Merge remote-tracking branch 'origin/develop'

Added quotes to volume path.

.env.example

@@ -30,7 +30,7 @@ MAIL_USERNAME=YOURUSERNAME
 MAIL_PASSWORD=YOURPASSWORD
 MAIL_ENCRYPTION=null
 MAIL_FROM_ADDR=you@example.com
-MAIL_FROM_NAME=Snipe-IT
+MAIL_FROM_NAME='Snipe-IT'
 
 
 # --------------------------------------------
@@ -74,3 +74,5 @@ AWS_BUCKET=null
 APP_LOG=single
 APP_LOCKED=false
 FILESYSTEM_DISK=local
+APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1
+ALLOW_IFRAMING=false

.gitignore

@@ -1,49 +1,39 @@
-/vendor
-/node_modules
-Homestead.yaml
-Homestead.json
-.env
-
-tests/_output/*
+.couscous
 .DS_Store
-public/uploads/models/*
-public/uploads/avatars/*
-public/uploads/suppliers/*
-public/uploads/assets/*
-public/uploads/users/*
-public/uploads/*.gif
-public/uploads/*.jpg
-public/uploads/*.png
-public/uploads/*.tif
-public/uploads/*.svg
-storage/app/private_uploads/users/*
-phpDocumentor.phar
-output
-tests/_support/_generated/*
-
-
+.env
+.idea
+/bin/
 /bootstrap/compiled.php
-composer.phar
-app/config/database.php
-app/config/mail.php
+/node_modules
+/vendor
 app/database/*.sqlite
 app/storage/meta/services.json
-app/config/*/mail.php
-app/config/*/session.php
-app/config/*/database.php
-app/config/*/app.php
-app/config/*/ldap.php
-public/packages/*
-storage/logs/*
-storage/debugbar/
-/bin/
-.idea
+composer.phar
 crowdin.yaml
+Homestead.json
+Homestead.yaml
+output
+phpDocumentor.phar
+public/uploads/*.gif
+public/uploads/barcodes/*.png
+public/uploads/*.jpg
+public/uploads/*.png
+public/uploads/*.svg
+public/uploads/*.tif
+public/uploads/assets/*
+public/uploads/avatars/*
 public/uploads/logo.gif
-public/uploads/logo.svg
 public/uploads/logo.png
-.couscous
+public/uploads/logo.svg
+public/uploads/models/*
+public/uploads/suppliers/*
+public/uploads/users/*
+storage/app/private_uploads/users/*
+storage/debugbar/
 storage/dumps/*
-tests/_data/scenarios
 storage/laravel-backups
+storage/logs/*
 storage/private_uploads/users/*
+tests/_data/scenarios
+tests/_output/*
+tests/_support/_generated/*

Dockerfile

@@ -80,7 +80,7 @@ RUN cd /var/www/html;composer install
 
 ############### DATA VOLUME #################
 
-VOLUME [/var/lib/snipeit]
+VOLUME ["/var/lib/snipeit"]
 
 ##### START SERVER
 

README.md

@@ -1,38 +1,33 @@
-[![Build Status](https://travis-ci.org/snipe/snipe-it.svg?branch=develop)](https://travis-ci.org/snipe/snipe-it) [![Stories in Ready](https://badge.waffle.io/snipe/snipe-it.png?label=ready+for+dev&title=Ready+for+development)](http://waffle.io/snipe/snipe-it) [![Maintenance](https://img.shields.io/maintenance/yes/2016.svg)]() [![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.png)](https://crowdin.com/project/snipe-it)
-[![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/snipe/snipe-it?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
-[![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/)
-[![Twitter Follow](https://img.shields.io/twitter/follow/snipeyhead.svg?style=social)](https://twitter.com/snipeyhead)
-[![Zenhub](https://raw.githubusercontent.com/ZenHubIO/support/master/zenhub-badge.png)](https://zenhub.io)
+[![Build Status](https://travis-ci.org/snipe/snipe-it.svg?branch=develop)](https://travis-ci.org/snipe/snipe-it) [![Stories in Ready](https://badge.waffle.io/snipe/snipe-it.png?label=ready+for+dev&title=Ready+for+development)](http://waffle.io/snipe/snipe-it) [![Maintenance](https://img.shields.io/maintenance/yes/2016.svg)]() [![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.png)](https://crowdin.com/project/snipe-it) [![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/snipe/snipe-it?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeyhead.svg?style=social)](https://twitter.com/snipeyhead) [![Zenhub](https://raw.githubusercontent.com/ZenHubIO/support/master/zenhub-badge.png)](https://zenhub.io) [![Codacy Badge](https://api.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://www.codacy.com/app/snipe/snipe-it?utm_source=github.com&utm_medium=referral&utm_content=snipe/snipe-it&utm_campaign=Badge_Grade)
 
 
-## Snipe-IT - Asset Management For the Rest of Us
+## Snipe-IT - Open Source Asset Management System
 
 This is a FOSS project for asset management in IT Operations. Knowing who has which laptop, when it was purchased in order to depreciate it correctly, handling software licenses, etc.
 
 It is built on [Laravel 5.2](http://laravel.com).
 
-This project is being actively developed and we're [releasing quite frequently](https://github.com/snipe/snipe-it/releases). ([Check out the live demo here](https://snipeitapp.com/demo/).)
+Snipe-IT is actively developed and we're [releasing quite frequently](https://github.com/snipe/snipe-it/releases). ([Check out the live demo here](https://snipeitapp.com/demo/).)
 
-__This is web-based software__. This means there there is no executable file (aka no .exe files), and it must be run on a web server and accessed through a web browser. It runs on any Mac OSX, flavor of Linux, as well as Windows.
+__This is web-based software__. This means there there is no executable file (aka no .exe files), and it must be run on a web server and accessed through a web browser. It runs on any Mac OSX, flavor of Linux, as well as Windows, and we have a [Docker image](https://snipe-it.readme.io/docs/docker) available if that's what you're into.
 
 -----
 
 ### Installation
 
-__Installation and configuration documentation for this project has been moved to https://snipe-it.readme.io.__
+For instructions on installing and configuring Snipe-IT on your server, check out the [installation manual](https://snipe-it.readme.io/docs). (Please see the [requirements documentation](https://snipe-it.readme.io/docs/requirements) for full requirements.)
 
-#### Server Requirements
-Please see the [requirements documentation](https://snipe-it.readme.io/docs/requirements) for full requirements.
+If you're having trouble with the installation, please check the [Common Issues](https://snipe-it.readme.io/docs/common-issues) and [Getting Help](https://snipe-it.readme.io/docs/getting-help) documentation, and search this repository's open *and* closed issues for help.
+
+-----
+### User's Manual
+For help using Snipe-IT, check out the [user's manual](https://snipe-it-manual.readme.io/docs).
 
 -----
 ### Bug Reports & Feature Requests
 
 Feel free to check out the [GitHub Issues for this project](https://github.com/snipe/snipe-it/issues) to open a bug report or see what open issues you can help with. Please search through existing issues (open and closed) to see if your question hasn't already been answered before opening a new issue.
 
-We use Waffle.io to help better communicate our roadmap with users. Our [project page there](http://waffle.io/snipe/snipe-it) will show you the backlog, what's ready to be worked on, what's in progress, and what's completed.
-
-If you're having trouble with the installation, please check the [Common Issues](https://snipe-it.readme.io/docs/common-issues) and [Getting Help](https://snipe-it.readme.io/docs/getting-help) documentation.
-
 -----
 
 ### Upgrading
@@ -56,6 +51,5 @@ Please see the [translations documentation](https://snipe-it.readme.io/docs/tran
 
 Please see the documentation on [contributing and developing for Snipe-IT](https://snipe-it.readme.io/docs/contributing).
 
-[![Stories in Ready](https://badge.waffle.io/snipe/snipe-it.png?label=ready+for+dev&title=Ready+for+Development)](http://waffle.io/snipe/snipe-it)
 
 Please note that this project is released with a [Contributor Code of Conduct](CODE_OF_CONDUCT.md). By participating in this project you agree to abide by its terms.

app/Console/Commands/AssetImportCommand.php

@@ -1,5 +1,6 @@
 <?php
 namespace App\Console\Commands;
+
 use App\Models\User;
 use App\Models\Location;
 use App\Models\Category;
@@ -13,456 +14,450 @@ use Symfony\Component\Console\Input\InputArgument;
 use Illuminate\Console\Command;
 use League\Csv\Reader;
 
-class AssetImportCommand extends Command {
+class AssetImportCommand extends Command
+{
 
-	/**
-	 * The console command name.
-	 *
-	 * @var string
-	 */
-	protected $name = 'snipeit:asset-import';
+    /**
+     * The console command name.
+     *
+     * @var string
+     */
+    protected $name = 'snipeit:asset-import';
 
-	/**
-	 * The console command description.
-	 *
-	 * @var string
-	 */
-	protected $description = 'Import Assets from CSV';
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Import Assets from CSV';
 
-	/**
-	 * Create a new command instance.
-	 *
-	 * @return void
-	 */
-	public function __construct()
-	{
-		parent::__construct();
-	}
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
 
-	/**
-	 * Execute the console command.
-	 *
-	 * @return mixed
-	 */
-	public function fire()
-	{
-		$filename = $this->argument('filename');
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function fire()
+    {
+        $filename = $this->argument('filename');
 
 
-		if (!$this->option('testrun')=='true') {
-			$this->comment('======= Importing Assets from '.$filename.' =========');
-		} else {
-			$this->comment('====== TEST ONLY Asset Import for '.$filename.' ====');
-			$this->comment('============== NO DATA WILL BE WRITTEN ==============');
-		}
-
-		if (! ini_get("auto_detect_line_endings")) {
-			ini_set("auto_detect_line_endings", '1');
-		}
-
-		$csv = Reader::createFromPath($this->argument('filename'));
-		$csv->setNewline("\r\n");
-		$csv->setOffset(1);
-		$duplicates = '';
-
-		// Loop through the records
-		$nbInsert = $csv->each(function ($row) use ($duplicates) {
-			$status_id = 1;
-
-			// Let's just map some of these entries to more user friendly words
-
-			// User's name
-			if (array_key_exists('0',$row)) {
-				$user_name = trim($row[0]);
-			} else {
-				$user_name = '';
-			}
-
-			// User's email
-			if (array_key_exists('1',$row)) {
-				$user_email = trim($row[1]);
-			} else {
-				$user_email = '';
-			}
-
-			// User's email
-			if (array_key_exists('2',$row)) {
-				$user_username = trim($row[2]);
-			} else {
-				$user_username = '';
-			}
-
-			// Asset Name
-			if (array_key_exists('3',$row)) {
-				$user_asset_asset_name = trim($row[3]);
-			} else {
-				$user_asset_asset_name = '';
-			}
-
-			// Asset Category
-			if (array_key_exists('4',$row)) {
-				$user_asset_category = trim($row[4]);
-			} else {
-				$user_asset_category = '';
-			}
-
-			// Asset Name
-			if (array_key_exists('5',$row)) {
-				$user_asset_name = trim($row[5]);
-			} else {
-				$user_asset_name = '';
-			}
-
-			// Asset Manufacturer
-			if (array_key_exists('6',$row)) {
-				$user_asset_mfgr = trim($row[6]);
-			} else {
-				$user_asset_mfgr = '';
-			}
-
-			// Asset model number
-			if (array_key_exists('7',$row)) {
-				$user_asset_modelno = trim($row[7]);
-			} else {
-				$user_asset_modelno = '';
-			}
-
-			// Asset serial number
-			if (array_key_exists('8',$row)) {
-				$user_asset_serial = trim($row[8]);
-			} else {
-				$user_asset_serial = '';
-			}
-
-			// Asset tag
-			if (array_key_exists('9',$row)) {
-				$user_asset_tag = trim($row[9]);
-			} else {
-				$user_asset_tag = '';
-			}
-
-			// Asset location
-			if (array_key_exists('10',$row)) {
-				$user_asset_location = trim($row[10]);
-			} else {
-				$user_asset_location = '';
-			}
-
-			// Asset notes
-			if (array_key_exists('11',$row)) {
-				$user_asset_notes = trim($row[11]);
-			} else {
-				$user_asset_notes = '';
-			}
-
-			// Asset purchase date
-			if (array_key_exists('12',$row)) {
-				if ($row[12]!='') {
-					$user_asset_purchase_date = date("Y-m-d 00:00:01", strtotime($row[12]));
-				} else {
-					$user_asset_purchase_date = '';
-				}
-			} else {
-				$user_asset_purchase_date = '';
-			}
-
-			// Asset purchase cost
-			if (array_key_exists('13',$row)) {
-				if ($row[13]!='') {
-					$user_asset_purchase_cost = trim($row[13]);
-				} else {
-					$user_asset_purchase_cost = '';
-				}
-			} else {
-				$user_asset_purchase_cost = '';
-			}
-
-       // Asset Company Name
-       if (array_key_exists('14',$row)) {
-              if ($row[14]!='') {
-                  $user_asset_company_name = trim($row[14]);
-              } else {
-                      $user_asset_company_name= '';
-              }
-       } else {
-              $user_asset_company_name = '';
-       }
-
-
-		// A number was given instead of a name
-		if (is_numeric($user_name)) {
-			$this->comment('User '.$user_name.' is not a name - assume this user already exists');
-			$user_username = '';
-            $first_name = '';
-			$last_name = '';
-
-		// No name was given
-		} elseif ($user_name=='') {
-			$this->comment('No user data provided - skipping user creation, just adding asset');
-			$first_name = '';
-			$last_name = '';
-			//$user_username = '';
-
-		} else {
-			$user_email_array = User::generateFormattedNameFromFullName($this->option('email_format'), $user_name);
-			$first_name = $user_email_array['first_name'];
-			$last_name = $user_email_array['last_name'];
-
-			if ($user_email=='') {
-				$user_email = $user_email_array['username'].'@'.config('app.domain');
-			}
-
-			if ($user_username=='') {
-				if ($this->option('username_format')=='email') {
-					$user_username = $user_email;
-				} else {
-					$user_name_array = User::generateFormattedNameFromFullName($this->option('username_format'), $user_name);
-					$user_username = $user_name_array['username'];
-				}
-
-			}
-
-		}
-
-		$this->comment('Full Name: '.$user_name);
-		$this->comment('First Name: '.$first_name);
-		$this->comment('Last Name: '.$last_name);
-		$this->comment('Username: '.$user_username);
-		$this->comment('Email: '.$user_email);
-		$this->comment('Category Name: '.$user_asset_category);
-		$this->comment('Item: '.$user_asset_name);
-		$this->comment('Manufacturer ID: '.$user_asset_mfgr);
-		$this->comment('Model No: '.$user_asset_modelno);
-		$this->comment('Serial No: '.$user_asset_serial);
-		$this->comment('Asset Tag: '.$user_asset_tag);
-		$this->comment('Location: '.$user_asset_location);
-		$this->comment('Purchase Date: '.$user_asset_purchase_date);
-		$this->comment('Purchase Cost: '.$user_asset_purchase_cost);
-		$this->comment('Notes: '.$user_asset_notes);
-        $this->comment('Company Name: '.$user_asset_company_name);
-
-		$this->comment('------------- Action Summary ----------------');
-
-		if ($user_username!='') {
-			if ($user = User::MatchEmailOrUsername($user_username, $user_email)
-				->whereNotNull('username')->first()) {
-				$this->comment('User '.$user_username.' already exists');
-			} else {
-                $user = new \App\Models\User;
-                $password  = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
-
-                $user->first_name = $first_name;
-                $user->last_name = $last_name;
-                $user->username = $user_username;
-                $user->email = $user_email;
-                $user->permissions = '{user":1}';
-                $user->password = bcrypt($password);
-                $user->activated = 1;
-                if ($user->save()) {
-                    $this->comment('User '.$first_name.' created');
-                } else {
-                    $this->error('ERROR CREATING User '.$first_name.' '.$last_name);
-                    $this->error($user->getErrors());
-                }
-
-			}
-		} else {
-			$user = new User;
-		}
-
-		// Check for the location match and create it if it doesn't exist
-		if ($location = Location::where('name', e($user_asset_location))->first()) {
-			$this->comment('Location '.$user_asset_location.' already exists');
-		} else {
-
-        $location = new Location();
-
-				if ($user_asset_location!='')
-                {
-					$location->name = e($user_asset_location);
-					$location->address = '';
-					$location->city = '';
-					$location->state = '';
-					$location->country = '';
-					$location->user_id = 1;
-
-					if (!$this->option('testrun')=='true') {
-
-						if ($location->save()) {
-							$this->comment('Location '.$user_asset_location.' was created');
-			            } else {
-							$this->error('Something went wrong! Location '.$user_asset_location.' was NOT created');
-                            $this->error($location->getErrors());
-						}
-
-					}
-                    else
-                    {
-						$this->comment('Location '.$user_asset_location.' was (not) created - test run only');
-					}
-				}
-                else
-                {
-					$this->comment('No location given, so none created.');
-				}
-
-			}
-
-        if (e($user_asset_category)=='') {
-            $category_name = 'Unnamed Category';
+        if (!$this->option('testrun')=='true') {
+            $this->comment('======= Importing Assets from '.$filename.' =========');
         } else {
-            $category_name = e($user_asset_category);
+            $this->comment('====== TEST ONLY Asset Import for '.$filename.' ====');
+            $this->comment('============== NO DATA WILL BE WRITTEN ==============');
         }
 
-    	// Check for the category match and create it if it doesn't exist
-    	if ($category = Category::where('name', e($category_name))->where('category_type', 'asset')->first()) {
-    		$this->comment('Category '.$category_name.' already exists');
+        if (! ini_get("auto_detect_line_endings")) {
+            ini_set("auto_detect_line_endings", '1');
+        }
 
-    	} else {
-    		$category = new Category();
-            $category->name = e($category_name);
-    		$category->category_type = 'asset';
-    		$category->user_id = 1;
+        $csv = Reader::createFromPath($this->argument('filename'));
+        $csv->setNewline("\r\n");
+        $csv->setOffset(1);
+        $duplicates = '';
 
-    		if ($category->save()) {
-    			$this->comment('Category '.$user_asset_category.' was created');
+        // Loop through the records
+        $nbInsert = $csv->each(function ($row) use ($duplicates) {
+            $status_id = 1;
+
+            // Let's just map some of these entries to more user friendly words
+
+            // User's name
+            if (array_key_exists('0', $row)) {
+                $user_name = trim($row[0]);
             } else {
-    			$this->error('Something went wrong! Category '.$user_asset_category.' was NOT created');
-                $this->error($category->getErrors());
-    		}
-
-    	}
-
-    	// Check for the manufacturer match and create it if it doesn't exist
-    	if ($manufacturer = Manufacturer::where('name', e($user_asset_mfgr))->first()) {
-    		$this->comment('Manufacturer '.$user_asset_mfgr.' already exists');
-    	} else {
-    		$manufacturer = new Manufacturer();
-    		$manufacturer->name = e($user_asset_mfgr);
-    		$manufacturer->user_id = 1;
-
-    		if ($manufacturer->save()) {
-    			$this->comment('Manufacturer '.$user_asset_mfgr.' was created');
-            } else {
-    			$this->error('Something went wrong! Manufacturer '.$user_asset_mfgr.' was NOT created: '. $manufacturer->getErrors()->first());
-    		}
-
-    	}
-
-    	// Check for the asset model match and create it if it doesn't exist
-    	if ($asset_model = AssetModel::where('name', e($user_asset_name))->where('modelno', e($user_asset_modelno))->where('category_id', $category->id)->where('manufacturer_id', $manufacturer->id)->first()) {
-    		$this->comment('The Asset Model '.$user_asset_name.' with model number '.$user_asset_modelno.' already exists');
-    	} else {
-    		$asset_model = new AssetModel();
-    		$asset_model->name = e($user_asset_name);
-    		$asset_model->manufacturer_id = $manufacturer->id;
-    		$asset_model->modelno = e($user_asset_modelno);
-    		$asset_model->category_id = $category->id;
-    		$asset_model->user_id = 1;
-
-    		if ($asset_model->save()) {
-    			$this->comment('Asset Model '.$user_asset_name.' with model number '.$user_asset_modelno.' was created');
-            } else {
-    			$this->error('Something went wrong! Asset Model '.$user_asset_name.' was NOT created: '.$asset_model->getErrors()->first());
-    		}
-
-    	}
-
-        // Check for the asset company match and create it if it doesn't exist
-        if ($user_asset_company_name!='') {
-            if ($company = Company::where('name', e($user_asset_company_name))->first()) {
-                $this->comment('Company '.$user_asset_company_name.' already exists');
-            } else {
-                $company = new Company();
-                $company->name = e($user_asset_company_name);
-
-                if ($company->save()) {
-                    $this->comment('Company '.$user_asset_company_name.' was created');
-                } else {
-                    $this->error('Something went wrong! Company '.$user_asset_company_name.' was NOT created: '.$company->getErrors()->first());
-                }
+                $user_name = '';
             }
 
-        } else {
-          $company = new Company();
-        }
+            // User's email
+            if (array_key_exists('1', $row)) {
+                $user_email = trim($row[1]);
+            } else {
+                $user_email = '';
+            }
 
-			// Check for the asset match and create it if it doesn't exist
-        if ($asset = Asset::where('asset_tag', e($user_asset_tag))->first()) {
-          $this->comment('The Asset with asset tag '.$user_asset_tag.' already exists');
-        } else {
-          $asset = new Asset();
-          $asset->name = e($user_asset_asset_name);
-  				if ($user_asset_purchase_date!='') {
-  					$asset->purchase_date = $user_asset_purchase_date;
-  				} else {
-  					$asset->purchase_date = NULL;
-  				}
-  				if ($user_asset_purchase_cost!='') {
-  					$asset->purchase_cost = ParseFloat(e($user_asset_purchase_cost));
-  				} else {
-  					$asset->purchase_cost = 0.00;
-  				}
-  				$asset->serial = e($user_asset_serial);
-  				$asset->asset_tag = e($user_asset_tag);
-  				$asset->model_id = $asset_model->id;
-  				$asset->assigned_to = $user->id;
-  				$asset->rtd_location_id = $location->id;
-  				$asset->user_id = 1;
-  				$asset->status_id = $status_id;
-                $asset->company_id = $company->id;
-  				if ($user_asset_purchase_date!='') {
-  					$asset->purchase_date = $user_asset_purchase_date;
-  				} else {
-  					$asset->purchase_date = NULL;
-  				}
-  				$asset->notes = e($user_asset_notes);
+            // User's email
+            if (array_key_exists('2', $row)) {
+                $user_username = trim($row[2]);
+            } else {
+                $user_username = '';
+            }
 
-  				if ($asset->save()) {
-  					$this->comment('Asset '.$user_asset_name.' with serial number '.$user_asset_serial.' was created');
-  	            } else {
-  					$this->error('Something went wrong! Asset '.$user_asset_name.' was NOT created: '.$asset->getErrors()->first());
-  				}
+            // Asset Name
+            if (array_key_exists('3', $row)) {
+                $user_asset_asset_name = trim($row[3]);
+            } else {
+                $user_asset_asset_name = '';
+            }
 
-        }
+            // Asset Category
+            if (array_key_exists('4', $row)) {
+                $user_asset_category = trim($row[4]);
+            } else {
+                $user_asset_category = '';
+            }
+
+            // Asset Name
+            if (array_key_exists('5', $row)) {
+                $user_asset_name = trim($row[5]);
+            } else {
+                $user_asset_name = '';
+            }
+
+            // Asset Manufacturer
+            if (array_key_exists('6', $row)) {
+                $user_asset_mfgr = trim($row[6]);
+            } else {
+                $user_asset_mfgr = '';
+            }
+
+            // Asset model number
+            if (array_key_exists('7', $row)) {
+                $user_asset_modelno = trim($row[7]);
+            } else {
+                $user_asset_modelno = '';
+            }
+
+            // Asset serial number
+            if (array_key_exists('8', $row)) {
+                $user_asset_serial = trim($row[8]);
+            } else {
+                $user_asset_serial = '';
+            }
+
+            // Asset tag
+            if (array_key_exists('9', $row)) {
+                $user_asset_tag = trim($row[9]);
+            } else {
+                $user_asset_tag = '';
+            }
+
+            // Asset location
+            if (array_key_exists('10', $row)) {
+                $user_asset_location = trim($row[10]);
+            } else {
+                $user_asset_location = '';
+            }
+
+            // Asset notes
+            if (array_key_exists('11', $row)) {
+                $user_asset_notes = trim($row[11]);
+            } else {
+                $user_asset_notes = '';
+            }
+
+            // Asset purchase date
+            if (array_key_exists('12', $row)) {
+                if ($row[12]!='') {
+                    $user_asset_purchase_date = date("Y-m-d 00:00:01", strtotime($row[12]));
+                } else {
+                    $user_asset_purchase_date = '';
+                }
+            } else {
+                $user_asset_purchase_date = '';
+            }
+
+            // Asset purchase cost
+            if (array_key_exists('13', $row)) {
+                if ($row[13]!='') {
+                    $user_asset_purchase_cost = trim($row[13]);
+                } else {
+                    $user_asset_purchase_cost = '';
+                }
+            } else {
+                $user_asset_purchase_cost = '';
+            }
+
+       // Asset Company Name
+            if (array_key_exists('14', $row)) {
+                if ($row[14]!='') {
+                    $user_asset_company_name = trim($row[14]);
+                } else {
+                        $user_asset_company_name= '';
+                }
+            } else {
+                   $user_asset_company_name = '';
+            }
+
+
+        // A number was given instead of a name
+            if (is_numeric($user_name)) {
+                $this->comment('User '.$user_name.' is not a name - assume this user already exists');
+                $user_username = '';
+                $first_name = '';
+                $last_name = '';
+
+            // No name was given
+            } elseif ($user_name=='') {
+                $this->comment('No user data provided - skipping user creation, just adding asset');
+                $first_name = '';
+                $last_name = '';
+                //$user_username = '';
+
+            } else {
+                $user_email_array = User::generateFormattedNameFromFullName($this->option('email_format'), $user_name);
+                $first_name = $user_email_array['first_name'];
+                $last_name = $user_email_array['last_name'];
+
+                if ($user_email=='') {
+                    $user_email = $user_email_array['username'].'@'.config('app.domain');
+                }
+
+                if ($user_username=='') {
+                    if ($this->option('username_format')=='email') {
+                        $user_username = $user_email;
+                    } else {
+                        $user_name_array = User::generateFormattedNameFromFullName($this->option('username_format'), $user_name);
+                        $user_username = $user_name_array['username'];
+                    }
+
+                }
+
+            }
+
+            $this->comment('Full Name: '.$user_name);
+            $this->comment('First Name: '.$first_name);
+            $this->comment('Last Name: '.$last_name);
+            $this->comment('Username: '.$user_username);
+            $this->comment('Email: '.$user_email);
+            $this->comment('Category Name: '.$user_asset_category);
+            $this->comment('Item: '.$user_asset_name);
+            $this->comment('Manufacturer ID: '.$user_asset_mfgr);
+            $this->comment('Model No: '.$user_asset_modelno);
+            $this->comment('Serial No: '.$user_asset_serial);
+            $this->comment('Asset Tag: '.$user_asset_tag);
+            $this->comment('Location: '.$user_asset_location);
+            $this->comment('Purchase Date: '.$user_asset_purchase_date);
+            $this->comment('Purchase Cost: '.$user_asset_purchase_cost);
+            $this->comment('Notes: '.$user_asset_notes);
+            $this->comment('Company Name: '.$user_asset_company_name);
+
+            $this->comment('------------- Action Summary ----------------');
+
+            if ($user_username!='') {
+                if ($user = User::MatchEmailOrUsername($user_username, $user_email)
+                ->whereNotNull('username')->first()) {
+                    $this->comment('User '.$user_username.' already exists');
+                } else {
+                    $user = new \App\Models\User;
+                    $password  = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
+
+                    $user->first_name = $first_name;
+                    $user->last_name = $last_name;
+                    $user->username = $user_username;
+                    $user->email = $user_email;
+                    $user->permissions = '{user":1}';
+                    $user->password = bcrypt($password);
+                    $user->activated = 1;
+                    if ($user->save()) {
+                        $this->comment('User '.$first_name.' created');
+                    } else {
+                        $this->error('ERROR CREATING User '.$first_name.' '.$last_name);
+                        $this->error($user->getErrors());
+                    }
+
+                }
+            } else {
+                $user = new User;
+            }
+
+        // Check for the location match and create it if it doesn't exist
+            if ($location = Location::where('name', e($user_asset_location))->first()) {
+                $this->comment('Location '.$user_asset_location.' already exists');
+            } else {
+
+                $location = new Location();
+
+                if ($user_asset_location!='') {
+                    $location->name = e($user_asset_location);
+                    $location->address = '';
+                    $location->city = '';
+                    $location->state = '';
+                    $location->country = '';
+                    $location->user_id = 1;
+
+                    if (!$this->option('testrun')=='true') {
+
+                        if ($location->save()) {
+                            $this->comment('Location '.$user_asset_location.' was created');
+                        } else {
+                            $this->error('Something went wrong! Location '.$user_asset_location.' was NOT created');
+                            $this->error($location->getErrors());
+                        }
+
+                    } else {
+                        $this->comment('Location '.$user_asset_location.' was (not) created - test run only');
+                    }
+                } else {
+                    $this->comment('No location given, so none created.');
+                }
+
+            }
+
+            if (e($user_asset_category)=='') {
+                $category_name = 'Unnamed Category';
+            } else {
+                $category_name = e($user_asset_category);
+            }
+
+        // Check for the category match and create it if it doesn't exist
+            if ($category = Category::where('name', e($category_name))->where('category_type', 'asset')->first()) {
+                $this->comment('Category '.$category_name.' already exists');
+
+            } else {
+                $category = new Category();
+                $category->name = e($category_name);
+                $category->category_type = 'asset';
+                $category->user_id = 1;
+
+                if ($category->save()) {
+                    $this->comment('Category '.$user_asset_category.' was created');
+                } else {
+                    $this->error('Something went wrong! Category '.$user_asset_category.' was NOT created');
+                    $this->error($category->getErrors());
+                }
+
+            }
+
+        // Check for the manufacturer match and create it if it doesn't exist
+            if ($manufacturer = Manufacturer::where('name', e($user_asset_mfgr))->first()) {
+                $this->comment('Manufacturer '.$user_asset_mfgr.' already exists');
+            } else {
+                $manufacturer = new Manufacturer();
+                $manufacturer->name = e($user_asset_mfgr);
+                $manufacturer->user_id = 1;
+
+                if ($manufacturer->save()) {
+                    $this->comment('Manufacturer '.$user_asset_mfgr.' was created');
+                } else {
+                    $this->error('Something went wrong! Manufacturer '.$user_asset_mfgr.' was NOT created: '. $manufacturer->getErrors()->first());
+                }
+
+            }
+
+        // Check for the asset model match and create it if it doesn't exist
+            if ($asset_model = AssetModel::where('name', e($user_asset_name))->where('modelno', e($user_asset_modelno))->where('category_id', $category->id)->where('manufacturer_id', $manufacturer->id)->first()) {
+                $this->comment('The Asset Model '.$user_asset_name.' with model number '.$user_asset_modelno.' already exists');
+            } else {
+                $asset_model = new AssetModel();
+                $asset_model->name = e($user_asset_name);
+                $asset_model->manufacturer_id = $manufacturer->id;
+                $asset_model->modelno = e($user_asset_modelno);
+                $asset_model->category_id = $category->id;
+                $asset_model->user_id = 1;
+
+                if ($asset_model->save()) {
+                    $this->comment('Asset Model '.$user_asset_name.' with model number '.$user_asset_modelno.' was created');
+                } else {
+                    $this->error('Something went wrong! Asset Model '.$user_asset_name.' was NOT created: '.$asset_model->getErrors()->first());
+                }
+
+            }
+
+        // Check for the asset company match and create it if it doesn't exist
+            if ($user_asset_company_name!='') {
+                if ($company = Company::where('name', e($user_asset_company_name))->first()) {
+                    $this->comment('Company '.$user_asset_company_name.' already exists');
+                } else {
+                    $company = new Company();
+                    $company->name = e($user_asset_company_name);
+
+                    if ($company->save()) {
+                        $this->comment('Company '.$user_asset_company_name.' was created');
+                    } else {
+                        $this->error('Something went wrong! Company '.$user_asset_company_name.' was NOT created: '.$company->getErrors()->first());
+                    }
+                }
+
+            } else {
+                $company = new Company();
+            }
+
+            // Check for the asset match and create it if it doesn't exist
+            if ($asset = Asset::where('asset_tag', e($user_asset_tag))->first()) {
+                $this->comment('The Asset with asset tag '.$user_asset_tag.' already exists');
+            } else {
+                $asset = new Asset();
+                $asset->name = e($user_asset_asset_name);
+                if ($user_asset_purchase_date!='') {
+                    $asset->purchase_date = $user_asset_purchase_date;
+                } else {
+                    $asset->purchase_date = null;
+                }
+                if ($user_asset_purchase_cost!='') {
+                    $asset->purchase_cost = ParseFloat(e($user_asset_purchase_cost));
+                } else {
+                    $asset->purchase_cost = 0.00;
+                }
+                    $asset->serial = e($user_asset_serial);
+                    $asset->asset_tag = e($user_asset_tag);
+                    $asset->model_id = $asset_model->id;
+                    $asset->assigned_to = $user->id;
+                    $asset->rtd_location_id = $location->id;
+                    $asset->user_id = 1;
+                    $asset->status_id = $status_id;
+                    $asset->company_id = $company->id;
+                if ($user_asset_purchase_date!='') {
+                    $asset->purchase_date = $user_asset_purchase_date;
+                } else {
+                    $asset->purchase_date = null;
+                }
+                    $asset->notes = e($user_asset_notes);
+
+                if ($asset->save()) {
+                    $this->comment('Asset '.$user_asset_name.' with serial number '.$user_asset_serial.' was created');
+                } else {
+                    $this->error('Something went wrong! Asset '.$user_asset_name.' was NOT created: '.$asset->getErrors()->first());
+                }
+
+            }
 
 
 
-			$this->comment('=====================================');
+            $this->comment('=====================================');
 
-			return true;
+            return true;
 
-		});
+        });
 
 
-	}
+    }
 
-	/**
-	 * Get the console command arguments.
-	 *
-	 * @return array
-	 */
-	protected function getArguments()
-	{
-		return array(
-			array('filename', InputArgument::REQUIRED, 'File for the CSV import.'),
-		);
-	}
-
-
-	/**
-	 * Get the console command options.
-	 *
-	 * @return array
-	 */
-	protected function getOptions()
-	{
-	return array(
-		array('email_format', null, InputOption::VALUE_REQUIRED, 'The format of the email addresses that should be generated. Options are firstname.lastname, firstname, filastname', null),
-		array('username_format', null, InputOption::VALUE_REQUIRED, 'The format of the username that should be generated. Options are firstname.lastname, firstname, filastname, email', null),
-		array('testrun', null, InputOption::VALUE_REQUIRED, 'Test the output without writing to the database or not.', null),
-	);
-	}
+    /**
+     * Get the console command arguments.
+     *
+     * @return array
+     */
+    protected function getArguments()
+    {
+        return array(
+            array('filename', InputArgument::REQUIRED, 'File for the CSV import.'),
+        );
+    }
 
 
+    /**
+     * Get the console command options.
+     *
+     * @return array
+     */
+    protected function getOptions()
+    {
+        return array(
+        array('email_format', null, InputOption::VALUE_REQUIRED, 'The format of the email addresses that should be generated. Options are firstname.lastname, firstname, filastname', null),
+        array('username_format', null, InputOption::VALUE_REQUIRED, 'The format of the username that should be generated. Options are firstname.lastname, firstname, filastname, email', null),
+        array('testrun', null, InputOption::VALUE_REQUIRED, 'Test the output without writing to the database or not.', null),
+        );
+    }
 }

app/Console/Commands/CreateAdmin.php

@@ -46,32 +46,32 @@ class CreateAdmin extends Command
         $show_in_list = $this->argument('show_in_list');
 
         if (($first_name=='') || ($last_name=='') || ($username=='') || ($email=='') || ($password=='')) {
-          $this->info('ERROR: All fields are required.');
+            $this->info('ERROR: All fields are required.');
         } else {
-          $user = new \App\Models\User;
-          $user->first_name = $first_name;
-          $user->last_name = $last_name;
-          $user->username = $username;
-          $user->email = $email;
-          $user->permissions = '{"admin":1,"user":1,"superuser":1,"reports.view":1, "licenses.keys":1}';
-          $user->password = bcrypt($password);
-          $user->activated = 1;
+            $user = new \App\Models\User;
+            $user->first_name = $first_name;
+            $user->last_name = $last_name;
+            $user->username = $username;
+            $user->email = $email;
+            $user->permissions = '{"admin":1,"user":1,"superuser":1,"reports.view":1, "licenses.keys":1}';
+            $user->password = bcrypt($password);
+            $user->activated = 1;
 
-          if ($show_in_list == 'false') {
-             $user->show_in_list = 0;
-          }
-          if ($user->save()) {
-            $this->info('New user created');
-            $user->groups()->attach(1);
-          } else {
-            $this->info('Admin user was not created');
-            $errors = $user->getErrors();
-
-            foreach ($errors->all() as $error) {
-              $this->info('ERROR:'. $error);
+            if ($show_in_list == 'false') {
+                $user->show_in_list = 0;
             }
+            if ($user->save()) {
+                $this->info('New user created');
+                $user->groups()->attach(1);
+            } else {
+                $this->info('Admin user was not created');
+                $errors = $user->getErrors();
 
-          }
+                foreach ($errors->all() as $error) {
+                    $this->info('ERROR:'. $error);
+                }
+
+            }
         }
 
     }
@@ -81,5 +81,5 @@ class CreateAdmin extends Command
   // 		return array(
   // 			array('username', InputArgument::REQUIRED, 'Username'),
   // 		);
-	// }
+    // }
 }

app/Console/Commands/DisableLDAP.php

@@ -5,7 +5,6 @@ namespace App\Console\Commands;
 use Illuminate\Console\Command;
 use App\Models\Setting;
 
-
 class DisableLDAP extends Command
 {
     /**

app/Console/Commands/LicenseImportCommand.php

@@ -10,375 +10,374 @@ use App\Models\Supplier;
 use App\Models\License;
 use App\Models\LicenseSeat;
 
-class LicenseImportCommand extends Command {
+class LicenseImportCommand extends Command
+{
 
-	/**
-	 * The console command name.
-	 *
-	 * @var string
-	 */
-	protected $name = 'snipeit:license-import';
+    /**
+     * The console command name.
+     *
+     * @var string
+     */
+    protected $name = 'snipeit:license-import';
 
-	/**
-	 * The console command description.
-	 *
-	 * @var string
-	 */
-	protected $description = 'Import Licenses from CSV';
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Import Licenses from CSV';
 
-	/**
-	 * Create a new command instance.
-	 *
-	 * @return void
-	 */
-	public function __construct()
-	{
-		parent::__construct();
-	}
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
 
-	/**
-	 * Execute the console command.
-	 *
-	 * @return mixed
-	 */
-	public function fire()
-	{
-		$filename = $this->argument('filename');
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function fire()
+    {
+        $filename = $this->argument('filename');
 
 
-		if (!$this->option('testrun')=='true') {
-			$this->comment('======= Importing Licenses from '.$filename.' =========');
-		} else {
-			$this->comment('====== TEST ONLY License Import for '.$filename.' ====');
-			$this->comment('============== NO DATA WILL BE WRITTEN ==============');
-		}
+        if (!$this->option('testrun')=='true') {
+            $this->comment('======= Importing Licenses from '.$filename.' =========');
+        } else {
+            $this->comment('====== TEST ONLY License Import for '.$filename.' ====');
+            $this->comment('============== NO DATA WILL BE WRITTEN ==============');
+        }
 
-		if (! ini_get("auto_detect_line_endings")) {
-			ini_set("auto_detect_line_endings", '1');
-		}
+        if (! ini_get("auto_detect_line_endings")) {
+            ini_set("auto_detect_line_endings", '1');
+        }
 
