Merge branch 'master' of https://github.com/snipe/snipe-it

Bumped version
Fixes XSS vulnerabilities (#6831 )
2019-03-18 20:51:11 -07:00 · 2019-03-18 20:50:47 -07:00 · 2019-03-18 20:49:32 -07:00 · 2019-03-18 11:59:48 -07:00 · 2019-03-18 11:59:02 -07:00 · 2019-03-18 11:58:08 -07:00
570 changed files with 15881 additions and 2274 deletions
@@ -1650,6 +1650,15 @@
      "contributions": [
        "code"
      ]
+    },
+    {
+      "login": "timothyfarmer",
+      "name": "Tim Farmer",
+      "avatar_url": "https://avatars1.githubusercontent.com/u/7632599?v=4",
+      "profile": "https://github.com/timothyfarmer",
+      "contributions": [
+        "code"
+      ]
    }
  ]
 }
@@ -7,7 +7,6 @@ APP_KEY=ChangeMe
 APP_URL=null
 APP_TIMEZONE='UTC'
 APP_LOCALE=en
-BACKUP_ENV=false

 # --------------------------------------------
 # REQUIRED: DATABASE SETTINGS
@@ -73,13 +72,20 @@ ENABLE_CSP=false
 CACHE_DRIVER=file
 SESSION_DRIVER=file
 QUEUE_DRIVER=sync
+CACHE_PREFIX=snipeit

 # --------------------------------------------
 # OPTIONAL: REDIS SETTINGS
 # --------------------------------------------
 REDIS_HOST=null
 REDIS_PASSWORD=null
-REDIS_PORT-null
+REDIS_PORT=null
+
+# --------------------------------------------
+# OPTIONAL: MEMCACHED SETTINGS
+# --------------------------------------------
+MEMCACHED_HOST=null
+MEMCACHED_PORT=null

 # --------------------------------------------
 # OPTIONAL: AWS S3 SETTINGS
@@ -0,0 +1,5 @@
+# You can add one username per supported platform and one custom link
+# patreon: # Replace with your Patreon username
+# open_collective: # Replace with your Open Collective username
+# ko_fi: # Replace with your Ko-fi username
+custom: https://snipeitapp.com/donate
@@ -50,3 +50,4 @@ tests/_support/_generated/*
 /storage/oauth-public.key

 *.cache
+/public/storage
@@ -16,8 +16,13 @@ services:
 php:
  - 5.6
  - 7.0
-  - 7.2 
-  - 7.1.4
+  - 7.1
+  - 7.2
+  - 7.3
+
+matrix:
+  allow_failures:
+    - php: 7.3

 # execute any number of scripts before the test run, custom env's are available as variables
 before_script:
@@ -18,9 +18,8 @@ patch \
 curl \
 vim \
 git \
-cron \
 mysql-client \
-cron \
+supervisor \
 && apt-get clean \
 && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

@@ -69,7 +68,9 @@ RUN \
      && rm -r "/var/www/html/storage/app/backups" && ln -fs "/var/lib/snipeit/dumps" "/var/www/html/storage/app/backups" \
      && mkdir "/var/lib/snipeit/keys" && ln -fs "/var/lib/snipeit/keys/oauth-private.key" "/var/www/html/storage/oauth-private.key" \
      && ln -fs "/var/lib/snipeit/keys/oauth-public.key" "/var/www/html/storage/oauth-public.key" \
-      && chown docker "/var/lib/snipeit/keys/"
+      && chown docker "/var/lib/snipeit/keys/" \
+      && chmod +x /var/www/html/artisan \
+      && echo "Finished setting up application in /var/www/html"

 ############## DEPENDENCIES via COMPOSER ###################

@@ -96,16 +97,11 @@ VOLUME ["/var/lib/snipeit"]

 ##### START SERVER

-COPY docker/entrypoint.sh /entrypoint.sh
-RUN chmod +x /entrypoint.sh
+COPY docker/startup.sh docker/supervisord.conf /
+COPY docker/supervisor-exit-event-listener /usr/bin/supervisor-exit-event-listener
+RUN chmod +x /startup.sh /usr/bin/supervisor-exit-event-listener

-# Add Tini
-ENV TINI_VERSION v0.14.0
-ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /tini
-RUN chmod +x /tini
-ENTRYPOINT ["/tini", "--"]
-
-CMD ["/entrypoint.sh"]
+CMD ["/startup.sh"]

 EXPOSE 80
 EXPOSE 443
@@ -1,5 +1,5 @@
 [![Build Status](https://travis-ci.org/snipe/snipe-it.svg?branch=master)](https://travis-ci.org/snipe/snipe-it) [![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.svg)](https://crowdin.com/project/snipe-it) [![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/snipe/snipe-it?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeitapp.svg?style=social)](https://twitter.com/snipeitapp)  [![Codacy Badge](https://api.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://www.codacy.com/app/snipe/snipe-it?utm_source=github.com&amp;utm_medium=referral&amp;utm_content=snipe/snipe-it&amp;utm_campaign=Badge_Grade)
-[![All Contributors](https://img.shields.io/badge/all_contributors-180-orange.svg?style=flat-square)](#contributors) [![Open Source Helpers](https://www.codetriage.com/snipe/snipe-it/badges/users.svg)](https://www.codetriage.com/snipe/snipe-it)
+[![All Contributors](https://img.shields.io/badge/all_contributors-181-orange.svg?style=flat-square)](#contributors) [![Open Source Helpers](https://www.codetriage.com/snipe/snipe-it/badges/users.svg)](https://www.codetriage.com/snipe/snipe-it)


 ## Snipe-IT - Open Source Asset Management System
@@ -10,7 +10,7 @@ It is built on [Laravel 5.4](http://laravel.com).

 Snipe-IT is actively developed and we're [releasing quite frequently](https://github.com/snipe/snipe-it/releases). ([Check out the live demo here](https://snipeitapp.com/demo/).)

-__This is web-based software__. This means there there is no executable file (aka no .exe files), and it must be run on a web server and accessed through a web browser. It runs on any Mac OSX, flavor of Linux, as well as Windows, and we have a [Docker image](https://snipe-it.readme.io/docs/docker) available if that's what you're into.
+__This is web-based software__. This means there is no executable file (aka no .exe files), and it must be run on a web server and accessed through a web browser. It runs on any Mac OSX, flavor of Linux, as well as Windows, and we have a [Docker image](https://snipe-it.readme.io/docs/docker) available if that's what you're into.

 -----

@@ -59,6 +59,7 @@ Since the release of the JSON REST API, several third-party developers have been
 - [InQRy](https://github.com/Microsoft/InQRy) by [@Microsoft](https://github.com/Microsoft)
 - [SnipeitPS](https://github.com/snazy2000/SnipeitPS) by [@snazy2000](https://github.com/snazy2000) - Powershell API Wrapper for Snipe-it
 - [jamf2snipe](https://github.com/ParadoxGuitarist/jamf2snipe) by [@ParadoxGuitarist](https://github.com/ParadoxGuitarist) - Python script to sync assets between a JAMFPro instance and a Snipe-II instance
+- [Marksman](https://github.com/Scope-IT/marksman) - A Windows agent for Snipe-IT

 As these were created by third-parties, Snipe-IT cannot provide support for these project, and you should contact the developers directly if you need assistance. Additionally, Snipe-IT makes no guarantees as to the reliability, accuracy or maintainability of these libraries. Use at your own risk. :) 

@@ -95,7 +96,7 @@ Thanks goes to all of these wonderful people ([emoji key](https://github.com/ken
 | [<img src="https://avatars2.githubusercontent.com/u/982885?v=4" width="110px;"/><br /><sub>Martin Stub</sub>](http://martinstub.dk)<br />[🌍](#translation-stubben "Translation") | [<img src="https://avatars2.githubusercontent.com/u/28959963?v=4" width="110px;"/><br /><sub>Meyer Flavio</sub>](https://github.com/meyerf99)<br />[🌍](#translation-meyerf99 "Translation") | [<img src="https://avatars3.githubusercontent.com/u/796443?v=4" width="110px;"/><br /><sub>Micael Rodrigues</sub>](https://github.com/MicaelRodrigues)<br />[🌍](#translation-MicaelRodrigues "Translation") | [<img src="https://avatars0.githubusercontent.com/u/10481331?v=4" width="110px;"/><br /><sub>Mikael Rasmussen</sub>](http://rubixy.com/)<br />[🌍](#translation-mikaelssen "Translation") | [<img src="https://avatars1.githubusercontent.com/u/1544552?v=4" width="110px;"/><br /><sub>IxFail</sub>](https://github.com/IxFail)<br />[🌍](#translation-IxFail "Translation") | [<img src="https://avatars3.githubusercontent.com/u/18483118?v=4" width="110px;"/><br /><sub>Mohammed Fota</sub>](http://www.mohammedfota.com)<br />[🌍](#translation-MohammedFota "Translation") | [<img src="https://avatars0.githubusercontent.com/u/227080?v=4" width="110px;"/><br /><sub>Moayad Alserihi</sub>](https://github.com/omego)<br />[🌍](#translation-omego "Translation") |
 | [<img src="https://avatars0.githubusercontent.com/u/1680266?v=4" width="110px;"/><br /><sub>saymd</sub>](https://github.com/saymd)<br />[🌍](#translation-saymd "Translation") | [<img src="https://avatars0.githubusercontent.com/u/1826808?v=4" width="110px;"/><br /><sub>Patrik Larsson</sub>](https://nordsken.se)<br />[🌍](#translation-pooot "Translation") | [<img src="https://avatars1.githubusercontent.com/u/20584746?v=4" width="110px;"/><br /><sub>drcryo</sub>](https://github.com/drcryo)<br />[🌍](#translation-drcryo "Translation") | [<img src="https://avatars1.githubusercontent.com/u/19408004?v=4" width="110px;"/><br /><sub>pawel1615</sub>](https://github.com/pawel1615)<br />[🌍](#translation-pawel1615 "Translation") | [<img src="https://avatars2.githubusercontent.com/u/23340468?v=4" width="110px;"/><br /><sub>bodrovics</sub>](https://github.com/bodrovics)<br />[🌍](#translation-bodrovics "Translation") | [<img src="https://avatars0.githubusercontent.com/u/3257654?v=4" width="110px;"/><br /><sub>priatna</sub>](https://github.com/priatna)<br />[🌍](#translation-priatna "Translation") | [<img src="https://avatars1.githubusercontent.com/u/5358374?v=4" width="110px;"/><br /><sub>Fan Jiang</sub>](https://amayume.net)<br />[🌍](#translation-ProfFan "Translation") |
 | [<img src="https://avatars1.githubusercontent.com/u/22555451?v=4" width="110px;"/><br /><sub>ragnarcx</sub>](https://github.com/ragnarcx)<br />[🌍](#translation-ragnarcx "Translation") | [<img src="https://avatars2.githubusercontent.com/u/18654582?v=4" width="110px;"/><br /><sub>Rein van Haaren</sub>](http://www.reinvanhaaren.nl/)<br />[🌍](#translation-reinvanhaaren "Translation") | [<img src="https://avatars1.githubusercontent.com/u/386672?v=4" width="110px;"/><br /><sub>Teguh Dwicaksana</sub>](http://dheche.songolimo.net)<br />[🌍](#translation-dheche "Translation") | [<img src="https://avatars2.githubusercontent.com/u/2572552?v=4" width="110px;"/><br /><sub>fraccie</sub>](https://github.com/FRaccie)<br />[🌍](#translation-FRaccie "Translation") | [<img src="https://avatars0.githubusercontent.com/u/35182720?v=4" width="110px;"/><br /><sub>vinzruzell</sub>](https://github.com/vinzruzell)<br />[🌍](#translation-vinzruzell "Translation") | [<img src="https://avatars1.githubusercontent.com/u/7883603?v=4" width="110px;"/><br /><sub>Kevin Austin</sub>](http://kevinaustin.com)<br />[🌍](#translation-vipsystem "Translation") | [<img src="https://avatars3.githubusercontent.com/u/3861828?v=4" width="110px;"/><br /><sub>Wira Sandy</sub>](http://azuraweb.xyz)<br />[🌍](#translation-wira-sandy "Translation") |
-| [<img src="https://avatars2.githubusercontent.com/u/8663789?v=4" width="110px;"/><br /><sub>Илья</sub>](https://github.com/GrayHoax)<br />[🌍](#translation-GrayHoax "Translation") | [<img src="https://avatars3.githubusercontent.com/u/30119111?v=4" width="110px;"/><br /><sub>GodUseVPN</sub>](https://github.com/godusevpn)<br />[🌍](#translation-godusevpn "Translation") | [<img src="https://avatars1.githubusercontent.com/u/745576?v=4" width="110px;"/><br /><sub>周周</sub>](https://github.com/EngrZhou)<br />[🌍](#translation-EngrZhou "Translation") | [<img src="https://avatars3.githubusercontent.com/u/1631095?v=4" width="110px;"/><br /><sub>Sam</sub>](https://github.com/takuy)<br />[💻](https://github.com/snipe/snipe-it/commits?author=takuy "Code") | [<img src="https://avatars1.githubusercontent.com/u/264022?v=4" width="110px;"/><br /><sub>Azerothian</sub>](https://www.illisian.com.au)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Azerothian "Code") |
+| [<img src="https://avatars2.githubusercontent.com/u/8663789?v=4" width="110px;"/><br /><sub>Илья</sub>](https://github.com/GrayHoax)<br />[🌍](#translation-GrayHoax "Translation") | [<img src="https://avatars3.githubusercontent.com/u/30119111?v=4" width="110px;"/><br /><sub>GodUseVPN</sub>](https://github.com/godusevpn)<br />[🌍](#translation-godusevpn "Translation") | [<img src="https://avatars1.githubusercontent.com/u/745576?v=4" width="110px;"/><br /><sub>周周</sub>](https://github.com/EngrZhou)<br />[🌍](#translation-EngrZhou "Translation") | [<img src="https://avatars3.githubusercontent.com/u/1631095?v=4" width="110px;"/><br /><sub>Sam</sub>](https://github.com/takuy)<br />[💻](https://github.com/snipe/snipe-it/commits?author=takuy "Code") | [<img src="https://avatars1.githubusercontent.com/u/264022?v=4" width="110px;"/><br /><sub>Azerothian</sub>](https://www.illisian.com.au)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Azerothian "Code") | [<img src="https://avatars1.githubusercontent.com/u/7632599?v=4" width="110px;"/><br /><sub>Tim Farmer</sub>](https://github.com/timothyfarmer)<br />[💻](https://github.com/snipe/snipe-it/commits?author=timothyfarmer "Code") |
 <!-- ALL-CONTRIBUTORS-LIST:END -->

 This project follows the [all-contributors](https://github.com/kentcdodds/all-contributors) specification. Contributions of any kind welcome!
@@ -61,7 +61,7 @@ class LdapSync extends Command
                $json_summary = [ "error" => true, "error_message" => $e->getMessage(), "summary" => [] ];
                $this->info(json_encode($json_summary));
            }
-            LOG::error($e);
+            LOG::info($e);
            return [];
        }

@@ -80,7 +80,7 @@ class LdapSync extends Command
                $json_summary = [ "error" => true, "error_message" => $e->getMessage(), "summary" => [] ];
                $this->info(json_encode($json_summary));
            }
-            LOG::error($e);
+            LOG::info($e);
            return [];
        }

@@ -128,15 +128,21 @@ class LdapSync extends Command
                $location_users = Ldap::findLdapUsers($ldap_loc["ldap_ou"]);
                $usernames = array();
                for ($i = 0; $i < $location_users["count"]; $i++) {
-                    $location_users[$i]["ldap_location_override"] = true;
-                    $location_users[$i]["location_id"] = $ldap_loc["id"];
-                    $usernames[] = $location_users[$i][$ldap_result_username][0];
+
+                    if (array_key_exists($ldap_result_username, $location_users[$i])) {
+                        $location_users[$i]["ldap_location_override"] = true;
+                        $location_users[$i]["location_id"] = $ldap_loc["id"];
+                        $usernames[] = $location_users[$i][$ldap_result_username][0];
+                    }
+
                }

