+        ]);
+
         Route::post(
             '{licenseId}/upload',
-            [ 'as' => 'upload/license', 'uses' => 'LicensesController@postUpload' ]
+            [ 'as' => 'upload/license', 'middleware' => 'authorize:licenses.edit','uses' => 'LicensesController@postUpload' ]
         );
         Route::get(
             '{licenseId}/deletefile/{fileId}',
-            [ 'as' => 'delete/licensefile', 'uses' => 'LicensesController@getDeleteFile' ]
+            [ 'as' => 'delete/licensefile', 'middleware' => 'authorize:licenses.edit', 'uses' => 'LicensesController@getDeleteFile' ]
         );
         Route::get(
             '{licenseId}/showfile/{fileId}',
-            [ 'as' => 'show/licensefile', 'uses' => 'LicensesController@displayFile' ]
+            [ 'as' => 'show/licensefile', 'middleware' => 'authorize:licenses.view','uses' => 'LicensesController@displayFile' ]
         );
-        Route::get('/', [ 'as' => 'licenses', 'uses' => 'LicensesController@getIndex' ]);
+        Route::get('/', [ 'as' => 'licenses', 'middleware' => 'authorize:licenses.view','uses' => 'LicensesController@getIndex' ]);
     });
 
     # Asset Maintenances
-    Route::group([ 'prefix' => 'asset_maintenances' ], function () {
+    Route::group([ 'prefix' => 'asset_maintenances', 'middleware'=>'authorize:assets.view'  ], function () {
+
+        Route::get('create/{assetId?}',
+            [ 'as' => 'create/asset_maintenances',
+                'middleware' => 'authorize:assets.edit',
+                'uses' => 'AssetMaintenancesController@getCreate'
+            ]);
+
+        Route::post('create/{assetId?}',
+            [ 'as' => 'create/asset_maintenances.save',
+                'middleware' => 'authorize:assets.edit',
+                'uses' => 'AssetMaintenancesController@postCreate'
+            ]);
+
+        Route::get('{assetMaintenanceId}/edit',
+            [ 'as' => 'update/asset_maintenance',
+                'middleware' => 'authorize:assets.edit',
+                'uses' => 'AssetMaintenancesController@getEdit'
+            ]);
+
+        Route::post('{assetMaintenanceId}/edit',
+            [ 'as' => 'update/asset_maintenance.save',
+                'middleware' => 'authorize:assets.edit',
+                'uses' => 'AssetMaintenancesController@postEdit'
+            ]);
 
-        Route::get(
-            'create/{assetId?}',
-            [ 'as' => 'create/asset_maintenances', 'uses' => 'AssetMaintenancesController@getCreate' ]
-        );
-        Route::post('create/{assetId?}', 'AssetMaintenancesController@postCreate');
-        Route::get('/', [ 'as' => 'asset_maintenances', 'uses' => 'AssetMaintenancesController@getIndex' ]);
-        Route::get(
-            '{assetMaintenanceId}/edit',
-            [ 'as' => 'update/asset_maintenance', 'uses' => 'AssetMaintenancesController@getEdit' ]
-        );
-        Route::post('{assetMaintenanceId}/edit', 'AssetMaintenancesController@postEdit');
         Route::get(
             '{assetMaintenanceId}/delete',
             [ 'as' => 'delete/asset_maintenance', 'uses' => 'AssetMaintenancesController@getDelete' ]
@@ -360,93 +513,114 @@ Route::group([ 'prefix' => 'admin','middleware' => ['web','auth','authorize:admi
             '{assetMaintenanceId}/view',
             [ 'as' => 'view/asset_maintenance', 'uses' => 'AssetMaintenancesController@getView' ]
         );
+
+        Route::get('/', [ 'as' => 'asset_maintenances', 'uses' => 'AssetMaintenancesController@getIndex' ]);
     });
 
     # Accessories
-    Route::group([ 'prefix' => 'accessories' ], function () {
+    Route::group([ 'prefix' => 'accessories', 'middleware'=>'authorize:accessories.view'  ], function () {
 
-        Route::get('create', [ 'as' => 'create/accessory', 'uses' => 'AccessoriesController@getCreate' ]);
+        Route::get('create', [ 'as' => 'create/accessory', 'middleware' => 'authorize:accessories.create','uses' => 'AccessoriesController@getCreate' ]);
         Route::post('create', 'AccessoriesController@postCreate');
         Route::get(
             '{accessoryID}/edit',
-            [ 'as' => 'update/accessory', 'uses' => 'AccessoriesController@getEdit' ]
+            [ 'as' => 'update/accessory', 'middleware' => 'authorize:accessories.edit','uses' => 'AccessoriesController@getEdit' ]
         );
         Route::post('{accessoryID}/edit', 'AccessoriesController@postEdit');
         Route::get(
             '{accessoryID}/delete',
-            [ 'as' => 'delete/accessory', 'uses' => 'AccessoriesController@getDelete' ]
+            [ 'as' => 'delete/accessory', 'middleware' => 'authorize:accessories.delete','uses' => 'AccessoriesController@getDelete' ]
         );
-        Route::get('{accessoryID}/view', [ 'as' => 'view/accessory', 'uses' => 'AccessoriesController@getView' ]);
+        Route::get('{accessoryID}/view', [ 'as' => 'view/accessory', 'middleware' => 'authorize:accessories.view','uses' => 'AccessoriesController@getView' ]);
         Route::get(
             '{accessoryID}/checkout',
-            [ 'as' => 'checkout/accessory', 'uses' => 'AccessoriesController@getCheckout' ]
+            [ 'as' => 'checkout/accessory', 'middleware' => 'authorize:accessories.checkout','uses' => 'AccessoriesController@getCheckout' ]
         );
-        Route::post('{accessoryID}/checkout', 'AccessoriesController@postCheckout');
+        Route::post(
+            '{accessoryID}/checkout',
+            [ 'as' => 'checkout/accessory', 'middleware' => 'authorize:accessories.checkout','uses' => 'AccessoriesController@postCheckout' ]
+        );
+
         Route::get(
             '{accessoryID}/checkin/{backto?}',
-            [ 'as' => 'checkin/accessory', 'uses' => 'AccessoriesController@getCheckin' ]
+            [ 'as' => 'checkin/accessory', 'middleware' => 'authorize:accessories.checkin','uses' => 'AccessoriesController@getCheckin' ]
+        );
+        Route::post(
+            '{accessoryID}/checkin/{backto?}',
+            [ 'as' => 'checkin/accessory', 'middleware' => 'authorize:accessories.checkin','uses' => 'AccessoriesController@postCheckin' ]
         );
-        Route::post('{accessoryID}/checkin/{backto?}', 'AccessoriesController@postCheckin');
 
-        Route::get('/', [ 'as' => 'accessories', 'uses' => 'AccessoriesController@getIndex' ]);
+        Route::get('/', [ 'as' => 'accessories', 'middleware'=>'authorize:accessories.view', 'uses' => 'AccessoriesController@getIndex' ]);
     });
 
     # Consumables
-    Route::group([ 'prefix' => 'consumables' ], function () {
+    Route::group([ 'prefix' => 'consumables', 'middleware'=>'authorize:consumables.view'  ], function () {
 
-        Route::get('create', [ 'as' => 'create/consumable', 'uses' => 'ConsumablesController@getCreate' ]);
-        Route::post('create', 'ConsumablesController@postCreate');
+        Route::get('create', [ 'as' => 'create/consumable','middleware'=>'authorize:consumables.create', 'uses' => 'ConsumablesController@getCreate' ]);
+        Route::post('create', [ 'as' => 'create/consumable','middleware'=>'authorize:consumables.create', 'uses' => 'ConsumablesController@postCreate' ]);
         Route::get(
             '{consumableID}/edit',
-            [ 'as' => 'update/consumable', 'uses' => 'ConsumablesController@getEdit' ]
+            [ 'as' => 'update/consumable', 'middleware'=>'authorize:consumables.edit', 'uses' => 'ConsumablesController@getEdit' ]
+        );
+        Route::post(
+            '{consumableID}/edit',
+            [ 'as' => 'update/consumable', 'middleware'=>'authorize:consumables.edit', 'uses' => 'ConsumablesController@postEdit' ]
         );
-        Route::post('{consumableID}/edit', 'ConsumablesController@postEdit');
         Route::get(
             '{consumableID}/delete',
-            [ 'as' => 'delete/consumable', 'uses' => 'ConsumablesController@getDelete' ]
+            [ 'as' => 'delete/consumable',  'middleware'=>'authorize:consumables.delete','uses' => 'ConsumablesController@getDelete' ]
         );
         Route::get(
             '{consumableID}/view',
-            [ 'as' => 'view/consumable', 'uses' => 'ConsumablesController@getView' ]
+            [ 'as' => 'view/consumable',  'middleware'=>'authorize:consumables.view','uses' => 'ConsumablesController@getView' ]
         );
         Route::get(
             '{consumableID}/checkout',
-            [ 'as' => 'checkout/consumable', 'uses' => 'ConsumablesController@getCheckout' ]
+            [ 'as' => 'checkout/consumable',  'middleware'=>'authorize:consumables.checkout','uses' => 'ConsumablesController@getCheckout' ]
         );
-        Route::post('{consumableID}/checkout', 'ConsumablesController@postCheckout');
-        Route::get('/', [ 'as' => 'consumables', 'uses' => 'ConsumablesController@getIndex' ]);
+        Route::post(
+            '{consumableID}/checkout',
+            [ 'as' => 'checkout/consumable',  'middleware'=>'authorize:consumables.checkout','uses' => 'ConsumablesController@postCheckout' ]
+        );
+        Route::get('/', [ 'as' => 'consumables', 'middleware'=>'authorize:consumables.view','uses' => 'ConsumablesController@getIndex' ]);
     });
 
     # Components
-    Route::group([ 'prefix' => 'components' ], function () {
+    Route::group([ 'prefix' => 'components', 'middleware'=>'authorize:components.view'  ], function () {
 
-        Route::get('create', [ 'as' => 'create/component', 'uses' => 'ComponentsController@getCreate' ]);
-        Route::post('create', 'ComponentsController@postCreate');
+        Route::get('create', [ 'as' => 'create/component', 'middleware'=>'authorize:components.create','uses' => 'ComponentsController@getCreate' ]);
+        Route::post('create', [ 'as' => 'create/component', 'middleware'=>'authorize:components.create','uses' => 'ComponentsController@postCreate' ]);
         Route::get(
             '{componentID}/edit',
-            [ 'as' => 'update/component', 'uses' => 'ComponentsController@getEdit' ]
+            [ 'as' => 'update/component', 'middleware'=>'authorize:components.edit','uses' => 'ComponentsController@getEdit' ]
+        );
+        Route::post(
+            '{componentID}/edit',
+            [ 'as' => 'update/component', 'middleware'=>'authorize:components.edit','uses' => 'ComponentsController@postEdit' ]
         );
-        Route::post('{componentID}/edit', 'ComponentsController@postEdit');
         Route::get(
             '{componentID}/delete',
-            [ 'as' => 'delete/component', 'uses' => 'ComponentsController@getDelete' ]
+            [ 'as' => 'delete/component', 'middleware'=>'authorize:components.delete','uses' => 'ComponentsController@getDelete' ]
         );
         Route::get(
             '{componentID}/view',
-            [ 'as' => 'view/component', 'uses' => 'ComponentsController@getView' ]
+            [ 'as' => 'view/component', 'middleware'=>'authorize:components.view','uses' => 'ComponentsController@getView' ]
         );
         Route::get(
             '{componentID}/checkout',
-            [ 'as' => 'checkout/component', 'uses' => 'ComponentsController@getCheckout' ]
+            [ 'as' => 'checkout/component', 'middleware'=>'authorize:components.checkout','uses' => 'ComponentsController@getCheckout' ]
         );
-        Route::post('{componentID}/checkout', 'ComponentsController@postCheckout');
-        Route::post('bulk', [ 'as' => 'component/bulk-form', 'uses' => 'ComponentsController@postBulk' ]);
-        Route::post('bulksave', [ 'as' => 'component/bulk-save', 'uses' => 'ComponentsController@postBulkSave' ]);
-        Route::get('/', [ 'as' => 'components', 'uses' => 'ComponentsController@getIndex' ]);
+        Route::post(
+            '{componentID}/checkout',
+            [ 'as' => 'checkout/component', 'middleware'=>'authorize:components.checkout','uses' => 'ComponentsController@postCheckout' ]
+        );
+        Route::post('bulk', [ 'as' => 'component/bulk-form', 'middleware'=>'authorize:components.checkout','uses' => 'ComponentsController@postBulk' ]);
+        Route::post('bulksave', [ 'as' => 'component/bulk-save', 'middleware'=>'authorize:components.edit','uses' => 'ComponentsController@postBulkSave' ]);
+        Route::get('/', [ 'as' => 'components', 'middleware'=>'authorize:components.view','uses' => 'ComponentsController@getIndex' ]);
     });
 
     # Admin Settings Routes (for categories, maufactureres, etc)
-    Route::group([ 'prefix' => 'settings'], function () {
+    Route::group([ 'prefix' => 'settings', 'middleware'=>'authorize:superuser'], function () {
 
 
 
@@ -454,12 +628,19 @@ Route::group([ 'prefix' => 'admin','middleware' => ['web','auth','authorize:admi
         Route::group([ 'prefix' => 'app' ], function () {
 
             Route::post('purge', ['as' => 'purge', 'uses' => 'SettingsController@postPurge']);
-
-            Route::get('/', [ 'as' => 'app', 'uses' => 'SettingsController@getIndex' ]);
             Route::get('edit', [ 'as' => 'edit/settings', 'uses' => 'SettingsController@getEdit' ]);
             Route::post('edit', 'SettingsController@postEdit');
+
+            Route::get('ldaptest', [
+                'as' => 'settings/ldaptest',
+                'uses' => 'SettingsController@getLdapTest'
+            ]);
+
+            Route::get('/', [ 'as' => 'app', 'uses' => 'SettingsController@getIndex' ]);
         });
 
+
+
         # Settings
         Route::group([ 'prefix' => 'backups', 'middleware' => 'auth' ], function () {
 
@@ -476,6 +657,8 @@ Route::group([ 'prefix' => 'admin','middleware' => ['web','auth','authorize:admi
                 'as' => 'settings/backups',
                 'uses' => 'SettingsController@postBackups'
             ]);
+
+
             Route::get('/', [ 'as' => 'settings/backups', 'uses' => 'SettingsController@getBackups' ]);
         });
 
@@ -587,7 +770,7 @@ Route::group([ 'prefix' => 'admin','middleware' => ['web','auth','authorize:admi
                 [ 'as' => 'update/location', 'uses' => 'LocationsController@getEdit' ]
             );
             Route::post('{locationId}/edit', 'LocationsController@postEdit');
-            Route::get('{locationId}/view', 'LocationsController@getView');
+            Route::get('{locationId}/view', [ 'as' => 'view/location', 'uses' => 'LocationsController@getView' ]);
             Route::get(
                 '{locationId}/delete',
                 [ 'as' => 'delete/location', 'uses' => 'LocationsController@getDelete' ]
@@ -617,27 +800,29 @@ Route::group([ 'prefix' => 'admin','middleware' => ['web','auth','authorize:admi
     Route::get('custom_fields/create-field', ['uses' =>'CustomFieldsController@createField','as' => 'admin.custom_fields.create-field']);
     Route::post('custom_fields/create-field', ['uses' => 'CustomFieldsController@storeField','as' => 'admin.custom_fields.store-field']);
     Route::post('custom_fields/{id}/associate', ['uses' => 'CustomFieldsController@associate','as' => 'admin.custom_fields.associate']);
+    Route::get('custom_fields/{field_id}/{fieldset_id}/disassociate', ['uses' => 'CustomFieldsController@deleteFieldFromFieldset','as' => 'admin.custom_fields.disassociate']);
     Route::match(['DELETE'], 'custom_fields/delete-field/{id}', ['uses' => 'CustomFieldsController@deleteField','as' => 'admin.custom_fields.delete-field']);
     Route::resource('custom_fields', 'CustomFieldsController');
 
     # User Management
-    Route::group([ 'prefix' => 'users' ], function () {
+    Route::group([ 'prefix' => 'users', 'middleware' => ['web','auth','authorize:users.view']], function () {
 
-        Route::get('ldap', ['as' => 'ldap/user', 'uses' => 'UsersController@getLDAP' ]);
+        Route::get('ldap', ['as' => 'ldap/user', 'uses' => 'UsersController@getLDAP', 'middleware' => ['authorize:users.edit'] ]);
         Route::post('ldap', 'UsersController@postLDAP');
 
