Merge branch 'develop'

Bumped version
2017-10-03 05:16:11 -07:00 · 2017-10-03 05:15:52 -07:00 · 2017-10-03 02:05:47 -07:00 · 2017-10-03 02:05:22 -07:00 · 2017-10-02 21:58:17 -07:00 · 2017-10-02 21:55:25 -07:00
476 changed files with 7745 additions and 4664 deletions
@@ -728,6 +728,33 @@
      "contributions": [
        "code"
      ]
+    },
+    {
+      "login": "imanghafoori1",
+      "name": "Iman",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/6961695?v=4",
+      "profile": "https://github.com/imanghafoori1",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "richardhofman6",
+      "name": "Richard Hofman",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/6551003?v=4",
+      "profile": "https://github.com/richardhofman6",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "gizzmojr",
+      "name": "gizzmojr",
+      "avatar_url": "https://avatars0.githubusercontent.com/u/3697569?v=4",
+      "profile": "https://github.com/gizzmojr",
+      "contributions": [
+        "code"
+      ]
    }
  ]
 }
@@ -19,6 +19,8 @@ DB_USERNAME=null
 DB_PASSWORD=null
 DB_PREFIX=null
 DB_DUMP_PATH='/usr/bin'
+DB_CHARSET=utf8mb4
+DB_COLLATION=utf8mb4_unicode_ci

 # --------------------------------------------
 # OPTIONAL: SSL DATABASE SETTINGS
@@ -63,6 +65,13 @@ COOKIE_DOMAIN=null
 SECURE_COOKIES=false


+# --------------------------------------------
+# OPTIONAL: SECURITY HEADER SETTINGS
+# --------------------------------------------
+REFERRER_POLICY=same-origin
+ENABLE_CSP=false
+
+
 # --------------------------------------------
 # OPTIONAL: CACHE SETTINGS
 # --------------------------------------------
@@ -12,20 +12,27 @@

 #### Please confirm you have done the following before posting your bug report:

- [ ] I have enabled debug mode
+- [ ] I have enabled debug mode 
 - [ ] I have read [checked the Common Issues page](https://snipe-it.readme.io/docs/common-issues)

 -----
-#### Please provide answers to these questions before posting your bug report:
+#### Provide answers to these questions:

+- Is this a fresh install or an upgrade? 
 - Version of Snipe-IT you're running
+- Version of PHP you're running
+- Version of MySQL/MariaDB you're running
 - What OS and web server you're running Snipe-IT on
 - What method you used to install Snipe-IT (install.sh, manual installation, docker, etc)
 - WITH DEBUG TURNED ON, if you're getting an error in your browser, include that error
 - What specific Snipe-IT page you're on, and what specific element you're interacting with to trigger the error
 - If a stacktrace is provided in the error, include that too.
 - Any errors that appear in your browser's error console.
- Confirm whether the error is [reproduceable on the demo](https://snipeitapp.com/demo).
+- Confirm whether the error is reproduceable on the demo: https://snipeitapp.com/demo.
 - Include any additional information you can find in `app/storage/logs` and your webserver's logs.
 - Include what you've done so far in the installation, and if you got any error messages along the way.
 - Indicate whether or not you've manually edited any data directly in the database
+
+Please do not post an issue without answering the related questions above. If you have opened a different issue and already answered these questions, answer them again, once for every ticket. It will be next to impossible for us to help you.
+
+https://snipe-it.readme.io/docs/getting-help
@@ -43,7 +43,7 @@ before_script:
 # use the $DB env variable to determine the phpunit.xml to use
 # script: ./vendor/bin/codecept run --env testing-ci
 script:
-  - ./vendor/bin/codecept run unit --env testing-ci
+  - ./vendor/bin/codecept run unit
 #  - ./vendor/bin/codecept run acceptance --env=testing-ci
  - ./vendor/bin/codecept run functional --env=functional-travis
 #script: ./vendor/bin/codecept run
@@ -1,5 +1,5 @@
 [![Build Status](https://travis-ci.org/snipe/snipe-it.svg?branch=develop)](https://travis-ci.org/snipe/snipe-it) [![Stories in Ready](https://badge.waffle.io/snipe/snipe-it.png?label=ready+for+dev&amp;title=Ready+for+development)](http://waffle.io/snipe/snipe-it) [![Maintenance](https://img.shields.io/maintenance/yes/2017.svg)]() [![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.png)](https://crowdin.com/project/snipe-it) [![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/snipe/snipe-it?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeyhead.svg?style=social)](https://twitter.com/snipeyhead) [![Zenhub](https://raw.githubusercontent.com/ZenHubIO/support/master/zenhub-badge.png)](https://zenhub.io) [![Codacy Badge](https://api.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://www.codacy.com/app/snipe/snipe-it?utm_source=github.com&amp;utm_medium=referral&amp;utm_content=snipe/snipe-it&amp;utm_campaign=Badge_Grade)
-[![All Contributors](https://img.shields.io/badge/all_contributors-78-orange.svg?style=flat-square)](#contributors)
+[![All Contributors](https://img.shields.io/badge/all_contributors-81-orange.svg?style=flat-square)](#contributors)


 ## Snipe-IT - Open Source Asset Management System
@@ -67,7 +67,7 @@ Thanks goes to all of these wonderful people ([emoji key](https://github.com/ken
 | [<img src="https://avatars0.githubusercontent.com/u/8341172?v=3" width="110px;"/><br /><sub>Jay Richards</sub>](http://www.cordeos.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=technogenus "Code") | [<img src="https://avatars2.githubusercontent.com/u/7295127?v=3" width="110px;"/><br /><sub>Alexander Innes</sub>](https://necurity.co.uk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=leostat "Code") | [<img src="https://avatars2.githubusercontent.com/u/334485?v=3" width="110px;"/><br /><sub>Danny Garcia</sub>](https://buzzedword.codes)<br />[💻](https://github.com/snipe/snipe-it/commits?author=buzzedword "Code") | [<img src="https://avatars2.githubusercontent.com/u/366855?v=3" width="110px;"/><br /><sub>archpoint</sub>](https://github.com/archpoint)<br />[💻](https://github.com/snipe/snipe-it/commits?author=archpoint "Code") | [<img src="https://avatars1.githubusercontent.com/u/67991?v=3" width="110px;"/><br /><sub>Jake McGraw</sub>](http://www.jakemcgraw.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jakemcgraw "Code") | [<img src="https://avatars1.githubusercontent.com/u/1714374?v=3" width="110px;"/><br /><sub>FleischKarussel</sub>](https://github.com/FleischKarussel)<br />[📖](https://github.com/snipe/snipe-it/commits?author=FleischKarussel "Documentation") | [<img src="https://avatars3.githubusercontent.com/u/319644?v=3" width="110px;"/><br /><sub>Dylan Yi</sub>](https://github.com/feeva)<br />[💻](https://github.com/snipe/snipe-it/commits?author=feeva "Code") |
 | [<img src="https://avatars2.githubusercontent.com/u/857740?v=3" width="110px;"/><br /><sub>Gil Rutkowski</sub>](http://FlashingCursor.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=flashingcursor "Code") | [<img src="https://avatars3.githubusercontent.com/u/129360?v=3" width="110px;"/><br /><sub>Desmond Morris</sub>](http://www.desmondmorris.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=desmondmorris "Code") | [<img src="https://avatars2.githubusercontent.com/u/52936?v=3" width="110px;"/><br /><sub>Nick Peelman</sub>](http://peelman.us)<br />[💻](https://github.com/snipe/snipe-it/commits?author=peelman "Code") | [<img src="https://avatars0.githubusercontent.com/u/53161?v=3" width="110px;"/><br /><sub>Abraham Vegh</sub>](https://abrahamvegh.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=abrahamvegh "Code") | [<img src="https://avatars0.githubusercontent.com/u/2818680?v=3" width="110px;"/><br /><sub>Mohamed Rashid</sub>](https://github.com/rashivkp)<br />[📖](https://github.com/snipe/snipe-it/commits?author=rashivkp "Documentation") | [<img src="https://avatars3.githubusercontent.com/u/1509456?v=3" width="110px;"/><br /><sub>Kasey</sub>](http://hinchk.github.io)<br />[💻](https://github.com/snipe/snipe-it/commits?author=HinchK "Code") | [<img src="https://avatars2.githubusercontent.com/u/10522541?v=3" width="110px;"/><br /><sub>Brett</sub>](https://github.com/BrettFagerlund)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=BrettFagerlund "Tests") |
 | [<img src="https://avatars2.githubusercontent.com/u/16108587?v=3" width="110px;"/><br /><sub>Jason Spriggs</sub>](http://jasonspriggs.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jasonspriggs "Code") | [<img src="https://avatars2.githubusercontent.com/u/1134568?v=3" width="110px;"/><br /><sub>Nate Felton</sub>](http://n8felton.wordpress.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=n8felton "Code") | [<img src="https://avatars2.githubusercontent.com/u/14036694?v=3" width="110px;"/><br /><sub>Manasses Ferreira</sub>](http://homepages.dcc.ufmg.br/~manassesferreira)<br />[💻](https://github.com/snipe/snipe-it/commits?author=manassesferreira "Code") | [<img src="https://avatars0.githubusercontent.com/u/15913949?v=3" width="110px;"/><br /><sub>Steve</sub>](https://github.com/steveelwood)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=steveelwood "Tests") | [<img src="https://avatars1.githubusercontent.com/u/3361683?v=3" width="110px;"/><br /><sub>matc</sub>](http://twitter.com/matc)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=matc "Tests") | [<img src="https://avatars3.githubusercontent.com/u/7405702?v=3" width="110px;"/><br /><sub>Cole R. Davis</sub>](http://www.davisracingteam.com)<br />[⚠️](https://github.com/snipe/snipe-it/commits?author=VanillaNinjaD "Tests") | [<img src="https://avatars2.githubusercontent.com/u/10167681?v=3" width="110px;"/><br /><sub>gibsonjoshua55</sub>](https://github.com/gibsonjoshua55)<br />[💻](https://github.com/snipe/snipe-it/commits?author=gibsonjoshua55 "Code") |
-| [<img src="https://avatars2.githubusercontent.com/u/2809241?v=4" width="110px;"/><br /><sub>Robin Temme</sub>](https://github.com/zwerch)<br />[💻](https://github.com/snipe/snipe-it/commits?author=zwerch "Code") |
+| [<img src="https://avatars2.githubusercontent.com/u/2809241?v=4" width="110px;"/><br /><sub>Robin Temme</sub>](https://github.com/zwerch)<br />[💻](https://github.com/snipe/snipe-it/commits?author=zwerch "Code") | [<img src="https://avatars0.githubusercontent.com/u/6961695?v=4" width="110px;"/><br /><sub>Iman</sub>](https://github.com/imanghafoori1)<br />[💻](https://github.com/snipe/snipe-it/commits?author=imanghafoori1 "Code") | [<img src="https://avatars1.githubusercontent.com/u/6551003?v=4" width="110px;"/><br /><sub>Richard Hofman</sub>](https://github.com/richardhofman6)<br />[💻](https://github.com/snipe/snipe-it/commits?author=richardhofman6 "Code") | [<img src="https://avatars0.githubusercontent.com/u/3697569?v=4" width="110px;"/><br /><sub>gizzmojr</sub>](https://github.com/gizzmojr)<br />[💻](https://github.com/snipe/snipe-it/commits?author=gizzmojr "Code") |
 <!-- ALL-CONTRIBUTORS-LIST:END -->

 This project follows the [all-contributors](https://github.com/kentcdodds/all-contributors) specification. Contributions of any kind welcome!
@@ -76,7 +76,7 @@ This project follows the [all-contributors](https://github.com/kentcdodds/all-co

 ### Contributing

-Please see the documentation on [contributing and developing for Snipe-IT](https://snipe-it.readme.io/docs/contributing).
+Please see the documentation on [contributing and developing for Snipe-IT](https://snipe-it.readme.io/docs/contributing-overview).


 Please note that this project is released with a [Contributor Code of Conduct](CODE_OF_CONDUCT.md). By participating in this project you agree to abide by its terms.
@@ -78,12 +78,7 @@ class ObjectImportCommand extends Command

        $logFile = $this->option('logfile');
        \Log::useFiles($logFile);
-        if ($this->option('testrun')) {
-            $this->comment('====== TEST ONLY Item Import for '.$filename.' ====');
-            $this->comment('============== NO DATA WILL BE WRITTEN ==============');
-        } else {
-            $this->comment('======= Importing Items from '.$filename.' =========');
-        }
+        $this->comment('======= Importing Items from '.$filename.' =========');
        $importer->import();

        $this->bar = null;
@@ -47,6 +47,7 @@ class RecryptFromMcrypt extends Command
        // Check and see if they have a legacy app key listed in their .env
        // If not, we can try to use the current APP_KEY if looks like it's old
        $legacy_key = env('LEGACY_APP_KEY');
+        $key_parts = explode(':', $legacy_key);
        $errors = array();

        if (!$legacy_key) {
@@ -54,11 +55,23 @@ class RecryptFromMcrypt extends Command
            return false;
        }

-        // Check that the app key is 32 characters
+
+        // Do some basic legacy app key length checks
        if (strlen($legacy_key) == 32) {
-            $this->comment('INFO: Your LEGACY_APP_KEY is 32 characters. Okay to continue.');
+            $legacy_length_check = true;
+        } elseif (array_key_exists('1', $key_parts) && (strlen($key_parts[1])==44)) {
+            $legacy_length_check = true;
        } else {
-            $this->error('ERROR: Your LEGACY_APP_KEY is not the correct length (32 characters). Please locate your old APP_KEY and use that as your LEGACY_APP_KEY in your .env file to continue.');
+            $legacy_length_check = false;
+        }
+   
+
+
+        // Check that the app key is 32 characters
+        if ($legacy_length_check === true) {
+            $this->comment('INFO: Your LEGACY_APP_KEY looks correct. Okay to continue.');
+        } else {
+            $this->error('ERROR: Your LEGACY_APP_KEY is not the correct length (32 characters or base64 followed by 44 characters for later versions). Please locate your old APP_KEY and use that as your LEGACY_APP_KEY in your .env file to continue.');
            return false;
        }