-		$csv = Reader::createFromPath($this->argument('filename'));
-		$csv->setNewline("\r\n");
-		$csv->setOffset(1);
-		$duplicates = '';
+        $csv = Reader::createFromPath($this->argument('filename'));
+        $csv->setNewline("\r\n");
+        $csv->setOffset(1);
+        $duplicates = '';
 
-		// Loop through the records
-		$nbInsert = $csv->each(function ($row) use ($duplicates) {
-			$status_id = 1;
+        // Loop through the records
+        $nbInsert = $csv->each(function ($row) use ($duplicates) {
+            $status_id = 1;
 
-			// Let's just map some of these entries to more user friendly words
+            // Let's just map some of these entries to more user friendly words
 
-			if (array_key_exists('0',$row)) {
-				$user_name = trim($row[0]);
-			} else {
-				$user_name = '';
-			}
+            if (array_key_exists('0', $row)) {
+                $user_name = trim($row[0]);
+            } else {
+                $user_name = '';
+            }
 
-			if (array_key_exists('1',$row)) {
-				$user_email = trim($row[1]);
-			} else {
-				$user_email = '';
-			}
+            if (array_key_exists('1', $row)) {
+                $user_email = trim($row[1]);
+            } else {
+                $user_email = '';
+            }
 
-			if (array_key_exists('2',$row)) {
-				$user_username = trim($row[2]);
-			} else {
-				$user_username = '';
-			}
+            if (array_key_exists('2', $row)) {
+                $user_username = trim($row[2]);
+            } else {
+                $user_username = '';
+            }
 
-			if (array_key_exists('3',$row)) {
-				$user_license_name = trim($row[3]);
-			} else {
-				$user_license_name = '';
-			}
+            if (array_key_exists('3', $row)) {
+                $user_license_name = trim($row[3]);
+            } else {
+                $user_license_name = '';
+            }
 
-			if (array_key_exists('4',$row)) {
-				$user_license_serial = trim($row[4]);
-			} else {
-				$user_license_serial = '';
-			}
+            if (array_key_exists('4', $row)) {
+                $user_license_serial = trim($row[4]);
+            } else {
+                $user_license_serial = '';
+            }
 
-			if (array_key_exists('5',$row)) {
-				$user_licensed_to_name = trim($row[5]);
-			} else {
-				$user_licensed_to_name = '';
-			}
+            if (array_key_exists('5', $row)) {
+                $user_licensed_to_name = trim($row[5]);
+            } else {
+                $user_licensed_to_name = '';
+            }
 
-			if (array_key_exists('6',$row)) {
-				$user_licensed_to_email = trim($row[6]);
-			} else {
-				$user_licensed_to_email = '';
-			}
+            if (array_key_exists('6', $row)) {
+                $user_licensed_to_email = trim($row[6]);
+            } else {
+                $user_licensed_to_email = '';
+            }
 
-			if (array_key_exists('7',$row)) {
-				$user_license_seats = trim($row[7]);
-			} else {
-				$user_license_seats = '';
-			}
+            if (array_key_exists('7', $row)) {
+                $user_license_seats = trim($row[7]);
+            } else {
+                $user_license_seats = '';
+            }
 
-			if (array_key_exists('8',$row)) {
-				$user_license_reassignable = trim($row[8]);
-				if ($user_license_reassignable!='') {
-					if ((strtolower($user_license_reassignable)=='yes') || (strtolower($user_license_reassignable)=='true') || ($user_license_reassignable=='1')) {
-						$user_license_reassignable = 1;
-					}
-				} else {
-					$user_license_reassignable = 0;
-				}
-			} else {
-				$user_license_reassignable = 0;
-			}
+            if (array_key_exists('8', $row)) {
+                $user_license_reassignable = trim($row[8]);
+                if ($user_license_reassignable!='') {
+                    if ((strtolower($user_license_reassignable)=='yes') || (strtolower($user_license_reassignable)=='true') || ($user_license_reassignable=='1')) {
+                        $user_license_reassignable = 1;
+                    }
+                } else {
+                    $user_license_reassignable = 0;
+                }
+            } else {
+                $user_license_reassignable = 0;
+            }
 
-			if (array_key_exists('9',$row)) {
-				$user_license_supplier = trim($row[9]);
-			} else {
-				$user_license_supplier = '';
-			}
+            if (array_key_exists('9', $row)) {
+                $user_license_supplier = trim($row[9]);
+            } else {
+                $user_license_supplier = '';
+            }
 
-			if (array_key_exists('10',$row)) {
-				$user_license_maintained = trim($row[10]);
+            if (array_key_exists('10', $row)) {
+                $user_license_maintained = trim($row[10]);
 
-				if ($user_license_maintained!='') {
-					if ((strtolower($user_license_maintained)=='yes') || (strtolower($user_license_maintained)=='true') || ($user_license_maintained=='1')) {
-						$user_license_maintained = 1;
-					}
-				} else {
-					$user_license_maintained = 0;
-				}
+                if ($user_license_maintained!='') {
+                    if ((strtolower($user_license_maintained)=='yes') || (strtolower($user_license_maintained)=='true') || ($user_license_maintained=='1')) {
+                        $user_license_maintained = 1;
+                    }
+                } else {
+                    $user_license_maintained = 0;
+                }
 
 
-			} else {
-				$user_license_maintained = '';
-			}
+            } else {
+                $user_license_maintained = '';
+            }
 
-			if (array_key_exists('11',$row)) {
-				$user_license_notes = trim($row[11]);
-			} else {
-				$user_license_notes = '';
-			}
+            if (array_key_exists('11', $row)) {
+                $user_license_notes = trim($row[11]);
+            } else {
+                $user_license_notes = '';
+            }
 
-			if (array_key_exists('12',$row)) {
-				if ($row[12]!='') {
-					$user_license_purchase_date = date("Y-m-d 00:00:01", strtotime($row[12]));
-				} else {
-					$user_license_purchase_date = '';
-				}
-			} else {
-				$user_license_purchase_date = 0;
-			}
+            if (array_key_exists('12', $row)) {
+                if ($row[12]!='') {
+                    $user_license_purchase_date = date("Y-m-d 00:00:01", strtotime($row[12]));
+                } else {
+                    $user_license_purchase_date = '';
+                }
+            } else {
+                $user_license_purchase_date = 0;
+            }
 
-			// A number was given instead of a name
-			if (is_numeric($user_name)) {
-				$this->comment('User '.$user_name.' is not a name - assume this user already exists');
-				$user_username = '';
-			// No name was given
+            // A number was given instead of a name
+            if (is_numeric($user_name)) {
+                $this->comment('User '.$user_name.' is not a name - assume this user already exists');
+                $user_username = '';
+            // No name was given
 
-			} elseif ($user_name=='') {
-				$this->comment('No user data provided - skipping user creation, just adding license');
-				$first_name = '';
-				$last_name = '';
-				$user_username = '';
+            } elseif ($user_name=='') {
+                $this->comment('No user data provided - skipping user creation, just adding license');
+                $first_name = '';
+                $last_name = '';
+                $user_username = '';
 
-			} else {
+            } else {
 
-					$name = explode(" ", $user_name);
-					$first_name = $name[0];
-					$email_last_name = '';
-					$email_prefix = $first_name;
+                    $name = explode(" ", $user_name);
+                    $first_name = $name[0];
+                    $email_last_name = '';
+                    $email_prefix = $first_name;
 
-					if (!array_key_exists(1, $name)) {
-						$last_name='';
-						$email_last_name = $last_name;
-						$email_prefix = $first_name;
-					} else {
-						$last_name = str_replace($first_name,'',$user_name);
+                if (!array_key_exists(1, $name)) {
+                    $last_name='';
+                    $email_last_name = $last_name;
+                    $email_prefix = $first_name;
+                } else {
+                    $last_name = str_replace($first_name, '', $user_name);
 
-						if ($this->option('email_format')=='filastname') {
-							$email_last_name.=str_replace(' ','',$last_name);
-							$email_prefix = $first_name[0].$email_last_name;
+                    if ($this->option('email_format')=='filastname') {
+                        $email_last_name.=str_replace(' ', '', $last_name);
+                        $email_prefix = $first_name[0].$email_last_name;
 
-						} elseif ($this->option('email_format')=='firstname.lastname') {
-							$email_last_name.=str_replace(' ','',$last_name);
-							$email_prefix = $first_name.'.'.$email_last_name;
+                    } elseif ($this->option('email_format')=='firstname.lastname') {
+                        $email_last_name.=str_replace(' ', '', $last_name);
+                        $email_prefix = $first_name.'.'.$email_last_name;
 
-						} elseif ($this->option('email_format')=='firstname') {
-							$email_last_name.=str_replace(' ','',$last_name);
-							$email_prefix = $first_name;
-						}
+                    } elseif ($this->option('email_format')=='firstname') {
+                        $email_last_name.=str_replace(' ', '', $last_name);
+                        $email_prefix = $first_name;
+                    }
 
 
-					}
+                }
 
 
-					$user_username = $email_prefix;
+                    $user_username = $email_prefix;
 
-					// Generate an email based on their name if no email address is given
-					if ($user_email=='') {
-						if ($first_name=='Unknown') {
-							$status_id = 7;
-						}
-						$email = strtolower($email_prefix).'@'.$this->option('domain');
-						$user_email = str_replace("'",'',$email);
-					}
-			}
+                    // Generate an email based on their name if no email address is given
+                if ($user_email=='') {
+                    if ($first_name=='Unknown') {
+                        $status_id = 7;
+                    }
+                    $email = strtolower($email_prefix).'@'.$this->option('domain');
+                    $user_email = str_replace("'", '', $email);
+                }
+            }
 
-			$this->comment('Full Name: '.$user_name);
-			$this->comment('First Name: '.$first_name);
-			$this->comment('Last Name: '.$last_name);
-			$this->comment('Username: '.$user_username);
-			$this->comment('Email: '.$user_email);
-			$this->comment('License Name: '.$user_license_name);
-			$this->comment('Serial No: '.$user_license_serial);
-			$this->comment('Licensed To Name: '.$user_licensed_to_name);
-			$this->comment('Licensed To Email: '.$user_licensed_to_email);
-			$this->comment('Seats: '.$user_license_seats);
-			$this->comment('Reassignable: '.$user_license_reassignable);
-			$this->comment('Supplier: '.$user_license_supplier);
-			$this->comment('Maintained: '.$user_license_maintained);
-			$this->comment('Notes: '.$user_license_notes);
-			$this->comment('Purchase Date: '.$user_license_purchase_date);
+            $this->comment('Full Name: '.$user_name);
+            $this->comment('First Name: '.$first_name);
+            $this->comment('Last Name: '.$last_name);
+            $this->comment('Username: '.$user_username);
+            $this->comment('Email: '.$user_email);
+            $this->comment('License Name: '.$user_license_name);
+            $this->comment('Serial No: '.$user_license_serial);
+            $this->comment('Licensed To Name: '.$user_licensed_to_name);
+            $this->comment('Licensed To Email: '.$user_licensed_to_email);
+            $this->comment('Seats: '.$user_license_seats);
+            $this->comment('Reassignable: '.$user_license_reassignable);
+            $this->comment('Supplier: '.$user_license_supplier);
+            $this->comment('Maintained: '.$user_license_maintained);
+            $this->comment('Notes: '.$user_license_notes);
+            $this->comment('Purchase Date: '.$user_license_purchase_date);
 
-			$this->comment('------------- Action Summary ----------------');
+            $this->comment('------------- Action Summary ----------------');
 
-			if ($user_username!='') {
-				if ($user = User::where('username', $user_username)->whereNotNull('username')->first()) {
-					$this->comment('User '.$user_username.' already exists');
-				} else {
+            if ($user_username!='') {
+                if ($user = User::where('username', $user_username)->whereNotNull('username')->first()) {
+                    $this->comment('User '.$user_username.' already exists');
+                } else {
 
-					$user = new \App\Models\User;
-					$password  = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
+                    $user = new \App\Models\User;
+                    $password  = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
 
-					$user->first_name = $first_name;
-					$user->last_name = $last_name;
-					$user->username = $user_username;
-					$user->email = $user_email;
-					$user->permissions = '{user":1}';
-					$user->password = bcrypt($password);
-					$user->activated = 1;
-					if ($user->save()) {
-						$this->comment('User '.$first_name.' created');
-					} else {
-						$this->error('ERROR CREATING User '.$first_name.' '.$last_name);
-						$this->error($user->getErrors());
-					}
+                    $user->first_name = $first_name;
+                    $user->last_name = $last_name;
+                    $user->username = $user_username;
+                    $user->email = $user_email;
+                    $user->permissions = '{user":1}';
+                    $user->password = bcrypt($password);
+                    $user->activated = 1;
+                    if ($user->save()) {
+                        $this->comment('User '.$first_name.' created');
+                    } else {
+                        $this->error('ERROR CREATING User '.$first_name.' '.$last_name);
+                        $this->error($user->getErrors());
+                    }
 
-					$this->comment('User '.$first_name.' created');
-				}
-			} else {
-				$user = new User;
-				$user->user_id = NULL;
-			}
+                    $this->comment('User '.$first_name.' created');
+                }
+            } else {
+                $user = new User;
+                $user->user_id = null;
+            }
 
 
-			// Check for the supplier match and create it if it doesn't exist
-			if ($supplier = Supplier::where('name', $user_license_supplier)->first()) {
-				$this->comment('Supplier '.$user_license_supplier.' already exists');
-			} else {
-				$supplier = new Supplier();
-				$supplier->name = e($user_license_supplier);
-				$supplier->user_id = 1;
+            // Check for the supplier match and create it if it doesn't exist
+            if ($supplier = Supplier::where('name', $user_license_supplier)->first()) {
+                $this->comment('Supplier '.$user_license_supplier.' already exists');
+            } else {
+                $supplier = new Supplier();
+                $supplier->name = e($user_license_supplier);
+                $supplier->user_id = 1;
 
-				if ($supplier->save()) {
-					$this->comment('Supplier '.$user_license_supplier.' was created');
-	            } else {
-					$this->comment('Something went wrong! Supplier '.$user_license_supplier.' was NOT created');
-				}
+                if ($supplier->save()) {
+                    $this->comment('Supplier '.$user_license_supplier.' was created');
+                } else {
+                    $this->comment('Something went wrong! Supplier '.$user_license_supplier.' was NOT created');
+                }
 
-			}
+            }
 
 
-			// Add the license
-			$license = new License();
-			$license->name = e($user_license_name);
-			if ($user_license_purchase_date!='') {
-				$license->purchase_date = $user_license_purchase_date;
-			} else {
-				$license->purchase_date = NULL;
-			}
-			$license->serial = e($user_license_serial);
-			$license->seats = e($user_license_seats);
-			$license->supplier_id = $supplier->id;
-			$license->user_id = 1;
-			if ($user_license_purchase_date!='') {
-				$license->purchase_date = $user_license_purchase_date;
-			} else {
-				$license->purchase_date = NULL;
-			}
-			$license->license_name = $user_licensed_to_name;
-			$license->license_email = $user_licensed_to_email;
-			$license->notes = e($user_license_notes);
+            // Add the license
+            $license = new License();
+            $license->name = e($user_license_name);
+            if ($user_license_purchase_date!='') {
+                $license->purchase_date = $user_license_purchase_date;
+            } else {
+                $license->purchase_date = null;
+            }
+            $license->serial = e($user_license_serial);
+            $license->seats = e($user_license_seats);
+            $license->supplier_id = $supplier->id;
+            $license->user_id = 1;
+            if ($user_license_purchase_date!='') {
+                $license->purchase_date = $user_license_purchase_date;
+            } else {
+                $license->purchase_date = null;
+            }
+            $license->license_name = $user_licensed_to_name;
+            $license->license_email = $user_licensed_to_email;
+            $license->notes = e($user_license_notes);
 
-			if ($license->save()) {
-				$this->comment('License '.$user_license_name.' with serial number '.$user_license_serial.' was created');
+            if ($license->save()) {
+                $this->comment('License '.$user_license_name.' with serial number '.$user_license_serial.' was created');
 
 
-				$license_seat_created = 0;
+                $license_seat_created = 0;
 
-				for ($x = 0; $x < $user_license_seats; $x++) {
-					// Create the license seat entries
-					$license_seat = new LicenseSeat();
-					$license_seat->license_id = $license->id;
+                for ($x = 0; $x < $user_license_seats; $x++) {
+                    // Create the license seat entries
+                    $license_seat = new LicenseSeat();
+                    $license_seat->license_id = $license->id;
 
-					// Only assign the first seat to the user
-					if ($x==0) {
-						$license_seat->assigned_to = $user->id;
-					} else {
-						$license_seat->assigned_to = NULL;
-					}
+                    // Only assign the first seat to the user
+                    if ($x==0) {
+                        $license_seat->assigned_to = $user->id;
+                    } else {
+                        $license_seat->assigned_to = null;
+                    }
 
-					if ($license_seat->save()) {
-						$license_seat_created++;
-					}
-				}
+                    if ($license_seat->save()) {
+                        $license_seat_created++;
+                    }
+                }
 
-				if ($license_seat_created > 0) {
-					$this->comment($license_seat_created.' seats were created');
-				} else {
-					$this->comment('Something went wrong! NO seats for '.$user_license_name.' were created');
-				}
+                if ($license_seat_created > 0) {
+                    $this->comment($license_seat_created.' seats were created');
+                } else {
+                    $this->comment('Something went wrong! NO seats for '.$user_license_name.' were created');
+                }
 
 
 
             } else {
-				$this->comment('Something went wrong! License '.$user_license_name.' was NOT created');
-			}
+                $this->comment('Something went wrong! License '.$user_license_name.' was NOT created');
+            }
 
 
-			$this->comment('=====================================');
+            $this->comment('=====================================');
 
-			return true;
+            return true;
 
-		});
+        });
 
 
-	}
+    }
 
-	/**
-	 * Get the console command arguments.
-	 *
-	 * @return array
-	 */
-	protected function getArguments()
-	{
-		return array(
-			array('filename', InputArgument::REQUIRED, 'File for the CSV import.'),
-		);
-	}
-
-
-	/**
-	 * Get the console command options.
-	 *
-	 * @return array
-	 */
-	protected function getOptions()
-	{
-		return array(
-			array('domain', null, InputOption::VALUE_REQUIRED, 'Email domain for generated email addresses.', null),
-			array('email_format', null, InputOption::VALUE_REQUIRED, 'The format of the email addresses that should be generated. Options are firstname.lastname, firstname, filastname', null),
-			array('testrun', null, InputOption::VALUE_REQUIRED, 'Test the output without writing to the database or not.', null),
-		);
-	}
+    /**
+     * Get the console command arguments.
+     *
+     * @return array
+     */
+    protected function getArguments()
+    {
+        return array(
+            array('filename', InputArgument::REQUIRED, 'File for the CSV import.'),
+        );
+    }
 
 
+    /**
+     * Get the console command options.
+     *
+     * @return array
+     */
+    protected function getOptions()
+    {
+        return array(
+            array('domain', null, InputOption::VALUE_REQUIRED, 'Email domain for generated email addresses.', null),
+            array('email_format', null, InputOption::VALUE_REQUIRED, 'The format of the email addresses that should be generated. Options are firstname.lastname, firstname, filastname', null),
+            array('testrun', null, InputOption::VALUE_REQUIRED, 'Test the output without writing to the database or not.', null),
+        );
+    }
 }

app/Console/Commands/PaveIt.php

@@ -5,6 +5,22 @@ namespace App\Console\Commands;
 use Illuminate\Console\Command;
 use DB;
 
+use App\Models\Accessory;
+use App\Models\Asset;
+use App\Models\AssetModel;
+use App\Models\Category;
+use App\Models\Company;
+use App\Models\Component;
+use App\Models\Consumable;
+use App\Models\Depreciation;
+use App\Models\Group;
+use App\Models\License;
+use App\Models\LicenseSeat;
+use App\Models\Location;
+use App\Models\Manufacturer;
+use App\Models\Statuslabel;
+use App\Models\Supplier;
+
 class PaveIt extends Command
 {
     /**
@@ -12,7 +28,8 @@ class PaveIt extends Command
      *
      * @var string
      */
-    protected $signature = 'snipeit:pave';
+    protected $signature = 'snipeit:pave
+              {--soft : Perform a "Soft" Delete, leaving all migrations, table structure, and the first user in place.}';
 
     /**
      * The console command description.
@@ -38,45 +55,74 @@ class PaveIt extends Command
      */
     public function handle()
     {
+        if ($this->confirm("\n****************************************************\nTHIS WILL DELETE ALL OF THE DATA IN YOUR DATABASE. \nThere is NO undo. This WILL destroy ALL of your data. \n****************************************************\n\nDo you wish to continue? No backsies! [y|N]")) {
+            if ($this->option('soft')) {
+                Accessory::getQuery()->delete();
+                Asset::getQuery()->delete();
+                Category::getQuery()->delete();
+                Company::getQuery()->delete();
+                Component::getQuery()->delete();
+                Consumable::getQuery()->delete();
+                Depreciation::getQuery()->delete();
+                License::getQuery()->delete();
+                LicenseSeat::getQuery()->delete();
+                Location::getQuery()->delete();
+                Manufacturer::getQuery()->delete();
+                AssetModel::getQuery()->delete();
+                Statuslabel::getQuery()->delete();
+                Supplier::getQuery()->delete();
+                Group::getQuery()->delete();
 
-        if ($this->confirm("\n****************************************************\nTHIS WILL DROP ALL OF THE TABLES IN YOUR DATABASE. \nThere is NO undo. This WILL destroy ALL of your data. \n****************************************************\n\nDo you wish to continue? No backsies! [y|N]")) {
-
-          \DB::statement('drop table IF EXISTS accessories_users');
-          \DB::statement('drop table IF EXISTS accessories');
-          \DB::statement('drop table IF EXISTS asset_logs');
-          \DB::statement('drop table IF EXISTS asset_maintenances');
-          \DB::statement('drop table IF EXISTS asset_uploads');
-          \DB::statement('drop table IF EXISTS assets');
-          \DB::statement('drop table IF EXISTS categories');
-          \DB::statement('drop table IF EXISTS companies');
-          \DB::statement('drop table IF EXISTS consumables_users');
-          \DB::statement('drop table IF EXISTS consumables');
-          \DB::statement('drop table IF EXISTS custom_field_custom_fieldset');
-          \DB::statement('drop table IF EXISTS custom_fields');
-          \DB::statement('drop table IF EXISTS custom_fieldsets');
-          \DB::statement('drop table IF EXISTS depreciations');
-          \DB::statement('drop table IF EXISTS groups');
-          \DB::statement('drop table IF EXISTS history');
-          \DB::statement('drop table IF EXISTS components');
-          \DB::statement('drop table IF EXISTS components_assets');
-          \DB::statement('drop table IF EXISTS license_seats');
-          \DB::statement('drop table IF EXISTS licenses');
-          \DB::statement('drop table IF EXISTS locations');
-          \DB::statement('drop table IF EXISTS manufacturers');
-          \DB::statement('drop table IF EXISTS models');
-          \DB::statement('drop table IF EXISTS migrations');
-          \DB::statement('drop table IF EXISTS password_resets');
-          \DB::statement('drop table IF EXISTS requested_assets');
-          \DB::statement('drop table IF EXISTS requests');
-          \DB::statement('drop table IF EXISTS settings');
-          \DB::statement('drop table IF EXISTS status_labels');
-          \DB::statement('drop table IF EXISTS suppliers');
-          \DB::statement('drop table IF EXISTS throttle');
-          \DB::statement('drop table IF EXISTS users_groups');
-          \DB::statement('drop table IF EXISTS users');
-
-
+                DB::statement('delete from accessories_users');
+                DB::statement('delete from asset_logs');
+                DB::statement('delete from asset_maintenances');
+                DB::statement('delete from asset_uploads');
+                DB::statement('delete from consumables_users');
+                DB::statement('delete from custom_field_custom_fieldset');
+                DB::statement('delete from custom_fields');
+                DB::statement('delete from custom_fieldsets');
+                DB::statement('delete from components_assets');
+                DB::statement('delete from password_resets');
+                DB::statement('delete from requested_assets');
+                DB::statement('delete from requests');
+                DB::statement('delete from throttle');
+                DB::statement('delete from users_groups');
+                DB::statement('delete from users WHERE id!=1');
+            } else {
+                \DB::statement('drop table IF EXISTS accessories_users');
+                \DB::statement('drop table IF EXISTS accessories');
+                \DB::statement('drop table IF EXISTS asset_logs');
+                \DB::statement('drop table IF EXISTS asset_maintenances');
+                \DB::statement('drop table IF EXISTS asset_uploads');
+                \DB::statement('drop table IF EXISTS assets');
+                \DB::statement('drop table IF EXISTS categories');
+                \DB::statement('drop table IF EXISTS companies');
+                \DB::statement('drop table IF EXISTS consumables_users');
+                \DB::statement('drop table IF EXISTS consumables');
+                \DB::statement('drop table IF EXISTS custom_field_custom_fieldset');
+                \DB::statement('drop table IF EXISTS custom_fields');
+                \DB::statement('drop table IF EXISTS custom_fieldsets');
+                \DB::statement('drop table IF EXISTS depreciations');
+                \DB::statement('drop table IF EXISTS groups');
+                \DB::statement('drop table IF EXISTS history');
+                \DB::statement('drop table IF EXISTS components');
+                \DB::statement('drop table IF EXISTS components_assets');
+                \DB::statement('drop table IF EXISTS license_seats');
+                \DB::statement('drop table IF EXISTS licenses');
+                \DB::statement('drop table IF EXISTS locations');
+                \DB::statement('drop table IF EXISTS manufacturers');
+                \DB::statement('drop table IF EXISTS models');
+                \DB::statement('drop table IF EXISTS migrations');
+                \DB::statement('drop table IF EXISTS password_resets');
+                \DB::statement('drop table IF EXISTS requested_assets');
+                \DB::statement('drop table IF EXISTS requests');
+                \DB::statement('drop table IF EXISTS settings');
+                \DB::statement('drop table IF EXISTS status_labels');
+                \DB::statement('drop table IF EXISTS suppliers');
+                \DB::statement('drop table IF EXISTS throttle');
+                \DB::statement('drop table IF EXISTS users_groups');
+                \DB::statement('drop table IF EXISTS users');
+            }
         }
-
     }
 }

app/Console/Commands/Purge.php

@@ -53,7 +53,7 @@ class Purge extends Command
     public function handle()
     {
         $force = $this->option('force');
-        if (($this->confirm("\n****************************************************\nTHIS WILL PURGE ALL SOFT-DELETED ITEMS IN YOUR SYSTEM. \nThere is NO undo. This WILL permanently destroy \nALL of your deleted data. \n****************************************************\n\nDo you wish to continue? No backsies! [y|N]")) ||  $force == 'true')  {
+        if (($this->confirm("\n****************************************************\nTHIS WILL PURGE ALL SOFT-DELETED ITEMS IN YOUR SYSTEM. \nThere is NO undo. This WILL permanently destroy \nALL of your deleted data. \n****************************************************\n\nDo you wish to continue? No backsies! [y|N]")) ||  $force == 'true') {
 
             /**
              * Delete assets
@@ -62,15 +62,19 @@ class Purge extends Command
             $assetcount = $assets->count();
             $this->info($assets->count().' assets purged.');
             $asset_assoc = 0;
+            $asset_maintenances = 0;
 
             foreach ($assets as $asset) {
                 $this->info('- Asset "'.$asset->showAssetName().'" deleted.');
                 $asset_assoc += $asset->assetlog()->count();
                 $asset->assetlog()->forceDelete();
+                $asset_maintenances += $asset->assetmaintenances()->count();
+                $asset->assetmaintenances()->forceDelete();
                 $asset->forceDelete();
             }
 
             $this->info($asset_assoc.' corresponding log records purged.');
+            $this->info($asset_maintenances.' corresponding maintenance records purged.');
 
             $locations = Location::whereNotNull('deleted_at')->withTrashed()->get();
             $this->info($locations->count().' locations purged.');
@@ -140,7 +144,7 @@ class Purge extends Command
                 $supplier->forceDelete();
             }
 
-            $users = User::whereNotNull('deleted_at')->withTrashed()->get();
+            $users = User::whereNotNull('deleted_at')->where('show_in_list', '!=', '0')->withTrashed()->get();
             $this->info($users->count().' users purged.');
             $user_assoc = 0;
             foreach ($users as $user) {

app/Console/Commands/SendExpirationAlerts.php

@@ -1,6 +1,7 @@
 <?php
 
 namespace App\Console\Commands;
+
 use App\Models\Asset;
 use App\Models\License;
 use App\Models\Setting;
@@ -8,129 +9,125 @@ use DB;
 
 use Illuminate\Console\Command;
 
-class SendExpirationAlerts extends Command {
+class SendExpirationAlerts extends Command
+{
 
-	/**
-	 * The console command name.
-	 *
-	 * @var string
-	 */
-	protected $name = 'snipeit:expiring-alerts';
+    /**
+     * The console command name.
+     *
+     * @var string
+     */
+    protected $name = 'snipeit:expiring-alerts';
 
-	/**
-	 * The console command description.
-	 *
-	 * @var string
-	 */
-	protected $description = 'Check for expiring warrantees and service agreements, and sends out an alert email.';
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Check for expiring warrantees and service agreements, and sends out an alert email.';
 
-	/**
-	 * Create a new command instance.
-	 *
-	 * @return void
-	 */
-	public function __construct()
-	{
-		parent::__construct();
-	}
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
 
-	/**
-	 * Execute the console command.
-	 *
-	 * @return mixed
-	 */
-	public function fire()
-	{
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function fire()
+    {
 
-		// Expiring Assets
-		$expiring_assets = Asset::getExpiringWarrantee(Setting::getSettings()->alert_interval);
-		$this->info(count($expiring_assets).' expiring assets');
+        // Expiring Assets
+        $expiring_assets = Asset::getExpiringWarrantee(Setting::getSettings()->alert_interval);
+        $this->info(count($expiring_assets).' expiring assets');
 
-		$asset_data['count'] =  count($expiring_assets);
-		$asset_data['email_content'] ='';
-		$now = date("Y-m-d");
+        $asset_data['count'] =  count($expiring_assets);
+        $asset_data['email_content'] ='';
+        $now = date("Y-m-d");
 
 
-		foreach ($expiring_assets as $asset) {
+        foreach ($expiring_assets as $asset) {
 
-			$expires = $asset->warrantee_expires();
-			$difference =  round(abs(strtotime($expires) - strtotime($now))/86400);
+            $expires = $asset->warrantee_expires();
+            $difference =  round(abs(strtotime($expires) - strtotime($now))/86400);
 
-			if ($difference > 30) {
-				$asset_data['email_content'] .= '<tr style="background-color: #fcffa3;">';
-			} else {
-				$asset_data['email_content'] .= '<tr style="background-color:#d9534f;">';
-			}
-			$asset_data['email_content'] .= '<td><a href="'.config('app.url').'/hardware/'.e($asset->id).'/view">';
-			$asset_data['email_content'] .= $asset->showAssetName().'</a></td><td>'.e($asset->asset_tag).'</td>';
-			$asset_data['email_content'] .= '<td>'.e($asset->warrantee_expires()).'</td>';
-			$asset_data['email_content'] .= '<td>'.$difference.' days</td>';
+            if ($difference > 30) {
+                $asset_data['email_content'] .= '<tr style="background-color: #fcffa3;">';
+            } else {
+                $asset_data['email_content'] .= '<tr style="background-color:#d9534f;">';
+            }
+            $asset_data['email_content'] .= '<td><a href="'.config('app.url').'/hardware/'.e($asset->id).'/view">';
+            $asset_data['email_content'] .= $asset->showAssetName().'</a></td><td>'.e($asset->asset_tag).'</td>';
+            $asset_data['email_content'] .= '<td>'.e($asset->warrantee_expires()).'</td>';
+            $asset_data['email_content'] .= '<td>'.$difference.' days</td>';
             $asset_data['email_content'] .= '<td>'.($asset->supplier ? e($asset->supplier->name) : '').'</td>';
             $asset_data['email_content'] .= '<td>'.($asset->assigneduser ? e($asset->assigneduser->fullName()) : '').'</td>';
-			$asset_data['email_content'] .= '</tr>';
-		}
+            $asset_data['email_content'] .= '</tr>';
+        }
 
-		// Expiring licenses
-		$expiring_licenses = License::getExpiringLicenses(Setting::getSettings()->alert_interval);
-		$this->info(count($expiring_licenses).' expiring licenses');
+        // Expiring licenses
+        $expiring_licenses = License::getExpiringLicenses(Setting::getSettings()->alert_interval);
+        $this->info(count($expiring_licenses).' expiring licenses');
 
 
-		$license_data['count'] =  count($expiring_licenses);
-		$license_data['email_content'] = '';
+        $license_data['count'] =  count($expiring_licenses);
+        $license_data['email_content'] = '';
 
-		foreach ($expiring_licenses as $license) {
-			$expires = $license->expiration_date;
-			$difference =  round(abs(strtotime($expires) - strtotime($now))/86400);
+        foreach ($expiring_licenses as $license) {
+            $expires = $license->expiration_date;
+            $difference =  round(abs(strtotime($expires) - strtotime($now))/86400);
 
-			if ($difference > 30) {
-				$license_data['email_content'] .= '<tr style="background-color: #fcffa3;">';
-			} else {
-				$license_data['email_content'] .= '<tr style="background-color:#d9534f;">';
-			}
-				$license_data['email_content'] .= '<td><a href="'.config('app.url').'/admin/licenses/'.$license->id.'/view">';
-				$license_data['email_content'] .= $license->name.'</a></td>';
-				$license_data['email_content'] .= '<td>'.$license->expiration_date.'</td>';
-				$license_data['email_content'] .= '<td>'.$difference.' days</td>';
-				$license_data['email_content'] .= '</tr>';
-		}
+            if ($difference > 30) {
+                $license_data['email_content'] .= '<tr style="background-color: #fcffa3;">';
+            } else {
+                $license_data['email_content'] .= '<tr style="background-color:#d9534f;">';
+            }
+                $license_data['email_content'] .= '<td><a href="'.config('app.url').'/admin/licenses/'.$license->id.'/view">';
+                $license_data['email_content'] .= $license->name.'</a></td>';
+                $license_data['email_content'] .= '<td>'.$license->expiration_date.'</td>';
+                $license_data['email_content'] .= '<td>'.$difference.' days</td>';
+                $license_data['email_content'] .= '</tr>';
+        }
 
-		if ((Setting::getSettings()->alert_email!='')  && (Setting::getSettings()->alerts_enabled==1)) {
+        if ((Setting::getSettings()->alert_email!='')  && (Setting::getSettings()->alerts_enabled==1)) {
 
 
-			if (count($expiring_assets) > 0) {
-				\Mail::send('emails.expiring-assets-report', $asset_data, function ($m)  {
-	                $m->to(explode(',',Setting::getSettings()->alert_email), Setting::getSettings()->site_name);
-	                $m->subject('Expiring Assets Report');
-	        	});
+            if (count($expiring_assets) > 0) {
+                \Mail::send('emails.expiring-assets-report', $asset_data, function ($m) {
+                    $m->to(explode(',', Setting::getSettings()->alert_email), Setting::getSettings()->site_name);
+                    $m->subject('Expiring Assets Report');
+                });
 
-			}
+            }
 
-			if (count($expiring_licenses) > 0) {
-				\Mail::send('emails.expiring-licenses-report', $license_data, function ($m)  {
-	                $m->to(explode(',',Setting::getSettings()->alert_email), Setting::getSettings()->site_name);
-	                $m->subject('Expiring Licenses Report');
-	        	});
+            if (count($expiring_licenses) > 0) {
+                \Mail::send('emails.expiring-licenses-report', $license_data, function ($m) {
+                    $m->to(explode(',', Setting::getSettings()->alert_email), Setting::getSettings()->site_name);
+                    $m->subject('Expiring Licenses Report');
+                });
 
-			}
+            }
 
 
-		} else {
+        } else {
 
-			if (Setting::getSettings()->alert_email=='') {
-				echo "Could not send email. No alert email configured in settings. \n";
-			} elseif (Setting::getSettings()->alerts_enabled!=1) {
-				echo "Alerts are disabled in the settings. No mail will be sent. \n";
-			}
-
-		}
-
-
-
-
-	}
+            if (Setting::getSettings()->alert_email=='') {
+                echo "Could not send email. No alert email configured in settings. \n";
+            } elseif (Setting::getSettings()->alerts_enabled!=1) {
+                echo "Alerts are disabled in the settings. No mail will be sent. \n";
+            }
 
+        }
 
 
 
 
+    }
 }

app/Console/Commands/SendInventoryAlerts.php

@@ -48,22 +48,21 @@ class SendInventoryAlerts extends Command
             $data['count'] = count($data['data']);
 
             if (count($data['data']) > 0) {
-				\Mail::send('emails.low-inventory', $data, function ($m)  {
-	                $m->to(explode(',',Setting::getSettings()->alert_email), Setting::getSettings()->site_name);
-	                $m->subject('Low Inventory Report');
-	        	});
+                \Mail::send('emails.low-inventory', $data, function ($m) {
+                    $m->to(explode(',', Setting::getSettings()->alert_email), Setting::getSettings()->site_name);
+                    $m->subject('Low Inventory Report');
+                });
 
-			}
+            }
 
         } else {
             if (Setting::getSettings()->alert_email=='') {
-				echo "Could not send email. No alert email configured in settings. \n";
-			} elseif (Setting::getSettings()->alerts_enabled!=1) {
-				echo "Alerts are disabled in the settings. No mail will be sent. \n";
-			}
+                echo "Could not send email. No alert email configured in settings. \n";
+            } elseif (Setting::getSettings()->alerts_enabled!=1) {
+                echo "Alerts are disabled in the settings. No mail will be sent. \n";
+            }
         }
 
 
     }
-
 }

app/Console/Commands/SystemBackup.php

@@ -4,44 +4,42 @@ namespace App\Console\Commands;
 
 use Illuminate\Console\Command;
 
-class SystemBackup extends Command {
+class SystemBackup extends Command
+{
 
-	/**
-	 * The console command name.
-	 *
-	 * @var string
-	 */
-	protected $name = 'snipeit:backup';
+    /**
+     * The console command name.
+     *
+     * @var string
+     */
+    protected $name = 'snipeit:backup';
 
-	/**
-	 * The console command description.
-	 *
-	 * @var string
-	 */
-	protected $description = 'This command creates a database dump and zips up all of the uploaded files in the upload directories.';
-
-	/**
-	 * Create a new command instance.
-	 *
-	 * @return void
-	 */
-	public function __construct()
-	{
-		parent::__construct();
-	}
-
-	/**
-	 * Execute the console command.
-	 *
-	 * @return mixed
-	 */
-	public function fire()
-	{
-		//
-		$this->call('backup:run');
-
-	}
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This command creates a database dump and zips up all of the uploaded files in the upload directories.';
 
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
 
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function fire()
+    {
+        //
+        $this->call('backup:run');
 
+    }
 }

app/Console/Commands/Versioning.php

@@ -6,7 +6,8 @@ use Symfony\Component\Console\Input\InputArgument;
 
 use Illuminate\Console\Command;
 
-class Versioning extends Command {
+class Versioning extends Command
+{
 
     /**
      * The console command name.
@@ -41,18 +42,18 @@ class Versioning extends Command {
     {
         // Path to the file containing your version
         // This will be overwritten everything you commit a message
-        $versionFile = app_path().'/config/version.php';
+        $versionFile = 'config/version.php';
 
         // The git's output
         // get the argument passed in the git command
-		 $hash_version = $this->argument('app_version');
+         $hash_version = $this->argument('app_version');
 
-		 // discard the commit hash
-		 $version = explode('-', $hash_version);
-		 $realVersion = $version[0] . '-' . $version[1];
+         // discard the commit hash
+         $version = explode('-', $hash_version);
+         $realVersion = $version[0];
 
-		 // save the version array to a variable
-		 $array = var_export(array('app_version' => $realVersion,'hash_version' => $hash_version), true);
+         // save the version array to a variable
+         $array = var_export(array('app_version' => $realVersion,'hash_version' => $hash_version), true);
 