-        Route::get('create', [ 'as' => 'create/user', 'uses' => 'UsersController@getCreate' ]);
-        Route::post('create', 'UsersController@postCreate');
-        Route::get('import', [ 'as' => 'import/user', 'uses' => 'UsersController@getImport' ]);
-        Route::post('import', 'UsersController@postImport');
-        Route::get('{userId}/edit', [ 'as' => 'update/user', 'uses' => 'UsersController@getEdit' ]);
-        Route::post('{userId}/edit', 'UsersController@postEdit');
-        Route::get('{userId}/clone', [ 'as' => 'clone/user', 'uses' => 'UsersController@getClone' ]);
-        Route::post('{userId}/clone', 'UsersController@postCreate');
-        Route::get('{userId}/delete', [ 'as' => 'delete/user', 'uses' => 'UsersController@getDelete' ]);
-        Route::get('{userId}/restore', [ 'as' => 'restore/user', 'uses' => 'UsersController@getRestore' ]);
-        Route::get('{userId}/view', [ 'as' => 'view/user', 'uses' => 'UsersController@getView' ]);
-        Route::get('{userId}/unsuspend', [ 'as' => 'unsuspend/user', 'uses' => 'UsersController@getUnsuspend' ]);
+        Route::get('create', [ 'as' => 'create/user', 'uses' => 'UsersController@getCreate', 'middleware' => ['authorize:users.edit']  ]);
+        Route::post('create', [ 'uses' => 'UsersController@postCreate', 'middleware' => ['authorize:users.edit']  ]);
+        Route::get('import', [ 'as' => 'import/user', 'uses' => 'UsersController@getImport', 'middleware' => ['authorize:users.edit']  ]);
+        Route::post('import', [ 'uses' => 'UsersController@postImport', 'middleware' => ['authorize:users.edit']  ]);
+        Route::get('export', [ 'uses' => 'UsersController@getExportUserCsv', 'middleware' => ['authorize:users.view']  ]);
+        Route::get('{userId}/edit', [ 'as' => 'update/user', 'uses' => 'UsersController@getEdit', 'middleware' => ['authorize:users.edit']  ]);
+        Route::post('{userId}/edit', [ 'uses' => 'UsersController@postEdit', 'middleware' => ['authorize:users.edit']  ]);
+        Route::get('{userId}/clone', [ 'as' => 'clone/user', 'uses' => 'UsersController@getClone', 'middleware' => ['authorize:users.edit']  ]);
+        Route::post('{userId}/clone', [ 'uses' => 'UsersController@postCreate', 'middleware' => ['authorize:users.edit']  ]);
+        Route::get('{userId}/delete', [ 'as' => 'delete/user', 'uses' => 'UsersController@getDelete', 'middleware' => ['authorize:users.delete']  ]);
+        Route::get('{userId}/restore', [ 'as' => 'restore/user', 'uses' => 'UsersController@getRestore', 'middleware' => ['authorize:users.edit']  ]);
+        Route::get('{userId}/view', [ 'as' => 'view/user', 'uses' => 'UsersController@getView' , 'middleware' => ['authorize:users.view'] ]);
+        Route::get('{userId}/unsuspend', [ 'as' => 'unsuspend/user', 'uses' => 'UsersController@getUnsuspend', 'middleware' => ['authorize:users.edit'] ]);
         Route::get(
             '{userId}/deletefile/{fileId}',
             [ 'as' => 'delete/userfile', 'uses' => 'UsersController@getDeleteFile' ]
@@ -651,14 +836,16 @@ Route::group([ 'prefix' => 'admin','middleware' => ['web','auth','authorize:admi
             'bulkedit',
             [
                 'as'   => 'users/bulkedit',
-                'uses' => 'UsersController@postBulkEdit'
+                'uses' => 'UsersController@postBulkEdit',
+                'middleware' => ['authorize:users.edit'],
             ]
         );
         Route::post(
             'bulksave',
             [
                 'as'   => 'users/bulksave',
-                'uses' => 'UsersController@postBulkSave'
+                'uses' => 'UsersController@postBulkSave',
+                'middleware' => ['authorize:users.edit'],
             ]
         );
 
@@ -667,7 +854,7 @@ Route::group([ 'prefix' => 'admin','middleware' => ['web','auth','authorize:admi
     });
 
     # Group Management
-    Route::group([ 'prefix' => 'groups' ], function () {
+    Route::group([ 'prefix' => 'groups', 'middleware' => ['web','auth','authorize:superadmin'] ], function () {
 
         Route::get('/', [ 'as' => 'groups', 'uses' => 'GroupsController@getIndex' ]);
         Route::get('create', [ 'as' => 'create/group', 'uses' => 'GroupsController@getCreate' ]);
@@ -721,13 +908,18 @@ Route::group([ 'prefix' => 'account', 'middleware' => ['web', 'auth']], function
         [ 'as' => 'account/request-asset', 'uses' => 'ViewAssetsController@getRequestAsset' ]
     );
 
+    Route::post(
+        'request/{itemType}/{itemId}',
+        [ 'as' => 'account/request-item', 'uses' => 'ViewAssetsController@getRequestItem']
+    );
+
     # Account Dashboard
-    Route::get('/', [ 'as' => 'account', 'uses' => 'ProfileController@getDashboard' ]);
+    Route::get('/', [ 'as' => 'account', 'uses' => 'ViewAssetsController@getIndex' ]);
 
 });
 
 
-Route::group(['middleware' => ['web','auth','authorize:reports']], function () {
+Route::group(['middleware' => ['web','auth','authorize:reports.view']], function () {
 
     Route::get(
         'reports/depreciation',
@@ -773,6 +965,12 @@ Route::group(['middleware' => ['web','auth','authorize:reports']], function () {
         'reports/activity',
         [ 'as' => 'reports/activity', 'uses' => 'ReportsController@getActivityReport' ]
     );
+
+    Route::get(
+        'reports/activity/json',
+        [ 'as' => 'api.activity.list', 'uses' => 'ReportsController@getActivityReportDataTable' ]
+    );
+    
     Route::get(
         'reports/unaccepted_assets',
         [ 'as' => 'reports/unaccepted_assets', 'uses' => 'ReportsController@getAssetAcceptanceReport' ]
@@ -839,6 +1037,29 @@ Route::group([ 'prefix' => 'setup', 'middleware' => 'web'], function () {
 
 });
 
+Route::get(
+    'two-factor-enroll',
+    [
+        'as' => 'two-factor-enroll',
+        'middleware' => ['web'],
+        'uses' => 'Auth\AuthController@getTwoFactorEnroll' ]
+);
+
+Route::get(
+    'two-factor',
+    [
+        'as' => 'two-factor',
+        'middleware' => ['web'],
+        'uses' => 'Auth\AuthController@getTwoFactorAuth' ]
+);
+
+Route::post(
+    'two-factor',
+    [
+        'as' => 'two-factor',
+        'middleware' => ['web'],
+        'uses' => 'Auth\AuthController@postTwoFactorAuth' ]
+);
 
 Route::get(
     '/',
@@ -848,8 +1069,24 @@ Route::get(
     'uses' => 'DashboardController@getIndex' ]
 );
 
+
+
 Route::group(['middleware' => 'web'], function () {
     Route::auth();
+    Route::get(
+        'login',
+        [
+            'as' => 'login',
+            'middleware' => ['web'],
+            'uses' => 'Auth\AuthController@showLoginForm' ]
+    );
+    Route::get(
+        'logout',
+        [
+            'as' => 'logout',
+            'uses' => 'Auth\AuthController@logout' ]
+    );
+
 });
 
 Route::get('home', function () {

app/Models/Accessory.php

@@ -1,19 +1,22 @@
 <?php
 namespace App\Models;
 
+use App\Models\Loggable;
+use App\Models\SnipeModel;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;
 use Watson\Validating\ValidatingTrait;
 
 /**
  * Model for Accessories.
- * 
+ *
  * @version    v1.0
  */
-class Accessory extends Model
+class Accessory extends SnipeModel
 {
-    use SoftDeletes;
     use CompanyableTrait;
+    use Loggable;
+    use SoftDeletes;
 
     protected $dates = ['deleted_at'];
     protected $table = 'accessories';
@@ -22,11 +25,12 @@ class Accessory extends Model
     * Accessory validation rules
     */
     public $rules = array(
-      'name'        => 'required|min:3|max:255',
-      'qty'         => 'required|integer|min:1',
-      'category_id' => 'required|integer',
-      'company_id'  => 'integer',
-      'min_amt'     => 'integer|min:1',
+        'name'              => 'required|min:3|max:255',
+        'qty'               => 'required|integer|min:1',
+        'category_id'       => 'required|integer',
+        'company_id'        => 'integer',
+        'min_amt'           => 'integer|min:0',
+        'purchase_cost'     => 'numeric',
     );
 
 
@@ -67,7 +71,7 @@ class Accessory extends Model
     */
     public function assetlog()
     {
-        return $this->hasMany('\App\Models\Actionlog', 'accessory_id')->where('asset_type', '=', 'accessory')->orderBy('created_at', 'desc')->withTrashed();
+        return $this->hasMany('\App\Models\Actionlog', 'item_id')->where('item_type', Accessory::class)->orderBy('created_at', 'desc')->withTrashed();
     }
 
 
@@ -81,6 +85,11 @@ class Accessory extends Model
         return $this->belongsToMany('\App\Models\User', 'accessories_users', 'accessory_id', 'assigned_to')->count();
     }
 
+    public function manufacturer()
+    {
+        return $this->belongsTo('\App\Models\Manufacturer', 'manufacturer_id');
+    }
+
     public function checkin_email()
     {
         return $this->category->checkin_email;

app/Models/Actionlog.php

@@ -2,9 +2,9 @@
 namespace App\Models;
 
 use Illuminate\Database\Eloquent\Model;
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Log;
 use Illuminate\Database\Eloquent\SoftDeletes;
+use Illuminate\Support\Facades\Auth;
+use Response;
 
 /**
  * Model for the Actionlog (the table that keeps a historical log of
@@ -12,103 +12,96 @@ use Illuminate\Database\Eloquent\SoftDeletes;
  *
  * @version    v1.0
  */
-class Actionlog extends Model implements ICompanyableChild
+class Actionlog extends Model
 {
     use SoftDeletes;
-    use CompanyableChildTrait;
 
     protected $dates = [ 'deleted_at' ];
 
-    protected $table      = 'asset_logs';
+    protected $table      = 'action_logs';
     public $timestamps = true;
-    protected $fillable   = [ 'created_at', 'asset_type' ];
+    protected $fillable   = [ 'created_at', 'item_type','user_id','item_id','action_type','note','target_id', 'target_type' ];
 
-    public function getCompanyableParents()
+    // Overridden from Builder to automatically add the company
+    public static function boot()
     {
-        return [ 'accessorylog', 'assetlog', 'licenselog', 'consumablelog' ];
+        parent::boot();
+        static::creating( function (Actionlog $actionlog) {
+            // If the admin is a superadmin, let's see if the target instead has a company.
+            if (Auth::user() && Auth::user()->isSuperUser()) {
+                if ($actionlog->target) {
+                    $actionlog->company_id = $actionlog->target->company_id;
+                } else if ($actionlog->item) {
+                    $actionlog->company_id = $actionlog->item->company_id;
+                }
+            } else if (Auth::user() && Auth::user()->company) {
+                $actionlog->company_id = Auth::user()->company_id;
+            }
+        });
+    }
+    // Eloquent Relationships below
+    public function item()
+    {
+        return $this->morphTo('item')->withTrashed();
     }
 
-    public function assetlog()
+    public function company() {
+        return $this->hasMany('\App\Models\Company', 'id','company_id');
+    }
+
+    public function itemType()
     {
 
-        return $this->belongsTo('\App\Models\Asset', 'asset_id')
-                    ->withTrashed();
+        if($this->item_type == AssetModel::class) {
+            return "model";
+        }
+        return camel_case(class_basename($this->item_type));
     }
 
     public function uploads()
     {
-
-        return $this->belongsTo('\App\Models\Asset', 'asset_id')
+        return $this->morphTo('item')
                     ->where('action_type', '=', 'uploaded')
                     ->withTrashed();
     }
 
-    public function licenselog()
-    {
-
-        return $this->belongsTo('\App\Models\License', 'asset_id')
-                    ->withTrashed();
-    }
-
-    public function componentlog()
-    {
-
-        return $this->belongsTo('\App\Models\Component', 'component_id')
-            ->withTrashed();
-    }
-
-    public function accessorylog()
-    {
-
-        return $this->belongsTo('\App\Models\Accessory', 'accessory_id')
-                    ->withTrashed();
-    }
-
-    public function consumablelog()
-    {
-
-        return $this->belongsTo('\App\Models\Consumable', 'consumable_id')
-                    ->withTrashed();
-    }
-
-    public function adminlog()
-    {
-
-        return $this->belongsTo('\App\Models\User', 'user_id')
-                    ->withTrashed();
-    }
-
     public function userlog()
     {
+        return $this->target();
+    }
 
-        return $this->belongsTo('\App\Models\User', 'checkedout_to')
+    public function user()
+    {
+        return $this->belongsTo(User::class, 'user_id')
                     ->withTrashed();
     }
 
+    public function target()
+    {
+        return $this->morphTo('target');
+    }
+
     public function childlogs()
     {
-
         return $this->hasMany('\App\Models\ActionLog', 'thread_id');
     }
 
     public function parentlog()
     {
-
         return $this->belongsTo('\App\Models\ActionLog', 'thread_id');
     }
 
     /**
        * Check if the file exists, and if it does, force a download
        **/
-    public function get_src($type = 'assets')
+    public function get_src($type = 'assets', $fieldname = 'filename')
     {
-
-        $file = config('app.private_uploads') . '/' . $type . '/' . $this->filename;
-
+        $file = config('app.private_uploads') . '/' . $type . '/' . $this->{$fieldname};
         return $file;
-
     }
 
+
+
     /**
        * Get the parent category name
        */
@@ -134,44 +127,36 @@ class Actionlog extends Model implements ICompanyableChild
     public function getListingOfActionLogsChronologicalOrder()
     {
 
-        return DB::table('asset_logs')
-                 ->select('*')
+        return $this->all()
                  ->where('action_type', '!=', 'uploaded')
-                 ->orderBy('asset_id', 'asc')
+                 ->orderBy('item_id', 'asc')
                  ->orderBy('created_at', 'asc')
                  ->get();
     }
 
     /**
-       * getLatestCheckoutActionForAssets
-       *
-       * @return mixed
-       * @author  Vincent Sposato <vincent.sposato@gmail.com>
-       * @version v1.0
-       */
-    public function getLatestCheckoutActionForAssets()
+     * Query builder scope to search on text for complex Bootstrap Tables API
+     *
+     * @param  Illuminate\Database\Query\Builder  $query  Query builder instance
+     * @param  text                              $search      Search term
+     *
+     * @return Illuminate\Database\Query\Builder          Modified query builder
+     */
+    public function scopeTextSearch($query, $search)
     {
+        $search = explode(' OR ', $search);
 
-        return DB::table('asset_logs')
-                 ->select(DB::raw('asset_id, MAX(created_at) as last_created'))
-                 ->where('action_type', '=', 'checkout')
-                 ->groupBy('asset_id')
-                 ->get();
-    }
+        return $query->where(function ($query) use ($search) {
 
-    /**
-       * scopeCheckoutWithoutAcceptance
-       *
-       * @param $query
-       *
-       * @return mixed
-       * @author  Vincent Sposato <vincent.sposato@gmail.com>
-       * @version v1.0
-       */
-    public function scopeCheckoutWithoutAcceptance($query)
-    {
+            foreach ($search as $search) {
+                $query->where(function ($query) use ($search) {
+                    $query->whereHas('company', function ($query) use ($search) {
+                        $query->where('companies.name', 'LIKE', '%'.$search.'%');
+                    });
+                })->orWhere('action_type', 'LIKE', '%'.$search.'%')
+                    ->orWhere('note', 'LIKE', '%'.$search.'%');
+            }
 
-        return $query->where('action_type', '=', 'checkout')
-                     ->where('accepted_id', '=', null);
+        });
     }
 }

app/Models/Asset.php

@@ -1,18 +1,22 @@
 <?php
 namespace App\Models;
 
+use App\Helpers\Helper;
+use App\Http\Traits\UniqueUndeletedTrait;
 use App\Models\Actionlog;
 use App\Models\Company;
 use App\Models\Location;
+use App\Models\Loggable;
+use App\Models\Requestable;
+use App\Models\Setting;
+use Auth;
 use Config;
+use DateTime;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;
 use Log;
 use Parsedown;
 use Watson\Validating\ValidatingTrait;
-use DateTime;
-use App\Models\Setting;
-use App\Helpers\Helper;
 
 /**
  * Model for Assets.
@@ -21,7 +25,9 @@ use App\Helpers\Helper;
  */
 class Asset extends Depreciable
 {
+    use Loggable;
     use SoftDeletes;
+    use Requestable;
 
   /**
   * The database table used by the model.
@@ -39,6 +45,7 @@ class Asset extends Depreciable
   */
     protected $injectUniqueIdentifier = true;
     use ValidatingTrait;
+    use UniqueUndeletedTrait;
 
     protected $rules = [
     'name'            => 'min:2|max:255',
@@ -50,8 +57,9 @@ class Asset extends Depreciable
     'checkout_date'   => 'date|max:10|min:10',
     'checkin_date'    => 'date|max:10|min:10',
     'supplier_id'     => 'integer',
-    'asset_tag'       => 'required|min:2|max:255|unique:assets,asset_tag,NULL,deleted_at',
+    'asset_tag'       => 'required|min:1|max:255|unique_undeleted',
     'status'          => 'integer',
+    'purchase_cost'   => 'numeric',
     ];
 