@@ -34,6 +34,7 @@ class Handler extends ExceptionHandler
     */
    public function report(Exception $exception)
    {
+        \Log::error($exception); // rollbar
        parent::report($exception);
    }

@@ -274,7 +274,7 @@ class AccessoriesController extends Controller
        $data['note'] = $logaction->note;
        $data['require_acceptance'] = $accessory->requireAcceptance();
        // TODO: Port this to new mail notifications
-        if (($accessory->requireAcceptance()=='1')  || ($accessory->getEula())) {
+        if ((($accessory->requireAcceptance()=='1')  || ($accessory->getEula())) && ($user->email!='')) {

            Mail::send('emails.accept-accessory', $data, function ($m) use ($user) {
                $m->to($user->email, $user->first_name . ' ' . $user->last_name);
@@ -351,7 +351,7 @@ class AccessoriesController extends Controller
            $data['item_tag'] = '';
            $data['note'] = e($logaction->note);

-            if (($accessory->checkin_email()=='1')) {
+            if ((($accessory->checkin_email()=='1')) && ($user->email!='')) {

                Mail::send('emails.checkin-asset', $data, function ($m) use ($user) {
                    $m->to($user->email, $user->first_name . ' ' . $user->last_name);
@@ -129,9 +129,8 @@ class AccessoriesController extends Controller
    {
        $this->authorize('view', Accessory::class);
        $accessory = Accessory::findOrFail($id)->with('users')->first();
-        $accessories_users = $accessory->users;
-        $total = $accessories_users->count();
-        return (new AccessoriesTransformer)->transformCheckedoutAccessories($accessories_users, $total);
+        $total = $accessory->users->count();
+        return (new AccessoriesTransformer)->transformCheckedoutAccessory($accessory, $total);
    }


@@ -2,9 +2,11 @@

 namespace App\Http\Controllers\Api;

-use Illuminate\Http\Request;
 use App\Http\Controllers\Controller;
+use App\Http\Transformers\CustomFieldsTransformer;
+use App\Models\CustomField;
 use App\Models\CustomFieldset;
+use Illuminate\Http\Request;

 class CustomFieldsController extends Controller
 {
@@ -16,6 +18,15 @@ class CustomFieldsController extends Controller
     * @since [v3.0]
     * @return Array
     */
+
+    public function index()
+    {
+        $this->authorize('index', CustomFields::class);
+        $fields = CustomField::get();
+
+        $total = count($fields);
+        return (new CustomFieldsTransformer)->transformCustomFields($fields, $total);
+    }
    public function postReorder(Request $request, $id)
    {
        $fieldset = CustomFieldset::find($id);
@@ -73,7 +73,7 @@ class GroupsController extends Controller
    {
        $this->authorize('view', Group::class);
        $group = Group::findOrFail($id);
-        return $group;
+        return (new GroupsTransformer)->transformGroup($group);
    }


@@ -13,6 +13,7 @@ use Illuminate\Support\Facades\Input;
 use Illuminate\Support\Facades\Session;
 use League\Csv\Reader;
 use Symfony\Component\HttpFoundation\File\Exception\FileException;
+use Artisan;

 class ImportController extends Controller
 {
@@ -94,6 +95,8 @@ class ImportController extends Controller
    public function process(ItemImportRequest $request, $import_id)
    {
        $this->authorize('create', Asset::class);
+        // Run a backup immediately before processing
+        Artisan::call('backup:run');
        $errors = $request->import(Import::find($import_id));
        $redirectTo = "hardware.index";
        switch ($request->get('import-type')) {
@@ -23,7 +23,7 @@ class LocationsController extends Controller
        $allowed_columns = ['id','name','address','address2','city','state','country','zip','created_at',
        'updated_at','parent_id', 'manager_id'];

-        $locations = Location::select([
+        $locations = Location::with('parent', 'manager', 'childLocations')->select([
            'locations.id',
            'locations.name',
            'locations.address',
@@ -37,7 +37,10 @@ class LocationsController extends Controller
            'locations.created_at',
            'locations.updated_at',
            'locations.currency'
-        ])->withCount('assets')->withCount('users');
+        ])->withCount('locationAssets')
+        ->withCount('assignedAssets')
+        ->withCount('assets')
+        ->withCount('users');

        if ($request->has('search')) {
            $locations = $locations->TextSearch($request->input('search'));
@@ -52,7 +55,6 @@ class LocationsController extends Controller
        $total = $locations->count();
        $locations = $locations->skip($offset)->take($limit)->get();
        return (new LocationsTransformer)->transformLocations($locations, $total);
-
    }


@@ -74,7 +76,6 @@ class LocationsController extends Controller
            return response()->json(Helper::formatStandardApiResponse('success', (new LocationsTransformer)->transformLocation($location), trans('admin/locations/message.create.success')));
        }
        return response()->json(Helper::formatStandardApiResponse('error', null, $location->getErrors()));
-
    }

    /**
@@ -109,7 +110,13 @@ class LocationsController extends Controller
        $location->fill($request->all());

        if ($location->save()) {
-            return response()->json(Helper::formatStandardApiResponse('success',  (new LocationsTransformer)->transformLocation($location), trans('admin/locations/message.update.success')));
+            return response()->json(
+                Helper::formatStandardApiResponse(
+                    'success',
+                    (new LocationsTransformer)->transformLocation($location),
+                    trans('admin/locations/message.update.success')
+                )
+            );
        }

        return response()->json(Helper::formatStandardApiResponse('error', null, $location->getErrors()));
@@ -129,7 +136,6 @@ class LocationsController extends Controller
        $location = Location::findOrFail($id);
        $this->authorize('delete', $location);
        $location->delete();
-        return response()->json(Helper::formatStandardApiResponse('success', null,  trans('admin/locations/message.delete.success')));
-
+        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/locations/message.delete.success')));
    }
 }
@@ -52,6 +52,12 @@ class UsersController extends Controller
            $users = $users->TextSearch($request->input('search'));
        }

+
+        if (($request->has('deleted')) && ($request->input('deleted')=='true')) {
+            $users = $users->GetDeleted();
+        }
+
+
        if ($request->has('company_id')) {
            $users = $users->where('company_id', '=', $request->input('company_id'));
        }
@@ -82,7 +82,7 @@ class AssetModelsController extends Controller
        $model->manufacturer_id     = $request->input('manufacturer_id');
        $model->category_id         = $request->input('category_id');
        $model->notes               = $request->input('notes');
-        $model->user_id             = Auth::guard('api')->user();
+        $model->user_id             = Auth::id();
        $model->requestable         = Input::has('requestable');

        if ($request->input('custom_fieldset')!='') {
@@ -75,7 +75,7 @@ class AssetsController extends Controller
        } else {
            $company = null;
        }
-        return view('hardware/index')->with('company',$company);
+        return view('hardware/index')->with('company', $company);
    }

    /**
@@ -94,7 +94,6 @@ class AssetsController extends Controller
        }
        $this->authorize('view', $asset);
        return redirect()->route('hardware.show', $asset->id)->with('topsearch', $topsearch);
-
    }

    /**
@@ -126,9 +125,7 @@ class AssetsController extends Controller
        if ($request->has('model_id')) {
            $selected_model = AssetModel::find($request->input('model_id'));
            $view->with('selected_model', $selected_model);
-        } else {
        }
-
        return $view;
    }

@@ -168,7 +165,6 @@ class AssetsController extends Controller

        // Create the image (if one was chosen.)
        if (Input::has('image')) {
-
            $image = Input::get('image');

            // After modification, the image is prefixed by mime info like the following:
@@ -201,7 +197,6 @@ class AssetsController extends Controller
                    ->put('default', $messageBag));
                return response()->json(['image' => $e->getMessage()], 422);
            }
-
        }


@@ -211,31 +206,26 @@ class AssetsController extends Controller
        // Need to investigate and fix. Using static method for now.
        $model = AssetModel::find($request->get('model_id'));

-
-
        if ($model->fieldset) {
            foreach ($model->fieldset->fields as $field) {
-
                if ($field->field_encrypted=='1') {
                    if (Gate::allows('admin')) {
                        $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt($request->input($field->convertUnicodeDbSlug()));
                    }
-
                } else {
                    $asset->{$field->convertUnicodeDbSlug()} = $request->input($field->convertUnicodeDbSlug());
                }
-
            }
        }

            // Was the asset created?
        if ($asset->save()) {
            $asset->logCreate();
-            if(request('assigned_user')) {
+            if (request('assigned_user')) {
                $target = User::find(request('assigned_user'));
-            } elseif(request('assigned_asset')) {
+            } elseif (request('assigned_asset')) {
                $target = Asset::find(request('assigned_asset'));
-            } elseif(request('assigned_location')) {
+            } elseif (request('assigned_location')) {
                $target = Location::find(request('assigned_location'));
            }
            if (isset($target)) {
@@ -268,15 +258,15 @@ class AssetsController extends Controller
        $this->authorize($item);

        return view('hardware/edit', compact('item'))
-        ->with('model_list', Helper::modelList())
-        ->with('supplier_list', Helper::suppliersList())
-        ->with('company_list', Helper::companyList())
-        ->with('locations_list', Helper::locationsList())
-        ->with('statuslabel_list', Helper::statusLabelList())
-        ->with('assigned_to', Helper::usersList())
-        ->with('manufacturer', Helper::manufacturerList())
-        ->with('statuslabel_types', Helper::statusTypeList())
-        ->with('category', Helper::categoryList('asset'));
+            ->with('model_list', Helper::modelList())
+            ->with('supplier_list', Helper::suppliersList())
+            ->with('company_list', Helper::companyList())
+            ->with('locations_list', Helper::locationsList())
+            ->with('statuslabel_list', Helper::statusLabelList())
+            ->with('assigned_to', Helper::usersList())
+            ->with('manufacturer', Helper::manufacturerList())
+            ->with('statuslabel_types', Helper::statusTypeList())
+            ->with('category', Helper::categoryList('asset'));
    }


@@ -291,7 +281,6 @@ class AssetsController extends Controller

    public function update(AssetRequest $request, $assetId = null)
    {
-
        // Check if the asset exists
        if (!$asset = Asset::find($assetId)) {
            // Redirect to the asset management page with error
@@ -369,7 +358,6 @@ class AssetsController extends Controller
                    if (Gate::allows('admin')) {
                        $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt(e($request->input($field->convertUnicodeDbSlug())));
                    }
-
                } else {
                    $asset->{$field->convertUnicodeDbSlug()} = $request->input($field->convertUnicodeDbSlug());
                }
@@ -385,7 +373,6 @@ class AssetsController extends Controller
        \Input::flash();
        \Session::flash('errors', $asset->getErrors());
        return response()->json(['errors' => $asset->getErrors()], 500);
-
    }

    /**
@@ -407,11 +394,18 @@ class AssetsController extends Controller
        $this->authorize('delete', $asset);

        DB::table('assets')
-        ->where('id', $asset->id)
-        ->update(array('assigned_to' => null));
+            ->where('id', $asset->id)
+            ->update(array('assigned_to' => null));

        $asset->delete();

+        $logaction = new Actionlog();
+        $logaction->item_type = Asset::class;
+        $logaction->item_id = $asset->id;
+        $logaction->created_at =  date("Y-m-d H:i:s");
+        $logaction->user_id = Auth::user()->id;
+        $log = $logaction->logaction('deleted');
+
        // Redirect to the asset management page
        return redirect()->route('hardware.index')->with('success', trans('admin/hardware/message.delete.success'));
    }
@@ -440,7 +434,6 @@ class AssetsController extends Controller
            ->with('users_list', Helper::usersList())
            ->with('assets_list', Helper::assetsList())
            ->with('locations_list', Helper::locationsList());
-
    }

    /**
@@ -462,11 +455,11 @@ class AssetsController extends Controller
        }
        $this->authorize('checkout', $asset);

-        if(request('assigned_user')) {
+        if (request('assigned_user')) {
            $target = User::find(request('assigned_user'));
-        } elseif(request('assigned_asset')) {
+        } elseif (request('assigned_asset')) {
            $target = Asset::find(request('assigned_asset'));
-        } elseif(request('assigned_location')) {
+        } elseif (request('assigned_location')) {
            $target = Location::find(request('assigned_location'));
        }
        // $user = User::find(Input::get('assigned_to'));
@@ -512,7 +505,6 @@ class AssetsController extends Controller

        $this->authorize('checkin', $asset);
        return view('hardware/checkin', compact('asset'))->with('statusLabel_list', Helper::statusLabelList())->with('backto', $backto);
-
    }


@@ -537,7 +529,7 @@ class AssetsController extends Controller
        $this->authorize('checkin', $asset);

        $admin = Auth::user();
-        if($asset->assignedType() == Asset::USER) {
+        if ($asset->assignedType() == Asset::USER) {
            $user = $asset->assignedTo;
        }
        if (is_null($target = $asset->assignedTo)) {
@@ -576,7 +568,7 @@ class AssetsController extends Controller
            }

            if ($backto=='user') {
-                return redirect()->to("admin/users/".$user->id.'/view')->with('success', trans('admin/hardware/message.checkin.success'));
+                return redirect()->route("users.show", $user->id)->with('success', trans('admin/hardware/message.checkin.success'));
            }
            return redirect()->route("hardware.index")->with('success', trans('admin/hardware/message.checkin.success'));
        }
@@ -600,15 +592,16 @@ class AssetsController extends Controller
        $asset = Asset::withTrashed()->find($assetId);
        $this->authorize('view', $asset);
        $settings = Setting::getSettings();
-        $audit_log = Actionlog::where('action_type','=','audit')->where('item_id','=',$assetId)->where('item_type','=',Asset::class)->orderBy('created_at','DESC')->first();
+        $audit_log = Actionlog::where('action_type', '=', 'audit')
+            ->where('item_id', '=', $assetId)
+            ->where('item_type', '=', Asset::class)
+            ->orderBy('created_at', 'DESC')->first();


        if (isset($asset)) {
-
            if (!is_null($asset->assetloc)) {
                $use_currency = $asset->assetloc->currency;
            } else {
-
                if ($settings->default_currency!='') {
                    $use_currency = $settings->default_currency;
                } else {
@@ -622,7 +615,7 @@ class AssetsController extends Controller
            );

            return view('hardware/view', compact('asset', 'qr_code', 'settings'))
-                ->with('use_currency', $use_currency)->with('audit_log',$audit_log);
+                ->with('use_currency', $use_currency)->with('audit_log', $audit_log);
        }

        return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist', compact('id')));
@@ -643,10 +636,9 @@ class AssetsController extends Controller
        if ($settings->qr_code == '1') {
            $asset = Asset::find($assetId);
            $size = Helper::barcodeDimensions($settings->barcode_type);
-            $qr_file = public_path().'/uploads/barcodes/qr-'.str_slug($asset->asset_tag).'.png';
-
-            if (isset($asset->id,$asset->asset_tag)) {
+            $qr_file = public_path().'/uploads/barcodes/qr-'.str_slug($asset->asset_tag).'-'.str_slug($asset->id).'.png';