                // Delete located users from the general group.
                foreach ($results as $key => $generic_entry) {
-                    if (in_array($generic_entry[$ldap_result_username][0], $usernames)) {
-                        unset($results[$key]);
+                   if ((is_array($generic_entry)) && (array_key_exists($ldap_result_username, $generic_entry))) {
+                        if (in_array($generic_entry[$ldap_result_username][0], $usernames)) {
+                            unset($results[$key]);
+                        }
                    }
                }

@@ -162,11 +168,15 @@ class LdapSync extends Command
                $item["ldap_location_override"] = isset($results[$i]["ldap_location_override"]) ? $results[$i]["ldap_location_override"]:"";
                $item["location_id"] = isset($results[$i]["location_id"]) ? $results[$i]["location_id"]:"";

+
+                // This is active directory, not regular LDAP
                if ( array_key_exists('useraccountcontrol', $results[$i]) ) {
                    $enabled_accounts = [
                        '512', '544', '66048', '66080', '262656', '262688', '328192', '328224'
                    ];
                    $item['activated'] = ( in_array($results[$i]['useraccountcontrol'][0], $enabled_accounts) ) ? 1 : 0;
+
+                // Fall through to LDAP
                } else {
                    $item['activated'] = 0;
                }
@@ -74,6 +74,7 @@ class ObjectImportCommand extends Command
        $importer->setCallbacks([$this, 'log'], [$this, 'progress'], [$this, 'errorCallback'])
                 ->setUserId($this->option('user_id'))
                 ->setUpdating($this->option('update'))
+                 ->setShouldNotify($this->option('send-welcome'))
                 ->setUsernameFormat($this->option('username_format'));

        $logFile = $this->option('logfile');
@@ -172,6 +173,7 @@ class ObjectImportCommand extends Command
        array('web-importer', null, InputOption::VALUE_NONE, 'Internal: packages output for use with the web importer'),
        array('user_id', null, InputOption::VALUE_REQUIRED, 'ID of user creating items', 1),
        array('update', null, InputOption::VALUE_NONE, 'If a matching item is found, update item information'),
+        array('send-welcome', null, InputOption::VALUE_NONE, 'Whether to send a welcome email to any new users that are created.'),
        );

    }
@@ -79,6 +79,7 @@ class PaveIt extends Command
                DB::statement('delete from accessories_users');
                DB::statement('delete from asset_logs');
                DB::statement('delete from asset_maintenances');
+                DB::statement('delete from login_attempts');
                DB::statement('delete from asset_uploads');
                DB::statement('delete from action_logs');
                DB::statement('delete from checkout_requests');
@@ -63,6 +63,8 @@ class ResetDemoSettings extends Command
        $settings->time_display_format = 'g:iA';
        $settings->thumbnail_max_h = '30';
        $settings->locale = 'en';
+        $settings->version_footer = 'on';
+        $settings->support_footer = 'on';
        $settings->save();

        if ($user = User::where('username', '=', 'admin')->first()) {
@@ -0,0 +1,120 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+use App\Models\User;
+use App\Models\Actionlog;
+use App\Models\Asset;
+use App\Models\Consumable;
+use App\Models\Accessory;
+use App\Models\LicenseSeat;
+use App\Models\License;
+use DB;
+use Artisan;
+
+class RestoreDeletedUsers extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:restore-users {--start_date=} {--end_date=}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Restore users, and any associated assets and license checkouts.';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+
+        $start_date = $this->option('start_date');
+        $end_date = $this->option('end_date');
+        $asset_totals = 0;
+        $license_totals = 0;
+        $user_count = 0;
+
+
+        if (($start_date=='') || ($end_date=='')) {
+            $this->info('ERROR: All fields are required.');
+            return false;
+        }
+
+        $users = User::whereBetween('deleted_at', [$start_date, $end_date])->withTrashed()->get();
+        $this->info('There are '.$users->count().' users deleted between '.$start_date.' and '.$end_date);
+        $this->warn('Making a backup!');
+        Artisan::call('backup:run');
+
+        foreach ($users as $user) {
+            $user_count++;
+            $user_logs = Actionlog::where('target_id', $user->id)->where('target_type',User::class)
+                ->where('action_type','checkout')->with('item')->get();
+
+            $this->info($user_count.'. '.$user->username.' ('.$user->id.') was deleted at '.$user->deleted_at. ' and has '.$user_logs->count().' checkouts associated.');
+
+            foreach ($user_logs as $user_log) {
+                $this->info('  * '.$user_log->item_type.': '.$user_log->item->name.' - item_id: '.$user_log->item_id);
+
+                if ($user_log->item_type==Asset::class) {
+                    $asset_totals++;
+
+                    DB::table('assets')
+                        ->where('id', $user_log->item_id)
+                        ->update(['assigned_to' => $user->id, 'assigned_type'=> User::class]);
+
+                    $this->info('      ** Asset '.$user_log->item->id.' ('.$user_log->item->asset_tag.') restored to user '.$user->id.'');
+
+                } elseif ($user_log->item_type==License::class) {
+                    $license_totals++;
+
+                    $avail_seat = DB::table('license_seats')->where('license_id','=',$user_log->item->id)
+                        ->whereNull('assigned_to')->whereNull('asset_id')->whereBetween('updated_at', [$start_date, $end_date])->first();
+                    if ($avail_seat) {
+                        $this->info('      ** Allocating seat '.$avail_seat->id.' for this License');
+
+                        DB::table('license_seats')
+                            ->where('id', $avail_seat->id)
+                            ->update(['assigned_to' => $user->id]);
+
+                    } else {
+                        $this->warn('ERROR: No available seats for '.$user_log->item->name);
+                    }
+
+                }
+
+            }
+
+            $this->warn('Restoring user '.$user->username.'!');
+            $user->restore();
+
+
+        }
+
+        $this->info($asset_totals.' assets affected');
+        $this->info($license_totals.' licenses affected');
+
+
+
+    }
+
+
+}
@@ -57,12 +57,12 @@ class SendExpectedCheckinAlerts extends Command
            }
        }

-
-        // Send a rollup to the admin, if settings dictate
-        $recipient = new \App\Models\Recipients\AlertRecipient();
-
-        if (($assets) && ($assets->count() > 0) && ($settings->alert_email!='')) {
-            $recipient->notify(new ExpectedCheckinAdminNotification($assets));
+        if (($assets) && ($assets->count() > 0) && ($settings->alert_email != '')) {
+            // Send a rollup to the admin, if settings dictate
+            $recipients = collect(explode(',', $settings->alert_email))->map(function ($item, $key) {
+                return new \App\Models\Recipients\AlertRecipient($item);
+            });
+            \Notification::send($recipients, new ExpectedCheckinAdminNotification($assets));
        }


@@ -50,26 +50,28 @@ class SendExpirationAlerts extends Command
        $threshold = $settings->alert_interval;


-        // Expiring Assets
-        $assets = Asset::getExpiringWarrantee(Setting::getSettings()->alert_interval);
-        $this->info(trans_choice('mail.assets_warrantee_alert', $assets->count(), ['count'=>$assets->count(), 'threshold' => $threshold]));
+        if (($settings->alert_email != '') && ($settings->alerts_enabled == 1)) {

-        // Expiring licenses
-        $licenses = License::getExpiringLicenses($threshold);
-
-        $this->info(trans_choice('mail.license_expiring_alert', $licenses->count(), ['count'=>$licenses->count(), 'threshold' => $threshold]));
-
-        $recipient = new \App\Models\Recipients\AlertRecipient();
-
-        if ((Setting::getSettings()->alert_email!='')  && ($settings->alerts_enabled==1)) {
+            // Send a rollup to the admin, if settings dictate
+            $recipients = collect(explode(',', $settings->alert_email))->map(function ($item, $key) {
+                return new \App\Models\Recipients\AlertRecipient($item);
+            });

+            // Expiring Assets
+            $assets = Asset::getExpiringWarrantee(Setting::getSettings()->alert_interval);
            if ($assets->count() > 0) {
-                // Send a rollup to the admin, if settings dictate
-                $recipient->notify(new ExpiringAssetsNotification($assets, $threshold));
+                $this->info(trans_choice('mail.assets_warrantee_alert', $assets->count(),
+                    ['count' => $assets->count(), 'threshold' => $threshold]));
+                \Notification::send($recipients, new ExpiringAssetsNotification($assets, $threshold));
            }

+            // Expiring licenses
+            $licenses = License::getExpiringLicenses($threshold);
+
+
            if ($licenses->count() > 0) {
-                $recipient->notify(new ExpiringLicenseNotification($licenses, $threshold));
+                $this->info(trans_choice('mail.license_expiring_alert', $licenses->count(), ['count' => $licenses->count(), 'threshold' => $threshold]));
+                \Notification::send($recipients, new ExpiringLicenseNotification($licenses, $threshold));
            }


@@ -50,13 +50,14 @@ class SendInventoryAlerts extends Command
            $items = Helper::checkLowInventory();

            // Send a rollup to the admin, if settings dictate
-            $recipient = new \App\Models\Recipients\AlertRecipient();

-            if (($items) && (count($items) > 0) && ($settings->alert_email!='')) {
-
-                $this->info( trans_choice('mail.low_inventory_alert',count($items)) );
-
-                $recipient->notify(new InventoryAlert($items, $settings->alert_threshold));
+            if (($items) && (count($items) > 0)) {
+                $this->info(trans_choice('mail.low_inventory_alert', count($items)));
+                // Send a rollup to the admin, if settings dictate
+                $recipients = collect(explode(',', $settings->alert_email))->map(function ($item, $key) {
+                    return new \App\Models\Recipients\AlertRecipient($item);
+                });
+                \Notification::send($recipients, new InventoryAlert($items, $settings->alert_threshold));
            }

        } else {
@@ -30,6 +30,7 @@ class Kernel extends ConsoleKernel
        Commands\SyncAssetLocations::class,
        Commands\RegenerateAssetTags::class,
        Commands\SyncAssetCounters::class,
+        Commands\RestoreDeletedUsers::class,
    ];

    /**
@@ -46,7 +46,7 @@ class AccessoriesController extends Controller
            $accessories->where('supplier_id','=',$request->input('supplier_id'));
        }

-        $offset = $request->input('offset', 0);
+        $offset = (($accessories) && (request('offset') > $accessories->count())) ? 0 : request('offset', 0);
        $limit = $request->input('limit', 50);
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
@@ -44,7 +44,7 @@ class AssetMaintenancesController extends Controller
            $maintenances->where('asset_id', '=', $request->input('asset_id'));
        }

-        $offset = request('offset', 0);
+        $offset = (($maintenances) && (request('offset') > $maintenances->count())) ? 0 : request('offset', 0);
        $limit = request('limit', 50);

        $allowed_columns = [
@@ -60,7 +60,7 @@ class AssetModelsController extends Controller
            $assetmodels->TextSearch($request->input('search'));
        }

-        $offset = $request->input('offset', 0);
+        $offset = (($assetmodels) && (request('offset') > $assetmodels->count())) ? 0 : request('offset', 0);
        $limit = $request->input('limit', 50);
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'models.created_at';
@@ -179,7 +179,7 @@ class AssetModelsController extends Controller
            try  {
                unlink(public_path().'/uploads/models/'.$assetmodel->image);
            } catch (\Exception $e) {
-                \Log::error($e);
+                \Log::info($e);
            }
        }

@@ -95,7 +95,7 @@ class AssetsController extends Controller

        $assets = Company::scopeCompanyables(Asset::select('assets.*'),"company_id","assets")
            ->with('location', 'assetstatus', 'assetlog', 'company', 'defaultLoc','assignedTo',
-            'model.category', 'model.manufacturer', 'model.fieldset','supplier');
+                'model.category', 'model.manufacturer', 'model.fieldset','supplier');


        // These are used by the API to query against specific ID numbers.
@@ -127,7 +127,7 @@ class AssetsController extends Controller

        if (($request->has('assigned_to')) && ($request->has('assigned_type'))) {
            $assets->where('assets.assigned_to', '=', $request->input('assigned_to'))
-                    ->where('assets.assigned_type', '=', $request->input('assigned_type'));
+                ->where('assets.assigned_type', '=', $request->input('assigned_type'));
        }

        if ($request->has('company_id')) {
@@ -144,7 +144,7 @@ class AssetsController extends Controller

        $request->has('order_number') ? $assets = $assets->where('assets.order_number', '=', e($request->get('order_number'))) : '';

-        $offset = request('offset', 0);
+        $offset = (($assets) && (request('offset') > $assets->count())) ? 0 : request('offset', 0);
        $limit = $request->input('limit', 50);
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';

@@ -167,12 +167,12 @@ class AssetsController extends Controller
                break;
            case 'RTD':
                $assets->whereNull('assets.assigned_to')
-                ->join('status_labels AS status_alias',function ($join) {
-                    $join->on('status_alias.id', "=", "assets.status_id")
-                        ->where('status_alias.deployable','=',1)
-                        ->where('status_alias.pending','=',0)
-                        ->where('status_alias.archived', '=', 0);
-                });
+                    ->join('status_labels AS status_alias',function ($join) {
+                        $join->on('status_alias.id', "=", "assets.status_id")
+                            ->where('status_alias.deployable','=',1)
+                            ->where('status_alias.pending','=',0)
+                            ->where('status_alias.archived', '=', 0);
+                    });
                break;
            case 'Undeployable':
                $assets->Undeployable();
@@ -188,11 +188,11 @@ class AssetsController extends Controller
            case 'Requestable':
                $assets->where('assets.requestable', '=', 1)
                    ->join('status_labels AS status_alias',function ($join) {
-                    $join->on('status_alias.id', "=", "assets.status_id")
-                        ->where('status_alias.deployable','=',1)
-                        ->where('status_alias.pending','=',0)
-                        ->where('status_alias.archived', '=', 0);
-                });
+                        $join->on('status_alias.id', "=", "assets.status_id")
+                            ->where('status_alias.deployable','=',1)
+                            ->where('status_alias.pending','=',0)
+                            ->where('status_alias.archived', '=', 0);
+                    });

                break;
            case 'Deployed':
@@ -207,8 +207,8 @@ class AssetsController extends Controller
                        $join->on('status_alias.id', "=", "assets.status_id")
                            ->where('status_alias.archived', '=', 0);
                    });
-                    
-                // If there is a status ID, don't take show_archived_in_list into consideration
+
+                    // If there is a status ID, don't take show_archived_in_list into consideration
                } else {
                    $assets->join('status_labels AS status_alias',function ($join) {
                        $join->on('status_alias.id', "=", "assets.status_id");
@@ -233,8 +233,8 @@ class AssetsController extends Controller
        // This handles all of the pivot sorting (versus the assets.* fields
        // in the allowed_columns array)
        $column_sort = in_array($sort_override, $allowed_columns) ? $sort_override : 'assets.created_at';
-        
-        
+
+
        switch ($sort_override) {
            case 'model':
                $assets->OrderModels($order);
@@ -291,7 +291,7 @@ class AssetsController extends Controller
            $this->authorize('view', $asset);
            return (new AssetsTransformer)->transformAsset($asset);
        }
-        return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 404);
+        return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 200);

    }

@@ -305,17 +305,18 @@ class AssetsController extends Controller
     */
    public function showBySerial($serial)
    {
+        $this->authorize('index', Asset::class);
        if ($assets = Asset::with('assetstatus')->with('assignedTo')
            ->withTrashed()->where('serial',$serial)->get()) {
-                $this->authorize('view', $assets);
-                return (new AssetsTransformer)->transformAssets($assets, $assets->count());
+
+            return (new AssetsTransformer)->transformAssets($assets, $assets->count());
        }
-        return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 404);
+        return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 200);