 
@@ -69,20 +77,36 @@ class Asset extends Depreciable
     }
 
 
+    public function availableForCheckout()
+    {
+      return (
+          empty($this->assigned_to) &&
+          $this->assetstatus->deployable == 1 &&
+          empty($this->deleted_at)
+        );
+    }
+
   /**
   * Checkout asset
   */
     public function checkOutToUser($user, $admin, $checkout_at = null, $expected_checkin = null, $note = null, $name = null)
     {
+        if (!$user) {
+            return false;
+        }
 
         if ($expected_checkin) {
-            $this->expected_checkin = $expected_checkin ;
+            $this->expected_checkin = $expected_checkin;
         }
 
         $this->last_checkout = $checkout_at;
 
         $this->assigneduser()->associate($user);
-        $this->name = $name;
+
+        if($name != null)
+        {
+            $this->name = $name;
+        }
 
         $settings = Setting::getSettings();
 
@@ -90,17 +114,15 @@ class Asset extends Depreciable
             $this->accepted="pending";
         }
 
-        if (!$user) {
-            return false;
-        }
+
 
         if ($this->save()) {
 
             // $action, $admin, $user, $expected_checkin = null, $note = null, $checkout_at = null
-            $log_id = $this->createLogRecord('checkout', $this, $admin, $user, $expected_checkin, $note, $checkout_at);
+            $log = $this->createLogRecord('checkout', $this, $admin, $user, $expected_checkin, $note, $checkout_at);
 
             if ((($this->requireAcceptance()=='1')  || ($this->getEula())) && ($user->email!='')) {
-                $this->checkOutNotifyMail($log_id, $user, $checkout_at, $expected_checkin, $note);
+                $this->checkOutNotifyMail($log->id, $user, $checkout_at, $expected_checkin, $note);
             }
 
             if ($settings->slack_endpoint) {
@@ -130,7 +152,8 @@ class Asset extends Depreciable
 
             \Mail::send('emails.accept-asset', $data, function ($m) use ($user) {
                 $m->to($user->email, $user->first_name . ' ' . $user->last_name);
-                $m->subject('Confirm asset delivery');
+                $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
+                $m->subject(trans('mail.Confirm_asset_delivery'));
             });
         }
 
@@ -155,7 +178,7 @@ class Asset extends Depreciable
                 'fields' => [
                 [
                   'title' => 'Checked Out:',
-                  'value' => 'HARDWARE asset <'.config('app.url').'/hardware/'.$this->id.'/view'.'|'.$this->showAssetName().'> checked out to <'.config('app.url').'/admin/users/'.$this->assigned_to.'/view|'.$this->assigneduser->fullName().'> by <'.config('app.url').'/hardware/'.$this->id.'/view'.'|'.$admin->fullName().'>.'
+                  'value' => 'HARDWARE asset <'.config('app.url').'/hardware/'.$this->id.'/view'.'|'.$this->showAssetName().'> checked out to <'.config('app.url').'/admin/users/'.$this->assigned_to.'/view|'.$this->assigneduser->fullName().'> by <'.config('app.url').'/admin/users/'.Auth::user()->id.'/view'.'|'.$admin->fullName().'>.'
                 ],
                 [
                     'title' => 'Note:',
@@ -165,13 +188,22 @@ class Asset extends Depreciable
                 ])->send('Asset Checked Out');
 
             } catch (Exception $e) {
-                print_r($e);
+                LOG::error($e);
             }
         }
 
     }
 
 
+    public function getDetailedNameAttribute()
+    {
+        if ($this->assignedUser) {
+            $user_name = $this->assignedUser->fullName();
+        } else {
+            $user_name = "Unassigned";
+        }
+        return $this->asset_tag . ' - ' . $this->name . ' (' . $user_name . ') ' . $this->model->name;
+    }
     public function validationRules($id = '0')
     {
         return $this->rules;
@@ -182,10 +214,13 @@ class Asset extends Depreciable
     {
 
         $logaction = new Actionlog();
-        $logaction->asset_id = $this->id;
-        $logaction->checkedout_to = $this->assigned_to;
-        $logaction->asset_type = 'hardware';
+        $logaction->item_type = Asset::class;
+        $logaction->item_id = $this->id;
+        $logaction->target_type = User::class;
+        // On Checkin, this is the user that previously had the asset.
+        $logaction->target_id = $user->id;
         $logaction->note = $note;
+        $logaction->user_id = $admin->id;
         if ($checkout_at!='') {
             $logaction->created_at = \Carbon\Carbon::createFromFormat('Y-m-d H:i:s', date('Y-m-d H:i:s', strtotime($checkout_at)));
         } else {
@@ -198,15 +233,9 @@ class Asset extends Depreciable
             }
         } else {
             // Update the asset data to null, since it's being checked in
-            $logaction->checkedout_to = $asset->assigned_to;
-            $logaction->checkedout_to = '';
-            $logaction->asset_id = $asset->id;
             $logaction->location_id = null;
-            $logaction->asset_type = 'hardware';
-            $logaction->note = $note;
-            $logaction->user_id = $admin->id;
         }
-        $logaction->adminlog()->associate($admin);
+        $logaction->user()->associate($admin);
         $log = $logaction->logaction($action);
 
         return $logaction;
@@ -243,8 +272,8 @@ class Asset extends Depreciable
     public function uploads()
     {
 
-        return $this->hasMany('\App\Models\Actionlog', 'asset_id')
-                  ->where('asset_type', '=', 'hardware')
+        return $this->hasMany('\App\Models\Actionlog', 'item_id')
+                  ->where('item_type', '=', Asset::class)
                   ->where('action_type', '=', 'uploaded')
                   ->whereNotNull('filename')
                   ->orderBy('created_at', 'desc');
@@ -281,8 +310,8 @@ class Asset extends Depreciable
    */
     public function assetlog()
     {
-        return $this->hasMany('\App\Models\Actionlog', 'asset_id')
-                  ->where('asset_type', '=', 'hardware')
+        return $this->hasMany('\App\Models\Actionlog', 'item_id')
+                  ->where('item_type', '=', Asset::class)
                   ->orderBy('created_at', 'desc')
                   ->withTrashed();
     }
@@ -300,8 +329,7 @@ class Asset extends Depreciable
     {
 
         return $this->hasMany('\App\Models\AssetMaintenance', 'asset_id')
-                  ->orderBy('created_at', 'desc')
-                  ->withTrashed();
+                  ->orderBy('created_at', 'desc');
     }
 
   /**
@@ -318,7 +346,7 @@ class Asset extends Depreciable
     public static function assetcount()
     {
 
-        return Asset::where('physical', '=', '1')
+        return Company::scopeCompanyables(Asset::where('physical', '=', '1'))
                ->whereNull('deleted_at', 'and')
                ->count();
     }
@@ -348,7 +376,7 @@ class Asset extends Depreciable
     }
 
   /**
-   * Get total assets
+   * Get asset status
    */
     public function assetstatus()
     {
@@ -362,12 +390,20 @@ class Asset extends Depreciable
     {
 
         if ($this->name == '') {
-            return $this->model->name;
+            if ($this->model) {
+                return $this->model->name.' ('.$this->asset_tag.')';
+            }
+            return $this->asset_tag;
         } else {
             return $this->name;
         }
     }
 
+    public function getDisplayNameAttribute()
+    {
+        return $this->showAssetName();
+    }
+
     public function warrantee_expires()
     {
         $date = date_create($this->purchase_date);
@@ -452,13 +488,24 @@ class Asset extends Depreciable
             $asset_tag = \DB::table('assets')
                 ->where('physical', '=', '1')
                 ->max('id');
+
+            if ($settings->zerofill_count > 0) {
+                return $settings->auto_increment_prefix.Asset::zerofill(($asset_tag + 1),$settings->zerofill_count);
+            }
             return $settings->auto_increment_prefix.($asset_tag + 1);
         } else {
             return false;
         }
     }
 
-    public function checkin_email()
+
+    public static function zerofill ($num, $zerofill = 3)
+    {
+        return str_pad($num, $zerofill, '0', STR_PAD_LEFT);
+    }
+
+
+public function checkin_email()
     {
         return $this->model->category->checkin_email;
     }
@@ -534,13 +581,13 @@ class Asset extends Depreciable
 
     public function scopeAssetsByLocation($query, $location)
     {
-        return $query->where(function ($query) use ($location)
-        {
-            $query->whereHas('assigneduser', function ($query) use ($location)
-            {
+        return $query->where(function ($query) use ($location) {
+
+            $query->whereHas('assigneduser', function ($query) use ($location) {
+
                 $query->where('users.location_id', '=', $location->id);
-            })->orWhere(function ($query) use ($location)
-            {
+            })->orWhere(function ($query) use ($location) {
+
                 $query->where('assets.rtd_location_id', '=', $location->id);
                 $query->whereNull('assets.assigned_to');
             });
@@ -587,6 +634,23 @@ class Asset extends Depreciable
         });
     }
 
+    /**
+     * Query builder scope for non-Archived assets
+     *
+     * @param  Illuminate\Database\Query\Builder $query Query builder instance
+     *
+     * @return Illuminate\Database\Query\Builder          Modified query builder
+     */
+
+    public function scopeNotArchived($query)
+    {
+
+        return $query->whereHas('assetstatus', function ($query) {
+
+            $query->where('archived', '=', 0);
+        });
+    }
+
   /**
    * Query builder scope for Archived assets
    *
@@ -631,10 +695,10 @@ class Asset extends Depreciable
     public function scopeRequestableAssets($query)
     {
 
-        return $query->where('requestable', '=', 1)
+        return Company::scopeCompanyables($query->where('requestable', '=', 1))
         ->whereHas('assetstatus', function ($query) {
 
-           $query->where('deployable', '=', 1)
+            $query->where('deployable', '=', 1)
                  ->where('pending', '=', 0)
                  ->where('archived', '=', 0);
         });
@@ -704,7 +768,7 @@ class Asset extends Depreciable
   */
     public function scopeAccepted($query)
     {
-        return $uery->where("accepted", "=", "accepted");
+        return $query->where("accepted", "=", "accepted");
     }
 
 
@@ -727,7 +791,8 @@ class Asset extends Depreciable
                     $query->whereHas('category', function ($query) use ($search) {
                         $query->where(function ($query) use ($search) {
                             $query->where('categories.name', 'LIKE', '%'.$search.'%')
-                            ->orWhere('models.name', 'LIKE', '%'.$search.'%');
+                            ->orWhere('models.name', 'LIKE', '%'.$search.'%')
+                            ->orWhere('models.model_number', 'LIKE', '%'.$search.'%');
                         });
                     });
                 })->orWhereHas('model', function ($query) use ($search) {
@@ -785,18 +850,31 @@ class Asset extends Depreciable
         return $query->join('models', 'assets.model_id', '=', 'models.id')->orderBy('models.name', $order);
     }
 
+    /**
+    * Query builder scope to order on model number
+    *
+    * @param  Illuminate\Database\Query\Builder  $query  Query builder instance
+    * @param  text                              $order       Order
+    *
+    * @return Illuminate\Database\Query\Builder          Modified query builder
+    */
+    public function scopeOrderModelNumber($query, $order)
+    {
+        return $query->join('models', 'assets.model_id', '=', 'models.id')->orderBy('models.model_number', $order);
+    }
 
-        /**
-        * Query builder scope to order on assigned user
-        *
-        * @param  Illuminate\Database\Query\Builder  $query  Query builder instance
-        * @param  text                              $order       Order
-        *
-        * @return Illuminate\Database\Query\Builder          Modified query builder
-        */
+
+    /**
+    * Query builder scope to order on assigned user
+    *
+    * @param  Illuminate\Database\Query\Builder  $query  Query builder instance
+    * @param  text                              $order       Order
+    *
+    * @return Illuminate\Database\Query\Builder          Modified query builder
+    */
     public function scopeOrderAssigned($query, $order)
     {
-        return $query->join('users', 'assets.assigned_to', '=', 'users.id')->orderBy('users.first_name', $order)->orderBy('users.last_name', $order);
+        return $query->leftJoin('users', 'assets.assigned_to', '=', 'users.id')->select('assets.*')->orderBy('users.first_name', $order)->orderBy('users.last_name', $order);
     }
 
     /**
@@ -857,7 +935,7 @@ class Asset extends Depreciable
     }
 
   /**
-    * Query builder scope to order on model
+    * Query builder scope to order on location
     *
     * @param  Illuminate\Database\Query\Builder  $query  Query builder instance
     * @param  text                              $order       Order

app/Models/AssetMaintenance.php

@@ -15,6 +15,7 @@ class AssetMaintenance extends Model implements ICompanyableChild
 {
     use SoftDeletes;
     use CompanyableChildTrait;
+    use ValidatingTrait;
 
 
     protected $dates = [ 'deleted_at' ];
@@ -49,9 +50,9 @@ class AssetMaintenance extends Model implements ICompanyableChild
     {
 
         return [
-            Lang::get('admin/asset_maintenances/general.maintenance') => Lang::get('admin/asset_maintenances/general.maintenance'),
-            Lang::get('admin/asset_maintenances/general.repair')      => Lang::get('admin/asset_maintenances/general.repair'),
-            Lang::get('admin/asset_maintenances/general.upgrade')     => Lang::get('admin/asset_maintenances/general.upgrade')
+            trans('admin/asset_maintenances/general.maintenance') => trans('admin/asset_maintenances/general.maintenance'),
+            trans('admin/asset_maintenances/general.repair')      => trans('admin/asset_maintenances/general.repair'),
+            trans('admin/asset_maintenances/general.upgrade')     => trans('admin/asset_maintenances/general.upgrade')
         ];
     }
 
@@ -70,6 +71,20 @@ class AssetMaintenance extends Model implements ICompanyableChild
                     ->withTrashed();
     }
 
+    /**
+     * Get the admin who created the maintenance
+     *
+     * @return mixed
+     * @author  A. Gianotto <snipe@snipe.net>
+     * @version v3.0
+     */
+    public function admin()
+    {
+
+        return $this->belongsTo('\App\Models\User', 'user_id')
+            ->withTrashed();
+    }
+
     public function supplier()
     {
 
@@ -78,24 +93,11 @@ class AssetMaintenance extends Model implements ICompanyableChild
     }
 
     /**
-       * -----------------------------------------------
-       * BEGIN QUERY SCOPES
-       * -----------------------------------------------
-       **/
-
-    /**
-       * Query builder scope for Deleted assets
-       *
-       * @param  Illuminate\Database\Query\Builder $query Query builder instance
-       *
-       * @return Illuminate\Database\Query\Builder          Modified query builder
-       */
-
-    public function scopeDeleted($query)
-    {
-
-        return $query->whereNotNull('deleted_at');
-    }
+   * -----------------------------------------------
+   * BEGIN QUERY SCOPES
+   * -----------------------------------------------
+   **/
+    
 
     /**
       * Query builder scope to search on text
@@ -118,4 +120,19 @@ class AssetMaintenance extends Model implements ICompanyableChild
                 ->orWhere('completion_date', 'LIKE', '%'.$search.'%');
          });
     }
+
+    /**
+     * Query builder scope to order on admin user
+     *
+     * @param  Illuminate\Database\Query\Builder  $query  Query builder instance
+     * @param  text                              $order       Order
+     *
+     * @return Illuminate\Database\Query\Builder          Modified query builder
+     */
+    public function scopeOrderAdmin($query, $order)
+    {
+        return $query->leftJoin('users', 'asset_maintenances.user_id', '=', 'users.id')
+            ->orderBy('users.first_name', $order)
+            ->orderBy('users.last_name', $order);
+    }
 }

app/Models/AssetModel.php

@@ -1,6 +1,8 @@
 <?php
 namespace App\Models;
 
+use App\Models\Requestable;
+use App\Models\SnipeModel;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;
 use Watson\Validating\ValidatingTrait;
@@ -11,16 +13,17 @@ use Watson\Validating\ValidatingTrait;
  *
  * @version    v1.0
  */
-class AssetModel extends Model
+class AssetModel extends SnipeModel
 {
     use SoftDeletes;
+    use Requestable;
     protected $dates = ['deleted_at'];
     protected $table = 'models';
 
     // Declare the rules for the model validation
     protected $rules = array(
-        'name'          => 'required|min:2|max:255',
-        'modelno'           => 'min:1|max:255',
+        'name'          => 'required|min:1|max:255',
+        'model_number'      => 'min:1|max:255',
         'category_id'       => 'required|integer',
         'manufacturer_id'   => 'required|integer',
         'eol'   => 'integer:min:0|max:240',
@@ -90,8 +93,8 @@ class AssetModel extends Model
     public function displayModelName()
     {
         $name = $this->manufacturer->name.' '.$this->name;
-        if ($this->modelno) {
-            $name .=" / ".$this->modelno;
+        if ($this->model_number) {
+            $name .=" / ".$this->model_number;
         }
         return $name;
     }
@@ -131,6 +134,22 @@ class AssetModel extends Model
         return $query->whereIn('category_id', $categoryIdListing);
     }
 