+            if (isset($asset->id, $asset->asset_tag)) {
                if (file_exists($qr_file)) {
                    $header = ['Content-type' => 'image/png'];
                    return response()->file($qr_file, $header);
@@ -658,7 +650,6 @@ class AssetsController extends Controller
                }
            }
        }
-
    }


@@ -676,8 +667,7 @@ class AssetsController extends Controller
        $asset = Asset::find($assetId);
        $barcode_file = public_path().'/uploads/barcodes/'.str_slug($settings->alt_barcode).'-'.str_slug($asset->asset_tag).'.png';

-        if (isset($asset->id,$asset->asset_tag)) {
-
+        if (isset($asset->id, $asset->asset_tag)) {
            if (file_exists($barcode_file)) {
                $header = ['Content-type' => 'image/png'];
                return response()->file($barcode_file, $header);
@@ -688,7 +678,6 @@ class AssetsController extends Controller
                return response($barcode_obj->getPngData())->header('Content-type', 'image/png');
            }
        }
-
    }

    /**
@@ -755,7 +744,6 @@ class AssetsController extends Controller
     */
    public function postImportHistory(Request $request)
    {
-
        if (!ini_get("auto_detect_line_endings")) {
            ini_set("auto_detect_line_endings", '1');
        }
@@ -773,9 +761,7 @@ class AssetsController extends Controller


        foreach ($results as $row) {
-
            if (is_array($row)) {
-
                $row = array_change_key_case($row, CASE_LOWER);
                $asset_tag = Helper::array_smart_fetch($row, "asset tag");
                if (!array_key_exists($asset_tag, $item)) {
@@ -790,7 +776,6 @@ class AssetsController extends Controller
                $item[$asset_tag][$batch_counter]['email'] = Helper::array_smart_fetch($row, "email");

                if ($asset = Asset::where('asset_tag', '=', $asset_tag)->first()) {
-
                    $item[$asset_tag][$batch_counter]['asset_id'] = $asset->id;

                    $base_username = User::generateFormattedNameFromFullName(Setting::getSettings()->username_format, $item[$asset_tag][$batch_counter]['name']);
@@ -847,12 +832,10 @@ class AssetsController extends Controller
                        } else {
                            $status['error'][]['asset'][$asset_tag]['msg'] = 'Asset and user was matched but could not be saved.';
                        }
-
                    } else {
                        $item[$asset_tag][$batch_counter]['checkedout_to'] = null;
                        $status['error'][]['user'][Helper::array_smart_fetch($row, "name")]['msg'] = 'User does not exist so no checkin log was created.';
                    }
-
                } else {
                    $item[$asset_tag][$batch_counter]['asset_id'] = null;
                    $status['error'][]['asset'][$asset_tag]['msg'] = 'Asset does not exist so no match was attempted.';
@@ -868,7 +851,6 @@ class AssetsController extends Controller

                // Only do this if a matching user was found
                if ((array_key_exists('checkedout_to', $asset_batch[$x])) && ($asset_batch[$x]['checkedout_to']!='')) {
-
                    if (($total_in_batch > 1) && ($x < $total_in_batch) && (array_key_exists($next, $asset_batch))) {
                        $checkin_date = Carbon::parse($asset_batch[$next]['checkout_date'])->subDay(1)->format('Y-m-d H:i:s');
                        $asset_batch[$x]['real_checkin'] = $checkin_date;
@@ -975,7 +957,6 @@ class AssetsController extends Controller
            }
            $log->delete();
            return redirect()->back()->with('success', trans('admin/hardware/message.deletefile.success'));
-
        }
        // Prepare the error message
        $error = trans('admin/hardware/message.does_not_exist', compact('id'));
@@ -1042,25 +1023,19 @@ class AssetsController extends Controller


        if ($request->has('bulk_actions')) {
-
            if ($request->input('bulk_actions')=='labels') {
-
                $count = 0;
                return view('hardware/labels')
                    ->with('assets', Asset::find($asset_ids))
                    ->with('settings', Setting::getSettings())
                    ->with('count', $count)
-                    ->with('settings',
-                    Setting::getSettings()
-                );
-
+                    ->with('settings', Setting::getSettings());
            } elseif ($request->input('bulk_actions')=='delete') {
                $assets = Asset::with('assignedTo', 'assetloc')->find($asset_ids);
-                $assets->each(function($asset) {
-                    $this->authorize('delete',$asset);
+                $assets->each(function ($asset) {
+                    $this->authorize('delete', $asset);
                });
                return view('hardware/bulk-delete')->with('assets', $assets);
-
             // Bulk edit
            } elseif ($request->input('bulk_actions')=='edit') {
                return view('hardware/bulk')
@@ -1141,9 +1116,8 @@ class AssetsController extends Controller
                    }

                    DB::table('assets')
-                    ->where('id', $key)
-                    ->update($update_array);
-
+                        ->where('id', $key)
+                        ->update($update_array);
                } // endforeach
                return redirect()->to("hardware")->with('success', trans('admin/hardware/message.update.success'));
            // no values given, nothing to update
@@ -1164,8 +1138,7 @@ class AssetsController extends Controller
    public function postBulkDelete()
    {
        $this->authorize('delete', Asset::class);
-        
-        
+
        if (Input::has('ids')) {
            $assets = Asset::find(Input::get('ids'));
            foreach ($assets as $asset) {
@@ -1173,9 +1146,8 @@ class AssetsController extends Controller
                $update_array['assigned_to'] = null;

                DB::table('assets')
-                ->where('id', $asset->id)
-                ->update($update_array);
-
+                    ->where('id', $asset->id)
+                    ->update($update_array);
            } // endforeach
            return redirect()->to("hardware")->with('success', trans('admin/hardware/message.delete.success'));
            // no values given, nothing to update
@@ -1223,7 +1195,7 @@ class AssetsController extends Controller
            foreach ($asset_ids as $asset_id) {
                $asset = Asset::find($asset_id);
                $this->authorize('checkout', $asset);
-                $error = $asset->checkOutToUser($user, $admin, $checkout_at, $expected_checkin, e(Input::get('note')), null);
+                $error = $asset->checkOut($user, $admin, $checkout_at, $expected_checkin, e(Input::get('note')), null);

                if ($error) {
                    array_merge_recursive($errors, $asset->getErrors()->toArray());
@@ -1275,10 +1247,8 @@ class AssetsController extends Controller
        $asset->next_audit_date = $request->input('next_audit_date');

        if ($asset->save()) {
-            $asset->logAudit(request('note'),request('location_id'));
+            $asset->logAudit(request('note'), request('location_id'));
            return redirect()->to("hardware")->with('success', trans('admin/hardware/message.audit.success'));
        }
    }
-
-
 }
@@ -47,6 +47,7 @@ class LoginController extends Controller
    public function __construct()
    {
        $this->middleware('guest', ['except' => ['logout','postTwoFactorAuth','getTwoFactorAuth','getTwoFactorEnroll']]);
+        \Session::put('backUrl', \URL::previous());
    }


@@ -320,4 +321,9 @@ class LoginController extends Controller
        return redirect()->route('login');
    }

+    public function redirectTo()
+    {
+        return Session::get('backUrl') ? Session::get('backUrl') :   $this->redirectTo;
+    }
+
 }
@@ -0,0 +1,15 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use Illuminate\Foundation\Auth\ResetsPasswords;
+
+class RegisterController extends Controller
+{
+
+    public function __construct()
+    {
+        $this->middleware('guest');
+    }
+}
@@ -25,7 +25,7 @@ class ResetPasswordController extends Controller
     *
     * @var string
     */
-    protected $redirectTo = '/home';
+    protected $redirectTo = '/';

    /**
     * Create a new controller instance.
@@ -74,20 +74,20 @@ class ComponentsController extends Controller
    * @since [v3.0]
    * @return \Illuminate\Http\RedirectResponse
     */
-    public function store()
+    public function store(Request $request)
    {
        $this->authorize('create', Component::class);
        $component = new Component();
-        $component->name                   = Input::get('name');
-        $component->category_id            = Input::get('category_id');
-        $component->location_id            = Input::get('location_id');
-        $component->company_id             = Company::getIdForCurrentUser(Input::get('company_id'));
-        $component->order_number           = Input::get('order_number');
-        $component->min_amt                = Input::get('min_amt');
-        $component->serial                 = Input::get('serial');
-        $component->purchase_date       = Input::get('purchase_date');
-        $component->purchase_cost       = request('purchase_cost');
-        $component->qty                    = Input::get('qty');
+        $component->name                   = $request->input('name');
+        $component->category_id            = $request->input('category_id');
+        $component->location_id            = $request->input('location_id');
+        $component->company_id             = Company::getIdForCurrentUser($request->input('company_id'));
+        $component->order_number           = $request->input('order_number', null);
+        $component->min_amt                = $request->input('min_amt', null);
+        $component->serial                 = $request->input('serial', null);
+        $component->purchase_date          = $request->input('purchase_date', null);
+        $component->purchase_cost          = $request->input('purchase_cost', null);
+        $component->qty                    = $request->input('qty');
        $component->user_id                = Auth::id();

        if ($component->save()) {
@@ -37,19 +37,25 @@ class CustomFieldsetsController extends Controller
    public function show($id)
    {
        $cfset = CustomFieldset::with('fields')->where('id', '=', $id)->orderBy('id', 'ASC')->first();
-        $custom_fields_list = ["" => "Add New Field to Fieldset"] + CustomField::pluck("name", "id")->toArray();

-        $maxid = 0;
-        foreach ($cfset->fields() as $field) {
-            if ($field->pivot->order > $maxid) {
-                $maxid=$field->pivot->order;
-            }
-            if (isset($custom_fields_list[$field->id])) {
-                unset($custom_fields_list[$field->id]);
+        if ($cfset) {
+            $custom_fields_list = ["" => "Add New Field to Fieldset"] + CustomField::pluck("name", "id")->toArray();
+
+            $maxid = 0;
+            foreach ($cfset->fields() as $field) {
+                if ($field->pivot->order > $maxid) {
+                    $maxid=$field->pivot->order;
+                }
+                if (isset($custom_fields_list[$field->id])) {
+                    unset($custom_fields_list[$field->id]);
+                }
            }
+
+            return view("custom_fields.fieldsets.view")->with("custom_fieldset", $cfset)->with("maxid", $maxid+1)->with("custom_fields_list", $custom_fields_list);
        }

-        return view("custom_fields.fieldsets.view")->with("custom_fieldset", $cfset)->with("maxid", $maxid+1)->with("custom_fields_list", $custom_fields_list);
+        return redirect()->route("fields.index")->with("error", trans('admin/custom_fields/message.fieldset.does_not_exist'));
+
    }


@@ -133,16 +139,21 @@ class CustomFieldsetsController extends Controller
    */
    public function destroy($id)
    {
-        //
        $fieldset = CustomFieldset::find($id);

-        $models = AssetModel::where("fieldset_id", "=", $id);
-        if ($models->count() == 0) {
-            $fieldset->delete();
-            return redirect()->route("fields.show")->with("success", trans('admin/custom_fields/message.fieldset.delete.success'));
-        } else {
-            return redirect()->route("fields.show")->with("error", trans('admin/custom_fields/message.fieldset.delete.in_use'));
+        if ($fieldset) {
+            $models = AssetModel::where("fieldset_id", "=", $id);
+            if ($models->count() == 0) {
+                $fieldset->delete();
+                return redirect()->route("fields.index")->with("success", trans('admin/custom_fields/message.fieldset.delete.success'));
+            } else {
+                return redirect()->route("fields.index")->with("error", trans('admin/custom_fields/message.fieldset.delete.in_use'));
+            }
        }
+
+        return redirect()->route("fields.index")->with("error", trans('admin/custom_fields/message.fieldset.does_not_exist'));
+
+
    }


@@ -279,7 +279,7 @@ class LicensesController extends Controller

        // Declare the rules for the form validation
        $rules = [
-            'note'   => 'string',
+            'note'   => 'string|nullable',
            'asset_id'  => 'required_without:assigned_to',
        ];

@@ -306,8 +306,8 @@ class LicensesController extends Controller
                return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.asset_does_not_exist'));
            }

-            if (($target->assigned_to!='') && (($target->assigned_to!=$assigned_to)) && ($target!='')) {
-                return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.owner_doesnt_match_asset'));
+            if (($request->has('assigned_to')) && ($request->has('asset_id'))) {
+                return redirect()->back()->withInput()->with('error', trans('admin/licenses/message.select_asset_or_person'));
            }
        }

@@ -334,15 +334,14 @@ class LicensesController extends Controller
        if ($licenseSeat->save()) {
            $licenseSeat->logCheckout($request->input('note'), $target);

-            $data['license_id'] =$licenseSeat->license_id;
+            $data['license_id'] = $licenseSeat->license_id;
            $data['note'] = $request->input('note');