    }


-     /**
+    /**
     * Returns JSON with information about an asset for detail view.
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
@@ -353,7 +354,7 @@ class AssetsController extends Controller
            'assets.assigned_to',
            'assets.assigned_type',
            'assets.status_id'
-            ])->with('model', 'assetstatus', 'assignedTo')->NotArchived());
+        ])->with('model', 'assetstatus', 'assignedTo')->NotArchived(),'company_id', 'assets');

        if ($request->has('assetStatusType') && $request->input('assetStatusType') === 'RTD') {
            $assets = $assets->RTD();
@@ -378,7 +379,7 @@ class AssetsController extends Controller
                $asset->use_text .= ' → '.$asset->assigned->getFullNameAttribute();
            }

-            
+
            if ($asset->assetstatus->getStatuslabelType()=='pending') {
                $asset->use_text .=  '('.$asset->assetstatus->getStatuslabelType().')';
            }
@@ -468,43 +469,15 @@ class AssetsController extends Controller
        $this->authorize('update', Asset::class);

        if ($asset = Asset::find($id)) {
-            ($request->has('model_id')) ?
-                $asset->model()->associate(AssetModel::find($request->get('model_id'))) : '';
-            ($request->has('name')) ?
-                $asset->name = $request->get('name') : '';
-            ($request->has('serial')) ?
-                $asset->serial = $request->get('serial') : '';
-            ($request->has('model_id')) ?
-                $asset->model_id = $request->get('model_id') : '';
-            ($request->has('order_number')) ?
-                $asset->order_number = $request->get('order_number') : '';
-            ($request->has('notes')) ?
-                $asset->notes = $request->get('notes') : '';
-            ($request->has('asset_tag')) ?
-                $asset->asset_tag = $request->get('asset_tag') : '';
-            ($request->has('archived')) ?
-                $asset->archived = $request->get('archived') : '';
-            ($request->has('status_id')) ?
-                $asset->status_id = $request->get('status_id') : '';
-            ($request->has('warranty_months')) ?
-                $asset->warranty_months = $request->get('warranty_months') : '';
-            ($request->has('purchase_cost')) ?
-                $asset->purchase_cost = Helper::ParseFloat($request->get('purchase_cost')) : '';
-            ($request->has('purchase_date')) ?
-                $asset->purchase_date = $request->get('purchase_date') : '';
-            ($request->has('assigned_to')) ?
-                $asset->assigned_to = $request->get('assigned_to') : '';
-            ($request->has('supplier_id')) ?
-                $asset->supplier_id = $request->get('supplier_id') : '';
-            ($request->has('requestable')) ?
-                $asset->requestable = $request->get('requestable') : '';
-            ($request->has('rtd_location_id')) ?
-                $asset->rtd_location_id = $request->get('rtd_location_id') : '';
-            ($request->has('rtd_location_id')) ?
-                $asset->location_id = $request->get('rtd_location_id') : '';
-            ($request->has('company_id')) ?
-                $asset->company_id = Company::getIdForCurrentUser($request->get('company_id')) : '';

+            $asset->fill($request->all());
+
+            ($request->has('model_id')) ?
+                $asset->model()->associate(AssetModel::find($request->get('model_id'))) : null;
+            ($request->has('company_id')) ?
+                $asset->company_id = Company::getIdForCurrentUser($request->get('company_id')) : null;
+            ($request->has('rtd_location_id')) ?
+                $asset->location_id = $request->get('rtd_location_id') : null;

            // Update custom fields
            if (($model = AssetModel::find($asset->model_id)) && (isset($model->fieldset))) {
@@ -519,9 +492,9 @@ class AssetsController extends Controller
            if ($asset->save()) {

                if (($request->has('assigned_user')) && ($target = User::find($request->get('assigned_user')))) {
-                        $location = $target->location_id;
+                    $location = $target->location_id;
                } elseif (($request->has('assigned_asset')) && ($target = Asset::find($request->get('assigned_asset')))) {
-                            $location = $target->location_id;
+                    $location = $target->location_id;
                } elseif (($request->has('assigned_location')) && ($target = Location::find($request->get('assigned_location')))) {
                    $location = $target->id;
                }
@@ -631,7 +604,7 @@ class AssetsController extends Controller
        $expected_checkin = request('expected_checkin', null);
        $note = request('note', null);
        $asset_name = request('name', null);
-        
+
        // Set the location ID to the RTD location id if there is one
        if ($asset->rtd_location_id!='') {
            $asset->location_id = $target->rtd_location_id;
@@ -639,7 +612,7 @@ class AssetsController extends Controller



-        
+

        if ($asset->checkOut($target, Auth::user(), $checkout_at, $expected_checkin, $note, $asset_name, $asset->location_id)) {
            return response()->json(Helper::formatStandardApiResponse('success', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkout.success')));
@@ -30,7 +30,7 @@ class CategoriesController extends Controller
            $categories = $categories->TextSearch($request->input('search'));
        }

-        $offset = $request->input('offset', 0);
+        $offset = (($categories) && (request('offset') > $categories->count())) ? 0 : request('offset', 0);
        $limit = $request->input('limit', 50);
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'assets_count';
@@ -41,7 +41,7 @@ class CompaniesController extends Controller
            $companies->TextSearch($request->input('search'));
        }

-        $offset = $request->input('offset', 0);
+        $offset = (($companies) && (request('offset') > $companies->count())) ? 0 : request('offset', 0);
        $limit = $request->input('limit', 50);
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
@@ -43,7 +43,7 @@ class ComponentsController extends Controller
            $components->where('location_id','=',$request->input('location_id'));
        }

-        $offset = request('offset', 0);
+        $offset = (($components) && (request('offset') > $components->count())) ? 0 : request('offset', 0);
        $limit = request('limit', 50);

        $allowed_columns = ['id','name','min_amt','order_number','serial','purchase_date','purchase_cost','company','category','qty','location','image'];
@@ -35,12 +35,16 @@ class ConsumablesController extends Controller
            $consumables->where('company_id','=',$request->input('company_id'));
        }

+        if ($request->has('category_id')) {
+            $consumables->where('category_id','=',$request->input('category_id'));
+        }
+
        if ($request->has('manufacturer_id')) {
            $consumables->where('manufacturer_id','=',$request->input('manufacturer_id'));
        }


-        $offset = request('offset', 0);
+        $offset = (($consumables) && (request('offset') > $consumables->count())) ? 0 : request('offset', 0);
        $limit = request('limit', 50);
        $allowed_columns = ['id','name','order_number','min_amt','purchase_date','purchase_cost','company','category','model_number', 'item_no', 'manufacturer','location','qty','image'];
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
@@ -39,7 +39,7 @@ class DepartmentsController extends Controller
            $departments = $departments->TextSearch($request->input('search'));
        }

-        $offset = $request->input('offset', 0);
+        $offset = (($departments) && (request('offset') > $departments->count())) ? 0 : request('offset', 0);
        $limit = $request->input('limit', 50);
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
@@ -28,7 +28,7 @@ class DepreciationsController extends Controller
            $depreciations = $depreciations->TextSearch($request->input('search'));
        }

-        $offset = $request->input('offset', 0);
+        $offset = (($depreciations) && (request('offset') > $depreciations->count())) ? 0 : request('offset', 0);
        $limit = $request->input('limit', 50);
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
@@ -28,7 +28,7 @@ class GroupsController extends Controller
            $groups = $groups->TextSearch($request->input('search'));
        }

-        $offset = $request->input('offset', 0);
+        $offset = (($groups) && (request('offset') > $groups->count())) ? 0 : request('offset', 0);
        $limit = $request->input('limit', 50);
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
@@ -25,7 +25,7 @@ class ImportController extends Controller
     */
    public function index()
    {
-        //
+        $this->authorize('import');
        $imports = Import::latest()->get();
        return (new ImportsTransformer)->transformImports($imports);

@@ -39,10 +39,8 @@ class ImportController extends Controller
     */
    public function store()
    {
-        //
-        if (!Company::isCurrentUserAuthorized()) {
-            return redirect()->route('hardware.index')->with('error', trans('general.insufficient_permissions'));
-        } elseif (!config('app.lock_passwords')) {
+        $this->authorize('import');
+        if (!config('app.lock_passwords')) {
            $files = Input::file('files');
            $path = config('app.private_uploads').'/imports';
            $results = [];
@@ -119,7 +117,7 @@ class ImportController extends Controller
     */
    public function process(ItemImportRequest $request, $import_id)
    {
-        $this->authorize('create', Asset::class);
+        $this->authorize('import');
        // Run a backup immediately before processing
        Artisan::call('backup:run');
        $errors = $request->import(Import::find($import_id));
@@ -162,7 +160,7 @@ class ImportController extends Controller
     */
    public function destroy($import_id)
    {
-        $this->authorize('create', Asset::class);
+        $this->authorize('import');
        $import = Import::find($import_id);
        try {
            unlink(config('app.private_uploads').'/imports/'.$import->file_path);
@@ -82,7 +82,7 @@ class LicensesController extends Controller
        }


-        $offset = request('offset', 0);
+        $offset = (($licenses) && (request('offset') > $licenses->count())) ? 0 : request('offset', 0);
        $limit = request('limit', 50);
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';

@@ -51,7 +51,7 @@ class LocationsController extends Controller



-        $offset = $request->input('offset', 0);
+        $offset = (($locations) && (request('offset') > $locations->count())) ? 0 : request('offset', 0);
        $limit = $request->input('limit', 50);
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
@@ -106,7 +106,26 @@ class LocationsController extends Controller
    public function show($id)
    {
        $this->authorize('view', Location::class);
-        $location = Location::findOrFail($id);
+        $location = Location::with('parent', 'manager', 'childLocations')
+            ->select([
+                'locations.id',
+                'locations.name',
+                'locations.address',
+                'locations.address2',
+                'locations.city',
+                'locations.state',
+                'locations.zip',
+                'locations.country',
+                'locations.parent_id',
+                'locations.manager_id',
+                'locations.created_at',
+                'locations.updated_at',
+                'locations.image',
+                'locations.currency'
+            ])
+            ->withCount('assignedAssets')
+            ->withCount('assets')
+            ->withCount('users')->findOrFail($id);
        return (new LocationsTransformer)->transformLocation($location);
    }

@@ -39,7 +39,7 @@ class ManufacturersController extends Controller



-        $offset = request('offset', 0);
+        $offset = (($manufacturers) && (request('offset') > $manufacturers->count())) ? 0 : request('offset', 0);
        $limit = $request->input('limit', 50);
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
@@ -83,7 +83,7 @@ class ManufacturersController extends Controller
    public function show($id)
    {
        $this->authorize('view', Manufacturer::class);
-        $manufacturer = Manufacturer::findOrFail($id);
+        $manufacturer = Manufacturer::withCount('assets')->withCount('licenses')->withCount('consumables')->withCount('accessories')->findOrFail($id);
        return (new ManufacturersTransformer)->transformManufacturer($manufacturer);
    }

@@ -27,15 +27,20 @@ class ProfileController extends Controller


        foreach ($checkoutRequests as $checkoutRequest) {
-            $results['rows'][] = [
-                'image' => $checkoutRequest->itemRequested()->present()->getImageUrl(),
-                'name' => $checkoutRequest->itemRequested()->present()->name(),
-                'type' => $checkoutRequest->itemType(),
-                'qty' => $checkoutRequest->quantity,
-                'location' => ($checkoutRequest->location()) ? $checkoutRequest->location()->name : null,
-                'expected_checkin' => Helper::getFormattedDateObject($checkoutRequest->itemRequested()->expected_checkin, 'datetime'),
-                'request_date' => Helper::getFormattedDateObject($checkoutRequest->created_at, 'datetime'),
-            ];
+
+            // Make sure the asset and request still exist
+            if ($checkoutRequest && $checkoutRequest->itemRequested()) {
+                $results['rows'][] = [
+                    'image' => $checkoutRequest->itemRequested()->present()->getImageUrl(),
+                    'name' => $checkoutRequest->itemRequested()->present()->name(),
+                    'type' => $checkoutRequest->itemType(),
+                    'qty' => $checkoutRequest->quantity,
+                    'location' => ($checkoutRequest->location()) ? $checkoutRequest->location()->name : null,
+                    'expected_checkin' => Helper::getFormattedDateObject($checkoutRequest->itemRequested()->expected_checkin, 'datetime'),
+                    'request_date' => Helper::getFormattedDateObject($checkoutRequest->created_at, 'datetime'),
+                ];
+            }
+
        }
        return $results;
    }
@@ -30,7 +30,7 @@ class StatuslabelsController extends Controller
            $statuslabels = $statuslabels->TextSearch($request->input('search'));
        }

-        $offset = $request->input('offset', 0);
+        $offset = (($statuslabels) && (request('offset') > $statuslabels->count())) ? 0 : request('offset', 0);
        $limit = $request->input('limit', 50);
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
@@ -238,8 +238,7 @@ class StatuslabelsController extends Controller
     */
    public function checkIfDeployable($id) {
        $statuslabel = Statuslabel::findOrFail($id);
-
-        $this->authorize('view', $statuslabel);
+        $this->authorize('view', Asset::class);

        if ($statuslabel->getStatuslabelType()=='deployable') {
            return '1';
@@ -33,7 +33,7 @@ class SuppliersController extends Controller
            $suppliers = $suppliers->TextSearch($request->input('search'));
        }

-        $offset = request('offset', 0);
+        $offset = (($suppliers) && (request('offset') > $suppliers->count())) ? 0 : request('offset', 0);
        $limit = $request->input('limit', 50);
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'created_at';
@@ -12,6 +12,7 @@ use App\Http\Requests\SaveUserRequest;
 use App\Models\Asset;
 use App\Http\Transformers\AssetsTransformer;
 use App\Http\Transformers\SelectlistTransformer;
+use App\Http\Transformers\AccessoriesTransformer;

 class UsersController extends Controller
 {
@@ -51,6 +52,7 @@ class UsersController extends Controller
            'users.phone',
            'users.state',
            'users.two_factor_enrolled',
+            'users.two_factor_optin',
            'users.updated_at',
            'users.username',
            'users.zip',
@@ -85,7 +87,7 @@ class UsersController extends Controller
        }

        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
-        $offset = request('offset', 0);
+        $offset = (($users) && (request('offset') > $users->count())) ? 0 : request('offset', 0);
        $limit = request('limit',  20);

        switch ($request->input('sort')) {
@@ -147,8 +149,7 @@ class UsersController extends Controller
        $users = Company::scopeCompanyables($users);

        if ($request->has('search')) {
-            $users = $users->where('first_name', 'LIKE', '%'.$request->get('search').'%')
-                ->orWhere('last_name', 'LIKE', '%'.$request->get('search').'%')
+            $users = $users->SimpleNameSearch($request->get('search'))
                ->orWhere('username', 'LIKE', '%'.$request->get('search').'%')
                ->orWhere('employee_num', 'LIKE', '%'.$request->get('search').'%');
        }
@@ -200,6 +201,12 @@ class UsersController extends Controller
        $user->password = bcrypt($request->get('password', $tmp_pass));

        if ($user->save()) {
+            if ($request->has('groups')) {
+                $user->groups()->sync($request->input('groups'));
+            } else {
+                $user->groups()->sync(array());
+            }
+            
            return response()->json(Helper::formatStandardApiResponse('success', (new UsersTransformer)->transformUser($user), trans('admin/users/message.success.create')));
        }
        return response()->json(Helper::formatStandardApiResponse('error', null, $user->getErrors()));
@@ -292,10 +299,27 @@ class UsersController extends Controller
    {
        $this->authorize('view', User::class);
        $this->authorize('view', Asset::class);
-        $assets = Asset::where('assigned_to', '=', $id)->with('model')->get();
+        $assets = Asset::where('assigned_to', '=', $id)->where('assigned_type', '=', User::class)->with('model')->get();
        return (new AssetsTransformer)->transformAssets($assets, $assets->count());
    }