+    /**
+     * scopeRequestable
+     * Get all models that are requestable by a user.
+     *
+     * @param       $query
+     *
+     * @return $query
+     * @author  Daniel Meltzer <parallelgrapefruit@gmail.com
+     * @version v3.5
+     */
+    public function scopeRequestableModels($query)
+    {
+
+        return $query->where('requestable', '1');
+    }
+
     /**
     * Query builder scope to search on text
     *
@@ -143,7 +162,7 @@ class AssetModel extends Model
     {
 
         return $query->where('name', 'LIKE', "%$search%")
-            ->orWhere('modelno', 'LIKE', "%$search%")
+            ->orWhere('model_number', 'LIKE', "%$search%")
             ->orWhere(function ($query) use ($search) {
                 $query->whereHas('depreciation', function ($query) use ($search) {
                     $query->where('name', 'LIKE', '%'.$search.'%');

app/Models/Category.php

@@ -1,6 +1,8 @@
 <?php
 namespace App\Models;
 
+use App\Http\Traits\UniqueUndeletedTrait;
+use App\Models\SnipeModel;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;
 use Watson\Validating\ValidatingTrait;
@@ -13,7 +15,7 @@ use Watson\Validating\ValidatingTrait;
  *
  * @version    v1.0
  */
-class Category extends Model
+class Category extends SnipeModel
 {
 
     use SoftDeletes;
@@ -25,7 +27,7 @@ class Category extends Model
     */
     public $rules = array(
         'user_id' => 'numeric',
-        'name'   => 'required|min:3|max:255|unique:categories,name,NULL,deleted_at',
+        'name'   => 'required|min:1|max:255|unique_undeleted',
         'category_type'   => 'required',
     );
 
@@ -38,6 +40,7 @@ class Category extends Model
     */
     protected $injectUniqueIdentifier = true;
     use ValidatingTrait;
+    use UniqueUndeletedTrait;
 
 
     /**

app/Models/CheckoutRequest.php

@@ -0,0 +1,59 @@
+<?php
+
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Model;
+
+class CheckoutRequest extends Model
+{
+    //
+    protected $fillable = ['user_id'];
+    protected $table = 'checkout_requests';
+
+    public function user()
+    {
+        return $this->belongsTo(User::class);
+    }
+
+    public function requestingUser()
+    {
+        return $this->user()->first();
+    }
+
+    public function requestedItem()
+    {
+        return $this->morphTo('requestable');
+    }
+
+    public function itemRequested() // Workaround for laravel polymorphic issue that's not being solved :(
+    {
+        return $this->requestedItem()->first();
+    }
+
+    public function itemType()
+    {
+        return snake_case(class_basename($this->requestable_type));
+    }
+
+    public function location()
+    {
+        if ($this->itemType() == "asset") {
+            $asset = $this->itemRequested();
+            if ($asset->assigneduser && $asset->assetloc) {
+                return $asset->assetloc;
+            } elseif ($asset->defaultLoc) {
+                return $asset->defaultLoc;
+            }
+        }
+        return $this->itemRequested()->location;
+    }
+
+    public function name()
+    {
+        if ($this->itemType() == "asset") {
+            return $this->itemRequested()->showAssetName();
+        }
+        return $this->itemRequested()->name;
+
+    }
+}

app/Models/Company.php

@@ -1,6 +1,9 @@
 <?php
 namespace App\Models;
 
+use App\Models\SnipeModel;
+use Auth;
+use DB;
 use Illuminate\Database\Eloquent\Model;
 use Watson\Validating\ValidatingTrait;
 
@@ -9,12 +12,15 @@ use Watson\Validating\ValidatingTrait;
  *
  * @version    v1.8
  */
-final class Company extends Model
+final class Company extends SnipeModel
 {
     protected $table = 'companies';
 
     // Declare the rules for the model validation
-    protected $rules = ['name' => 'required|min:2|max:255|unique:companies,name'];
+    protected $rules = [
+        'name' => 'required|min:1|max:255|unique:companies,name'
+    ];
+
 
     /**
     * Whether the model should inject it's identifier to the unique
@@ -54,16 +60,12 @@ final class Company extends Model
             $company_id = null;
         }
 
-        if ($company_id == null) {
-            return $query;
-        } else {
-            return $query->where($column, '=', $company_id);
-        }
+        return $query->where($column, '=', $company_id);
     }
 
     public static function getSelectList()
     {
-        $select_company = Lang::get('general.select_company');
+        $select_company = trans('general.select_company');
         return ['0' => $select_company] + DB::table('companies')->orderBy('name', 'ASC')->lists('name', 'id');
     }
 
@@ -85,11 +87,17 @@ final class Company extends Model
         } else {
             $current_user = Auth::user();
 
-            if ($current_user->company_id != null) {
-                return $current_user->company_id;
-            } else {
+            // Super users should be able to set a company to whatever they need
+            if ($current_user->isSuperUser()) {
                 return static::getIdFromInput($unescaped_input);
+            } else {
+                if ($current_user->company_id != null) {
+                    return $current_user->company_id;
+                } else {
+                    return static::getIdFromInput($unescaped_input);
+                }
             }
+
         }
     }
 
@@ -102,14 +110,14 @@ final class Company extends Model
         } else {
             $current_user_company_id = Auth::user()->company_id;
             $companyable_company_id = $companyable->company_id;
-
-            return ($current_user_company_id == null || $current_user_company_id == $companyable_company_id);
+            return ($current_user_company_id == null || $current_user_company_id == $companyable_company_id || Auth::user()->isSuperUser());
         }
     }
 
     public static function isCurrentUserAuthorized()
     {
-        return (!static::isFullMultipleCompanySupportEnabled() || Auth::user()->company_id == null);
+
+        return ((!static::isFullMultipleCompanySupportEnabled()) || (Auth::user()->isSuperUser()));
     }
 
     public static function canManageUsersCompanies()
@@ -129,7 +137,8 @@ final class Company extends Model
 
     public static function scopeCompanyables($query, $column = 'company_id')
     {
-        if (!static::isFullMultipleCompanySupportEnabled()) {
+        // If not logged in and hitting this, assume we are on the command line and don't scope?'
+        if (!static::isFullMultipleCompanySupportEnabled() || (Auth::check() && Auth::user()->isSuperUser()) || (!Auth::check())) {
             return $query;
         } else {
             return static::scopeCompanyablesDirectly($query, $column);
@@ -140,7 +149,7 @@ final class Company extends Model
     {
         if (count($companyable_names) == 0) {
             throw new Exception('No Companyable Children to scope');
-        } elseif (!static::isFullMultipleCompanySupportEnabled()) {
+        } elseif (!static::isFullMultipleCompanySupportEnabled() || (Auth::check() && Auth::user()->isSuperUser())) {
             return $query;
         } else {
             $f = function ($q) {
@@ -169,4 +178,27 @@ final class Company extends Model
             return e($company->name);
         }
     }
+
+    public function users() {
+        return $this->hasMany(User::class);
+    }
+
+    public function assets() {
+        return $this->hasMany(Asset::class);
+    }
+
+    public function licenses() {
+        return $this->hasMany(License::class);
+    }
+    public function accessories() {
+        return $this->hasMany(Accessory::class);
+    }
+
+    public function consumables() {
+        return $this->hasMany(Consumable::class);
+    }
+
+    public function components() {
+        return $this->hasMany(Component::class);
+    }
 }

app/Models/Component.php

@@ -1,12 +1,14 @@
 <?php
 namespace App\Models;
 
-use App\Models\User;
-use App\Models\ConsumableAssignment;
-use App\Models\Company;
-use App\Models\Location;
-use App\Models\Category;
 use App\Models\ActionLog;
+use App\Models\Category;
+use App\Models\Company;
+use App\Models\ConsumableAssignment;
+use App\Models\Location;
+use App\Models\Loggable;
+use App\Models\SnipeModel;
+use App\Models\User;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;
 use Watson\Validating\ValidatingTrait;
@@ -16,10 +18,11 @@ use Watson\Validating\ValidatingTrait;
  *
  * @version    v1.0
  */
-class Component extends Model
+class Component extends SnipeModel
 {
-    use SoftDeletes;
     use CompanyableTrait;
+    use Loggable;
+    use SoftDeletes;
 
     protected $dates = ['deleted_at'];
     protected $table = 'components';
@@ -30,7 +33,11 @@ class Component extends Model
     */
     public $rules = array(
         'name'        => 'required|min:3|max:255',
-        'min_amt'     => 'integer|min:1',
+        'qty'     => 'required|integer|min:1',
+        'category_id' => 'required|integer',
+        'company_id'  => 'integer',
+        'purchase_date'  => 'date',
+        'purchase_cost'   => 'numeric',
     );
 
     /**
@@ -81,7 +88,7 @@ class Component extends Model
     */
     public function assetlog()
     {
-        return $this->hasMany('\App\Models\Actionlog', 'component_id')->where('asset_type', '=', 'component')->orderBy('created_at', 'desc')->withTrashed();
+        return $this->hasMany('\App\Models\Actionlog', 'item_id')->where('item_type', Component::class)->orderBy('created_at', 'desc')->withTrashed();
     }
 
 
@@ -94,7 +101,7 @@ class Component extends Model
         }
 
 
-        $total = $this->total_qty;
+        $total = $this->qty;
         $remaining = $total - $checkedout;
         return $remaining;
     }
@@ -135,6 +142,7 @@ class Component extends Model
                         });
                     })->orWhere('components.name', 'LIKE', '%'.$search.'%')
                             ->orWhere('components.order_number', 'LIKE', '%'.$search.'%')
+                            ->orWhere('components.serial', 'LIKE', '%'.$search.'%')
                             ->orWhere('components.purchase_cost', 'LIKE', '%'.$search.'%')
                             ->orWhere('components.purchase_date', 'LIKE', '%'.$search.'%');
             }

app/Models/Consumable.php

@@ -1,20 +1,23 @@
 <?php
 namespace App\Models;
 
-use App\Models\User;
-use App\Models\ConsumableAssignment;
-use App\Models\Company;
-use App\Models\Location;
-use App\Models\Category;
 use App\Models\ActionLog;
+use App\Models\Category;
+use App\Models\Company;
+use App\Models\ConsumableAssignment;
+use App\Models\Location;
+use App\Models\Loggable;
+use App\Models\SnipeModel;
+use App\Models\User;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;
 use Watson\Validating\ValidatingTrait;
 
-class Consumable extends Model
+class Consumable extends SnipeModel
 {
-    use SoftDeletes;
     use CompanyableTrait;
+    use Loggable;
+    use SoftDeletes;
 
     protected $dates = ['deleted_at'];
     protected $table = 'consumables';
@@ -29,6 +32,7 @@ class Consumable extends Model
         'category_id' => 'required|integer',
         'company_id'  => 'integer',
         'min_amt'     => 'integer|min:1',
+        'purchase_cost'   => 'numeric',
     );
 
     /**
@@ -84,7 +88,7 @@ class Consumable extends Model
     */
     public function assetlog()
     {
-        return $this->hasMany('\App\Models\Actionlog', 'consumable_id')->where('asset_type', '=', 'consumable')->orderBy('created_at', 'desc')->withTrashed();
+        return $this->hasMany('\App\Models\Actionlog', 'item_id')->where('item_type', Consumable::class)->orderBy('created_at', 'desc')->withTrashed();
     }
 
 

app/Models/CustomField.php

@@ -2,6 +2,7 @@
 namespace App\Models;
 
 use Illuminate\Database\Eloquent\Model;
+use Schema;
 
 class CustomField extends Model
 {
@@ -11,18 +12,18 @@ class CustomField extends Model
 
     */
     public static $PredefinedFormats=[
-    "ANY" => "",
-    "ALPHA" => "alpha",
-    "EMAIL" => "email",
-    "DATE" => "date",
-    "URL" => "url",
-    "NUMERIC" => "numeric",
-    "MAC" => "regex:/^[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}$/",
-    "IP" => "ip"
+        "ANY" => "",
+        "ALPHA" => "alpha",
+        "EMAIL" => "email",
+        "DATE" => "date",
+        "URL" => "url",
+        "NUMERIC" => "numeric",
+        "MAC" => "regex:/^[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}$/",
+        "IP" => "ip",
     ];
 
     public $rules=[
-    "name" => "required|unique:custom_fields"
+      "name" => "required|unique:custom_fields"
     ];
 
     public static $table_name="assets";
@@ -36,12 +37,12 @@ class CustomField extends Model
     {
         self::creating(function ($custom_field) {
 
-            if (in_array($custom_field->db_column_name(), \Schema::getColumnListing(\DB::getTablePrefix().CustomField::$table_name))) {
+            if (Schema::hasColumn(CustomField::$table_name,$custom_field->db_column_name())) {
               //field already exists when making a new custom field; fail.
                 return false;
             }
 
-            \Schema::table(\DB::getTablePrefix().\App\Models\CustomField::$table_name, function ($table) use ($custom_field) {
+            Schema::table(CustomField::$table_name, function ($table) use ($custom_field) {
                 $table->text($custom_field->db_column_name())->nullable();
             });
 
@@ -49,17 +50,21 @@ class CustomField extends Model
 
         self::updating(function ($custom_field) {
             if ($custom_field->isDirty("name")) {
-                if (in_array($custom_field->db_column_name(), \Schema::getColumnListing(CustomField::$table_name))) {
+                if (Schema::hasColumn(CustomField::$table_name,$custom_field->db_column_name())) {
                   //field already exists when renaming a custom field
                     return false;
                 }
-                return \DB::statement("UPDATE ".CustomField::$table_name." RENAME ".self::name_to_db_name($custom_field->get_original("name"))." TO ".$custom_field->db_column_name());
+                return Schema::table(CustomField::$table_name, function ($table) use ($custom_field) {
+                  $table->renameColumn(self::name_to_db_name($custom_field->getOriginal("name")),$custom_field->db_column_name());
+                });
             }
             return true;
         });
 
         self::deleting(function ($custom_field) {
-            return \DB::statement("ALTER TABLE ".CustomField::$table_name." DROP COLUMN ".$custom_field->db_column_name());
+            return Schema::table(CustomField::$table_name,function ($table) use ($custom_field) {
+              $table->dropColumn(self::name_to_db_name($custom_field->getOriginal("name")));
+            });
         });
     }
 
@@ -109,4 +114,43 @@ class CustomField extends Model
             $this->attributes['format']=$value;
         }
     }
+
+    /**
+     * Format a value string as an array for select boxes and checkboxes.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.4]
+     * @return Array
+     */
+    public function formatFieldValuesAsArray() {
+        $arr = preg_split("/\\r\\n|\\r|\\n/", $this->field_values);
+
+        $result[''] = 'Select '.strtolower($this->format);
+
+        for ($x = 0; $x < count($arr); $x++) {
+            $arr_parts = explode('|', $arr[$x]);
+            if ($arr_parts[0]!='') {
+                if (key_exists('1',$arr_parts)) {
+                    $result[$arr_parts[0]] = $arr_parts[1];
+                } else {
+                    $result[$arr_parts[0]] = $arr_parts[0];
+                }
+            }
+
+        }
+
+
+        return $result;
+    }
+
+    public function isFieldDecryptable($string) {
+        if (($this->field_encrypted=='1') && ($string!='')) {
+            return true;
+        }
+        return false;
+    }
+
+
+
+
 }

app/Models/CustomFieldset.php

@@ -2,6 +2,7 @@
 namespace App\Models;
 
 use Illuminate\Database\Eloquent\Model;
+use Gate;
 
 class CustomFieldset extends Model
 {
@@ -30,16 +31,21 @@ class CustomFieldset extends Model
     {
         $rules=[];
         foreach ($this->fields as $field) {
-            $rule=[];
-            if ($field->pivot->required) {
-                $rule[]="required";
+            $rule = [];
+
+            if (($field->field_encrypted!='1') ||
+                  (($field->field_encrypted =='1')  && (Gate::allows('admin')) ))
+                  {
+
+                if ($field->pivot->required) {
+                    $rule[]="required";
+                }
             }
+
             array_push($rule, $field->attributes['format']);
             $rules[$field->db_column_name()]=$rule;
         }
         return $rules;
     }
 
-  //requiredness goes *here*
-  //sequence goes here?
 }

app/Models/Depreciable.php

@@ -1,10 +1,11 @@
 <?php
 namespace App\Models;
 
-use Illuminate\Database\Eloquent\Model;
 use App\Models\Depreciation;
+use App\Models\SnipeModel;
+use Illuminate\Database\Eloquent\Model;
 
-class Depreciable extends Model
+class Depreciable extends SnipeModel
 {
     /**
     * Depreciation Relation, and associated helper methods

app/Models/Depreciation.php

@@ -1,10 +1,11 @@
 <?php
 namespace App\Models;
 
+use App\Models\SnipeModel;
 use Illuminate\Database\Eloquent\Model;
 use Watson\Validating\ValidatingTrait;
 
-class Depreciation extends Model
+class Depreciation extends SnipeModel
 {
     // Declare the rules for the form validation
     protected $rules = array(

app/Models/Group.php

@@ -1,11 +1,10 @@
 <?php
 namespace App\Models;
 
+use App\Models\SnipeModel;
 use Watson\Validating\ValidatingTrait;
 