            // Redirect to the new asset page
            return redirect()->route("licenses.index")->with('success', trans('admin/licenses/message.checkout.success'));
        }
-
-        // Redirect to the asset management page with error
-        return redirect()->to("admin/licenses/{$asset_id}/checkout")->with('error', trans('admin/licenses/message.create.error'))->with('license', new License);
+        
+        return redirect()->route("licenses.index")->with('error', trans('admin/licenses/message.checkout.error'));
    }


@@ -358,12 +357,12 @@ class LicensesController extends Controller
    public function getCheckin($seatId = null, $backTo = null)
    {
        // Check if the asset exists
-        if (is_null($licenseseat = LicenseSeat::find($seatId))) {
+        if (is_null($licenseSeat = LicenseSeat::find($seatId))) {
            // Redirect to the asset management page with error
            return redirect()->route('licenses.index')->with('error', trans('admin/licenses/message.not_found'));
        }
-        $this->authorize('checkin', $licenseseat);
-        return view('licenses/checkin', compact('licenseseat'))->with('backto', $backTo);
+        $this->authorize('checkin', $licenseSeat);
+        return view('licenses/checkin', compact('licenseSeat'))->with('backto', $backTo);
    }


@@ -440,7 +439,10 @@ class LicensesController extends Controller
     */
    public function show($licenseId = null)
    {
+
        $license = License::find($licenseId);
+        $license = $license->load('assignedusers', 'licenseSeats.user', 'licenseSeats.asset');
+
        if (isset($license->id)) {
            $license = $license->load('assignedusers', 'licenseSeats.user', 'licenseSeats.asset');
            $this->authorize('view', $license);
@@ -488,7 +490,7 @@ class LicensesController extends Controller
    * @param int $licenseId
    * @return \Illuminate\Http\RedirectResponse
     */
-    public function postUpload($licenseId = null)
+    public function postUpload(Request $request, $licenseId = null)
    {
        $license = License::find($licenseId);
        // the license is valid
@@ -517,13 +519,16 @@ class LicensesController extends Controller
                    //Log the upload to the log
                    $license->logUpload($filename, e($request->input('notes')));
                }
-
+                // This being called from a modal seems to confuse redirect()->back()
+                // It thinks we should go to the dashboard.  As this is only used
+                // from the modal at present, hardcode the redirect.  Longterm
+                // maybe we evaluate something else.
                if ($upload_success) {
-                    return redirect()->back()->with('success', trans('admin/licenses/message.upload.success'));
+                    return redirect()->route('licenses.show', $license->id)->with('success', trans('admin/licenses/message.upload.success'));
                }
-                return redirect()->back()->with('error', trans('admin/licenses/message.upload.error'));
+                return redirect()->route('licenses.show', $license->id)->with('error', trans('admin/licenses/message.upload.error'));
            }
-            return redirect()->back()->with('error', trans('admin/licenses/message.upload.nofiles'));
+            return redirect()->route('licenses.show', $license->id)->with('error', trans('admin/licenses/message.upload.nofiles'));
        }
        // Prepare the error message
        $error = trans('admin/licenses/message.does_not_exist', compact('id'));
@@ -463,7 +463,7 @@ class ReportsController extends Controller
        }

        if (e(Input::get('notes')) == '1') {
-            $header[] = 'Notes';
+            $header[] = trans('general.notes');
        }


@@ -604,9 +604,9 @@ class ReportsController extends Controller

            if (e(Input::get('notes')) == '1') {
                if ($asset->notes) {
-                    $row[] = '"' .$asset->notes. '"';
+                    $row[] = '"' .$asset->notes . '"';
                } else {
-                    $row[] = ''; // Empty string if unassigned
+                    $row[] = '';
                }
            }

@@ -338,7 +338,10 @@ class SettingsController extends Controller
        $setting->email_format = $request->input('email_format');
        $setting->username_format = $request->input('username_format');
        $setting->require_accept_signature = $request->input('require_accept_signature');
-        $setting->login_note = $request->input('login_note');
+        if (!config('app.lock_passwords')) {
+            $setting->login_note = $request->input('login_note');
+        }
+
        $setting->default_eula_text = $request->input('default_eula_text');
        $setting->thumbnail_max_h = $request->input('thumbnail_max_h');

@@ -992,6 +995,8 @@ class SettingsController extends Controller
    {
        if (!config('app.lock_passwords')) {
            if (Input::get('confirm_purge')=='DELETE') {
+                // Run a backup immediately before processing
+                Artisan::call('backup:run');
                Artisan::call('snipeit:purge', ['--force'=>'true','--no-interaction'=>true]);
                $output = Artisan::output();
                return view('settings/purge')
@@ -87,9 +87,8 @@ class SuppliersController extends Controller
                $supplier->image = $file_name;
        }

-            // Was it created?
        if ($supplier->save()) {
-          // Redirect to the new supplier  page
+          // Redirect to the nw supplier  page
            return redirect()->route('suppliers.index')->with('success', trans('admin/suppliers/message.create.success'));
        }
        return redirect()->back()->withInput()->withErrors($supplier->getErrors());
@@ -370,14 +370,20 @@ class UsersController extends Controller
            // Authorize takes care of many of our logic checks now.
            $this->authorize('delete', User::class);

-            if ($user->assets()->count() > 0) {
+            // Check if we are not trying to delete ourselves
+            if ($user->id === Auth::user()->id) {
                // Redirect to the user management page
                return redirect()->route('users.index')->with('error', 'This user still has ' . $user->assets()->count() . ' assets associated with them.');
            }

+            if (count($user->assets) > 0) {
+                // Redirect to the user management page
+                return redirect()->route('users.index')->with('error', 'This user still has ' . count($user->assets) . ' assets associated with them.');
+            }
+
            if ($user->licenses()->count() > 0) {
                // Redirect to the user management page
-                return redirect()->route('users.index')->with('error', 'This user still has ' . $user->licenses()->count() . ' licenses associated with them.');
+                return redirect()->route('users.index')->with('error', 'This user still has ' . $user->assets()->count() . ' assets associated with them.');
            }

            if ($user->accessories()->count() > 0) {
@@ -532,10 +538,7 @@ class UsersController extends Controller
            if (($key = array_search(Auth::user()->id, $user_raw_array)) !== false) {
                unset($user_raw_array[$key]);
            }
-
-            if (!Auth::user()->isSuperUser()) {
-                return redirect()->route('users.index')->with('error', trans('admin/users/message.insufficient_permissions'));
-            }
+            

            if (!config('app.lock_passwords')) {

@@ -836,7 +839,6 @@ class UsersController extends Controller
                            'permissions' => '{"user":1}',
                            'notes' => 'Imported user'
                        );
-                        //dd($newuser);

                        DB::table('users')->insert($newuser);

@@ -928,7 +930,6 @@ class UsersController extends Controller
        $user = User::find($userId);
        $destinationPath = config('app.private_uploads').'/users';

-        // the license is valid
        if (isset($user->id)) {
            $this->authorize('update', $user);
            $log = Actionlog::find($fileId);
@@ -19,10 +19,13 @@ class Kernel extends HttpKernel
        \Illuminate\View\Middleware\ShareErrorsFromSession::class,
        \App\Http\Middleware\FrameGuard::class,
        \App\Http\Middleware\XssProtectHeader::class,
+        \App\Http\Middleware\ReferrerPolicyHeader::class,
+        \App\Http\Middleware\ContentSecurityPolicyHeader::class,
        \App\Http\Middleware\NosniffGuard::class,
        \App\Http\Middleware\CheckForSetup::class,
        \Fideloper\Proxy\TrustProxies::class,
        \App\Http\Middleware\CheckForDebug::class,
+       // \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
    ];

    /**
@@ -0,0 +1,35 @@
+<?php
+namespace App\Http\Middleware;
+
+use Closure;
+
+class ContentSecurityPolicyHeader
+{
+    /**
+     * Handle the given request and get the response.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return \Illuminate\Http\Response
+     */
+    public function handle($request, Closure $next)
+    {
+        if ((config('app.debug')=='true')  || (config('app.enable_csp')!='true')) {
+            $response = $next($request);
+            return $response;
+        }
+
+        $policy[] = "default-src 'self'";
+        $policy[] = "style-src 'self' 'unsafe-inline' oss.maxcdn.com";
+        $policy[] = "script-src 'self' 'unsafe-inline' oss.mafxcdn.com cdnjs.cloudflare.com 'nonce-".csrf_token()."'";
+        $policy[] = "connect-src 'self'";
+        $policy[] = "object-src 'none'";
+        $policy[] = "font-src 'self' data:";
+        $policy[] = "img-src 'self' data: gravatar.com";
+        $policy = join(';', $policy);
+
+        $response = $next($request);
+        $response->headers->set('Content-Security-Policy', $policy);
+        return $response;
+    }
+}
@@ -0,0 +1,21 @@
+<?php
+namespace App\Http\Middleware;
+
+use Closure;
+
+class ReferrerPolicyHeader
+{
+    /**
+     * Handle the given request and get the response.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return \Illuminate\Http\Response
+     */
+    public function handle($request, Closure $next)
+    {
+        $response = $next($request);
+        $response->headers->set('Referrer-Policy', config('app.referrer_policy'));
+        return $response;
+    }
+}
@@ -14,8 +14,9 @@ class XssProtectHeader
     */
    public function handle($request, Closure $next)
    {
+        $mode = '1;mode=block';
        $response = $next($request);
-        $response->headers->set('X-XSS-Protection', '1');
+        $response->headers->set('X-XSS-Protection', $mode);
        return $response;
    }
 }
@@ -59,13 +59,30 @@ class AccessoriesTransformer
    }


-    public function transformCheckedoutAccessories (Collection $accessories_users, $total)
+    public function transformCheckedoutAccessory (Accessory $accessory, $total)
    {

+
+        
+
        $array = array();
-        foreach ($accessories_users as $user) {
-            $array[] = (new UsersTransformer)->transformUser($user);
+        foreach ($accessory->users as $user) {
+            $array[] = [
+                'assigned_pivot_id' => $user->pivot->id,
+                'id' => (int) $user->id,
+                'username' => e($user->username),
+                'name' => e($user->getFullNameAttribute()),
+                'first_name'=> e($user->first_name),
+                'last_name'=> e($user->last_name),
+                'employee_number' =>  e($user->employee_num),
+                'type' => 'user',
+                'available_actions' => ['checkin' => true]
+            ];
+
        }
+
+
+
        return (new DatatablesTransformer)->transformDatatables($array, $total);
    }

@@ -52,7 +52,8 @@ class ActionlogsTransformer
                'type' => e($actionlog->targetType()),
            ] : null,

-            'note'          => e($actionlog->note),
+            'note'          => ($actionlog->note) ? e($actionlog->note): null,
+            'signature_file'   => ($actionlog->accept_signature) ? route('log.signature.view', ['filename' => $actionlog->accept_signature ]) : null,


        ];
@@ -33,7 +33,8 @@ class AssetsTransformer
            'model_number' => ($asset->model) ? e($asset->model->model_number) : null,
            'status_label' => ($asset->assetstatus) ? [
                'id' => (int) $asset->assetstatus->id,
-                'name'=> e($asset->assetstatus->name)
+                'name'=> e($asset->present()->statusText),
+                'status_meta' =>  e($asset->present()->statusMeta),
            ] : null,
            'category' => ($asset->model->category) ? [
                'id' => (int) $asset->model->category->id,
@@ -75,8 +76,9 @@ class AssetsTransformer
        ];


-        if ($asset->model->fieldset) {
+        if (($asset->model->fieldset) && (count($asset->model->fieldset->fields)> 0)) {
            $fields_array = array();
+
            foreach ($asset->model->fieldset->fields as $field) {

                if ($field->isFieldDecryptable($asset->{$field->convertUnicodeDbSlug()})) {
@@ -25,7 +25,7 @@ class CustomFieldsTransformer
            'name' => e($field->name),
            'db_column_name' => e($field->db_column_name()),
            'format'   =>  e($field->format),
-            'required'   =>  $field->pivot->required,
+            'required'   =>  $field->pivot ? $field->pivot->required : false,
            'created_at' => Helper::getFormattedDateObject($field->created_at, 'datetime'),
            'updated_at' => Helper::getFormattedDateObject($field->updated_at, 'datetime'),
        ];
@@ -23,7 +23,7 @@ class GroupsTransformer
        $array = [
            'id' => (int) $group->id,
            'name' => e($group->name),
-            'permissions' => $group->permissions,
+            'permissions' => json_decode($group->permissions),
            'users_count' => (int) $group->users_count,
            'created_at' => Helper::getFormattedDateObject($group->created_at, 'datetime'),
            'updated_at' => Helper::getFormattedDateObject($group->updated_at, 'datetime'),
@@ -29,7 +29,6 @@ class ImportsTransformer
            'header_row' => $import->header_row,
            'first_row'  => $import->first_row,
            'field_map'  => $import->field_map,
-
        ];

        return $array;
@@ -33,8 +33,9 @@ class LicensesTransformer
            'depreciation' => ($license->depreciation) ? ['id' => (int) $license->depreciation->id,'name'=> e($license->depreciation->name)] : null,
            'notes' => e($license->notes),
            'expiration_date' => Helper::getFormattedDateObject($license->expiration_date, 'date'),
-            'total_seats' => (int) $license->total_seats,
-            'remaining_qty' => $license->remaincount(),
+            'total_seats' => (int) $license->seats,
+            'next_seat' => ($license->freeSeat()) ?  (int) $license->freeSeat()->id : null,
+            'remaining_qty' => (int) $license->remaincount(),
            'min_qty' => $license->remaincount(),
            'license_name' =>  e($license->license_name),
            'license_email' => e($license->license_email),
@@ -36,9 +36,11 @@ class LocationsTransformer
                'address' => e($location->address),
                'city' => e($location->city),
                'state' => e($location->state),
-                'assets_checkedout' => $location->assets()->count(),
-                'assets_default'    => $location->assignedassets()->count(),
                'country' => e($location->country),
+                'zip' => e($location->zip),
+                'assets_checkedout' => $location->location_assets_count,
+                'assets_default'    => $location->assigned_assets_count,
+
                'created_at' => Helper::getFormattedDateObject($location->created_at, 'datetime'),
                'updated_at' => Helper::getFormattedDateObject($location->updated_at, 'datetime'),
                'parent' => ($location->parent) ? [
@@ -56,9 +56,10 @@ class UsersTransformer
            ];