+    /**
+     * Return JSON containing a list of accessories assigned to a user.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.6.14]
+     * @param $userId
+     * @return string JSON
+     */
+    public function accessories($id)
+    {
+        $this->authorize('view', User::class);
+        $user = User::findOrFail($id);
+        $this->authorize('view', Accessory::class);
+        $accessories = $user->accessories;
+        return (new AccessoriesTransformer)->transformAccessories($accessories, $accessories->count());
+    }
+
    /**
     * Reset the user's two-factor status
     *
@@ -162,6 +162,9 @@ class AssetMaintenancesController extends Controller
            // Redirect to the improvement management page
            return redirect()->route('maintenances.index')
                           ->with('error', trans('admin/asset_maintenances/message.not_found'));
+        } elseif (!$assetMaintenance->asset) {
+            return redirect()->route('maintenances.index')
+                ->with('error', 'The asset associated with this maintenance does not exist.');
        } elseif (!Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
            return static::getInsufficientPermissionsRedirect();
        }
@@ -209,7 +209,7 @@ class AssetModelsController extends Controller
            try  {
                unlink(app('models_upload_path').$old_image);
            } catch (\Exception $e) {
-                \Log::error($e);
+                \Log::info($e);
            }
        }

@@ -246,7 +246,7 @@ class AssetModelsController extends Controller
            try  {
                unlink(public_path().'/uploads/models/'.$model->image);
            } catch (\Exception $e) {
-                \Log::error($e);
+                \Log::info($e);
            }
        }

@@ -143,7 +143,7 @@ class AssetsController extends Controller
        }

        // Create the image (if one was chosen.)
-        if ($request->hasFile('image')) {
+        if ($request->has('image')) {
            $image = $request->input('image');

            // After modification, the image is prefixed by mime info like the following:
@@ -326,7 +326,7 @@ class AssetsController extends Controller
                unlink(public_path().'/uploads/assets/'.$asset->image);
                $asset->image = '';
            } catch (\Exception $e) {
-                \Log::error($e);
+                \Log::info($e);
            }

        }
@@ -781,7 +781,7 @@ class AssetsController extends Controller
                    $filename = 'audit-'.$asset->id.'-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$extension;
                    $file->move($destinationPath, $filename);
                } catch (\Exception $e) {
-                    \Log::error($e);
+                    \Log::info($e);
                }
            }

@@ -55,7 +55,10 @@ class ForgotPasswordController extends Controller
        // to send the link, we will examine the response then see the message we
        // need to show to the user. Finally, we'll send out a proper response.
        $response = $this->broker()->sendResetLink(
-            $request->only('email')
+            array_merge(
+                $request->only('email'),
+                ['activated' => '1']
+            )
        );

        if ($response === \Password::RESET_LINK_SENT) {
@@ -68,7 +68,7 @@ class LoginController extends Controller
    {
        $remote_user = $request->server('REMOTE_USER');
        if (Setting::getSettings()->login_remote_user_enabled == "1" && isset($remote_user) && !empty($remote_user)) {
-            LOG::debug("Authenticatiing via REMOTE_USER.");
+            Log::debug("Authenticatiing via REMOTE_USER.");

            $pos = strpos($remote_user, '\\');
            if ($pos > 0) {
@@ -77,45 +77,45 @@ class LoginController extends Controller
            
            try {
                $user = User::where('username', '=', $remote_user)->whereNull('deleted_at')->where('activated', '=', '1')->first();
-                LOG::debug("Remote user auth lookup complete");
+                Log::debug("Remote user auth lookup complete");
                if(!is_null($user)) Auth::login($user, true);
            } catch(Exception $e) {
-                LOG::error("There was an error authenticating the Remote user: " . $e->getMessage());
+                Log::debug("There was an error authenticating the Remote user: " . $e->getMessage());
            }
        }
    }

    private function loginViaLdap(Request $request)
    {
-        LOG::debug("Binding user to LDAP.");
+        Log::debug("Binding user to LDAP.");
        $ldap_user = Ldap::findAndBindUserLdap($request->input('username'), $request->input('password'));
        if (!$ldap_user) {
-            LOG::debug("LDAP user ".$request->input('username')." not found in LDAP or could not bind");
+            Log::debug("LDAP user ".$request->input('username')." not found in LDAP or could not bind");
            throw new \Exception("Could not find user in LDAP directory");
        } else {
-            LOG::debug("LDAP user ".$request->input('username')." successfully bound to LDAP");
+            Log::debug("LDAP user ".$request->input('username')." successfully bound to LDAP");
        }

        // Check if the user already exists in the database and was imported via LDAP
        $user = User::where('username', '=', Input::get('username'))->whereNull('deleted_at')->where('ldap_import', '=', 1)->where('activated', '=', '1')->first();
-        LOG::debug("Local auth lookup complete");
+        Log::debug("Local auth lookup complete");

        // The user does not exist in the database. Try to get them from LDAP.
        // If user does not exist and authenticates successfully with LDAP we
        // will create it on the fly and sign in with default permissions
        if (!$user) {
-            LOG::debug("Local user ".Input::get('username')." does not exist");
-            LOG::debug("Creating local user ".Input::get('username'));
+            Log::debug("Local user ".Input::get('username')." does not exist");
+            Log::debug("Creating local user ".Input::get('username'));

            if ($user = Ldap::createUserFromLdap($ldap_user)) { //this handles passwords on its own
-                LOG::debug("Local user created.");
+                Log::debug("Local user created.");
            } else {
-                LOG::debug("Could not create local user.");
+                Log::debug("Could not create local user.");
                throw new \Exception("Could not create local user");
            }
            // If the user exists and they were imported from LDAP already
        } else {
-            LOG::debug("Local user ".$request->input('username')." exists in database. Updating existing user against LDAP.");
+            Log::debug("Local user ".$request->input('username')." exists in database. Updating existing user against LDAP.");

            $ldap_attr = Ldap::parseAndMapLdapAttributes($ldap_user);

@@ -161,7 +161,7 @@ class LoginController extends Controller

        // Should we even check for LDAP users?
        if (Setting::getSettings()->ldap_enabled=='1') {
-            LOG::debug("LDAP is enabled.");
+            Log::debug("LDAP is enabled.");
            try {
                $user = $this->loginViaLdap($request);
                Auth::login($user, true);
@@ -169,13 +169,13 @@ class LoginController extends Controller
            // If the user was unable to login via LDAP, log the error and let them fall through to
            // local authentication.
            } catch (\Exception $e) {
-                LOG::error("There was an error authenticating the LDAP user: ".$e->getMessage());
+                Log::debug("There was an error authenticating the LDAP user: ".$e->getMessage());
            }
        }

        // If the user wasn't authenticated via LDAP, skip to local auth
        if (!$user) {
-            LOG::debug("Authenticating user against database.");
+            Log::debug("Authenticating user against database.");
          // Try to log the user in
            if (!Auth::attempt(['username' => $request->input('username'), 'password' => $request->input('password'), 'activated' => 1], $request->input('remember'))) {

@@ -183,7 +183,7 @@ class LoginController extends Controller
                    $this->incrementLoginAttempts($request);
                }

-                LOG::debug("Local authentication failed.");
+                Log::debug("Local authentication failed.");
                return redirect()->back()->withInput()->with('error', trans('auth/message.account_not_found'));
            } else {

@@ -4,6 +4,8 @@ namespace App\Http\Controllers\Auth;

 use App\Http\Controllers\Controller;
 use Illuminate\Foundation\Auth\ResetsPasswords;
+use App\Models\User;
+use Illuminate\Http\Request;

 class ResetPasswordController extends Controller
 {
@@ -36,4 +38,8 @@ class ResetPasswordController extends Controller
    {
        $this->middleware('guest');
    }
+
+   
+
+
 }
@@ -179,7 +179,7 @@ class CategoriesController extends Controller
            try  {
                unlink(app('categories_upload_path').$old_image);
            } catch (\Exception $e) {
-                \Log::error($e);
+                \Log::info($e);
            }
        }

@@ -31,7 +31,7 @@ final class CompaniesController extends Controller
    {
        $this->authorize('view', Company::class);

-        return view('companies/index')->with('companies', Company::all());
+        return view('companies/index');
    }

    /**
@@ -148,7 +148,7 @@ final class CompaniesController extends Controller
            try  {
                unlink(app('companies_upload_path').$old_image);
            } catch (\Exception $e) {
-                \Log::error($e);
+                \Log::info($e);
            }
        }

@@ -191,7 +191,7 @@ class DepartmentsController extends Controller
            try  {
                unlink(app('departments_upload_path').$old_image);
            } catch (\Exception $e) {
-                \Log::error($e);
+                \Log::info($e);
            }
        }

@@ -34,7 +34,7 @@ class DepreciationsController extends Controller
        $this->authorize('view', Depreciation::class);

        // Show the page
-        return view('depreciations/index', compact('depreciations'));
+        return view('depreciations/index');
    }


@@ -31,7 +31,7 @@ class GroupsController extends Controller
    public function index()
    {
        // Show the page
-        return view('groups/index', compact('groups'));
+        return view('groups/index');
    }

    /**
@@ -72,7 +72,7 @@ class GroupsController extends Controller
        if ($group->save()) {
            return redirect()->route("groups.index")->with('success', trans('admin/groups/message.success.create'));
        }
-        return redirect(route('groups.create'))->withInput()->withErrors($group->getErrors());
+        return redirect()->back()->withInput()->withErrors($group->getErrors());
    }

    /**
@@ -111,7 +111,7 @@ class GroupsController extends Controller
    {
        $permissions = config('permissions');
        if (!$group = Group::find($id)) {
-            return redirect()->route('groups')->with('error', trans('admin/groups/message.group_not_found', compact('id')));
+            return redirect()->route('groups.index')->with('error', trans('admin/groups/message.group_not_found', compact('id')));
        }
        $group->name = e(Input::get('name'));
        $group->permissions = json_encode(Input::get('permission'));
@@ -138,7 +138,7 @@ class GroupsController extends Controller
    {
        if (!config('app.lock_passwords')) {
            if (!$group = Group::find($id)) {
-                return redirect()->route('groups')->with('error', trans('admin/groups/message.group_not_found', compact('id')));
+                return redirect()->route('groups.index')->with('error', trans('admin/groups/message.group_not_found', compact('id')));
            }
            $group->delete();
            // Redirect to the group management page
@@ -12,7 +12,7 @@ class ImportsController extends Controller
 {
    public function index()
    {
-        $this->authorize('create', Asset::class);
+        $this->authorize('import');
        $imports = Import::latest()->get();
        $imports = (new ImportsTransformer)->transformImports($imports);
        return view('importer/import')->with('imports', $imports);
@@ -44,7 +44,7 @@ class LocationsController extends Controller
        $locations = Location::orderBy('created_at', 'DESC')->with('parent', 'assets', 'assignedassets')->get();

        // Show the page
-        return view('locations/index', compact('locations'));
+        return view('locations/index');
    }


@@ -200,7 +200,7 @@ class LocationsController extends Controller
            try  {
                unlink(app('locations_upload_path').$old_image);
            } catch (\Exception $e) {
-                \Log::error($e);
+                \Log::info($e);
            }
        }

@@ -36,7 +36,7 @@ class ManufacturersController extends Controller
    public function index()
    {
        $this->authorize('index', Manufacturer::class);
-        return view('manufacturers/index', compact('manufacturers'));
+        return view('manufacturers/index');
    }


@@ -170,7 +170,7 @@ class ManufacturersController extends Controller
            try  {
                unlink(app('manufacturers_upload_path').$old_image);
            } catch (\Exception $e) {
-                \Log::error($e);
+                \Log::info($e);
            }
        }

@@ -207,7 +207,7 @@ class ManufacturersController extends Controller
            try  {
                unlink(public_path().'/uploads/manufacturers/'.$manufacturer->image);
            } catch (\Exception $e) {
-                \Log::error($e);
+                \Log::info($e);
            }
        }

@@ -125,8 +125,7 @@ class ProfileController extends Controller

        $rules = array(
            'current_password'     => 'required',
-            'password'         => Setting::passwordComplexityRulesSaving('store'),
-            'password_confirm' => 'required|same:password',
+            'password'         => Setting::passwordComplexityRulesSaving('store').'|confirmed',
        );

        $validator = \Validator::make($request->all(), $rules);
@@ -603,8 +603,8 @@ class ReportsController extends Controller


                    if ($request->has('assigned_to')) {
-                        $row[] = ($asset->checkedOutToUser() && $asset->assigned) ? e($asset->assigned->getFullNameAttribute()) : ($asset->assigned ? e($asset->assigned->display_name) : '');
-                        $row[] = ($asset->checkedOutToUser() && $asset->assigned) ? 'user' : e($asset->assignedType());
+                        $row[] = ($asset->checkedOutToUser() && $asset->assigned) ? $asset->assigned->getFullNameAttribute() : ($asset->assigned ? $asset->assigned->display_name : '');
+                        $row[] = ($asset->checkedOutToUser() && $asset->assigned) ? 'user' : $asset->assignedType();
                    }

                    if ($request->has('username')) {
@@ -482,13 +482,12 @@ class SettingsController extends Controller
                $setting->two_factor_enabled = null;
            } else {
                $setting->two_factor_enabled = $request->input('two_factor_enabled');
-
-                # remote user login
-                $setting->login_remote_user_enabled = (int)$request->input('login_remote_user_enabled');
-                $setting->login_common_disabled= (int)$request->input('login_common_disabled');
-                $setting->login_remote_user_custom_logout_url = $request->input('login_remote_user_custom_logout_url');
            }

+            # remote user login
+            $setting->login_remote_user_enabled = (int)$request->input('login_remote_user_enabled');
+            $setting->login_common_disabled = (int)$request->input('login_common_disabled');
+            $setting->login_remote_user_custom_logout_url = $request->input('login_remote_user_custom_logout_url');
        }

        $setting->pwd_secure_uncommon = (int) $request->input('pwd_secure_uncommon');
@@ -33,7 +33,7 @@ class StatuslabelsController extends Controller
    public function index()
    {
        $this->authorize('view', Statuslabel::class);
-        return view('statuslabels.index', compact('statuslabels'));
+        return view('statuslabels.index');
    }

    public function show($id)
@@ -34,10 +34,9 @@ class SuppliersController extends Controller
    {
        // Grab all the suppliers
        $this->authorize('view', Supplier::class);
-        $suppliers = Supplier::orderBy('created_at', 'DESC')->get();

        // Show the page
-        return view('suppliers/index', compact('suppliers'));
+        return view('suppliers/index');
    }


@@ -175,7 +174,7 @@ class SuppliersController extends Controller
            try  {
                unlink(app('suppliers_upload_path').$old_image);
            } catch (\Exception $e) {
-                \Log::error($e);
+                \Log::info($e);
            }
        }

@@ -86,8 +86,11 @@ class UsersController extends Controller
        $userPermissions = Helper::selectedPermissionsArray($permissions, Input::old('permissions', array()));
        $permissions = $this->filterDisplayable($permissions);

+        $user = new User;
+        $user->activated = 1;
+
        return view('users/edit', compact('groups', 'userGroups', 'permissions', 'userPermissions'))
-        ->with('user', new User);
+        ->with('user', $user);
    }

    /**
@@ -256,9 +259,7 @@ class UsersController extends Controller

        // Only save groups if the user is a super user
        if (Auth::user()->isSuperUser()) {
-            if ($request->has('groups')) {
-                $user->groups()->sync($request->input('groups'));
-            }
+            $user->groups()->sync($request->input('groups'));
        }


@@ -981,7 +982,7 @@ class UsersController extends Controller
     */
    public function printInventory($id)
    {
-
+        $this->authorize('view', User::class);
        $show_user = User::where('id',$id)->withTrashed()->first();
        $assets = Asset::where('assigned_to', $id)->where('assigned_type', User::class)->with('model', 'model.category')->get();
        $licenses = $show_user->licenses()->get();
@@ -73,7 +73,7 @@ class ViewAssetsController extends Controller
        $assets = Asset::with('model', 'defaultLoc', 'location', 'assignedTo', 'requests')->Hardware()->RequestableAssets()->get();
        $models = AssetModel::with('category', 'requests', 'assets')->RequestableModels()->get();

-        return view('account/requestable-assets', compact('user', 'assets', 'models'));
+        return view('account/requestable-assets', compact('assets', 'models'));
    }