-use Illuminate\Database\Eloquent\Model;
-
-class Group extends Model
+class Group extends SnipeModel
 {
     protected $table = 'groups';
 
@@ -37,7 +36,4 @@ class Group extends Model
     {
         return json_decode($this->permissions, true);
     }
-
-
-
 }

app/Models/Ldap.php

@@ -0,0 +1,298 @@
+<?php
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Model;
+use App\Models\User;
+use App\Models\Setting;
+use Exception;
+use Input;
+use Log;
+
+
+class Ldap extends Model
+{
+
+    /**
+     * Makes a connection to LDAP using the settings in Admin > Settings.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return connection
+     */
+
+    public static function connectToLdap()
+    {
+
+        $ldap_host    = Setting::getSettings()->ldap_server;
+        $ldap_version = Setting::getSettings()->ldap_version;
+        $ldap_server_cert_ignore = Setting::getSettings()->ldap_server_cert_ignore;
+        $ldap_use_tls = Setting::getSettings()->ldap_tls;
+
+
+        // If we are ignoring the SSL cert we need to setup the environment variable
+        // before we create the connection
+        if ($ldap_server_cert_ignore=='1') {
+            putenv('LDAPTLS_REQCERT=never');
+        }
+
+        // If the user specifies where CA Certs are, make sure to use them
+        if(env("LDAPTLS_CACERT")) {
+          putenv("LDAPTLS_CACERT=".env("LDAPTLS_CACERT"));
+        }
+
+        $connection = @ldap_connect($ldap_host);
+
+        if (!$connection) {
+            throw new Exception('Could not connect to LDAP server at '.$ldap_host.'. Please check your LDAP server name and port number in your settings.');
+        }
+
+        // Needed for AD
+        ldap_set_option($connection, LDAP_OPT_REFERRALS, 0);
+        ldap_set_option($connection, LDAP_OPT_PROTOCOL_VERSION, $ldap_version);
+
+        if ($ldap_use_tls=='1') {
+            ldap_start_tls($connection);
+        }
+
+        return $connection;
+    }
+
+
+    /**
+     * Binds/authenticates the user to LDAP, and returns their attributes.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @param $username
+     * @param $password
+     * @param bool|false $user
+     * @return bool true    if the username and/or password provided are valid
+     *              false   if the username and/or password provided are invalid
+     *         array of ldap_attributes if $user is true
+     *
+     */
+    static function findAndBindUserLdap($username, $password)
+    {
+        $settings = Setting::getSettings();
+        $connection = Ldap::connectToLdap();
+        $ldap_username_field     = $settings->ldap_username_field;
+        $baseDn      = $settings->ldap_basedn;
+
+        if ($settings->is_ad =='1')
+        {
+
+            // Check if they are using the userprincipalname for the username field.
+            // If they are, we can skip building the UPN to authenticate against AD
+            if ($ldap_username_field=='userprincipalname')
+            {
+                $userDn = $username;
+            } else {
+                // In case they haven't added an AD domain
+                if ($settings->ad_domain == '') {
+                    $userDn      = $username.'@'.$settings->email_domain;
+                } else {
+                    $userDn      = $username.'@'.$settings->ad_domain;
+                }
+            }
+
+        } else {
+            $userDn      = $ldap_username_field.'='.$username.','.$settings->ldap_basedn;
+        }
+
+
+        $filterQuery = $settings->ldap_auth_filter_query . $username;
+
+        if (!$ldapbind = @ldap_bind($connection, $userDn, $password)) {
+            return false;
+        }
+
+        if (!$results = ldap_search($connection, $baseDn, $filterQuery)) {
+            throw new Exception('Could not search LDAP: ');
+        }
+
+        if (!$entry = ldap_first_entry($connection, $results)) {
+            return false;
+        }
+
+        if (!$user =  array_change_key_case(ldap_get_attributes($connection, $entry), CASE_LOWER)) {
+            return false;
+        }
+
+        return $user;
+
+    }
+
+
+    /**
+     * Binds/authenticates an admin to LDAP for LDAP searching/syncing.
+     * Here we also return a better error if the app key is donked.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @param bool|false $user
+     * @return bool true    if the username and/or password provided are valid
+     *              false   if the username and/or password provided are invalid
+     *
+     */
+    static function bindAdminToLdap($connection)
+    {
+
+        $ldap_username     = Setting::getSettings()->ldap_uname;
+
+        // Lets return some nicer messages for users who donked their app key, and disable LDAP
+        try {
+            $ldap_pass    = \Crypt::decrypt(Setting::getSettings()->ldap_pword);
+        } catch (Exception $e) {
+
+            throw new Exception('Your app key has changed! Could not decrypt LDAP password using your current app key, so LDAP authentication has been disabled. Login with a local account, update the LDAP password and re-enable it in Admin > Settings.');
+        }
+
+
+        if (!$ldapbind = @ldap_bind($connection, $ldap_username, $ldap_pass)) {
+            throw new Exception('Could not bind to LDAP: '.ldap_error($connection));
+        }
+
+    }
+
+
+    /**
+     * Parse and map LDAP attributes based on settings
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     *
+     * @param $ldapatttibutes
+     * @return array|bool
+     */
+    static function parseAndMapLdapAttributes($ldapatttibutes)
+    {
+        //Get LDAP attribute config
+        $ldap_result_username = Setting::getSettings()->ldap_username_field;
+        $ldap_result_emp_num = Setting::getSettings()->ldap_emp_num;
+        $ldap_result_last_name = Setting::getSettings()->ldap_lname_field;
+        $ldap_result_first_name = Setting::getSettings()->ldap_fname_field;
+        $ldap_result_email = Setting::getSettings()->ldap_email;
+
+        // Get LDAP user data
+        $item = array();
+        $item["username"] = isset($ldapatttibutes[$ldap_result_username][0]) ? $ldapatttibutes[$ldap_result_username][0] : "";
+        $item["employee_number"] = isset($ldapatttibutes[$ldap_result_emp_num][0]) ? $ldapatttibutes[$ldap_result_emp_num][0] : "";
+        $item["lastname"] = isset($ldapatttibutes[$ldap_result_last_name][0]) ? $ldapatttibutes[$ldap_result_last_name][0] : "";
+        $item["firstname"] = isset($ldapatttibutes[$ldap_result_first_name][0]) ? $ldapatttibutes[$ldap_result_first_name][0] : "";
+        $item["email"] = isset($ldapatttibutes[$ldap_result_email][0]) ? $ldapatttibutes[$ldap_result_email][0] : "" ;
+
+        return $item;
+
+
+    }
+
+    /**
+     * Create user from LDAP attributes
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @param $ldapatttibutes
+     * @return array|bool
+     */
+    static function createUserFromLdap($ldapatttibutes)
+    {
+        $item = Ldap::parseAndMapLdapAttributes($ldapatttibutes);
+
+
+        // Create user from LDAP data
+        if (!empty($item["username"])) {
+            $user = new User;
+            $user->first_name = $item["firstname"];
+            $user->last_name = $item["lastname"];
+            $user->username = $item["username"];
+            $user->email = $item["email"];
+
+            if (Setting::getSettings()->ldap_pw_sync=='1') {
+                $user->password = bcrypt(Input::get("password"));
+            } else {
+                $pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 25);
+                $user->password = bcrypt($pass);
+            }
+
+            $user->activated = 1;
+            $user->ldap_import = 1;
+            $user->notes = 'Imported on first login from LDAP';
+
+            if ($user->save()) {
+                return $user;
+            } else {
+                LOG::debug('Could not create user.'.$user->getErrors());
+                throw new Exception("Could not create user: ".$user->getErrors());
+            }
+        }
+
+        return false;
+
+    }
+
+    /**
+     * Searches LDAP
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @param $ldapatttibutes
+     * @return array|bool
+     */
+    static function findLdapUsers() {
+
+        $ldapconn = Ldap::connectToLdap();
+        $ldap_bind = Ldap::bindAdminToLdap($ldapconn);
+        $base_dn = Setting::getSettings()->ldap_basedn;
+        $filter = Setting::getSettings()->ldap_filter;
+
+        // Set up LDAP pagination for very large databases
+        // @author Richard Hofman
+        $page_size = 500;
+        $cookie = '';
+        $result_set = array();
+        $global_count = 0;
+
+        // Perform the search
+        do {
+
+            // Paginate (non-critical, if not supported by server)
+            if (!$ldap_paging = @ldap_control_paged_result($ldapconn, $page_size, false, $cookie)) {
+                throw new Exception('Problem with your LDAP connection. Try checking the Use TLS setting in Admin > Settings. ');
+            }
+
+
+            $search_results = ldap_search($ldapconn, $base_dn, '('.$filter.')');
+
+            if (!$search_results) {
+                return redirect()->route('users')->with('error', trans('admin/users/message.error.ldap_could_not_search').ldap_error($ldapconn));
+            }
+
+            // Get results from page
+            $results = ldap_get_entries($ldapconn, $search_results);
+            if (!$results) {
+                return redirect()->route('users')->with('error', trans('admin/users/message.error.ldap_could_not_get_entries').ldap_error($ldapconn));
+            }
+
+            // Add results to result set
+            $global_count += $results['count'];
+            $result_set = array_merge($result_set, $results);
+
+            @ldap_control_paged_result_response($ldapconn, $search_results, $cookie);
+
+        } while ($cookie !== null && $cookie != '');
+
+
+        // Clean up after search
+        $result_set['count'] = $global_count;
+        $results = $result_set;
+        ldap_control_paged_result($ldapconn, 0);
+
+        return $results;
+
+
+    }
+
+
+
+
+}

app/Models/License.php

@@ -2,15 +2,16 @@
 namespace App\Models;
 
 use App\Models\Company;
+use App\Models\Loggable;
 use DB;
-use Watson\Validating\ValidatingTrait;
-
 use Illuminate\Database\Eloquent\SoftDeletes;
+use Watson\Validating\ValidatingTrait;
 
 class License extends Depreciable
 {
     use SoftDeletes;
     use CompanyableTrait;
+    use Loggable;
     protected $injectUniqueIdentifier = true;
     use ValidatingTrait;
 
@@ -22,7 +23,6 @@ class License extends Depreciable
     protected $table = 'licenses';
     protected $rules = array(
         'name'   => 'required|string|min:3|max:255',
-        'serial'   => 'required|min:5',
         'seats'   => 'required|min:1|max:10000|integer',
         'license_email'   => 'email|min:0|max:120',
         'license_name'   => 'string|min:0|max:100',
@@ -36,6 +36,11 @@ class License extends Depreciable
         return $this->belongsTo('\App\Models\Company', 'company_id');
     }
 
+    public function manufacturer()
+    {
+        return $this->belongsTo('\App\Models\Manufacturer', 'manufacturer_id');
+    }
+
     /**
      * Get the assigned user
      */
@@ -49,8 +54,8 @@ class License extends Depreciable
     */
     public function assetlog()
     {
-        return $this->hasMany('\App\Models\Actionlog', 'asset_id')
-            ->where('asset_type', '=', 'software')
+        return $this->hasMany('\App\Models\Actionlog', 'item_id')
+            ->where('item_type', '=', License::class)
             ->orderBy('created_at', 'desc');
     }
 
@@ -59,8 +64,8 @@ class License extends Depreciable
     */
     public function uploads()
     {
-        return $this->hasMany('\App\Models\Actionlog', 'asset_id')
-            ->where('asset_type', '=', 'software')
+        return $this->hasMany('\App\Models\Actionlog', 'item_id')
+            ->where('item_type', '=', License::class)
             ->where('action_type', '=', 'uploaded')
             ->whereNotNull('filename')
             ->orderBy('created_at', 'desc');
@@ -95,6 +100,20 @@ class License extends Depreciable
                    ->count();
     }
 
+    // We do this to eager load the "count" of seats from the controller.  Otherwise calling "count()" on each model results in n+1
+    public function licenseSeatsRelation()
+    {
+        return $this->hasMany(LicenseSeat::class)->whereNull('deleted_at')->selectRaw('license_id, count(*) as count')->groupBy('license_id');
+    }
+
+    public function getLicenseSeatsCountAttribute()
+    {
+        if ($this->licenseSeatsRelation->first()) {
+            return $this->licenseSeatsRelation->first()->count;
+        }
+
+        return 0;
+    }
 
     /**
     * Get total licenses not checked out
@@ -110,37 +129,47 @@ class License extends Depreciable
     /**
      * Get the number of available seats
      */
-    public function availcount()
+    public function availCount()
     {
-        return LicenseSeat::whereNull('assigned_to')
-                    ->whereNull('asset_id')
-                    ->where('license_id', '=', $this->id)
-                    ->whereNull('deleted_at')
-                    ->count();
+        return $this->licenseSeatsRelation()
+            ->whereNull('asset_id');
+    }
+
+    public function getAvailSeatsCountAttribute()
+    {
+        if ($this->availCount->first()) {
+            return $this->availCount->first()->count;
+        }
+
+        return 0;
     }
 
     /**
      * Get the number of assigned seats
      *
      */
-    public function assignedcount()
+    public function assignedCount()
     {
+        return $this->licenseSeatsRelation()->where(function ($query) {
+            $query->whereNotNull('assigned_to')
+            ->orWhereNotNull('asset_id');
+        });
+    }
 
-        return \App\Models\LicenseSeat::where('license_id', '=', $this->id)
-            ->where(function ($query) {
-
-                $query->whereNotNull('assigned_to')
-                ->orWhereNotNull('asset_id');
-            })
-        ->count();
-
+    public function getAssignedSeatsCountAttribute()
+    {
+        // dd($this->licenseSeatsRelation->first());
+        if ($this->assignedCount->first()) {
+            return $this->assignedCount->first()->count;
+        }
 
+        return 0;
     }
 
     public function remaincount()
     {
-        $total = $this->totalSeatsByLicenseID();
-        $taken =  $this->assignedcount();
+        $total = $this->licenseSeatsCount;
+        $taken =  $this->assigned_seats_count;
         $diff =   ($total - $taken);
         return $diff;
     }
@@ -150,7 +179,7 @@ class License extends Depreciable
      */
     public function totalcount()
     {
-        $avail =  $this->availcount();
+        $avail =  $this->availSeatsCount;
         $taken =  $this->assignedcount();
         $diff =   ($avail + $taken);
         return $diff;
@@ -204,12 +233,51 @@ class License extends Depreciable
 
         return $query->where(function ($query) use ($search) {
 
-            $query->where('name', 'LIKE', '%'.$search.'%')
-                ->orWhere('serial', 'LIKE', '%'.$search.'%')
-                ->orWhere('notes', 'LIKE', '%'.$search.'%')
-                ->orWhere('order_number', 'LIKE', '%'.$search.'%')
-                ->orWhere('purchase_date', 'LIKE', '%'.$search.'%')
-                ->orWhere('purchase_cost', 'LIKE', '%'.$search.'%');
+            $query->where('licenses.name', 'LIKE', '%'.$search.'%')
+                ->orWhere('licenses.serial', 'LIKE', '%'.$search.'%')
+                ->orWhere('licenses.notes', 'LIKE', '%'.$search.'%')
+                ->orWhere('licenses.order_number', 'LIKE', '%'.$search.'%')
+                ->orWhere('licenses.purchase_order', 'LIKE', '%'.$search.'%')
+                ->orWhere('licenses.purchase_date', 'LIKE', '%'.$search.'%')
+                ->orWhere('licenses.purchase_cost', 'LIKE', '%'.$search.'%')
+             ->orWhereHas('manufacturer', function ($query) use ($search) {
+                        $query->where(function ($query) use ($search) {
+                            $query->where('manufacturers.name', 'LIKE', '%'.$search.'%');
+                    });
+                })
+            ->orWhereHas('company', function ($query) use ($search) {
+                $query->where(function ($query) use ($search) {
+                    $query->where('companies.name', 'LIKE', '%'.$search.'%');
+                });
+            });
         });
     }
+
+    /**
+     * Query builder scope to order on manufacturer
+     *
+     * @param  Illuminate\Database\Query\Builder  $query  Query builder instance
+     * @param  text                              $order         Order
+     *
+     * @return Illuminate\Database\Query\Builder          Modified query builder
+     */
+    public function scopeOrderManufacturer($query, $order)
+    {
+        return $query->leftJoin('manufacturers', 'licenses.manufacturer_id', '=', 'manufacturers.id')->select('licenses.*')
+            ->orderBy('manufacturers.name', $order);
+    }
+
+    /**
+     * Query builder scope to order on company
+     *
+     * @param  Illuminate\Database\Query\Builder  $query  Query builder instance
+     * @param  text                              $order         Order
+     *
+     * @return Illuminate\Database\Query\Builder          Modified query builder
+     */
+    public function scopeOrderCompany($query, $order)
+    {
+        return $query->leftJoin('companies as companies', 'licenses.company_id', '=', 'companies.id')->select('licenses.*')
+            ->orderBy('companies.name', $order);
+    }
 }

app/Models/LicenseSeat.php

@@ -1,6 +1,7 @@
 <?php
 namespace App\Models;
 
+use App\Models\Loggable;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;
 