        $permissions_array['available_actions'] = [
-            'update' => Gate::allows('update', User::class) ? true : false,
-            'delete' => Gate::allows('delete', User::class) ? true : false,
-            'clone' => Gate::allows('create', User::class) ? true : false,
+            'update' => (Gate::allows('update', User::class) && ($user->deleted_at==''))  ? true : false,
+            'delete' => (Gate::allows('delete', User::class) && ($user->deleted_at=='')) ? true : false,
+            'clone' => (Gate::allows('create', User::class) && ($user->deleted_at=='')) ,
+            'restore' => (Gate::allows('create', User::class) && ($user->deleted_at!='')) ? true : false,
        ];

        $array += $permissions_array;
@@ -63,7 +63,9 @@ class AssetImporter extends ItemImporter
        $this->item['image'] = $this->findCsvMatch($row, "image");
        $this->item['warranty_months'] = intval($this->findCsvMatch($row, "warranty"));
        $this->item['model_id'] = $this->createOrFetchAssetModel($row);
-        if (!$this->item['status_id'] && !$editingAsset) {
+
+        // If no status ID is found
+        if (!array_key_exists('status_id', $this->item) && !$editingAsset) {
            $this->log("No status field found, defaulting to first status.");
            $this->item['status_id'] = $this->defaultStatusLabelId;
        }
@@ -109,7 +109,15 @@ abstract class Importer
    {
        $headerRow = $this->csv->fetchOne();
        $results = $this->normalizeInputArray($this->csv->fetchAssoc());
-        $this->customFields = CustomField::All(['name']);
+
+        // Stolen From https://adamwathan.me/2016/07/14/customizing-keys-when-mapping-collections/
+        // This 'inverts' the fields such that we have a collection of fields indexed by name.
+        $cFs = CustomField::All();
+        $this->customFields = $cFs->reduce(function ($nameLookup, $field) {
+            $nameLookup[$field['name']] = $field;
+            return $nameLookup;
+        });
+
        DB::transaction(function () use (&$results) {
            Model::unguard();
            $resultsCount = sizeof($results);
@@ -161,8 +169,6 @@ abstract class Importer
     */
    public function lookupCustomKey($key)
    {
-        // dd($this->fieldMap);
-
        if (array_key_exists($key, $this->fieldMap)) {
            $this->log("Found a match in our custom map: {$key} is " . $this->fieldMap[$key]);
            return $this->fieldMap[$key];
@@ -10,6 +10,7 @@ use App\Models\Location;
 use App\Models\Manufacturer;
 use App\Models\Statuslabel;
 use App\Models\Supplier;
+use App\Models\User;

 class ItemImporter extends Importer
 {
@@ -68,6 +69,7 @@ class ItemImporter extends Importer
        if(get_class($this) !== UserImporter::class) {
            if ($this->item["user"] = $this->createOrFetchUser($row)) {
                $this->item['assigned_to'] = $this->item['user']->id;
+                $this->item['assigned_type'] = User::class;
            }
        }
    }
@@ -61,7 +61,6 @@ class Accessory extends SnipeModel
        'purchase_date',
        'model_number',
        'manufacturer_id',
-        'notes',
        'qty',
        'requestable'
    ];
@@ -79,6 +79,7 @@ class Asset extends Depreciable
    protected $fillable = [
        'asset_tag',
        'assigned_to',
+        'assigned_type',
        'company_id',
        'image',
        'model_id',
@@ -178,13 +179,14 @@ class Asset extends Depreciable

    public function getDetailedNameAttribute()
    {
-        if ($this->assignedTo) {
-            $user_name = $this->assignedTo->present()->name();
+        if ($this->assignedto) {
+            $user_name = $this->assignedto->present()->name();
        } else {
            $user_name = "Unassigned";
        }
        return $this->asset_tag . ' - ' . $this->name . ' (' . $user_name . ') ' . $this->model->name;
    }
+
    public function validationRules($id = '0')
    {
        return $this->rules;
@@ -253,18 +255,20 @@ class Asset extends Depreciable
    public function assetLoc()
    {
        if (!empty($this->assignedType())) {
+            // dd($this->assignedType());
            if ($this->assignedType() == self::ASSET) {
-                return $this->assignedTo->assetloc(); // Recurse until we have a final location
+                return $this->assignedto->assetloc(); // Recurse until we have a final location
            }
            if ($this->assignedType() == self::LOCATION) {
                return $this->assignedTo();
            }
            if ($this->assignedType() == self::USER) {
+                if (!$this->assignedTo) {
+                    return $this->defaultLoc();
+                }
                return $this->assignedTo->userLoc();
            }
-            if (!$this->assignedTo) {
-                return $this->defaultLoc();
-            }
+
        }
        return $this->defaultLoc();
    }
@@ -722,7 +726,8 @@ class Asset extends Depreciable


    /**
-    * Query builder scope to search on text for complex Bootstrap Tables API
+    * Query builder scope to search on text for complex Bootstrap Tables API.
+    * This is really horrible, but I can't think of a less-awful way to do it.
    *
    * @param  \Illuminate\Database\Query\Builder  $query  Query builder instance
    * @param  text                              $search      Search term
@@ -733,7 +738,16 @@ class Asset extends Depreciable
    {
        $search = explode(' OR ', $search);

-        return $query->where(function ($query) use ($search) {
+        return $query->leftJoin('users',function ($leftJoin) {
+            $leftJoin->on("users.id", "=", "assets.assigned_to")
+                ->where("assets.assigned_type", "=", User::class);
+        })->leftJoin('locations',function ($leftJoin) {
+            $leftJoin->on("locations.id","=","assets.assigned_to")
+                ->where("assets.assigned_type","=",Location::class);
+        })->leftJoin('assets as assigned_assets',function ($leftJoin) {
+            $leftJoin->on('assigned_assets.id', '=', 'assets.assigned_to')
+                ->where('assets.assigned_type', '=', Asset::class);
+        })->where(function ($query) use ($search) {
            foreach ($search as $search) {
                $query->whereHas('model', function ($query) use ($search) {
                    $query->whereHas('category', function ($query) use ($search) {
@@ -766,26 +780,15 @@ class Asset extends Depreciable
                    $query->whereHas('defaultLoc', function ($query) use ($search) {
                        $query->where('locations.name', 'LIKE', '%'.$search.'%');
                    });
-                    //FIXME: This needs attention to work with checkout to not-users.
-                // })->orWhere(function ($query) use ($search) {
-                    // $query->whereHas('assignedTo', function ($query) use ($search) {
-                    //     $query->where(function ($query) use ($search) {
-                    //         $query->where('assets.assigned_type', '=', User::class)
-                    //         ->join('users', 'users.id', '=', 'assets.assigned_to')
-                    //         ->where(function($query) use ($search) {
-                    //             $query->where('users.first_name', 'LIKE', '%'.$search.'%')
-                    //             ->orWhere('users.last_name', 'LIKE', '%'.$search.'%');
-                    //         });
-                    //     })->orWhere(function ($query) use ($search) {
-                    //         $query->where('assets.assigned_type', '=', Location::class)
-                    //         ->join('locations', 'locations.id', '=', 'assets.assigned_to')
-                    //         ->where('locations.name', 'LIKE', '%'.$search.'%');
-                    //     })->orWhere(function ($query) use ($search) {
-                    //         $query->where('assets.assigned_type', '=', Asset::class)
-                    //         ->join('assets as assigned_asset', 'assigned_assets.id', '=', 'assets.assigned_to')
-                    //         ->where('assigned_assets.name', 'LIKE', '%'.$search.'%');
-                    //     });
-                    // });
+                 })->orWhere(function ($query) use ($search) {
+
+                     $query->whereHas('assignedTo', function ($query) use ($search) {
+                         $query->where('users.first_name', 'LIKE', '%'.$search.'%')
+                         ->orWhere('users.last_name', 'LIKE', '%'.$search.'%')
+                         ->orWhere('users.username', 'LIKE', '%'.$search.'%')
+                         ->orWhere('locations.name', 'LIKE', '%'.$search.'%')
+                         ->orWhere('assigned_assets.name', 'LIKE', '%'.$search.'%');
+                     });
                })->orWhere('assets.name', 'LIKE', '%'.$search.'%')
                    ->orWhere('assets.asset_tag', 'LIKE', '%'.$search.'%')
                    ->orWhere('assets.serial', 'LIKE', '%'.$search.'%')
@@ -793,9 +796,9 @@ class Asset extends Depreciable
                    ->orWhere('assets.notes', 'LIKE', '%'.$search.'%');
            }
            foreach (CustomField::all() as $field) {
-                $query->orWhere($field->db_column_name(), 'LIKE', "%$search%");
+                $query->orWhere('assets.'.$field->db_column_name(), 'LIKE', "%$search%");
            }
-        });
+        })->withTrashed()->whereNull("assets.deleted_at"); //workaround for laravel bug
    }


@@ -26,7 +26,7 @@ class AssetModel extends SnipeModel
    // Declare the rules for the model validation
    protected $rules = array(
        'name'          => 'required|min:1|max:255',
-        'model_number'      => 'min:1|max:255',
+        'model_number'      => 'max:255|nullable',
        'category_id'       => 'required|integer|exists:categories,id',
        'manufacturer_id'   => 'required|integer|exists:manufacturers,id',
        'eol'   => 'integer:min:0|max:240|nullable',
@@ -53,6 +53,7 @@ class Component extends SnipeModel
        'name',
        'purchase_cost',
        'purchase_date',
+        'min_amt',
        'qty',
    ];

@@ -47,9 +47,7 @@ class CustomFieldset extends Model

            if (($field->field_encrypted!='1') ||
                  (($field->field_encrypted =='1')  && (Gate::allows('admin')) )) {
-                if ($field->pivot->required) {
-                    $rule[]="required";
-                }
+                    $rule[] = ($field->pivot->required=='1') ? "required" : "nullable";
            }

            array_push($rule, $field->attributes['format']);
@@ -48,6 +48,7 @@ class Ldap extends Model
        // Needed for AD
        ldap_set_option($connection, LDAP_OPT_REFERRALS, 0);
        ldap_set_option($connection, LDAP_OPT_PROTOCOL_VERSION, $ldap_version);
+        ldap_set_option($connection, LDAP_OPT_NETWORK_TIMEOUT, 20);

        if ($ldap_use_tls=='1') {
            ldap_start_tls($connection);
@@ -31,10 +31,10 @@ class License extends Depreciable
    protected $rules = array(
        'name'   => 'required|string|min:3|max:255',
        'seats'   => 'required|min:1|max:1000000|integer',
-        'license_email'   => 'email|min:0|max:120',
-        'license_name'   => 'string|min:0|max:100',
-        'note'   => 'string',
-        'notes'   => 'string|min:0',
+        'license_email'   => 'email|nullable|max:120',
+        'license_name'   => 'string|nullable|max:100',
+        'note'   => 'string|nullable',
+        'notes'   => 'string|nullable',
        'company_id' => 'integer|nullable',
    );

@@ -332,14 +332,17 @@ class License extends Depreciable
        return $this->belongsTo('\App\Models\Supplier', 'supplier_id');
    }

+    /*
+     * Get the next available free seat - used by
+     * the API to populate next_seat
+     */
    public function freeSeat()
    {
-        $seat = LicenseSeat::where('license_id', '=', $this->id)
+        return $this->licenseseats()
                    ->whereNull('deleted_at')
                    ->whereNull('assigned_to')
                    ->whereNull('asset_id')
                    ->first();
-        return $seat->id;
    }

    public static function getExpiringLicenses($days = 60)
@@ -43,20 +43,23 @@ trait Loggable
        $log->target_type = get_class($target);
        $log->target_id = $target->id;

-        $class = get_class($target);
-        if ($class == Location::class) {
+        $target_class = get_class($target);
+
+        // Figure out what the target is
+        if ($target_class == Location::class) {
            // We can checkout to a location
            $log->location_id = $target->id;
-        } else if ($class== Asset::class) {
+        } elseif ($target_class== Asset::class) {
            $log->location_id = $target->rtd_location_id;
        } else {
            $log->location_id = $target->location_id;
        }
+
        $log->note = $note;
        $log->logaction('checkout');

        $params = [
-            'item' => $this,
+            'item' => $log->item,
            'target' => $target,
            'admin' => $log->user,
            'note' => $note,
@@ -77,13 +77,28 @@ class SnipeModel extends Model
        return;
    }

+    public function setMinAmtAttribute($value)
+    {
+        if ($value == '') {
+            $value = null;
+        }
+        $this->attributes['min_amt'] = $value;
+        return;
+    }
+
+    public function setParentIdAttribute($value)
+    {
+        if ($value == '') {
+            $value = null;
+        }
+        $this->attributes['parent_id'] = $value;
+        return;
+    }
+
+
    //
    public function getDisplayNameAttribute()
    {
        return $this->name;
    }
-
-    public function name() {
-        return $this->name;
-    }
 }
@@ -21,7 +21,7 @@ class Statuslabel extends SnipeModel

    protected $rules = array(
        'name'  => 'required|string|unique_undeleted',
-        'notes'   => 'string',
+        'notes'   => 'string|nullable',
        'deployable' => 'required',
        'pending' => 'required',
        'archived' => 'required',
@@ -15,18 +15,18 @@ class Supplier extends SnipeModel

    protected $rules = array(
        'name'              => 'required|min:3|max:255|unique_undeleted',
-        'address'           => 'min:3|max:50',
-        'address2'          => 'min:2|max:50',
-        'city'              => 'min:3|max:255',
-        'state'             => 'min:0|max:32',
-        'country'           => 'min:0|max:2',
-        'fax'               => 'min:7|max:35',
-        'phone'             => 'min:7|max:35',
-        'contact'           => 'min:0|max:100',
-        'notes'             => 'min:0|max:255',
-        'email'             => 'email|min:5|max:150',
-        'zip'               => 'min:0|max:10',
-        'url'               => 'min:3|max:250',
+        'address'           => 'max:50|nullable',
+        'address2'          => 'max:50|nullable',
+        'city'              => 'max:255|nullable',
+        'state'             => 'max:32|nullable',
+        'country'           => 'max:3|nullable',
+        'fax'               => 'min:7|max:35|nullable',
+        'phone'             => 'min:7|max:35|nullable',
+        'contact'           => 'max:100|nullable',
+        'notes'             => 'max:255|nullable',
+        'email'             => 'email|max:150|nullable',
+        'zip'               => 'max:10|nullable',
+        'url'               => 'sometimes|nullable|string|max:250',
    );