@@ -25,7 +25,7 @@ class Kernel extends HttpKernel
        \Fideloper\Proxy\TrustProxies::class,
        \App\Http\Middleware\CheckForSetup::class,
        \App\Http\Middleware\CheckForDebug::class,
-       // \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
+        \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
    ];

    /**
@@ -43,6 +43,20 @@ class ItemImportRequest extends FormRequest
        $import->save();
        $fieldMappings=[];
        if ($import->field_map) {
+
+            // This checks to make sure the field header has been mapped.
+            // If it hasn't been, it will throw an array_flip error
+            foreach ($import->field_map as $field => $fieldValue) {
+                $errorMessage = null;
+
+                if(is_null($fieldValue)){
+                    $errorMessage = 'All import fields must be mapped.';
+                    $this->errorCallback($import, $field, $errorMessage);
+
+                    return $this->errors;
+                }
+            }
+
            // We submit as csv field: column, but the importer is happier if we flip it here.
            $fieldMappings = array_change_key_case(array_flip($import->field_map), CASE_LOWER);
                        // dd($fieldMappings);
@@ -50,6 +64,7 @@ class ItemImportRequest extends FormRequest
        $importer->setCallbacks([$this, 'log'], [$this, 'progress'], [$this, 'errorCallback'])
                 ->setUserId(Auth::id())
                 ->setUpdating($this->has('import-update'))
+                 ->setShouldNotify($this->has('send-welcome'))
                 ->setUsernameFormat('firstname.lastname')
                 ->setFieldMappings($fieldMappings);
        // $logFile = storage_path('logs/importer.log');
@@ -60,7 +75,7 @@ class ItemImportRequest extends FormRequest

    public function log($string)
    {
-        // \Log::Info($string);
+         \Log::Info($string);
    }

    public function progress($count)
@@ -37,7 +37,7 @@ class SaveUserRequest extends Request
                $rules['username'] = 'required_unless:ldap_import,1|string|min:1';
                if ($this->request->get('ldap_import') == false)
                {
-                    $rules['password'] = Setting::passwordComplexityRulesSaving('store');
+                    $rules['password'] = Setting::passwordComplexityRulesSaving('store').'|confirmed';
                }
                break;
            }
@@ -46,7 +46,7 @@ class SaveUserRequest extends Request
            case 'PUT':
                $rules['first_name'] = 'required|string|min:1';
                $rules['username'] = 'required_unless:ldap_import,1|string|min:1';
-                $rules['password'] = Setting::passwordComplexityRulesSaving('update');
+                $rules['password'] = Setting::passwordComplexityRulesSaving('update').'|confirmed';
                break;

            // Save only what's passed
@@ -58,9 +58,7 @@ class SaveUserRequest extends Request

            default:break;
        }
-
-        $rules['password_confirm'] = 'sometimes|required_with:password';
-
+        
        return $rules;

    }
@@ -29,8 +29,7 @@ class SetupUserRequest extends Request
          'last_name' => 'required|string|min:1',
          'username' => 'required|string|min:2|unique:users,username,NULL,deleted_at',
          'email' => 'email|unique:users,email',
-          'password' => 'required|min:6',
-          'password_confirm' => 'required|min:6|same:password',
+          'password' => 'required|min:6|confirmed',
          'email_domain' => 'required|min:4',
        ];
    }
@@ -26,6 +26,18 @@ class ActionlogsTransformer
        if ($actionlog->filename!='') {
            $icon =  e(\App\Helpers\Helper::filetype_icon($actionlog->filename));
        }
+
+        // This is necessary since we can't escape special characters within a JSON object
+        if (($actionlog->log_meta) && ($actionlog->log_meta!='')) {
+            $meta_array = json_decode($actionlog->log_meta);
+            foreach ($meta_array as $key => $value) {
+                foreach ($value as $meta_key => $meta_value) {
+                    $clean_meta[$key][$meta_key] = e($meta_value);
+                }
+            }
+        }
+
+
        $array = [
            'id'          => (int) $actionlog->id,
            'icon'          => $icon,
@@ -64,7 +76,7 @@ class ActionlogsTransformer

            'note'          => ($actionlog->note) ? e($actionlog->note): null,
            'signature_file'   => ($actionlog->accept_signature) ? route('log.signature.view', ['filename' => $actionlog->accept_signature ]) : null,
-            'log_meta'          => ($actionlog->log_meta) ? json_decode($actionlog->log_meta): null,
+            'log_meta'          => ((isset($clean_meta)) && (is_array($clean_meta))) ? $clean_meta: null,


        ];
@@ -27,6 +27,11 @@ class AssetMaintenancesTransformer
                'name'=> ($assetmaintenance->asset->name) ? e($assetmaintenance->asset->name) : null,
                'asset_tag'=> e($assetmaintenance->asset->asset_tag)

+            ]  : null,
+            'company' => (($assetmaintenance->asset) && ($assetmaintenance->asset->company)) ? [
+                'id' => (int) $assetmaintenance->asset->company->id,
+                'name'=> ($assetmaintenance->asset->company->name) ? e($assetmaintenance->asset->company->name) : null,
+
            ]  : null,
            'title'         => ($assetmaintenance->title) ? e($assetmaintenance->title) : null,
            'location' => (($assetmaintenance->asset) && ($assetmaintenance->asset->location)) ? [
@@ -24,7 +24,7 @@ class UsersTransformer
        $array = [
                'id' => (int) $user->id,
                'avatar' => e($user->present()->gravatar),
-                'name' => e($user->first_name).' '.($user->last_name),
+                'name' => e($user->first_name).' '.e($user->last_name),
                'first_name' => e($user->first_name),
                'last_name' => e($user->last_name),
                'username' => e($user->username),
@@ -53,6 +53,8 @@ class UsersTransformer
                'permissions' => $user->decodePermissions(),
                'activated' => ($user->activated =='1') ? true : false,
                'two_factor_activated' => ($user->two_factor_active()) ? true : false,
+                'two_factor_enrolled' => ($user->two_factor_active_and_enrolled()) ? true : false,
+
                'assets_count' => (int) $user->assets_count,
                'licenses_count' => (int) $user->licenses_count,
                'accessories_count' => (int) $user->accessories_count,
@@ -4,6 +4,7 @@ namespace App\Importer;
 use App\Models\CustomField;
 use App\Models\Setting;
 use App\Models\User;
+use App\Models\Department;
 use ForceUTF8\Encoding;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Support\Facades\Auth;
@@ -29,6 +30,7 @@ abstract class Importer
     */
    private $defaultFieldMap = [
        'asset_tag' => 'asset tag',
+        'activated' => 'activated',
        'category' => 'category',
        'checkout_class' => 'checkout type', // Supports Location or User for assets.  Using checkout_class instead of checkout_type because type exists on asset already.
        'checkout_location' => 'checkout location',
@@ -66,6 +68,9 @@ abstract class Importer
        'phone_number' => 'phone number',
        'first_name' => 'first name',
        'last_name' => 'last name',
+        'department' => 'department',
+        'manager_first_name' => 'manager first name',
+        'manager_last_name' => 'manager last name',
    ];
    /**
     * Map of item fields->csv names
@@ -176,10 +181,9 @@ abstract class Importer
    {

        $val = $default;
-
        $key = $this->lookupCustomKey($key);

-        $this->log("Custom Key: ${key}");
+        // $this->log("Custom Key: ${key}");
        if (array_key_exists($key, $array)) {
            $val = Encoding::toUTF8(trim($array[ $key ]));
        }
@@ -198,7 +202,6 @@ abstract class Importer
    public function lookupCustomKey($key)
    {
        if (array_key_exists($key, $this->fieldMap)) {
-            // $this->log("Found a match in our custom map: {$key} is " . $this->fieldMap[$key]);
            return $this->fieldMap[$key];
        }
        // Otherwise no custom key, return original.
@@ -248,7 +251,10 @@ abstract class Importer
    }

    /**
-     * Finds the user matching given data, or creates a new one if there is no match
+     * Finds the user matching given data, or creates a new one if there is no match.
+     * This is NOT used by the User Import, only for Asset/Accessory/etc where
+     * there are users listed and we have to create them and associate them at
+     * the same time. [ALG]
     *
     * @author Daniel Melzter
     * @since 3.0
@@ -261,8 +267,13 @@ abstract class Importer
        $user_array = [
            'full_name' => $this->findCsvMatch($row, "full_name"),
            'email'     => $this->findCsvMatch($row, "email"),
-            'username'  => $this->findCsvMatch($row, "username")
+            'manager_id'=>  '',
+            'department_id' =>  '',
+            'username'  => $this->findCsvMatch($row, "username"),
+            'activated'  => $this->fetchHumanBoolean($this->findCsvMatch($row, 'activated')),
        ];
+        \Log::debug('Importer.php Activated: '.$this->findCsvMatch($row, 'activated'));
+
        // If the full name is empty, bail out--we need this to extract first name (at the very least)
        if(empty($user_array['full_name'])) {
            $this->log('Insufficient user data provided (Full name is required)- skipping user creation, just adding asset');
@@ -283,6 +294,7 @@ abstract class Importer
        $user_formatted_array = User::generateFormattedNameFromFullName(Setting::getSettings()->username_format, $user_array['full_name']);
        $user_array['first_name'] = $user_formatted_array['first_name'];
        $user_array['last_name'] = $user_formatted_array['last_name'];
+
        if (empty($user_array['username'])) {
            $user_array['username'] = $user_formatted_array['username'];
            if ($this->usernameFormat =='email') {
@@ -290,8 +302,9 @@ abstract class Importer
            }
        }

+        // Does this ever actually fire??
        // Check for a matching user after trying to guess username.
-        if($user = User::where('username', $user_array['username'])->first()) {
+        if ($user = User::where('username', $user_array['username'])->first()) {
            $this->log('User '.$user_array['username'].' already exists');
            return $user;
        }
@@ -307,10 +320,15 @@ abstract class Importer
        $user->last_name = $user_array['last_name'];
        $user->username = $user_array['username'];
        $user->email = $user_array['email'];
-        $user->activated = 1;
+        $user->manager_id = (isset($user_array['manager_id']) ? $user_array['manager_id'] : null);
+        $user->department_id = (isset($user_array['department_id']) ? $user_array['department_id']:  null);
+        $user->activated = $user_array['activated'];
        $user->password = $this->tempPassword;

+        \Log::debug('Creating a user with the following attributes: '.print_r($user_array, true));
+
        if ($user->save()) {
+            \Log::debug('Importer.php  Name: '.$user->first_name.' '.$user->last_name.' ('.$user->username.')');
            $this->log('User '.$user_array['username'].' created');
            return $user;
        }
@@ -360,6 +378,20 @@ abstract class Importer
        return $this;
    }

+    /**
+     * Sets the Are we updating items in the import.
+     *
+     * @param bool $updating the updating
+     *
+     * @return self
+     */
+    public function setShouldNotify($send_welcome)
+    {
+        $this->send_welcome = $send_welcome;
+
+        return $this;
+    }
+
    /**
     * Defines mappings of csv fields
     *
@@ -407,4 +439,64 @@ abstract class Importer

        return $this;
    }
+
+    public function fetchHumanBoolean($value)
+    {
+        if (($value =='1') || (strtolower($value) =='true') || (strtolower($value) =='yes'))
+        {
+            return '1';
+        }
+        return '0';
+    }
+
+    /**
+     * Fetch an existing department, or create new if it doesn't exist
+     *
+     * @author A. Gianotto
+     * @since 4.6.5
+     * @param $user_department string
+     * @return int id of company created/found
+     */
+    public function createOrFetchDepartment($user_department_name)
+    {
+        if ($user_department_name!='') {
+            $department = Department::where('name', '=', $user_department_name)->first();
+
+            if ($department) {
+                $this->log('A matching Department ' . $user_department_name . ' already exists');
+                return $department->id;
+            }
+
+            $department = new Department();
+            $department->name = $user_department_name;
+
+            if ($department->save()) {
+                $this->log('Department ' . $user_department_name . ' was created');
+                return $department->id;
+            }
+            $this->logError($department, 'Department');
+        }
+
+        return null;
+    }
+
+    /**
+     * Fetch an existing manager
+     *
+     * @author A. Gianotto
+     * @since 4.6.5
+     * @param $user_manager string
+     * @return int id of company created/found
+     */
+    public function fetchManager($user_manager_first_name, $user_manager_last_name)
+    {
+        $manager = User::where('first_name', '=', $user_manager_first_name)
+            ->where('last_name', '=', $user_manager_last_name)->first();
+        if ($manager) {
+            $this->log('A matching Manager ' . $user_manager_first_name . ' '. $user_manager_last_name . ' already exists');
+            return $manager->id;
+        }
+        $this->log('No matching Manager ' . $user_manager_first_name . ' '. $user_manager_last_name . ' found. If their user account is being created through this import, you should re-process this file again. ');
+        return null;
+    }
 }
@@ -10,6 +10,7 @@ use App\Models\Location;
 use App\Models\Manufacturer;
 use App\Models\Statuslabel;
 use App\Models\Supplier;
+use App\Models\Department;
 use App\Models\User;

 class ItemImporter extends Importer
@@ -54,6 +55,18 @@ class ItemImporter extends Importer
        if ($this->shouldUpdateField($item_supplier)) {
            $this->item['supplier_id'] = $this->createOrFetchSupplier($item_supplier);
        }
+
+        $item_department = $this->findCsvMatch($row, "department");
+        if ($this->shouldUpdateField($item_department)) {
+            $this->item['department_id'] = $this->createOrFetchDepartment($item_department);
+        }
+
+        $item_manager_first_name = $this->findCsvMatch($row, "manager_first_name");
+        $item_manager_last_name = $this->findCsvMatch($row, "manager_last_name");
+        if ($this->shouldUpdateField($item_manager_first_name)) {
+            $this->item['manager_id'] = $this->fetchManager($item_manager_first_name, $item_manager_last_name);
+        }
+
        $this->item["name"] = $this->findCsvMatch($row, "item_name");
        $this->item["notes"] = $this->findCsvMatch($row, "notes");
        $this->item["order_number"] = $this->findCsvMatch($row, "order_number");
@@ -84,7 +97,7 @@ class ItemImporter extends Importer
     */ 
    protected function determineCheckout($row)
    {
-        // We only support checkout-to-location for asset, so short circuit otherw.
+        // We only support checkout-to-location for asset, so short circuit otherwise.
        if(get_class($this) != AssetImporter::class) {
            return $this->createOrFetchUser($row);
        }
@@ -161,7 +174,7 @@ class ItemImporter extends Importer
     * @since 3.0
     * @param array
     * @param $category Category
-     * @param $manufacturer Manufacturer
+     * @param $row Manufacturer
     * @return int Id of asset model created/found
     * @internal param $asset_modelno string
     */
@@ -279,6 +292,8 @@ class ItemImporter extends Importer
        return null;
    }

+
+
    /**
     * Fetch the existing status label or create new if it doesn't exist.
     *
@@ -6,13 +6,21 @@ use App\Helpers\Helper;
 use App\Models\User;
 use App\Notifications\WelcomeNotification;