 
         // Construct our file content

app/Console/Kernel.php

@@ -17,7 +17,6 @@ class Kernel extends ConsoleKernel
         Commands\CreateAdmin::class,
         Commands\SendExpirationAlerts::class,
         Commands\SendInventoryAlerts::class,
-        Commands\AssetImportCommand::class,
         Commands\LicenseImportCommand::class,
         Commands\ObjectImportCommand::class,
         Commands\Versioning::class,

app/Helpers/Helper.php

@@ -17,6 +17,8 @@ use App\Models\Component;
 use App\Models\Accessory;
 use App\Models\Consumable;
 use App\Models\Asset;
+use Crypt;
+use Illuminate\Contracts\Encryption\DecryptException;
 
 /*
  * To change this license header, choose License Headers in Project Properties.
@@ -43,6 +45,17 @@ class Helper
         return array_walk($emails_array, 'trim_value');
     }
 
+    public static function formatCurrencyOutput($cost)
+    {
+        // The importer has formatted number strings since v3, so the value might be a string, or an integer.
+        // If it's a number, format it as a string
+        if (is_numeric($cost)) {
+            return number_format($cost, 2, '.', '');
+        }
+        // It's already been parsed.
+        return $cost;
+    }
+
     // This doesn't do anything yet
     public static function trim_value(&$value)
     {
@@ -117,12 +130,14 @@ class Helper
     }
 
 
-    public static function categoryList()
+    public static function categoryList($category_type = null)
     {
-        $category_list = array('' => '') + Category::orderBy('name', 'asc')
+        $categories = Category::orderBy('name', 'asc')
                 ->whereNull('deleted_at')
-                ->orderBy('name', 'asc')
-                ->pluck('name', 'id')->toArray();
+                ->orderBy('name', 'asc');
+        if(!empty($category_type))
+            $categories = $categories->where('category_type', '=', $category_type);
+        $category_list = array('' => trans('general.select_category')) + $categories->pluck('name', 'id')->toArray();
         return $category_list;
     }
 
@@ -150,7 +165,7 @@ class Helper
 
     public static function manufacturerList()
     {
-        $manufacturer_list = array('' => 'Select One') +
+        $manufacturer_list = array('' => trans('general.select_manufacturer')) +
             Manufacturer::orderBy('name', 'asc')
                 ->pluck('name', 'id')->toArray();
         return $manufacturer_list;
@@ -164,7 +179,7 @@ class Helper
 
     public static function managerList()
     {
-        $manager_list = array('' => '') +
+        $manager_list = array('' => trans('general.select_user')) +
                         User::where('deleted_at', '=', null)
                         ->orderBy('last_name', 'asc')
                         ->orderBy('first_name', 'asc')->get()
@@ -206,6 +221,13 @@ class Helper
         return $assets_list;
     }
 
+    public static function detailedAssetList()
+    {
+
+        $assets = array('' => trans('general.select_asset')) + Company::scopeCompanyables(Asset::all(), 'assets.company_id')->lists('detailed_name', 'id')->toArray();
+        return $assets;
+    }
+
 
     public static function customFieldsetList()
     {
@@ -217,7 +239,7 @@ class Helper
     {
         $keys=array_keys(CustomField::$PredefinedFormats);
         $stuff=array_combine($keys, $keys);
-        return $stuff+["" => "Custom Format..."];
+        return $stuff+["" => trans('admin/custom_fields/general.custom_format')];
     }
 
     public static function barcodeDimensions($barcode_type = 'QRCODE')
@@ -364,6 +386,7 @@ class Helper
     public static function selectedPermissionsArray($permissions, $selected_arr = array())
     {
 
+
         $permissions_arr = array();
 
         foreach ($permissions as $permission) {
@@ -375,7 +398,7 @@ class Helper
 
                     if ($selected_arr) {
                         if (array_key_exists($permission_name,$selected_arr)) {
-                            $permissions_arr[$permission_name] = ($selected_arr[$permission_name] == 1) ? '1': '0';
+                            $permissions_arr[$permission_name] = $selected_arr[$permission_name];
                         } else {
                             $permissions_arr[$permission_name] = '0';
                         }
@@ -393,4 +416,83 @@ class Helper
         return $permissions_arr;
     }
 
+    /**
+     * Introspects into the model validation to see if the field passed is required.
+     * This is used by the blades to add a required class onto the HTML element.
+     * This isn't critical, but is helpful to keep form fields in sync with the actual
+     * model level validation.
+     *
+     * This does not currently handle form request validation requiredness :(
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return boolean
+     */
+    public static function checkIfRequired($class, $field) {
+        $rules = $class::rules();
+        foreach ($rules as $rule_name => $rule) {
+            if ($rule_name == $field) {
+                if (strpos($rule, 'required') === false) {
+                    return false;
+                } else {
+                    return true;
+                }
+
+            }
+        }
+    }
+
+
+    /**
+     * Check to see if the given key exists in the array, and trim excess white space before returning it
+     *
+     * @author Daniel Melzter
+     * @since 3.0
+     * @param $array array
+     * @param $key string
+     * @param $default string
+     * @return string
+     */
+    public static function array_smart_fetch(array $array, $key, $default = '')
+    {
+       array_change_key_case($array, CASE_LOWER);
+        return array_key_exists(strtolower($key), array_change_key_case($array)) ? e(trim($array[ $key ])) : $default;
+    }
+
+    /**
+     * Check to see if the given key exists in the array, and trim excess white space before returning it
+     *
+     * @author A. Gianotto
+     * @since 3.2
+     * @param $array array
+     * @return string
+     */
+    public static function getLastDateFromHistoryArray(array $array)
+    {
+        foreach ($array as $key => $value) {
+//            echo '<pre>';
+//            echo 'last:'.$key;
+//            print_r($array);
+//            echo '</pre>';
+        }
+    }
+
+
+    public static function gracefulDecrypt(CustomField $field, $string) {
+
+        if ($field->isFieldDecryptable($string)) {
+
+            try {
+                Crypt::decrypt($string);
+                return Crypt::decrypt($string);
+
+            } catch (DecryptException $e) {
+                return 'Error Decrypting: '.$e->getMessage();
+            }
+
+        }
+        return $string;
+
+    }
+
 }

app/Http/Controllers/AccessoriesController.php

@@ -19,6 +19,7 @@ use Str;
 use View;
 use Auth;
 use Request;
+use Gate;
 
 /** This controller handles all actions related to Accessories for
  * the Snipe-IT Asset Management application.
@@ -52,14 +53,12 @@ class AccessoriesController extends Controller
     public function getCreate(Request $request)
     {
         // Show the page
-        $category_list = array('' => '') + DB::table('categories')->where('category_type', '=', 'accessory')->whereNull('deleted_at')->orderBy('name', 'ASC')->lists('name', 'id');
-        $company_list = Helper::companyList();
-        $location_list = Helper::locationsList();
         return View::make('accessories/edit')
           ->with('accessory', new Accessory)
-          ->with('category_list', $category_list)
-          ->with('company_list', $company_list)
-          ->with('location_list', $location_list);
+          ->with('category_list', Helper::categoryList('accessory'))
+          ->with('company_list', Helper::companyList())
+          ->with('location_list', Helper::locationsList())
+          ->with('manufacturer_list', Helper::manufacturerList());
     }
 
 
@@ -76,12 +75,13 @@ class AccessoriesController extends Controller
         $accessory = new Accessory();
 
         // Update the accessory data
-        $accessory->name                  = e(Input::get('name'));
-        $accessory->category_id               = e(Input::get('category_id'));
-        $accessory->location_id               = e(Input::get('location_id'));
-        $accessory->min_amt               = e(Input::get('min_amt'));
+        $accessory->name                    = e(Input::get('name'));
+        $accessory->category_id             = e(Input::get('category_id'));
+        $accessory->location_id             = e(Input::get('location_id'));
+        $accessory->min_amt                 = e(Input::get('min_amt'));
         $accessory->company_id              = Company::getIdForCurrentUser(Input::get('company_id'));
         $accessory->order_number            = e(Input::get('order_number'));
+        $accessory->manufacturer_id         = e(Input::get('manufacturer_id'));
 
         if (e(Input::get('purchase_date')) == '') {
             $accessory->purchase_date       =  null;
@@ -95,8 +95,8 @@ class AccessoriesController extends Controller
             $accessory->purchase_cost       = e(Input::get('purchase_cost'));
         }
 
-        $accessory->qty                       = e(Input::get('qty'));
-        $accessory->user_id               = Auth::user()->id;
+        $accessory->qty                     = e(Input::get('qty'));
+        $accessory->user_id                 = Auth::user()->id;
 
         // Was the accessory created?
         if ($accessory->save()) {
@@ -125,14 +125,11 @@ class AccessoriesController extends Controller
             return redirect()->to('admin/accessories')->with('error', trans('general.insufficient_permissions'));
         }
 
-        $category_list = array('' => '') + DB::table('categories')->where('category_type', '=', 'accessory')->whereNull('deleted_at')->orderBy('name', 'ASC')->lists('name', 'id');
-        $company_list = Helper::companyList();
-        $location_list = Helper::locationsList();
-
         return View::make('accessories/edit', compact('accessory'))
-          ->with('category_list', $category_list)
-          ->with('company_list', $company_list)
-          ->with('location_list', $location_list);
+          ->with('category_list', Helper::categoryList('accessory'))
+          ->with('company_list', Helper::companyList())
+          ->with('location_list', Helper::locationsList())
+          ->with('manufacturer_list', Helper::manufacturerList());
     }
 
 
@@ -145,9 +142,9 @@ class AccessoriesController extends Controller
    */
     public function postEdit(Request $request, $accessoryId = null)
     {
-      // Check if the blog post exists
+      // Check if the accessory exists
         if (is_null($accessory = Accessory::find($accessoryId))) {
-            // Redirect to the blogs management page
+            // Redirect to the accessory index page
             return redirect()->to('admin/accessories')->with('error', trans('admin/accessories/message.does_not_exist'));
         } elseif (!Company::isCurrentUserHasAccess($accessory)) {
             return redirect()->to('admin/accessories')->with('error', trans('general.insufficient_permissions'));
@@ -159,11 +156,12 @@ class AccessoriesController extends Controller
         if (e(Input::get('location_id')) == '') {
             $accessory->location_id = null;
         } else {
-            $accessory->location_id     = e(Input::get('location_id'));
+            $accessory->location_id         = e(Input::get('location_id'));
         }
-        $accessory->min_amt             = e(Input::get('min_amt'));
+        $accessory->min_amt                 = e(Input::get('min_amt'));
         $accessory->category_id             = e(Input::get('category_id'));
         $accessory->company_id              = Company::getIdForCurrentUser(Input::get('company_id'));
+        $accessory->manufacturer_id         = e(Input::get('manufacturer_id'));
         $accessory->order_number            = e(Input::get('order_number'));
 
         if (e(Input::get('purchase_date')) == '') {
@@ -180,9 +178,9 @@ class AccessoriesController extends Controller
 
         $accessory->qty                     = e(Input::get('qty'));
 
-      // Was the accessory created?
+      // Was the accessory updated?
         if ($accessory->save()) {
-            // Redirect to the new accessory page
+            // Redirect to the updated accessory page
             return redirect()->to("admin/accessories")->with('success', trans('admin/accessories/message.update.success'));
         }
 
@@ -322,6 +320,7 @@ class AccessoriesController extends Controller
 
 
 
+        $admin_user = Auth::user();
         $settings = Setting::getSettings();
 
         if ($settings->slack_endpoint) {
@@ -548,7 +547,7 @@ class AccessoriesController extends Controller
     **/
     public function getDatatable(Request $request)
     {
-        $accessories = Accessory::select('accessories.*')->with('category', 'company')
+        $accessories = Company::scopeCompanyables(Accessory::select('accessories.*')->with('category', 'company'))
         ->whereNull('accessories.deleted_at');
 
         if (Input::has('search')) {
@@ -590,7 +589,21 @@ class AccessoriesController extends Controller
         $rows = array();
 
         foreach ($accessories as $accessory) {
-            $actions = '<nobr><a href="'.route('checkout/accessory', $accessory->id).'" style="margin-right:5px;" class="btn btn-info btn-sm" '.(($accessory->numRemaining() > 0 ) ? '' : ' disabled').'>'.trans('general.checkout').'</a><a href="'.route('update/accessory', $accessory->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/accessory', $accessory->id).'" data-content="'.trans('admin/accessories/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($accessory->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></nobr>';
+
+            $actions = '<nobr>';
+            if (Gate::allows('accessories.checkout')) {
+                $actions .= '<a href="' . route('checkout/accessory',
+                        $accessory->id) . '" style="margin-right:5px;" class="btn btn-info btn-sm" ' . (($accessory->numRemaining() > 0) ? '' : ' disabled') . '>' . trans('general.checkout') . '</a>';
+            }
+            if (Gate::allows('accessories.edit')) {
+                $actions .= '<a href="' . route('update/accessory',
+                        $accessory->id) . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
+            }
+            if (Gate::allows('accessories.delete')) {
+                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/accessory',
+                        $accessory->id) . '" data-content="' . trans('admin/accessories/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($accessory->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
+            }
+            $actions .= '</nobr>';
             $company = $accessory->company;
 
             $rows[] = array(
@@ -601,10 +614,12 @@ class AccessoriesController extends Controller
             'min_amt'  => e($accessory->min_amt),
             'location'      => ($accessory->location) ? e($accessory->location->name): '',
             'purchase_date' => e($accessory->purchase_date),
-            'purchase_cost' => number_format($accessory->purchase_cost, 2),
+            'purchase_cost' => Helper::formatCurrencyOutput($accessory->purchase_cost),
             'numRemaining'  => $accessory->numRemaining(),
             'actions'       => $actions,
-            'companyName'   => is_null($company) ? '' : e($company->name)
+            'companyName'   => is_null($company) ? '' : e($company->name),
+            'manufacturer'      => $accessory->manufacturer ? (string) link_to('/admin/settings/manufacturers/'.$accessory->manufacturer_id.'/view', $accessory->manufacturer->name) : ''
+
             );
         }
 
@@ -653,10 +668,20 @@ class AccessoriesController extends Controller
         $rows = array();
 
         foreach ($accessory_users as $user) {
-            $actions = '<a href="'.route('checkin/accessory', $user->pivot->id).'" class="btn btn-info btn-sm">Checkin</a>';
+            $actions = '';
+            if (Gate::allows('accessories.checkin')) {
+                $actions .= '<a href="' . route('checkin/accessory',
+                        $user->pivot->id) . '" class="btn btn-info btn-sm">Checkin</a>';
+            }
+
+            if (Gate::allows('users.view')) {
+                $name = (string) link_to('/admin/users/'.$user->id.'/view', e($user->fullName()));
+            } else {
+                $name = e($user->fullName());
+            }
 
             $rows[] = array(
-              'name'          =>(string) link_to('/admin/users/'.$user->id.'/view', e($user->fullName())),
+              'name'          => $name,
               'actions'       => $actions
               );
         }

app/Http/Controllers/AssetMaintenancesController.php

@@ -20,6 +20,7 @@ use View;
 use App\Models\Setting;
 use App\Models\Asset;
 use App\Helpers\Helper;
+use Auth;
 
 /**
  * This controller handles all actions related to Asset Maintenance for
@@ -74,13 +75,16 @@ class AssetMaintenancesController extends Controller
     */
     public function getDatatable()
     {
-        $maintenances = AssetMaintenance::with('asset', 'supplier', 'asset.company')
-        ->whereNull('deleted_at');
+        $maintenances = AssetMaintenance::with('asset', 'supplier', 'asset.company','admin')
+        ->withTrashed();
 
         if (Input::has('search')) {
             $maintenances = $maintenances->TextSearch(e(Input::get('search')));
         }
 
+
+
+
         if (Input::has('offset')) {
             $offset = e(Input::get('offset'));
         } else {
@@ -93,11 +97,20 @@ class AssetMaintenancesController extends Controller
             $limit = 50;
         }
 
-        $allowed_columns = ['id','title','asset_maintenance_time','asset_maintenance_type','cost','start_date','completion_date','notes'];
+
+
+        $allowed_columns = ['id','title','asset_maintenance_time','asset_maintenance_type','cost','start_date','completion_date','notes','user_id'];
         $order = Input::get('order') === 'asc' ? 'asc' : 'desc';
         $sort = in_array(Input::get('sort'), $allowed_columns) ? e(Input::get('sort')) : 'created_at';
 
-        $maintenances->orderBy($sort, $order);
+        switch ($sort) {
+            case 'user_id':
+                $maintenances = $maintenances->OrderAdmin($order);
+                break;
+            default:
+                $maintenances = $maintenances->orderBy($sort, $order);
+                break;
+        }
 
         $maintenancesCount = $maintenances->count();
         $maintenances = $maintenances->skip($offset)->take($limit)->get();
@@ -109,27 +122,26 @@ class AssetMaintenancesController extends Controller
 
             $actions = '<nobr><a href="'.route('update/asset_maintenance', $maintenance->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/asset_maintenance', $maintenance->id).'" data-content="'.trans('admin/asset_maintenances/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($maintenance->title).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></nobr>';
 
-            if (($maintenance->cost) && ($maintenance->asset->assetloc) &&  ($maintenance->asset->assetloc->currency!='')) {
+            if (($maintenance->cost) && (isset($maintenance->asset)) && ($maintenance->asset->assetloc) &&  ($maintenance->asset->assetloc->currency!='')) {
                 $maintenance_cost = $maintenance->asset->assetloc->currency.$maintenance->cost;
             } else {
                 $maintenance_cost = $settings->default_currency.$maintenance->cost;
             }
-
-            $company = $maintenance->asset->company;
-
+            
             $rows[] = array(
                 'id'            => $maintenance->id,
-                'asset_name'    =>  (string)link_to('/hardware/'.$maintenance->asset->id.'/view', $maintenance->asset->showAssetName()) ,
+                'asset_name'    =>  ($maintenance->asset) ? (string)link_to('/hardware/'.$maintenance->asset->id.'/view', $maintenance->asset->showAssetName()) : 'Deleted Asset' ,
                 'title'         => $maintenance->title,
                 'notes'         => $maintenance->notes,
-                'supplier'      => $maintenance->supplier->name,
+                'supplier'      => ($maintenance->supplier) ? (string)link_to('/admin/settings/suppliers/'.$maintenance->supplier->id.'/view', $maintenance->supplier->name) : 'Deleted Supplier',
                 'cost'          => $maintenance_cost,
                 'asset_maintenance_type'          => e($maintenance->asset_maintenance_type),
                 'start_date'         => $maintenance->start_date,
                 'asset_maintenance_time'          => $maintenance->asset_maintenance_time,
                 'completion_date'     => $maintenance->completion_date,
+                'user_id'       => ($maintenance->admin) ? (string)link_to('/admin/users/'.$maintenance->admin->id.'/view', $maintenance->admin->fullName()) : '',
                 'actions'       => $actions,
-                'companyName'   => is_null($company) ? '' : $company->name
+                'companyName'   => ($maintenance->asset) ? $maintenance->asset->company->name : ''
             );
         }
 
@@ -156,7 +168,7 @@ class AssetMaintenancesController extends Controller
         // Mark the selected asset, if it came in
         $selectedAsset = $assetId;
 
-        $assets = Company::scopeCompanyables(Asset::all(), 'assets.company_id')->lists('detailed_name', 'id');
+        $assets = Helper::detailedAssetList();
 
         $supplier_list = Helper::suppliersList();
 
@@ -224,6 +236,7 @@ class AssetMaintenancesController extends Controller
         $assetMaintenance->title                  = e(Input::get('title'));
         $assetMaintenance->start_date             = e(Input::get('start_date'));
         $assetMaintenance->completion_date        = e(Input::get('completion_date'));
+        $assetMaintenance->user_id                = Auth::user()->id;
 
         if (( $assetMaintenance->completion_date == "" )
             || ( $assetMaintenance->completion_date == "0000-00-00" )
@@ -294,7 +307,7 @@ class AssetMaintenancesController extends Controller
                                     '' => 'Select an improvement type',
                                 ] + AssetMaintenance::getImprovementOptions();
 
-        $assets = Company::scopeCompanyables(Asset::all(), 'assets.company_id')->lists('detailed_name', 'id');
+        $assets = Company::scopeCompanyables(Asset::with('model','assignedUser')->get(), 'assets.company_id')->lists('detailed_name', 'id');
         // Get Supplier List
         $supplier_list = Helper::suppliersList();
 

app/Http/Controllers/AssetModelsController.php

@@ -55,9 +55,9 @@ class AssetModelsController extends Controller
     public function getCreate()
     {
         // Show the page
-        $depreciation_list = \App\Helpers\Helper::depreciationList();
-        $manufacturer_list = \App\Helpers\Helper::manufacturerList();
-        $category_list = \App\Helpers\Helper::categoryList();
+        $depreciation_list = Helper::depreciationList();
+        $manufacturer_list = Helper::manufacturerList();
+        $category_list = Helper::categoryList('asset');
         return View::make('models/edit')
         ->with('category_list', $category_list)
         ->with('depreciation_list', $depreciation_list)
@@ -110,10 +110,10 @@ class AssetModelsController extends Controller
             $image = Input::file('image');
             $file_name = str_random(25).".".$image->getClientOriginalExtension();
             $path = public_path('uploads/models/'.$file_name);
-           Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
-               $constraint->aspectRatio();
-               $constraint->upsize();
-           })->save($path);
+            Image::make($image->getRealPath())->resize(500, null, function ($constraint) {
+                $constraint->aspectRatio();
+                $constraint->upsize();
+            })->save($path);
             $model->image = $file_name;
         }
 
@@ -181,9 +181,9 @@ class AssetModelsController extends Controller
             return redirect()->to('assets/models')->with('error', trans('admin/models/message.does_not_exist'));
         }
 
-        $depreciation_list = \App\Helpers\Helper::depreciationList();
-        $manufacturer_list = \App\Helpers\Helper::manufacturerList();
-        $category_list = \App\Helpers\Helper::categoryList();
+        $depreciation_list = Helper::depreciationList();
+        $manufacturer_list = Helper::manufacturerList();
+        $category_list = Helper::categoryList('asset');
         $view = View::make('models/edit', compact('model'));
         $view->with('category_list', $category_list);
         $view->with('depreciation_list', $depreciation_list);
@@ -371,9 +371,9 @@ class AssetModelsController extends Controller
         $model->id = null;
 
         // Show the page
-        $depreciation_list = array('' => 'Do Not Depreciate') + Depreciation::lists('name', 'id');
-        $manufacturer_list = array('' => 'Select One') + Manufacturer::lists('name', 'id');
-        $category_list = array('' => '') + DB::table('categories')->whereNull('deleted_at')->lists('name', 'id');
+        $depreciation_list = Helper::depreciationList();
+        $manufacturer_list = Helper::manufacturerList();
+        $category_list = Helper::categoryList('asset');
         $view = View::make('models/edit');
         $view->with('category_list', $category_list);
         $view->with('depreciation_list', $depreciation_list);
@@ -452,7 +452,7 @@ class AssetModelsController extends Controller
 
         foreach ($models as $model) {
             if ($model->deleted_at == '') {
-                $actions = '<div style=" white-space: nowrap;"><a href="'.route('update/model', $model->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/model', $model->id).'" data-content="'.trans('admin/models/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($model->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
+                $actions = '<div style=" white-space: nowrap;"><a href="'.route('clone/model', $model->id).'" class="btn btn-info btn-sm" title="Clone Model" data-toggle="tooltip"><i class="fa fa-clone"></i></a> <a href="'.route('update/model', $model->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/model', $model->id).'" data-content="'.trans('admin/models/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($model->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
             } else {
                 $actions = '<a href="'.route('restore/model', $model->id).'" class="btn btn-warning btn-sm"><i class="fa fa-recycle icon-white"></i></a>';
             }

app/Http/Controllers/Auth/AuthController.php

@@ -6,6 +6,7 @@ use Validator;
 use App\Http\Controllers\Controller;
 use Illuminate\Foundation\Auth\ThrottlesLogins;
 use App\Models\Setting;
+use App\Models\Ldap;
 use App\Models\User;
 use Auth;
 use Config;
@@ -15,6 +16,8 @@ use Redirect;
 use Log;
 use View;
 
+
+
 /**
  * This controller handles authentication for the user, including local
  * database users and LDAP users.
@@ -61,120 +64,13 @@ class AuthController extends Controller
     }
 
 
-    /**
-     * Authenticates a user to LDAP
-     *
-     * @param $username
-     * @param $password
-     * @param bool|false $returnUser
-     * @return bool true    if the username and/or password provided are valid
-     *              false   if the username and/or password provided are invalid
-     *         array of ldap_attributes if $returnUser is true
-     */
-    function ldap($username, $password, $returnUser = false)
-    {
-
-        $ldaphost    = Setting::getSettings()->ldap_server;
-        $ldaprdn     = Setting::getSettings()->ldap_uname;
-        $ldappass    = \Crypt::decrypt(Setting::getSettings()->ldap_pword);
-        $baseDn      = Setting::getSettings()->ldap_basedn;
-        $filterQuery = Setting::getSettings()->ldap_auth_filter_query . $username;
-        $ldapversion = Setting::getSettings()->ldap_version;
-        $ldap_server_cert_ignore = Setting::getSettings()->ldap_server_cert_ignore;
-
-        // If we are ignoring the SSL cert we need to setup the environment variable
-        // before we create the connection
-        if ($ldap_server_cert_ignore) {
-            putenv('LDAPTLS_REQCERT=never');
-        }
-
-        // Connecting to LDAP
-        $connection = ldap_connect($ldaphost) or die("Could not connect to {$ldaphost}");
-        // Needed for AD
-        ldap_set_option($connection, LDAP_OPT_REFERRALS, 0);
-        ldap_set_option($connection, LDAP_OPT_PROTOCOL_VERSION, $ldapversion);
-
-        try {
-            if ($connection) {
-              // binding to ldap server
-                $ldapbind = ldap_bind($connection, $ldaprdn, $ldappass);
-                if (($results = @ldap_search($connection, $baseDn, $filterQuery)) != false) {
-                    $entry = ldap_first_entry($connection, $results);
-                    if (($userDn = @ldap_get_dn($connection, $entry)) != false) {
-                        if (($isBound = ldap_bind($connection, $userDn, $password)) == "true") {
-                            return $returnUser ?
-                            array_change_key_case(ldap_get_attributes($connection, $entry), CASE_LOWER)
-                            : true;
-                        }
-                    }
-                }
-            }
-        } catch (Exception $e) {
-            LOG::error($e->getMessage());
-        }
-           ldap_close($connection);
-            return false;
-    }
-
-    /**
-     * Create user from LDAP attributes
-     *
-     * @param $ldapatttibutes
-     * @return array|bool
-     */
-    function createUserFromLdap($ldapatttibutes)
-    {
-        //Get LDAP attribute config
-        $ldap_result_username = Setting::getSettings()->ldap_username_field;
-        $ldap_result_emp_num = Setting::getSettings()->ldap_emp_num;
-        $ldap_result_last_name = Setting::getSettings()->ldap_lname_field;
-        $ldap_result_first_name = Setting::getSettings()->ldap_fname_field;
-        $ldap_result_email = Setting::getSettings()->ldap_email;
-
-        //Get LDAP user data
-        $item = array();
-        $item["username"] = isset($ldapatttibutes[$ldap_result_username][0]) ? $ldapatttibutes[$ldap_result_username][0] : "";
-        $item["employee_number"] = isset($ldapatttibutes[$ldap_result_emp_num][0]) ? $ldapatttibutes[$ldap_result_emp_num][0] : "";
-        $item["lastname"] = isset($ldapatttibutes[$ldap_result_last_name][0]) ? $ldapatttibutes[$ldap_result_last_name][0] : "";
-        $item["firstname"] = isset($ldapatttibutes[$ldap_result_first_name][0]) ? $ldapatttibutes[$ldap_result_first_name][0] : "";
-        $item["email"] = isset($ldapatttibutes[$ldap_result_email][0]) ? $ldapatttibutes[$ldap_result_email][0] : "" ;
-
-        //create user
-        if (!empty($item["username"])) {
-            //$pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 10);
-
-            $newuser = array(
-              'first_name' => $item["firstname"],
-              'last_name' => $item["lastname"],
-              'username' => $item["username"],
-              'email' => $item["email"],
-              'employee_num' => $item["employee_number"],
-              'password' => bcrypt(Input::get("password")), //$pass,
-              'activated' => 1,
-              'permissions' => ["user" => 1], //'{"user":1}',
-              'notes' => 'Imported from LDAP'
-            );
-            User::save($newuser);
-
-        } else {
-            throw new Cartalyst\Sentry\Users\UserNotFoundException();
-        }
-
-        //$item["note"] = "<strong>created</strong>";
-        $credentials = array(
-            'username' => $item["username"],
-            'password' => Input::get("password")//$pass,
-        );
-        return $credentials;
-    }
-
 
     /**
      * Account sign in form processing.
      *
      * @return Redirect
      */
-    public function login()
+    public function login(Request $request)
     {
         $validator = $this->validator(Input::all());
 
@@ -186,21 +82,43 @@ class AuthController extends Controller
         if (Setting::getSettings()->ldap_enabled=='1') {
 
             LOG::debug("LDAP is enabled.");
-          // Check if the user exists in the database
+            // Check if the user exists in the database
             $user = User::where('username', '=', Input::get('username'))->whereNull('deleted_at')->first();
-            LOG::debug("Auth lookup complete");
+            LOG::debug("Local auth lookup complete");
+
+            try {
+                Ldap::findAndBindUserLdap($request->input('username'), $request->input('password'));
+                LOG::debug("Binding user to LDAP.");
+            } catch (\Exception $e) {
+                LOG::debug("User ".Input::get('username').' did not authenticate successfully against LDAP.');
+                //$ldap_error = $e->getMessage();
+                // return redirect()->back()->withInput()->with('error',$e->getMessage());
+            }
 
 
-          // The user does not exist in the database. Try to get them from LDAP.
-          // If user does not exist and authenticates sucessfully with LDAP we
-          // will create it on the fly and sign in with default permissions
+            // The user does not exist in the database. Try to get them from LDAP.
+            // If user does not exist and authenticates sucessfully with LDAP we
+            // will create it on the fly and sign in with default permissions
             if (!$user) {
                 LOG::debug("Local user ".Input::get('username')." does not exist");
-                if ($userattr = $this->ldap(Input::get('username'), Input::get('password'), true)) {
-                    LOG::debug("Creating local user from authenticated LDAP user.");
-                    $credentials = $this->createUserFromLdap($userattr);
-                } else {
-                    LOG::debug("User did not authenticate correctly against LDAP. No local user was created.");
+
+                try {
+
+                    if ($userattr = Ldap::findAndBindUserLdap($request->input('username'), $request->input('password'))) {
+                        LOG::debug("Creating local user ".Input::get('username'));
+
+                        if ($newuser = Ldap::createUserFromLdap($userattr)) {
+                            LOG::debug("Local user created.");
+                        } else {
+                            LOG::debug("Could not create local user.");
+                        }
+
+                    } else {
+                        LOG::debug("User did not authenticate correctly against LDAP. No local user was created.");
+                    }
+
+                } catch (\Exception $e) {
+                    return redirect()->back()->withInput()->with('error',$e->getMessage());
                 }
 
             // If the user exists and they were imported from LDAP already
@@ -208,15 +126,28 @@ class AuthController extends Controller
 
                 LOG::debug("Local user ".Input::get('username')." exists in database. Authenticating existing user against LDAP.");
 
-                if ($this->ldap(Input::get('username'), Input::get('password'))) {
+                if ($ldap_user = Ldap::findAndBindUserLdap($request->input('username'), $request->input('password'))) {
+                    $ldap_attr = Ldap::parseAndMapLdapAttributes($ldap_user);
+
                     LOG::debug("Valid LDAP login. Updating the local data.");
-                    $user = User::find($user->id); //need the Sentry object, not the Eloquent object, to access critical password hashing functions
-                    $user->password = bcrypt(Input::get('password'));
-                    $user->ldap_import = 1;
+
+                    if (Setting::getSettings()->ldap_pw_sync=='1') {
+                        $user->password = bcrypt($request->input('password'));
+                    }
+
+                    $user->email = $ldap_attr['email'];
+                    $user->first_name = $ldap_attr['firstname'];
+                    $user->last_name = $ldap_attr['lastname'];
                     $user->save();
 
+                    if (Setting::getSettings()->ldap_pw_sync!='1') {
+                        Auth::login($user, true);
+                        // Redirect to the users page
+                        return redirect()->to('/home')->with('success', trans('auth/message.signin.success'));
+                    }
+
                 } else {
-                    LOG::debug("User did not authenticate correctly against LDAP. Local user was not updated.");
+                    LOG::debug("User ".Input::get('username')." did not authenticate correctly against LDAP. Local user was not updated.");
                 }// End LDAP auth
 
             } // End if(!user)
@@ -224,14 +155,17 @@ class AuthController extends Controller
         // NO LDAP enabled - just try to login the user normally
         }
 
+
         LOG::debug("Authenticating user against database.");
         // Try to log the user in
         if (!Auth::attempt(Input::only('username', 'password'), Input::get('remember-me', 0))) {
             LOG::debug("Local authentication failed.");
-          // throw new Cartalyst\Sentry\Users\UserNotFoundException();
+            // throw new Cartalyst\Sentry\Users\UserNotFoundException();
             return redirect()->back()->withInput()->with('error', trans('auth/message.account_not_found'));
         }
 
+
+
         // Get the page we were before
         $redirect = \Session::get('loginRedirect', 'home');
 

app/Http/Controllers/CategoriesController.php

@@ -7,6 +7,8 @@ use App\Models\Company;
 use App\Models\Setting;
 use Auth;
 use DB;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Gate;
 use Input;
 use Lang;
 use Redirect;
@@ -133,7 +135,7 @@ class CategoriesController extends Controller
     * @since [v1.0]
     * @return Redirect
     */
-    public function postEdit($categoryId = null)
+    public function postEdit(Request $request, $categoryId = null)
     {
         // Check if the blog post exists
         if (is_null($category = Category::find($categoryId))) {
@@ -142,12 +144,14 @@ class CategoriesController extends Controller
         }
 
         // Update the category data
-        $category->name            = e(Input::get('name'));
-        $category->category_type        = e(Input::get('category_type'));
-        $category->eula_text            = e(Input::get('eula_text'));
-        $category->use_default_eula     = e(Input::get('use_default_eula', '0'));
-        $category->require_acceptance   = e(Input::get('require_acceptance', '0'));
-        $category->checkin_email        = e(Input::get('checkin_email', '0'));
+        $category->name            = e($request->input('name'));
+        // If the item count is > 0, we disable the category type in the edit. Disabled items
+        // don't POST, so if the category_type is blank we just set it to the default.
+        $category->category_type        = e($request->input('category_type', $category->category_type));
+        $category->eula_text            = e($request->input('eula_text'));
+        $category->use_default_eula     = e($request->input('use_default_eula', '0'));
+        $category->require_acceptance   = e($request->input('require_acceptance', '0'));
+        $category->checkin_email        = e($request->input('checkin_email', '0'));
 
         if ($category->save()) {
         // Redirect to the new category page
@@ -244,7 +248,7 @@ class CategoriesController extends Controller
     public function getDatatable()
     {
         // Grab all the categories
-        $categories = Category::with('assets', 'accessories', 'consumables','components');
+        $categories = Category::with('assets', 'accessories', 'consumables', 'components');
 
         if (Input::has('search')) {
             $categories = $categories->TextSearch(e(Input::get('search')));
@@ -300,10 +304,11 @@ class CategoriesController extends Controller
         return $data;
     }
 
-    public function getDataViewAssets($categoryID) {
+    public function getDataViewAssets($categoryID)
+    {
 
         $category = Category::with('assets.company')->find($categoryID);
-        $category_assets = $category->assets;
+        $category_assets = $category->assets();
 
         if (Input::has('search')) {
             $category_assets = $category_assets->TextSearch(e(Input::get('search')));
@@ -335,18 +340,18 @@ class CategoriesController extends Controller
             $inout='';
 
             if ($asset->deleted_at=='') {
-                $actions = '<div style=" white-space: nowrap;"><a href="'.route('clone/hardware', $asset->id).'" class="btn btn-info btn-sm" title="Clone asset"><i class="fa fa-files-o"></i></a> <a href="'.route('update/hardware', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> <a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/hardware', $asset->id).'" data-content="'.Lang::get('admin/hardware/message.delete.confirm').'" data-title="'.Lang::get('general.delete').' '.htmlspecialchars($asset->asset_tag).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
+                $actions = '<div style=" white-space: nowrap;"><a href="'.route('clone/hardware', $asset->id).'" class="btn btn-info btn-sm" title="Clone asset"><i class="fa fa-files-o"></i></a> <a href="'.route('update/hardware', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> <a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/hardware', $asset->id).'" data-content="'.trans('admin/hardware/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($asset->asset_tag).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
             } elseif ($asset->deleted_at!='') {
                 $actions = '<a href="'.route('restore/hardware', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-recycle icon-white"></i></a>';
             }
 
-            if ($asset->assetstatus) {
-                if ($asset->assetstatus->deployable != 0) {
-                    if (($asset->assigned_to !='') && ($asset->assigned_to > 0)) {
-                        $inout = '<a href="'.route('checkin/hardware', $asset->id).'" class="btn btn-primary btn-sm">'.Lang::get('general.checkin').'</a>';
-                    } else {
-                        $inout = '<a href="'.route('checkout/hardware', $asset->id).'" class="btn btn-info btn-sm">'.Lang::get('general.checkout').'</a>';
-                    }
+            if ($asset->availableForCheckout()) {
+                if (Gate::allows('assets.checkout')) {
+                    $inout = '<a href="'.route('checkout/hardware', $asset->id).'" class="btn btn-info btn-sm">'.trans('general.checkout').'</a>';
+                }
+            } else {
+                if (Gate::allows('assets.checkin')) {
+                    $inout = '<a href="'.route('checkin/hardware', $asset->id).'" class="btn btn-primary btn-sm">'.trans('general.checkin').'</a>';
                 }
             }
 
@@ -356,7 +361,7 @@ class CategoriesController extends Controller
                 'model' => $asset->model->name,
                 'asset_tag' => $asset->asset_tag,
                 'serial' => $asset->serial,
-                'assigned_to' => ($asset->assigneduser) ? link_to('/admin/users/'.$asset->assigneduser->id.'/view', $asset->assigneduser->fullName()): '',
+                'assigned_to' => ($asset->assigneduser) ? (string)link_to('/admin/users/'.$asset->assigneduser->id.'/view', $asset->assigneduser->fullName()): '',
                 'change' => $inout,
                 'actions' => $actions,
                 'companyName' => Company::getName($asset),
@@ -369,7 +374,8 @@ class CategoriesController extends Controller
 
 
 
-    public function getDataViewAccessories($categoryID) {
+    public function getDataViewAccessories($categoryID)
+    {
 
         $category = Category::with('accessories.company')->find($categoryID);
         $category_assets = $category->accessories;
@@ -404,7 +410,7 @@ class CategoriesController extends Controller
             $inout='';
 
             if ($asset->deleted_at=='') {
-                $actions = '<div style=" white-space: nowrap;"><a href="'.route('update/accessory', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> <a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/accessory', $asset->id).'" data-content="'.Lang::get('admin/hardware/message.delete.confirm').'" data-title="'.Lang::get('general.delete').' '.htmlspecialchars($asset->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
+                $actions = '<div style=" white-space: nowrap;"><a href="'.route('update/accessory', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> <a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/accessory', $asset->id).'" data-content="'.trans('admin/hardware/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($asset->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
             }
 
 
@@ -422,7 +428,8 @@ class CategoriesController extends Controller
     }
 
 
-    public function getDataViewConsumables($categoryID) {
+    public function getDataViewConsumables($categoryID)
+    {
 
         $category = Category::with('accessories.company')->find($categoryID);
         $category_assets = $category->consumables;
@@ -457,7 +464,7 @@ class CategoriesController extends Controller
             $inout='';
 
             if ($asset->deleted_at=='') {
-                $actions = '<div style=" white-space: nowrap;"><a href="'.route('update/consumable', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> <a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/consumable', $asset->id).'" data-content="'.Lang::get('admin/hardware/message.delete.confirm').'" data-title="'.Lang::get('general.delete').' '.htmlspecialchars($asset->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
+                $actions = '<div style=" white-space: nowrap;"><a href="'.route('update/consumable', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> <a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/consumable', $asset->id).'" data-content="'.trans('admin/hardware/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($asset->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
             }
 