    /**
@@ -41,10 +41,12 @@ class CheckinNotification extends Notification
            $notifyBy[] = 'slack';
        }
        $item = $this->params['item'];
-        if ((method_exists($item, 'requireAcceptance') && ($item->requireAcceptance()=='1'))
-            || (method_exists($item, 'getEula') && ($item->getEula()))
-        ) {
-            $notifyBy[] = 'mail';
+        if (class_basename(get_class($this->params['item']))=='Asset') {
+            if ((method_exists($item, 'requireAcceptance') && ($item->requireAcceptance() == '1'))
+                || (method_exists($item, 'getEula') && ($item->getEula()))
+            ) {
+                $notifyBy[] = 'mail';
+            }
        }
        return $notifyBy;
    }
@@ -44,7 +44,9 @@ class CheckoutNotification extends Notification
        }
        $item = $this->params['item'];

-        $notifyBy[]='mail';
+        if (class_basename(get_class($this->params['item']))=='Asset') {
+            $notifyBy[] = 'mail';
+        }
        // if ((method_exists($item, 'requireAcceptance') && ($item->requireAcceptance()=='1'))
        //     || (method_exists($item, 'getEula') && ($item->getEula()))
        // ) {
@@ -81,30 +83,31 @@ class CheckoutNotification extends Notification
     */
    public function toMail($notifiable)
    {
-        //TODO: Expand for non assets.
-        $item = $this->params['item'];
-        $admin_user = $this->params['admin'];
-        $target = $this->params['target'];
-        $data = [
-            'eula' => method_exists($item, 'getEula') ? $item->getEula() : '',
-            'first_name' => $target->present()->fullName(),
-            'item_name' => $item->present()->name(),
-            'checkout_date' => $item->last_checkout,
-            'expected_checkin' => $item->expected_checkin,
-            'item_tag' => $item->asset_tag,
-            'note' => $this->params['note'],
-            'item_serial' => $item->serial,
-            'require_acceptance' => $item->requireAcceptance(),
-            'log_id' => $this->params['log_id'],
-        ];
-        return (new MailMessage)
-                    ->view('emails.accept-asset', $data)
-                    ->subject(trans('mail.Confirm_asset_delivery'));
-            // \Mail::send('emails.accept-asset', $data, function ($m) use ($target) {
-            //     $m->to($target->email, $target->first_name . ' ' . $target->last_name);
-            //     $m->replyTo(config('mail.reply_to.address'), config('mail.reply_to.name'));
-            //     $m->subject(trans('mail.Confirm_asset_delivery'));
-            // });
+
+            //TODO: Expand for non assets.
+            $item = $this->params['item'];
+            $admin_user = $this->params['admin'];
+            $target = $this->params['target'];
+            $data = [
+                'eula' => method_exists($item, 'getEula') ? $item->getEula() : '',
+                'first_name' => $target->present()->fullName(),
+                'item_name' => $item->present()->name(),
+                'checkout_date' => $item->last_checkout,
+                'expected_checkin' => $item->expected_checkin,
+                'item_tag' => $item->asset_tag,
+                'note' => $this->params['note'],
+                'item_serial' => $item->serial,
+                'require_acceptance' => method_exists($item, 'requireAcceptance') ? $item->requireAcceptance() : '',
+                'log_id' => $this->params['log_id'],
+            ];
+
+            return (new MailMessage)
+                ->view('emails.accept-asset', $data)
+                ->subject(trans('mail.Confirm_asset_delivery'));
+
+
+
+
    }

    /**
@@ -325,6 +325,24 @@ class AssetPresenter extends Presenter
        return $interval;
    }

+    /**
+     * @return string
+     * This handles the status label "meta" status of "deployed" if
+     * it's assigned. Should maybe deprecate.
+     */
+    public function statusMeta()
+    {
+        if ($this->model->assignedTo) {
+            return strtolower(trans('general.deployed'));
+        }
+        return $this->model->assetstatus->getStatuslabelType();
+    }
+
+    /**
+     * @return string
+     * This handles the status label "meta" status of "deployed" if
+     * it's assigned. Should maybe deprecate.
+     */
    public function statusText()
    {
        if ($this->model->assignedTo) {
@@ -332,6 +350,7 @@ class AssetPresenter extends Presenter
        }
        return $this->model->assetstatus->name;
    }
+
    /**
     * Date the warantee expires.
     * @return false|string
@@ -146,6 +146,16 @@ class LicensePresenter extends Presenter
        return (string)link_to_route('licenses.show', $this->name, $this->id);
    }

+    /**
+     * Link to this licenses Name
+     * @return string
+     */
+    public function fullName()
+    {
+        return $this->name;
+    }
+
+
    /**
     * Link to this licenses serial
     * @return string
@@ -65,6 +65,11 @@ abstract class Presenter
        return '';
    }

+    public function name()
+    {
+        return $this->model->name;
+    }
+
    public function __get($property)
    {
        if (method_exists($this, $property)) {
@@ -105,6 +105,10 @@ class AppServiceProvider extends ServiceProvider
            }
        }

+        if (($this->app->environment('production'))  && (config('services.rollbar.access_token'))){
+            $this->app->register(\Jenssegers\Rollbar\RollbarServiceProvider::class);
+        }
+
        foreach ($monolog->getHandlers() as $handler) {
            $handler->setLevel($log_level);
        }
@@ -1 +1 @@
-{"version":3,"file":"css/AdminLTE.css","sources":[],"mappings":";;;;;;","sourceRoot":""}
+{"version":3,"file":"css/AdminLTE.css","sources":[],"mappings":";;;;;;A","sourceRoot":""}
@@ -1 +1 @@
-{"version":3,"file":"css/app.css","sources":[],"mappings":";;;;;;;;","sourceRoot":""}
+{"version":3,"file":"css/app.css","sources":[],"mappings":";;;;;;;;A","sourceRoot":""}
@@ -1,23 +1,12 @@
 {
-  "/build/vue.js": "/build/vue.js",
-  "/mix.js": "/mix.js",
-  "/build/app.css": "/build/app.535d8af1016a2377e449920c617f0197.css",
-  "/build/AdminLTE.css": "/build/AdminLTE.3d8a2b2e33baa060b1b324363ad5e1c2.css",
-  "/build/overrides.css": "/build/overrides.617623c6a96be3e0cbd11c5d4039ec10.css",
-  "/css/all.css": "/css/all.css",
-  "/js/all.js": "/js/all.js",
-  "/css/app.css": "/css/app.css",
-  "/css/dist/all.css": "/css/dist/all.css",
-  "/js/dist/all.js": "/js/dist/all.js",
-  "/css/AdminLTE.css": "/css/AdminLTE.css",
-  "/css/overrides.css": "/css/overrides.css",
-  "/css/skin-blue.css": "/css/skin-blue.css",
-  "/vue.js": "/vue.js",
-  "/vue.js.map": "/vue.js.map",
-  "/mix.js.map": "/mix.js.map",
-  "/css/AdminLTE.css.map": "/css/AdminLTE.css.map",
-  "/css/app.css.map": "/css/app.css.map",
-  "/css/overrides.css.map": "/css/overrides.css.map",
-  "public/css/dist/all.css": "public/css/dist/all.css",
-  "public/js/dist/all.js": "public/js/dist/all.js"
+    "/vue.js": "/vue.js",
+    "/css/AdminLTE.css": "/css/AdminLTE.css",
+    "/css/app.css": "/css/app.css",
+    "/css/overrides.css": "/css/overrides.css",
+    "/vue.js.map": "/vue.js.map",
+    "/css/AdminLTE.css.map": "/css/AdminLTE.css.map",
+    "/css/app.css.map": "/css/app.css.map",
+    "/css/overrides.css.map": "/css/overrides.css.map",
+    "/public/css/dist/all.css": "/public/css/dist/all.css",
+    "/public/js/dist/all.js": "/public/js/dist/all.js"
 }
@@ -10,12 +10,15 @@
    "barryvdh/laravel-debugbar": "^2.4",
    "doctrine/cache": "^1.6",
    "doctrine/common": "^2.7",
-    "doctrine/dbal": "v2.4.2",
+    "doctrine/dbal": "v2.5.13",
+    "doctrine/inflector": "1.1.*",
+    "doctrine/instantiator": "1.0.*",
    "erusev/parsedown": "^1.6",
    "fideloper/proxy": "^3.1",
    "intervention/image": "^2.3",
    "javiereguiluz/easyslugger": "^1.0",
-    "laravel/framework": "5.4.20",
+    "jenssegers/rollbar": "^1.5",
+    "laravel/framework": "5.4.*",
    "laravel/passport": "^1.0",
    "laravel/tinker": "^1.0",
    "laravelcollective/html": "^5.3",
@@ -23,21 +26,22 @@
    "maknz/slack": "^1.7",
    "neitanod/forceutf8": "^2.0",
    "patchwork/utf8": "~1.2",
+    "phpdocumentor/reflection-docblock": "3.2.2",
+    "phpspec/prophecy": "1.6.2",
    "pragmarx/google2fa": "^1.0",
    "schuppo/password-strength": "~1.5",
    "spatie/laravel-backup": "^3.0.0",
    "tecnickcom/tc-lib-barcode": "^1.15",
+    "tightenco/ziggy": "^0.4.1",
    "unicodeveloper/laravel-password": "^1.0",
-    "watson/validating": "^3.0",
-    "doctrine/instantiator": "1.0.5",
-    "doctrine/inflector": "1.0.*"
+    "watson/validating": "^3.0"
  },
    "require-dev": {
        "fzaninotto/faker": "~1.4",
        "phpunit/phpunit": "~5.7",
        "symfony/css-selector": "3.1.*",
        "symfony/dom-crawler": "3.1.*",
-        "codeception/codeception": "2.2.9",
+        "codeception/codeception": "2.3.6",
        "squizlabs/php_codesniffer": "*",
        "phpunit/php-token-stream": "1.4.11"

@@ -155,6 +155,39 @@ return [
    'allow_iframing' => env('ALLOW_IFRAMING', false),


+    /*
+    |--------------------------------------------------------------------------
+    | REFERRER-POLICY
+    |--------------------------------------------------------------------------
+    |
+    | This is an additional security header that browsers use to determine
+    | whether they should report back URL referrer information.
+    |
+    | Read more: https://www.w3.org/TR/referrer-policy/
+    |
+    */
+
+    'referrer_policy' => env('REFERRER_POLICY', 'same-origin'),
+
+    /*
+    |--------------------------------------------------------------------------
+    | CSP
+    |--------------------------------------------------------------------------
+    |
+    | Disable the content security policy that restricts what scripts, images
+    | and styles can load. (This should be left as false if you don't know
+    | what this means.)
+    |
+    | Read more: https://www.w3.org/TR/CSP/
+    | Read more: https://content-security-policy.com
+    |
+    */
+
+    'enable_csp' => env('ENABLE_CSP', false),
+
+
+
+
    /*
    |--------------------------------------------------------------------------
    | Demo Mode Lockdown
@@ -222,7 +255,7 @@ return [
        Laravel\Tinker\TinkerServiceProvider::class,
        Unicodeveloper\DumbPassword\DumbPasswordServiceProvider::class,
        Schuppo\PasswordStrength\PasswordStrengthServiceProvider::class,
-
+        Tightenco\Ziggy\ZiggyServiceProvider::class, // Laravel routes in vue

        /*
        * Application Service Providers...
@@ -65,8 +65,8 @@ return [
            'database'  => env('DB_DATABASE', 'forge'),
            'username'  => env('DB_USERNAME', 'forge'),
            'password'  => env('DB_PASSWORD', ''),
-            'charset'   => 'utf8mb4',
-            'collation' => 'utf8mb4_unicode_ci',
+            'charset'   => env('DB_CHARSET', 'utf8mb4'),
+            'collation' => env('DB_COLLATION', 'utf8mb4_unicode_ci'),
            'prefix'    => env('DB_PREFIX', null),
            'strict'    => false,
            'engine'    => null,
@@ -22,6 +22,8 @@ return [
                    base_path('public/uploads'),
                    base_path('config'),
                    base_path('storage/private_uploads'),
+                    base_path('storage/oauth-private.key'),
+                    base_path('storage/oauth-public.key'),
                ],

                /*
@@ -41,5 +41,10 @@ return [
        'stripe_id'    => env('STUNNING_STRIPE_ID'),
    ],

+    'rollbar' => [
+        'access_token' => env('ROLLBAR_TOKEN'),
+        'level' => env('ROLLBAR_LEVEL', 'error'),
+    ],
+