@@ -8,6 +9,7 @@ class LicenseSeat extends Model implements ICompanyableChild
 {
     use CompanyableChildTrait;
     use SoftDeletes;
+    use Loggable;
 
     protected $dates = ['deleted_at'];
     protected $guarded = 'id';

app/Models/Location.php

@@ -1,22 +1,24 @@
 <?php
 namespace App\Models;
 
+use App\Http\Traits\UniqueUndeletedTrait;
+use App\Models\Asset;
+use App\Models\SnipeModel;
+use App\Models\User;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;
-use App\Models\User;
-use App\Models\Asset;
 use Watson\Validating\ValidatingTrait;
 
-class Location extends Model
+class Location extends SnipeModel
 {
     use SoftDeletes;
     protected $dates = ['deleted_at'];
     protected $table = 'locations';
     protected $rules = array(
-      'name'        => 'required|min:3|max:255|unique:locations,name,NULL,deleted_at',
+      'name'        => 'required|min:3|max:255|unique_undeleted',
       'city'        => 'min:3|max:255',
-      'state'           => 'min:2|max:32',
-      'country'     => 'min:2|max:2|max:2',
+      'state'           => 'min:0|max:2',
+      'country'     => 'min:2|max:2',
       'address'         => 'min:5|max:80',
       'address2'        => 'min:2|max:80',
       'zip'         => 'min:3|max:10',
@@ -31,6 +33,7 @@ class Location extends Model
     */
     protected $injectUniqueIdentifier = true;
     use ValidatingTrait;
+    use UniqueUndeletedTrait;
 
 
     /**
@@ -47,7 +50,7 @@ class Location extends Model
 
     public function assets()
     {
-        return $this->hasManyThrough('\App\Models\Asset', '\App\Models\Actionlog', 'location_id', 'id');
+        return $this->hasManyThrough('\App\Models\Asset', '\App\Models\User', 'location_id', 'assigned_to', 'id');
     }
 
     public function assignedassets()

app/Models/Loggable.php

@@ -0,0 +1,137 @@
+<?php
+
+namespace App\Models;
+
+use App\Models\Actionlog;
+use App\Models\Asset;
+use App\Models\CheckoutRequest;
+use App\Models\User;
+use Illuminate\Support\Facades\Auth;
+
+trait Loggable
+{
+
+    /**
+     * @author  Daniel Meltzer <parallelgrapefruit@gmail.com
+     * @since [v3.4]
+     * @return \App\Models\Actionlog
+     */
+
+    public function log()
+    {
+        return $this->morphMany(Actionlog::class, 'item');
+    }
+
+    /**
+     * @author  Daniel Meltzer <parallelgrapefruit@gmail.com
+     * @since [v3.4]
+     * @return \App\Models\Actionlog
+     */
+    public function logCheckout($note, $target = null /*target is overridable for components*/)
+    {
+        $log = new Actionlog;
+
+        // We need to special case licenses because of license_seat vs license.  So much for clean polymorphism :)
+        if (static::class == LicenseSeat::class) {
+            $log->item_type = License::class;
+            $log->item_id = $this->license_id;
+        } else {
+            $log->item_type = static::class;
+            $log->item_id = $this->id;
+        }
+
+        $log->user_id = Auth::user()->id;
+
+        if (!is_null($this->asset_id) || isset($target)) {
+            $log->target_type = Asset::class;
+            $log->target_id = $this->asset_id;
+        } else if (!is_null($this->assigned_to)) {
+            $log->target_type = User::class;
+            $log->target_id = $this->assigned_to;
+        }
+
+        $item = call_user_func(array($log->target_type, 'find'), $log->target_id);
+        $log->location_id = $item->location_id;
+        $log->note = $note;
+        $log->logaction('checkout');
+
+        return $log;
+    }
+
+    /**
+     * @author  Daniel Meltzer <parallelgrapefruit@gmail.com
+     * @since [v3.4]
+     * @return \App\Models\Actionlog
+     */
+    public function logCheckin($target, $note)
+    {
+        $log = new Actionlog;
+        $log->target_type = get_class($target);
+        $log->target_id = $target->id;
+        if (static::class == LicenseSeat::class) {
+            $log->item_type = License::class;
+            $log->item_id = $this->license_id;
+        } else {
+            $log->item_type = static::class;
+            $log->item_id = $this->id;
+        }
+        $log->location_id = null;
+        $log->note = $note;
+        $log->user_id = Auth::user()->id;
+        $log->logaction('checkin from');
+
+        return $log;
+    }
+
+    /**
+     * @author  Daniel Meltzer <parallelgrapefruit@gmail.com
+     * @since [v3.5]
+     * @return \App\Models\Actionlog
+     */
+    public function logCreate($note = null)
+    {
+        $user_id = -1;
+        if (Auth::user()) {
+            $user_id = Auth::user()->id;
+        }
+        $log = new Actionlog;
+        if (static::class == LicenseSeat::class) {
+            $log->item_type = License::class;
+            $log->item_id = $this->license_id;
+        } else {
+            $log->item_type = static::class;
+            $log->item_id = $this->id;
+        }
+        $log->location_id = null;
+        $log->note = $note;
+        $log->user_id = $user_id;
+        $log->logaction('created');
+        $log->save();
+        return $log;
+    }
+
+    /**
+     * @author  Daniel Meltzer <parallelgrapefruit@gmail.com
+     * @since [v3.4]
+     * @return \App\Models\Actionlog
+     */
+    public function logUpload($filename, $note)
+    {
+        $log = new Actionlog;
+        if (static::class == LicenseSeat::class) {
+            $log->item_type = License::class;
+            $log->item_id = $this->license_id;
+        } else {
+            $log->item_type = static::class;
+            $log->item_id = $this->id;
+        }
+        $log->user_id = Auth::user()->id;
+        $log->note = $note;
+        $log->target_id =  null;
+        $log->created_at =  date("Y-m-d h:i:s");
+        $log->filename =  $filename;
+        $log->logaction('uploaded');
+
+        return $log;
+    }
+}

app/Models/Manufacturer.php

@@ -1,11 +1,12 @@
 <?php
 namespace App\Models;
 
+use App\Models\SnipeModel;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;
 use Watson\Validating\ValidatingTrait;
 
-class Manufacturer extends Model
+class Manufacturer extends SnipeModel
 {
     use SoftDeletes;
     protected $dates = ['deleted_at'];
@@ -46,6 +47,26 @@ class Manufacturer extends Model
         return $this->hasManyThrough('\App\Models\Asset', '\App\Models\AssetModel', 'manufacturer_id', 'model_id');
     }
 
+    public function models()
+    {
+        return $this->hasMany('\App\Models\AssetModel', 'manufacturer_id');
+    }
+
+    public function licenses()
+    {
+        return $this->hasMany('\App\Models\License', 'manufacturer_id');
+    }
+
+    public function accessories()
+    {
+        return $this->hasMany('\App\Models\Accessory', 'manufacturer_id');
+    }
+
+    public function consumables()
+    {
+        return $this->hasMany('\App\Models\Consumable', 'manufacturer_id');
+    }
+
     /**
     * Query builder scope to search on text
     *

app/Models/Requestable.php

@@ -0,0 +1,45 @@
+<?php
+
+namespace App\Models;
+
+use App\Models\CheckoutRequest;
+use App\Models\User;
+use Illuminate\Support\Facades\Auth;
+
+// $asset->requests
+// $asset->isRequestedBy($user)
+// $asset->whereRequestedBy($user)
+trait Requestable
+{
+
+    public function requests()
+    {
+        return $this->morphMany(CheckoutRequest::class, 'requestable');
+    }
+
+    public function isRequestedBy(User $user)
+    {
+        return $this->requests()
+            ->where('user_id', $user->id)
+            ->exists();
+    }
+
+    public function scopeRequestedBy($query, User $user)
+    {
+        return $query->whereHas('requests', function ($query) use ($user) {
+            $query->where('user_id', $user->id);
+        });
+    }
+
+    public function request()
+    {
+        $this->requests()->save(
+            new CheckoutRequest(['user_id' => Auth::id()])
+        );
+    }
+
+    public function cancelRequest()
+    {
+        $this->requests()->where('user_id', Auth::id())->delete();
+    }
+}

app/Models/Setting.php

@@ -11,55 +11,70 @@ class Setting extends Model
     use ValidatingTrait;
 
     protected $rules = [
-    "site_name"     => 'required|min:1',
-    "brand"     => 'required|min:1|numeric',
-    "alert_threshold"     => 'numeric',
-    "alert_interval"     => 'numeric',
-    "qr_text"       => 'min:1|max:31',
-    "custom_css"   => 'string',
-    "slack_endpoint"   => 'url',
-    "default_currency"   => 'required',
-    "slack_channel"   => 'regex:/(?<!\w)#\w+/',
-    "slack_botname"   => 'string',
-    "ldap_server"   => 'sometimes|required_if:ldap_enabled,1|url',
-    "ldap_uname"     => 'sometimes|required_if:ldap_enabled,1',
-    "ldap_pword"     => 'sometimes|required_if:ldap_enabled,1',
-    "ldap_basedn"     => 'sometimes|required_if:ldap_enabled,1',
-    "ldap_filter"     => 'sometimes|required_if:ldap_enabled,1',
-    "ldap_username_field"     => 'sometimes|required_if:ldap_enabled,1',
-    "ldap_lname_field"     => 'sometimes|required_if:ldap_enabled,1',
-    "ldap_auth_filter_query"     => 'sometimes|required_if:ldap_enabled,1',
-    "ldap_version"     => 'sometimes|required_if:ldap_enabled,1',
+          "brand"     => 'required|min:1|numeric',
+          "qr_text"         => 'min:1|max:31',
+          "logo_img"        => 'mimes:jpeg,bmp,png,gif',
+          "custom_css"   => 'string',
+          "alert_email"   => 'email_array',
+          "slack_endpoint"   => 'url',
+          "default_currency"   => 'required',
+          "locale"   => 'required',
+          "slack_channel"   => 'regex:/(?<!\w)#\w+/',
+          "slack_botname"   => 'string',
+          'labels_per_page' => 'numeric',
+          'labels_width' => 'numeric',
+          'labels_height' => 'numeric',
+          'labels_pmargin_left' => 'numeric',
+          'labels_pmargin_right' => 'numeric',
+          'labels_pmargin_top' => 'numeric',
+          'labels_pmargin_bottom' => 'numeric',
+          'labels_display_bgutter' => 'numeric',
+          'labels_display_sgutter' => 'numeric',
+          'labels_fontsize' => 'numeric|min:5',
+          'labels_pagewidth' => 'numeric',
+          'labels_pageheight' => 'numeric',
+          "ldap_server"   => 'sometimes|required_if:ldap_enabled,1|url',
+          "ldap_uname"     => 'sometimes|required_if:ldap_enabled,1',
+          "ldap_basedn"     => 'sometimes|required_if:ldap_enabled,1',
+          "ldap_filter"     => 'sometimes|required_if:ldap_enabled,1',
+          "ldap_username_field"     => 'sometimes|required_if:ldap_enabled,1',
+          "ldap_lname_field"     => 'sometimes|required_if:ldap_enabled,1',
+          "ldap_auth_filter_query"     => 'sometimes|required_if:ldap_enabled,1',
+          "ldap_version"     => 'sometimes|required_if:ldap_enabled,1',
     ];
 
-    protected $fillable = ['site_name'];
+    protected $fillable = ['site_name','email_domain','email_format','username_format'];
 
     public static function getSettings()
     {
         static $static_cache = null;
 
-        if (!$static_cache) {
-            $static_cache = Setting::first();
-        }
-        return $static_cache;
+            if (!$static_cache) {
+                if (Schema::hasTable('settings')) {
+                    $static_cache = Setting::first();
+                }
+            }
+
+            return $static_cache;
+
     }
 
-    public static function setupCompleted() {
+    public static function setupCompleted()
+    {
         
-            $users_table_exists = Schema::hasTable('users');
-            $settings_table_exists = Schema::hasTable('settings');
+        $users_table_exists = Schema::hasTable('users');
+        $settings_table_exists = Schema::hasTable('settings');
+        
+        if ($users_table_exists && $settings_table_exists) {
+            $usercount = User::withTrashed()->count();
 
-
-            if ($users_table_exists && $settings_table_exists) {
-                $usercount = User::withTrashed()->count();
-
-                if ($usercount > 0) {
-                    return true;
-                }
-                return false;
-            } else {
-                return false;
+            if ($usercount > 0) {
+                return true;
             }
+            return false;
+        } else {
+            return false;
+        }
         return false;
 
 

app/Models/SnipeModel.php

@@ -0,0 +1,14 @@
+<?php
+
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Model;
+
+class SnipeModel extends Model
+{
+    //
+    public function getDisplayNameAttribute()
+    {
+        return $this->name;
+    }
+}

app/Models/Statuslabel.php

@@ -1,14 +1,17 @@
 <?php
 namespace App\Models;
 
+use App\Http\Traits\UniqueUndeletedTrait;
+use App\Models\SnipeModel;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;
 use Watson\Validating\ValidatingTrait;
 
-class Statuslabel extends Model
+class Statuslabel extends SnipeModel
 {
     use SoftDeletes;
     use ValidatingTrait;
+    use UniqueUndeletedTrait;
 
     protected $injectUniqueIdentifier = true;
     protected $dates = ['deleted_at'];
@@ -16,26 +19,44 @@ class Statuslabel extends Model
 
 
     protected $rules = array(
-      'name'  => 'required|string|unique:status_labels,name,NULL,deleted_at',
-      //'statuslabel_types' => 'required|in:deployable,pending,archived,undeployable',
-      'notes'   => 'string',
+        'name'  => 'required|string|unique_undeleted',
+        'notes'   => 'string',
+        'deployable' => 'required',
+        'pending' => 'required',
+        'archived' => 'required',
     );
 
-    protected $fillable = ['name'];
+    protected $fillable = ['name', 'deployable', 'pending', 'archived'];
 
+    /**
+     * Show count of assets with status label
+     *
+     * @todo Remove this. It's dumb.
+     * @return \Illuminate\Support\Collection
+     */
     public function has_assets()
     {
         return $this->hasMany('\App\Models\Asset', 'status_id')->count();
     }
 
+    /**
+     * Get assets with associated status label
+     *
+     * @return \Illuminate\Support\Collection
+     */
+    public function assets()
+    {
+        return $this->hasMany('\App\Models\Asset', 'status_id');
+    }
+
     public function getStatuslabelType()
     {
 
-        if ($this->pending == 1) {
+        if (($this->pending == '1') && ($this->archived == '0')  && ($this->deployable == '0')) {
             return 'pending';
-        } elseif ($this->archived == 1) {
+        } elseif (($this->pending == '0') && ($this->archived == '1')  && ($this->deployable == '0')) {
             return 'archived';
-        } elseif (($this->archived == 0) && ($this->deployable == 0) && ($this->deployable == 0)) {
+        } elseif (($this->pending == '0') && ($this->archived == '0')  && ($this->deployable == '0')) {
             return 'undeployable';
         } else {
             return 'deployable';
@@ -58,11 +79,12 @@ class Statuslabel extends Model
             $statustype['pending'] = 0;
             $statustype['deployable'] = 0;
             $statustype['archived'] = 1;
-
-        } elseif ($type == 'undeployable') {
+            
+        } else {
             $statustype['pending'] = 0;
             $statustype['deployable'] = 0;
             $statustype['archived'] = 0;
+
         }
 
         return $statustype;

app/Models/Supplier.php

@@ -1,25 +1,28 @@
 <?php
 namespace App\Models;
 
+use App\Http\Traits\UniqueUndeletedTrait;
+use App\Models\SnipeModel;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;
 use Watson\Validating\ValidatingTrait;
 
-class Supplier extends Model
+class Supplier extends SnipeModel
 {
     use SoftDeletes;
     protected $dates = ['deleted_at'];
+    protected $table = 'suppliers';
 
     protected $rules = array(
-        'name'              => 'required|min:3|max:255|unique:suppliers,name,NULL,deleted_at',
-        'address'           => 'min:3|max:255',
-        'address2'          => 'min:2|max:255',
+        'name'              => 'required|min:3|max:255|unique_undeleted',
+        'address'           => 'min:3|max:50',
+        'address2'          => 'min:2|max:50',
         'city'              => 'min:3|max:255',
         'state'             => 'min:0|max:32',
         'country'           => 'min:0|max:2',
         'fax'               => 'min:7|max:20',
         'phone'             => 'min:7|max:20',
-        'contact'           => 'min:0|max:255',
+        'contact'           => 'min:0|max:100',
         'notes'             => 'min:0|max:255',
         'email'             => 'email|min:5|max:150',
         'zip'               => 'min:0|max:10',
@@ -35,6 +38,7 @@ class Supplier extends Model
     */
     protected $injectUniqueIdentifier = true;
     use ValidatingTrait;
+    use UniqueUndeletedTrait;
 
     /**
      * The attributes that are mass assignable.
@@ -44,6 +48,21 @@ class Supplier extends Model
     protected $fillable = ['name'];
 