+/**
+ * This is ONLY used for the User Import. When we are importing users
+ * via an Asset/etc import, we use createOrFetchUser() in
+ * App\Importer.php. [ALG]
+ *
+ * Class UserImporter
+ * @package App\Importer
+ *
+ */
 class UserImporter extends ItemImporter
 {
    protected $users;
    public function __construct($filename)
    {
        parent::__construct($filename);
-        // $this->users = User::all();
    }

    protected function handle($row)
@@ -31,25 +39,40 @@ class UserImporter extends ItemImporter
     */
    public function createUserIfNotExists(array $row)
    {
-        // User Specific Bits
+        // Pull the records from the CSV to determine their values
        $this->item['username'] = $this->findCsvMatch($row, 'username');
        $this->item['first_name'] = $this->findCsvMatch($row, 'first_name');
        $this->item['last_name'] = $this->findCsvMatch($row, 'last_name');
+        \Log::debug('UserImporter.php  Name: '.$this->item['first_name'].' '.$this->item['last_name'].' ('.$this->item['username'].')');
        $this->item['email'] = $this->findCsvMatch($row, 'email');
        $this->item['phone'] = $this->findCsvMatch($row, 'phone_number');
        $this->item['jobtitle'] = $this->findCsvMatch($row, 'jobtitle');
+        $this->item['activated'] =  ($this->fetchHumanBoolean($this->findCsvMatch($row, 'activated')) == 1) ? '1' : 0;
+
+        \Log::debug('UserImporter.php Activated: '.$this->findCsvMatch($row, 'activated'));
+        \Log::debug('UserImporter.php Activated fetchHumanBoolean: '. $this->fetchHumanBoolean($this->findCsvMatch($row, 'activated')));
+
        $this->item['employee_num'] = $this->findCsvMatch($row, 'employee_num');
+        $this->item['department_id'] = $this->createOrFetchDepartment($this->findCsvMatch($row, 'department')) ? $this->createOrFetchDepartment($this->findCsvMatch($row, 'department')) : null;
+        $this->item['manager_id'] = $this->fetchManager($this->findCsvMatch($row, 'manager_first_name'), $this->findCsvMatch($row, 'manager_last_name')) ? $this->fetchManager($this->findCsvMatch($row, 'manager_first_name'), $this->findCsvMatch($row, 'manager_last_name')) : null;
+
+
        $user = User::where('username', $this->item['username'])->first();
        if ($user) {
            if (!$this->updating) {
                $this->log('A matching User ' . $this->item["name"] . ' already exists.  ');
+                \Log::debug('A matching User ' . $this->item["name"] . ' already exists.  ');
                return;
            }
            $this->log('Updating User');
            $user->update($this->sanitizeItemForUpdating($user));
            $user->save();
+            // \Log::debug('UserImporter.php Updated User ' . print_r($user, true));
            return;
        }
+
+
+
        // This needs to be applied after the update logic, otherwise we'll overwrite user passwords
        // Issue #5408
        $this->item['password'] = $this->tempPassword;
@@ -57,10 +80,11 @@ class UserImporter extends ItemImporter
        $this->log("No matching user, creating one");
        $user = new User();
        $user->fill($this->sanitizeItemForStoring($user));
+
        if ($user->save()) {
-            // $user->logCreate('Imported using CSV Importer');
            $this->log("User " . $this->item["name"] . ' was created');
-            if($user->email) {
+
+            if(($user->email) && ($user->activated=='1')) {
                $data = [
                    'email' => $user->email,
                    'username' => $user->username,
@@ -68,7 +92,11 @@ class UserImporter extends ItemImporter
                    'last_name' => $user->last_name,
                    'password' => $this->tempPassword,
                ];
-                $user->notify(new WelcomeNotification($data));
+
+                if ($this->send_welcome) {
+                    $user->notify(new WelcomeNotification($data));
+                }
+
            }
            $user = null;
            $this->item = null;
@@ -1,16 +1,20 @@
 | CSV                 | Item             | Applicable Types                          |
 |---------------------|------------------|-------------------------------------------|
+| activated           |                  | User                                      |
 | asset tag           | asset_tag        | Asset                                     |
 | category            | category         | All                                       |
 | company             | company          | All                                       |
+| department_id       |                  | User ? All                                |
 | item name           | item_name        | All                                       |
-| image               | image            | asset                                     |
+| image               | image            | Asset                                     |
+| email               |                  |                                           |
 | expiration date     | expiration_date  | License                                   |
 | location            | location         | All                                       |
 | notes               | notes            | All                                       |
 | licensed to email   | license_email    | License                                   |
 | licensed to name    | license_name     | License                                   |
 | maintained          | maintained       | License                                   |
+| manager_id          |                  | User                                         |
 | manufacturer        | manufacturer     | All                                       |
 | model name          | asset_model      | Asset                                     |
 | model number        | model_number     | Asset                                     |
@@ -22,12 +26,12 @@
 | reassignable        | reassignable     | License                                   |
 | requestable         | requestable      | Asset, Accessory?                         |
 | seats               | seats            | License                                   |
-| serial number       | serial           | asset, license                            |
-| status              | status           | asset ? All                               |
+| serial number       | serial           | Asset, license                            |
+| status              | status           | Asset ? All                               |
 | supplier            | supplier         | Asset ? All                               |
 | termination date    | termination_date | License                                   |
-| warranty months     | warranty_months  | asset                                     |
+| warranty months     | warranty_months  | Asset                                     |
 | User Related Fields | assigned_to      | Asset                                     |
 | name                |                  |                                           |
-| email               |                  |                                           |
-| username            |                  |                                           |
+| username            |                  |                                           |
+
@@ -1180,8 +1180,8 @@ class Asset extends Depreciable
     */
    public function scopeInCategory($query, $category_id)
    {
-        return $query->join('models', 'assets.model_id', '=', 'models.id')
-            ->join('categories', 'models.category_id', '=', 'categories.id')->where('models.category_id', '=', $category_id);
+        return $query->join('models as category_models', 'assets.model_id', '=', 'category_models.id')
+            ->join('categories', 'category_models.category_id', '=', 'categories.id')->where('category_models.category_id', '=', $category_id);
    }

    /**
@@ -72,6 +72,8 @@ class AssetMaintenance extends Model implements ICompanyableChild
            trans('admin/asset_maintenances/general.repair')      => trans('admin/asset_maintenances/general.repair'),
            trans('admin/asset_maintenances/general.upgrade')     => trans('admin/asset_maintenances/general.upgrade'),
            'PAT test'      => 'PAT test',
+            trans('admin/asset_maintenances/general.calibration')     => trans('admin/asset_maintenances/general.calibration'),
+            'PAT test'      => 'PAT test',
        ];
    }

@@ -35,7 +35,7 @@ class Consumable extends SnipeModel
        'qty'         => 'required|integer|min:0',
        'category_id' => 'required|integer',
        'company_id'  => 'integer|nullable',
-        'min_amt'     => 'integer|min:1|nullable',
+        'min_amt'     => 'integer|min:0|nullable',
        'purchase_cost'   => 'numeric|nullable',
    );

@@ -76,7 +76,7 @@ class Consumable extends SnipeModel
     * 
     * @var array
     */
-    protected $searchableAttributes = ['name', 'order_number', 'purchase_cost', 'purchase_date'];
+    protected $searchableAttributes = ['name', 'order_number', 'purchase_cost', 'purchase_date', 'item_no'];

    /**
     * The relations and their attributes that should be included when searching the model.
@@ -25,11 +25,11 @@ class Department extends SnipeModel
    use ValidatingTrait, UniqueUndeletedTrait;

    protected $rules = [
-        'name'            => 'required|max:255',
-        'user_id'        => 'required',
-        'location_id'        => 'numeric|nullable',
-        'company_id'        => 'numeric|nullable',
-        'manager_id'        => 'numeric|nullable',
+        'name'                  => 'required|max:255',
+        'user_id'               => 'nullable|exists:users,id',
+        'location_id'           => 'numeric|nullable',
+        'company_id'            => 'numeric|nullable',
+        'manager_id'            => 'numeric|nullable',
    ];

    /**
@@ -96,8 +96,11 @@ class Ldap extends Model

        $filterQuery = $settings->ldap_auth_filter_query . $username;

+
        if (!$ldapbind = @ldap_bind($connection, $userDn, $password)) {
-            return false;
+            if(!$ldapbind = Ldap::bindAdminToLdap($connection)){
+                    return false;
+            }
        }

        if (!$results = ldap_search($connection, $baseDn, $filterQuery)) {
@@ -112,7 +115,7 @@ class Ldap extends Model
            return false;
        }

-        return $user;
+        return array_change_key_case($user);

    }

@@ -110,6 +110,7 @@ class License extends Depreciable
    protected $searchableRelations = [
      'manufacturer' => ['name'],
      'company'      => ['name'],
+      'category'     => ['name'],
    ];    

    public static function boot()
@@ -26,7 +26,7 @@ class Location extends SnipeModel
      'address'         => 'max:80|nullable',
      'address2'        => 'max:80|nullable',
      'zip'         => 'min:3|max:10|nullable',
-      // 'manager_id'  => 'exists:users'
+      'manager_id'  => 'exists:users,id|nullable'
    );

    /**
@@ -57,6 +57,7 @@ class Location extends SnipeModel
        'zip',
        'ldap_ou',
        'currency',
+        'manager_id',
        'image',
    ];
    protected $hidden = ['user_id'];
@@ -41,7 +41,8 @@ trait Loggable
        $settings = Setting::getSettings();
        $log = new Actionlog;
        $log = $this->determineLogItemType($log);
-        $log->user_id = Auth::user()->id;
+        if(Auth::user())
+            $log->user_id = Auth::user()->id;

        if (!isset($target)) {
            throw new Exception('All checkout logs require a target');
@@ -5,10 +5,9 @@ use App\Models\Setting;

 class AlertRecipient extends Recipient{

-    public function __construct()
+    public function __construct(string $email)
    {
-       $settings = Setting::getSettings();
-       $this->email = $settings->alert_email;
+        $this->email = trim($email);
    }

 }
@@ -47,6 +47,7 @@ class User extends SnipeModel implements AuthenticatableContract, CanResetPasswo
        'manager_id',
        'password',
        'phone',
+        'notes',
        'state',
        'username',
        'zip',
@@ -166,11 +167,6 @@ class User extends SnipeModel implements AuthenticatableContract, CanResetPasswo
        return $this->belongsTo('\App\Models\Department', 'department_id');
    }

-    public function isActivated()
-    {
-        return $this->activated ==1;
-    }
-
    public function getFullNameAttribute()
    {
        return $this->first_name . " " . $this->last_name;
@@ -274,7 +270,7 @@ class User extends SnipeModel implements AuthenticatableContract, CanResetPasswo
     **/
    public function managedLocations()
    {
-        return $this->hasMany('\App\Models\Location', 'manager_id')->withTrashed();
+        return $this->hasMany('\App\Models\Location', 'manager_id');
    }

    /**
@@ -333,7 +329,7 @@ class User extends SnipeModel implements AuthenticatableContract, CanResetPasswo

    public function scopeGetDeleted($query)
    {
-        return $query->withTrashed()->whereNotNull('deleted_at');
+        return $query->withTrashed()->whereNotNull('users.deleted_at');
    }

    public function scopeGetNotDeleted($query)
@@ -393,7 +389,11 @@ class User extends SnipeModel implements AuthenticatableContract, CanResetPasswo
    }

    /**
-     * Check whether two-factor authorization is required and the user has activated it
+     * Check whether two-factor authorization is requiredfor this user
+     *
+     * 0 = 2FA disabled
+     * 1 = 2FA optional
+     * 2 = 2FA universally required
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
@@ -402,10 +402,45 @@ class User extends SnipeModel implements AuthenticatableContract, CanResetPasswo
     */
    public function two_factor_active () {

-        if (Setting::getSettings()->two_factor_enabled !='0') {
-            if (($this->two_factor_optin =='1') && ($this->two_factor_enrolled)) {
-                return true;
-            }
+        // If the 2FA is optional and the user has opted in
+        if ((Setting::getSettings()->two_factor_enabled =='1') && ($this->two_factor_optin =='1'))
+        {
+            return true;
+        }
+        // If the 2FA is required for everyone so is implicitly active
+        elseif (Setting::getSettings()->two_factor_enabled =='2')
+        {
+            return true;
+        }
+
+        return false;
+
+    }
+
+    /**
+     * Check whether two-factor authorization is required and the user has activated it
+     * and enrolled a device
+     *
+     * 0 = 2FA disabled
+     * 1 = 2FA optional
+     * 2 = 2FA universally required
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.6.14]
+     *
+     * @return bool
+     */
+    public function two_factor_active_and_enrolled () {
+
+        // If the 2FA is optional and the user has opted in and is enrolled
+        if ((Setting::getSettings()->two_factor_enabled =='1') && ($this->two_factor_optin =='1') && ($this->two_factor_enrolled =='1'))
+        {
+            return true;
+        }
+        // If the 2FA is required for everyone and the user has enrolled
+        elseif ((Setting::getSettings()->two_factor_enabled =='2') && ($this->two_factor_enrolled))
+        {
+            return true;
        }
        return false;

@@ -417,6 +452,25 @@ class User extends SnipeModel implements AuthenticatableContract, CanResetPasswo
        return json_decode($this->permissions, true);
    }

+    /**
+     * Query builder scope to search user by name with spaces in it.
+     * We don't use the advancedTextSearch() scope because that searches
+     * all of the relations as well, which is more than what we need.
+     *
+     * @param  \Illuminate\Database\Query\Builder $query Query builder instance
+     * @param  array  $terms The search terms
+     * @return \Illuminate\Database\Query\Builder
+     */
+    public function scopeSimpleNameSearch($query,  $search) {
+
+           $query = $query->where('first_name', 'LIKE', '%'.$search.'%')
+               ->orWhere('last_name', 'LIKE', '%'.$search.'%')
+               ->orWhereRaw('CONCAT('.DB::getTablePrefix().'users.first_name," ",'.DB::getTablePrefix().'users.last_name) LIKE ?', ["%$search%", "%$search%"]);
+        return $query;
+    }
+
+
+
    /**
     * Run additional, advanced searches.
     *
@@ -450,7 +504,7 @@ class User extends SnipeModel implements AuthenticatableContract, CanResetPasswo

    public function scopeDeleted($query)
    {
-        return $query->whereNotNull('deleted_at');
+        return $query->whereNotNull('users.deleted_at');
    }


@@ -53,7 +53,7 @@ abstract class SnipePermissionsPolicy
    /**
     * Determine whether the user can view the accessory.
     *
-     * @param  \App\User  $user
+     * @param  \App\Models\User  $user
     * @return mixed
     */
    public function view(User $user, $item = null)
@@ -64,7 +64,7 @@ abstract class SnipePermissionsPolicy
    /**
     * Determine whether the user can create accessories.
     *
-     * @param  \App\User  $user
+     * @param  \App\Models\User  $user
     * @return mixed
     */
    public function create(User $user)
@@ -75,7 +75,7 @@ abstract class SnipePermissionsPolicy
    /**
     * Determine whether the user can update the accessory.
     *
-     * @param  \App\User  $user
+     * @param  \App\Models\User  $user
     * @return mixed
     */
    public function update(User $user, $item = null)
@@ -86,7 +86,7 @@ abstract class SnipePermissionsPolicy
    /**
     * Determine whether the user can delete the accessory.
     *
-     * @param  \App\User  $user
+     * @param  \App\Models\User  $user
     * @return mixed
     */
    public function delete(User $user, $item = null)
@@ -97,11 +97,13 @@ abstract class SnipePermissionsPolicy
     /**
     * Determine whether the user can manage the accessory.
     *
-     * @param  \App\User  $user
+     * @param  \App\Models\User  $user
     * @return mixed
     */
    public function manage(User $user, $item = null)
    {
        return $user->hasAccess($this->columnName().'.edit');
    }
+
+
 }
@@ -226,14 +226,14 @@ class UserPresenter extends Presenter
            [
                "field" => "two_factor_enrolled",
                "searchable" => false,
-                "sortable" => false,
+                "sortable" => true,
                "switchable" => true,
                "title" => trans('admin/users/general.two_factor_enrolled'),
                "visible" => false,
                'formatter' => 'trueFalseFormatter'
            ],
            [
-                "field" => "two_factor_active",
+                "field" => "two_factor_activated",
                "searchable" => false,
                "sortable" => false,
                "switchable" => true,
@@ -246,7 +246,7 @@ class UserPresenter extends Presenter
                "searchable" => false,
                "sortable" => true,
                "switchable" => true,
-                "title" => trans('general.activated'),
+                "title" => trans('general.login_enabled'),
                "visible" => true,
                'formatter' => 'trueFalseFormatter'
            ],
@@ -58,7 +58,7 @@ class AppServiceProvider extends ServiceProvider
        if (($this->app->environment('production'))  && (config('services.rollbar.access_token'))){
            $this->app->register(\Rollbar\Laravel\RollbarServiceProvider::class);
        }
-
+        
        foreach ($monolog->getHandlers() as $handler) {
            $handler->setLevel($log_level);
        }
@@ -113,6 +113,14 @@ class AuthServiceProvider extends ServiceProvider
        });