 ];
@@ -1,7 +1,7 @@
 <?php
 return array (
-  'app_version' => 'v4',
-  'build_version' => 'beta4',
-  'hash_version' => '24',
-  'full_hash' => 'v4-beta4-24-g10f3221',
+  'app_version' => 'v4.0.8',
+  'build_version' => '102',
+  'hash_version' => 'gef19bc7',
+  'full_hash' => 'v4.0.8-102-gef19bc7',
 );
@@ -19,12 +19,14 @@ $factory->defineAs(Actionlog::class, 'asset-checkout', function (Faker\Generator
    $company =  factory(App\Models\Company::class)->create();
    $user = factory(App\Models\User::class)->create(['company_id' => $company->id]);
    $target = factory(App\Models\User::class)->create(['company_id' => $company->id]);
-    // $item = factory(App\Models\Asset::class)->create(['company_id' => $company->id]);
+    do {
+        $item = factory(App\Models\Asset::class)->create(['company_id' => $company->id]);
+    } while (!$item->isValid());
 // dd($item);
    return [
        'user_id' => $user->id,
        'action_type' => 'checkout',
-        'item_id' => factory(App\Models\Asset::class)->create(['company_id' => $company->id])->id,
+        'item_id' => $item->id,
        'item_type'  => App\Models\Asset::class,
        'target_id' => $target->id,
        'target_type' => get_class($target),
@@ -0,0 +1,17 @@
+<?php
+
+
+$factory->define(App\Models\CustomField::class, function (Faker\Generator $faker) {
+    return [
+    'name' => $faker->catchPhrase,
+    'format' => 'IP',
+    'element' => 'text',
+    ];
+});
+
+$factory->define(App\Models\CustomFieldset::class, function (Faker\Generator $faker) {
+    return [
+        'name' => $faker->catchPhrase,
+        'user_id' => Auth::id()
+    ];
+});
@@ -97,14 +97,6 @@ $factory->define(App\Models\Consumable::class, function (Faker\Generator $faker)
    ];
 });

-$factory->define(App\Models\CustomField::class, function (Faker\Generator $faker) {
-    return [
-    'name' => $faker->catchPhrase,
-    'format' => 'IP',
-    'element' => 'text',
-    ];
-});
-
 $factory->define(App\Models\Department::class, function (Faker\Generator $faker) {
    return [
    'name' => $faker->catchPhrase,
@@ -12,10 +12,13 @@ class AddSoftDeletedToLog extends Migration {
 	 */
 	public function up()
 	{
-    
-    Schema::table('asset_logs', function ($table) {
-      $table->string('asset_type',100)->nullable()->change();
-    });
+
+        $platform = Schema::getConnection()->getDoctrineSchemaManager()->getDatabasePlatform();
+        $platform->registerDoctrineTypeMapping('enum', 'string');
+
+        Schema::table('asset_logs', function ($table) {
+          $table->string('asset_type',100)->nullable()->change();
+        });

 		// DB::statement('ALTER TABLE ' . DB::getTablePrefix() . 'asset_logs MODIFY column asset_type varchar(100) null');
 		// DB::statement('ALTER TABLE ' . DB::getTablePrefix() . 'asset_logs MODIFY column added_on timestamp default "0000-00-00 00:00:00"');
@@ -0,0 +1,36 @@
+<?php
+
+use App\Models\Asset;
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+class FixAssignedTypeNotBeingNulled extends Migration
+{
+    /**
+     * Run the migrations.
+     * There was a point in the v4 beta process where assigned_type was not nulled on checkin
+     * This manually nulls all assets where there is an assigned_type but not an assigned_to.
+     * @return void
+     */
+    public function up()
+    {
+        // There was a point in the v4 beta process where assigned_type was not nulled on checkin
+        // This manually nulls all assets where there is an assigned_type but not an assigned_to.
+        Asset::whereNotNull('assigned_type')->whereNull('assigned_to')->update(['assigned_type' => null]);
+
+        // Additionally, the importer did not set assigned_type when importing.
+        // In the case where we have an assigned_to but not an assigned_type, set the assigned_type to User.
+        Asset::whereNotNull('assigned_to')->whereNull('assigned_type')->update(['assigned_type' => 'App\Models\User']);
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        //
+    }
+}
@@ -0,0 +1,77 @@
+<?php
+
+use Illuminate\Support\Facades\Schema;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class DropForeignKeys extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        try  {
+            Schema::table('accessories', function (Blueprint $table) {
+                $table->dropForeign(['company_id']);
+            });
+        } catch (\Exception $e) {
+            //echo $e;
+        }
+
+        try  {
+            Schema::table('users', function (Blueprint $table) {
+                $table->dropForeign(['company_id']);
+            });
+        } catch (\Exception $e) {
+            //echo $e;
+        }
+
+        try  {
+            Schema::table('assets', function (Blueprint $table) {
+                $table->dropForeign(['company_id']);
+            });
+        } catch (\Exception $e) {
+            //echo $e;
+        }
+
+        try  {
+            Schema::table('components', function (Blueprint $table) {
+                $table->dropForeign(['company_id']);
+            });
+        } catch (\Exception $e) {
+            //echo $e;
+        }
+
+        try  {
+            Schema::table('consumables', function (Blueprint $table) {
+                $table->dropForeign(['company_id']);
+            });
+        } catch (\Exception $e) {
+            //echo $e;
+        }
+
+        try  {
+            Schema::table('licenses', function (Blueprint $table) {
+                $table->dropForeign(['company_id']);
+            });
+        } catch (\Exception $e) {
+            //echo $e;
+        }
+
+
+
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        //
+    }
+}
@@ -10,14 +10,14 @@
    "production": "cross-env NODE_ENV=production node_modules/webpack/bin/webpack.js --progress --hide-modules --config=node_modules/laravel-mix/setup/webpack.config.js "
  },
  "devDependencies": {
-    "axios": "^0.15.3",
+    "axios": "^0.16.2",
    "babel-preset-latest": "^6.24.1",
-    "cross-env": "^3.2.4",
+    "cross-env": "^5.0.5",
    "jquery": "^3.1.1",
-    "laravel-mix": "0.12.1",
+    "laravel-mix": "1.4.3",
    "lodash": "^4.17.4",
-    "vue": "2.3.3",
-    "vue-template-compiler": "2.3.3"
+    "vue": "2.4.4",
+    "vue-template-compiler": "2.4.4"
  },
  "dependencies": {
    "blueimp-file-upload": "^9.18.0",
@@ -32,6 +32,8 @@
    "jquery-ui": "^1.12.1",
    "jquery-ui-bundle": "^1.12.1",
    "jquery.iframe-transport": "^1.0.0",
+    "less": "^2.7.2",
+    "less-loader": "^4.0.5",
    "papaparse": "^4.3.3",
    "select2": "^4.0.3",
    "tether": "^1.4.0",
@@ -5,13 +5,16 @@

    RewriteEngine On

-    # Uncomment these two lines to force SSL redirect
+    # Uncomment these two lines to force SSL redirect in Apache
    # RewriteCond %{HTTPS} off
    # RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

+
+
    # Redirect Trailing Slashes If Not A Folder...
    RewriteCond %{REQUEST_FILENAME} !-d
-    RewriteRule ^(.*)/$ /$1 [L,R=301]
+    RewriteCond %{REQUEST_URI} (.+)/$
+    RewriteRule ^ %1 [L,R=301]

    # Handle Front Controller...
    RewriteCond %{REQUEST_FILENAME} !-d
@@ -21,4 +24,11 @@
    # Handle Authorization Header
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
+
+    # Security Headers
+    # Header set Strict-Transport-Security "max-age=2592000" env=HTTPS
+    # Header set X-XSS-Protection "1; mode=block"
+    # Header set X-Content-Type-Options nosniff
+    # Header set X-Permitted-Cross-Domain-Policies "master-only"
+
 </IfModule>
@@ -1,2 +1,2 @@
 User-agent: *
-Disallow:
+Disallow: /
@@ -67,7 +67,7 @@ tr {

 <script>
    export default {
-        props: ['file'],
+        props: ['file', 'customFields'],
        data() {
            return {
                activeFile: this.file,
@@ -130,6 +130,7 @@ tr {
                        {id: 'jobtitle', text: 'Job Title' },
                        {id: 'phone_number', text: 'Phone Number' },
                    ],
+                    customFields: this.customFields,
                },
                columnMappings: this.file.field_map || {},
                activeColumn: null,
@@ -143,7 +144,7 @@ tr {
            columns() {
                switch(this.options.importType) {
                    case 'asset':
-                        return this.columnOptions.general.concat(this.columnOptions.assets);
+                        return this.columnOptions.general.concat(this.columnOptions.assets).concat(this.columnOptions.customFields);
                    case 'license':
                        return this.columnOptions.general.concat(this.columnOptions.licenses);
                    case 'user':
@@ -155,22 +156,22 @@ tr {
        methods: {
            postSave() {
                this.statusText = "Processing...";
-                this.$http.post('/api/v1/imports/process/'+this.file.id, {
+                this.$http.post(route('api.imports.importFile', this.file.id), {
                    'import-update': this.options.update,
                    'import-type': this.options.importType,
                    'column-mappings': this.columnMappings
-                }).then( (response) => {
+                }).then( ({body}) => {
                    // Success
                    this.statusText = "Success... Redirecting.";
-                    window.location.href = response.body.messages.redirect_url;
-                }, (response) => {
+                    window.location.href = body.messages.redirect_url;
+                }, ({body}) => {
                    // Failure
-                    if(response.body.status == 'import-errors') {
-                        window.eventHub.$emit('importErrors', response.body.messages);
+                    if(body.status == 'import-errors') {
+                        window.eventHub.$emit('importErrors', body.messages);
                        this.statusText = "Error";
                    } else {
                        this.$emit('alert', {
-                            message: response.body.messages,
+                            message: body.messages,
                            type: "danger",
                            visible: true,
                        })
@@ -208,4 +209,4 @@ tr {
            select2: require('../select2.vue')
        }
    }
-</script>
+</script>
@@ -30,16 +30,15 @@ th {
                    currentPercent: "0",
                    statusText: '',
                    visible: false
-                }
+                },
+                customFields: [],
            };
        },

-        /**
-         * Prepare the component (Vue 2.x).
-         */
        mounted() {
            window.eventHub.$on('importErrors', this.updateImportErrors);
            this.fetchFiles();
+            this.fetchCustomFields();
            let vm = this;
            $('#fileupload').fileupload({
                dataType: 'json',
@@ -72,7 +71,7 @@ th {

        methods: {
            fetchFiles() {
-                this.$http.get('/api/v1/imports')
+                this.$http.get(route('api.imports.index'))
                .then( ({data}) => this.files = data, // Success
                    //Fail
                (response) => {
@@ -81,8 +80,20 @@ th {
                    this.alert.message="Something went wrong fetching files...";
                });
            },
+            fetchCustomFields() {
+                this.$http.get(route('api.customfields.index'))
+                .then( ({data}) => {
+                    data = data.rows;
+                    data.forEach((item) => {
+                        this.customFields.push({
+                            'id': item.db_column_name,
+                            'text': item.name,
+                        })
+                    })
+                });
+            },
            deleteFile(file, key) {
-                this.$http.delete("/api/v1/imports/"+file.id)
+                this.$http.delete(route('api.imports.destroy', file.id))
                .then((response) => this.files.splice(key, 1), // Success, remove file from array.
                    (response) => {// Fail
                        this.alert.type="danger";
@@ -99,7 +110,7 @@ th {
            },
            updateImportErrors(errors) {
                this.importErrors = errors;
-            }
+            },
        },

        computed: {
@@ -56,6 +56,7 @@

 <script>
    export default {
+        props: ['clientsUrl', 'tokensUrl'],
        /*
         * The component's data.
         */
@@ -91,7 +92,7 @@
             * Get all of the authorized tokens for the user.
             */
            getTokens() {
-                this.$http.get('/oauth/tokens')
+                this.$http.get(this.tokensUrl)
                        .then(response => {
                            this.tokens = response.data;
                        });
@@ -101,7 +102,7 @@
             * Revoke the given token.
             */
            revoke(token) {
-                this.$http.delete('/oauth/tokens/' + token.id)
+                this.$http.delete(this.tokensUrl +'/'+ token.id)
                        .then(response => {
                            this.getTokens();
                        });
@@ -219,6 +219,7 @@
        /*
         * The component's data.
         */
+        props: ['clientsUrl'],
        data() {
            return {
                clients: [],
@@ -271,7 +272,7 @@
             * Get all of the OAuth clients for the user.
             */
            getClients() {
-                this.$http.get('/oauth/clients')
+                this.$http.get(this.clientsUrl)
                        .then(response => {
                            this.clients = response.data;
                        });
@@ -289,7 +290,7 @@
             */
            store() {
                this.persistClient(
-                    'post', '/oauth/clients',
+                    'post', this.clientsUrl,
                    this.createForm, '#modal-create-client'
                );
            },
@@ -310,7 +311,7 @@
             */
            update() {
                this.persistClient(
-                    'put', '/oauth/clients/' + this.editForm.id,
+                    'put', this.clientsUrl + '/' + this.editForm.id,
                    this.editForm, '#modal-edit-client'
                );
            },
@@ -319,8 +320,10 @@
             * Persist the client to storage using the given form.
             */
            persistClient(method, uri, form, modal) {
+                console.log('persisting');
                form.errors = [];

+                console.log('method: ' + method);
                this.$http[method](uri, form)
                    .then(response => {
                        this.getClients();
@@ -344,7 +347,7 @@
             * Destroy the given client.
             */
            destroy(client) {
-                this.$http.delete('/oauth/clients/' + client.id)
+                this.$http.delete(this.clientsUrl +'/' + client.id)
                        .then(response => {
                            this.getClients();
                        });
@@ -160,6 +160,7 @@

 <script>
    export default {
+        props: ['tokenUrl', 'scopesUrl'],
        /*
         * The component's data.
         */
@@ -209,7 +210,7 @@
             * Get all of the personal access tokens for the user.
             */
            getTokens() {
-                this.$http.get('/oauth/personal-access-tokens')
+                this.$http.get(this.tokenUrl)
                        .then(response => {
                            this.tokens = response.data;
                        });
@@ -219,7 +220,7 @@
             * Get all of the available scopes.
             */
            getScopes() {
-                this.$http.get('/oauth/scopes')
+                this.$http.get(this.scopesUrl)
                        .then(response => {
                            this.scopes = response.data;
                        });
@@ -240,7 +241,7 @@

                this.form.errors = [];