 
@@ -474,7 +481,8 @@ class CategoriesController extends Controller
         return $data;
     }
 
-    public function getDataViewComponent($categoryID) {
+    public function getDataViewComponent($categoryID)
+    {
 
         $category = Category::with('accessories.company')->find($categoryID);
         $category_assets = $category->components;
@@ -509,7 +517,7 @@ class CategoriesController extends Controller
             $inout='';
 
             if ($asset->deleted_at=='') {
-                $actions = '<div style=" white-space: nowrap;"><a href="'.route('update/component', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> <a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/component', $asset->id).'" data-content="'.Lang::get('admin/hardware/message.delete.confirm').'" data-title="'.Lang::get('general.delete').' '.htmlspecialchars($asset->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
+                $actions = '<div style=" white-space: nowrap;"><a href="'.route('update/component', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> <a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/component', $asset->id).'" data-content="'.trans('admin/hardware/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($asset->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></div>';
             }
 
 
@@ -525,7 +533,4 @@ class CategoriesController extends Controller
         $data = array('total' => $count, 'rows' => $rows);
         return $data;
     }
-
-
-
 }

app/Http/Controllers/ComponentsController.php

@@ -8,7 +8,6 @@ use App\Models\Component;
 use App\Models\Setting;
 use App\Models\User;
 use App\Models\Asset;
-use App\Http\Requests\ComponentCheckoutRequest;
 use Auth;
 use Config;
 use DB;
@@ -19,6 +18,9 @@ use Redirect;
 use Slack;
 use Str;
 use View;
+use Validator;
+use Illuminate\Http\Request;
+use Gate;
 
 /**
  * This class controls all actions related to Components for
@@ -54,7 +56,7 @@ class ComponentsController extends Controller
     public function getCreate()
     {
         // Show the page
-        $category_list = array('' => '') + DB::table('categories')->where('category_type', '=', 'component')->whereNull('deleted_at')->orderBy('name', 'ASC')->lists('name', 'id');
+        $category_list = Helper::categoryList('component');
         $company_list = Helper::companyList();
         $location_list = Helper::locationsList();
 
@@ -133,7 +135,7 @@ class ComponentsController extends Controller
             return redirect()->to('admin/components')->with('error', trans('general.insufficient_permissions'));
         }
 
-            $category_list =  Helper::categoryList();
+        $category_list =  Helper::categoryList('component');
         $company_list = Helper::companyList();
         $location_list = Helper::locationsList();
 
@@ -287,7 +289,7 @@ class ComponentsController extends Controller
         }
 
         // Get the dropdown of assets and then pass it to the checkout view
-        $assets_list = Helper::assetsList();
+        $assets_list = Helper::detailedAssetList();
 
         return View::make('components/checkout', compact('component'))->with('assets_list', $assets_list);
 
@@ -302,9 +304,12 @@ class ComponentsController extends Controller
     * @param int $componentId
     * @return Redirect
     */
-    public function postCheckout(ComponentCheckoutRequest $request, $componentId)
+    public function postCheckout(Request $request, $componentId)
     {
-      // Check if the component exists
+
+
+
+        // Check if the component exists
         if (is_null($component = Component::find($componentId))) {
             // Redirect to the component management page with error
             return redirect()->to('components')->with('error', trans('admin/components/message.not_found'));
@@ -312,6 +317,19 @@ class ComponentsController extends Controller
             return redirect()->to('admin/components')->with('error', trans('general.insufficient_permissions'));
         }
 
+
+        $max_to_checkout = $component->numRemaining();
+        $validator = Validator::make($request->all(),[
+            "asset_id"          => "required",
+            "assigned_qty"      => "required|numeric|between:1,$max_to_checkout"
+        ]);
+
+        if ($validator->fails()) {
+            return redirect()->back()
+                ->withErrors($validator)
+                ->withInput();
+        }
+
         $admin_user = Auth::user();
         $asset_id = e(Input::get('asset_id'));
 
@@ -320,7 +338,7 @@ class ComponentsController extends Controller
             // Redirect to the component management page with error
             return redirect()->to('admin/components')->with('error', trans('admin/components/message.asset_does_not_exist'));
         }
-
+        
       // Update the component data
         $component->asset_id =   $asset_id;
 
@@ -357,7 +375,7 @@ class ComponentsController extends Controller
                         'fields' => [
                             [
                                 'title' => 'Checked Out:',
-                                'value' => strtoupper($logaction->asset_type).' <'.config('app.url').'/admin/components/'.$component->id.'/view'.'|'.$component->name.'> checked out to <'.config('app.url').'/hardware/'.$asset->id.'/view|'.$asset->name.'> by <'.config('app.url').'/admin/users/'.$admin_user->id.'/view'.'|'.$admin_user->fullName().'>.'
+                                'value' => strtoupper($logaction->asset_type).' <'.config('app.url').'/admin/components/'.$component->id.'/view'.'|'.$component->name.'> checked out to <'.config('app.url').'/hardware/'.$asset->id.'/view|'.$asset->showAssetName().'> by <'.config('app.url').'/admin/users/'.$admin_user->id.'/view'.'|'.$admin_user->fullName().'>.'
                             ],
                             [
                                 'title' => 'Note:',
@@ -393,8 +411,8 @@ class ComponentsController extends Controller
     **/
     public function getDatatable()
     {
-        $components = Component::select('components.*')->whereNull('components.deleted_at')
-            ->with('company', 'location', 'category');
+        $components = Company::scopeCompanyables(Component::select('components.*')->whereNull('components.deleted_at')
+            ->with('company', 'location', 'category'));
 
         if (Input::has('search')) {
             $components = $components->TextSearch(Input::get('search'));
@@ -437,7 +455,23 @@ class ComponentsController extends Controller
         $rows = array();
 
         foreach ($components as $component) {
-            $actions = '<nobr><a href="'.route('checkout/component', $component->id).'" style="margin-right:5px;" class="btn btn-info btn-sm" '.(($component->numRemaining() > 0 ) ? '' : ' disabled').'>'.trans('general.checkout').'</a><a href="'.route('update/component', $component->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/component', $component->id).'" data-content="'.trans('admin/components/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($component->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></nobr>';
+            $actions = '<nobr>';
+            if (Gate::allows('components.checkout')) {
+                $actions .= '<a href="' . route('checkout/component',
+                        $component->id) . '" style="margin-right:5px;" class="btn btn-info btn-sm ' . (($component->numRemaining() > 0) ? '' : ' disabled') . '" ' . (($component->numRemaining() > 0) ? '' : ' disabled') . '>' . trans('general.checkout') . '</a>';
+            }
+
+            if (Gate::allows('components.edit')) {
+                $actions .= '<a href="' . route('update/component',
+                        $component->id) . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
+            }
+
+            if (Gate::allows('components.delete')) {
+                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/component',
+                        $component->id) . '" data-content="' . trans('admin/components/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($component->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
+            }
+
+            $actions .='</nobr>';
             $company = $component->company;
 
             $rows[] = array(
@@ -450,7 +484,7 @@ class ComponentsController extends Controller
                 'category'           => ($component->category) ? e($component->category->name) : 'Missing category',
                 'order_number'  => e($component->order_number),
                 'purchase_date'  => e($component->purchase_date),
-                'purchase_cost'  => ($component->purchase_cost!='') ? number_format($component->purchase_cost, 2): '' ,
+                'purchase_cost'  => Helper::formatCurrencyOutput($component->purchase_cost),
                 'numRemaining'  => $component->numRemaining(),
                 'actions'       => $actions,
                 'companyName'   => is_null($company) ? '' : e($company->name),
@@ -486,7 +520,7 @@ class ComponentsController extends Controller
 
         foreach ($component->assets as $component_assignment) {
             $rows[] = array(
-            'name' => (string)link_to('/hardware/'.$component_assignment->id.'/view', e($component_assignment->name)),
+            'name' => (string)link_to('/hardware/'.$component_assignment->id.'/view', e($component_assignment->showAssetName())),
             'qty' => e($component_assignment->pivot->assigned_qty),
             'created_at' => ($component_assignment->created_at->format('Y-m-d H:i:s')=='-0001-11-30 00:00:00') ? '' : $component_assignment->created_at->format('Y-m-d H:i:s'),
             );

app/Http/Controllers/ConsumablesController.php

@@ -18,6 +18,7 @@ use Redirect;
 use Slack;
 use Str;
 use View;
+use Gate;
 
 /**
  * This controller handles all actions related to Consumables for
@@ -52,7 +53,7 @@ class ConsumablesController extends Controller
     public function getCreate()
     {
         // Show the page
-        $category_list = array('' => '') + DB::table('categories')->where('category_type', '=', 'consumable')->whereNull('deleted_at')->orderBy('name', 'ASC')->lists('name', 'id');
+        $category_list = Helper::categoryList('consumable');
         $company_list = Helper::companyList();
         $location_list = Helper::locationsList();
         $manufacturer_list = Helper::manufacturerList();
@@ -132,7 +133,7 @@ class ConsumablesController extends Controller
             return redirect()->to('admin/consumables')->with('error', trans('general.insufficient_permissions'));
         }
 
-            $category_list =  Helper::categoryList();
+        $category_list =  Helper::categoryList('consumable');
         $company_list = Helper::companyList();
         $location_list = Helper::locationsList();
         $manufacturer_list = Helper::manufacturerList();
@@ -366,8 +367,6 @@ class ConsumablesController extends Controller
         $data['first_name'] = $user->first_name;
         $data['item_name'] = $consumable->name;
         $data['checkout_date'] = $logaction->created_at;
-        $data['item_tag'] = '';
-        $data['expected_checkin'] = '';
         $data['note'] = $logaction->note;
         $data['require_acceptance'] = $consumable->requireAcceptance();
 
@@ -399,8 +398,8 @@ class ConsumablesController extends Controller
     */
     public function getDatatable()
     {
-        $consumables = Consumable::select('consumables.*')->whereNull('consumables.deleted_at')
-            ->with('company', 'location', 'category', 'users');
+        $consumables = Company::scopeCompanyables(Consumable::select('consumables.*')->whereNull('consumables.deleted_at')
+            ->with('company', 'location', 'category', 'users'));
 
         if (Input::has('search')) {
             $consumables = $consumables->TextSearch(e(Input::get('search')));
@@ -446,7 +445,23 @@ class ConsumablesController extends Controller
         $rows = array();
 
         foreach ($consumables as $consumable) {
-            $actions = '<nobr><a href="'.route('checkout/consumable', $consumable->id).'" style="margin-right:5px;" class="btn btn-info btn-sm" '.(($consumable->numRemaining() > 0 ) ? '' : ' disabled').'>'.trans('general.checkout').'</a><a href="'.route('update/consumable', $consumable->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/consumable', $consumable->id).'" data-content="'.trans('admin/consumables/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($consumable->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></nobr>';
+            $actions = '<nobr>';
+            if (Gate::allows('consumables.checkout')) {
+                $actions .= '<a href="' . route('checkout/consumable',
+                        $consumable->id) . '" style="margin-right:5px;" class="btn btn-info btn-sm" ' . (($consumable->numRemaining() > 0) ? '' : ' disabled') . '>' . trans('general.checkout') . '</a>';
+            }
+
+            if (Gate::allows('consumables.edit')) {
+                $actions .= '<a href="' . route('update/consumable',
+                        $consumable->id) . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
+            }
+            if (Gate::allows('consumables.delete')) {
+                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/consumable',
+                        $consumable->id) . '" data-content="' . trans('admin/consumables/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($consumable->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
+            }
+
+            $actions .='</nobr>';
+
             $company = $consumable->company;
 
             $rows[] = array(
@@ -455,13 +470,13 @@ class ConsumablesController extends Controller
                 'location'   => ($consumable->location) ? e($consumable->location->name) : '',
                 'min_amt'           => e($consumable->min_amt),
                 'qty'           => e($consumable->qty),
-                'manufacturer'           => ($consumable->manufacturer) ? e($consumable->manufacturer->name) : '',
-                'model_no'           => e($consumable->model_no),
-                'item_no'           => e($consumable->item_no),
-                'category'           => ($consumable->category) ? e($consumable->category->name) : 'Missing category',
+                'manufacturer'  => ($consumable->manufacturer) ? (string) link_to('/admin/settings/manufacturers/'.$consumable->manufacturer_id.'/view', $consumable->manufacturer->name): '',
+                'model_no'      => e($consumable->model_no),
+                'item_no'       => e($consumable->item_no),
+                'category'      => ($consumable->category) ? (string) link_to('/admin/settings/categories/'.$consumable->category_id.'/view', $consumable->category->name) : 'Missing category',
                 'order_number'  => e($consumable->order_number),
                 'purchase_date'  => e($consumable->purchase_date),
-                'purchase_cost'  => ($consumable->purchase_cost!='') ? number_format($consumable->purchase_cost, 2): '' ,
+                'purchase_cost'  => Helper::formatCurrencyOutput($consumable->purchase_cost),
                 'numRemaining'  => $consumable->numRemaining(),
                 'actions'       => $actions,
                 'companyName'   => is_null($company) ? '' : e($company->name),

app/Http/Controllers/CustomFieldsController.php

@@ -10,6 +10,7 @@ use Redirect;
 use App\Models\AssetModel;
 use Lang;
 use Auth;
+use Illuminate\Http\Request;
 
 /**
  * This controller handles all actions related to Custom Asset Fields for
@@ -63,10 +64,15 @@ class CustomFieldsController extends Controller
     * @since [v1.8]
     * @return Redirect
     */
-    public function store()
+    public function store(Request $request)
     {
         //
-        $cfset=new CustomFieldset(["name" => Input::get("name"),"user_id" => Auth::user()->id]);
+        $cfset = new CustomFieldset(
+            [
+                "name" => e($request->get("name")),
+                "user_id" => Auth::user()->id]
+            );
+
         $validator=Validator::make(Input::all(), $cfset->rules);
         if ($validator->passes()) {
             $cfset->save();
@@ -122,24 +128,33 @@ class CustomFieldsController extends Controller
     * @since [v1.8]
     * @return Redirect
     */
-    public function storeField()
+    public function storeField(Request $request)
     {
-        $field=new CustomField(["name" => Input::get("name"),"element" => Input::get("element"),"user_id" => Auth::user()->id]);
+        $field = new CustomField([
+            "name" => e($request->get("name")),
+            "element" => e($request->get("element")),
+            "field_values" => e($request->get("field_values")),
+            "field_encrypted" => e($request->get("field_encrypted", 0)),
+            "user_id" => Auth::user()->id
+        ]);
+
 
 
         if (!in_array(Input::get('format'), array_keys(CustomField::$PredefinedFormats))) {
-            $field->format=Input::get("custom_format");
+            $field->format = e($request->get("custom_format"));
         } else {
-            $field->format=Input::get('format');
+            $field->format = e($request->get("format"));
         }
 
+
+
         $validator=Validator::make(Input::all(), $field->rules);
         if ($validator->passes()) {
-            $results=$field->save();
-            //return "postCreateField: $results";
+            $results = $field->save();
             if ($results) {
                 return redirect()->route("admin.custom_fields.index")->with("success", trans('admin/custom_fields/message.field.create.success'));
             } else {
+                dd($field);
                 return redirect()->back()->withInput()->with('error', trans('admin/custom_fields/message.field.create.error'));
             }
         } else {
@@ -147,6 +162,25 @@ class CustomFieldsController extends Controller
         }
     }
 
+
+    /**
+     * Detach a custom field from a fieldset.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return Redirect
+     */
+    public function deleteFieldFromFieldset($field_id, $fieldset_id)
+    {
+        $field = CustomField::find($field_id);
+
+        if ($field->fieldset()->detach($fieldset_id)) {
+            return redirect()->route("admin.custom_fields.index")->with("success", trans('admin/custom_fields/message.field.delete.success'));
+        }
+
+        return redirect()->back()->withErrors(['message' => "Field is in-use"]);
+    }
+
     /**
     * Delete a custom field.
     *
@@ -156,7 +190,7 @@ class CustomFieldsController extends Controller
     */
     public function deleteField($field_id)
     {
-        $field=CustomField::find($field_id);
+        $field = CustomField::find($field_id);
 
         if ($field->fieldset->count()>0) {
             return redirect()->back()->withErrors(['message' => "Field is in-use"]);
@@ -260,7 +294,8 @@ class CustomFieldsController extends Controller
      * @since [v3.0]
      * @return Array
      */
-    public function postReorder($id) {
+    public function postReorder($id)
+    {
         $fieldset=CustomFieldset::find($id);
         $fields = array();
 

app/Http/Controllers/DashboardController.php

@@ -32,7 +32,7 @@ class DashboardController extends Controller
 
             $recent_activity = Actionlog::orderBy('created_at', 'DESC')
                 ->with('accessorylog', 'consumablelog', 'licenselog', 'assetlog', 'adminlog', 'userlog', 'componentlog')
-                ->take(30)
+                ->take(20)
                 ->get();
 
 

app/Http/Controllers/DepreciationsController.php

@@ -11,7 +11,6 @@ use Str;
 use View;
 use Auth;
 
-
 /**
  * This controller handles all actions related to Depreciations for
  * the Snipe-IT Asset Management application.

app/Http/Controllers/GroupsController.php

@@ -93,7 +93,7 @@ class GroupsController extends Controller
         $permissions = config('permissions');
         $groupPermissions = $group->decodePermissions();
         $selected_array = Helper::selectedPermissionsArray($permissions, $groupPermissions);
-        return View::make('groups/edit', compact('group', 'permissions','selected_array','groupPermissions'));
+        return View::make('groups/edit', compact('group', 'permissions', 'selected_array', 'groupPermissions'));
     }
 
     /**

app/Http/Controllers/LicensesController.php

@@ -23,6 +23,7 @@ use Config;
 use Session;
 use App\Helpers\Helper;
 use Auth;
+use Gate;
 
 /**
  * This controller handles all actions related to Licenses for
@@ -60,18 +61,17 @@ class LicensesController extends Controller
     public function getCreate()
     {
 
-        $depreciation_list = Helper::depreciationList();
-        $supplier_list = Helper::suppliersList();
         $maintained_list = array('' => 'Maintained', '1' => 'Yes', '0' => 'No');
-        $company_list = Helper::companyList();
 
         return View::make('licenses/edit')
             //->with('license_options',$license_options)
-            ->with('depreciation_list', $depreciation_list)
-            ->with('supplier_list', $supplier_list)
+            ->with('depreciation_list', Helper::depreciationList())
+            ->with('supplier_list', Helper::suppliersList())
             ->with('maintained_list', $maintained_list)
-            ->with('company_list', $company_list)
+            ->with('company_list', Helper::companyList())
+            ->with('manufacturer_list', Helper::manufacturerList())
             ->with('license', new License);
+
     }
 
 
@@ -124,6 +124,12 @@ class LicensesController extends Controller
             $license->purchase_order = e(Input::get('purchase_order'));
         }
 
+        if (empty(e(Input::get('manufacturer_id')))) {
+            $license->manufacturer_id = null;
+        } else {
+            $license->manufacturer_id = e(Input::get('manufacturer_id'));
+        }
+
         // Save the license data
         $license->name              = e(Input::get('name'));
         $license->serial            = e(Input::get('serial'));
@@ -156,16 +162,16 @@ class LicensesController extends Controller
 
             $insertedId = $license->id;
           // Save the license seat data
-            DB::transaction(function() use (&$insertedId,&$license) {
-            for ($x=0; $x<$license->seats; $x++) {
-                $license_seat = new LicenseSeat();
-                $license_seat->license_id       = $insertedId;
-                $license_seat->user_id          = Auth::user()->id;
-                $license_seat->assigned_to      = null;
-                $license_seat->notes            = null;
-                $license_seat->save();
-            }
-        });
+            DB::transaction(function () use (&$insertedId, &$license) {
+                for ($x=0; $x<$license->seats; $x++) {
+                    $license_seat = new LicenseSeat();
+                    $license_seat->license_id       = $insertedId;
+                    $license_seat->user_id          = Auth::user()->id;
+                    $license_seat->assigned_to      = null;
+                    $license_seat->notes            = null;
+                    $license_seat->save();
+                }
+            });
 
 
           // Redirect to the new license page
@@ -205,17 +211,15 @@ class LicensesController extends Controller
 
         // Show the page
         $license_options = array('' => 'Top Level') + DB::table('assets')->where('id', '!=', $licenseId)->pluck('name', 'id');
-        $depreciation_list = array('0' => trans('admin/licenses/form.no_depreciation')) + Depreciation::pluck('name', 'id')->toArray();
-        $supplier_list = array('' => 'Select Supplier') + Supplier::orderBy('name', 'asc')->pluck('name', 'id')->toArray();
         $maintained_list = array('' => 'Maintained', '1' => 'Yes', '0' => 'No');
-        $company_list = Helper::companyList();
 
         return View::make('licenses/edit', compact('license'))
             ->with('license_options', $license_options)
-            ->with('depreciation_list', $depreciation_list)
-            ->with('supplier_list', $supplier_list)
-            ->with('company_list', $company_list)
-            ->with('maintained_list', $maintained_list);
+            ->with('depreciation_list', Helper::depreciationList())
+            ->with('supplier_list', Helper::suppliersList())
+            ->with('company_list', Helper::companyList())
+            ->with('maintained_list', $maintained_list)
+            ->with('manufacturer_list', Helper::manufacturerList());
     }
 
 
@@ -252,6 +256,13 @@ class LicensesController extends Controller
         $license->maintained        = e(Input::get('maintained'));
         $license->reassignable      = e(Input::get('reassignable'));
 
+        if (empty(e(Input::get('manufacturer_id')))) {
+            $license->manufacturer_id = null;
+        } else {
+            $license->manufacturer_id = e(Input::get('manufacturer_id'));
+        }
+
+
         if (e(Input::get('supplier_id')) == '') {
             $license->supplier_id = null;
         } else {
@@ -439,8 +450,7 @@ class LicensesController extends Controller
         // Get the dropdown of users and then pass it to the checkout view
         $users_list = Helper::usersList();
 
-        $assets = Company::scopeCompanyables(Asset::all(), 'assets.company_id')->lists('detailed_name', 'id');
-
+        $assets = Helper::detailedAssetList();
         return View::make('licenses/checkout', compact('licenseseat'))
         ->with('users_list', $users_list)
         ->with('asset_list', $assets);
@@ -496,13 +506,13 @@ class LicensesController extends Controller
 
         if ($asset_id!='') {
 
-            if (is_null($is_asset_id = Asset::find($asset_id))) {
+            if (is_null($asset = Asset::find($asset_id))) {
                 // Redirect to the asset management page with error
                 return redirect()->to('admin/licenses')->with('error', trans('admin/licenses/message.asset_does_not_exist'));
             }
-            $was_assigned_to = $is_asset_id->assigned_to;
-            if (($was_assigned_to!=$assigned_to) && !is_null($was_assigned_to) && ($was_assigned_to != '')) {
-                //echo 'asset assigned to: '.$is_asset_id->assigned_to.'<br>license assigned to: '.$assigned_to;
+
+
+            if (($asset->assigned_to!='') && (($asset->assigned_to!=$assigned_to)) && ($assigned_to!='')) {
                 return redirect()->to('admin/licenses')->with('error', trans('admin/licenses/message.owner_doesnt_match_asset'));
             }
 
@@ -549,10 +559,10 @@ class LicensesController extends Controller
             // Update the asset data
             if (e(Input::get('assigned_to')) == '') {
                 $logaction->checkedout_to = null;
-                $slack_msg = strtoupper($logaction->asset_type).' license <'.config('app.url').'/admin/licenses/'.$license->id.'/view'.'|'.$license->name.'> checked out to <'.config('app.url').'/hardware/'.$is_asset_id->id.'/view|'.$is_asset_id->showAssetName().'> by <'.config('app.url').'/admin/users/'.$user->id.'/view'.'|'.$user->fullName().'>.';
+                $slack_msg = strtoupper($logaction->asset_type).' license <'.config('app.url').'/admin/licenses/'.$license->id.'/view'.'|'.$license->name.'> checked out to <'.config('app.url').'/hardware/'.$asset->id.'/view|'.$asset->showAssetName().'> by <'.config('app.url').'/admin/users/'.$user->id.'/view'.'|'.$user->fullName().'>.';
             } else {
                 $logaction->checkedout_to = e(Input::get('assigned_to'));
-                $slack_msg = strtoupper($logaction->asset_type).' license <'.config('app.url').'/admin/licenses/'.$license->id.'/view'.'|'.$license->name.'> checked out to <'.config('app.url').'/admin/users/'.$is_assigned_to->id.'/view|'.$is_assigned_to->fullName().'> by <'.config('app.url').'/admin/users/'.$user->id.'/view'.'|'.$user->fullName().'>.';
+                $slack_msg = strtoupper($logaction->asset_type).' license <'.config('app.url').'/admin/licenses/'.$license->id.'/view'.'|'.$license->name.'> checked out to <'.config('app.url').'/admin/users/'.$user->id.'/view|'.$is_assigned_to->fullName().'> by <'.config('app.url').'/admin/users/'.$user->id.'/view'.'|'.$user->fullName().'>.';
             }
 
 
@@ -966,7 +976,7 @@ class LicensesController extends Controller
     */
     public function getDatatable()
     {
-        $licenses = License::with('company');
+        $licenses = Company::scopeCompanyables(License::with('company'));
 
         if (Input::has('search')) {
             $licenses = $licenses->TextSearch(Input::get('search'));
@@ -984,7 +994,27 @@ class LicensesController extends Controller
         $rows = array();
 
         foreach ($licenses as $license) {
-            $actions = '<span style="white-space: nowrap;"><a href="'.route('freecheckout/license', $license->id).'" class="btn btn-primary btn-sm" style="margin-right:5px;" '.(($license->remaincount() > 0) ? '' : 'disabled').'>'.trans('general.checkout').'</a> <a href="'.route('clone/license', $license->id).'" class="btn btn-info btn-sm" style="margin-right:5px;" title="Clone asset"><i class="fa fa-files-o"></i></a><a href="'.route('update/license', $license->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/license', $license->id).'" data-content="'.trans('admin/licenses/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($license->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a></span>';
+            $actions = '<span style="white-space: nowrap;">';
+
+            if (Gate::allows('licenses.checkout')) {
+                $actions .= '<a href="' . route('freecheckout/license', $license->id)
+                . '" class="btn btn-primary btn-sm' . (($license->remaincount() > 0) ? '' : ' disabled') . '" style="margin-right:5px;">' . trans('general.checkout') . '</a> ';
+            }
+
+            if (Gate::allows('licenses.create')) {
+                $actions .= '<a href="' . route('clone/license', $license->id)
+                . '" class="btn btn-info btn-sm" style="margin-right:5px;" title="Clone asset"><i class="fa fa-files-o"></i></a>';
+            }
+            if (Gate::allows('licenses.edit')) {
+                $actions .= '<a href="' . route('update/license', $license->id)
+                . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
+            }
+            if (Gate::allows('licenses.delete')) {
+                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'
+                 . route('delete/license', $license->id)
+                 . '" data-content="' . trans('admin/licenses/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($license->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
+            }
+            $actions .='</span>';
 
             $rows[] = array(
                 'id'                => $license->id,
@@ -993,15 +1023,16 @@ class LicensesController extends Controller
                 'totalSeats'        => $license->totalSeatsByLicenseID(),
                 'remaining'         => $license->remaincount(),
                 'license_name'      => e($license->license_name),
-                'license_email'      => e($license->license_email),
+                'license_email'     => e($license->license_email),
                 'purchase_date'     => ($license->purchase_date) ? $license->purchase_date : '',
                 'expiration_date'     => ($license->expiration_date) ? $license->expiration_date : '',
-                'purchase_cost'     => ($license->purchase_cost) ? number_format($license->purchase_cost, 2) : '',
+                'purchase_cost'     => Helper::formatCurrencyOutput($license->purchase_cost),
                 'purchase_order'     => ($license->purchase_order) ? e($license->purchase_order) : '',
                 'order_number'     => ($license->order_number) ? e($license->order_number) : '',
                 'notes'     => ($license->notes) ? e($license->notes) : '',
                 'actions'           => $actions,
-                'companyName'       => is_null($license->company) ? '' : e($license->company->name)
+                'companyName'       => is_null($license->company) ? '' : e($license->company->name),
+                'manufacturer'      => $license->manufacturer ? (string) link_to('/admin/settings/manufacturers/'.$license->manufacturer_id.'/view', $license->manufacturer->name) : ''
             );
         }
 

app/Http/Controllers/LocationsController.php

@@ -370,7 +370,7 @@ class LocationsController extends Controller
     public function getDataViewUsers($locationID)
     {
         $location = Location::find($locationID);
-        $users = User::where('location_id','=',$location->id);
+        $users = User::where('location_id', '=', $location->id);
 
         if (Input::has('search')) {
             $users = $users->TextSearch(e(Input::get('search')));

app/Http/Controllers/ManufacturersController.php

@@ -2,14 +2,15 @@
 namespace App\Http\Controllers;
 
 use App\Models\Company;
+use App\Models\Manufacturer;
+use App\Models\Setting;
+use Auth;
+use Gate;
 use Input;
 use Lang;
-use App\Models\Manufacturer;
 use Redirect;
-use App\Models\Setting;
 use Str;
 use View;
-use Auth;
 
 /**
  * This controller handles all actions related to Manufacturers for
@@ -254,10 +255,27 @@ class ManufacturersController extends Controller
     * @since [v1.0]
     * @return String JSON
     */
-    public function getDataView($manufacturerId)
+    public function getDataView($manufacturerId, $itemtype = null)
     {
-
         $manufacturer = Manufacturer::with('assets.company')->find($manufacturerId);
+
+        switch ($itemtype) {
+            case "assets":
+                return $this->getDataAssetsView($manufacturer);
+            case "licenses":
+                return $this->getDataLicensesView($manufacturer);
+            case "accessories":
+                return $this->getDataAccessoriesView($manufacturer);
+            case "consumables":
+                return $this->getDataConsumablesView($manufacturer);
+        }
+
+        throw new Exception("We shouldn't be here");
+
+    }
+
+    protected function getDataAssetsView(Manufacturer $manufacturer)
+    {
         $manufacturer_assets = $manufacturer->assets;
 
         if (Input::has('search')) {
@@ -293,35 +311,213 @@ class ManufacturersController extends Controller
                 $actions = '<a href="'.route('restore/hardware', $asset->id).'" class="btn btn-warning btn-sm"><i class="fa fa-recycle icon-white"></i></a>';
             }
 
-            if ($asset->assetstatus) {
-                if ($asset->assetstatus->deployable != 0) {
-                    if (($asset->assigned_to !='') && ($asset->assigned_to > 0)) {
-                        $inout = '<a href="'.route('checkin/hardware', $asset->id).'" class="btn btn-primary btn-sm">'.trans('general.checkin').'</a>';
-                    } else {
-                        $inout = '<a href="'.route('checkout/hardware', $asset->id).'" class="btn btn-info btn-sm">'.trans('general.checkout').'</a>';
-                    }
+            if ($asset->availableForCheckout()) {
+                if (Gate::allows('assets.checkout')) {
+                    $inout = '<a href="'.route('checkout/hardware', $asset->id).'" class="btn btn-info btn-sm">'.trans('general.checkout').'</a>';
+                }
+            } else {
+                if (Gate::allows('assets.checkin')) {
+                    $inout = '<a href="'.route('checkin/hardware', $asset->id).'" class="btn btn-primary btn-sm">'.trans('general.checkin').'</a>';
                 }
             }
 
-            $row = array(
-            'id' => $asset->id,
-            'name' => (string)link_to('/hardware/'.$asset->id.'/view', e($asset->showAssetName())),
-            'model' => e($asset->model->name),
-            'asset_tag' => e($asset->asset_tag),
-            'serial' => e($asset->serial),
-            'assigned_to' => ($asset->assigneduser) ? (string)link_to('/admin/users/'.$asset->assigneduser->id.'/view', e($asset->assigneduser->fullName())): '',
-            'actions' => $actions,
-            'companyName' => e(Company::getName($asset)),
-            );
+            $rows[] = array(
+                'id' => $asset->id,
+                'name' => (string)link_to('/hardware/'.$asset->id.'/view', e($asset->showAssetName())),
+                'model' => e($asset->model->name),
+                'asset_tag' => e($asset->asset_tag),
+                'serial' => e($asset->serial),
+                'assigned_to' => ($asset->assigneduser) ? (string)link_to('/admin/users/'.$asset->assigneduser->id.'/view', e($asset->assigneduser->fullName())): '',
+                'actions' => $actions,
+                'companyName' => e(Company::getName($asset)),
+                );
 
-            if (isset($inout)) {
-                $row['change'] = $inout;
+                if (isset($inout)) {
+                    $row['change'] = $inout;
+                }
             }
-
-            $rows[] = $row;
-        }
-
+            
         $data = array('total' => $count, 'rows' => $rows);
         return $data;
     }
+
+    protected function getDataLicensesView(Manufacturer $manufacturer)
+    {
+        $licenses = $manufacturer->licenses;
+
+        if (Input::has('search')) {
+            $licenses = $licenses->TextSearch(Input::get('search'));
+        }
+
+        $licenseCount = $licenses->count();
+
+        $rows = array();
+
+        foreach ($licenses as $license) {
+            $actions = '<span style="white-space: nowrap;">';
+
+            if (Gate::allows('licenses.checkout')) {
+                $actions .= '<a href="' . route('freecheckout/license', $license->id)
+                . '" class="btn btn-primary btn-sm' . (($license->remaincount() > 0) ? '' : ' disabled') . '" style="margin-right:5px;">' . trans('general.checkout') . '</a> ';
+            }
+
+            if (Gate::allows('licenses.create')) {
+                $actions .= '<a href="' . route('clone/license', $license->id)
+                . '" class="btn btn-info btn-sm" style="margin-right:5px;" title="Clone asset"><i class="fa fa-files-o"></i></a>';
+            }
+            if (Gate::allows('licenses.edit')) {
+                $actions .= '<a href="' . route('update/license', $license->id)
+                . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
+            }
+            if (Gate::allows('licenses.delete')) {
+                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'
+                 . route('delete/license', $license->id)
+                 . '" data-content="' . trans('admin/licenses/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($license->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
+            }
+            $actions .='</span>';
+
+            $rows[] = array(
+                'id'                => $license->id,
+                'name'              => (string) link_to('/admin/licenses/'.$license->id.'/view', $license->name),
+                'serial'            => (string) link_to('/admin/licenses/'.$license->id.'/view', mb_strimwidth($license->serial, 0, 50, "...")),
+                'totalSeats'        => $license->totalSeatsByLicenseID(),
+                'remaining'         => $license->remaincount(),
+                'license_name'      => e($license->license_name),
+                'license_email'     => e($license->license_email),
+                'purchase_date'     => ($license->purchase_date) ? $license->purchase_date : '',
+                'expiration_date'   => ($license->expiration_date) ? $license->expiration_date : '',
+                'purchase_cost'     => ($license->purchase_cost) ? number_format($license->purchase_cost, 2) : '',
+                'purchase_order'    => ($license->purchase_order) ? e($license->purchase_order) : '',
+                'order_number'      => ($license->order_number) ? e($license->order_number) : '',
+                'notes'             => ($license->notes) ? e($license->notes) : '',
+                'actions'           => $actions,
+                'companyName'       => is_null($license->company) ? '' : e($license->company->name),
+                'manufacturer'      => $license->manufacturer ? (string) link_to('/admin/settings/manufacturers/'.$license->manufacturer_id.'/view', $license->manufacturer->name) : ''
+            );
+        }
+
+        $data = array('total' => $licenseCount, 'rows' => $rows);
+
+        return $data;
+    }
+
+    public function getDataAccessoriesView(Manufacturer $manufacturer)
+    {
+        $accessories = $manufacturer->accessories;
+
+        if (Input::has('search')) {
+            $accessories = $accessories->TextSearch(e(Input::get('search')));
+        }
+
+        if (Input::has('limit')) {
+            $limit = e(Input::get('limit'));
+        } else {
+            $limit = 50;
+        }
+
+        $accessCount = $accessories->count();
+
+        $rows = array();
+
+        foreach ($accessories as $accessory) {
+
+            $actions = '<nobr>';
+            if (Gate::allows('accessories.checkout')) {
+                $actions .= '<a href="' . route('checkout/accessory',
+                        $accessory->id) . '" style="margin-right:5px;" class="btn btn-info btn-sm" ' . (($accessory->numRemaining() > 0) ? '' : ' disabled') . '>' . trans('general.checkout') . '</a>';
+            }
+            if (Gate::allows('accessories.edit')) {
+                $actions .= '<a href="' . route('update/accessory',
+                        $accessory->id) . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
+            }
+            if (Gate::allows('accessories.delete')) {
+                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/accessory',
+                        $accessory->id) . '" data-content="' . trans('admin/accessories/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($accessory->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
+            }
+            $actions .= '</nobr>';
+            $company = $accessory->company;
+
+            $rows[] = array(
+            'name'          => '<a href="'.url('admin/accessories/'.$accessory->id).'/view">'. $accessory->name.'</a>',
+            'category'      => ($accessory->category) ? (string)link_to('admin/settings/categories/'.$accessory->category->id.'/view', $accessory->category->name) : '',
+            'qty'           => e($accessory->qty),
+            'order_number'  => e($accessory->order_number),
+            'min_amt'  => e($accessory->min_amt),
+            'location'      => ($accessory->location) ? e($accessory->location->name): '',
+            'purchase_date' => e($accessory->purchase_date),
+            'purchase_cost' => number_format($accessory->purchase_cost, 2),
+            'numRemaining'  => $accessory->numRemaining(),
+            'actions'       => $actions,
+            'companyName'   => is_null($company) ? '' : e($company->name),
+            'manufacturer'      => $accessory->manufacturer ? (string) link_to('/admin/settings/manufacturers/'.$accessory->manufacturer_id.'/view', $accessory->manufacturer->name) : ''
+
+            );
+        }
+
+        $data = array('total'=>$accessCount, 'rows'=>$rows);
+
+        return $data;
+    }
+
+    public function getDataConsumablesView($manufacturer)
+    {
+        $consumables = $manufacturer->consumables;
+
+        if (Input::has('search')) {
+            $consumables = $consumables->TextSearch(e(Input::get('search')));
+        }
+
+        if (Input::has('limit')) {
+            $limit = e(Input::get('limit'));
+        } else {
+            $limit = 50;
+        }
+
+        $consumCount = $consumables->count();
+
+        $rows = array();
+
+        foreach ($consumables as $consumable) {
+            $actions = '<nobr>';
+            if (Gate::allows('consumables.checkout')) {
+                $actions .= '<a href="' . route('checkout/consumable',
+                        $consumable->id) . '" style="margin-right:5px;" class="btn btn-info btn-sm" ' . (($consumable->numRemaining() > 0) ? '' : ' disabled') . '>' . trans('general.checkout') . '</a>';
+            }
+
+            if (Gate::allows('consumables.edit')) {
+                $actions .= '<a href="' . route('update/consumable',
+                        $consumable->id) . '" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a>';
+            }
+            if (Gate::allows('consumables.delete')) {
+                $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/consumable',
+                        $consumable->id) . '" data-content="' . trans('admin/consumables/message.delete.confirm') . '" data-title="' . trans('general.delete') . ' ' . htmlspecialchars($consumable->name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
+            }
+
+            $actions .='</nobr>';
+
+            $company = $consumable->company;
+
+            $rows[] = array(
+                'id'            => $consumable->id,
+                'name'          => (string)link_to('admin/consumables/'.$consumable->id.'/view', e($consumable->name)),
+                'location'      => ($consumable->location) ? e($consumable->location->name) : '',
+                'min_amt'       => e($consumable->min_amt),
+                'qty'           => e($consumable->qty),
+                'manufacturer'  => ($consumable->manufacturer) ? (string) link_to('/admin/settings/manufacturers/'.$consumable->manufacturer_id.'/view', $consumable->manufacturer->name): '',
+                'model_no'      => e($consumable->model_no),
+                'item_no'       => e($consumable->item_no),
+                'category'      => ($consumable->category) ? (string) link_to('/admin/settings/categories/'.$consumable->category_id.'/view', $consumable->category->name) : 'Missing category',
+                'order_number'  => e($consumable->order_number),
+                'purchase_date' => e($consumable->purchase_date),
+                'purchase_cost' => ($consumable->purchase_cost!='') ? number_format($consumable->purchase_cost, 2): '' ,
+                'numRemaining'  => $consumable->numRemaining(),
+                'actions'       => $actions,
+                'companyName'   => is_null($company) ? '' : e($company->name),
+            );
+        }
+
+        $data = array('total' => $consumCount, 'rows' => $rows);
+
+        return $data;
+    }
 }

app/Http/Controllers/ProfileController.php

@@ -55,7 +55,7 @@ class ProfileController extends Controller
 
         if (Input::file('avatar')) {
             $image = Input::file('avatar');
-            $file_name = $user->first_name."-".$user->last_name.".".$image->getClientOriginalExtension();
+            $file_name = str_slug($user->first_name."-".$user->last_name).".".$image->getClientOriginalExtension();
             $path = public_path('uploads/avatars/'.$file_name);
             Image::make($image->getRealPath())->resize(84, 84)->save($path);
             $user->avatar = $file_name;

app/Http/Controllers/ReportsController.php

@@ -1,25 +1,26 @@
 <?php
 namespace App\Http\Controllers;
 