+        // Can the user import CSVs?
+        Gate::define('import', function ($user) {
+            if ($user->hasAccess('import') ) {
+                return true;
+            }
+        });
+
+
        # -----------------------------------------
        # Reports
        # -----------------------------------------
@@ -2,7 +2,7 @@
  "name": "snipe/snipe-it",
  "description": "Open source asset management system built on Laravel.",
  "keywords": ["assets", "asset-management", "laravel"],
-  "license": "AGPL-3",
+  "license": "AGPL-3.0-or-later",
  "type": "project",
    "require": {
    "php": ">=5.6.4",
@@ -12,8 +12,9 @@
    "doctrine/dbal": "^2.5.13",
    "doctrine/inflector": "1.1.*",
    "doctrine/instantiator": "1.0.*",
+    "eduardokum/laravel-mail-auto-embed": "^1.0",
    "erusev/parsedown": "^1.6",
-    "fideloper/proxy": "^3.1",
+    "fideloper/proxy": "^3.3",
    "intervention/image": "^2.3",
    "javiereguiluz/easyslugger": "^1.0",
    "laravel/framework": "5.4.35",
@@ -28,7 +29,7 @@
    "phpspec/prophecy": "1.6.2",
    "pragmarx/google2fa": "^1.0",
    "predis/predis": "^1.1",
-    "rollbar/rollbar-laravel": "^2.2",
+    "rollbar/rollbar-laravel": "2.4.1",
    "schuppo/password-strength": "~1.5",
    "spatie/laravel-backup": "3.11.0",
    "tecnickcom/tc-lib-barcode": "^1.15",
@@ -41,7 +42,6 @@
    "fzaninotto/faker": "~1.4",
    "phpunit/php-token-stream": "1.4.11",
    "phpunit/phpunit": "~5.7",
-    "roave/security-advisories": "dev-master",
    "squizlabs/php_codesniffer": "*",
    "symfony/css-selector": "3.1.*",
    "symfony/dom-crawler": "3.1.*"
@@ -297,6 +297,7 @@ return [
        Unicodeveloper\DumbPassword\DumbPasswordServiceProvider::class,
        Schuppo\PasswordStrength\PasswordStrengthServiceProvider::class,
        Tightenco\Ziggy\ZiggyServiceProvider::class, // Laravel routes in vue
+        Eduardokum\LaravelMailAutoEmbed\ServiceProvider::class,

        /*
        * Application Service Providers...
@@ -86,6 +86,6 @@ return [
    |
    */

-    'prefix' => 'snipeit',
+    'prefix' => env('CACHE_PREFIX', 'snipeit'),

 ];
@@ -27,6 +27,15 @@ return array(
        )
    ),

+    'CSV Import' => array(
+        array(
+            'permission' => 'import',
+            'label'      => '',
+            'note'       => 'This will allow users to import even if access to users, assets, etc is denied elsewhere.',
+            'display'    => true,
+        )
+    ),
+
    'Reports' => array(
        array(
            'permission' => 'reports.view',
@@ -63,11 +63,12 @@ return [
     * We may also want to add something like:
     * \Illuminate\Http\Request::HEADER_CLIENT_PROTO => 'X_FORWARDED_SCHEME',
     */
+    // These are defaults already set in the config:
    'headers' => [
+        (defined('Illuminate\Http\Request::HEADER_FORWARDED') ? Illuminate\Http\Request::HEADER_FORWARDED : 'forwarded') => 'FORWARDED',
        \Illuminate\Http\Request::HEADER_CLIENT_IP    => 'X_FORWARDED_FOR',
        \Illuminate\Http\Request::HEADER_CLIENT_HOST  => 'X_FORWARDED_HOST',
        \Illuminate\Http\Request::HEADER_CLIENT_PROTO => 'X_FORWARDED_PROTO',
        \Illuminate\Http\Request::HEADER_CLIENT_PORT  => 'X_FORWARDED_PORT',
-
    ]
 ];
@@ -1,10 +1,10 @@
 <?php
 return array (
-  'app_version' => 'v4.6.3',
-  'full_app_version' => 'v4.6.3 - build 3866-g3de1de9dc',
-  'build_version' => '3866',
+  'app_version' => 'v4.6.14',
+  'full_app_version' => 'v4.6.14 - build 4006-gdec77890b',
+  'build_version' => '4006',
  'prerelease_version' => '',
-  'hash_version' => 'g3de1de9dc',
-  'full_hash' => 'v4.6.2-19-g3de1de9dc',
+  'hash_version' => 'gdec77890b',
+  'full_hash' => 'v4.6.14-18-gdec77890b',
  'branch' => 'master',
-);
+);
@@ -15,7 +15,7 @@ class AddPrefixToSettings extends Migration {
 		//
 		Schema::table('settings', function(Blueprint $table) {

-			$table->string('auto_increment_prefix')->default(0);
+			$table->string('auto_increment_prefix')->nullable()->default(NULL);

 		});
 	}
@@ -0,0 +1,30 @@
+<?php
+
+use Illuminate\Support\Facades\Schema;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class ChangeAutoIncrementPrefixToNullable extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('settings', function (Blueprint $table) {
+            $table->string('auto_increment_prefix')->nullable()->default(null)->change();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        //
+    }
+}
@@ -0,0 +1,30 @@
+<?php
+
+use Illuminate\Support\Facades\Schema;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class AutoIncrementBackToString extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('settings', function (Blueprint $table) {
+            $table->string('auto_increment_prefix')->nullable()->default(null)->change();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        //
+    }
+}
@@ -0,0 +1,33 @@
+<?php
+
+use Illuminate\Support\Facades\Schema;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class MakeSerialNullable extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        $platform = Schema::getConnection()->getDoctrineSchemaManager()->getDatabasePlatform();
+        $platform->registerDoctrineTypeMapping('enum', 'string');
+
+        Schema::table('assets', function (Blueprint $table) {
+            $table->string('serial')->nullable()->default(null)->change();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        //
+    }
+}
@@ -0,0 +1,64 @@
+<?php
+
+use Illuminate\Support\Facades\Schema;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class MakeFieldsNullableForIntegrity extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+
+
+        Schema::table('locations', function (Blueprint $table) {
+            $table->string('city')->nullable()->default(null)->change();
+            $table->string('state')->nullable()->default(null)->change();
+            $table->string('country')->nullable()->default(null)->change();
+            $table->integer('user_id')->nullable()->default(null)->change();
+            $table->string('address')->nullable()->default(null)->change();
+            $table->string('address2')->nullable()->default(null)->change();
+        });
+
+        Schema::table('users', function (Blueprint $table) {
+            $table->string('last_name')->nullable()->default(null)->change();
+        });
+
+        Schema::table('suppliers', function (Blueprint $table) {
+            $table->integer('user_id')->nullable()->default(null)->change();
+        });
+
+        Schema::table('status_labels', function (Blueprint $table) {
+            $table->integer('user_id')->nullable()->default(null)->change();
+        });
+
+        Schema::table('models', function (Blueprint $table) {
+            $table->integer('user_id')->nullable()->default(null)->change();
+            $table->integer('manufacturer_id')->nullable()->default(null)->change();
+            $table->integer('category_id')->nullable()->default(null)->change();
+        });
+
+        Schema::table('licenses', function (Blueprint $table) {
+            $table->integer('user_id')->nullable()->default(null)->change();
+            $table->boolean('maintained')->nullable()->default(null)->change();
+        });
+
+        Schema::table('depreciations', function (Blueprint $table) {
+            $table->integer('user_id')->nullable()->default(null)->change();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        //
+    }
+}
@@ -5,7 +5,7 @@ if [ -z "$APP_KEY" ]
 then
  echo "Please re-run this container with an environment variable \$APP_KEY"
  echo "An example APP_KEY you could use is: "
-  php artisan key:generate --show
+  /var/www/html/artisan key:generate --show
  exit
 fi

@@ -17,8 +17,24 @@ else
 fi

 # create data directories
-for dir in 'data/private_uploads' 'data/uploads' 'data/uploads/avatars' 'data/uploads/barcodes' 'data/uploads/categories' 'data/uploads/companies' 'data/uploads/departments' 'data/uploads/locations' 'data/uploads/manufacturers' 'data/uploads/models' 'data/uploads/suppliers' 'dumps' 'keys'; do
-	mkdir -p "/var/lib/snipeit/$dir"
+for dir in \
+  'data/private_uploads' \
+  'data/uploads/accessories' \
+  'data/uploads/avatars' \
+  'data/uploads/barcodes' \
+  'data/uploads/categories' \
+  'data/uploads/companies' \
+  'data/uploads/components' \
+  'data/uploads/consumables' \
+  'data/uploads/departments' \
+  'data/uploads/locations' \
+  'data/uploads/manufacturers' \
+  'data/uploads/models' \
+  'data/uploads/suppliers' \
+  'dumps' \
+  'keys'
+do
+  [ ! -d "/var/lib/snipeit/$dir" ] && mkdir -p "/var/lib/snipeit/$dir"
 done

 chown -R docker:root /var/lib/snipeit/data/*
@@ -26,9 +42,9 @@ chown -R docker:root /var/lib/snipeit/dumps
 chown -R docker:root /var/lib/snipeit/keys

 # If the Oauth DB files are not present copy the vendor files over to the db migrations
-if [ ! -f "/var/www/html/database/migrations/*create_oauth*" ]; then
+if [ ! -f "/var/www/html/database/migrations/*create_oauth*" ]
+then
  cp -ax /var/www/html/vendor/laravel/passport/database/migrations/* /var/www/html/database/migrations/
 fi