-                this.$http.post('/oauth/personal-access-tokens', this.form)
+                this.$http.post(this.tokenUrl, this.form)
                        .then(response => {
                            this.form.name = '';
                            this.form.scopes = [];
@@ -293,7 +294,7 @@
             * Revoke the given token.
             */
            revoke(token) {
-                this.$http.delete('/oauth/personal-access-tokens/' + token.id)
+                this.$http.delete(this.tokenUrl +'/'+ token.id)
                        .then(response => {
                            this.getTokens();
                        });
@@ -12,8 +12,8 @@
            'success' => 'Asset Maintenance created successfully.'
        ],
        'edit'                       => [
-            'error'   => 'Asset Maintenance was not created, please try again.',
-            'success' => 'Asset Maintenance created successfully.'
+            'error'   => 'Asset Maintenance was not edited, please try again.',
+            'success' => 'Asset Maintenance edited successfully.'
        ],
        'asset_maintenance_incomplete' => 'Not Completed Yet',
        'warranty'                     => 'Warranty',
@@ -7,7 +7,7 @@ return array(
    'asset'  					=> 'Asset',
    'bulk_checkout'             => 'Checkout Assets to User',
    'checkin'  					=> 'Checkin Asset',
-    'checkout'  				=> 'Checkout Asset to User',
+    'checkout'  				=> 'Checkout Asset',
    'clone'  					=> 'Clone Asset',
    'deployable'  				=> 'Deployable',
    'deleted'  					=> 'This asset has been deleted. <a href="/hardware/:asset_id/restore">Click here to restore it</a>.',
@@ -24,6 +24,12 @@ return array(
        'success' 		=> 'Asset restored successfully.'
    ),

+    'audit' => array(
+        'error'   		=> 'Asset audit was unsuccessful. Please try again.',
+        'success' 		=> 'Asset audit successfully logged.'
+    ),
+
+
    'deletefile' => array(
        'error'   => 'File not deleted. Please try again.',
        'success' => 'File successfully deleted.',
@@ -10,6 +10,10 @@ return array(
 	'alert_interval'			=> 'Expiring Alerts Threshold (in days)',
 	'alert_inv_threshold'		=> 'Inventory Alert Threshold',
 	'asset_ids'					=> 'Asset IDs',
+	'audit_interval'            => 'Audit Interval',
+    'audit_interval_help'       => 'If you are required to regularly physically audit your assets, enter the interval in months.',
+	'audit_warning_days'        => 'Audit Warning Threshold',
+    'audit_warning_days_help'   => 'How many days in advance should we warn you when assets are due for auditing?',
 	'auto_increment_assets'		=> 'Generate auto-incrementing asset IDs',
 	'auto_increment_prefix'		=> 'Prefix (optional)',
 	'auto_incrementing_help'    => 'Enable auto-incrementing asset IDs first to set this',
@@ -13,6 +13,7 @@ return array(
    'filetype_info'     => 'Allowed filetypes are png, gif, jpg, jpeg, doc, docx, pdf, txt, zip, and rar.',
    'history_user'      => 'History for :name',
 	'info'				=> 'Info',
+    'restore_user'		=> 'Click here to restore them.',
    'last_login'        => 'Last Login',
    'ldap_config_text'  => 'LDAP configuration settings can be found Admin > Settings. The (optional) selected location will be set for all imported users.',
    'software_user'     => 'Software Checked out to :name',
@@ -18,11 +18,15 @@
    'asset_report'          => 'Asset Report',
    'asset_tag'				=> 'Asset Tag',
    'assets_available'		=> 'assets available',
+    'audit'				    => 'Audit',
+    'audit_report'			=> 'Audit Log',
    'assets'				=> 'Assets',
    'avatar_delete'         => 'Delete Avatar',
    'avatar_upload'         => 'Upload Avatar',
    'back'      			=> 'Back',
    'bad_data'      		=> 'Nothing found. Maybe bad data?',
+    'bulkaudit'             => 'Bulk Audit',
+    'bulkaudit_status'      => 'Audit Status',
    'bulk_checkout'  		=> 'Bulk Checkout',
    'cancel'  				=> 'Cancel',
    'categories'			=> 'Categories',
@@ -52,6 +56,8 @@
    'current'  				=> 'Current',
    'custom_report'         => 'Custom Asset Report',
    'dashboard'				=> 'Dashboard',
+    'days'      			=> 'days',
+    'days_to_next_audit'        => 'Days to Next Audit',
    'date'					=> 'Date',
    'debug_warning'         => 'Warning!',
    'debug_warning_text'         => 'This application is running in production mode with debugging enabled. This can expose sensitive data if your application is accessible to the outside world. Disable debug mode by setting the <code>APP_DEBUG</code> value in your <code>.env</code> file to <code>false</code>.',
@@ -117,6 +123,8 @@
    'moreinfo'				=> 'More Info',
    'name'					=> 'Name',
    'next'					=> 'Next',
+    'next_audit_date'		=> 'Next Audit Date',
+    'last_audit'		    => 'Last Audit',
    'new'					=> 'new!',
    'no_depreciation'		=> 'No Depreciation',
    'no_results'			=> 'No Results.',
@@ -13,62 +13,91 @@ return array(
    |
    */

-    "accepted"         => "The :attribute must be accepted.",
-    "active_url"       => "The :attribute is not a valid URL.",
-    "after"            => "The :attribute must be a date after :date.",
-    "alpha"            => "The :attribute may only contain letters.",
-    "alpha_dash"       => "The :attribute may only contain letters, numbers, and dashes.",
-    "alpha_num"        => "The :attribute may only contain letters and numbers.",
-    "before"           => "The :attribute must be a date before :date.",
-    "between"          => array(
-        "numeric" => "The :attribute must be between :min - :max.",
-        "file"    => "The :attribute must be between :min - :max kilobytes.",
-        "string"  => "The :attribute must be between :min - :max characters.",
-    ),
-    "boolean"          => "The :attribute must be true or false.",
-    "confirmed"        => "The :attribute confirmation does not match.",
-    "date"             => "The :attribute is not a valid date.",
-    "date_format"      => "The :attribute does not match the format :format.",
-    "different"        => "The :attribute and :other must be different.",
-    "digits"           => "The :attribute must be :digits digits.",
-    "digits_between"   => "The :attribute must be between :min and :max digits.",
-    "email"            => "The :attribute format is invalid.",
-    "exists"           => "The selected :attribute is invalid.",
-    "email_array"      => "One or more email addresses is invalid.",
-    "hashed_pass"      => "Your current password is incorrect",
-    'dumbpwd'          => 'That password is too common.',
-    "image"            => "The :attribute must be an image.",
-    "in"               => "The selected :attribute is invalid.",
-    "integer"          => "The :attribute must be an integer.",
-    "ip"               => "The :attribute must be a valid IP address.",
-    "max"              => array(
-        "numeric" => "The :attribute may not be greater than :max.",
-        "file"    => "The :attribute may not be greater than :max kilobytes.",
-        "string"  => "The :attribute may not be greater than :max characters.",
-    ),
-    "mimes"            => "The :attribute must be a file of type: :values.",
-    "min"              => array(
-        "numeric" => "The :attribute must be at least :min.",
-        "file"    => "The :attribute must be at least :min kilobytes.",
-        "string"  => "The :attribute must be at least :min characters.",
-    ),
-    "not_in"           => "The selected :attribute is invalid.",
-    "numeric"          => "The :attribute must be a number.",
-    "regex"            => "The :attribute format is invalid.",
-    "required"         => "The :attribute field is required.",
-    "required_if"      => "The :attribute field is required when :other is :value.",
-    "required_with"    => "The :attribute field is required when :values is present.",
-    "required_without" => "The :attribute field is required when :values is not present.",
-    "same"             => "The :attribute and :other must match.",
-    "size"             => array(
-        "numeric" => "The :attribute must be :size.",
-        "file"    => "The :attribute must be :size kilobytes.",
-        "string"  => "The :attribute must be :size characters.",
-    ),
-    "unique"           => "The :attribute has already been taken.",
-    "url"              => "The :attribute format is invalid.",
-    "statuslabel_type" => "You must select a valid status label type",
-    "unique_undeleted" => "The :attribute must be unique.",
+    'accepted'             => 'The :attribute must be accepted.',
+    'active_url'           => 'The :attribute is not a valid URL.',
+    'after'                => 'The :attribute must be a date after :date.',
+    'after_or_equal'       => 'The :attribute must be a date after or equal to :date.',
+    'alpha'                => 'The :attribute may only contain letters.',
+    'alpha_dash'           => 'The :attribute may only contain letters, numbers, and dashes.',
+    'alpha_num'            => 'The :attribute may only contain letters and numbers.',
+    'array'                => 'The :attribute must be an array.',
+    'before'               => 'The :attribute must be a date before :date.',
+    'before_or_equal'      => 'The :attribute must be a date before or equal to :date.',
+    'between'              => [
+        'numeric' => 'The :attribute must be between :min and :max.',
+        'file'    => 'The :attribute must be between :min and :max kilobytes.',
+        'string'  => 'The :attribute must be between :min and :max characters.',
+        'array'   => 'The :attribute must have between :min and :max items.',
+    ],
+    'boolean'              => 'The :attribute field must be true or false.',
+    'confirmed'            => 'The :attribute confirmation does not match.',
+    'date'                 => 'The :attribute is not a valid date.',
+    'date_format'          => 'The :attribute does not match the format :format.',
+    'different'            => 'The :attribute and :other must be different.',
+    'digits'               => 'The :attribute must be :digits digits.',
+    'digits_between'       => 'The :attribute must be between :min and :max digits.',
+    'dimensions'           => 'The :attribute has invalid image dimensions.',
+    'distinct'             => 'The :attribute field has a duplicate value.',
+    'email'                => 'The :attribute must be a valid email address.',
+    'exists'               => 'The selected :attribute is invalid.',
+    'file'                 => 'The :attribute must be a file.',
+    'filled'               => 'The :attribute field must have a value.',
+    'image'                => 'The :attribute must be an image.',
+    'in'                   => 'The selected :attribute is invalid.',
+    'in_array'             => 'The :attribute field does not exist in :other.',
+    'integer'              => 'The :attribute must be an integer.',
+    'ip'                   => 'The :attribute must be a valid IP address.',
+    'ipv4'                 => 'The :attribute must be a valid IPv4 address.',
+    'ipv6'                 => 'The :attribute must be a valid IPv6 address.',
+    'json'                 => 'The :attribute must be a valid JSON string.',
+    'max'                  => [
+        'numeric' => 'The :attribute may not be greater than :max.',
+        'file'    => 'The :attribute may not be greater than :max kilobytes.',
+        'string'  => 'The :attribute may not be greater than :max characters.',
+        'array'   => 'The :attribute may not have more than :max items.',
+    ],
+    'mimes'                => 'The :attribute must be a file of type: :values.',
+    'mimetypes'            => 'The :attribute must be a file of type: :values.',
+    'min'                  => [
+        'numeric' => 'The :attribute must be at least :min.',
+        'file'    => 'The :attribute must be at least :min kilobytes.',
+        'string'  => 'The :attribute must be at least :min characters.',
+        'array'   => 'The :attribute must have at least :min items.',
+    ],
+    'not_in'               => 'The selected :attribute is invalid.',
+    'numeric'              => 'The :attribute must be a number.',
+    'present'              => 'The :attribute field must be present.',
+    'regex'                => 'The :attribute format is invalid.',
+    'required'             => 'The :attribute field is required.',
+    'required_if'          => 'The :attribute field is required when :other is :value.',
+    'required_unless'      => 'The :attribute field is required unless :other is in :values.',
+    'required_with'        => 'The :attribute field is required when :values is present.',
+    'required_with_all'    => 'The :attribute field is required when :values is present.',
+    'required_without'     => 'The :attribute field is required when :values is not present.',
+    'required_without_all' => 'The :attribute field is required when none of :values are present.',
+    'same'                 => 'The :attribute and :other must match.',
+    'size'                 => [
+        'numeric' => 'The :attribute must be :size.',
+        'file'    => 'The :attribute must be :size kilobytes.',
+        'string'  => 'The :attribute must be :size characters.',
+        'array'   => 'The :attribute must contain :size items.',
+    ],
+    'string'               => 'The :attribute must be a string.',
+    'timezone'             => 'The :attribute must be a valid zone.',
+    'unique'               => 'The :attribute has already been taken.',
+    'uploaded'             => 'The :attribute failed to upload.',
+    'url'                  => 'The :attribute format is invalid.',
+
+    /*
+    |--------------------------------------------------------------------------
+    | Custom Validation Language Lines
+    |--------------------------------------------------------------------------
+    |
+    | Here you may specify custom validation messages for attributes using the
+    | convention "attribute.rule" to name the lines. This makes it quick to
+    | specify a specific custom language line for a given attribute rule.
+    |
+    */


    /*
@@ -82,8 +111,14 @@ return array(
    |
    */

-    'custom' => array(),
-    'alpha_space' => "The :attribute field contains a character that is not allowed.",
+    'custom' => [
+        'alpha_space' => "The :attribute field contains a character that is not allowed.",
+        "email_array"      => "One or more email addresses is invalid.",
+        "hashed_pass"      => "Your current password is incorrect",
+        'dumbpwd'          => 'That password is too common.',
+        "statuslabel_type" => "You must select a valid status label type",
+        "unique_undeleted" => "The :attribute must be unique.",
+    ],

    /*
    |--------------------------------------------------------------------------
@@ -96,6 +131,6 @@ return array(
    |
    */

-    'attributes' => array(),
+    'attributes' => [],

 );
@@ -12,8 +12,8 @@
            'success' => 'تم إنشاء سند صيانة الأصل بنجاح.'
        ],
        'edit'                       => [
-            'error'   => 'Asset Maintenance was not created, please try again.',
-            'success' => 'Asset Maintenance created successfully.'
+            'error'   => 'Asset Maintenance was not edited, please try again.',
+            'success' => 'Asset Maintenance edited successfully.'
        ],
        'asset_maintenance_incomplete' => 'لم يكتمل بعد',
        'warranty'                     => 'الضمان',
@@ -28,7 +28,7 @@ return array(

    'fieldset' => array(

-        'does_not_exist' => 'Fieldset does not exist',
+        'does_not_exist' => 'مجموعة الحقول غير موجودة',

        'create' => array(
            'error'   => 'لم يتم إنشاء مجموعة-الحقول، الرجاء المحاولة مرة اخرى.',
--- a/Show More
+++ b/Show More