+use App\Helpers\Helper;
 use App\Models\Accessory;
 use App\Models\Actionlog;
 use App\Models\Asset;
 use App\Models\AssetMaintenance;
-use Carbon\Carbon;
-use Category;
+use App\Models\AssetModel;
 use App\Models\Company;
+use App\Models\CustomField;
+use App\Models\License;
+use App\Models\Location;
+use App\Models\Setting;
+use App\Models\User;
+use Carbon\Carbon;
 use Illuminate\Support\Facades\Lang;
 use Illuminate\Support\Facades\Log;
 use Illuminate\Support\Facades\Response;
 use Illuminate\Support\Facades\View;
 use Input;
 use League\Csv\Reader;
-use App\Models\License;
-use App\Models\Location;
-use App\Models\AssetModel;
 use Redirect;
-use App\Models\Setting;
-use App\Models\User;
 
 /**
  * This controller handles all actions related to Reports for
@@ -110,7 +111,7 @@ class ReportsController extends Controller
                        ->orderBy('created_at', 'DESC')
                        ->get();
 
-        return View::make('reports/asset', compact('assets'))->with('settings',$settings);
+        return View::make('reports/asset', compact('assets'))->with('settings', $settings);
     }
 
     /**
@@ -166,7 +167,7 @@ class ReportsController extends Controller
                 $row[] = '';
             }
             $row[] = $asset->purchase_date;
-            $row[] = '"' . number_format($asset->purchase_cost, 2) . '"';
+            $row[] = '"' . Helper::formatCurrencyOutput($asset->purchase_cost) . '"';
             if ($asset->order_number) {
                 $row[] = e($asset->order_number);
             } else {
@@ -308,9 +309,9 @@ class ReportsController extends Controller
             }
 
             $row[] = $asset->purchase_date;
-            $row[] = $currency . number_format($asset->purchase_cost, 2);
-            $row[] = $currency . number_format($asset->getDepreciatedValue(), 2);
-            $row[] = $currency . number_format(( $asset->purchase_cost - $asset->getDepreciatedValue() ), 2);
+            $row[] = $currency . Helper::formatCurrencyOutput($asset->purchase_cost);
+            $row[] = $currency . Helper::formatCurrencyOutput($asset->getDepreciatedValue());
+            $row[] = $currency . Helper::formatCurrencyOutput(( $asset->purchase_cost - $asset->getDepreciatedValue() ));
             $csv->insertOne($row);
         }
 
@@ -392,7 +393,7 @@ class ReportsController extends Controller
             $row[] = $license->remaincount();
             $row[] = $license->expiration_date;
             $row[] = $license->purchase_date;
-            $row[] = '"' . number_format($license->purchase_cost, 2) . '"';
+            $row[] = '"' . Helper::formatCurrencyOutput($license->purchase_cost) . '"';
 
             $rows[] = implode($row, ',');
         }
@@ -415,8 +416,8 @@ class ReportsController extends Controller
     */
     public function getCustomReport()
     {
-
-        return View::make('reports/custom');
+        $customfields = CustomField::get();
+        return View::make('reports/custom')->with('customfields', $customfields);
     }
 
     /**
@@ -430,6 +431,7 @@ class ReportsController extends Controller
     public function postCustom()
     {
         $assets = Asset::orderBy('created_at', 'DESC')->get();
+        $customfields = CustomField::get();
 
         $rows   = [ ];
         $header = [ ];
@@ -471,6 +473,9 @@ class ReportsController extends Controller
         if (e(Input::get('assigned_to')) == '1') {
             $header[] = 'Assigned To';
         }
+        if (e(Input::get('username')) == '1') {
+            $header[] = 'Username';
+        }
         if (e(Input::get('status')) == '1') {
             $header[] = 'Status';
         }
@@ -484,6 +489,13 @@ class ReportsController extends Controller
             $header[] = 'Diff';
         }
 
+        foreach ($customfields as $customfield) {
+            if (e(Input::get($customfield->db_column_name())) == '1') {
+                $header[] = $customfield->name;
+            }
+        }
+
+
         $header = array_map('trim', $header);
         $rows[] = implode($header, ',');
 
@@ -517,7 +529,7 @@ class ReportsController extends Controller
                 $row[] = e($asset->purchase_date);
             }
             if (e(Input::get('purchase_cost')) == '1' && ( e(Input::get('depreciation')) != '1' )) {
-                $row[] = '"' . number_format($asset->purchase_cost, 2) . '"';
+                $row[] = '"' . Helper::formatCurrencyOutput($asset->purchase_cost) . '"';
             }
             if (e(Input::get('order')) == '1') {
                 if ($asset->order_number) {
@@ -562,6 +574,16 @@ class ReportsController extends Controller
                     $row[] = ''; // Empty string if unassigned
                 }
             }
+
+            if (e(Input::get('username')) == '1') {
+                if ($asset->assigned_to > 0) {
+                    $user  = User::find($asset->assigned_to);
+                    $row[] = '"' .e($user->username). '"';
+                } else {
+                    $row[] = ''; // Empty string if unassigned
+                }
+            }
+
             if (e(Input::get('status')) == '1') {
                 if (( $asset->status_id == '0' ) && ( $asset->assigned_to == '0' )) {
                     $row[] = trans('general.ready_to_deploy');
@@ -584,10 +606,19 @@ class ReportsController extends Controller
             }
             if (e(Input::get('depreciation')) == '1') {
                 $depreciation = $asset->getDepreciatedValue();
-                $row[]        = '"' . number_format($asset->purchase_cost, 2) . '"';
-                $row[]        = '"' . number_format($depreciation, 2) . '"';
-                $row[]        = '"' . number_format($asset->purchase_cost - $depreciation, 2) . '"';
+                $row[]        = '"' . Helper::formatCurrencyOutput($asset->purchase_cost) . '"';
+                $row[]        = '"' . Helper::formatCurrencyOutput($depreciation) . '"';
+                $row[]        = '"' . Helper::formatCurrencyOutput($asset->purchase_cost) . '"';
             }
+
+            foreach ($customfields as $customfield) {
+                $column_name = $customfield->db_column_name();
+                if (e(Input::get($customfield->db_column_name())) == '1') {
+                    $row[] = $asset->$column_name;
+                }
+            }
+
+
             $rows[] = implode($row, ',');
         }
 
@@ -668,7 +699,7 @@ class ReportsController extends Controller
                 $improvementTime = intval($assetMaintenance->asset_maintenance_time);
             }
             $row[]  = $improvementTime;
-            $row[]  = trans('general.currency') . number_format($assetMaintenance->cost, 2);
+            $row[]  = trans('general.currency') . Helper::formatCurrencyOutput($assetMaintenance->cost);
             $rows[] = implode($row, ',');
         }
 

app/Http/Controllers/SettingsController.php

@@ -4,6 +4,7 @@ namespace App\Http\Controllers;
 use Input;
 use Lang;
 use App\Models\Setting;
+use App\Models\Ldap;
 use Redirect;
 use DB;
 use Str;
@@ -49,7 +50,7 @@ class SettingsController extends Controller
             $start_settings['db_error'] = $e->getMessage();
         }
 
-        $protocol = array_key_exists('HTTPS',$_SERVER) && ( $_SERVER['HTTPS'] == "on") ? 'https://' : 'http://';
+        $protocol = array_key_exists('HTTPS', $_SERVER) && ( $_SERVER['HTTPS'] == "on") ? 'https://' : 'http://';
 
 
         $pageURL = $protocol;
@@ -97,10 +98,17 @@ class SettingsController extends Controller
 
         }
 
-        $owner = posix_getpwuid(fileowner($_SERVER["SCRIPT_FILENAME"]));
-        $start_settings['owner'] = $owner['name'];
+        if (function_exists('posix_getpwuid')) { // Probably Linux
+            $owner = posix_getpwuid(fileowner($_SERVER["SCRIPT_FILENAME"]));
+            $start_settings['owner'] = $owner['name'];
+        } else { // Windows
+            // TODO: Is there a way of knowing if a windows user has elevated permissions
+            // This just gets the user name, which likely isn't 'root'
+            // $start_settings['owner'] = getenv('USERNAME');
+            $start_settings['owner'] = '';
+        }
 
-        if (($start_settings['owner']=='root') || ($start_settings['owner']=='0') || ($start_settings['owner']=='root')) {
+        if (($start_settings['owner']==='root') || ($start_settings['owner']==='0')) {
             $start_settings['owner_is_admin'] = true;
         } else {
             $start_settings['owner_is_admin'] = false;
@@ -331,6 +339,7 @@ class SettingsController extends Controller
 
         $setting->locale = e(Input::get('locale', 'en'));
         $setting->qr_code = e(Input::get('qr_code', '0'));
+        $setting->full_multiple_companies_support = e(Input::get('full_multiple_companies_support', '0'));
         $setting->alt_barcode = e(Input::get('alt_barcode'));
         $setting->alt_barcode_enabled = e(Input::get('alt_barcode_enabled', '0'));
         $setting->barcode_type = e(Input::get('barcode_type'));
@@ -339,6 +348,7 @@ class SettingsController extends Controller
         $setting->qr_text = e(Input::get('qr_text'));
         $setting->auto_increment_prefix = e(Input::get('auto_increment_prefix'));
         $setting->auto_increment_assets = e(Input::get('auto_increment_assets', '0'));
+        $setting->zerofill_count = e(Input::get('zerofill_count'));
         $setting->alert_interval = e(Input::get('alert_interval'));
         $setting->alert_threshold = e(Input::get('alert_threshold'));
         $setting->email_domain = e(Input::get('email_domain'));
@@ -404,6 +414,10 @@ class SettingsController extends Controller
         $setting->ldap_active_flag = e(Input::get('ldap_active_flag'));
         $setting->ldap_emp_num = e(Input::get('ldap_emp_num'));
         $setting->ldap_email = e(Input::get('ldap_email'));
+        $setting->ad_domain = e(Input::get('ad_domain'));
+        $setting->is_ad = e(Input::get('is_ad', '0'));
+        $setting->ldap_tls = e(Input::get('ldap_tls', '0'));
+        $setting->ldap_pw_sync = e(Input::get('ldap_pw_sync', '0'));
 
         // If validation fails, we'll exit the operation now.
         if ($setting->save()) {
@@ -420,6 +434,25 @@ class SettingsController extends Controller
     }
 
 
+    public function getLdapTest() {
+
+        try {
+            $connection = Ldap::connectToLdap();
+            try {
+                Ldap::bindAdminToLdap($connection);
+                return response()->json(['message' => 'It worked!'], 200);
+            } catch (\Exception $e) {
+                return response()->json(['message' => $e->getMessage()], 500);
+            }
+            return response()->json(['message' => 'It worked!'], 200);
+        } catch (\Exception $e) {
+            return response()->json(['message' => $e->getMessage()], 500);
+        }
+
+
+    }
+
+
     /**
     * Show the listing of backups
     *
@@ -544,7 +577,7 @@ class SettingsController extends Controller
     {
         if (!config('app.lock_passwords')) {
             if (Input::get('confirm_purge')=='DELETE') {
-                Artisan::call('snipeit:purge',['--force'=>'true','--no-interaction'=>true]);
+                Artisan::call('snipeit:purge', ['--force'=>'true','--no-interaction'=>true]);
                 $output = Artisan::output();
                 return View::make('settings/purge')
                 ->with('output', $output)->with('success', trans('admin/settings/message.purge.success'));

app/Http/Controllers/StatuslabelsController.php

@@ -12,6 +12,7 @@ use Str;
 use View;
 use App\Helpers\Helper;
 use Auth;
+use Illuminate\Http\Request;
 
 use Symfony\Component\HttpFoundation\JsonResponse;
 
@@ -46,23 +47,32 @@ class StatuslabelsController extends Controller
     {
         $colors = [];
 
-        $statuslabels = Statuslabel::get();
+        $statuslabels = Statuslabel::with('assets')->get();
         $labels=[];
         $points=[];
-
+        $colors=[];
         foreach ($statuslabels as $statuslabel) {
-            $labels[]=$statuslabel->name;
-            $points[]=$statuslabel->assets()->whereNull('assigned_to')->count();
+            if ($statuslabel->assets->count() > 0) {
+                $labels[]=$statuslabel->name;
+                $points[]=$statuslabel->assets()->whereNull('assigned_to')->count();
+                if ($statuslabel->color!='') {
+                    $colors[]=$statuslabel->color;
+                }
+            }
+
+
         }
         $labels[]='Deployed';
         $points[]=Asset::whereNotNull('assigned_to')->count();
 
+        $colors_array = array_merge($colors, Helper::chartColors());
+
         $result= [
             "labels" => $labels,
             "datasets" => [ [
                 "data" => $points,
-                "backgroundColor" => Helper::chartColors(),
-                "hoverBackgroundColor" =>  Helper::chartColors()
+                "backgroundColor" => $colors_array,
+                "hoverBackgroundColor" =>  $colors_array
             ]]
         ];
         return $result;
@@ -90,12 +100,17 @@ class StatuslabelsController extends Controller
      *
      * @return Redirect
      */
-    public function postCreate()
+    public function postCreate(Request $request)
     {
 
         // create a new model instance
         $statuslabel = new Statuslabel();
-        $statustype = Statuslabel::getStatuslabelTypesForDB(Input::get('statuslabel_types'));
+
+        if (!$request->has('statuslabel_types')) {
+            return redirect()->back()->withInput()->withErrors(['statuslabel_types' => trans('validation.statuslabel_type')]);
+        }
+
+        $statustype = Statuslabel::getStatuslabelTypesForDB($request->input('statuslabel_types'));
 
         // Save the Statuslabel data
         $statuslabel->name              = e(Input::get('name'));
@@ -104,6 +119,8 @@ class StatuslabelsController extends Controller
         $statuslabel->deployable          =  $statustype['deployable'];
         $statuslabel->pending          =  $statustype['pending'];
         $statuslabel->archived          =  $statustype['archived'];
+        $statuslabel->color          =  e(Input::get('color'));
+        $statuslabel->show_in_nav          =  e(Input::get('show_in_nav'),0);
 
 
         // Was the asset created?
@@ -116,36 +133,30 @@ class StatuslabelsController extends Controller
 
     }
 
-    public function store()
+    public function store(Request $request)
     {
 
-      // create a new model instance
         $statuslabel = new Statuslabel();
-        $statustype = Statuslabel::getStatuslabelTypesForDB(Input::get('modal-statuslabel_types'));
-
-      // attempt validation
-        if ($statuslabel->validate($new)) {
-
-            // Save the Statuslabel data
-            $statuslabel->name            = e(Input::get('name'));
-            $statuslabel->user_id         = Auth::user()->id;
-            $statuslabel->notes           =  '';
-            $statuslabel->deployable      =  $statustype['deployable'];
-            $statuslabel->pending         =  $statustype['pending'];
-            $statuslabel->archived        =  $statustype['archived'];
-
-            // Was the asset created?
-            if ($statuslabel->save()) {
-                // Redirect to the new Statuslabel  page
-                return JsonResponse::create($statuslabel);
-            } else {
-                return JsonResponse::create(["error" => "Couldn't save Statuslabel"], 500);
-            }
-        } else {
-            // failure
-            $errors = $statuslabel->getErrors();
-            return  JsonResponse::create(["error" => "Failed validation: ".print_r($errors->all('<li>:message</li>'), true)], 500);
+        if (!$request->has('statuslabel_types')) {
+            return JsonResponse::create(["error" => trans('validation.statuslabel_type')], 500);
         }
+
+        $statustype = Statuslabel::getStatuslabelTypesForDB(Input::get('statuslabel_types'));
+        $statuslabel->name            = e(Input::get('name'));
+        $statuslabel->user_id         = Auth::user()->id;
+        $statuslabel->notes           =  '';
+        $statuslabel->deployable      =  $statustype['deployable'];
+        $statuslabel->pending         =  $statustype['pending'];
+        $statuslabel->archived        =  $statustype['archived'];
+
+
+        if ($statuslabel->isValid()) {
+            $statuslabel->save();
+            // Redirect to the new Statuslabel  page
+            return JsonResponse::create($statuslabel);
+        }
+        return JsonResponse::create(["error" => $statuslabel->getErrors()->first()], 500);
+
     }
 
 
@@ -177,7 +188,7 @@ class StatuslabelsController extends Controller
      * @param  int  $statuslabelId
      * @return Redirect
      */
-    public function postEdit($statuslabelId = null)
+    public function postEdit(Request $request, $statuslabelId = null)
     {
         // Check if the Statuslabel exists
         if (is_null($statuslabel = Statuslabel::find($statuslabelId))) {
@@ -185,6 +196,10 @@ class StatuslabelsController extends Controller
             return redirect()->to('admin/settings/statuslabels')->with('error', trans('admin/statuslabels/message.does_not_exist'));
         }
 
+        if (!$request->has('statuslabel_types')) {
+            return redirect()->back()->withInput()->withErrors(['statuslabel_types' => trans('validation.statuslabel_type')]);
+        }
+
 
         // Update the Statuslabel data
         $statustype = Statuslabel::getStatuslabelTypesForDB(Input::get('statuslabel_types'));
@@ -193,6 +208,8 @@ class StatuslabelsController extends Controller
         $statuslabel->deployable          =  $statustype['deployable'];
         $statuslabel->pending          =  $statustype['pending'];
         $statuslabel->archived          =  $statustype['archived'];
+        $statuslabel->color          =  e(Input::get('color'));
+        $statuslabel->show_in_nav          =  e(Input::get('show_in_nav'),0);
 
 
         // Was the asset created?
@@ -243,7 +260,7 @@ class StatuslabelsController extends Controller
 
     public function getDatatable()
     {
-        $statuslabels = Statuslabel::select(array('id','name','deployable','pending','archived'))
+        $statuslabels = Statuslabel::select(array('id','name','deployable','pending','archived','color','show_in_nav'))
         ->whereNull('deleted_at');
 
         if (Input::has('search')) {
@@ -287,10 +304,19 @@ class StatuslabelsController extends Controller
 
             $actions = '<a href="'.route('update/statuslabel', $statuslabel->id).'" class="btn btn-warning btn-sm" style="margin-right:5px;"><i class="fa fa-pencil icon-white"></i></a><a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="'.route('delete/statuslabel', $statuslabel->id).'" data-content="'.trans('admin/statuslabels/message.delete.confirm').'" data-title="'.trans('general.delete').' '.htmlspecialchars($statuslabel->name).'?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a>';
 
+            if ($statuslabel->color!='') {
+                $color = '<div class="pull-left" style="margin-right: 5px; height: 20px; width: 20px; background-color: '.e($statuslabel->color).'"></div>'.e($statuslabel->color);
+            } else {
+                $color = '';
+            }
+
+
             $rows[] = array(
                 'id'            => e($statuslabel->id),
                 'type'          => e($label_type),
                 'name'          => e($statuslabel->name),
+                'color'          => $color,
+                'show_in_nav' => ($statuslabel->show_in_nav=='1') ? trans('general.yes') : trans('general.no'),
                 'actions'       => $actions
             );
         }

app/Http/Controllers/SuppliersController.php

@@ -11,6 +11,7 @@ use App\Models\Setting;
 use Str;
 use View;
 use Auth;
+use Illuminate\Http\Request;
 
 use Symfony\Component\HttpFoundation\JsonResponse;
 
@@ -102,10 +103,10 @@ class SuppliersController extends Controller
 
     }
 
-    public function store()
+    public function store(Request $request)
     {
-        $supplier=new Supplier;
-        $supplier->name=$new['name'];
+        $supplier = new Supplier;
+        $supplier->name =  e($request->input('name'));
         $supplier->user_id              = Auth::user()->id;
 
         if ($supplier->save()) {

app/Http/Controllers/UsersController.php

@@ -12,7 +12,10 @@ use App\Models\Company;
 use App\Models\Location;
 use App\Models\Setting;
 use App\Models\Statuslabel;
+use App\Http\Requests\SaveUserRequest;
+use App\Http\Requests\UpdateUserRequest;
 use App\Models\User;
+use App\Models\Ldap;
 use Auth;
 use Config;
 use Crypt;
@@ -30,7 +33,7 @@ use Symfony\Component\HttpFoundation\JsonResponse;
 use URL;
 use View;
 use Illuminate\Http\Request;
-
+use Gate;
 
 /**
  * This controller handles all actions related to Users for
@@ -38,6 +41,8 @@ use Illuminate\Http\Request;
  *
  * @version    v1.0
  */
+
+
 class UsersController extends Controller
 {
 
@@ -73,7 +78,7 @@ class UsersController extends Controller
         } else {
             $userGroups = collect();
         }
-        
+
         $permissions = config('permissions');
         $userPermissions = Helper::selectedPermissionsArray($permissions, Input::old('permissions', array()));
 
@@ -95,22 +100,49 @@ class UsersController extends Controller
     * @since [v1.0]
     * @return Redirect
     */
-    public function postCreate(Request $request)
+    public function postCreate(SaveUserRequest $request)
     {
 
         $user = new User;
-        $user->first_name  = $data['first_name']= e(Input::get('first_name'));
-        $user->last_name = e(Input::get('last_name'));
-        $user->email = $data['email'] = e(Input::get('email'));
-        $user->activated = 1;
-        $user->locale = e(Input::get('locale'));
-        $user->username = $data['username'] = e(Input::get('username'));
-        $user->password = bcrypt(Input::get('password'));
-        $data['password'] =  Input::get('password');
+        //Username, email, and password need to be handled specially because the need to respect config values on an edit.
+        $user->email = $data['email'] = e($request->input('email'));
+        $user->username = $data['username'] = e($request->input('username'));
+        if ($request->has('password')) {
+            $user->password = bcrypt($request->input('password'));
+            $data['password'] =  $request->input('password');
+        }
+        // Update the user
+        $user->first_name = e($request->input('first_name'));
+        $user->last_name = e($request->input('last_name'));
+        $user->locale = e($request->input('locale'));
+        $user->employee_num = e($request->input('employee_num'));
+        $user->activated = e($request->input('activated', $user->activated));
+        $user->jobtitle = e($request->input('jobtitle'));
+        $user->phone = e($request->input('phone'));
+        $user->location_id = e($request->input('location_id'));
+        $user->company_id = e(Company::getIdForUser($request->input('company_id')));
+        $user->manager_id = e($request->input('manager_id'));
+        $user->notes = e($request->input('notes'));
+        $user->permissions = json_encode($request->input('permission'));
+
+
+        if ($user->manager_id == "") {
+            $user->manager_id = null;
+        }
+
+        if ($user->location_id == "") {
+            $user->location_id = null;
+        }
+
+        if ($user->company_id == "") {
+            $user->company_id = null;
+        }
+
 
         if ($user->save()) {
+
             if ($request->has('groups')) {
-                $user->groups()->sync(Input::get('groups'));
+                $user->groups()->sync($request->input('groups'));
             } else {
                 $user->groups()->sync(array());
             }
@@ -118,10 +150,10 @@ class UsersController extends Controller
             if (($request->input('email_user') == 1) && ($request->has('email'))) {
               // Send the credentials through email
                 $data = array();
-                $data['email'] = e(Input::get('email'));
-                $data['username'] = e(Input::get('username'));
-                $data['first_name'] = e(Input::get('first_name'));
-                $data['password'] = e(Input::get('password'));
+                $data['email'] = e($request->input('email'));
+                $data['username'] = e($request->input('username'));
+                $data['first_name'] = e($request->input('first_name'));
+                $data['password'] = e($request->input('password'));
 
                 Mail::send('emails.send-login', $data, function ($m) use ($user) {
                     $m->to($user->email, $user->first_name . ' ' . $user->last_name);
@@ -129,27 +161,41 @@ class UsersController extends Controller
                 });
             }
             return redirect::route('users')->with('success', trans('admin/users/message.success.create'));
-        } else {
-            redirect()->back()->withInput()->withInput()->withErrors($user->getErrors())->withErrors($settings->getErrors());
         }
 
-        return redirect()->route('create/user')->withInput()->with('error', $error);
+        return redirect()->back()->withInput()->withErrors($user->getErrors());
+
+
+
     }
 
     /**
     * JSON handler for creating a user through a modal popup
     *
+    * @todo Handle validation more graciously
     * @author [B. Wetherington] [<uberbrady@gmail.com>]
     * @since [v1.8]
     * @return string JSON
     */
     public function store()
     {
-        $user = new User;
 
+        $user = new User;
         $inputs = Input::except('csrf_token', 'password_confirm', 'groups', 'email_user');
         $inputs['activated'] = true;
 
+        $user->first_name = e(Input::get('first_name'));
+        $user->last_name = e(Input::get('last_name'));
+        $user->username = e(Input::get('username'));
+        $user->email = e(Input::get('email'));
+        if (Input::has('password')) {
+            $user->password = bcrypt(Input::get('password'));
+        }
+
+        $user->activated = true;
+
+
+
       // Was the user created?
         if ($user->save()) {
 
@@ -158,6 +204,7 @@ class UsersController extends Controller
                 $data = array();
                 $data['email'] = e(Input::get('email'));
                 $data['first_name'] = e(Input::get('first_name'));
+                $data['last_name'] = e(Input::get('last_name'));
                 $data['password'] = e(Input::get('password'));
 
                 Mail::send('emails.send-login', $data, function ($m) use ($user) {
@@ -171,7 +218,6 @@ class UsersController extends Controller
         } else {
             return JsonResponse::create(["error" => "Failed validation: " . print_r($user->getErrors(), true)], 500);
         }
-        return JsonResponse::create(["error" => "Couldn't save User"], 500);
 
 
 
@@ -228,11 +274,11 @@ class UsersController extends Controller
     * @param  int  $id
     * @return Redirect
     */
-    public function postEdit(Request $request, $id = null)
+    public function postEdit(UpdateUserRequest $request, $id = null)
     {
         // We need to reverse the UI specific logic for our
         // permissions here before we update the user.
-        $permissions = Input::get('permissions', array());
+        $permissions = $request->input('permissions', array());
         app('request')->request->set('permissions', $permissions);
 
         // Only update the email address if locking is set to false
@@ -255,30 +301,35 @@ class UsersController extends Controller
             return redirect()->route('users')->with('error', $error);
         }
 
-            $user_groups = array (Input::get('groups'));
-            // Update the user
-            $user->first_name = e(Input::get('first_name'));
-            $user->last_name = e(Input::get('last_name'));
-            $user->locale = e(Input::get('locale'));
-            if (Input::has('username')) {
-                $user->username = e(Input::get('username'));
-            }
+        // First handle anything exclusive to editing.
+        if ($request->has('groups')) {
+            $user->groups()->sync($request->input('groups'));
+        } else {
+            $user->groups()->sync(array());
+        }
+        // Do we want to update the user password?
+        if ($request->has('password')) {
+            $user->password = bcrypt($request->input('password'));
+        }
+        if ( $request->has('username')) {
+            $user->username = e($request->input('username'));
+        }
+        $user->email = e($request->input('email'));
 
-            $user->email = e(Input::get('email'));
-            $user->employee_num = e(Input::get('employee_num'));
-            $user->activated = e(Input::get('activated', $user->activated));
-            $user->jobtitle = e(Input::get('jobtitle'));
-            $user->phone = e(Input::get('phone'));
-            $user->location_id = e(Input::get('location_id'));
-            $user->company_id = e(Company::getIdForUser(Input::get('company_id')));
-            $user->manager_id = e(Input::get('manager_id'));
-            $user->notes = e(Input::get('notes'));
-            $user->permissions = json_encode(Input::get('permission'));
-            if ($request->has('groups')) {
-                $user->groups()->sync(Input::get('groups'));
-            } else {
-                $user->groups()->sync(array());
-            }
+
+       // Update the user
+        $user->first_name = e($request->input('first_name'));
+        $user->last_name = e($request->input('last_name'));
+        $user->locale = e($request->input('locale'));
+        $user->employee_num = e($request->input('employee_num'));
+        $user->activated = e($request->input('activated', $user->activated));
+        $user->jobtitle = e($request->input('jobtitle'));
+        $user->phone = e($request->input('phone'));
+        $user->location_id = e($request->input('location_id'));
+        $user->company_id = e(Company::getIdForUser($request->input('company_id')));
+        $user->manager_id = e($request->input('manager_id'));
+        $user->notes = e($request->input('notes'));
+        $user->permissions = json_encode($request->input('permission'));
 
 
         if ($user->manager_id == "") {
@@ -289,24 +340,15 @@ class UsersController extends Controller
             $user->location_id = null;
         }
 
-
-            // Do we want to update the user password?
-        if ((Input::has('password')) && (!config('app.lock_passwords'))) {
-            $user->password = bcrypt(Input::get('password'));
+        if ($user->company_id == "") {
+            $user->company_id = null;
         }
 
-            // Do we want to update the user email?
-        if (!config('app.lock_passwords')) {
-            $user->email = Input::get('email');
-        }
-
-
-        if (!config('app.lock_passwords')) {
-
-        }
 
             // Was the user updated?
         if ($user->save()) {
+
+
             // Prepare the success message
             $success = trans('admin/users/message.success.update');
 
@@ -402,7 +444,7 @@ class UsersController extends Controller
 
             //print_r($licenses);
 
-            $users = User::whereIn('id', $user_raw_array)->with('groups', 'assets', 'licenses','accessories')->get();
+            $users = User::whereIn('id', $user_raw_array)->with('groups', 'assets', 'licenses', 'accessories')->get();
            // $users = Company::scopeCompanyables($users)->get();
 
             return View::make('users/confirm-bulk-delete', compact('users', 'statuslabel_list'));
@@ -486,15 +528,15 @@ class UsersController extends Controller
                     $license_array[] = $license->id;
                     // Update the asset log
                     $logaction = new Actionlog();
-                    $logaction->accessory_id = $license->id;
+                    $logaction->asset_id = $license->id;
                     $logaction->checkedout_to = $license->assigned_to;
                     $logaction->asset_type = 'software';
                     $logaction->user_id = Auth::user()->id;
                     $logaction->note = 'Bulk checkin license and delete user';
                     $logaction->logaction('checkin from');
                 }
-                
-                LicenseSeat::whereIn('id', $license_array)->update(['assigned_to' => NULL]);
+
+                LicenseSeat::whereIn('id', $license_array)->update(['assigned_to' => null]);
 
                 foreach ($users as $user) {
                     $user->accessories()->sync(array());
@@ -524,22 +566,22 @@ class UsersController extends Controller
     {
 
             // Get user information
-            if (!$user = User::onlyTrashed()->find($id)) {
-                return redirect()->route('users')->with('error', trans('admin/users/messages.user_not_found'));
-            }
+        if (!$user = User::onlyTrashed()->find($id)) {
+            return redirect()->route('users')->with('error', trans('admin/users/messages.user_not_found'));
+        }
 
-            if (!Company::isCurrentUserHasAccess($user)) {
-                return redirect()->route('users')->with('error', trans('general.insufficient_permissions'));
+        if (!Company::isCurrentUserHasAccess($user)) {
+            return redirect()->route('users')->with('error', trans('general.insufficient_permissions'));
+        } else {
+
+            // Restore the user
+            if (User::withTrashed()->where('id', $id)->restore()) {
+                return redirect()->route('users')->with('success', trans('admin/users/message.success.restored'));
             } else {
-
-                // Restore the user
-                if (User::withTrashed()->where('id',$id)->restore()) {
-                    return redirect()->route('users')->with('success', trans('admin/users/message.success.restored'));
-                } else {
-                    return redirect()->route('users')->with('error','User could not be restored.');
-                }
-
+                return redirect()->route('users')->with('error', 'User could not be restored.');
             }
+
+        }
     }
 
 
@@ -598,7 +640,7 @@ class UsersController extends Controller
             }
 
             // Do we have permission to unsuspend this user?
-            if ($user->isSuperUser() and ! Auth::user()->isSuperUser()) {
+            if ($user->isSuperUser() && !Auth::user()->isSuperUser()) {
                 // Redirect to the user management page
                 return redirect()->route('users')->with('error', 'Insufficient permissions!');
             }
@@ -649,14 +691,14 @@ class UsersController extends Controller
             // Get this user groups
             $userGroups = $user_to_clone->groups()->lists('name', 'id');
 
-            // Get this user permissions
-            $userPermissions = null;
-
             // Get a list of all the available groups
             $groups = Group::pluck('name', 'id');
 
             // Get all the available permissions
             $permissions = config('permissions');
+            $clonedPermissions = $user_to_clone->decodePermissions();
+
+            $userPermissions =Helper::selectedPermissionsArray($permissions, $clonedPermissions);
             //$this->encodeAllPermissions($permissions);
 
             $location_list = Helper::locationsList();
@@ -669,8 +711,8 @@ class UsersController extends Controller
                             ->with('company_list', $company_list)
                             ->with('manager_list', $manager_list)
                             ->with('user', $user)
-                            ->with('groups',$groups)
-                            ->with('userGroups',$userGroups)
+                            ->with('groups', $groups)
+                            ->with('userGroups', $userGroups)
                             ->with('clone_user', $user_to_clone);
         } catch (UserNotFoundException $e) {
             // Prepare the error message
@@ -761,7 +803,7 @@ class UsersController extends Controller
                             'last_name' => trim(e($row[1])),
                             'username' => trim(e($row[2])),
                             'email' => trim(e($row[3])),
-                            'password' => $pass,
+                            'password' => bcrypt($pass),
                             'activated' => $activated,
                             'location_id' => trim(e($user_location_id)),
                             'phone' => trim(e($row[5])),
@@ -771,17 +813,10 @@ class UsersController extends Controller
                             'permissions' => '{"user":1}',
                             'notes' => 'Imported user'
                         );
+                        //dd($newuser);
 
                         DB::table('users')->insert($newuser);
 
-                        $updateuser = User::find($row[2]);
-
-                        // Update the user details
-                        $updateuser->password = $pass;
-
-                        // Update the user
-                        $updateuser->save();
-
 
                         if (((Input::get('email_user') == 1) && !config('app.lock_passwords'))) {
                             // Send the credentials through email
@@ -819,7 +854,7 @@ class UsersController extends Controller
     * @see UsersController::getIndex() method that consumed this JSON response
     * @return string JSON
     */
-    public function getDatatable($status = null)
+    public function getDatatable(Request $request, $status = null)
     {
 
         if (Input::has('offset')) {
@@ -841,7 +876,7 @@ class UsersController extends Controller
         }
 
         $users = User::select(array('users.id','users.employee_num','users.email','users.username','users.location_id','users.manager_id','users.first_name','users.last_name','users.created_at','users.notes','users.company_id', 'users.deleted_at','users.activated'))
-        ->with('assets', 'accessories', 'consumables', 'licenses', 'manager', 'groups', 'userloc', 'company');
+        ->with('assets', 'accessories', 'consumables', 'licenses', 'manager', 'groups', 'userloc', 'company','throttle');
         $users = Company::scopeCompanyables($users);
 
         switch ($status) {
@@ -867,7 +902,7 @@ class UsersController extends Controller
                 $allowed_columns =
                 [
                  'last_name','first_name','email','username','employee_num',
-                 'assets','accessories', 'consumables','licenses','groups','activated'
+                 'assets','accessories', 'consumables','licenses','groups','activated','created_at'
                 ];
 
                 $sort = in_array($sort, $allowed_columns) ? $sort : 'first_name';
@@ -889,23 +924,38 @@ class UsersController extends Controller
             }
 
 
-            if (!is_null($user->deleted_at)) {
-
-                $actions .= '<a href="' . route('restore/user', $user->id) . '" class="btn btn-warning btn-sm"><i class="fa fa-share icon-white"></i></a> ';
-            } else {
-
-                if ($user->accountStatus() == 'suspended') {
-                    $actions .= '<a href="' . route('unsuspend/user', $user->id) . '" class="btn btn-default btn-sm"><span class="fa fa-clock-o"></span></a> ';
-                }
-
-                $actions .= '<a href="' . route('update/user', $user->id) . '" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> ';
-
-                if ((Auth::user()->id !== $user->id) && (!config('app.lock_passwords'))) {
-                    $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/user', $user->id) . '" data-content="Are you sure you wish to delete this user?" data-title="Delete ' . htmlspecialchars($user->first_name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a> ';
+                if (!is_null($user->deleted_at)) {
+                    if (Gate::allows('users.delete')) {
+                        $actions .= '<a href="' . route('restore/user',
+                                $user->id) . '" class="btn btn-warning btn-sm"><i class="fa fa-share icon-white"></i></a> ';
+                    }
                 } else {
-                    $actions .= ' <span class="btn delete-asset btn-danger btn-sm disabled"><i class="fa fa-trash icon-white"></i></span>';
+
+                    if (Gate::allows('users.delete')) {
+                        if ($user->accountStatus() == 'suspended') {
+                            $actions .= '<a href="' . route('unsuspend/user',
+                                    $user->id) . '" class="btn btn-default btn-sm"><span class="fa fa-clock-o"></span></a> ';
+                        }
+                    }
+                    if (Gate::allows('users.edit')) {
+                        $actions .= '<a href="' . route('update/user',
+                                $user->id) . '" class="btn btn-warning btn-sm"><i class="fa fa-pencil icon-white"></i></a> ';
+
+                        $actions .= '<a href="' . route('clone/user',
+                                $user->id) . '" class="btn btn-info btn-sm"><i class="fa fa-clone"></i></a>';
+                    }
+                    if (Gate::allows('users.delete')) {
+                        if ((Auth::user()->id !== $user->id) && (!config('app.lock_passwords'))) {
+                            $actions .= '<a data-html="false" class="btn delete-asset btn-danger btn-sm" data-toggle="modal" href="' . route('delete/user',
+                                    $user->id) . '" data-content="Are you sure you wish to delete this user?" data-title="Delete ' . htmlspecialchars($user->first_name) . '?" onClick="return false;"><i class="fa fa-trash icon-white"></i></a> ';
+                        } else {
+                            $actions .= ' <span class="btn delete-asset btn-danger btn-sm disabled"><i class="fa fa-trash icon-white"></i></span>';
+                        }
+                    } else {
+                        $actions.='foo';
+                    }
                 }
-            }
+
             $actions .= '</nobr>';
 
             $rows[] = array(
@@ -926,6 +976,7 @@ class UsersController extends Controller
                 'consumables'        => $user->consumables->count(),
                 'groups'        => $group_names,
                 'notes'         => e($user->notes),
+                'created_at' => ($user->created_at!='')  ? e($user->created_at->format('F j, Y h:iA')) : '',
                 'activated'      => ($user->activated=='1') ? '<i class="fa fa-check"></i>' : '<i class="fa fa-times"></i>',
                 'actions'       => ($actions) ? $actions : '',
                 'companyName'   => is_null($user->company) ? '' : e($user->company->name)
@@ -1042,7 +1093,7 @@ class UsersController extends Controller
                 return redirect()->route('users')->with('error', trans('general.insufficient_permissions'));
             } else {
                 $log = Actionlog::find($fileId);
-                $file = $log->get_src();
+                $file = $log->get_src('users');
                 return Response::download($file);
             }
         } else {
@@ -1063,22 +1114,24 @@ class UsersController extends Controller
     */
     public function getLDAP()
     {
-        // Get all the available groups
-        //s$groups = Sentry::getGroupProvider()->findAll();
-        // Selected groups
-        $selectedGroups = Input::old('groups', array());
-        // Get all the available permissions
-        $permissions = config('permissions');
-        //$this->encodeAllPermissions($permissions);
-        // Selected permissions
-        $selectedPermissions = Input::old('permissions', array('superuser' => -1));
-        //$this->encodePermissions($selectedPermissions);
 