-. /etc/apache2/envvars 
-exec apache2 -DNO_DETACH < /dev/null
+exec supervisord -c /supervisord.conf
@@ -0,0 +1,19 @@
+#!/usr/bin/env python
+# A supervisor event listener which terminates supervisord if any of its child
+# processes enter the FATAL state.
+# https://stackoverflow.com/a/37527488/119527
+import os
+import signal
+
+from supervisor import childutils
+
+def main():
+    while True:
+        headers, payload = childutils.listener.wait()
+        childutils.listener.ok()
+        if headers['eventname'] != 'PROCESS_STATE_FATAL':
+            continue
+        os.kill(os.getppid(), signal.SIGTERM)
+
+if __name__ == "__main__":
+    main()
@@ -0,0 +1,27 @@
+[supervisord]
+nodaemon=true
+
+[program:apache]
+; https://advancedweb.hu/2018/07/03/supervisor_docker/
+command=apache2ctl -DFOREGROUND
+killasgroup=true
+stopasgroup=true
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+
+[program:run_schedule]
+; Simply run the Laravel command scheduler every minute
+command=/bin/bash -c "while true; do /var/www/html/artisan schedule:run; sleep 1m; done"
+user=docker
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+
+
+; https://stackoverflow.com/a/37527488/119527
+[eventlistener:exit_on_any_fatal]
+command=supervisor-exit-event-listener
+events=PROCESS_STATE_FATAL
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
snipe	1451b4f45d	Merge branch 'master' of https://github.com/snipe/snipe-it	2019-03-18 20:51:11 -07:00
snipe	b6da68a69c	Bumped version	2019-03-18 20:50:47 -07:00
snipe	dee92cfc6c	Fixes XSS vulnerabilities (#6831 ) * Properly escape log_meta values * Vue syntax fix to allow npm run dev to work again * Janky fix for Select2 bug * Compiled production assets * Escape user’s last name in API * Removed duplicate alertClass * Compiled production assets	2019-03-18 20:49:32 -07:00
snipe	dec77890bd	Merge branch 'master' of https://github.com/snipe/snipe-it	2019-03-18 11:59:48 -07:00
snipe	0e1289f12f	Fixes #6821 - fixed 2 fa active for users list (#6822 ) * Fixed #6821 - confusing UI for 2FA when 2FA is universally enforced I also updated the language in the user’s listing table to clarify what “activated” means * Added login enabled info to user view * Clarified comments * Added info about 2FA on user profile Because why not * Added nowrap to table, and added 2FA reset for superadmins	2019-03-18 11:59:02 -07:00
snipe	7b33f95e83	Fixes/import permissions mask (#6826 ) * Check for empty headers in import * Added import permission * Fixed model path in docblock * Added import gate to default blade * Check if the user is an admin OR idf they have import permissions * Walked back that admin permission Since admins are bound by full company support, it makes less sense to let admins have this permission by default, versus having them specifically designated to the import permission	2019-03-18 11:58:08 -07:00
snipe	ab6744dfba	Merge branch 'master' of https://github.com/snipe/snipe-it	2019-03-14 15:38:20 -07:00
snipe	0fd940ffa4	Check for empty headers in import	2019-03-14 15:38:07 -07:00
Tim Farmer	5893e25b43	Label bugs in alerts settings (#6808 ) * Label bugs in alerts settings Found another label bug where the alert_email label should be alerts_enabled. * Update alerts.blade.php	2019-03-14 10:53:05 -07:00
snipe	7c3bbe3097	Fixes #6776 hungary date format (#6823 ) * Add @timothyfarmer as a contributor * Fixed #6776 - added hungary time format	2019-03-13 19:39:38 -07:00
snipe	858d382e26	Changed logging to info level for LDAP	2019-03-13 15:14:03 -07:00
snipe	de16fee00a	Change image unlink error log to info from error	2019-03-13 12:22:12 -07:00
Tim Farmer	7deab0f53b	Label bugs in general settings (#6801 ) * checkbox label bug The checkbox label in general settings for require_accept_signature was set to full_multiple_companies_support instead so when you click the label for require accept signature it would check the wrong box. * Update general.blade.php * Update general.blade.php Another label that is wrong in general settings	2019-03-08 12:24:24 -08:00
Jonathon Reinhart	e59ec8b27f	Run Laravel schedule in docker image using supervisord (#6606 ) * docker: Rename /entrypoint.sh to /startup.sh This script is not configured as the docker image ENTRYPOINT, thus it is misleading to name it so. * docker: Terminate supervisord if a process enters the FATAL state By terminating PID 1, this will also terminate the Docker container. * docker: Use supervisord to start up apache and cron Note that this uses `apache2ctl -DFOREGROUND` rather than manually sourcing /etc/apache2/envvars and running apache2, as recommended at https://advancedweb.hu/2018/07/03/supervisor_docker/. * docker: Add artisan schedule:run to crontab This also switches to executing /var/www/html/artisan directly. * docker: Run artisan schedule:run directly from supervisor This has the following benefits over using cron: - Cron doesn't need to be installed - Docker-provided environment variables are preserved - It's easy and explicit to run as the docker user	2019-03-07 12:42:00 -08:00
snipe	6d98bd6846	Fixed error if item requested or request was deleted (#6786 ) ch628	2019-03-05 23:47:36 -08:00
snipe	58768e5aee	Added ability to search consumables by item number (#6785 ) Fixes ch1086	2019-03-05 23:21:22 -08:00
snipe	28a450ea25	Added ability to do full name search in user dropdown selectlist (#6784 )	2019-03-05 21:13:39 -08:00
snipe	1393f44070	Create FUNDING.yml	2019-03-04 23:57:17 -08:00
snipe	8016939f31	Merge branch 'master' of https://github.com/snipe/snipe-it	2019-03-01 17:39:55 -08:00
snipe	c1ad2f9376	Added link to Marksman - A Windows agent for Snipe-IT Per https://github.com/Scope-IT/marksman/issues/9#issuecomment-468275142	2019-03-01 17:39:50 -08:00
snipe	9575cd2651	Add accessories endpoint to user API (#6775 )	2019-03-01 17:21:03 -08:00
snipe	cf086b711e	Merge branch 'master' of https://github.com/snipe/snipe-it	2019-02-22 13:24:58 -08:00
snipe	53db96edad	Bumped minor version	2019-02-22 13:24:45 -08:00
snipe	3b62c4a83a	Fixes/integrity constraint (#6754 ) * Migration to fix nullables This should fix an issue introduced in `90cddb7aee` where we’re passing null instead of an empty string (necessary to nullify values via the API) * Removed asset migration - serial was already fixed	2019-02-22 13:20:42 -08:00
snipe	5f3147cf36	Added support for enum that was added :(	2019-02-20 21:04:03 -08:00
snipe	738896bdc2	Make serial nullable Guessing this is new due to later versions of mysql	2019-02-20 20:47:14 -08:00
snipe	e2834fab90	Bumped minor version	2019-02-16 11:48:20 -08:00
snipe	d687e1d762	Fixed #6725 - revert auro_increment_prefix to string This was mis-migrated as boolean. It’s essentially a duplicate migration, as it is fixed in-place on the existing migration, and then a new migratio was created to handle anyone who already upgraded.	2019-02-16 11:37:05 -08:00
snipe	6256abddf2	Bumped point release	2019-02-14 15:07:11 -08:00
snipe	b26fbf986f	Fixed issue where offset could be greater than total items, resulting in “No results” confusion	2019-02-14 14:49:08 -08:00
snipe	5c9b1ed43a	Fixed #6676 - consumables API not respecting category id	2019-02-14 14:48:43 -08:00
snipe	14eb6b387b	Possible fix for #6710 - explicitly make auto_increment_prefix nullable (#6716 ) * Possible fix for #6710 - explicitly make auto_increment_prefix nullable * Added migration to make auto_increment_prefix explicitly nullable	2019-02-14 12:46:09 -08:00
snipe	35ebe33e4e	Fixed #6703 - fixes password confirmation (#6711 ) * Fixed #6703 - fixes password confirmation * Removed debugging * Fixed tests * I guess we use 10 as the settings for password min in tests * One more try to fix tests - confirmation won’t validate until password validates	2019-02-13 23:01:19 -08:00
snipe	9035707bd6	Bumped point version	2019-02-13 07:40:52 -08:00
snipe	aa1e06f021	One more time…. Fixed #6704 - don’t apply gate to $arrays collection, just check that they can view assets	2019-02-13 04:46:19 -08:00
snipe	30b1cfabf5	Fixed dumb formatting	2019-02-13 04:45:21 -08:00
snipe	e75d22ab73	Revert "Fixed #6704 - don’t apply gate to $arrays collection, just check that they can view assets" This reverts commit `b1e17743b8`.	2019-02-13 04:44:19 -08:00
snipe	b1e17743b8	Fixed #6704 - don’t apply gate to $arrays collection, just check that they can view assets	2019-02-13 04:35:55 -08:00
snipe	e2c0f01a10	Fixed #6367 - pass table name and column_id to scopeCompanyables Solves error: Integrity constraint violation: 1052 Column 'company_id' in where clause is ambiguous	2019-02-13 01:26:11 -08:00
snipe	f88fee0f21	Make user notes field editable via API	2019-02-12 23:58:30 -08:00
snipe	c0669150fb	Bumped point version	2019-02-12 23:48:31 -08:00
snipe	f3c12f38b6	Fixed #6061 - Assigned user group cannot be removed This bug was a result of attempting to check if the groups field had a value, and only THEN trying to sync the groups. This meant that uf you were removing ALL groups, the sync wouldn’t be triggered. This still needs to be updated in the API.	2019-02-12 23:43:38 -08:00
snipe	5e19178a30	Do not count deleted locations in managedLocation check on user delete	2019-02-12 23:32:10 -08:00
snipe	90cddb7aee	Fixed #6113 - use $asset->fill vs filled() to allow blanking values via API (#6693 ) Need to confirm that re-enabling `\Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,` won’t mangle anything. I know we ran into some issues when testing a long time ago, but not sure those issues apply anymore, and I can’t remember what they were.	2019-02-12 22:08:38 -08:00
snipe	6d828964be	Merge branch 'master' of https://github.com/snipe/snipe-it	2019-02-04 18:58:32 -08:00
snipe	971fcf5800	Fixed #6633 - return 200 status code	2019-02-04 18:58:28 -08:00
Daniel Ruf	2ad270cf33	ci: fix indentation (#6669 )	2019-01-30 15:14:17 -08:00
Daniel Ruf	8ce78c6b31	tests: allow to fail on PHP 7.3 and use the latest PHP 7.1 release (#6666 )	2019-01-30 14:32:33 -08:00
Daniel Ruf	af3c8195af	tests: fix expected string (#6665 )	2019-01-30 14:12:20 -08:00
snipe	117b4c59cc	Bumped minor version	2019-01-25 21:06:08 -08:00
snipe	194d0733d4	Fixed #6644 - asset name not linked in Reports > Asset Maintenance Report This report will likely be deprecated.	2019-01-25 20:57:14 -08:00
snipe	a371e8d53f	Added calibration as a maintenance type Should just make these custmizable options	2019-01-24 15:17:33 -08:00
snipe	8f09cca043	Fixed incorrect group route	2019-01-24 15:17:11 -08:00
snipe	39bca49e8f	Specify table name in deleted user display	2019-01-24 14:38:18 -08:00
snipe	b8269020ae	Specify table name in deleted user display	2019-01-24 14:37:39 -08:00
snipe	601c129bbf	Embed images in emails	2019-01-17 20:45:24 -08:00
snipe	b293d00699	Switch LDAP error to debug, to avoid crapping up the logs	2019-01-17 20:18:03 -08:00
snipe	75a0cf97e2	Return an error if asset maintenance is associated with a non-existant asset	2019-01-16 02:19:57 -08:00
snipe	c055e3af21	Only try to return the asset tag link if a valid asset id has been passed	2019-01-16 02:19:35 -08:00
snipe	a1f93e733c	Fixed undefined error when maintenance is associated with a deleted asset	2019-01-16 01:45:51 -08:00
fanta8897	49073742b5	Updating LDAP such that each user is not required to be bindable to LDAP (#6571 ) * Update Ldap.php * Update Ldap.php * Update Ldap.php * Update Ldap.php * Update Ldap.php Updating LDAP.php such that the admin bind will ONLY occur if the user attempting auth cannot bind. If that is the case, it will attempt to bind as admin and search for that user, prior to failing.	2019-01-15 14:04:21 -08:00
Sxderp	187206cb88	Fix saving of REMOTE_USER setting broken by `1a64879b6` (#6565 ) The previous commit made it such that remote user login could only be enabled if two factor authentication was also enabled. Unnest the configuration so that the setting can be applied without.	2019-01-15 13:59:36 -08:00
Hubert	8420cb7ec1	Fixed problem with import when using snipeit:import command (#6550 )	2019-01-15 13:58:23 -08:00
Andrey Bolonin	75252bce05	add php 7.3 (#6556 )	2019-01-10 13:21:04 -08:00
snipe	794824713e	Bumped minor version	2019-01-03 11:22:06 -08:00
snipe	8f6ea84fca	Fixed #4568 - escaping values in custom report	2018-12-12 19:38:24 -08:00
snipe	ea1b792a93	Fixed #6491 - cleaner return methods for PHP 7.3 compact()	2018-12-12 18:23:39 -08:00
Ben RUBSON	4ffb8f14b8	Improve Memcached settings (#6485 ) * Improved memcached settings * Improved memcached settings	2018-12-06 14:39:14 -08:00
Wes Hulette	d023f61bc4	Fixed missing importer (#6413 ) Fixed missing manager_id Fixed missing department_id	2018-12-04 13:06:12 -08:00
snipe	dd5ca73602	Set support footer and version footer to on when resetting the demo	2018-11-08 12:52:37 -08:00
snipe	2632f730d1	Sets activated to 0 in UserImporter if the activated column isn’t set	2018-11-07 22:36:58 -08:00
snipe	24c158bfe6	Added missing use statement for departments in importer	2018-11-07 18:33:43 -08:00
snipe	3d4a5a8066	More importer tweaks for dept and manager	2018-11-07 18:05:53 -08:00
snipe	db7e0b56f2	Fixed department id on asset import with users	2018-11-07 17:36:34 -08:00
snipe	f2478d813c	Fix manager id if no manager is given in importer	2018-11-07 17:33:27 -08:00
snipe	192aa9eb71	Fixed #6386 - licenses not searching on category name	2018-11-02 17:14:08 -07:00
Tim Bishop	0eef0fc1dd	Sync with develop branch. (#6377 ) Without this change argv[1] is ignored.	2018-10-31 11:11:41 -07:00
snipe	81f8fe34cd	Removed debugging line	2018-10-30 18:11:27 -07:00
snipe	f744696043	Fixed #6375 - lowercase keys on findAndBindUser to address LDAP syncing issue	2018-10-30 13:12:10 -07:00
snipe	29b0780c6c	Added company info to asset maintenances transforrmer	2018-10-30 00:20:16 -07:00
Wes Hulette	6b3b673daa	Changed NULL coalesce from ?? (#6353 ) PHP 5 does not have the double question mark null coalesce support.	2018-10-26 15:53:18 -07:00
snipe	a4876e9f3e	Updated language files	2018-10-26 15:51:38 -07:00
snipe	925258bfb4	Bumped version	2018-10-26 15:29:10 -07:00
snipe	1a10aa0dda	Fixed #6349 - add view permission for print all assigned	2018-10-19 16:43:28 -07:00
snipe	d6f8d1b464	Updated composer lock	2018-10-19 16:40:54 -07:00
snipe	09a102fea8	Only try to return a department if there is a matching field	2018-10-19 01:44:45 -07:00
snipe	304fce73fc	Null if blank on user import	2018-10-19 01:38:14 -07:00
snipe	295a68bb7a	Try false instead of null	2018-10-19 01:36:15 -07:00
snipe	3aeb521782	Patch PR #6335 to master	2018-10-19 01:30:05 -07:00
snipe	f587d2248b	WIP: Better handle activation column in importer (#6290 ) * Better handle activation column * Added comments for clarity on importer methods	2018-10-19 00:23:12 -07:00
snipe	8579c5a68a	Allow 0 as a consumable min amt	2018-10-15 17:04:51 -07:00
snipe	835b461d7d	Fixed #6323 - typo in link for low inventory	2018-10-11 15:31:10 -07:00
Wes Hulette	b8a37a0c73	Fixed Expiring Assets Email (#6321 )	2018-10-11 14:03:00 -07:00
snipe	41b5b1dfd0	Bumped hash	2018-10-09 17:32:46 -07:00
snipe	c7596e7741	Fixed image not uploading on asset create	2018-10-09 17:31:52 -07:00
snipe	d4fa81301d	Check if user can see assets in statuslabels gate	2018-10-09 16:34:12 -07:00
snipe	ec7245965f	Bumped to rollbar 2.4.1 https://github.com/rollbar/rollbar-php-laravel/issues/65	2018-10-04 17:09:12 -07:00
snipe	de76e8db5f	Re-enable rollbar	2018-10-04 12:11:36 -07:00
snipe	a52575c7bf	Lock rollbar to v2.3.0 https://github.com/rollbar/rollbar-php-laravel/issues/65 https://github.com/rollbar/rollbar-php-laravel/issues/67	2018-10-04 12:11:36 -07:00
Nenad Ticaric	bf6703c2e8	fixing double word typo (#6292 ) Thanks!	2018-10-04 09:41:50 -07:00
snipe	4db1dd8afc	Fixed #6291 - send-welcome argument in cli importer	2018-10-04 04:43:06 -07:00
snipe	c39e3acb59	Bumped hash	2018-10-04 02:24:41 -07:00
snipe	7a44da85a0	Fixed issue where admin users could disable activation when editing their own profile	2018-10-04 02:18:20 -07:00
snipe	890b613f71	Temporarily suppress rollbar	2018-10-03 15:47:56 -07:00
snipe	1014bd74e0	Updated rollbar	2018-10-03 14:58:14 -07:00
snipe	db385e024b	Possible proxy issue fix	2018-10-03 13:04:25 -07:00
snipe	c8bff3ef38	Features/add manager and dept to importer (#6277 ) * Ignore the simlink for public storage * Added manager and department to user import * More UI importer tweaks * Fisxed typos	2018-10-02 15:43:54 -07:00
snipe	10bc35d604	Fixed PHP warning Undefined offset: 1 in upgrade.php	2018-09-28 12:13:35 -07:00
snipe	eea65a3f26	Fixed manufacturers item count	2018-09-28 12:03:27 -07:00
snipe	3b21a19491	Updated language strings	2018-09-28 11:54:52 -07:00
snipe	7a52477294	Added Icelandic and Serbian to locale list	2018-09-28 11:47:59 -07:00
snipe	ef0bd72076	Bumped version	2018-09-28 11:21:39 -07:00
snipe	ff824ec4db	Fixes #6252 - activated flag not checked when editing active user	2018-09-28 11:18:33 -07:00
snipe	75032def9e	Fixed #4151 - Undefined index: samaccountname on LDAP import	2018-09-27 16:11:09 -07:00
snipe	3a0f738fb0	Added some hepful comments	2018-09-26 19:20:50 -07:00
snipe	55846cc717	Changed LOG:: to Log::	2018-09-26 19:06:31 -07:00
snipe	1784278a59	Fixed importer email test	2018-09-26 19:06:09 -07:00
snipe	afac0bc441	Removed old isActive model (unused)	2018-09-26 19:05:42 -07:00
snipe	ffbee77f6f	Patch for 5965 - multiple email recipients no longer working (#6238 )	2018-09-26 15:47:53 -07:00
snipe	b69b5fdf84	Added counts to location show() API method	2018-09-21 15:50:14 -07:00
Brady Wetherington	89e06054bf	Merge pull request #6205 from dasjoe/patch-1 Fixes #5630	2018-09-17 21:45:48 -07:00
Hajo Möller	3159e7713a	Fixes #5630	2018-09-11 13:07:45 +02:00
snipe	adf6e7d1cd	Added group support for user API	2018-09-07 18:25:58 -07:00
snipe	ba3662a9ed	Bumped hash	2018-09-07 18:12:29 -07:00
snipe	05ea61421f	Added manager_id to fillable for locations API	2018-09-07 18:11:38 -07:00
snipe	22ef2ce0b6	Bumped hash	2018-09-07 03:20:31 -07:00
snipe	51d3d130e4	Fixed Not unique table/alias: 'models' on custom report triggered when category is selected	2018-09-07 03:19:54 -07:00
snipe	d8a8e1cc09	Bumped version	2018-08-28 11:43:56 -07:00
snipe	522dc1db2a	Fixed #6124	2018-08-23 21:05:10 -07:00
snipe	db907815ff	Removed check for active in password reset form	2018-08-21 18:40:27 -07:00
snipe	ae6abdddad	Check the user is active before displaying password reset This would only come into play if an inactive user already received a password reset email and then the system was upgraded to prevent those emails from being sent to inactive users	2018-08-14 19:04:47 -07:00
snipe	63c9fbe10c	Temporarily disbable notifying users on import	2018-08-14 18:27:46 -07:00
snipe	101dfd01f2	Bumped hash	2018-08-14 18:22:53 -07:00
snipe	5db5134ae0	Set activated to default on when new user is created	2018-08-14 18:14:41 -07:00
snipe	5294489b0e	Fixed HTML typo	2018-08-14 18:14:29 -07:00
snipe	05b2b8fb59	Tweaked code/language for password reset	2018-08-14 18:09:33 -07:00
snipe	0100c56046	Only allow password reset if user is active	2018-08-14 17:46:29 -07:00
Jordi Boggiano	e81b221fd1	Fix license identifier (#6043 )	2018-08-08 20:36:45 -07:00
snipe	f374ac1bf7	Removed duplicate BACKUP_ENV in example env	2018-08-01 15:31:43 -07:00
snipe	524c6c502e	Features/restore deleted cmd (#5982 ) * Delete content from login attempts table * Script to restore deleted users and put their asset assignments back * Uncomment backup	2018-07-27 02:42:55 -07:00
snipe	614e858e44	Restrict users asset listing to just assets checked out to users	2018-07-25 21:38:14 -07:00
snipe	708b1a962c	Split out custom_css from custom_header This makes it so that the custom_css will still be respected even if there is no custom header	2018-07-25 19:01:47 -07:00