 
+    // Eager load counts.
+    // We do this to eager load the "count" of seats from the controller.  Otherwise calling "count()" on each model results in n+1
+    public function assetsRelation()
+    {
+        return $this->hasMany(Asset::class)->whereNull('deleted_at')->selectRaw('supplier_id, count(*) as count')->groupBy('supplier_id');
+    }
+
+    public function getLicenseSeatsCountAttribute()
+    {
+        if ($this->licenseSeatsRelation->first()) {
+            return $this->licenseSeatsRelation->first()->count;
+        }
+
+        return 0;
+    }
     public function assets()
     {
         return $this->hasMany('\App\Models\Asset', 'supplier_id');
@@ -56,7 +75,11 @@ class Supplier extends Model
 
     public function num_assets()
     {
-        return $this->hasMany('\App\Models\Asset', 'supplier_id')->count();
+        if ($this->assetsRelation->first()) {
+            return $this->assetsRelation->first()->count;
+        }
+
+        return 0;
     }
 
     public function licenses()
@@ -66,7 +89,7 @@ class Supplier extends Model
 
     public function num_licenses()
     {
-        return $this->hasMany('\App\Models\License', 'supplier_id')->count();
+        return $this->licenses()->count();
     }
 
     public function addhttp($url)

app/Models/User.php

@@ -7,8 +7,9 @@ use Illuminate\Auth\Passwords\CanResetPassword;
 use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
 use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
 use Watson\Validating\ValidatingTrait;
-use App\Models\Company;
 use Illuminate\Database\Eloquent\SoftDeletes;
+use App\Http\Traits\UniqueUndeletedTrait;
+use App\Models\Setting;
 
 class User extends Model implements AuthenticatableContract, CanResetPasswordContract
 {
@@ -17,6 +18,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
     use ValidatingTrait;
     use Authenticatable;
     use CanResetPassword;
+    use UniqueUndeletedTrait;
 
     protected $dates = ['deleted_at'];
     protected $table = 'users';
@@ -24,43 +26,50 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
     protected $fillable = ['first_name', 'last_name', 'email','password','username'];
 
 
-  /**
-   * Model validation rules
-   *
-   * @var array
-   */
+    /**
+     * Model validation rules
+     *
+     * @var array
+     */
 
     protected $rules = [
-      'first_name'              => 'required|string|min:1',
-      'last_name'               => 'required|string|min:1',
-      'username'                => 'required|string|min:2|unique:users,username,NULL,deleted_at',
-      'email'                   => 'email',
-      'password'                => 'required|min:6',
+        'first_name'              => 'required|string|min:1',
+        'username'                => 'required|string|min:2|unique_undeleted',
+        'email'                   => 'email',
+        'password'                => 'required|min:6',
     ];
 
 
-  // This is very coarse and should be changed
     public function hasAccess($section)
     {
+
         if ($this->isSuperUser()) {
             return true;
         }
 
-        if ($this->permissions=='') {
+        $user_groups = $this->groups;
+
+
+        if (($this->permissions=='')  && (count($user_groups) == 0)) {
             return false;
         }
-        $user_permissions = json_decode($this->permissions, true);
-        $user_groups = $this->groups();
 
-        if (((array_key_exists($section, $user_permissions)) && ($user_permissions[$section]=='1')) ||
-        ((array_key_exists('admin', $user_permissions)) && ($user_permissions['admin']=='1'))) {
+        $user_permissions = json_decode($this->permissions, true);
+
+        //If the user is explicitly granted, return true
+        if (($user_permissions!='') && ((array_key_exists($section, $user_permissions)) && ($user_permissions[$section]=='1'))) {
             return true;
         }
 
+        // If the user is explicitly denied, return false
+        if (($user_permissions=='') || array_key_exists($section, $user_permissions) && ($user_permissions[$section]=='-1')) {
+            return false;
+        }
+
+        // Loop through the groups to see if any of them grant this permission
         foreach ($user_groups as $user_group) {
-            $group_permissions = json_decode($user_group->permissions, true);
-            if (((array_key_exists($section, $group_permissions)) && ($group_permissions[$section]=='1')) ||
-            ((array_key_exists('admin', $group_permissions)) && ($group_permissions['admin']=='1'))) {
+            $group_permissions = (array) json_decode($user_group->permissions, true);
+            if (((array_key_exists($section, $group_permissions)) && ($group_permissions[$section]=='1'))) {
                 return true;
             }
         }
@@ -68,27 +77,25 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
         return false;
     }
 
-    public function isSuperUser() {
+    public function isSuperUser()
+    {
         if (!$user_permissions = json_decode($this->permissions, true)) {
             return false;
         }
 
-        $group_array = array();
-        foreach ($this->groups() as $user_group) {
+        foreach ($this->groups as $user_group) {
             $group_permissions = json_decode($user_group->permissions, true);
-            $group_array[] = $group_permissions;
+            $group_array = (array)$group_permissions;
+            if ((array_key_exists('superuser', $group_array)) && ($group_permissions['superuser']=='1')) {
+                return true;
+            }
         }
 
         if ((array_key_exists('superuser', $user_permissions)) && ($user_permissions['superuser']=='1')) {
             return true;
-        } else {
-            if ((array_key_exists('superuser', $group_array)) && ($group_array['superuser']=='1')) {
-                return true;
-            }
-            return false;
         }
 
-
+        return false;
     }
 
 
@@ -107,23 +114,32 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
     }
 
 
-  /**
-   * Returns the user full name, it simply concatenates
-   * the user first and last name.
-   *
-   * @return string
-   */
+    /**
+     * Returns the user full name, it simply concatenates
+     * the user first and last name.
+     *
+     * @return string
+     */
     public function fullName()
     {
         return "{$this->first_name} {$this->last_name}";
     }
 
+    public function getFullNameAttribute()
+    {
+        return $this->first_name . " " . $this->last_name;
+    }
 
-  /**
-   * Returns the user Gravatar image url.
-   *
-   * @return string
-   */
+    public function getCompleteNameAttribute()
+    {
+        return $this->last_name . ", " . $this->first_name . " (" . $this->username . ")";
+    }
+
+    /**
+     * Returns the user Gravatar image url.
+     *
+     * @return string
+     */
     public function gravatar()
     {
 
@@ -131,10 +147,8 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
             return config('app.url').'/uploads/avatars/'.$this->avatar;
         }
 
-        if ($this->email) {
-          // Generate the Gravatar hash
+        if ((Setting::getSettings()->load_remote=='1') && ($this->email!='')) {
             $gravatar = md5(strtolower(trim($this->email)));
-          // Return the Gravatar url
             return "//gravatar.com/avatar/".$gravatar;
         }
 
@@ -142,65 +156,73 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
 
     }
 
-  /**
-  * Get assets assigned to this user
-  */
+    /**
+     * Get assets assigned to this user
+     */
     public function assets()
     {
         return $this->hasMany('\App\Models\Asset', 'assigned_to')->withTrashed();
     }
 
-  /**
-  * Get accessories assigned to this user
-  */
+    /**
+     * Get assets assigned to this user
+     */
+    public function assetmaintenances()
+    {
+        return $this->hasMany('\App\Models\AssetMaintenance', 'user_id')->withTrashed();
+    }
+
+    /**
+     * Get accessories assigned to this user
+     */
     public function accessories()
     {
         return $this->belongsToMany('\App\Models\Accessory', 'accessories_users', 'assigned_to', 'accessory_id')->withPivot('id')->withTrashed();
     }
 
-  /**
-  * Get consumables assigned to this user
-  */
+    /**
+     * Get consumables assigned to this user
+     */
     public function consumables()
     {
         return $this->belongsToMany('\App\Models\Consumable', 'consumables_users', 'assigned_to', 'consumable_id')->withPivot('id')->withTrashed();
     }
 
- /**
- * Get licenses assigned to this user
- */
+    /**
+     * Get licenses assigned to this user
+     */
     public function licenses()
     {
         return $this->belongsToMany('\App\Models\License', 'license_seats', 'assigned_to', 'license_id')->withPivot('id');
     }
 
-  /**
-  * Get action logs for this user
-  */
+    /**
+     * Get action logs for this user
+     */
     public function userlog()
     {
-        return $this->hasMany('\App\Models\Actionlog', 'checkedout_to')->orderBy('created_at', 'DESC')->withTrashed();
+        return $this->hasMany('\App\Models\Actionlog', 'target_id')->orderBy('created_at', 'DESC')->withTrashed();
     }
 
-  /**
-  * Get the asset's location based on the assigned user
-  **/
+    /**
+     * Get the asset's location based on the assigned user
+     **/
     public function userloc()
     {
         return $this->belongsTo('\App\Models\Location', 'location_id')->withTrashed();
     }
 
-  /**
-  * Get the user's manager based on the assigned user
-  **/
+    /**
+     * Get the user's manager based on the assigned user
+     **/
     public function manager()
     {
         return $this->belongsTo('\App\Models\User', 'manager_id')->withTrashed();
     }
 
-  /**
-  * Get user groups
-  */
+    /**
+     * Get user groups
+     */
     public function groups()
     {
         return $this->belongsToMany('\App\Models\Group', 'users_groups');
@@ -209,10 +231,10 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
 
     public function accountStatus()
     {
-        if ($this->sentryThrottle) {
-            if ($this->sentryThrottle->suspended==1) {
+        if ($this->throttle) {
+            if ($this->throttle->suspended==1) {
                 return 'suspended';
-            } elseif ($this->sentryThrottle->banned==1) {
+            } elseif ($this->throttle->banned==1) {
                 return 'banned';
             } else {
                 return false;
@@ -227,19 +249,27 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
         return $this->hasMany('\App\Models\Asset', 'id')->withTrashed();
     }
 
-  /**
-  * Get uploads for this asset
-  */
+    /**
+     * Get uploads for this asset
+     */
     public function uploads()
     {
-        return $this->hasMany('\App\Models\Actionlog', 'asset_id')
-          ->where('asset_type', '=', 'user')
-          ->where('action_type', '=', 'uploaded')
-          ->whereNotNull('filename')
-          ->orderBy('created_at', 'desc');
+        return $this->hasMany('\App\Models\Actionlog', 'item_id')
+            ->where('item_type', User::class)
+            ->where('action_type', '=', 'uploaded')
+            ->whereNotNull('filename')
+            ->orderBy('created_at', 'desc');
     }
 
-    public function sentryThrottle()
+    /**
+     * Fetch Items User has requested
+     */
+    public function checkoutRequests()
+    {
+        return $this->belongsToMany(Asset::class, 'checkout_requests');
+    }
+
+    public function throttle()
     {
         return $this->hasOne('\App\Models\Throttle');
     }
@@ -254,10 +284,10 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
         return $query->whereNull('deleted_at');
     }
 
-  /**
-  * Override the SentryUser getPersistCode method for
-  * multiple logins at one time
-  **/
+    /**
+     * Override the SentryUser getPersistCode method for
+     * multiple logins at one time
+     **/
     public function getPersistCode()
     {
 
@@ -275,10 +305,14 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
     public function scopeMatchEmailOrUsername($query, $user_username, $user_email)
     {
         return $query->where('email', '=', $user_email)
-        ->orWhere('username', '=', $user_username)
-        ->orWhere('username', '=', $user_email);
+            ->orWhere('username', '=', $user_username)
+            ->orWhere('username', '=', $user_email);
     }
 
+    public static function generateEmailFromFullName($name) {
+        $username = User::generateFormattedNameFromFullName(Setting::getSettings()->email_format, $name);
+        return $username['username'].'@'.Setting::getSettings()->email_domain;
+    }
 
     public static function generateFormattedNameFromFullName($format = 'filastname', $users_name)
     {
@@ -294,7 +328,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
             $email_last_name = $last_name;
             $user_username = $first_name;
 
-        // There is a last name given
+            // There is a last name given
         } else {
 
             $last_name = str_replace($first_name, '', $users_name);
@@ -310,8 +344,9 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
             } elseif ($format=='firstname') {
                 $email_last_name.=str_replace(' ', '', $last_name);
                 $email_prefix = $first_name;
-
             }
+
+
         }
 
         $user_username = $email_prefix;
@@ -330,46 +365,52 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
         return json_decode($this->permissions, true);
     }
 
-/**
-* Query builder scope to search on text
-*
-* @param  Illuminate\Database\Query\Builder  $query  Query builder instance
-* @param  text                              $search      Search term
-*
-* @return Illuminate\Database\Query\Builder          Modified query builder
-*/
+    /**
+     * Query builder scope to search on text
+     *
+     * @param  Illuminate\Database\Query\Builder  $query  Query builder instance
+     * @param  text                              $search      Search term
+     *
+     * @return Illuminate\Database\Query\Builder          Modified query builder
+     */
     public function scopeTextsearch($query, $search)
     {
 
         return $query->where(function ($query) use ($search) {
             $query->where('users.first_name', 'LIKE', "%$search%")
-            ->orWhere('users.last_name', 'LIKE', "%$search%")
-            ->orWhere('users.email', 'LIKE', "%$search%")
-            ->orWhere('users.username', 'LIKE', "%$search%")
-            ->orWhere('users.notes', 'LIKE', "%$search%")
-            ->orWhere('users.employee_num', 'LIKE', "%$search%")
-            ->orWhere(function ($query) use ($search) {
-                $query->whereHas('userloc', function ($query) use ($search) {
-                    $query->where('locations.name', 'LIKE', '%'.$search.'%');
-                });
-            })
+                ->orWhere('users.last_name', 'LIKE', "%$search%")
+                ->orWhere('users.email', 'LIKE', "%$search%")
+                ->orWhere('users.username', 'LIKE', "%$search%")
+                ->orWhere('users.notes', 'LIKE', "%$search%")
+                ->orWhere('users.jobtitle', 'LIKE', "%$search%")
+                ->orWhere('users.employee_num', 'LIKE', "%$search%")
+                ->orWhere(function ($query) use ($search) {
+                    $query->whereHas('userloc', function ($query) use ($search) {
+                        $query->where('locations.name', 'LIKE', '%'.$search.'%');
+                    });
+                })
+                ->orWhere(function ($query) use ($search) {
+                    $query->whereHas('groups', function ($query) use ($search) {
+                        $query->where('groups.name', 'LIKE', '%'.$search.'%');
+                    });
+                })
 
-        // Ugly, ugly code because Laravel sucks at self-joins
-            ->orWhere(function ($query) use ($search) {
-                $query->whereRaw("users.manager_id IN (select id from users where first_name LIKE '%".$search."%' OR last_name LIKE '%".$search."%') ");
-            });
+                // Ugly, ugly code because Laravel sucks at self-joins
+                ->orWhere(function ($query) use ($search) {
+                    $query->whereRaw("users.manager_id IN (select id from users where first_name LIKE '%".$search."%' OR last_name LIKE '%".$search."%') ");
+                });
         });
 
     }
 
 
-  /**
-   * Query builder scope for Deleted users
-   *
-   * @param  Illuminate\Database\Query\Builder $query Query builder instance
-   *
-   * @return Illuminate\Database\Query\Builder          Modified query builder
-   */
+    /**
+     * Query builder scope for Deleted users
+     *
+     * @param  Illuminate\Database\Query\Builder $query Query builder instance
+     *
+     * @return Illuminate\Database\Query\Builder          Modified query builder
+     */
 
     public function scopeDeleted($query)
     {
@@ -377,28 +418,28 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
     }
 
 
-  /**
-  * Query builder scope to order on manager
-  *
-  * @param  Illuminate\Database\Query\Builder  $query  Query builder instance
-  * @param  text                              $order         Order
-  *
-  * @return Illuminate\Database\Query\Builder          Modified query builder
-  */
+    /**
+     * Query builder scope to order on manager
+     *
+     * @param  Illuminate\Database\Query\Builder  $query  Query builder instance
+     * @param  text                              $order         Order
+     *
+     * @return Illuminate\Database\Query\Builder          Modified query builder
+     */
     public function scopeOrderManager($query, $order)
     {
-      // Left join here, or it will only return results with parents
+        // Left join here, or it will only return results with parents
         return $query->leftJoin('users as manager', 'users.manager_id', '=', 'manager.id')->orderBy('manager.first_name', $order)->orderBy('manager.last_name', $order);
     }
 
-  /**
-  * Query builder scope to order on company
-  *
-  * @param  Illuminate\Database\Query\Builder  $query  Query builder instance
-  * @param  text                              $order         Order
-  *
-  * @return Illuminate\Database\Query\Builder          Modified query builder
-  */
+    /**
+     * Query builder scope to order on company
+     *
+     * @param  Illuminate\Database\Query\Builder  $query  Query builder instance
+     * @param  text                              $order         Order
+     *
+     * @return Illuminate\Database\Query\Builder          Modified query builder
+     */
     public function scopeOrderLocation($query, $order)
     {
         return $query->leftJoin('locations', 'users.location_id', '=', 'locations.id')->orderBy('locations.name', $order);

app/Providers/AppServiceProvider.php

@@ -3,6 +3,9 @@ namespace App\Providers;
 
 use Validator;
 use Illuminate\Support\ServiceProvider;
+use DB;
+use Log;
+
 
 /**
  * This service provider handles a few custom validation rules.
@@ -47,6 +50,26 @@ class AppServiceProvider extends ServiceProvider
             }
 