         $location_list = Helper::locationsList();
 
-        // Show the page
-        return View::make('users/ldap', compact('groups', 'selectedGroups', 'permissions', 'selectedPermissions'))
-                        ->with('location_list', $location_list);
+        try {
+            $ldapconn = Ldap::connectToLdap();
+        } catch (\Exception $e) {
+            return redirect()->route('users')->with('error',$e->getMessage());
+        }
+
+
+        try {
+            Ldap::bindAdminToLdap($ldapconn);
+        } catch (\Exception $e) {
+            return redirect()->route('users')->with('error',$e->getMessage());
+        }
+
+        return View::make('users/ldap')
+              ->with('location_list', $location_list);
 
     }
 
@@ -1096,7 +1149,6 @@ class UsersController extends Controller
 
     protected $ldapValidationRules = array(
         'firstname' => 'required|string|min:2',
-        'lastname' => 'required|string|min:2',
         'employee_number' => 'string',
         'username' => 'required|min:2|unique:users,username',
         'email' => 'email|unique:users,email',
@@ -1109,17 +1161,10 @@ class UsersController extends Controller
     * @since [v1.8]
     * @return Redirect
     */
-    public function postLDAP()
+    public function postLDAP(Request $request)
     {
-
-        $location_id = e(Input::get('location_id'));
-
-        $ldap_version = Setting::getSettings()->ldap_version;
-        $url = Setting::getSettings()->ldap_server;
-        $username = Setting::getSettings()->ldap_uname;
-        $password = Crypt::decrypt(Setting::getSettings()->ldap_pword);
-        $base_dn = Setting::getSettings()->ldap_basedn;
-        $filter = Setting::getSettings()->ldap_filter;
+        ini_set('max_execution_time', 600); //600 seconds = 10 minutes
+        ini_set('memory_limit', '500M');
 
         $ldap_result_username = Setting::getSettings()->ldap_username_field;
         $ldap_result_last_name = Setting::getSettings()->ldap_lname_field;
@@ -1128,78 +1173,27 @@ class UsersController extends Controller
         $ldap_result_active_flag = Setting::getSettings()->ldap_active_flag_field;
         $ldap_result_emp_num = Setting::getSettings()->ldap_emp_num;
         $ldap_result_email = Setting::getSettings()->ldap_email;
-        $ldap_server_cert_ignore = Setting::getSettings()->ldap_server_cert_ignore;
 
-        // If we are ignoring the SSL cert we need to setup the environment variable
-        // before we create the connection
-        if ($ldap_server_cert_ignore) {
-            putenv('LDAPTLS_REQCERT=never');
+        try {
+            $ldapconn = Ldap::connectToLdap();
+        } catch (\Exception $e) {
+            return redirect()->back()->withInput()->with('error',$e->getMessage());
         }
 
-        // Connect to LDAP server
-        $ldapconn = @ldap_connect($url);
-
-        // Needed for AD
-        ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0);
-
-        if (!$ldapconn) {
-            return redirect()->route('users')->with('error', trans('admin/users/message.error.ldap_could_not_connect'));
+        try {
+            Ldap::bindAdminToLdap($ldapconn);
+        } catch (\Exception $e) {
+            return redirect()->back()->withInput()->with('error',$e->getMessage());
         }
 
-        // Set options
-        $ldapopt = @ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, $ldap_version);
-        if (!$ldapopt) {
-            return redirect()->route('users')->with('error', trans('admin/users/message.error.ldap_could_not_connect'));
-        }
-
-        // Binding to ldap server
-        $ldapbind = @ldap_bind($ldapconn, $username, $password);
-
-        Log::error(ldap_errno($ldapconn));
-        if (!$ldapbind) {
-            return redirect()->route('users')->with('error', trans('admin/users/message.error.ldap_could_not_bind').ldap_error($ldapconn));
-        }
-
-        // Set up LDAP pagination for very large databases
-        // @author Richard Hofman
-        $page_size = 500;
-        $cookie = '';
-        $result_set = array();
-        $global_count = 0;
-
-        // Perform the search
-	    do {
-    		// Paginate (non-critical, if not supported by server)
-    		ldap_control_paged_result($ldapconn, $page_size, false, $cookie);
-
-            	$search_results = ldap_search($ldapconn, $base_dn, '('.$filter.')');
-
-    	        if (!$search_results) {
-    	            return redirect()->route('users')->with('error', trans('admin/users/message.error.ldap_could_not_search').ldap_error($ldapconn));
-    	        }
-
-    	        // Get results from page
-    	        $results = ldap_get_entries($ldapconn, $search_results);
-    	        if (!$results) {
-    	            return redirect()->route('users')->with('error', trans('admin/users/message.error.ldap_could_not_get_entries').ldap_error($ldapconn));
-    	        }
-
-    		// Add results to result set
-    		$global_count += $results['count'];
-    		$result_set = array_merge($result_set, $results);
-
-    		ldap_control_paged_result_response($ldapconn, $search_results, $cookie);
-
-	   } while ($cookie !== null && $cookie != '');
-
-
-        // Clean up after search
-        $result_set['count'] = $global_count;
-        $results = $result_set;
-        ldap_control_paged_result($ldapconn, 0);
-
         $summary = array();
 
+        $results = Ldap::findLdapUsers();
+
+        $tmp_pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
+        $pass = bcrypt($tmp_pass);
+
+
         for ($i = 0; $i < $results["count"]; $i++) {
             if (empty($ldap_result_active_flag) || $results[$i][$ldap_result_active_flag][0] == "TRUE") {
 
@@ -1214,22 +1208,22 @@ class UsersController extends Controller
                 $item["createorupdate"] = 'updated';
                 if (!$user = User::where('username', $item["username"])->first()) {
                     $user = new User;
+                    $user->password = $pass;
                     $item["createorupdate"] = 'created';
                 }
 
-
               // Create the user if they don't exist.
-                $pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
+
 
                 $user->first_name = e($item["firstname"]);
                 $user->last_name = e($item["lastname"]);
                 $user->username = e($item["username"]);
                 $user->email = e($item["email"]);
                 $user->employee_num = e($item["employee_number"]);
-                $user->password = bcrypt($pass);
                 $user->activated = 1;
-                $user->location_id = e($location_id);
-                $user->permissions = '{"user":1}';
+                if ($request->input('location_id')!='') {
+                    $user->location_id = e($request->input('location_id'));
+                }
                 $user->notes = 'Imported from LDAP';
                 $user->ldap_import = 1;
 
@@ -1239,9 +1233,7 @@ class UsersController extends Controller
                     $item["note"] = $item["createorupdate"];
                     $item["status"]='success';
                 } else {
-                  //$errors_array = array($user->getErrors());
                     foreach ($user->getErrors()->getMessages() as $key => $err) {
-                      //echo $user->getErrors();
                         $errors .='<li>'.$err[0];
                     }
                     $item["note"] = $errors;
@@ -1255,7 +1247,7 @@ class UsersController extends Controller
 
 
 
-        return redirect()->route('ldap/user')->with('success', "OK")->with('summary', $summary);
+        return redirect()->route('ldap/user')->with('success', "LDAP Import successful.")->with('summary', $summary);
     }
 
     /**
@@ -1267,9 +1259,7 @@ class UsersController extends Controller
     */
     public function getAssetList($userId)
     {
-        $assets = Asset::where('assigned_to', '=', $userId)->get();
+        $assets = Asset::where('assigned_to', '=', $userId)->with('model')->get();
         return response()->json($assets);
-        //$foo = Asset::where('assigned_to','=',$userId)->get();
-        //print_r($foo);
     }
 }

app/Http/Controllers/ViewAssetsController.php

@@ -6,9 +6,10 @@ use App\Models\Actionlog;
 use App\Models\Asset;
 use App\Models\Company;
 use App\Models\Consumable;
-use App\Models\Location;
+use App\Models\Component;
 use App\Models\Setting;
 use App\Models\User;
+use App\Models\License;
 use Auth;
 use Config;
 use DB;
@@ -58,7 +59,7 @@ class ViewAssetsController extends Controller
     public function getRequestableIndex()
     {
 
-        $assets = Asset::with('model', 'defaultLoc', 'assetloc','assigneduser')->Hardware()->RequestableAssets()->get();
+        $assets = Asset::with('model', 'defaultLoc', 'assetloc', 'assigneduser')->Hardware()->RequestableAssets()->get();
 
         return View::make('account/requestable-assets', compact('user', 'assets'));
     }
@@ -142,11 +143,12 @@ class ViewAssetsController extends Controller
     public function getAcceptAsset($logID = null)
     {
 
-        if (is_null($findlog = Actionlog::find($logID))) {
-            // Redirect to the asset management page
-            return redirect()->to('account')->with('error', trans('admin/hardware/message.does_not_exist'));
+        if (!$findlog = DB::table('asset_logs')->where('id', '=', $logID)->first()) {
+            echo 'no record';
+            //return redirect()->to('account')->with('error', trans('admin/hardware/message.does_not_exist'));
         }
 
+
         $user = Auth::user();
 
         if ($user->id != $findlog->checkedout_to) {
@@ -163,6 +165,12 @@ class ViewAssetsController extends Controller
         // accessories
         } elseif ($findlog->accessory_id!='') {
             $item = Accessory::find($findlog->accessory_id);
+        // consumable
+        } elseif ($findlog->consumable_id!='') {
+            $item = Consumable::find($findlog->consumable_id);
+        // components
+        } elseif ($findlog->component_id!='') {
+            $item = Component::find($findlog->component_id);
         }
 
         // Check if the asset exists
@@ -181,16 +189,11 @@ class ViewAssetsController extends Controller
     {
 
         // Check if the asset exists
-        if (is_null($findlog = Actionlog::find($logID))) {
+        if (is_null($findlog = DB::table('asset_logs')->where('id', '=', $logID)->first())) {
             // Redirect to the asset management page
             return redirect()->to('account/view-assets')->with('error', trans('admin/hardware/message.does_not_exist'));
         }
-
-        // NOTE: make sure the global scope is applied
-        $is_unauthorized = is_null(Actionlog::where('id', '=', $logID)->first());
-        if ($is_unauthorized) {
-            return redirect()->route('requestable-assets')->with('error', trans('general.insufficient_permissions'));
-        }
+        
 
         if ($findlog->accepted_id!='') {
             // Redirect to the asset management page
@@ -236,13 +239,28 @@ class ViewAssetsController extends Controller
         } elseif (($findlog->asset_id!='') && ($findlog->asset_type=='software')) {
             $logaction->asset_id = $findlog->asset_id;
             $logaction->accessory_id = null;
+            $logaction->component_id = null;
             $logaction->asset_type = 'software';
 
         // accessories
         } elseif ($findlog->accessory_id!='') {
             $logaction->asset_id = null;
+            $logaction->component_id = null;
             $logaction->accessory_id = $findlog->accessory_id;
             $logaction->asset_type = 'accessory';
+            // accessories
+        } elseif ($findlog->consumable_id!='') {
+            $logaction->asset_id = null;
+            $logaction->accessory_id = null;
+            $logaction->component_id = null;
+            $logaction->consumable_id = $findlog->consumable_id;
+            $logaction->asset_type = 'consumable';
+        } elseif ($findlog->component_id!='') {
+            $logaction->asset_id = null;
+            $logaction->accessory_id = null;
+            $logaction->consumable_id = null;
+            $logaction->component_id = $findlog->component_id;
+            $logaction->asset_type = 'component';
         }
 
         $logaction->checkedout_to = $findlog->checkedout_to;

app/Http/Kernel.php

@@ -14,13 +14,14 @@ class Kernel extends HttpKernel
      * @var array
      */
     protected $middleware = [
-        \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
+        \MisterPhilip\MaintenanceMode\Http\Middleware\CheckForMaintenanceMode::class,
         \Illuminate\Session\Middleware\StartSession::class,
         \Illuminate\View\Middleware\ShareErrorsFromSession::class,
         \App\Http\Middleware\FrameGuard::class,
         \App\Http\Middleware\XssProtectHeader::class,
         \App\Http\Middleware\NosniffGuard::class,
         \App\Http\Middleware\CheckForSetup::class,
+        \Fideloper\Proxy\TrustProxies::class,
     ];
 
     /**

app/Http/Middleware/CheckForSetup.php

@@ -14,23 +14,23 @@ class CheckForSetup
     public function handle($request, Closure $next, $guard = null)
     {
 
-            if (Setting::setupCompleted()) {
-
-                if  ($request->is('setup*')) {
-                    return redirect(config('app.url'));
-                } else {
-                    return $next($request);
-                }
+        if (Setting::setupCompleted()) {
 
+            if ($request->is('setup*')) {
+                return redirect(config('app.url'));
             } else {
-                if (!$request->is('setup*')) {
-                    return redirect(config('app.url').'/setup')->with('Request',$request);
-                }
-
                 return $next($request);
-
             }
 
+        } else {
+            if (!$request->is('setup*')) {
+                return redirect(config('app.url').'/setup')->with('Request', $request);
+            }
+
+            return $next($request);
+
+        }
+
 
     }
 }

app/Http/Middleware/CheckPermissions.php

@@ -12,6 +12,9 @@ class CheckPermissions
   /**
    * Handle the ACLs for permissions.
    *
+   * The $section variable is passed via the route middleware,
+   * 'middleware' => [authorize:superadmin']
+   *
    * @param  \Illuminate\Http\Request  $request
    * @param  \Closure  $next
    * @param  string|null  $section
@@ -19,7 +22,7 @@ class CheckPermissions
    */
     public function handle($request, Closure $next, $section = null)
     {
-
+        
         if (Gate::allows($section)) {
             return $next($request);
         }

app/Http/Middleware/FrameGuard.php

@@ -15,7 +15,10 @@ class FrameGuard
     public function handle($request, Closure $next)
     {
         $response = $next($request);
-        $response->headers->set('X-Frame-Options', 'SAMEORIGIN', false);
+        if (config('app.allow_iframing') == false) {
+            $response->headers->set('X-Frame-Options', 'SAMEORIGIN', false);
+        }
         return $response;
+
     }
 }

app/Http/Requests/AssetRequest.php

@@ -5,6 +5,7 @@ namespace App\Http\Requests;
 use App\Http\Requests\Request;
 use App\Models\AssetModel;
 use Session;
+
 class AssetRequest extends Request
 {
     /**
@@ -30,23 +31,23 @@ class AssetRequest extends Request
           'status_id'       => 'required|integer',
           'company_id'      => 'integer',
           'warranty_months' => 'integer|min:0|max:240',
-          'physical'         => 'integer',
-          'checkout_date'   => 'date|max:10|min:10',
-          'checkin_date'    => 'date|max:10|min:10',
+          'physical'        => 'integer',
+          'checkout_date'   => 'date',
+          'checkin_date'    => 'date',
           'supplier_id'     => 'integer',
-          'asset_tag'       => 'required|min:2|max:255|unique:assets,asset_tag,NULL,deleted_at',
           'status'          => 'integer',
+          'asset_tag'       => 'required',
+          'purchase_cost'   => 'numeric',
+    
         ];
 
         $model = AssetModel::find($this->request->get('model_id'));
 
-        if (($model) && ($model->fieldset))
-        {
+        if (($model) && ($model->fieldset)) {
             $rules += $model->fieldset->validation_rules();
         }
 
 
-
         return $rules;
 
     }
@@ -55,8 +56,7 @@ class AssetRequest extends Request
     {
         $this->session()->flash('errors', Session::get('errors', new \Illuminate\Support\ViewErrorBag)
             ->put('default', new \Illuminate\Support\MessageBag($errors)));
-
+        \Input::flash();
         return parent::response($errors);
-    //     return $this->redirector->back()->withInput()->withErrors($errors, $this->errorBag);
     }
 }

app/Http/Requests/SaveUserRequest.php

@@ -0,0 +1,34 @@
+<?php
+
+namespace App\Http\Requests;
+
+use App\Http\Requests\Request;
+
+class SaveUserRequest extends Request
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     *
+     * @return bool
+     */
+    public function authorize()
+    {
+        return true;
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'first_name'              => 'required|string|min:1',
+            'email'                   => 'email',
+            'password'                => 'required|min:6',
+            'password_confirm'        => 'sometimes|required_with:password',
+            'username'                => 'required|string|min:2|unique:users,username,NULL,deleted_at',
+        ];
+    }
+}

app/Http/Requests/UpdateUserRequest.php

@@ -4,7 +4,7 @@ namespace App\Http\Requests;
 
 use App\Http\Requests\Request;
 
-class ComponentCheckoutRequest extends Request
+class UpdateUserRequest extends Request
 {
     /**
      * Determine if the user is authorized to make this request.
@@ -24,8 +24,9 @@ class ComponentCheckoutRequest extends Request
     public function rules()
     {
         return [
-            "asset_id"   => 'required',
-            "assigned_qty"   => 'required|numeric|min:1',
+            'first_name'              => 'required|string|min:1',
+            'email'                   => 'email',
+            'password_confirm'        => 'sometimes|required_with:password',
         ];
     }
 }

app/Http/Traits/UniqueUndeletedTrait.php

@@ -0,0 +1,23 @@
+<?php
+namespace App\Http\Traits;
+
+trait UniqueUndeletedTrait
+{
+
+    /**
+    * Prepare a unique_ids rule, adding a model identifier if required.
+    *
+    * @param  array  $parameters
+    * @param  string $field
+    * @return string
+    */
+    protected function prepareUniqueUndeletedRule($parameters, $field)
+    {
+        // Only perform a replacement if the model has been persisted.
+        if ($this->exists) {
+            return 'unique_undeleted:'.$this->table.','. $this->getKey();
+        }
+
+        return 'unique_undeleted:'.$this->table.',0';
+    }
+}

app/Http/routes.php

@@ -78,7 +78,7 @@ Route::group([ 'prefix' => 'api', 'middleware' => 'auth' ], function () {
     /*---Manufacturers API---*/
     Route::group(array('prefix'=>'manufacturers'), function () {
         Route::get('list', array('as'=>'api.manufacturers.list', 'uses'=>'ManufacturersController@getDatatable'));
-        Route::get('{manufacturerID}/view', array('as'=>'api.manufacturers.view', 'uses'=>'ManufacturersController@getDataView'));
+        Route::get('{manufacturerID}/view/{itemtype}', array('as'=>'api.manufacturers.view', 'uses'=>'ManufacturersController@getDataView'));
     });
 
     /*---Suppliers API---*/
@@ -138,14 +138,22 @@ Route::group([ 'prefix' => 'api', 'middleware' => 'auth' ], function () {
     Route::group([ 'prefix' => 'categories' ], function () {
 
         Route::get('list', [ 'as' => 'api.categories.list', 'uses' => 'CategoriesController@getDatatable' ]);
-        Route::get( '{categoryID}/asset/view',
-            [ 'as' => 'api.categories.asset.view', 'uses' => 'CategoriesController@getDataViewAssets' ] );
-        Route::get( '{categoryID}/accessory/view',
-            [ 'as' => 'api.categories.accessory.view', 'uses' => 'CategoriesController@getDataViewAccessories' ] );
-        Route::get( '{categoryID}/consumable/view',
-            [ 'as' => 'api.categories.consumable.view', 'uses' => 'CategoriesController@getDataViewConsumables' ] );
-        Route::get( '{categoryID}/component/view',
-            [ 'as' => 'api.categories.component.view', 'uses' => 'CategoriesController@getDataViewComponent' ] );
+        Route::get(
+            '{categoryID}/asset/view',
+            [ 'as' => 'api.categories.asset.view', 'uses' => 'CategoriesController@getDataViewAssets' ]
+        );
+        Route::get(
+            '{categoryID}/accessory/view',
+            [ 'as' => 'api.categories.accessory.view', 'uses' => 'CategoriesController@getDataViewAccessories' ]
+        );
+        Route::get(
+            '{categoryID}/consumable/view',
+            [ 'as' => 'api.categories.consumable.view', 'uses' => 'CategoriesController@getDataViewConsumables' ]
+        );
+        Route::get(
+            '{categoryID}/component/view',
+            [ 'as' => 'api.categories.component.view', 'uses' => 'CategoriesController@getDataViewComponent' ]
+        );
     });
 
     /*-- Suppliers API (mostly for creating new ones in-line while creating an asset) --*/
@@ -176,79 +184,142 @@ Route::group([ 'prefix' => 'api', 'middleware' => 'auth' ], function () {
 Route::group(
     [ 'prefix' => 'hardware',
     'middleware' => ['web',
-    'auth',
-    'authorize:assets.view']],
+    'auth']],
     function () {
 
+        Route::get('history', [
+            'as' => 'asset.import-history',
+            'middleware' => 'authorize:assets.checkout',
+            'uses' => 'AssetsController@getImportHistory'
+        ]);
+
+        Route::post('history', [
+            'as' => 'asset.process-import-history',
+            'middleware' => 'authorize:assets.checkout',
+            'uses' => 'AssetsController@postImportHistory'
+        ]);
+
+
         Route::get('create/{model?}', [
                 'as'   => 'create/hardware',
+                'middleware' => 'authorize:assets.create',
                 'uses' => 'AssetsController@getCreate'
             ]);
 
         Route::post('create', [
                 'as'   => 'savenew/hardware',
+                'middleware' => 'authorize:assets.create',
                 'uses' => 'AssetsController@postCreate'
             ]);
 
         Route::get('{assetId}/edit', [
                 'as'   => 'update/hardware',
+                'middleware' => 'authorize:assets.edit',
                 'uses' => 'AssetsController@getEdit'
             ]);
         Route::get('/bytag', [
             'as'   => 'findbytag/hardware',
+            'middleware' => 'authorize:assets.view',
             'uses' => 'AssetsController@getAssetByTag'
         ]);
 
-        Route::get('{assetId}/clone', [ 'as' => 'clone/hardware', 'uses' => 'AssetsController@getClone' ]);
+        Route::get('{assetId}/clone', [
+            'as' => 'clone/hardware',
+            'middleware' => 'authorize:assets.create',
+            'uses' => 'AssetsController@getClone'
+        ]);
+
         Route::post('{assetId}/clone', 'AssetsController@postCreate');
-        Route::get('{assetId}/delete', [ 'as' => 'delete/hardware', 'uses' => 'AssetsController@getDelete' ]);
-        Route::get(
-            '{assetId}/checkout',
-            [ 'as' => 'checkout/hardware', 'uses' => 'AssetsController@getCheckout' ]
-        );
-        Route::post('{assetId}/checkout', 'AssetsController@postCheckout');
-        Route::get(
-            '{assetId}/checkin/{backto?}',
-            [ 'as' => 'checkin/hardware', 'uses' => 'AssetsController@getCheckin' ]
-        );
-        Route::post('{assetId}/checkin/{backto?}', 'AssetsController@postCheckin');
-        Route::get('{assetId}/view', [ 'as' => 'view/hardware', 'uses' => 'AssetsController@getView' ]);
+        Route::get('{assetId}/delete', [
+            'as' => 'delete/hardware',
+            'middleware' => 'authorize:assets.delete',
+            'uses' => 'AssetsController@getDelete'
+        ]);
+        Route::get('{assetId}/checkout', [
+            'as' => 'checkout/hardware',
+            'middleware' => 'authorize:assets.checkout',
+            'uses' => 'AssetsController@getCheckout'
+        ]);
+        Route::post('{assetId}/checkout', [
+            'as' => 'checkout/hardware',
+            'middleware' => 'authorize:assets.checkout',
+            'uses' => 'AssetsController@postCheckout'
+        ]);
+        Route::get('{assetId}/checkin/{backto?}', [
+            'as' => 'checkin/hardware',
+            'middleware' => 'authorize:assets.checkin',
+            'uses' => 'AssetsController@getCheckin'
+        ]);
+
+        Route::post('{assetId}/checkin/{backto?}', [
+            'as' => 'checkin/hardware',
+            'middleware' => 'authorize:assets.checkin',
+            'uses' => 'AssetsController@postCheckin'
+        ]);
+        Route::get('{assetId}/view', [
+            'as' => 'view/hardware',
+            'middleware' => ['authorize:assets.view'],
+            'uses' => 'AssetsController@getView'
+        ]);
         Route::get('{assetId}/qr-view', [ 'as' => 'qr-view/hardware', 'uses' => 'AssetsController@getView' ]);
         Route::get('{assetId}/qr_code', [ 'as' => 'qr_code/hardware', 'uses' => 'AssetsController@getQrCode' ]);
         Route::get('{assetId}/barcode', [ 'as' => 'barcode/hardware', 'uses' => 'AssetsController@getBarCode' ]);
-        Route::get('{assetId}/restore', [ 'as' => 'restore/hardware', 'uses' => 'AssetsController@getRestore' ]);
-        Route::post('{assetId}/upload', [ 'as' => 'upload/asset', 'uses' => 'AssetsController@postUpload' ]);
-        Route::get(
-            '{assetId}/deletefile/{fileId}',
-            [ 'as' => 'delete/assetfile', 'uses' => 'AssetsController@getDeleteFile' ]
-        );
-        Route::get(
-            '{assetId}/showfile/{fileId}',
-            [ 'as' => 'show/assetfile', 'uses' => 'AssetsController@displayFile' ]
-        );
+        Route::get('{assetId}/restore', [
+            'as' => 'restore/hardware',
+            'middleware' => 'authorize:assets.delete',
+            'uses' => 'AssetsController@getRestore'
+        ]);
+        Route::post('{assetId}/upload', [
+            'as' => 'upload/asset',
+            'middleware' => 'authorize:assets.edit',
+            'uses' => 'AssetsController@postUpload'
+        ]);
 
-        Route::get(
-            'import/delete-import/{filename}',
-            [ 'as' => 'assets/import/delete-file', 'uses' => 'AssetsController@getDeleteImportFile' ]
-        );
+        Route::get('{assetId}/deletefile/{fileId}', [
+            'as' => 'delete/assetfile',
+            'middleware' => 'authorize:assets.edit',
+            'uses' => 'AssetsController@getDeleteFile'
+        ]);
 
-        Route::get(
-            'import/process/{filename}',
-            [ 'as' => 'assets/import/process-file', 'uses' => 'AssetsController@getProcessImportFile' ]
-        );
+        Route::get('{assetId}/showfile/{fileId}', [
+            'as' => 'show/assetfile',
+            'middleware' => 'authorize:assets.view',
+            'uses' => 'AssetsController@displayFile'
+        ]);
 
-        Route::get(
-            'import',
-            [ 'as' => 'assets/import', 'uses' => 'AssetsController@getImportUpload' ]
-        );
+        Route::get('import/delete-import/{filename}',  [
+                'as' => 'assets/import/delete-file',
+                'middleware' => 'authorize:assets.create',
+                'uses' => 'AssetsController@getDeleteImportFile'
+        ]);
+
+        Route::post( 'import/process/', [ 'as' => 'assets/import/process-file',
+                'middleware' => 'authorize:assets.create',
+                'uses' => 'AssetsController@postProcessImportFile'
+        ]);
+        Route::get( 'import/delete/{filename}', [ 'as' => 'assets/import/delete-file',
+                'middleware' => 'authorize:assets.create', // TODO What permissions should this require?
+                'uses' => 'AssetsController@getDeleteImportFile'
+        ]);
+
+        Route::get('import',[
+                'as' => 'assets/import',
+                'middleware' => 'authorize:assets.create',
+                'uses' => 'AssetsController@getImportUpload'
+        ]);
 
 
-        Route::post('{assetId}/edit', 'AssetsController@postEdit');
+        Route::post('{assetId}/edit',[
+            'as' => 'assets/import',
+            'middleware' => 'authorize:assets.edit',
+            'uses' => 'AssetsController@postEdit'
+        ]);
 
         Route::post(
             'bulkedit',
             [
                 'as'   => 'hardware/bulkedit',
+                'middleware' => 'authorize:assets.edit',
                 'uses' => 'AssetsController@postBulkEdit'
             ]
         );
@@ -256,6 +327,7 @@ Route::group(
             'bulkdelete',
             [
                 'as'   => 'hardware/bulkdelete',
+                'middleware' => 'authorize:assets.delete',
                 'uses' => 'AssetsController@postBulkDelete'
             ]
         );
@@ -263,10 +335,23 @@ Route::group(
             'bulksave',
             [
                 'as'   => 'hardware/bulksave',
+                'middleware' => 'authorize:assets.edit',
                 'uses' => 'AssetsController@postBulkSave'
             ]
         );
 
+        # Bulk checkout / checkin
+         Route::get( 'bulkcheckout',  [
+                 'as' => 'hardware/bulkcheckout',
+                 'middleware' => 'authorize:assets.checkout',
+                 'uses' => 'AssetsController@getBulkCheckout'
+         ]);
+        Route::post( 'bulkcheckout',  [
+            'as' => 'hardware/bulkcheckout',
+            'middleware' => 'authorize:assets.checkout',
+            'uses' => 'AssetsController@postBulkCheckout'
+        ]);
+
         # Asset Model Management
         Route::group([ 'prefix' => 'models', 'middleware' => 'auth' ], function () {
 
@@ -285,6 +370,7 @@ Route::group(
 
         Route::get('/', [
                 'as'   => 'hardware',
+                'middleware' => 'authorize:assets.view',
                 'uses' => 'AssetsController@getIndex'
             ]);
 
@@ -305,41 +391,57 @@ Route::group([ 'prefix' => 'admin','middleware' => ['web','auth']], function ()
     # Licenses
     Route::group([ 'prefix' => 'licenses', 'middleware'=>'authorize:licenses.view' ], function () {
 
-        Route::get('create', [ 'as' => 'create/licenses', 'uses' => 'LicensesController@getCreate' ]);
-        Route::post('create', 'LicensesController@postCreate');
-        Route::get('{licenseId}/edit', [ 'as' => 'update/license', 'uses' => 'LicensesController@getEdit' ]);
-        Route::post('{licenseId}/edit', 'LicensesController@postEdit');
-        Route::get('{licenseId}/clone', [ 'as' => 'clone/license', 'uses' => 'LicensesController@getClone' ]);
-        Route::post('{licenseId}/clone', 'LicensesController@postCreate');
-        Route::get('{licenseId}/delete', [ 'as' => 'delete/license', 'uses' => 'LicensesController@getDelete' ]);
-        Route::get(
-            '{licenseId}/freecheckout',
-            [ 'as' => 'freecheckout/license', 'uses' => 'LicensesController@getFreeLicense' ]
-        );
+        Route::get('create', [ 'as' => 'create/licenses', 'middleware' => 'authorize:licenses.create','uses' => 'LicensesController@getCreate' ]);
+        Route::post('create', [ 'as' => 'create/licenses', 'middleware' => 'authorize:licenses.create','uses' => 'LicensesController@postCreate' ]);
+        Route::get('{licenseId}/edit', [ 'as' => 'update/license', 'middleware' => 'authorize:licenses.edit', 'uses' => 'LicensesController@getEdit' ]);
+        Route::post('{licenseId}/edit', [ 'as' => 'update/license', 'middleware' => 'authorize:licenses.edit', 'uses' => 'LicensesController@postEdit' ]);
+        Route::get('{licenseId}/clone', [ 'as' => 'clone/license', 'middleware' => 'authorize:licenses.create', 'uses' => 'LicensesController@getClone' ]);
+        Route::post('{licenseId}/clone', [ 'as' => 'clone/license', 'middleware' => 'authorize:licenses.create', 'uses' => 'LicensesController@postCreate' ]);
+        Route::get('{licenseId}/delete', [ 'as' => 'delete/license', 'middleware' => 'authorize:licenses.delete', 'uses' => 'LicensesController@getDelete' ]);
+        Route::get('{licenseId}/freecheckout', [
+            'as' => 'freecheckout/license',
+            'middleware' => 'authorize:licenses.checkout',
+            'uses' => 'LicensesController@getFreeLicense'
+        ]);
         Route::get(
             '{licenseId}/checkout',
-            [ 'as' => 'checkout/license', 'uses' => 'LicensesController@getCheckout' ]
+            [ 'as' => 'checkout/license', 'middleware' => 'authorize:licenses.checkout','uses' => 'LicensesController@getCheckout' ]
         );
-        Route::post('{licenseId}/checkout', 'LicensesController@postCheckout');
-        Route::get(
-            '{licenseId}/checkin/{backto?}',
-            [ 'as' => 'checkin/license', 'uses' => 'LicensesController@getCheckin' ]
+        Route::post(
+            '{licenseId}/checkout',
+            [ 'as' => 'checkout/license', 'middleware' => 'authorize:licenses.checkout','uses' => 'LicensesController@postCheckout' ]
         );
-        Route::post('{licenseId}/checkin/{backto?}', 'LicensesController@postCheckin');
-        Route::get('{licenseId}/view', [ 'as' => 'view/license', 'uses' => 'LicensesController@getView' ]);
+        Route::get('{licenseId}/checkin/{backto?}', [
+            'as' => 'checkin/license',
+            'middleware' => 'authorize:licenses.checkin',
+            'uses' => 'LicensesController@getCheckin'
+        ]);
+
+        Route::post('{licenseId}/checkin/{backto?}', [
+            'as' => 'checkin/license',
+            'middleware' => 'authorize:licenses.checkin',
+            'uses' => 'LicensesController@postCheckin'
+        ]);
+
+        Route::get('{licenseId}/view', [
+            'as' => 'view/license',
+            'middleware' => 'authorize:licenses.view',
+            'uses' => 'LicensesController@getView'
+        ]);
+
         Route::post(
             '{licenseId}/upload',
-            [ 'as' => 'upload/license', 'uses' => 'LicensesController@postUpload' ]
+            [ 'as' => 'upload/license', 'middleware' => 'authorize:licenses.edit','uses' => 'LicensesController@postUpload' ]
         );
         Route::get(
             '{licenseId}/deletefile/{fileId}',
-            [ 'as' => 'delete/licensefile', 'uses' => 'LicensesController@getDeleteFile' ]
+            [ 'as' => 'delete/licensefile', 'middleware' => 'authorize:licenses.edit', 'uses' => 'LicensesController@getDeleteFile' ]
         );
         Route::get(
             '{licenseId}/showfile/{fileId}',
-            [ 'as' => 'show/licensefile', 'uses' => 'LicensesController@displayFile' ]
+            [ 'as' => 'show/licensefile', 'middleware' => 'authorize:licenses.view','uses' => 'LicensesController@displayFile' ]
         );
-        Route::get('/', [ 'as' => 'licenses', 'uses' => 'LicensesController@getIndex' ]);
+        Route::get('/', [ 'as' => 'licenses', 'middleware' => 'authorize:licenses.view','uses' => 'LicensesController@getIndex' ]);
     });
 
     # Asset Maintenances
@@ -369,84 +471,103 @@ Route::group([ 'prefix' => 'admin','middleware' => ['web','auth']], function ()
     # Accessories
     Route::group([ 'prefix' => 'accessories', 'middleware'=>'authorize:accessories.view'  ], function () {
 
-        Route::get('create', [ 'as' => 'create/accessory', 'uses' => 'AccessoriesController@getCreate' ]);
+        Route::get('create', [ 'as' => 'create/accessory', 'middleware' => 'authorize:accessories.create','uses' => 'AccessoriesController@getCreate' ]);
         Route::post('create', 'AccessoriesController@postCreate');
         Route::get(
             '{accessoryID}/edit',
-            [ 'as' => 'update/accessory', 'uses' => 'AccessoriesController@getEdit' ]
+            [ 'as' => 'update/accessory', 'middleware' => 'authorize:accessories.edit','uses' => 'AccessoriesController@getEdit' ]
         );
         Route::post('{accessoryID}/edit', 'AccessoriesController@postEdit');
         Route::get(
             '{accessoryID}/delete',
-            [ 'as' => 'delete/accessory', 'uses' => 'AccessoriesController@getDelete' ]
+            [ 'as' => 'delete/accessory', 'middleware' => 'authorize:accessories.delete','uses' => 'AccessoriesController@getDelete' ]
         );
-        Route::get('{accessoryID}/view', [ 'as' => 'view/accessory', 'uses' => 'AccessoriesController@getView' ]);
+        Route::get('{accessoryID}/view', [ 'as' => 'view/accessory', 'middleware' => 'authorize:accessories.view','uses' => 'AccessoriesController@getView' ]);
         Route::get(
             '{accessoryID}/checkout',
-            [ 'as' => 'checkout/accessory', 'uses' => 'AccessoriesController@getCheckout' ]
+            [ 'as' => 'checkout/accessory', 'middleware' => 'authorize:accessories.checkout','uses' => 'AccessoriesController@getCheckout' ]
         );
-        Route::post('{accessoryID}/checkout', 'AccessoriesController@postCheckout');
+        Route::post(
+            '{accessoryID}/checkout',
+            [ 'as' => 'checkout/accessory', 'middleware' => 'authorize:accessories.checkout','uses' => 'AccessoriesController@postCheckout' ]
+        );
+
         Route::get(
             '{accessoryID}/checkin/{backto?}',
-            [ 'as' => 'checkin/accessory', 'uses' => 'AccessoriesController@getCheckin' ]
+            [ 'as' => 'checkin/accessory', 'middleware' => 'authorize:accessories.checkin','uses' => 'AccessoriesController@getCheckin' ]
+        );
+        Route::post(
+            '{accessoryID}/checkin/{backto?}',
+            [ 'as' => 'checkin/accessory', 'middleware' => 'authorize:accessories.checkin','uses' => 'AccessoriesController@postCheckin' ]
         );
-        Route::post('{accessoryID}/checkin/{backto?}', 'AccessoriesController@postCheckin');
 
-        Route::get('/', [ 'as' => 'accessories', 'uses' => 'AccessoriesController@getIndex' ]);
+        Route::get('/', [ 'as' => 'accessories', 'middleware'=>'authorize:accessories.view', 'uses' => 'AccessoriesController@getIndex' ]);
     });
 
     # Consumables
     Route::group([ 'prefix' => 'consumables', 'middleware'=>'authorize:consumables.view'  ], function () {
 
-        Route::get('create', [ 'as' => 'create/consumable', 'uses' => 'ConsumablesController@getCreate' ]);
-        Route::post('create', 'ConsumablesController@postCreate');
+        Route::get('create', [ 'as' => 'create/consumable','middleware'=>'authorize:consumables.create', 'uses' => 'ConsumablesController@getCreate' ]);
+        Route::post('create', [ 'as' => 'create/consumable','middleware'=>'authorize:consumables.create', 'uses' => 'ConsumablesController@postCreate' ]);
         Route::get(
             '{consumableID}/edit',
-            [ 'as' => 'update/consumable', 'uses' => 'ConsumablesController@getEdit' ]
+            [ 'as' => 'update/consumable', 'middleware'=>'authorize:consumables.edit', 'uses' => 'ConsumablesController@getEdit' ]
+        );
+        Route::post(
+            '{consumableID}/edit',
+            [ 'as' => 'update/consumable', 'middleware'=>'authorize:consumables.edit', 'uses' => 'ConsumablesController@postEdit' ]
         );
-        Route::post('{consumableID}/edit', 'ConsumablesController@postEdit');
         Route::get(
             '{consumableID}/delete',
-            [ 'as' => 'delete/consumable', 'uses' => 'ConsumablesController@getDelete' ]
+            [ 'as' => 'delete/consumable',  'middleware'=>'authorize:consumables.delete','uses' => 'ConsumablesController@getDelete' ]
         );
         Route::get(
             '{consumableID}/view',
-            [ 'as' => 'view/consumable', 'uses' => 'ConsumablesController@getView' ]
+            [ 'as' => 'view/consumable',  'middleware'=>'authorize:consumables.view','uses' => 'ConsumablesController@getView' ]
         );
         Route::get(
             '{consumableID}/checkout',
-            [ 'as' => 'checkout/consumable', 'uses' => 'ConsumablesController@getCheckout' ]
+            [ 'as' => 'checkout/consumable',  'middleware'=>'authorize:consumables.checkout','uses' => 'ConsumablesController@getCheckout' ]
         );
-        Route::post('{consumableID}/checkout', 'ConsumablesController@postCheckout');
-        Route::get('/', [ 'as' => 'consumables', 'uses' => 'ConsumablesController@getIndex' ]);
+        Route::post(
+            '{consumableID}/checkout',
+            [ 'as' => 'checkout/consumable',  'middleware'=>'authorize:consumables.checkout','uses' => 'ConsumablesController@postCheckout' ]
+        );
+        Route::get('/', [ 'as' => 'consumables', 'middleware'=>'authorize:consumables.view','uses' => 'ConsumablesController@getIndex' ]);
     });
 
     # Components
     Route::group([ 'prefix' => 'components', 'middleware'=>'authorize:components.view'  ], function () {
 
-        Route::get('create', [ 'as' => 'create/component', 'uses' => 'ComponentsController@getCreate' ]);
-        Route::post('create', 'ComponentsController@postCreate');
+        Route::get('create', [ 'as' => 'create/component', 'middleware'=>'authorize:components.create','uses' => 'ComponentsController@getCreate' ]);
+        Route::post('create', [ 'as' => 'create/component', 'middleware'=>'authorize:components.create','uses' => 'ComponentsController@postCreate' ]);
         Route::get(
             '{componentID}/edit',
-            [ 'as' => 'update/component', 'uses' => 'ComponentsController@getEdit' ]
+            [ 'as' => 'update/component', 'middleware'=>'authorize:components.edit','uses' => 'ComponentsController@getEdit' ]
+        );
+        Route::post(
+            '{componentID}/edit',
+            [ 'as' => 'update/component', 'middleware'=>'authorize:components.edit','uses' => 'ComponentsController@postEdit' ]
         );
-        Route::post('{componentID}/edit', 'ComponentsController@postEdit');
         Route::get(
             '{componentID}/delete',
-            [ 'as' => 'delete/component', 'uses' => 'ComponentsController@getDelete' ]
+            [ 'as' => 'delete/component', 'middleware'=>'authorize:components.delete','uses' => 'ComponentsController@getDelete' ]
         );
         Route::get(
             '{componentID}/view',
-            [ 'as' => 'view/component', 'uses' => 'ComponentsController@getView' ]
+            [ 'as' => 'view/component', 'middleware'=>'authorize:components.view','uses' => 'ComponentsController@getView' ]
         );
         Route::get(
             '{componentID}/checkout',
-            [ 'as' => 'checkout/component', 'uses' => 'ComponentsController@getCheckout' ]
+            [ 'as' => 'checkout/component', 'middleware'=>'authorize:components.checkout','uses' => 'ComponentsController@getCheckout' ]
         );
-        Route::post('{componentID}/checkout', 'ComponentsController@postCheckout');
-        Route::post('bulk', [ 'as' => 'component/bulk-form', 'uses' => 'ComponentsController@postBulk' ]);
-        Route::post('bulksave', [ 'as' => 'component/bulk-save', 'uses' => 'ComponentsController@postBulkSave' ]);
-        Route::get('/', [ 'as' => 'components', 'uses' => 'ComponentsController@getIndex' ]);
+        Route::post(
+            '{componentID}/checkout',
+            [ 'as' => 'checkout/component', 'middleware'=>'authorize:components.checkout','uses' => 'ComponentsController@postCheckout' ]
+        );
+        Route::post('bulk', [ 'as' => 'component/bulk-form', 'middleware'=>'authorize:components.checkout','uses' => 'ComponentsController@postBulk' ]);
+        Route::post('bulksave', [ 'as' => 'component/bulk-save', 'middleware'=>'authorize:components.edit','uses' => 'ComponentsController@postBulkSave' ]);
+        Route::get('/', [ 'as' => 'components', 'middleware'=>'authorize:components.view','uses' => 'ComponentsController@getIndex' ]);
     });
 
     # Admin Settings Routes (for categories, maufactureres, etc)
@@ -458,12 +579,19 @@ Route::group([ 'prefix' => 'admin','middleware' => ['web','auth']], function ()
         Route::group([ 'prefix' => 'app' ], function () {
 
             Route::post('purge', ['as' => 'purge', 'uses' => 'SettingsController@postPurge']);
-
-            Route::get('/', [ 'as' => 'app', 'uses' => 'SettingsController@getIndex' ]);
             Route::get('edit', [ 'as' => 'edit/settings', 'uses' => 'SettingsController@getEdit' ]);
             Route::post('edit', 'SettingsController@postEdit');
+
+            Route::get('ldaptest', [
+                'as' => 'settings/ldaptest',
+                'uses' => 'SettingsController@getLdapTest'
+            ]);
+
+            Route::get('/', [ 'as' => 'app', 'uses' => 'SettingsController@getIndex' ]);
         });
 
+
+
         # Settings
         Route::group([ 'prefix' => 'backups', 'middleware' => 'auth' ], function () {
 
@@ -480,6 +608,8 @@ Route::group([ 'prefix' => 'admin','middleware' => ['web','auth']], function ()
                 'as' => 'settings/backups',
                 'uses' => 'SettingsController@postBackups'
             ]);
+
+
             Route::get('/', [ 'as' => 'settings/backups', 'uses' => 'SettingsController@getBackups' ]);
         });
 
@@ -621,27 +751,28 @@ Route::group([ 'prefix' => 'admin','middleware' => ['web','auth']], function ()
     Route::get('custom_fields/create-field', ['uses' =>'CustomFieldsController@createField','as' => 'admin.custom_fields.create-field']);
     Route::post('custom_fields/create-field', ['uses' => 'CustomFieldsController@storeField','as' => 'admin.custom_fields.store-field']);
     Route::post('custom_fields/{id}/associate', ['uses' => 'CustomFieldsController@associate','as' => 'admin.custom_fields.associate']);
+    Route::get('custom_fields/{field_id}/{fieldset_id}/disassociate', ['uses' => 'CustomFieldsController@deleteFieldFromFieldset','as' => 'admin.custom_fields.disassociate']);
     Route::match(['DELETE'], 'custom_fields/delete-field/{id}', ['uses' => 'CustomFieldsController@deleteField','as' => 'admin.custom_fields.delete-field']);
     Route::resource('custom_fields', 'CustomFieldsController');
 
     # User Management
-    Route::group([ 'prefix' => 'users' ], function () {
+    Route::group([ 'prefix' => 'users', 'middleware' => ['web','auth','authorize:users.view']], function () {
 
-        Route::get('ldap', ['as' => 'ldap/user', 'uses' => 'UsersController@getLDAP' ]);
+        Route::get('ldap', ['as' => 'ldap/user', 'uses' => 'UsersController@getLDAP', 'middleware' => ['authorize:users.edit'] ]);
         Route::post('ldap', 'UsersController@postLDAP');
 
-        Route::get('create', [ 'as' => 'create/user', 'uses' => 'UsersController@getCreate' ]);
-        Route::post('create', 'UsersController@postCreate');
-        Route::get('import', [ 'as' => 'import/user', 'uses' => 'UsersController@getImport' ]);
-        Route::post('import', 'UsersController@postImport');
-        Route::get('{userId}/edit', [ 'as' => 'update/user', 'uses' => 'UsersController@getEdit' ]);
-        Route::post('{userId}/edit', 'UsersController@postEdit');
-        Route::get('{userId}/clone', [ 'as' => 'clone/user', 'uses' => 'UsersController@getClone' ]);
-        Route::post('{userId}/clone', 'UsersController@postCreate');
-        Route::get('{userId}/delete', [ 'as' => 'delete/user', 'uses' => 'UsersController@getDelete' ]);
-        Route::get('{userId}/restore', [ 'as' => 'restore/user', 'uses' => 'UsersController@getRestore' ]);
-        Route::get('{userId}/view', [ 'as' => 'view/user', 'uses' => 'UsersController@getView' ]);
-        Route::get('{userId}/unsuspend', [ 'as' => 'unsuspend/user', 'uses' => 'UsersController@getUnsuspend' ]);
+        Route::get('create', [ 'as' => 'create/user', 'uses' => 'UsersController@getCreate', 'middleware' => ['authorize:users.edit']  ]);
+        Route::post('create', [ 'uses' => 'UsersController@postCreate', 'middleware' => ['authorize:users.edit']  ]);
+        Route::get('import', [ 'as' => 'import/user', 'uses' => 'UsersController@getImport', 'middleware' => ['authorize:users.edit']  ]);
+        Route::post('import', [ 'uses' => 'UsersController@postImport', 'middleware' => ['authorize:users.edit']  ]);
+        Route::get('{userId}/edit', [ 'as' => 'update/user', 'uses' => 'UsersController@getEdit', 'middleware' => ['authorize:users.edit']  ]);
+        Route::post('{userId}/edit', [ 'uses' => 'UsersController@postEdit', 'middleware' => ['authorize:users.edit']  ]);
+        Route::get('{userId}/clone', [ 'as' => 'clone/user', 'uses' => 'UsersController@getClone', 'middleware' => ['authorize:users.edit']  ]);
+        Route::post('{userId}/clone', [ 'uses' => 'UsersController@postCreate', 'middleware' => ['authorize:users.edit']  ]);
+        Route::get('{userId}/delete', [ 'as' => 'delete/user', 'uses' => 'UsersController@getDelete', 'middleware' => ['authorize:users.edit']  ]);
+        Route::get('{userId}/restore', [ 'as' => 'restore/user', 'uses' => 'UsersController@getRestore', 'middleware' => ['authorize:users.edit']  ]);
+        Route::get('{userId}/view', [ 'as' => 'view/user', 'uses' => 'UsersController@getView' , 'middleware' => ['authorize:users.view'] ]);
+        Route::get('{userId}/unsuspend', [ 'as' => 'unsuspend/user', 'uses' => 'UsersController@getUnsuspend', 'middleware' => ['authorize:users.edit'] ]);
         Route::get(
             '{userId}/deletefile/{fileId}',
             [ 'as' => 'delete/userfile', 'uses' => 'UsersController@getDeleteFile' ]
@@ -655,14 +786,16 @@ Route::group([ 'prefix' => 'admin','middleware' => ['web','auth']], function ()
             'bulkedit',
             [
                 'as'   => 'users/bulkedit',
-                'uses' => 'UsersController@postBulkEdit'
+                'uses' => 'UsersController@postBulkEdit',
+                'middleware' => ['authorize:users.edit'],
             ]
         );
         Route::post(
             'bulksave',
             [
                 'as'   => 'users/bulksave',
-                'uses' => 'UsersController@postBulkSave'
+                'uses' => 'UsersController@postBulkSave',
+                'middleware' => ['authorize:users.edit'],
             ]
         );
 
@@ -671,7 +804,7 @@ Route::group([ 'prefix' => 'admin','middleware' => ['web','auth']], function ()
     });
 
     # Group Management
-    Route::group([ 'prefix' => 'groups' ], function () {
+    Route::group([ 'prefix' => 'groups', 'middleware' => ['web','auth','authorize:superadmin'] ], function () {
 
         Route::get('/', [ 'as' => 'groups', 'uses' => 'GroupsController@getIndex' ]);
         Route::get('create', [ 'as' => 'create/group', 'uses' => 'GroupsController@getCreate' ]);
@@ -726,7 +859,7 @@ Route::group([ 'prefix' => 'account', 'middleware' => ['web', 'auth']], function
     );
 
     # Account Dashboard
-    Route::get('/', [ 'as' => 'account', 'uses' => 'ProfileController@getDashboard' ]);
+    Route::get('/', [ 'as' => 'account', 'uses' => 'ViewAssetsController@getIndex' ]);
 
 });
 

app/Models/Accessory.php

@@ -7,7 +7,7 @@ use Watson\Validating\ValidatingTrait;
 
 /**
  * Model for Accessories.
- * 
+ *
  * @version    v1.0
  */
 class Accessory extends Model
@@ -22,11 +22,12 @@ class Accessory extends Model
     * Accessory validation rules
     */
     public $rules = array(
-      'name'        => 'required|min:3|max:255',
-      'qty'         => 'required|integer|min:1',
-      'category_id' => 'required|integer',
-      'company_id'  => 'integer',
-      'min_amt'     => 'integer|min:1',
+        'name'              => 'required|min:3|max:255',
+        'qty'               => 'required|integer|min:1',
+        'category_id'       => 'required|integer',
+        'company_id'        => 'integer',
+        'min_amt'           => 'integer|min:1',
+        'purchase_cost'     => 'numeric',
     );
 
 
@@ -81,6 +82,11 @@ class Accessory extends Model
         return $this->belongsToMany('\App\Models\User', 'accessories_users', 'accessory_id', 'assigned_to')->count();
     }
 
+    public function manufacturer()
+    {
+        return $this->belongsTo('\App\Models\Manufacturer', 'manufacturer_id');
+    }
+
     public function checkin_email()
     {
         return $this->category->checkin_email;

app/Models/Actionlog.php

@@ -21,7 +21,7 @@ class Actionlog extends Model implements ICompanyableChild
 
     protected $table      = 'asset_logs';
     public $timestamps = true;
-    protected $fillable   = [ 'created_at', 'asset_type' ];
+    protected $fillable   = [ 'created_at', 'asset_type','user_id','asset_id','action_type','note','checkedout_to' ];
 
     public function getCompanyableParents()
     {
@@ -85,6 +85,13 @@ class Actionlog extends Model implements ICompanyableChild
                     ->withTrashed();
     }
 
+    public function userasassetlog()
+    {
+
+        return $this->belongsTo('\App\Models\User', 'asset_id')
+            ->withTrashed();
+    }
+
     public function childlogs()
     {
 

app/Models/Asset.php

@@ -10,9 +10,11 @@ use Illuminate\Database\Eloquent\SoftDeletes;
 use Log;
 use Parsedown;
 use Watson\Validating\ValidatingTrait;
+use App\Http\Traits\UniqueUndeletedTrait;
 use DateTime;
 use App\Models\Setting;
 use App\Helpers\Helper;
+use Auth;
 
 /**
  * Model for Assets.
@@ -39,6 +41,7 @@ class Asset extends Depreciable
   */
     protected $injectUniqueIdentifier = true;
     use ValidatingTrait;
+    use UniqueUndeletedTrait;
 
     protected $rules = [
     'name'            => 'min:2|max:255',
@@ -50,8 +53,9 @@ class Asset extends Depreciable
     'checkout_date'   => 'date|max:10|min:10',
     'checkin_date'    => 'date|max:10|min:10',
     'supplier_id'     => 'integer',
-    'asset_tag'       => 'required|min:2|max:255|unique:assets,asset_tag,NULL,deleted_at',
+    'asset_tag'       => 'required|min:1|max:255|unique_undeleted',
     'status'          => 'integer',
+    'purchase_cost'   => 'numeric',
     ];
 
 
@@ -69,20 +73,36 @@ class Asset extends Depreciable
     }
 
 
+    public function availableForCheckout()
+    {
+      return (
+          empty($this->assigned_to) &&
+          $this->assetstatus->deployable == 1 &&
+          empty($this->deleted_at)
+        );
+    }
+
   /**
   * Checkout asset
   */
     public function checkOutToUser($user, $admin, $checkout_at = null, $expected_checkin = null, $note = null, $name = null)
     {
+        if (!$user) {
+            return false;
+        }
 
         if ($expected_checkin) {
-            $this->expected_checkin = $expected_checkin ;
+            $this->expected_checkin = $expected_checkin;
         }
 
         $this->last_checkout = $checkout_at;
 
         $this->assigneduser()->associate($user);
-        $this->name = $name;
+
+        if($name != null)
+        {
+            $this->name = $name;
+        }
 
         $settings = Setting::getSettings();
 
@@ -90,17 +110,15 @@ class Asset extends Depreciable
             $this->accepted="pending";
         }
 
-        if (!$user) {
-            return false;
-        }
+
 
         if ($this->save()) {
 
             // $action, $admin, $user, $expected_checkin = null, $note = null, $checkout_at = null
-            $log_id = $this->createLogRecord('checkout', $this, $admin, $user, $expected_checkin, $note, $checkout_at);
+            $log = $this->createLogRecord('checkout', $this, $admin, $user, $expected_checkin, $note, $checkout_at);
 
             if ((($this->requireAcceptance()=='1')  || ($this->getEula())) && ($user->email!='')) {
-                $this->checkOutNotifyMail($log_id, $user, $checkout_at, $expected_checkin, $note);
+                $this->checkOutNotifyMail($log->id, $user, $checkout_at, $expected_checkin, $note);
             }
 
             if ($settings->slack_endpoint) {
@@ -155,7 +173,7 @@ class Asset extends Depreciable
                 'fields' => [
                 [
                   'title' => 'Checked Out:',
-                  'value' => 'HARDWARE asset <'.config('app.url').'/hardware/'.$this->id.'/view'.'|'.$this->showAssetName().'> checked out to <'.config('app.url').'/admin/users/'.$this->assigned_to.'/view|'.$this->assigneduser->fullName().'> by <'.config('app.url').'/hardware/'.$this->id.'/view'.'|'.$admin->fullName().'>.'
+                  'value' => 'HARDWARE asset <'.config('app.url').'/hardware/'.$this->id.'/view'.'|'.$this->showAssetName().'> checked out to <'.config('app.url').'/admin/users/'.$this->assigned_to.'/view|'.$this->assigneduser->fullName().'> by <'.config('app.url').'/admin/users/'.Auth::user()->id.'/view'.'|'.$admin->fullName().'>.'
                 ],
                 [
                     'title' => 'Note:',
@@ -165,20 +183,21 @@ class Asset extends Depreciable
                 ])->send('Asset Checked Out');
 
             } catch (Exception $e) {
-                print_r($e);
+                LOG::error($e);
             }
         }
 
     }
 
 
-    public function getDetailedNameAttribute() {
-      if($this->assigned_user) {
-        $user_name = $user->fullName();
-      } else {
-        $user_name = "Unassigned";
-      }
-      return $this->asset_tag . ' - ' . $this->name . ' (' . $user_name . ') ' . $this->model->name;
+    public function getDetailedNameAttribute()
+    {
+        if ($this->assignedUser) {
+            $user_name = $this->assignedUser->fullName();
+        } else {
+            $user_name = "Unassigned";
+        }
+        return $this->asset_tag . ' - ' . $this->name . ' (' . $user_name . ') ' . $this->model->name;
     }
     public function validationRules($id = '0')
     {
@@ -326,7 +345,7 @@ class Asset extends Depreciable
     public static function assetcount()
     {
 
-        return Asset::where('physical', '=', '1')
+        return Company::scopeCompanyables(Asset::where('physical', '=', '1'))
                ->whereNull('deleted_at', 'and')
                ->count();
     }
@@ -370,7 +389,10 @@ class Asset extends Depreciable
     {
 
         if ($this->name == '') {
-            return $this->model->name;
+            if ($this->model) {
+                return $this->model->name.' ('.$this->asset_tag.')';
+            }
+            return $this->asset_tag;
         } else {
             return $this->name;
         }
@@ -460,13 +482,24 @@ class Asset extends Depreciable
             $asset_tag = \DB::table('assets')
                 ->where('physical', '=', '1')
                 ->max('id');
+
+            if ($settings->zerofill_count > 0) {
+                return $settings->auto_increment_prefix.Asset::zerofill(($asset_tag + 1),$settings->zerofill_count);
+            }
             return $settings->auto_increment_prefix.($asset_tag + 1);
         } else {
             return false;
         }
     }
 
-    public function checkin_email()
+
+    public static function zerofill ($num, $zerofill = 3)
+    {
+        return str_pad($num, $zerofill, '0', STR_PAD_LEFT);
+    }
+
+
+public function checkin_email()
     {
         return $this->model->category->checkin_email;
     }
@@ -542,13 +575,13 @@ class Asset extends Depreciable
 
     public function scopeAssetsByLocation($query, $location)
     {
-        return $query->where(function ($query) use ($location)
-        {
-            $query->whereHas('assigneduser', function ($query) use ($location)
-            {
+        return $query->where(function ($query) use ($location) {
+        
+            $query->whereHas('assigneduser', function ($query) use ($location) {
+            
                 $query->where('users.location_id', '=', $location->id);
-            })->orWhere(function ($query) use ($location)
-            {
+            })->orWhere(function ($query) use ($location) {
+            
                 $query->where('assets.rtd_location_id', '=', $location->id);
                 $query->whereNull('assets.assigned_to');
             });
@@ -595,6 +628,23 @@ class Asset extends Depreciable
         });
     }
 
+    /**
+     * Query builder scope for non-Archived assets
+     *
+     * @param  Illuminate\Database\Query\Builder $query Query builder instance
+     *
+     * @return Illuminate\Database\Query\Builder          Modified query builder
+     */
+
+    public function scopeNotArchived($query)
+    {
+
+        return $query->whereHas('assetstatus', function ($query) {
+
+            $query->where('archived', '=', 0);
+        });
+    }
+
   /**
    * Query builder scope for Archived assets
    *
@@ -639,10 +689,10 @@ class Asset extends Depreciable
     public function scopeRequestableAssets($query)
     {
 
-        return $query->where('requestable', '=', 1)
+        return Company::scopeCompanyables($query->where('requestable', '=', 1))
         ->whereHas('assetstatus', function ($query) {
 
-           $query->where('deployable', '=', 1)
+            $query->where('deployable', '=', 1)
                  ->where('pending', '=', 0)
                  ->where('archived', '=', 0);
         });
@@ -712,7 +762,7 @@ class Asset extends Depreciable
   */
     public function scopeAccepted($query)
     {
-        return $uery->where("accepted", "=", "accepted");
+        return $query->where("accepted", "=", "accepted");
     }
 
 
@@ -735,7 +785,8 @@ class Asset extends Depreciable
                     $query->whereHas('category', function ($query) use ($search) {
                         $query->where(function ($query) use ($search) {
                             $query->where('categories.name', 'LIKE', '%'.$search.'%')
-                            ->orWhere('models.name', 'LIKE', '%'.$search.'%');
+                            ->orWhere('models.name', 'LIKE', '%'.$search.'%')
+                            ->orWhere('models.modelno', 'LIKE', '%'.$search.'%');
                         });
                     });
                 })->orWhereHas('model', function ($query) use ($search) {
@@ -793,6 +844,19 @@ class Asset extends Depreciable
         return $query->join('models', 'assets.model_id', '=', 'models.id')->orderBy('models.name', $order);
     }
 
+    /**
+    * Query builder scope to order on model number
+    *
+    * @param  Illuminate\Database\Query\Builder  $query  Query builder instance
+    * @param  text                              $order       Order
+    *
+    * @return Illuminate\Database\Query\Builder          Modified query builder
+    */
+    public function scopeOrderModelNumber($query, $order)
+    {
+        return $query->join('models', 'assets.model_id', '=', 'models.id')->orderBy('models.modelno', $order);
+    }
+
 
         /**
         * Query builder scope to order on assigned user
@@ -865,7 +929,7 @@ class Asset extends Depreciable
     }
 
   /**
-    * Query builder scope to order on model
+    * Query builder scope to order on location
     *
     * @param  Illuminate\Database\Query\Builder  $query  Query builder instance
     * @param  text                              $order       Order

app/Models/AssetMaintenance.php

@@ -15,6 +15,7 @@ class AssetMaintenance extends Model implements ICompanyableChild
 {
     use SoftDeletes;
     use CompanyableChildTrait;
+    use ValidatingTrait;
 
 
     protected $dates = [ 'deleted_at' ];
@@ -49,9 +50,9 @@ class AssetMaintenance extends Model implements ICompanyableChild
     {
 
         return [
-            Lang::get('admin/asset_maintenances/general.maintenance') => Lang::get('admin/asset_maintenances/general.maintenance'),
-            Lang::get('admin/asset_maintenances/general.repair')      => Lang::get('admin/asset_maintenances/general.repair'),
-            Lang::get('admin/asset_maintenances/general.upgrade')     => Lang::get('admin/asset_maintenances/general.upgrade')
+            trans('admin/asset_maintenances/general.maintenance') => trans('admin/asset_maintenances/general.maintenance'),
+            trans('admin/asset_maintenances/general.repair')      => trans('admin/asset_maintenances/general.repair'),
+            trans('admin/asset_maintenances/general.upgrade')     => trans('admin/asset_maintenances/general.upgrade')
         ];
     }
 
@@ -70,6 +71,20 @@ class AssetMaintenance extends Model implements ICompanyableChild
                     ->withTrashed();
     }
 
+    /**
+     * Get the admin who created the maintenance
+     *
+     * @return mixed
+     * @author  A. Gianotto <snipe@snipe.net>
+     * @version v3.0
+     */
+    public function admin()
+    {
+
+        return $this->belongsTo('\App\Models\User', 'user_id')
+            ->withTrashed();
+    }
+
     public function supplier()
     {
 
@@ -78,24 +93,11 @@ class AssetMaintenance extends Model implements ICompanyableChild
     }
 
     /**
-       * -----------------------------------------------
-       * BEGIN QUERY SCOPES
-       * -----------------------------------------------
-       **/
-
-    /**
-       * Query builder scope for Deleted assets
-       *
-       * @param  Illuminate\Database\Query\Builder $query Query builder instance
-       *
-       * @return Illuminate\Database\Query\Builder          Modified query builder
-       */
-
-    public function scopeDeleted($query)
-    {
-
-        return $query->whereNotNull('deleted_at');
-    }
+   * -----------------------------------------------
+   * BEGIN QUERY SCOPES
+   * -----------------------------------------------
+   **/
+    
 
     /**
       * Query builder scope to search on text
@@ -118,4 +120,19 @@ class AssetMaintenance extends Model implements ICompanyableChild
                 ->orWhere('completion_date', 'LIKE', '%'.$search.'%');
          });
     }
+
+    /**
+     * Query builder scope to order on admin user
+     *
+     * @param  Illuminate\Database\Query\Builder  $query  Query builder instance
+     * @param  text                              $order       Order
+     *
+     * @return Illuminate\Database\Query\Builder          Modified query builder
+     */
+    public function scopeOrderAdmin($query, $order)
+    {
+        return $query->leftJoin('users', 'asset_maintenances.user_id', '=', 'users.id')
+            ->orderBy('users.first_name', $order)
+            ->orderBy('users.last_name', $order);
+    }
 }

app/Models/AssetModel.php

@@ -19,7 +19,7 @@ class AssetModel extends Model
 
     // Declare the rules for the model validation
     protected $rules = array(
-        'name'          => 'required|min:2|max:255',
+        'name'          => 'required|min:1|max:255',
         'modelno'           => 'min:1|max:255',
         'category_id'       => 'required|integer',
         'manufacturer_id'   => 'required|integer',

app/Models/Category.php

@@ -4,6 +4,7 @@ namespace App\Models;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;
 use Watson\Validating\ValidatingTrait;
+use App\Http\Traits\UniqueUndeletedTrait;
 
 /**
  * Model for Categories. Categories are a higher-level group
@@ -25,7 +26,7 @@ class Category extends Model
     */
     public $rules = array(
         'user_id' => 'numeric',
-        'name'   => 'required|min:3|max:255|unique:categories,name,NULL,deleted_at',
+        'name'   => 'required|min:1|max:255|unique_undeleted',
         'category_type'   => 'required',
     );
 
@@ -38,6 +39,7 @@ class Category extends Model
     */
     protected $injectUniqueIdentifier = true;
     use ValidatingTrait;
+    use UniqueUndeletedTrait;
 
 
     /**

app/Models/Company.php

@@ -3,6 +3,8 @@ namespace App\Models;
 
 use Illuminate\Database\Eloquent\Model;
 use Watson\Validating\ValidatingTrait;
+use Auth;
+use DB;
 
 /**
  * Model for Companies.
@@ -14,7 +16,11 @@ final class Company extends Model
     protected $table = 'companies';
 
     // Declare the rules for the model validation
-    protected $rules = ['name' => 'required|min:1|max:255|unique:companies,name'];
+    protected $rules = [
+        'name' => 'required|min:1|max:255|unique:companies,name'
+    ];
+
+
     /**
     * Whether the model should inject it's identifier to the unique
     * validation rules before attempting validation. If this property
@@ -53,16 +59,12 @@ final class Company extends Model
             $company_id = null;
         }
 
-        if ($company_id == null) {
-            return $query;
-        } else {
-            return $query->where($column, '=', $company_id);
-        }
+        return $query->where($column, '=', $company_id);
     }
 
     public static function getSelectList()
     {
-        $select_company = Lang::get('general.select_company');
+        $select_company = trans('general.select_company');
         return ['0' => $select_company] + DB::table('companies')->orderBy('name', 'ASC')->lists('name', 'id');
     }
 
@@ -84,11 +86,17 @@ final class Company extends Model
         } else {
             $current_user = Auth::user();
 
-            if ($current_user->company_id != null) {
-                return $current_user->company_id;
-            } else {
+            // Super users should be able to set a company to whatever they need
+            if ($current_user->isSuperUser()) {
                 return static::getIdFromInput($unescaped_input);
+            } else {
+                if ($current_user->company_id != null) {
+                    return $current_user->company_id;
+                } else {
+                    return static::getIdFromInput($unescaped_input);
+                }
             }
+
         }
     }
 
@@ -101,14 +109,14 @@ final class Company extends Model
         } else {
             $current_user_company_id = Auth::user()->company_id;
             $companyable_company_id = $companyable->company_id;
-
-            return ($current_user_company_id == null || $current_user_company_id == $companyable_company_id);
+            return ($current_user_company_id == null || $current_user_company_id == $companyable_company_id || Auth::user()->isSuperUser());
         }
     }
 
     public static function isCurrentUserAuthorized()
     {
-        return (!static::isFullMultipleCompanySupportEnabled() || Auth::user()->company_id == null);
+
+        return ((!static::isFullMultipleCompanySupportEnabled()) || (Auth::user()->isSuperUser()));
     }
 
     public static function canManageUsersCompanies()
@@ -128,7 +136,7 @@ final class Company extends Model
 
     public static function scopeCompanyables($query, $column = 'company_id')
     {
-        if (!static::isFullMultipleCompanySupportEnabled()) {
+        if (!static::isFullMultipleCompanySupportEnabled() || (Auth::check() && Auth::user()->isSuperUser())) {
             return $query;
         } else {
             return static::scopeCompanyablesDirectly($query, $column);
@@ -139,7 +147,7 @@ final class Company extends Model
     {
         if (count($companyable_names) == 0) {
             throw new Exception('No Companyable Children to scope');
-        } elseif (!static::isFullMultipleCompanySupportEnabled()) {
+        } elseif (!static::isFullMultipleCompanySupportEnabled() || (Auth::check() && Auth::user()->isSuperUser())) {
             return $query;
         } else {
             $f = function ($q) {

app/Models/Component.php

@@ -30,7 +30,11 @@ class Component extends Model
     */
     public $rules = array(
         'name'        => 'required|min:3|max:255',
-        'min_amt'     => 'integer|min:1',
+        'total_qty'     => 'required|integer|min:1',
+        'category_id' => 'required|integer',
+        'company_id'  => 'integer',
+        'purchase_date'  => 'date',
+        'purchase_cost'   => 'numeric',
     );
 
     /**

app/Models/Consumable.php

@@ -29,6 +29,7 @@ class Consumable extends Model
         'category_id' => 'required|integer',
         'company_id'  => 'integer',
         'min_amt'     => 'integer|min:1',
+        'purchase_cost'   => 'numeric',
     );
 
     /**

app/Models/CustomField.php

@@ -11,14 +11,14 @@ class CustomField extends Model
 
     */
     public static $PredefinedFormats=[
-    "ANY" => "",
-    "ALPHA" => "alpha",
-    "EMAIL" => "email",
-    "DATE" => "date",
-    "URL" => "url",
-    "NUMERIC" => "numeric",
-    "MAC" => "regex:/^[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}$/",
-    "IP" => "ip"
+        "ANY" => "",
+        "ALPHA" => "alpha",
+        "EMAIL" => "email",
+        "DATE" => "date",
+        "URL" => "url",
+        "NUMERIC" => "numeric",
+        "MAC" => "regex:/^[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}$/",
+        "IP" => "ip",
     ];
 
     public $rules=[
@@ -109,4 +109,43 @@ class CustomField extends Model
             $this->attributes['format']=$value;
         }
     }
+
+    /**
+     * Format a value string as an array for select boxes and checkboxes.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.4]
+     * @return Array
+     */
+    public function formatFieldValuesAsArray() {
+        $arr = preg_split("/\\r\\n|\\r|\\n/", $this->field_values);
+
+        $result[''] = 'Select '.strtolower($this->format);
+
+        for ($x = 0; $x < count($arr); $x++) {
+            $arr_parts = explode('|', $arr[$x]);
+            if ($arr_parts[0]!='') {
+                if (key_exists('1',$arr_parts)) {
+                    $result[$arr_parts[0]] = $arr_parts[1];
+                } else {
+                    $result[$arr_parts[0]] = $arr_parts[0];
+                }
+            }
+
+        }
+
+
+        return $result;
+    }
+
+    public function isFieldDecryptable($string) {
+        if (($this->field_encrypted=='1') && ($string!='')) {
+            return true;
+        }
+        return false;
+    }
+
+
+
+
 }

app/Models/CustomFieldset.php

@@ -2,6 +2,7 @@
 namespace App\Models;
 
 use Illuminate\Database\Eloquent\Model;
+use Gate;
 
 class CustomFieldset extends Model
 {
@@ -30,16 +31,21 @@ class CustomFieldset extends Model
     {
         $rules=[];
         foreach ($this->fields as $field) {
-            $rule=[];
-            if ($field->pivot->required) {
-                $rule[]="required";
+            $rule = [];
+
+            if (($field->field_encrypted!='1') ||
+                  (($field->field_encrypted =='1')  && (Gate::allows('admin')) ))
+                  {
+
+                if ($field->pivot->required) {
+                    $rule[]="required";
+                }
             }
+
             array_push($rule, $field->attributes['format']);
             $rules[$field->db_column_name()]=$rule;
         }
         return $rules;
     }
 
-  //requiredness goes *here*
-  //sequence goes here?
 }

app/Models/Group.php

@@ -37,7 +37,4 @@ class Group extends Model
     {
         return json_decode($this->permissions, true);
     }
-
-
-
 }

app/Models/Ldap.php

@@ -0,0 +1,298 @@
+<?php
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Model;
+use App\Models\User;
+use App\Models\Setting;
+use Exception;
+use Input;
+use Log;
+
+
+class Ldap extends Model
+{
+
+    /**
+     * Makes a connection to LDAP using the settings in Admin > Settings.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @return connection
+     */
+
+    public static function connectToLdap()
+    {
+
+        $ldap_host    = Setting::getSettings()->ldap_server;
+        $ldap_version = Setting::getSettings()->ldap_version;
+        $ldap_server_cert_ignore = Setting::getSettings()->ldap_server_cert_ignore;
+        $ldap_use_tls = Setting::getSettings()->ldap_tls;
+
+
+        // If we are ignoring the SSL cert we need to setup the environment variable
+        // before we create the connection
+        if ($ldap_server_cert_ignore=='1') {
+            putenv('LDAPTLS_REQCERT=never');
+        }
+
+        // If the user specifies where CA Certs are, make sure to use them
+        if(env("LDAPTLS_CACERT")) {
+          putenv("LDAPTLS_CACERT=".env("LDAPTLS_CACERT"));
+        }
+
+        $connection = @ldap_connect($ldap_host);
+
+        if (!$connection) {
+            throw new Exception('Could not connect to LDAP server at '.$ldap_host.'. Please check your LDAP server name and port number in your settings.');
+        }
+
+        // Needed for AD
+        ldap_set_option($connection, LDAP_OPT_REFERRALS, 0);
+        ldap_set_option($connection, LDAP_OPT_PROTOCOL_VERSION, $ldap_version);
+
+        if ($ldap_use_tls=='1') {
+            ldap_start_tls($connection);
+        }
+
+        return $connection;
+    }
+
+
+    /**
+     * Binds/authenticates the user to LDAP, and returns their attributes.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @param $username
+     * @param $password
+     * @param bool|false $user
+     * @return bool true    if the username and/or password provided are valid
+     *              false   if the username and/or password provided are invalid
+     *         array of ldap_attributes if $user is true
+     *
+     */
+    static function findAndBindUserLdap($username, $password)
+    {
+        $settings = Setting::getSettings();
+        $connection = Ldap::connectToLdap();
+        $ldap_username_field     = $settings->ldap_username_field;
+        $baseDn      = $settings->ldap_basedn;
+
+        if ($settings->is_ad =='1')
+        {
+
+            // Check if they are using the userprincipalname for the username field.
+            // If they are, we can skip building the UPN to authenticate against AD
+            if ($ldap_username_field=='userprincipalname')
+            {
+                $userDn = $username;
+            } else {
+                // In case they haven't added an AD domain
+                if ($settings->ad_domain == '') {
+                    $userDn      = $username.'@'.$settings->email_domain;
+                } else {
+                    $userDn      = $username.'@'.$settings->ad_domain;
+                }
+            }
+
+        } else {
+            $userDn      = $ldap_username_field.'='.$username.','.$settings->ldap_basedn;
+        }
+
+
+        $filterQuery = $settings->ldap_auth_filter_query . $username;
+
+        if (!$ldapbind = @ldap_bind($connection, $userDn, $password)) {
+            return false;
+        }
+
+        if (!$results = ldap_search($connection, $baseDn, $filterQuery)) {
+            throw new Exception('Could not search LDAP: ');
+        }
+
+        if (!$entry = ldap_first_entry($connection, $results)) {
+            return false;
+        }
+
+        if (!$user =  array_change_key_case(ldap_get_attributes($connection, $entry), CASE_LOWER)) {
+            return false;
+        }
+
+        return $user;
+
+    }
+
+
+    /**
+     * Binds/authenticates an admin to LDAP for LDAP searching/syncing.
+     * Here we also return a better error if the app key is donked.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @param bool|false $user
+     * @return bool true    if the username and/or password provided are valid
+     *              false   if the username and/or password provided are invalid
+     *
+     */
+    static function bindAdminToLdap($connection)
+    {
+
+        $ldap_username     = Setting::getSettings()->ldap_uname;
+
+        // Lets return some nicer messages for users who donked their app key, and disable LDAP
+        try {
+            $ldap_pass    = \Crypt::decrypt(Setting::getSettings()->ldap_pword);
+        } catch (Exception $e) {
+
+            throw new Exception('Your app key has changed! Could not decrypt LDAP password using your current app key, so LDAP authentication has been disabled. Login with a local account, update the LDAP password and re-enable it in Admin > Settings.');
+        }
+
+
+        if (!$ldapbind = @ldap_bind($connection, $ldap_username, $ldap_pass)) {
+            throw new Exception('Could not bind to LDAP: '.ldap_error($connection));
+        }
+
+    }
+
+
+    /**
+     * Parse and map LDAP attributes based on settings
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     *
+     * @param $ldapatttibutes
+     * @return array|bool
+     */
+    static function parseAndMapLdapAttributes($ldapatttibutes)
+    {
+        //Get LDAP attribute config
+        $ldap_result_username = Setting::getSettings()->ldap_username_field;
+        $ldap_result_emp_num = Setting::getSettings()->ldap_emp_num;
+        $ldap_result_last_name = Setting::getSettings()->ldap_lname_field;
+        $ldap_result_first_name = Setting::getSettings()->ldap_fname_field;
+        $ldap_result_email = Setting::getSettings()->ldap_email;
+
+        // Get LDAP user data
+        $item = array();
+        $item["username"] = isset($ldapatttibutes[$ldap_result_username][0]) ? $ldapatttibutes[$ldap_result_username][0] : "";
+        $item["employee_number"] = isset($ldapatttibutes[$ldap_result_emp_num][0]) ? $ldapatttibutes[$ldap_result_emp_num][0] : "";
+        $item["lastname"] = isset($ldapatttibutes[$ldap_result_last_name][0]) ? $ldapatttibutes[$ldap_result_last_name][0] : "";
+        $item["firstname"] = isset($ldapatttibutes[$ldap_result_first_name][0]) ? $ldapatttibutes[$ldap_result_first_name][0] : "";
+        $item["email"] = isset($ldapatttibutes[$ldap_result_email][0]) ? $ldapatttibutes[$ldap_result_email][0] : "" ;
+
+        return $item;
+
+
+    }
+
+    /**
+     * Create user from LDAP attributes
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @param $ldapatttibutes
+     * @return array|bool
+     */
+    static function createUserFromLdap($ldapatttibutes)
+    {
+        $item = Ldap::parseAndMapLdapAttributes($ldapatttibutes);
+
+
+        // Create user from LDAP data
+        if (!empty($item["username"])) {
+            $user = new User;
+            $user->first_name = $item["firstname"];
+            $user->last_name = $item["lastname"];
+            $user->username = $item["username"];
+            $user->email = $item["email"];
+
+            if (Setting::getSettings()->ldap_pw_sync=='1') {
+                $user->password = bcrypt(Input::get("password"));
+            } else {
+                $pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 25);
+                $user->password = bcrypt($pass);
+            }
+
+            $user->activated = 1;
+            $user->ldap_import = 1;
+            $user->notes = 'Imported on first login from LDAP';
+
+            if ($user->save()) {
+                return true;
+            } else {
+                LOG::debug('Could not create user.'.$user->getErrors());
+                exit;
+            }
+        }
+
+        return false;
+
+    }
+
+    /**
+     * Searches LDAP
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v3.0]
+     * @param $ldapatttibutes
+     * @return array|bool
+     */
+    static function findLdapUsers() {
+
+        $ldapconn = Ldap::connectToLdap();
+        $ldap_bind = Ldap::bindAdminToLdap($ldapconn);
+        $base_dn = Setting::getSettings()->ldap_basedn;
+        $filter = Setting::getSettings()->ldap_filter;
+
+        // Set up LDAP pagination for very large databases
+        // @author Richard Hofman
+        $page_size = 500;
+        $cookie = '';
+        $result_set = array();
+        $global_count = 0;
+
+        // Perform the search
+        do {
+
+            // Paginate (non-critical, if not supported by server)
+            if (!$ldap_paging = @ldap_control_paged_result($ldapconn, $page_size, false, $cookie)) {
+                throw new Exception('Problem with your LDAP connection. Try checking the Use TLS setting in Admin > Settings. ');
+            }
+
+
+            $search_results = ldap_search($ldapconn, $base_dn, '('.$filter.')');
+
+            if (!$search_results) {
+                return redirect()->route('users')->with('error', trans('admin/users/message.error.ldap_could_not_search').ldap_error($ldapconn));
+            }
+
+            // Get results from page
+            $results = ldap_get_entries($ldapconn, $search_results);
+            if (!$results) {
+                return redirect()->route('users')->with('error', trans('admin/users/message.error.ldap_could_not_get_entries').ldap_error($ldapconn));
+            }
+
+            // Add results to result set
+            $global_count += $results['count'];
+            $result_set = array_merge($result_set, $results);
+
+            ldap_control_paged_result_response($ldapconn, $search_results, $cookie);
+
+        } while ($cookie !== null && $cookie != '');
+
+
+        // Clean up after search
+        $result_set['count'] = $global_count;
+        $results = $result_set;
+        ldap_control_paged_result($ldapconn, 0);
+
+        return $results;
+
+
+    }
+
+
+
+
+}

app/Models/License.php

@@ -36,6 +36,11 @@ class License extends Depreciable
         return $this->belongsTo('\App\Models\Company', 'company_id');
     }
 