         });
+
+        // Unique only if undeleted
+        // This works around the use case where multiple deleted items have the same unique attribute.
+        // (I think this is a bug in Laravel's validator?)
+        Validator::extend('unique_undeleted', function($attribute, $value, $parameters, $validator) {
+
+            $count = DB::table($parameters[0])->select('id')->where($attribute,'=',$value)->whereNull('deleted_at')->where('id','!=',$parameters[1])->count();
+
+            if ($count < 1) {
+                return true;
+            } else {
+                return false;
+            }
+
+        });
+
+        // Share common variables with all views.
+        view()->composer('*', function ($view) {
+            $view->with('snipeSettings', \App\Models\Setting::getSettings());
+        });
     }
 
     /**
@@ -56,6 +79,20 @@ class AppServiceProvider extends ServiceProvider
      */
     public function register()
     {
-        //
+        $monolog = Log::getMonolog();
+
+        if (config('app.debug')) {
+            $log_level = 'debug';
+        } else {
+            if (config('log-level')) {
+                $log_level = config('log-level');
+            } else {
+                $log_level = 'error';
+            }
+        }
+
+        foreach($monolog->getHandlers() as $handler) {
+            $handler->setLevel($log_level);
+        }
     }
 }

app/Providers/AuthServiceProvider.php

@@ -13,7 +13,6 @@ class AuthServiceProvider extends ServiceProvider
      * @var array
      */
     protected $policies = [
-        'App\Model' => 'App\Policies\ModelPolicy',
     ];
 
     /**
@@ -26,6 +25,318 @@ class AuthServiceProvider extends ServiceProvider
     {
         $this->registerPolicies($gate);
 
-        //
+
+        // --------------------------------
+        // BEFORE ANYTHING ELSE
+        // --------------------------------
+        // If this condition is true, ANYTHING else below will be asssumed
+        // to be true. This can cause weird blade behavior.
+        $gate->before(function ($user) {
+            if ($user->isSuperUser()) {
+                return true;
+            }
+        });
+
+        // --------------------------------
+        // GENERAL GATES
+        // These control general sections of the admin
+        // --------------------------------
+        $gate->define('admin', function ($user) {
+            if ($user->hasAccess('admin')) {
+                return true;
+            }
+        });
+
+
+        # -----------------------------------------
+        # Reports
+        # -----------------------------------------
+        $gate->define('reports.view', function ($user) {
+            if ($user->hasAccess('reports.view')) {
+                return true;
+            }
+        });
+
+
+        # -----------------------------------------
+        # Assets
+        # -----------------------------------------
+        $gate->define('assets.view', function ($user) {
+            if (($user->hasAccess('assets.view')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        $gate->define('assets.view.requestable', function ($user) {
+            if (($user->hasAccess('assets.view.requestable')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        $gate->define('assets.create', function ($user) {
+            if (($user->hasAccess('assets.create')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        $gate->define('assets.checkout', function ($user) {
+            if (($user->hasAccess('assets.checkout')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        $gate->define('assets.checkin', function ($user) {
+            if (($user->hasAccess('assets.checkin')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        $gate->define('assets.edit', function ($user) {
+            if (($user->hasAccess('assets.edit')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        // Checks for some level of management
+        $gate->define('assets.manage', function ($user) {
+            if (($user->hasAccess('assets.checkin')) || ($user->hasAccess('assets.edit')) || ($user->hasAccess('assets.delete')) || ($user->hasAccess('assets.checkout')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+
+        # -----------------------------------------
+        # Accessories
+        # -----------------------------------------
+        $gate->define('accessories.view', function ($user) {
+            if (($user->hasAccess('accessories.view')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        $gate->define('accessories.create', function ($user) {
+            if (($user->hasAccess('accessories.create')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        $gate->define('accessories.edit', function ($user) {
+            if (($user->hasAccess('accessories.edit')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        $gate->define('accessories.delete', function ($user) {
+            if (($user->hasAccess('accessories.delete')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        $gate->define('accessories.checkout', function ($user) {
+            if (($user->hasAccess('accessories.checkout')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        $gate->define('accessories.checkin', function ($user) {
+            if (($user->hasAccess('accessories.checkin')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        // Checks for some level of management
+        $gate->define('accessories.manage', function ($user) {
+            if (($user->hasAccess('accessories.checkin')) || ($user->hasAccess('accessories.edit')) || ($user->hasAccess('accessories.checkout')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        # -----------------------------------------
+        # Consumables
+        # -----------------------------------------
+        $gate->define('consumables.view', function ($user) {
+            if (($user->hasAccess('consumables.view')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        $gate->define('consumables.create', function ($user) {
+            if (($user->hasAccess('consumables.create')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        $gate->define('consumables.edit', function ($user) {
+            if (($user->hasAccess('consumables.edit')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        $gate->define('consumables.delete', function ($user) {
+            if (($user->hasAccess('consumables.delete')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        $gate->define('consumables.checkout', function ($user) {
+            if (($user->hasAccess('consumables.checkout')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        $gate->define('consumables.checkin', function ($user) {
+            if (($user->hasAccess('consumables.checkin')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        // Checks for some level of management
+        $gate->define('consumables.manage', function ($user) {
+            if (($user->hasAccess('consumables.checkin')) || ($user->hasAccess('consumables.edit')) || ($user->hasAccess('consumables.delete')) || ($user->hasAccess('consumables.checkout')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+
+
+        # -----------------------------------------
+        # Users
+        # -----------------------------------------
+
+        $gate->define('users.view', function ($user) {
+            if (($user->hasAccess('users.view')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        $gate->define('users.create', function ($user) {
+            if (($user->hasAccess('users.create')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        $gate->define('users.edit', function ($user) {
+            if (($user->hasAccess('users.edit')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        $gate->define('users.delete', function ($user) {
+            if (($user->hasAccess('users.delete')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+
+        # -----------------------------------------
+        # Components
+        # -----------------------------------------
+        $gate->define('components.view', function ($user) {
+            if (($user->hasAccess('components.view')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        $gate->define('components.create', function ($user) {
+            if (($user->hasAccess('components.create')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        $gate->define('components.edit', function ($user) {
+            if (($user->hasAccess('components.edit')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        $gate->define('components.delete', function ($user) {
+            if (($user->hasAccess('components.delete')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        $gate->define('components.checkout', function ($user) {
+            if (($user->hasAccess('components.checkout')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        $gate->define('components.checkout', function ($user) {
+            if (($user->hasAccess('components.checkout')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        // Checks for some level of management
+        $gate->define('components.manage', function ($user) {
+            if (($user->hasAccess('components.edit')) || ($user->hasAccess('components.delete')) || ($user->hasAccess('components.checkout')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+
+        # -----------------------------------------
+        # Licenses
+        # -----------------------------------------
+        $gate->define('licenses.view', function ($user) {
+            if (($user->hasAccess('licenses.view')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        $gate->define('licenses.create', function ($user) {
+            if (($user->hasAccess('licenses.create')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        $gate->define('licenses.edit', function ($user) {
+            if (($user->hasAccess('licenses.edit')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        $gate->define('licenses.delete', function ($user) {
+            if (($user->hasAccess('licenses.delete')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        $gate->define('licenses.checkout', function ($user) {
+            if (($user->hasAccess('licenses.checkout')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        $gate->define('licenses.checkin', function ($user) {
+            if (($user->hasAccess('licenses.checkin')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        $gate->define('licenses.keys', function ($user) {
+            if (($user->hasAccess('licenses.keys')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        // Checks for some level of management
+        $gate->define('licenses.manage', function ($user) {
+            if (($user->hasAccess('licenses.checkin')) || ($user->hasAccess('licenses.edit')) || ($user->hasAccess('licenses.delete')) || ($user->hasAccess('licenses.checkout')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+
+        # -----------------------------------------
+        # Self
+        # -----------------------------------------
+        $gate->define('self.two_factor', function ($user) {
+            if (($user->hasAccess('self.two_factor')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+
     }
 }

c3.php

@@ -48,6 +48,16 @@ if (!function_exists('__c3_error')) {
     }
 }
 
+// phpunit codecoverage shimming
+if (class_exists('SebastianBergmann\CodeCoverage\CodeCoverage')) {
+      class_alias('SebastianBergmann\CodeCoverage\CodeCoverage', 'PHP_CodeCoverage');
+      class_alias('SebastianBergmann\CodeCoverage\Report\Text', 'PHP_CodeCoverage_Report_Text');
+      class_alias('SebastianBergmann\CodeCoverage\Report\PHP', 'PHP_CodeCoverage_Report_PHP');
+      class_alias('SebastianBergmann\CodeCoverage\Report\Clover', 'PHP_CodeCoverage_Report_Clover');
+      class_alias('SebastianBergmann\CodeCoverage\Report\Html\Facade', 'PHP_CodeCoverage_Report_HTML');
+      class_alias('SebastianBergmann\CodeCoverage\Exception', 'PHP_CodeCoverage_Exception');
+}
+
 // Autoload Codeception classes
 if (!class_exists('\\Codeception\\Codecept')) {
     if (file_exists(__DIR__ . '/codecept.phar')) {

codeception.yml

@@ -12,13 +12,6 @@ settings:
 extensions:
     enabled:
         - Codeception\Extension\RunFailed
-modules:
-    config:
-        Db:
-            dsn: ''
-            user: ''
-            password: ''
-            dump: tests/_data/dump.sql
 coverage:
     enabled: true
     include:

composer.json

@@ -1,8 +1,8 @@
 {
-  "name": "Snipe-IT Laravel 5.2",
-  "description": "The Laravel Framework.",
-  "keywords": ["framework", "laravel"],
-  "license": "MIT",
+  "name": "snipe/snipe-it",
+  "description": "Open source asset management system built on Laravel.",
+  "keywords": ["assets", "asset-management", "laravel"],
+  "license": "AGPL-3",
   "type": "project",
       "require": {
       "php": ">=5.5.9",
@@ -11,8 +11,8 @@
       "league/csv": "~7.0",
       "maknz/slack": "dev-master",
       "erusev/parsedown": "dev-master",
-      "fideloper/proxy": "2.1.1",
-      "guzzlehttp/guzzle": "5.3.0",
+      "fideloper/proxy": "^3.1",
+      "guzzlehttp/guzzle": "6.2.1",
       "aws/aws-sdk-php-laravel": "~3.0",
       "tecnickcom/tc-lib-barcode": "dev-master",
       "laravelcollective/html" : "~5.0",
@@ -21,12 +21,16 @@
       "doctrine/common": "v2.5.3",
       "doctrine/dbal": "v2.4.2",
       "barryvdh/laravel-debugbar": "^2.1",
-      "spatie/laravel-backup": "^3.7"
+      "spatie/laravel-backup": "3.8.1",
+      "misterphilip/maintenance-mode": "1.0.*",
+      "neitanod/forceutf8": "dev-master",
+      "pragmarx/google2fa": "^1.0"
     },
     "require-dev": {
       "fzaninotto/faker": "~1.4",
       "mockery/mockery": "0.9.*",
       "phpunit/phpunit": "~4.0",
+      "squizlabs/php_codesniffer": "2.*",
       "phpspec/phpspec": "~2.1",
       "codeception/codeception": "2.1.*",
       "symfony/dom-crawler": "~3.0",

config/app.php

@@ -27,6 +27,7 @@ return [
     */
 
     'debug' => env('APP_DEBUG', false),
+    'warn_debug' => env('WARN_DEBUG', true),
 
     /*
     |--------------------------------------------------------------------------
@@ -109,6 +110,7 @@ return [
     */
 
     'log' => env('APP_LOG', 'single'),
+    'log-level' => env('APP_LOG_LEVEL', 'error'),
 
 
     /*
@@ -117,7 +119,7 @@ return [
     |--------------------------------------------------------------------------
     | This is the path for any uploaded files that have to be run through the
     | auth system to ensure they are not visible to the public. These should be
-    | stored somewhere outside of the web root so that an unautenticated user
+    | stored somewhere outside of the web root so that an unauthenticated user
     | cannot access them.
     |
     | For example: license keys, contracts, etc.
@@ -127,6 +129,20 @@ return [
     'private_uploads' => storage_path().'/private_uploads',
 
 
+    /*
+    |--------------------------------------------------------------------------
+    | ALLOW I-FRAMING
+    |--------------------------------------------------------------------------
+    |
+    | Normal users will never need to edit this. This option lets you run
+    | Snipe-IT within an I-Frame, which is normally disabled by default for
+    | security reasons, to prevent clickjacking. It should normally be set to false.
+    |
+    */
+
+    'allow_iframing' => env('ALLOW_IFRAMING', false),
+
+
     /*
     |--------------------------------------------------------------------------
     | Demo Mode Lockdown
@@ -140,7 +156,6 @@ return [
     'lock_passwords' => env('APP_LOCKED', false),
 
 
-
     /*
     |--------------------------------------------------------------------------
     | Autoloaded Service Providers
@@ -196,7 +211,10 @@ return [
         Intervention\Image\ImageServiceProvider::class,
         Collective\Html\HtmlServiceProvider::class,
         Spatie\Backup\BackupServiceProvider::class,
-
+        Fideloper\Proxy\TrustedProxyServiceProvider::class,
+        MisterPhilip\MaintenanceMode\MaintenanceModeServiceProvider::class,
+        MisterPhilip\MaintenanceMode\MaintenanceCommandServiceProvider::class,
+        PragmaRX\Google2FA\Vendor\Laravel\ServiceProvider::class,
         /*
          * Custom service provider
          */
@@ -253,6 +271,7 @@ return [
         'View'      => Illuminate\Support\Facades\View::class,
         'Form'      => 'Collective\Html\FormFacade',
         'Html'      => 'Collective\Html\HtmlFacade',
+        'Google2FA' => PragmaRX\Google2FA\Vendor\Laravel\Facade::class,
     ],
 
 ];

config/auth.php

@@ -104,4 +104,21 @@ return [
         ],
     ],
 
+    /*
+   |--------------------------------------------------------------------------
+   | Login throttling
+   |--------------------------------------------------------------------------
+   |
+   | This handles the max failed login attempt throttling.
+   | You should not change the values here, but should change them in your
+   | application's .env file instead, as future changes to this file could
+   | overwrite your changes here.
+   |
+   */
+
+    'throttle' => [
+        'max_attempts' => env('LOGIN_MAX_ATTEMPTS', 10),
+        'lockout_duration' =>  env('LOGIN_LOCKOUT_DURATION', 60),
+    ],
+
 ];

config/database.php

@@ -69,9 +69,16 @@ return [
             'prefix'    => env('DB_PREFIX', null),
             'strict'    => false,
             'engine'    => null,
+            'unix_socket' => env('DB_SOCKET',''),
             'dump_command_path' => env('DB_DUMP_PATH', '/usr/local/bin'),  // only the path, so without 'mysqldump'
             'dump_command_timeout' => 60 * 5, // 5 minute timeout
             'dump_using_single_transaction' => true, // perform dump using a single transaction
+            'options' => (env('DB_SSL')) ? [
+                PDO::MYSQL_ATTR_SSL_KEY    => env('DB_SSL_KEY'),  // /path/to/key.pem
+                PDO::MYSQL_ATTR_SSL_CERT   => env('DB_SSL_CERT'), // /path/to/cert.pem
+                PDO::MYSQL_ATTR_SSL_CA     => env('DB_SSL_CA'),   // /path/to/ca.pem
+                PDO::MYSQL_ATTR_SSL_CIPHER => env('DB_SSL_CIPHER')
+            ] : []
         ],
 
         'pgsql' => [

config/debugbar.php

@@ -99,8 +99,8 @@ return array(
         'logs'            => false, // Add the latest log messages
         'files'           => false, // Show the included files
         'config'          => false, // Display config settings
-        'auth'            => false, // Display Laravel authentication status
-        'gate'            => false, // Display Laravel Gate checks
+        'auth'            => true, // Display Laravel authentication status
+        'gate'            => true, // Display Laravel Gate checks
         'session'         => true,  // Display session data
     ),
 
@@ -119,8 +119,8 @@ return array(
         ),
         'db' => array(
             'with_params'       => true,   // Render SQL with the parameters substituted
-            'timeline'          => false,  // Add the queries to the timeline
-            'backtrace'         => false,  // EXPERIMENTAL: Use a backtrace to find the origin of the query in your files.
+            'timeline'          => true,  // Add the queries to the timeline
+            'backtrace'         => true,  // EXPERIMENTAL: Use a backtrace to find the origin of the query in your files.
             'explain' => array(            // EXPERIMENTAL: Show EXPLAIN output on queries
                 'enabled' => false,
                 'types' => array('SELECT'), // array('SELECT', 'INSERT', 'UPDATE', 'DELETE'); for MySQL 5.6.3+

config/laravel-backup.php

@@ -142,9 +142,9 @@ return [
             'whenBackupWasSuccessful'     => ['log'],
             'whenCleanupWasSuccessful'    => ['log'],
             'whenHealthyBackupWasFound'   => ['log'],
-            'whenBackupHasFailed'         => ['log', 'mail'],
-            'whenCleanupHasFailed'        => ['log', 'mail'],
-            'whenUnhealthyBackupWasFound' => ['log', 'mail'],
+            'whenBackupHasFailed'         => ['log'],
+            'whenCleanupHasFailed'        => ['log'],
+            'whenUnhealthyBackupWasFound' => ['log'],
         ],
 
         /*