+    public function manufacturer()
+    {
+        return $this->belongsTo('\App\Models\Manufacturer', 'manufacturer_id');
+    }
+
     /**
      * Get the assigned user
      */

app/Models/Location.php

@@ -6,6 +6,7 @@ use Illuminate\Database\Eloquent\SoftDeletes;
 use App\Models\User;
 use App\Models\Asset;
 use Watson\Validating\ValidatingTrait;
+use App\Http\Traits\UniqueUndeletedTrait;
 
 class Location extends Model
 {
@@ -13,7 +14,7 @@ class Location extends Model
     protected $dates = ['deleted_at'];
     protected $table = 'locations';
     protected $rules = array(
-      'name'        => 'required|min:3|max:255|unique:locations,name,NULL,deleted_at',
+      'name'        => 'required|min:3|max:255|unique_undeleted',
       'city'        => 'min:3|max:255',
       'state'           => 'min:2|max:32',
       'country'     => 'min:2|max:2|max:2',
@@ -31,6 +32,7 @@ class Location extends Model
     */
     protected $injectUniqueIdentifier = true;
     use ValidatingTrait;
+    use UniqueUndeletedTrait;
 
 
     /**

app/Models/Manufacturer.php

@@ -46,6 +46,21 @@ class Manufacturer extends Model
         return $this->hasManyThrough('\App\Models\Asset', '\App\Models\AssetModel', 'manufacturer_id', 'model_id');
     }
 
+    public function licenses()
+    {
+        return $this->hasMany('\App\Models\License', 'manufacturer_id');
+    }
+
+    public function accessories()
+    {
+        return $this->hasMany('\App\Models\Accessory', 'manufacturer_id');
+    }
+
+    public function consumables()
+    {
+        return $this->hasMany('\App\Models\Consumable', 'manufacturer_id');
+    }
+
     /**
     * Query builder scope to search on text
     *

app/Models/Setting.php

@@ -55,22 +55,22 @@ class Setting extends Model
         return $static_cache;
     }
 
-    public static function setupCompleted() {
+    public static function setupCompleted()
+    {
         
-            $users_table_exists = Schema::hasTable('users');
-            $settings_table_exists = Schema::hasTable('settings');
+        $users_table_exists = Schema::hasTable('users');
+        $settings_table_exists = Schema::hasTable('settings');
+        
+        if ($users_table_exists && $settings_table_exists) {
+            $usercount = User::withTrashed()->count();
 
-
-            if ($users_table_exists && $settings_table_exists) {
-                $usercount = User::withTrashed()->count();
-
-                if ($usercount > 0) {
-                    return true;
-                }
-                return false;
-            } else {
-                return false;
+            if ($usercount > 0) {
+                return true;
             }
+            return false;
+        } else {
+            return false;
+        }
         return false;
 
 

app/Models/Statuslabel.php

@@ -4,11 +4,13 @@ namespace App\Models;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;
 use Watson\Validating\ValidatingTrait;
+use App\Http\Traits\UniqueUndeletedTrait;
 
 class Statuslabel extends Model
 {
     use SoftDeletes;
     use ValidatingTrait;
+    use UniqueUndeletedTrait;
 
     protected $injectUniqueIdentifier = true;
     protected $dates = ['deleted_at'];
@@ -16,18 +18,20 @@ class Statuslabel extends Model
 
 
     protected $rules = array(
-      'name'  => 'required|string|unique:status_labels,name,NULL,deleted_at',
-      //'statuslabel_types' => 'required|in:deployable,pending,archived,undeployable',
-      'notes'   => 'string',
+        'name'  => 'required|string|unique_undeleted',
+        'notes'   => 'string',
+        'deployable' => 'required',
+        'pending' => 'required',
+        'archived' => 'required',
     );
 
-    protected $fillable = ['name'];
+    protected $fillable = ['name', 'deployable', 'pending', 'archived'];
 
     /**
      * Show count of assets with status label
      *
      * @todo Remove this. It's dumb.
-     * @return Collection
+     * @return \Illuminate\Support\Collection
      */
     public function has_assets()
     {
@@ -37,7 +41,7 @@ class Statuslabel extends Model
     /**
      * Get assets with associated status label
      *
-     * @return Collection
+     * @return \Illuminate\Support\Collection
      */
     public function assets()
     {
@@ -47,11 +51,11 @@ class Statuslabel extends Model
     public function getStatuslabelType()
     {
 
-        if ($this->pending == 1) {
+        if (($this->pending == '1') && ($this->archived == '0')  && ($this->deployable == '0')) {
             return 'pending';
-        } elseif ($this->archived == 1) {
+        } elseif (($this->pending == '0') && ($this->archived == '1')  && ($this->deployable == '0')) {
             return 'archived';
-        } elseif (($this->archived == 0) && ($this->deployable == 0) && ($this->deployable == 0)) {
+        } elseif (($this->pending == '0') && ($this->archived == '0')  && ($this->deployable == '0')) {
             return 'undeployable';
         } else {
             return 'deployable';
@@ -74,11 +78,12 @@ class Statuslabel extends Model
             $statustype['pending'] = 0;
             $statustype['deployable'] = 0;
             $statustype['archived'] = 1;
-
-        } elseif ($type == 'undeployable') {
+            
+        } else {
             $statustype['pending'] = 0;
             $statustype['deployable'] = 0;
             $statustype['archived'] = 0;
+
         }
 
         return $statustype;

app/Models/Supplier.php

@@ -4,14 +4,16 @@ namespace App\Models;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\SoftDeletes;
 use Watson\Validating\ValidatingTrait;
+use App\Http\Traits\UniqueUndeletedTrait;
 
 class Supplier extends Model
 {
     use SoftDeletes;
     protected $dates = ['deleted_at'];
+    protected $table = 'suppliers';
 
     protected $rules = array(
-        'name'              => 'required|min:3|max:255|unique:suppliers,name,NULL,deleted_at',
+        'name'              => 'required|min:3|max:255|unique_undeleted',
         'address'           => 'min:3|max:255',
         'address2'          => 'min:2|max:255',
         'city'              => 'min:3|max:255',
@@ -35,6 +37,7 @@ class Supplier extends Model
     */
     protected $injectUniqueIdentifier = true;
     use ValidatingTrait;
+    use UniqueUndeletedTrait;
 
     /**
      * The attributes that are mass assignable.

app/Models/User.php

@@ -7,8 +7,8 @@ use Illuminate\Auth\Passwords\CanResetPassword;
 use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
 use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
 use Watson\Validating\ValidatingTrait;
-use App\Models\Company;
 use Illuminate\Database\Eloquent\SoftDeletes;
+use App\Http\Traits\UniqueUndeletedTrait;
 
 class User extends Model implements AuthenticatableContract, CanResetPasswordContract
 {
@@ -17,6 +17,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
     use ValidatingTrait;
     use Authenticatable;
     use CanResetPassword;
+    use UniqueUndeletedTrait;
 
     protected $dates = ['deleted_at'];
     protected $table = 'users';
@@ -32,8 +33,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
 
     protected $rules = [
         'first_name'              => 'required|string|min:1',
-        'last_name'               => 'required|string|min:1',
-        'username'                => 'required|string|min:2|unique:users,username,NULL,deleted_at',
+        'username'                => 'required|string|min:2|unique_undeleted',
         'email'                   => 'email',
         'password'                => 'required|min:6',
     ];
@@ -45,7 +45,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
         if ($this->isSuperUser()) {
             return true;
         }
-        $permitted = false;
+
         $user_groups = $this->groups;
 
 
@@ -55,29 +55,36 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
 
         $user_permissions = json_decode($this->permissions, true);
 
-        if (($user_permissions!='') && ((array_key_exists($section, $user_permissions)) && ($user_permissions[$section]=='1')) ) {
-            $permitted = true;
+        //If the user is explicitly granted, return true
+        if (($user_permissions!='') && ((array_key_exists($section, $user_permissions)) && ($user_permissions[$section]=='1'))) {
+            return true;
         }
 
+        // If the user is explicitly denied, return false
+        if (($user_permissions=='') || array_key_exists($section, $user_permissions) && ($user_permissions[$section]=='-1')) {
+            return false;
+        }
+
+        // Loop through the groups to see if any of them grant this permission
         foreach ($user_groups as $user_group) {
-            $group_permissions = json_decode($user_group->permissions, true);
+            $group_permissions = (array) json_decode($user_group->permissions, true);
             if (((array_key_exists($section, $group_permissions)) && ($group_permissions[$section]=='1'))) {
-                $permitted = true;
+                return true;
             }
         }
 
-
-        return $permitted;
+        return false;
     }
 
-    public function isSuperUser() {
+    public function isSuperUser()
+    {
         if (!$user_permissions = json_decode($this->permissions, true)) {
             return false;
         }
 
         foreach ($this->groups as $user_group) {
             $group_permissions = json_decode($user_group->permissions, true);
-            $group_array = $group_permissions;
+            $group_array = (array)$group_permissions;
             if ((array_key_exists('superuser', $group_array)) && ($group_permissions['superuser']=='1')) {
                 return true;
             }
@@ -158,6 +165,14 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
         return $this->hasMany('\App\Models\Asset', 'assigned_to')->withTrashed();
     }
 
+    /**
+     * Get assets assigned to this user
+     */
+    public function assetmaintenances()
+    {
+        return $this->hasMany('\App\Models\AssetMaintenance', 'user_id')->withTrashed();
+    }
+
     /**
      * Get accessories assigned to this user
      */
@@ -211,22 +226,16 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
      */
     public function groups()
     {
-        static $static_cache = null;
-
-        if (!$static_cache) {
-            $static_cache = $this->belongsToMany('\App\Models\Group', 'users_groups');
-        }
-        return $static_cache;
-        //return $this->belongsToMany('\App\Models\Group', 'users_groups');
+        return $this->belongsToMany('\App\Models\Group', 'users_groups');
     }
 
 
     public function accountStatus()
     {
-        if ($this->sentryThrottle) {
-            if ($this->sentryThrottle->suspended==1) {
+        if ($this->throttle) {
+            if ($this->throttle->suspended==1) {
                 return 'suspended';
-            } elseif ($this->sentryThrottle->banned==1) {
+            } elseif ($this->throttle->banned==1) {
                 return 'banned';
             } else {
                 return false;
@@ -253,7 +262,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
             ->orderBy('created_at', 'desc');
     }
 
-    public function sentryThrottle()
+    public function throttle()
     {
         return $this->hasOne('\App\Models\Throttle');
     }
@@ -293,6 +302,10 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
             ->orWhere('username', '=', $user_email);
     }
 
+    public static function generateEmailFromFullName($name) {
+        $username = User::generateFormattedNameFromFullName(Setting::getSettings()->email_format, $name);
+        return $username['username'].'@'.Setting::getSettings()->email_domain;
+    }
 
     public static function generateFormattedNameFromFullName($format = 'filastname', $users_name)
     {
@@ -324,8 +337,9 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
             } elseif ($format=='firstname') {
                 $email_last_name.=str_replace(' ', '', $last_name);
                 $email_prefix = $first_name;
-
             }
+
+
         }
 
         $user_username = $email_prefix;

app/Providers/AppServiceProvider.php

@@ -3,6 +3,8 @@ namespace App\Providers;
 
 use Validator;
 use Illuminate\Support\ServiceProvider;
+use DB;
+
 
 /**
  * This service provider handles a few custom validation rules.
@@ -47,6 +49,21 @@ class AppServiceProvider extends ServiceProvider
             }
 
         });
+
+        // Unique only if undeleted
+        // This works around the use case where multiple deleted items have the same unique attribute.
+        // (I think this is a bug in Laravel's validator?)
+        Validator::extend('unique_undeleted', function($attribute, $value, $parameters, $validator) {
+
+            $count = DB::table($parameters[0])->select('id')->where($attribute,'=',$value)->whereNull('deleted_at')->where('id','!=',$parameters[1])->count();
+
+            if ($count < 1) {
+                return true;
+            } else {
+                return false;
+            }
+
+        });
     }
 
     /**

app/Providers/AuthServiceProvider.php

@@ -91,6 +91,19 @@ class AuthServiceProvider extends ServiceProvider
             }
         });
 
+        $gate->define('assets.edit', function ($user) {
+            if (($user->hasAccess('assets.edit')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        // Checks for some level of management
+        $gate->define('assets.manage', function ($user) {
+            if (($user->hasAccess('assets.checkin')) || ($user->hasAccess('assets.edit')) || ($user->hasAccess('assets.delete')) || ($user->hasAccess('assets.checkout')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
 
         # -----------------------------------------
         # Accessories
@@ -131,6 +144,13 @@ class AuthServiceProvider extends ServiceProvider
             }
         });
 
+        // Checks for some level of management
+        $gate->define('accessories.manage', function ($user) {
+            if (($user->hasAccess('accessories.checkin')) || ($user->hasAccess('accessories.edit')) || ($user->hasAccess('accessories.checkout')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
         # -----------------------------------------
         # Consumables
         # -----------------------------------------
@@ -170,6 +190,13 @@ class AuthServiceProvider extends ServiceProvider
             }
         });
 
+        // Checks for some level of management
+        $gate->define('consumables.manage', function ($user) {
+            if (($user->hasAccess('consumables.checkin')) || ($user->hasAccess('consumables.edit')) || ($user->hasAccess('consumables.delete')) || ($user->hasAccess('consumables.checkout')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
 
 
         # -----------------------------------------
@@ -205,7 +232,7 @@ class AuthServiceProvider extends ServiceProvider
         # Components
         # -----------------------------------------
         $gate->define('components.view', function ($user) {
-            if (($user->hasAccess('components.create')) || ($user->hasAccess('admin'))) {
+            if (($user->hasAccess('components.view')) || ($user->hasAccess('admin'))) {
                 return true;
             }
         });
@@ -228,6 +255,13 @@ class AuthServiceProvider extends ServiceProvider
             }
         });
 
+        // Checks for some level of management
+        $gate->define('components.manage', function ($user) {
+            if (($user->hasAccess('components.edit')) || ($user->hasAccess('components.delete')) || ($user->hasAccess('components.checkout')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
 
         # -----------------------------------------
         # Licenses
@@ -268,6 +302,19 @@ class AuthServiceProvider extends ServiceProvider
             }
         });
 
+        $gate->define('licenses.keys', function ($user) {
+            if (($user->hasAccess('licenses.keys')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
+        // Checks for some level of management
+        $gate->define('licenses.manage', function ($user) {
+            if (($user->hasAccess('licenses.checkin')) || ($user->hasAccess('licenses.edit')) || ($user->hasAccess('licenses.delete')) || ($user->hasAccess('licenses.checkout')) || ($user->hasAccess('admin'))) {
+                return true;
+            }
+        });
+
 
     }
 }

c3.php

@@ -48,6 +48,16 @@ if (!function_exists('__c3_error')) {
     }
 }
 
+// phpunit codecoverage shimming
+if (class_exists('SebastianBergmann\CodeCoverage\CodeCoverage')) {
+      class_alias('SebastianBergmann\CodeCoverage\CodeCoverage', 'PHP_CodeCoverage');
+      class_alias('SebastianBergmann\CodeCoverage\Report\Text', 'PHP_CodeCoverage_Report_Text');
+      class_alias('SebastianBergmann\CodeCoverage\Report\PHP', 'PHP_CodeCoverage_Report_PHP');
+      class_alias('SebastianBergmann\CodeCoverage\Report\Clover', 'PHP_CodeCoverage_Report_Clover');
+      class_alias('SebastianBergmann\CodeCoverage\Report\Html\Facade', 'PHP_CodeCoverage_Report_HTML');
+      class_alias('SebastianBergmann\CodeCoverage\Exception', 'PHP_CodeCoverage_Exception');
+}
+
 // Autoload Codeception classes
 if (!class_exists('\\Codeception\\Codecept')) {
     if (file_exists(__DIR__ . '/codecept.phar')) {

composer.json

@@ -1,8 +1,8 @@
 {
-  "name": "Snipe-IT Laravel 5.2",
-  "description": "The Laravel Framework.",
-  "keywords": ["framework", "laravel"],
-  "license": "MIT",
+  "name": "snipe/snipe-it",
+  "description": "Open source asset management system built on Laravel.",
+  "keywords": ["assets", "asset-management", "laravel"],
+  "license": "AGPL-3",
   "type": "project",
       "require": {
       "php": ">=5.5.9",
@@ -11,8 +11,8 @@
       "league/csv": "~7.0",
       "maknz/slack": "dev-master",
       "erusev/parsedown": "dev-master",
-      "fideloper/proxy": "2.1.1",
-      "guzzlehttp/guzzle": "5.3.0",
+      "fideloper/proxy": "^3.1",
+      "guzzlehttp/guzzle": "6.2.1",
       "aws/aws-sdk-php-laravel": "~3.0",
       "tecnickcom/tc-lib-barcode": "dev-master",
       "laravelcollective/html" : "~5.0",
@@ -21,12 +21,15 @@
       "doctrine/common": "v2.5.3",
       "doctrine/dbal": "v2.4.2",
       "barryvdh/laravel-debugbar": "^2.1",
-      "spatie/laravel-backup": "^3.7"
+      "spatie/laravel-backup": "3.8.1",
+      "misterphilip/maintenance-mode": "1.0.*",
+      "neitanod/forceutf8": "dev-master"
     },
     "require-dev": {
       "fzaninotto/faker": "~1.4",
       "mockery/mockery": "0.9.*",
       "phpunit/phpunit": "~4.0",
+      "squizlabs/php_codesniffer": "2.*",
       "phpspec/phpspec": "~2.1",
       "codeception/codeception": "2.1.*",
       "symfony/dom-crawler": "~3.0",

config/app.php

@@ -117,7 +117,7 @@ return [
     |--------------------------------------------------------------------------
     | This is the path for any uploaded files that have to be run through the
     | auth system to ensure they are not visible to the public. These should be
-    | stored somewhere outside of the web root so that an unautenticated user
+    | stored somewhere outside of the web root so that an unauthenticated user
     | cannot access them.
     |
     | For example: license keys, contracts, etc.
@@ -127,6 +127,20 @@ return [
     'private_uploads' => storage_path().'/private_uploads',
 
 
+    /*
+    |--------------------------------------------------------------------------
+    | ALLOW I-FRAMING
+    |--------------------------------------------------------------------------
+    |
+    | Normal users will never need to edit this. This option lets you run
+    | Snipe-IT within an I-Frame, which is normally disabled by default for
+    | security reasons, to prevent clickjacking. It should normally be set to false.
+    |
+    */
+
+    'allow_iframing' => env('ALLOW_IFRAMING', false),
+
+
     /*
     |--------------------------------------------------------------------------
     | Demo Mode Lockdown
@@ -140,7 +154,6 @@ return [
     'lock_passwords' => env('APP_LOCKED', false),
 
 
-
     /*
     |--------------------------------------------------------------------------
     | Autoloaded Service Providers
@@ -196,6 +209,9 @@ return [
         Intervention\Image\ImageServiceProvider::class,
         Collective\Html\HtmlServiceProvider::class,
         Spatie\Backup\BackupServiceProvider::class,
+        Fideloper\Proxy\TrustedProxyServiceProvider::class,
+        MisterPhilip\MaintenanceMode\MaintenanceModeServiceProvider::class,
+        MisterPhilip\MaintenanceMode\MaintenanceCommandServiceProvider::class,
 
         /*
          * Custom service provider

config/database.php

@@ -69,6 +69,7 @@ return [
             'prefix'    => env('DB_PREFIX', null),
             'strict'    => false,
             'engine'    => null,
+            'unix_socket' => env('DB_SOCKET',''),
             'dump_command_path' => env('DB_DUMP_PATH', '/usr/local/bin'),  // only the path, so without 'mysqldump'
             'dump_command_timeout' => 60 * 5, // 5 minute timeout
             'dump_using_single_transaction' => true, // perform dump using a single transaction

config/laravel-backup.php

@@ -142,9 +142,9 @@ return [
             'whenBackupWasSuccessful'     => ['log'],
             'whenCleanupWasSuccessful'    => ['log'],
             'whenHealthyBackupWasFound'   => ['log'],
-            'whenBackupHasFailed'         => ['log', 'mail'],
-            'whenCleanupHasFailed'        => ['log', 'mail'],
-            'whenUnhealthyBackupWasFound' => ['log', 'mail'],
+            'whenBackupHasFailed'         => ['log'],
+            'whenCleanupHasFailed'        => ['log'],
+            'whenUnhealthyBackupWasFound' => ['log'],
         ],
 
         /*

config/permissions.php

@@ -46,19 +46,19 @@ return array(
             'permission' => 'assets.create',
             'label'      => 'Create ',
             'note'       => '',
-            'display'    => false,
+            'display'    => true,
         ),
         array(
             'permission' => 'assets.edit',
-            'label'      => 'Edit ',
+            'label'      => 'Edit  ',
             'note'       => '',
-            'display'    => false,
+            'display'    => true,
         ),
         array(
             'permission' => 'assets.delete',
             'label'      => 'Delete ',
             'note'       => '',
-            'display'    => false,
+            'display'    => true,
         ),
         array(
             'permission' => 'assets.checkout',
@@ -71,7 +71,14 @@ return array(
             'permission' => 'assets.checkin',
             'label'      => 'Checkin ',
             'note'       => '',
-            'display'    => false,
+            'display'    => true,
+        ),
+
+        array(
+            'permission' => 'assets.checkout',
+            'label'      => 'Checkout ',
+            'note'       => '',
+            'display'    => true,
         ),
 
         array(
@@ -88,6 +95,7 @@ return array(
             'note'       => '',
             'display'    => true,
         ),
+
     ),
 
     'Accessories' => array(
@@ -101,31 +109,31 @@ return array(
             'permission' => 'accessory.create',
             'label'      => 'Create ',
             'note'       => '',
-            'display'    => false,
+            'display'    => true,
         ),
         array(
             'permission' => 'accessories.edit',
             'label'      => 'Edit ',
             'note'       => '',
-            'display'    => false,
+            'display'    => true,
         ),
         array(
             'permission' => 'accessories.delete',
             'label'      => 'Delete ',
             'note'       => '',
-            'display'    => false,
+            'display'    => true,
         ),
         array(
             'permission' => 'accessories.checkout',
             'label'      => 'Checkout ',
             'note'       => '',
-            'display'    => false,
+            'display'    => true,
         ),
         array(
             'permission' => 'accessories.checkin',
             'label'      => 'Checkin ',
             'note'       => '',
-            'display'    => false,
+            'display'    => true,
         ),
     ),
 
@@ -140,25 +148,25 @@ return array(
             'permission' => 'consumables.create',
             'label'      => 'Create ',
             'note'       => '',
-            'display'    => false,
+            'display'    => true,
         ),
         array(
             'permission' => 'consumables.edit',
             'label'      => 'Edit ',
             'note'       => '',
-            'display'    => false,
+            'display'    => true,
         ),
         array(
             'permission' => 'consumables.delete',
             'label'      => 'Delete ',
             'note'       => '',
-            'display'    => false,
+            'display'    => true,
         ),
         array(
             'permission' => 'consumables.checkout',
             'label'      => 'Checkout ',
             'note'       => '',
-            'display'    => false,
+            'display'    => true,
         ),
     ),
 
@@ -172,27 +180,27 @@ return array(
         ),
         array(
             'permission' => 'licenses.create',
-            'label'      => 'Create Licenses',
+            'label'      => 'Create ',
             'note'       => '',
-            'display'    => false,
+            'display'    => true,
         ),
         array(
             'permission' => 'licenses.edit',
-            'label'      => 'Edit Licenses',
+            'label'      => 'Edit ',
             'note'       => '',
-            'display'    => false,
+            'display'    => true,
         ),
         array(
             'permission' => 'licenses.delete',
-            'label'      => 'Delete Licenses',
+            'label'      => 'Delete ',
             'note'       => '',
-            'display'    => false,
+            'display'    => true,
         ),
         array(
             'permission' => 'licenses.checkout',
-            'label'      => 'Checkout Licenses',
+            'label'      => 'Checkout ',
             'note'       => '',
-            'display'    => false,
+            'display'    => true,
         ),
         array(
             'permission' => 'licenses.keys',
@@ -212,33 +220,33 @@ return array(
         ),
         array(
             'permission' => 'components.create',
-            'label'      => 'Create Components',
+            'label'      => 'Create ',
             'note'       => '',
-            'display'    => false,
+            'display'    => true,
         ),
         array(
             'permission' => 'components.edit',
-            'label'      => 'Edit Components',
+            'label'      => 'Edit ',
             'note'       => '',
-            'display'    => false,
+            'display'    => true,
         ),
         array(
             'permission' => 'components.delete',
-            'label'      => 'Delete Components',
+            'label'      => 'Delete ',
             'note'       => '',
-            'display'    => false,
+            'display'    => true,
         ),
         array(
             'permission' => 'components.checkout',
-            'label'      => 'Checkout Components',
+            'label'      => 'Checkout ',
             'note'       => '',
-            'display'    => false,
+            'display'    => true,
         ),
         array(
             'permission' => 'components.checkin',
-            'label'      => 'Checkin Components',
+            'label'      => 'Checkin ',
             'note'       => '',
-            'display'    => false,
+            'display'    => true,
         ),
 
     ),
@@ -254,19 +262,19 @@ return array(
             'permission' => 'users.create',
             'label'      => 'Create Users',
             'note'       => '',
-            'display'    => false,
+            'display'    => true,
         ),
         array(
             'permission' => 'users.edit',
             'label'      => 'Edit Users',
             'note'       => '',
-            'display'    => false,
+            'display'    => true,
         ),
         array(
             'permission' => 'users.delete',
             'label'      => 'Delete Users',
             'note'       => '',
-            'display'    => false,
+            'display'    => true,
         ),
 
     ),

config/trustedproxy.php

@@ -0,0 +1,23 @@
+<?php
+
+return [
+
+    /*
+     * Set trusted proxy IP addresses.
+     *
+     * Both IPv4 and IPv6 addresses are
+     * supported, along with CIDR notation.
+     *
+     * The "*" character is syntactic sugar
+     * within TrustedProxy to trust any proxy;
+     * a requirement when you cannot know the address
+     * of your proxy (e.g. if using Rackspace balancers).
+     */
+    'proxies' => env('APP_TRUSTED_PROXIES') !== null ? explode(env('APP_TRUSTED_PROXIES'), ',') : '*',
+
+    /*
+     * Or, to trust all proxies, uncomment this:
+     */
+     # 'proxies' => '*',
+
+];

config/version.php

@@ -1,5 +1,5 @@
 <?php
 return array (
-  'app_version' => 'v3.0.0-dev-3',
-  'hash_version' => 'v3.0.0-dev-3-g6d810a9',
+  'app_version' => 'v3.4.0',
+  'hash_version' => 'v3.4.0-9-g67315d8',
 );

database/migrations/2014_11_04_231416_update_group_field_for_reporting.php

@@ -18,9 +18,9 @@ class UpdateGroupFieldForReporting extends Migration {
 		// 	//
 		// });
 
-    DB::update('update groups set permissions = ? where id = ?', ['{"admin":1,"users":1,"reports":1}', 1]);
+    DB::update('update '.DB::getTablePrefix().'groups set permissions = ? where id = ?', ['{"admin":1,"users":1,"reports":1}', 1]);
 
-    DB::update('update groups set permissions = ? where id = ?', ['{"users":1,"reports":1}', 2]);
+    DB::update('update '.DB::getTablePrefix().'groups set permissions = ? where id = ?', ['{"users":1,"reports":1}', 2]);
 
       // DB::statement('UPDATE '.$prefix.'groups SET permissions="{\"admin\":1,\"users\":1,\"reports\":1}" where id=1');
       // DB::statement('UPDATE '.$prefix.'groups SET permissions="{\"users\":1,\"reports\":1}" where id=2');

database/migrations/2015_06_26_213716_create_asset_maintenances_table.php

@@ -44,9 +44,9 @@
         {
 
             return [
-                Lang::get( 'admin/asset_maintenances/general.maintenance' ),
-                Lang::get( 'admin/asset_maintenances/general.repair' ),
-                Lang::get( 'admin/asset_maintenances/general.upgrade' )
+                trans( 'admin/asset_maintenances/general.maintenance' ),
+                trans( 'admin/asset_maintenances/general.repair' ),
+                trans( 'admin/asset_maintenances/general.upgrade' )
             ];
         }
 

database/migrations/2015_07_09_014359_add_currency_to_settings_and_locations.php

@@ -18,14 +18,14 @@ class AddCurrencyToSettingsAndLocations extends Migration {
 			$table->string('default_currency',10)->nullable()->default(NULL);
 		});
 
-		DB::update('UPDATE `'.DB::getTablePrefix().'settings` SET `default_currency`="'. Lang::get('general.currency').'"');
+		DB::update('UPDATE `'.DB::getTablePrefix().'settings` SET `default_currency`="'. trans('general.currency').'"');
 
 		Schema::table('locations', function(Blueprint $table)
 		{
 			$table->string('currency',10)->nullable()->default(NULL);
 		});
 
-		DB::update('UPDATE `'.DB::getTablePrefix().'locations` SET `currency`="'. Lang::get('general.currency').'"');
+		DB::update('UPDATE `'.DB::getTablePrefix().'locations` SET `currency`="'. trans('general.currency').'"');
 
 
 

database/migrations/2015_07_29_230054_add_thread_id_to_asset_logs_table.php

@@ -2,6 +2,7 @@
 
     use Illuminate\Database\Schema\Blueprint;
     use Illuminate\Database\Migrations\Migration;
+    use App\Models\Actionlog;
 
     class AddThreadIdToAssetLogsTable extends Migration
     {

database/migrations/2016_06_22_160725_add_user_id_to_maintenances.php

@@ -0,0 +1,31 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class AddUserIdToMaintenances extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('asset_maintenances', function (Blueprint $table) {
+            $table->integer('user_id')->nullable()->default(NULL);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('asset_maintenances', function ($table) {
+            $table->dropColumn('user_id');
+        });
+    }
+}

database/migrations/2016_07_13_150015_add_is_ad_to_settings.php

@@ -0,0 +1,31 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class AddIsAdToSettings extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('settings', function (Blueprint $table) {
+            $table->boolean('is_ad')->default(0);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('settings', function ($table) {
+            $table->dropColumn('is_ad');
+        });
+    }
+}

database/migrations/2016_07_14_153609_add_ad_domain_to_settings.php

@@ -0,0 +1,31 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class AddAdDomainToSettings extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('settings', function (Blueprint $table) {
+            $table->string('ad_domain')->nullable()->default(NULL);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('settings', function ($table) {
+            $table->dropColumn('ad_domain');
+        });
+    }
+}

database/migrations/2016_07_22_003348_fix_custom_fields_regex_stuff.php

@@ -0,0 +1,78 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class FixCustomFieldsRegexStuff extends Migration
+{
+    /**
+     * Run the migrations.
+     * "ANY" => "",
+     * "ALPHA" => "alpha",
+     * "EMAIL" => "email",
+     * "DATE" => "date",
+     *  "URL" => "url",
+     * "NUMERIC" => "numeric",
+     * "MAC" => "regex:/^[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}$/",
+     * "IP" => "ip"
+     *
+     * @return void
+     */
+    public function up()
+    {
+        foreach(\App\Models\CustomField::all() as $custom_field) {
+
+            // Handle alphanumeric
+            if (stripos($custom_field->format, 'ALPHA') !== false) {
+                $custom_field->format='alpha';
+
+            // Numeric
+            } elseif (stripos($custom_field->format, 'NUMERIC') !== false) {
+                $custom_field->format='numeric';
+
+            // IP
+            } elseif (stripos($custom_field->format, 'IP') !== false) {
+                $custom_field->format='ip';
+
+            // Email
+            } elseif (stripos($custom_field->format, 'EMAIL') !== false) {
+                $custom_field->format='email';
+
+            // MAC
+            } elseif (stripos($custom_field->format, 'regex:/^[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}$/') !== false) {
+                $custom_field->format='regex:/^[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}$/';
+
+            // Date
+            } elseif (stripos($custom_field->format, 'DATE') !== false) {
+                $custom_field->format='date';
+
+
+            // URL
+            } elseif (stripos($custom_field->format, 'URL') !== false) {
+                $custom_field->format='url';
+
+            // ANY
+            } elseif (stripos($custom_field->format, 'ANY') !== false) {
+                $custom_field->format='';
+
+            // Fix any custom regexes
+            } else {
+                $tmp_custom = str_replace('regex:/^', '', $custom_field->format);
+                $tmp_custom = str_replace('$/', '', $tmp_custom);
+                $custom_field->format = 'regex:/^'.$tmp_custom.'$/';
+            }
+
+            $custom_field->save();
+        }
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        //
+    }
+}

database/migrations/2016_07_22_054850_one_more_mac_addr_fix.php

@@ -0,0 +1,34 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class OneMoreMacAddrFix extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        foreach(\App\Models\CustomField::all() as $custom_field) {
+
+            if ($custom_field->format=='regex:/^MAC$/') {
+                $custom_field->format = 'regex:/^[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}:[a-fA-F0-9]{2}$/';
+            }
+            $custom_field->save();
+
+        }
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        //
+    }
+}

database/migrations/2016_07_22_143045_add_port_to_ldap_settings.php

@@ -0,0 +1,31 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class AddPortToLdapSettings extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('settings', function (Blueprint $table) {
+            $table->string('ldap_port', 5)->default('389');
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('settings', function ($table) {
+            $table->dropColumn('ldap_port');
+        });
+    }
+}

database/migrations/2016_07_22_153432_add_tls_to_ldap_settings.php

@@ -0,0 +1,31 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class AddTlsToLdapSettings extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('settings', function (Blueprint $table) {
+            $table->boolean('ldap_tls')->default(0);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('settings', function ($table) {
+            $table->dropColumn('ldap_tls');
+        });
+    }
+}

database/migrations/2016_07_27_211034_add_zerofill_to_settings.php

@@ -0,0 +1,31 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class AddZerofillToSettings extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('settings', function (Blueprint $table) {
+            $table->integer('zerofill_count')->default(5);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('settings', function ($table) {
+            $table->dropColumn('zerofill_count');
+        });
+    }
+}

database/migrations/2016_08_02_124944_add_color_to_statuslabel.php

@@ -0,0 +1,31 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class AddColorToStatuslabel extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('status_labels', function (Blueprint $table) {
+            $table->string('color', 10)->nullable()->default(NULL);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('status_labels', function ($table) {
+            $table->dropColumn('color');
+        });
+    }
+}

database/migrations/2016_08_04_134500_add_disallow_ldap_pw_sync_to_settings.php

@@ -0,0 +1,31 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class AddDisallowLdapPwSyncToSettings extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('settings', function (Blueprint $table) {
+            $table->boolean('ldap_pw_sync')->default(1);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('settings', function ($table) {
+            $table->dropColumn('ldap_pw_sync');
+        });
+    }
+}

database/migrations/2016_08_09_002225_add_manufacturer_to_licenses.php

@@ -0,0 +1,32 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class AddManufacturerToLicenses extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('licenses', function (Blueprint $table) {
+            //
+            $table->integer('manufacturer_id')->nullable();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('licenses', function (Blueprint $table) {
+            //
+        });
+    }
+}

database/migrations/2016_08_12_121613_add_manufacturer_to_accessories_table.php

@@ -0,0 +1,33 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class AddManufacturerToAccessoriesTable extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('accessories', function (Blueprint $table) {
+            //
+            $table->integer('manufacturer_id')->nullable();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('accessories', function (Blueprint $table) {
+            //
+            $table->dropColumn('manufacturer_id');
+        });
+    }
+}

database/migrations/2016_08_23_143353_add_new_fields_to_custom_fields.php

@@ -0,0 +1,34 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class AddNewFieldsToCustomFields extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('custom_fields', function (Blueprint $table) {
+            //
+            $table->string('field_values')->nullable()->default(null);
+            $table->boolean('field_encrypted')->default(0);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('custom_fields', function (Blueprint $table) {
+            //
+            $table->dropColumn('field_values', 'field_encrypted');
+        });
+    }
+}

database/migrations/2016_08_23_145619_add_show_in_nav_to_status_labels.php

@@ -0,0 +1,31 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class AddShowInNavToStatusLabels extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('status_labels', function (Blueprint $table) {
+            $table->boolean('show_in_nav')->default(0);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('status_labels', function (Blueprint $table) {
+            $table->dropColumn('show_in_nav', 'field_encrypted');
+        });
+    }
+}

database/migrations/2016_08_30_084634_make_purchase_cost_nullable.php

@@ -0,0 +1,29 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class MakePurchaseCostNullable extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('assets', function ($table) {
+            $table->decimal('purchase_cost',8,2)->nullable()->default(null)->change();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        //
+    }
+}

docker.env

@@ -22,3 +22,5 @@ APP_KEY=Y5hJeC7x1i7OxhDrvrQPlB9KvCorvRdO
 APP_URL=http://127.0.0.1:32782
 APP_TIMEZONE=US/Pacific
 APP_LOCALE=en
+
+ALLOW_IFRAMING=false

docker/001-default-ssl.conf

@@ -50,7 +50,7 @@
 		#   when the CA certificates are directly appended to the server
 		#   certificate for convinience.
 		#SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt
-		SSLCertificateChainFile /etc/ssl/private/snipeit-ssl.crt
+		SSLCertificateChainFile /var/lib/snipeit/ssl/snipeit-ssl.crt
 
 		#   Certificate Authority (CA):
 		#   Set the CA certificate verification path where to find CA